2cb1d5b82cc6955ff88ecdaaf7011089_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cb1d5b82cc6955ff88ecdaaf7011089_JaffaCakes118
Size

921KB
MD5

2cb1d5b82cc6955ff88ecdaaf7011089
SHA1

c014e7d87e4b70683b61bfa32526588ba47f4b2c
SHA256

012668097f9785adf9e35e6415151a885e2f8a5e9221ab549fd31a2517f73913
SHA512

cb9d99be9dbe045f8a6a91348487f8dd66761cda13c80feddab1705212231ced3022c9e1b7646d4cfec8285365c7890cd1fc20051ce0642873369b2488defc8f
SSDEEP

24576:lL6bVBBb/ULTE70vz+e/aut/7OrfRt/obGdUk120VW4PRmlzc:lUBpcvlrrSuVApNZxVW4PElc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/XXPBAR.EXE

Files

2cb1d5b82cc6955ff88ecdaaf7011089_JaffaCakes118
.rar
INSTALL.BAT
README.TXT
UIXXCOPY.BAT
XXCONSOLE.EXE
.exe windows:4 windows x86 arch:x86

781dfc2bf7dc29b6ac18409adaa3c0c3

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17/05/2005, 00:00

Not After

16/05/2010, 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8c
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

16/02/2007, 00:00

Not After

15/02/2009, 23:59

Subject

CN=Pixelab\, Inc.,O=Pixelab\, Inc.,POSTALCODE=60540,STREET=Suite 119+STREET=1212 S. Naper Blvd.,L=Naperville,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7a:d2:5e:0d:9d:c4:bf:2c:a1:73:4a:b8:b4:ee:3b:1f:6a:b0:18:e6
Signer

Actual PE Digest

7a:d2:5e:0d:9d:c4:bf:2c:a1:73:4a:b8:b4:ee:3b:1f:6a:b0:18:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\xxcons\xxcons\Release\xxcons.pdb

Imports

kernel32

GetVersionExA
HeapSize
SetEndOfFile
lstrcmpiW
GetLocaleInfoA
GetStringTypeW
FindNextFileA
FindClose
GetTempFileNameA
FindFirstFileA
lstrlenW
MultiByteToWideChar
GetEnvironmentVariableA
GetFileAttributesA
GetCommandLineA
GetWindowsDirectoryA
MoveFileExA
GetStringTypeA
LCMapStringW
LCMapStringA
LoadLibraryA
GetFullPathNameA
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
RtlUnwind
GetLastError
ReadFile
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
CloseHandle
GetProcAddress
GetModuleHandleA
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetCPInfo
GetACP
GetOEMCP
Sleep
InitializeCriticalSection
CreateFileA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
VirtualAlloc
HeapReAlloc
DeleteFileA

user32

DialogBoxParamA
EnableWindow
IsDlgButtonChecked
GetDlgItemInt
GetWindowRect
LoadIconA
MessageBeep
SendMessageA
SetDlgItemInt
MessageBoxA
GetDlgItem
EndDialog
SetWindowPos
CheckDlgButton

advapi32

RegDeleteKeyA
RegSetValueExW
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegCreateKeyW
RegOpenKeyW
RegQueryValueExW
RegQueryValueExA
RegSetValueExA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

comctl32

ord17

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
XXCOPY.CHM
.chm
XXCOPY.EXE
.exe windows:4 windows x86 arch:x86

0fc9ee2f3c59fea678df9974b528707f

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17/05/2005, 00:00

Not After

16/05/2010, 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8c
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

16/02/2007, 00:00

Not After

15/02/2009, 23:59

Subject

CN=Pixelab\, Inc.,O=Pixelab\, Inc.,POSTALCODE=60540,STREET=Suite 119+STREET=1212 S. Naper Blvd.,L=Naperville,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2a:87:c6:b5:3d:c9:07:da:84:e3:40:ae:8b:fe:15:30:f2:9c:6f:3e
Signer

Actual PE Digest

2a:87:c6:b5:3d:c9:07:da:84:e3:40:ae:8b:fe:15:30:f2:9c:6f:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\xx2966c\xxcopy\FWrel\xfcopy.pdb

