387dc7bd259e581967c27dfb315ed942_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

387dc7bd259e581967c27dfb315ed942_JaffaCakes118
Size

21.3MB
MD5

387dc7bd259e581967c27dfb315ed942
SHA1

1f0f3d59691b5fe351c3dbff49d4e530f566870a
SHA256

ebf5156946dce240fe8dc1ff2956839ba993301d1d640fb9be7f3d9d2dc75bc0
SHA512

0d82fd8aeb5c10d99fd95726cdd93347cc4ca7e551663db7419b9b1b32ed438edb797941c2792f734e9a60545651d7ea2e943ea21ecf0dfb13eab94fa1503788
SSDEEP

393216:XqdlVpWYaHf+Vt+lvTqub4Cb3j6SW4JIGnyu7jeg5dxBNhDrhQJ:+lVgatgvWQ4Cbmeiu9jeKxJDrhQJ

Score

1^/10

Malware Config

Signatures

Files

387dc7bd259e581967c27dfb315ed942_JaffaCakes118
.rar
arswp3/ArSwp3.exe
.exe windows:4 windows x86 arch:x86

cc74187c065aad3520bca551b46726c2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7c:91:c4:5f:7b:19:d3:fd:3b:4f:1f:9b:4c:8b:de:29
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/06/2011, 00:00

Not After

18/09/2012, 23:59

Subject

CN=Beijing Arswp Information and Technology Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing Arswp Information and Technology Co.\,Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b6:6b:cb:85:69:35:0c:c9:0a:57:d5:fc:57:09:64:19:13:f2:f5:ba
Signer

Actual PE Digest

b6:6b:cb:85:69:35:0c:c9:0a:57:d5:fc:57:09:64:19:13:f2:f5:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

iphlpapi

GetAdaptersInfo

kernel32

GetVolumeInformationW
GetLocalTime
FindFirstFileW
FindNextFileW
FindClose
SetEnvironmentVariableA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetDriveTypeA
SetCurrentDirectoryW
GetCurrentDirectoryW
ExitProcess
GetSystemDirectoryA
MoveFileExW
GetTempPathW
GetLastError
CreateMutexW
GetLongPathNameW
GetShortPathNameW
GetWindowsDirectoryA
GetModuleHandleA
FreeLibrary
GetProcAddress
LoadLibraryW
MultiByteToWideChar
TerminateProcess
Process32FirstW
CreateToolhelp32Snapshot
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAllocEx
OpenProcess
WinExec
Process32NextW
GetCurrentProcess
GetSystemDefaultLangID
GlobalAlloc
WideCharToMultiByte
GetTickCount
CreateDirectoryW
GetPrivateProfileSectionW
GetWindowsDirectoryW
GlobalUnlock
GetModuleFileNameW
GetPrivateProfileStringW
GlobalLock
GetPrivateProfileIntW
WritePrivateProfileStringW
Sleep
GetVersionExW
TerminateThread
DeleteFileW
SetFileAttributesW
ReadFile
GetCurrentDirectoryA
SetStdHandle
CreateFileA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStdHandle
VirtualQuery
GetSystemInfo
GetProfileIntW
GetFileInformationByHandle
CreateProcessW
lstrcpynA
MoveFileExA
RemoveDirectoryW
CreateRemoteThread
Module32NextW
Module32FirstW
FindNextFileA
FindFirstFileA
GetEnvironmentVariableW
DeleteFileA
CreateDirectoryA
GetVolumeInformationA
SetPriorityClass
BackupSeek
BackupRead
GetFileAttributesA
DeviceIoControl
GetLongPathNameA
ExpandEnvironmentStringsA
CopyFileA
SetFileAttributesA
GetTempFileNameA
GetTempPathA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
ReplaceFileW
lstrcpynW
LocalSize
LoadLibraryExA
GetTempFileNameW
GetExitCodeThread
EnumResourceTypesW
EnumResourceNamesW
LoadLibraryExW
ExpandEnvironmentStringsW
CreateThread
SizeofResource
LockResource
FindResourceW
LoadResource
GetSystemDirectoryW
CloseHandle
CreateFileW
SetLastError
GetModuleHandleW
GetDriveTypeW
GetLogicalDrives
SetEvent
WaitForSingleObject
GetFileAttributesW
ResetEvent
InterlockedExchange
ResumeThread
FindFirstChangeNotificationW
WaitForMultipleObjects
FindNextChangeNotification
FindCloseChangeNotification
FreeResource
CreateEventW
MulDiv
GlobalFree
GetVersionExA
lstrcmpW
LoadLibraryA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetCurrentThreadId
lstrlenW
LocalFree
FormatMessageW
GlobalSize
CopyFileW
GetCurrentProcessId
SetThreadPriority
VirtualAlloc
VirtualProtect
HeapSize
GetFileSize
HeapReAlloc
RaiseException
RtlUnwind
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetProcessHeap
HeapAlloc
HeapFree
SetErrorMode
GetFileTime
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GlobalGetAtomNameW
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetFullPathNameW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
GetThreadLocale
InterlockedIncrement
InterlockedDecrement
GetCurrentThread
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA

