35780e6c94ff84d3faf0c50974c1fc75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

35780e6c94ff84d3faf0c50974c1fc75_JaffaCakes118
Size

2.8MB
MD5

35780e6c94ff84d3faf0c50974c1fc75
SHA1

6fe3b53fc660398faf9aaa26f6932cb0f2888ca6
SHA256

8765abf9c2aa72d1c27a4f482c5a459293c2a3cdfa3bacce19810ba6c18e009d
SHA512

154b3f259f434fbe8b5b7c1cfd726874610d9e918277b37bfe1f836d9bfd579ab57a8c470af35910bad8ef11d66c6aea5722b32732b031cac8218456932bfa11
SSDEEP

49152:GQLU7qVb4ZrLVy77WiKpNMhD9alOHhCfWvM2ReaQ08ZsHUmX7colw2o:GQLSCg2WDSYlOHofWvMxakoVlw2o

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/盒武器/BoxClient.exe
unpack001/盒武器/IEClient.exe

Files

35780e6c94ff84d3faf0c50974c1fc75_JaffaCakes118
.rar
盒武器/BoxClient.exe
.exe windows:4 windows x86 arch:x86

0846afa69c9ef1e2dda2ea052ed42d40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

DeleteUrlCacheEntryW

urlmon

URLDownloadToFileW

ws2_32

closesocket
recv
connect
htons
gethostbyname
send
WSAStartup
getprotobyname
socket
setsockopt

kernel32

FlushFileBuffers
OutputDebugStringW
ReadFile
SystemTimeToFileTime
GetSystemTimeAsFileTime
MultiByteToWideChar
GetFileType
DuplicateHandle
DosDateTimeToFileTime
SetFileTime
GetCurrentDirectoryW
GetLocalTime
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
VirtualProtect
CreateThread
ExitThread
RtlUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
GetVersionExA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
SetFilePointer
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
VirtualQuery
GetTimeZoneInformation
GetStartupInfoW
HeapCreate
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
ExitProcess
GetStdHandle
GetCPInfo
GetOEMCP
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
QueryPerformanceCounter
CreateDirectoryW
lstrcatW
FindFirstFileW
FindNextFileW
FindClose
RemoveDirectoryW
GetCommandLineW
FreeResource
MulDiv
ResumeThread
GetModuleFileNameA
CreateEventW
WaitForSingleObject
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
ResetEvent
SetEvent
InterlockedExchange
WideCharToMultiByte
GlobalAlloc
GlobalLock
GlobalSize
GlobalUnlock
GlobalFree
lstrcpyW
lstrcmpiW
lstrcmpW
GetVersionExW
CompareStringW
CreateFileW
GetModuleHandleA
GetTickCount
WriteFile
FindResourceExW
GetStringTypeA
GetStringTypeW
FindResourceW
LoadResource
LockResource
SizeofResource
GetACP
GetModuleFileNameW
DeleteFileW
Sleep
InterlockedDecrement
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
CloseHandle
CreateMutexW
GetLastError
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
SetStdHandle
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
SetEnvironmentVariableA
LoadLibraryA
GetSystemInfo

user32

LoadStringW
LoadMenuW
RegisterWindowMessageW
LoadImageW
SetMenuItemInfoW
GetMenuItemInfoW
GetMenuItemCount
DrawStateW
CopyRect
GetMessagePos
WindowFromPoint
GetClassNameW
GetFocus
CharNextW
GetCursorPos
SetCursor
SetFocus
GetWindowTextLengthW
GetWindowTextW
SetRectEmpty
GetWindowDC
IsIconic
TrackPopupMenu
MonitorFromPoint
GetMonitorInfoW
SetRect
AppendMenuW
GetUpdateRect
PostQuitMessage
DrawIcon
GetIconInfo
LockWindowUpdate
CreatePopupMenu
LoadIconW
DestroyIcon
EnableWindow
SetWindowTextW
SetDlgItemTextW
GetSysColorBrush
FillRect
UnregisterHotKey
RegisterHotKey
UnregisterClassA
SetLayeredWindowAttributes
GetDlgItem
EndDialog
wsprintfW
ScreenToClient
InflateRect
GetSystemMetrics
ReleaseCapture
GetCapture
DrawTextW
ReleaseDC
DrawEdge
DrawFocusRect
CallWindowProcW
GetDlgCtrlID
SetCapture
IsWindowEnabled
UpdateWindow
ClientToScreen
MoveWindow
OffsetRect
GetScrollPos
DestroyMenu
IsWindow
LoadBitmapW
GetParent
GetWindow
SystemParametersInfoW
MapWindowPoints
AdjustWindowRectEx
MessageBoxW
SetParent
KillTimer
SetTimer
InvalidateRect
GetMenu
PostMessageW
GetWindowLongW
wvsprintfW
SetWindowPos
DrawTextExW
EndPaint
BeginPaint
CreateWindowExW
GetDesktopWindow
SetWindowRgn
IsDialogMessageW
GetDC
GetClientRect
GetWindowRect
PtInRect
FindWindowW
IsWindowVisible
ShowWindowAsync
SetForegroundWindow
SendMessageW
DefWindowProcW
GetActiveWindow
RegisterClassExW
DestroyWindow
DialogBoxParamW
CreateDialogParamW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
LoadCursorW
GetClassInfoExW
ShowWindow
SetWindowLongW
GetSysColor