Imports

kernel32

GetProcAddress
GetConsoleScreenBufferInfo
GetModuleHandleA
GetVersionExA
GetFullPathNameA
CreateFileA
MapViewOfFile
UnmapViewOfFile
GetCurrentProcess
WaitForSingleObject
SetFileTime
WriteFile
GetCommandLineA
GetDriveTypeA
GetVolumeInformationA
CreateProcessA
TerminateProcess
ReadFile
CreateDirectoryA
GetStartupInfoA
FindFirstFileA
GetLastError
RemoveDirectoryA
CopyFileA
SetFileAttributesA
GetTempFileNameA
FindClose
CreateFileMappingA
MoveFileA
FindNextFileA
CreateMutexA
GetStdHandle
CloseHandle
FileTimeToLocalFileTime
LocalFree
GetSystemTime
DeleteFileA
LocalFileTimeToFileTime
GetComputerNameA
FileTimeToDosDateTime
DosDateTimeToFileTime
GetFileSize
GetTimeFormatA
GetNumberFormatA
GetConsoleTitleA
GetDateFormatA
Beep
GetSystemDirectoryA
MultiByteToWideChar
SetConsoleTitleA
GetLocalTime
SetConsoleCtrlHandler
GetDiskFreeSpaceA
DeviceIoControl
GetCurrentProcessId
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
GetACP
GetEnvironmentVariableA
FileTimeToSystemTime
GetFileAttributesA
Sleep
GetWindowsDirectoryA
GetTickCount
SystemTimeToFileTime
GetSystemDefaultLCID
CompareFileTime
ReleaseMutex
WriteConsoleA
HeapSize
SetStdHandle
HeapFree
HeapAlloc
ExitProcess
EnterCriticalSection
LeaveCriticalSection
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleFileNameA
RtlUnwind
SetHandleCount
GetFileType
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringA
WideCharToMultiByte
LCMapStringW
LoadLibraryA
InitializeCriticalSection
GetConsoleCP
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
GetExitCodeProcess
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

FindWindowA
GetWindowLongA
MessageBoxA
GetWindowThreadProcessId
ShowWindow

advapi32

RegCreateKeyA
RegEnumValueA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

mpr

WNetGetUniversalNameA

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
XXCOPY16.EXE
XXCOPYSU.EXE
.exe windows:4 windows x86 arch:x86

0fc9ee2f3c59fea678df9974b528707f

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17/05/2005, 00:00

Not After

16/05/2010, 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8c
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

16/02/2007, 00:00

Not After

15/02/2009, 23:59

Subject

CN=Pixelab\, Inc.,O=Pixelab\, Inc.,POSTALCODE=60540,STREET=Suite 119+STREET=1212 S. Naper Blvd.,L=Naperville,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

92:cb:55:95:5d:3e:4b:d1:66:18:32:3d:d9:91:52:8a:93:27:d4:3b
Signer

Actual PE Digest

92:cb:55:95:5d:3e:4b:d1:66:18:32:3d:d9:91:52:8a:93:27:d4:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\dev\xx2966c\xxcopy\FWrel\xfcopy.pdb

Imports

kernel32

GetProcAddress
GetConsoleScreenBufferInfo
GetModuleHandleA
GetVersionExA
GetFullPathNameA
CreateFileA
MapViewOfFile
UnmapViewOfFile
GetCurrentProcess
WaitForSingleObject
SetFileTime
WriteFile
GetCommandLineA
GetDriveTypeA
GetVolumeInformationA
CreateProcessA
TerminateProcess
ReadFile
CreateDirectoryA
GetStartupInfoA
FindFirstFileA
GetLastError
RemoveDirectoryA
CopyFileA
SetFileAttributesA
GetTempFileNameA
FindClose
CreateFileMappingA
MoveFileA
FindNextFileA
CreateMutexA
GetStdHandle
CloseHandle
FileTimeToLocalFileTime
LocalFree
GetSystemTime
DeleteFileA
LocalFileTimeToFileTime
GetComputerNameA
FileTimeToDosDateTime
DosDateTimeToFileTime
GetFileSize
GetTimeFormatA
GetNumberFormatA
GetConsoleTitleA
GetDateFormatA
Beep
GetSystemDirectoryA
MultiByteToWideChar
SetConsoleTitleA
GetLocalTime
SetConsoleCtrlHandler
GetDiskFreeSpaceA
DeviceIoControl
GetCurrentProcessId
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
GetACP
GetEnvironmentVariableA
FileTimeToSystemTime
GetFileAttributesA
Sleep
GetWindowsDirectoryA
GetTickCount
SystemTimeToFileTime
GetSystemDefaultLCID
CompareFileTime
ReleaseMutex
WriteConsoleA
HeapSize
SetStdHandle
HeapFree
HeapAlloc
ExitProcess
EnterCriticalSection
LeaveCriticalSection
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleFileNameA
RtlUnwind
SetHandleCount
GetFileType
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
LCMapStringA
WideCharToMultiByte
LCMapStringW
LoadLibraryA
InitializeCriticalSection
GetConsoleCP
FlushFileBuffers
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
SetFilePointer
GetExitCodeProcess
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