user32

wsprintfW
AppendMenuW
SetCapture
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
ReleaseCapture
TranslateMessage
DispatchMessageW
GetKeyState
ClientToScreen
FillRect
SetRect
CopyRect
GetDC
ReleaseDC
DrawTextW
GetParent
GetWindowRect
GetSystemMetrics
MessageBoxW
ShowWindow
IsIconic
UnionRect
SetParent
GetSystemMenu
RegisterClipboardFormatW
UnpackDDElParam
ReuseDDElParam
LoadMenuW
LoadAcceleratorsW
SetRectEmpty
LoadIconW
SetMenu
TranslateAcceleratorW
UnregisterClassW
SetCursor
InvalidateRgn
IsRectEmpty
CopyAcceleratorTableW
DeleteMenu
GetSysColorBrush
CharUpperW
CharNextW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
WaitMessage
PostQuitMessage
GetMessageW
ValidateRect
GetMenuItemInfoW
InflateRect
EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
MapVirtualKeyW
MoveWindow
LoadCursorW
PtInRect
DrawIcon
SystemParametersInfoW
SetForegroundWindow
GetWindowThreadProcessId
FindWindowExW
SetTimer
SendMessageW
PostMessageW
GetClientRect
LoadImageW
DestroyIcon
IsWindowVisible
UpdateWindow
InvalidateRect
GetSysColor
GetCursorPos
ScreenToClient
CreatePopupMenu
InsertMenuItemW
KillTimer
ExitWindowsEx
BringWindowToTop
RegisterWindowMessageW
LoadBitmapW
SetWindowRgn
PostThreadMessageW
GetDCEx
LockWindowUpdate
GetWindowLongW
GetCapture
WindowFromPoint
DrawEdge
GetNextDlgGroupItem
OffsetRect
DrawFocusRect
EnableMenuItem
GetMenuState
ModifyMenuW
GetFocus
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetWindow
GetWindowPlacement
SystemParametersInfoA
IntersectRect
CharLowerW
EnableWindow
SetClipboardData
EmptyClipboard
SetWindowPos
MessageBeep
SetWindowLongW
CallWindowProcW
DefWindowProcW
GetDlgCtrlID
RegisterClassA
CheckMenuItem
RedrawWindow
TrackPopupMenu
DestroyMenu
IsClipboardFormatAvailable
OpenClipboard
GetClipboardData
SetWindowTextW
IsDialogMessageW
GetMenuStringW
InsertMenuW
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
IsWindowEnabled
GetNextDlgTabItem
EndDialog
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
DrawStateW
GetIconInfo
CopyIcon
CreateIconIndirect
CreateIconFromResourceEx
DrawIconEx
HideCaret
ShowCaret
SetMenuDefaultItem
EnumChildWindows
FindWindowW
DrawAnimatedRects
DrawFrameControl
InvertRect
LookupIconIdFromDirectoryEx
GetCursor
SetCursorPos
SetWindowLongA
GetWindowLongA
IsWindowUnicode
EnumWindows
EnableScrollBar
CallWindowProcA
DefWindowProcA
DefFrameProcA
DefFrameProcW
DefDlgProcA
DefDlgProcW
DefMDIChildProcA
DefMDIChildProcW
SetScrollInfo
DrawMenuBar
SendMessageTimeoutW
GetWindowRgn
IsMenu
SetClassLongW
GetMenuDefaultItem
GetDoubleClickTime
ToUnicodeEx
GetKeyboardState
GetKeyboardLayoutList
GetTabbedTextExtentA
CharUpperA
wsprintfA
UnregisterClassA
TranslateMDISysAccel
MapWindowPoints
TrackPopupMenuEx
GetScrollRange
SetScrollPos
GetScrollPos
ShowScrollBar
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetScrollInfo
CloseClipboard