gdi32

GetTextMetricsW
TextOutW
GetDeviceCaps
SetStretchBltMode
CreateDIBSection
SetDIBColorTable
GetTextExtentPoint32W
StretchBlt
GetDIBColorTable
GetCurrentObject
CreatePen
SetBkColor
ExtTextOutW
Rectangle
GetStockObject
SetTextColor
SetBkMode
CreateEllipticRgnIndirect
GetObjectW
FrameRgn
CreateCompatibleDC
SelectObject
SetViewportOrgEx
CreateCompatibleBitmap
DeleteObject
CreateSolidBrush
DeleteDC
BitBlt
CreateFontIndirectW
CombineRgn
CreateRectRgn
CreateRoundRectRgn
CreatePolygonRgn

comdlg32

GetSaveFileNameW
GetOpenFileNameW

advapi32

RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegDeleteValueA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExW

shell32

ExtractIconW
ShellExecuteW
SHGetSpecialFolderPathW
Shell_NotifyIconW

ole32

CoUninitialize
CreateStreamOnHGlobal
CoInitialize
CoCreateInstance

oleaut32

DispCallFunc
VariantClear
OleLoadPicture
SafeArrayCreate
SafeArrayPutElement
SysAllocString
VariantInit

atl80

ord64
ord43
ord23
ord61
ord42
ord10
ord48
ord47
ord44

shlwapi

PathFileExistsW

comctl32

ImageList_GetIconSize
ImageList_Destroy
_TrackMouseEvent
ImageList_Draw
ImageList_GetIcon
ImageList_Create
ImageList_Add
InitCommonControlsEx

msimg32

AlphaBlend
TransparentBlt
GradientFill

gdiplus

GdipDeleteGraphics
GdipAlloc
GdipGetImagePixelFormat
GdipCloneImage
GdipDisposeImage
GdipGetImagePaletteSize
GdiplusShutdown
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipGetImageGraphicsContext
GdipFree
GdipDrawImageI

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 220KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
盒武器/IEClient.exe
.exe windows:4 windows x86 arch:x86

b5581fa4c4b25710994f5bb7594cc1f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
SetStdHandle
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
Sleep
GetModuleFileNameA
GetStdHandle
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleHandleA
HeapCreate
GetStartupInfoW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
RtlUnwind
HeapSize
HeapReAlloc
HeapDestroy
GetThreadLocale
GetLocaleInfoA
InterlockedExchange
GetVersionExA
VirtualAlloc
VirtualFree
IsProcessorFeaturePresent
LoadLibraryA
GetProcAddress
HeapAlloc
GetProcessHeap
HeapFree
InterlockedCompareExchange
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
RaiseException
EnterCriticalSection
LeaveCriticalSection
GlobalFree
GlobalUnlock
GlobalSize
MultiByteToWideChar
GetSystemTimeAsFileTime
GlobalLock
FlushFileBuffers
SetFilePointer
GetLastError
GetModuleFileNameW
GetACP
WriteFile
CloseHandle
GetCommandLineW
lstrcpyW
InterlockedDecrement
InterlockedIncrement
GetCurrentThreadId
SetLastError
GetCurrentProcess
FlushInstructionCache
DeleteCriticalSection
InitializeCriticalSection
GlobalAlloc
WideCharToMultiByte
GetStringTypeA
GetStringTypeW
CreateFileA