FindWindowA
GetWindowLongA
MessageBoxA
GetWindowThreadProcessId
ShowWindow

advapi32

RegCreateKeyA
RegEnumValueA
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
AdjustTokenPrivileges
RegCloseKey
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

mpr

WNetGetUniversalNameA

Sections

.text
Size: 212KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
XXPBAR.EXE
.exe windows:4 windows x86 arch:x86

80c32b5d36d6bb4f950dd736a3e3a6b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnmapViewOfFile
OpenMutexA
CloseHandle
MapViewOfFile
CreateFileMappingA
GetSystemInfo
VirtualProtect
GetLocaleInfoA
RtlUnwind
GetStringTypeW
WaitForSingleObject
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
HeapSize
HeapReAlloc
VirtualAlloc
GetCommandLineA
ReleaseMutex
GetStringTypeA
lstrlenA
GetModuleHandleA
GetStartupInfoA
GetVersionExA
ExitProcess
GetProcAddress
TerminateProcess
GetCurrentProcess
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
LoadLibraryA
GetACP
GetOEMCP
GetCPInfo
HeapAlloc
VirtualQuery

user32

GetForegroundWindow
GetDesktopWindow
DialogBoxParamA
GetDlgItem
LoadIconA
SendMessageA
EnableWindow
SetForegroundWindow
SetTimer
MessageBoxA
ShowWindow
KillTimer
EndDialog
SetWindowPos
IsIconic
GetWindowRect
wsprintfA

gdi32

CreateFontA

comctl32

ord17

Sections

.text
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

781dfc2bf7dc29b6ac18409adaa3c0c3

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89Certificate

Extended Key Usages

Key Usages

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8cCertificate

Extended Key Usages

Key Usages

7a:d2:5e:0d:9d:c4:bf:2c:a1:73:4a:b8:b4:ee:3b:1f:6a:b0:18:e6Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

comctl32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 31KB

.rsrc Size: 56KB - Virtual size: 52KB

0fc9ee2f3c59fea678df9974b528707f

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89Certificate

Extended Key Usages

Key Usages

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8cCertificate

Extended Key Usages

Key Usages

2a:87:c6:b5:3d:c9:07:da:84:e3:40:ae:8b:fe:15:30:f2:9c:6f:3eSigner

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

mpr

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 64KB - Virtual size: 222KB

.rsrc Size: 36KB - Virtual size: 33KB

0fc9ee2f3c59fea678df9974b528707f

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89Certificate

Extended Key Usages

Key Usages

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8cCertificate

Extended Key Usages

Key Usages

92:cb:55:95:5d:3e:4b:d1:66:18:32:3d:d9:91:52:8a:93:27:d4:3bSigner

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

mpr

Sections

.text Size: 212KB - Virtual size: 208KB

.rdata Size: 60KB - Virtual size: 56KB

.data Size: 64KB - Virtual size: 222KB

.rsrc Size: 36KB - Virtual size: 33KB

80c32b5d36d6bb4f950dd736a3e3a6b6

Headers

File Characteristics

Imports

kernel32

user32

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8c
Certificate

7a:d2:5e:0d:9d:c4:bf:2c:a1:73:4a:b8:b4:ee:3b:1f:6a:b0:18:e6
Signer

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 31KB

.rsrc
Size: 56KB - Virtual size: 52KB

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8c
Certificate

2a:87:c6:b5:3d:c9:07:da:84:e3:40:ae:8b:fe:15:30:f2:9c:6f:3e
Signer

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 64KB - Virtual size: 222KB

.rsrc
Size: 36KB - Virtual size: 33KB

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

fa:1a:a4:e9:9d:83:d6:a1:80:dd:44:0b:81:4d:09:8c
Certificate

92:cb:55:95:5d:3e:4b:d1:66:18:32:3d:d9:91:52:8a:93:27:d4:3b
Signer

.text
Size: 212KB - Virtual size: 208KB

.rdata
Size: 60KB - Virtual size: 56KB

.data
Size: 64KB - Virtual size: 222KB

.rsrc
Size: 36KB - Virtual size: 33KB

.text
Size: 20KB - Virtual size: 16KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 12KB - Virtual size: 9KB