gdi32

SelectPalette
GetStockObject
CreatePatternBrush
ExtSelectClipRgn
PolyBezierTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
GetClipRgn
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
SetMapMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
CopyMetaFileW
GetClipBox
CreateFontW
CombineRgn
GetObjectType
GetPixel
SelectClipRgn
CreateFontIndirectW
CreateCompatibleBitmap
CreateSolidBrush
SetStretchBltMode
SetTextColor
SetBkColor
SelectObject
DeleteDC
GetDeviceCaps
CreateBitmap
DeleteObject
CreateCompatibleDC
GetObjectW
StretchBlt
BitBlt
CreatePen
GetTextAlign
Polygon
GetViewportOrgEx
CreateDIBSection
SetPixel
GetDIBits
GetCurrentObject
RoundRect
EnumFontFamiliesExW
GetBitmapBits
ExtCreateRegion
OffsetRgn
GetTextCharsetInfo
PtInRegion
SetBrushOrgEx
CreatePalette
CreateDIBitmap
Polyline
GetTextExtentPoint32A
Ellipse
StrokePath
FillPath
StrokeAndFillPath
EndPath
CloseFigure
BeginPath
CreatePolygonRgn
GetWindowOrgEx
GetTextExtentPoint32W
GetBkColor
GetTextColor
SetRectRgn
GetMapMode
DPtoLP
GetTextMetricsW
GetRgnBox
GetCharWidthW
StretchDIBits
CreateRectRgn

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegQueryValueW
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyW
RegCloseKey
FreeSid
LookupPrivilegeValueW
OpenProcessToken
AdjustTokenPrivileges
RegEnumKeyW
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegCreateKeyW
RegEnumKeyExW
RegEnumValueW
RegCreateKeyA
RegQueryValueExA
RegFlushKey
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
CloseServiceHandle
ControlService
DeleteService
GetUserNameW
LookupAccountNameW
ConvertSidToStringSidW
OpenSCManagerW
CreateServiceW
OpenServiceW
StartServiceW
RegOpenCurrentUser
RegQueryInfoKeyW
QueryServiceStatus
GetTokenInformation
LookupAccountSidW
SetEntriesInAclW
BuildExplicitAccessWithNameW
SetNamedSecurityInfoW
InitializeSecurityDescriptor
SetSecurityDescriptorOwner
RegSetKeySecurity
GetNamedSecurityInfoW
RegSaveKeyW
RegRestoreKeyW
GetLengthSid
CopySid
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
RegGetKeySecurity
AllocateAndInitializeSid
InitializeAcl
AddAce
SetSecurityDescriptorDacl
RegDeleteKeyW

shell32

SHGetPathFromIDListW
Shell_NotifyIconW
SHGetFileInfoW
ShellExecuteW
DragQueryFileW
DragFinish
SHChangeNotify
SHFileOperationW
SHBrowseForFolderW
SHGetMalloc
SHGetSpecialFolderLocation
ShellExecuteExW
SHBindToParent
SHEmptyRecycleBinW
SHAppBarMessage

comctl32

ImageList_DrawIndirect
ImageList_GetImageInfo
ImageList_GetBkColor
FlatSB_GetScrollProp
ImageList_DrawEx
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_Draw
ImageList_Destroy
ImageList_Create
ImageList_AddMasked
_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathFindFileNameW
StrStrIW
SHSetValueW
PathAppendA
PathFileExistsA
SHGetValueW
PathStripToRootW
PathIsUNCW
PathIsDirectoryW
PathAppendW
PathFindFileNameA
PathRemoveFileSpecW
PathIsDirectoryA
SHDeleteValueW
SHDeleteKeyW
SHDeleteKeyA
PathFindExtensionA
StrStrIA
PathFindExtensionW
PathFileExistsW
StrRetToBufW
UrlUnescapeW

oledlg

OleUIBusyW
OleUIAddVerbMenuW

ole32

OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
CoRegisterMessageFilter
OleGetClipboard
DoDragDrop
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoInitialize
CoUninitialize
CoCreateInstance
CreateStreamOnHGlobal
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleRun
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium

oleaut32

OleLoadPicture
VariantTimeToSystemTime
SystemTimeToVariantTime
VariantClear
VariantChangeType
VariantInit
SysAllocStringLen
SysStringLen
SysFreeString
SysAllocStringByteLen
SysStringByteLen
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy
VarDateFromStr
SysAllocString
LoadTypeLi
OleLoadPicturePath

ws2_32

WSCGetProviderPath
getprotobyname
setsockopt
ntohs
inet_ntoa
WSAStartup
WSACleanup
gethostbyname
closesocket
htonl
htons
inet_addr
socket
WSAGetLastError
WSASetLastError
connect
send
recv
ntohl
WSAConnect
WSASend
WSAEnumNetworkEvents
WSARecv
WSAWaitForMultipleEvents
WSAEventSelect
shutdown
WSASocketW
WSCEnumProtocols

winmm

PlaySoundW
waveOutGetNumDevs

imagehlp

ImageDirectoryEntryToData
CheckSumMappedFile

wininet

InternetReadFile
HttpQueryInfoA
HttpSendRequestA
HttpOpenRequestA
InternetConnectA
InternetOpenA
FtpPutFileW
InternetCloseHandle
InternetConnectW
InternetOpenW
InternetCrackUrlA
InternetOpenUrlW
InternetCrackUrlW
InternetCanonicalizeUrlW
InternetQueryOptionW
InternetQueryDataAvailable
HttpQueryInfoW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW
InternetSetFilePointer
InternetWriteFile

psapi

EnumProcessModules
GetModuleInformation
GetModuleFileNameExW
EnumProcesses

wtsapi32

WTSEnumerateProcessesW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeA

wintrust

CryptCATAdminReleaseCatalogContext
WinVerifyTrust
CryptCATCatalogInfoFromContext
CryptCATAdminEnumCatalogFromHash
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext

urlmon

URLDownloadToFileA

Sections

.text
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 376KB - Virtual size: 403KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 536KB - Virtual size: 534KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
arswp3/config.ini
arswp3/exts/KChrome.exe
.exe windows:4 windows x86 arch:x86

f04288002fa3db6fca8c2264f5518b77

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7c:91:c4:5f:7b:19:d3:fd:3b:4f:1f:9b:4c:8b:de:29
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20/06/2011, 00:00

Not After

18/09/2012, 23:59

Subject

CN=Beijing Arswp Information and Technology Co.\,Ltd.,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Beijing Arswp Information and Technology Co.\,Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:d2:02:41:9b:f2:a5:03:d5:4d:91:fe:c4:0a:9e:54:a0:95:61:e2
Signer

Actual PE Digest

47:d2:02:41:9b:f2:a5:03:d5:4d:91:fe:c4:0a:9e:54:a0:95:61:e2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\ATP\Code\KChromeDownloader\release\KChromeDownloader.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wintrust

CryptCATAdminReleaseCatalogContext
CryptCATAdminEnumCatalogFromHash
CryptCATCatalogInfoFromContext
CryptCATAdminAcquireContext
CryptCATAdminReleaseContext
WinVerifyTrust
CryptCATAdminCalcHashFromFileHandle

kernel32

SetErrorMode
HeapFree
HeapAlloc
GetProcessHeap
GetStartupInfoW
RaiseException
RtlUnwind
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
ExitProcess
SetStdHandle
GetFileType
HeapSize
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
GlobalFlags
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetShortPathNameW
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
ReadFile
GetThreadLocale
GetFileTime
GetFileAttributesW
FindFirstFileW
FindClose
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
GetModuleHandleA
GlobalFindAtomW
LoadLibraryA
GetVersionExA
GlobalAddAtomW
WritePrivateProfileStringW
FreeResource
GetTickCount
GetCurrentProcessId
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
lstrcmpW
GetModuleHandleW
GetProcAddress
InterlockedDecrement
InterlockedIncrement
lstrlenA
CompareStringW
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
FormatMessageW
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
LoadLibraryW
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
SetLastError
WaitForSingleObject
GetLastError
CreateThread
MoveFileExW
DeleteFileW
SetFileAttributesW
Sleep
WinExec
WideCharToMultiByte
GetModuleFileNameW
GetFileSize
CopyFileW
LocalFree
GetSystemDefaultLangID
LocalAlloc
GetCurrentProcess
MultiByteToWideChar
CloseHandle
FindResourceW
WriteFile
LoadResource
CreateFileW
LockResource
SizeofResource
SetHandleCount