user32

LoadImageW
SetWindowTextW
PostQuitMessage
ScreenToClient
InflateRect
GetSystemMetrics
PtInRect
ReleaseCapture
GetCapture
DrawTextW
UnregisterClassA
DrawFocusRect
SetWindowRgn
GetDlgCtrlID
SetCapture
IsWindowEnabled
KillTimer
SetTimer
InvalidateRect
UpdateWindow
ClientToScreen
MoveWindow
OffsetRect
IsWindow
CreateWindowExW
LoadBitmapW
GetParent
GetWindow
GetWindowRect
SystemParametersInfoW
MapWindowPoints
AdjustWindowRectEx
SetParent
SetWindowPos
GetMenu
PostMessageW
GetFocus
IsChild
SendMessageW
GetDesktopWindow
DestroyWindow
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
CreateDialogParamW
ShowWindow
EndPaint
BeginPaint
GetClientRect
GetWindowLongW
SetWindowLongW
CallWindowProcW
RegisterClassExW
DefWindowProcW
LoadCursorW
GetClassInfoExW
DrawEdge

gdi32

CreateFontIndirectW
SetStretchBltMode
TextOutW
StretchBlt
SetTextColor
SetBkMode
CreateEllipticRgnIndirect
GetObjectW
BitBlt
DeleteDC
DeleteObject
CreateCompatibleBitmap
SetViewportOrgEx
SelectObject
CreateCompatibleDC

shell32

ShellExecuteW

ole32

CoCreateInstance
CoUninitialize
CoInitialize
CreateStreamOnHGlobal

oleaut32

DispCallFunc
VariantClear
VariantInit

atl80

ord64
ord44
ord43
ord47
ord48
ord10
ord42
ord23
ord61

comctl32

InitCommonControlsEx
ImageList_GetIconSize
ImageList_Destroy
_TrackMouseEvent
ImageList_Draw
ImageList_Create
ImageList_Add

msimg32

GradientFill

Sections

.text
Size: 84KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
盒武器/config.dat
盒武器/vcredist_x86.exe
.exe windows:5 windows x86 arch:x86

c63ba316533609531fac22f3877f847b

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:14:2c:a7:00:00:00:00:00:06
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/06/2007, 23:54

Not After

13/06/2012, 00:04

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:27F4-D440-54F3,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:6a:5b:57:c2:61:31:fe:db:0f:ae:bd:d1:73:eb:f8:42:6b:c3:d3
Signer

Actual PE Digest

c3:6a:5b:57:c2:61:31:fe:db:0f:ae:bd:d1:73:eb:f8:42:6b:c3:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GlobalFree
GlobalUnlock
GlobalLock
GetProcAddress
FreeResource
LockResource
LoadResource
SizeofResource
FindResourceA
CloseHandle
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
SetUnhandledExceptionFilter
ReadFile
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalAlloc

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0846afa69c9ef1e2dda2ea052ed42d40

Headers

File Characteristics

Imports

wininet

urlmon

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

atl80

shlwapi

comctl32

msimg32

gdiplus

version

Sections

.text Size: 300KB - Virtual size: 299KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 8KB - Virtual size: 47KB

.rsrc Size: 220KB - Virtual size: 217KB

b5581fa4c4b25710994f5bb7594cc1f5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

oleaut32

atl80

comctl32

msimg32

Sections

.text Size: 84KB - Virtual size: 80KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 60KB - Virtual size: 58KB

c63ba316533609531fac22f3877f847b

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

Key Usages

61:0f:78:4d:00:00:00:00:00:03Certificate

Extended Key Usages

Key Usages

61:14:2c:a7:00:00:00:00:00:06Certificate

Extended Key Usages

Key Usages

61:14:2c:a7:00:00:00:00:00:06Certificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

c3:6a:5b:57:c2:61:31:fe:db:0f:ae:bd:d1:73:eb:f8:42:6b:c3:d3Signer

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

comctl32

version

Sections

.text
Size: 300KB - Virtual size: 299KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 8KB - Virtual size: 47KB

.rsrc
Size: 220KB - Virtual size: 217KB

.text
Size: 84KB - Virtual size: 80KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 60KB - Virtual size: 58KB

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:0f:78:4d:00:00:00:00:00:03
Certificate

61:14:2c:a7:00:00:00:00:00:06
Certificate

61:14:2c:a7:00:00:00:00:00:06
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

c3:6a:5b:57:c2:61:31:fe:db:0f:ae:bd:d1:73:eb:f8:42:6b:c3:d3
Signer

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 2.5MB - Virtual size: 2.5MB