user32

CharNextW
UnregisterClassA
DestroyIcon
UnregisterClassW
LoadCursorW
GetSysColorBrush
CharUpperW
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
MoveWindow
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SetFocus
GetWindowTextW
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
IsWindowVisible
GetKeyState
ValidateRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamW
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
RegisterClipboardFormatW
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
SetCursor
PeekMessageW
DispatchMessageW
PostQuitMessage
UnhookWindowsHookEx
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuState
GetMenuItemID
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
GetMenuItemCount
GetSubMenu
GetDesktopWindow
GetSystemMetrics
DestroyMenu
TrackPopupMenu
AppendMenuW
IsIconic
GetCursorPos
CreatePopupMenu
SetTimer
LoadIconW
SetWindowLongW
PostMessageW
wsprintfW
EnableWindow
DrawIcon
KillTimer
GetClientRect
ShowWindow
SendMessageW
IsWindow
AdjustWindowRectEx
PostThreadMessageW

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
PtVisible
GetBkColor
GetTextColor
GetMapMode
GetWindowExtEx
GetViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
SaveDC
CreateRectRgnIndirect
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateBitmap
GetRgnBox
GetDeviceCaps
DeleteObject
SetMapMode
RestoreDC
RectVisible

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

SetEntriesInAclW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyW
RegSetValueW
RegCreateKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
SetNamedSecurityInfoW
BuildExplicitAccessWithNameW
OpenProcessToken
RegOpenCurrentUser
RegCloseKey
RegSetKeySecurity
SetSecurityDescriptorOwner
LookupAccountNameW
InitializeSecurityDescriptor
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
RegSetValueExW

shell32

Shell_NotifyIconW
ExtractIconW

comctl32

InitCommonControlsEx

shlwapi

StrStrIW
PathAppendW
UrlUnescapeW
PathRemoveFileSpecW
PathFileExistsW
SHDeleteKeyW
PathFindExtensionW
PathFindFileNameW
PathStripToRootW
SHGetValueW
PathIsUNCW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
OleFlushClipboard
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoRegisterClassObject
CoRevokeClassObject
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CLSIDFromProgID
CLSIDFromString
StringFromGUID2
CoDisconnectObject
CoGetClassObject
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter

oleaut32

SysFreeString
SafeArrayDestroy
VariantInit
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
SysAllocString
VariantChangeType
VariantCopy
VariantClear
SysAllocStringLen
SysStringByteLen
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysStringLen

ws2_32

WSAStartup
WSACleanup
WSASetLastError

wininet

InternetReadFile
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallbackW
InternetOpenW
InternetGetLastResponseInfoW
InternetOpenUrlW
HttpQueryInfoW
InternetQueryDataAvailable
InternetCanonicalizeUrlW
InternetCrackUrlW
InternetCloseHandle
InternetQueryOptionW

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
arswp3/lang/chs.ini
arswp3/lang/cht.ini
arswp3/lang/eng.ini
arswp3/save/cldha.sav
arswp3/save/rgfet3.sav
arswp3/save/vrfha.sav
arswp3/sig/cldsh.sig
arswp3/sig/iefix.sig
arswp3/sig/rglib.sig
arswp3/sig/rtlib.sig
arswp3/sig/sleak.sig
arswp3/sig/trjsh.sig
arswp3/skin/ArSwp2.ini
arswp3/skin/ArSwp2/Banner.png
.png
arswp3/skin/ArSwp2/BbsHelp.ico
arswp3/skin/ArSwp2/CLOSE.BMP
arswp3/skin/ArSwp2/CleanExt.ico
arswp3/skin/ArSwp2/CleanGarbage.ico
arswp3/skin/ArSwp2/CleanSystem.ico
arswp3/skin/ArSwp2/FRAMEBOTTOM11.bmp
arswp3/skin/ArSwp2/FRAMELEFT2.bmp
arswp3/skin/ArSwp2/FRAMEMAXIMIZED11.bmp
arswp3/skin/ArSwp2/FRAMEMAXIMIZED3.BMP
arswp3/skin/ArSwp2/FRAMERIGHT2.bmp
arswp3/skin/ArSwp2/FileOperate.ico
arswp3/skin/ArSwp2/FrameCaptionmin.bmp
arswp3/skin/ArSwp2/HELP.BMP
arswp3/skin/ArSwp2/MAX.bmp
arswp3/skin/ArSwp2/MIN.BMP
arswp3/skin/ArSwp2/RES.BMP
arswp3/skin/ArSwp2/Systemtools.ico
arswp3/skin/ArSwp2/TABITEMBOTH.BMP
arswp3/skin/ArSwp2/TABITEMLEFT.BMP
arswp3/skin/ArSwp2/TABITEMRIGHT.BMP
arswp3/skin/ArSwp2/TABITEMTOP.BMP
arswp3/skin/ArSwp2/TABITEMTOPBOTH.BMP
arswp3/skin/ArSwp2/TABITEMTOPLEFT.BMP
arswp3/skin/ArSwp2/TABITEMTOPRIGHT.BMP
arswp3/skin/ArSwp2/TabPaneEdge.bmp
arswp3/skin/ArSwp2/atpinfo.png
.png
arswp3/skin/ArSwp2/diagnoseSystem.ico
arswp3/skin/ArSwp2/fixie.ico
arswp3/skin/ArSwp2/frameBottom.bmp
arswp3/skin/ArSwp2/frameLeft.bmp
arswp3/skin/ArSwp2/frameRight.bmp
arswp3/skin/ArSwp2/mvBUTTON.bmp
arswp3/skin/ArSwp2/start.png
.png
arswp3/skin/ArSwp2/sysleak.ico
arswp3/skin/ArSwp2/titulo3.bmp
arswp3/skin/ArSwp2/udo.ico
arswp3/skin/AtpGreen.ini
arswp3/skin/AtpGreen/807.bmp
arswp3/skin/AtpGreen/808.bmp
arswp3/skin/AtpGreen/809.bmp
arswp3/skin/AtpGreen/810.bmp
arswp3/skin/AtpGreen/811.bmp
arswp3/skin/AtpGreen/812.bmp
arswp3/skin/AtpGreen/813.bmp
arswp3/skin/AtpGreen/814.bmp
arswp3/skin/AtpGreen/815.bmp
arswp3/skin/AtpGreen/816.bmp
arswp3/skin/AtpGreen/817.bmp
arswp3/skin/AtpGreen/818.bmp
arswp3/skin/AtpGreen/Banner.png
.png
arswp3/skin/AtpGreen/BbsHelp.ico
arswp3/skin/AtpGreen/Bitmap00644.bmp
arswp3/skin/AtpGreen/Bitmap00752.bmp
arswp3/skin/AtpGreen/Bitmap00762.bmp
arswp3/skin/AtpGreen/Bitmap00775.bmp
arswp3/skin/AtpGreen/CAPTIONBUTTON.bmp
arswp3/skin/AtpGreen/CHECKBOX13.bmp
arswp3/skin/AtpGreen/CHECKBOX16.bmp
arswp3/skin/AtpGreen/CHECKBOX25.bmp
arswp3/skin/AtpGreen/CLOSE.BMP
arswp3/skin/AtpGreen/CLOSE1.BMP
arswp3/skin/AtpGreen/CLOSEBUTTON.BMP
arswp3/skin/AtpGreen/COMBOBOX.bmp
arswp3/skin/AtpGreen/COMBOBUTTON.BMP
arswp3/skin/AtpGreen/Chevron.bmp
arswp3/skin/AtpGreen/CleanExt.ico
arswp3/skin/AtpGreen/CleanGarbage.ico
arswp3/skin/AtpGreen/CleanSystem.ico
arswp3/skin/AtpGreen/ComboButtonGlyph.bmp
arswp3/skin/AtpGreen/CustomScan.ico
arswp3/skin/AtpGreen/DonateWeb.ico
arswp3/skin/AtpGreen/ExplorerBarHeaderBackground.bmp
arswp3/skin/AtpGreen/ExplorerBarHeaderClose.bmp
arswp3/skin/AtpGreen/ExplorerBarHeaderPin.bmp
arswp3/skin/AtpGreen/FRAMEBOTTOM11.bmp
arswp3/skin/AtpGreen/FRAMELEFT2.bmp
arswp3/skin/AtpGreen/FRAMEMAXIMIZED11.bmp
arswp3/skin/AtpGreen/FRAMEMAXIMIZED3.BMP
arswp3/skin/AtpGreen/FRAMERIGHT2.bmp
arswp3/skin/AtpGreen/FieldOutlineBlue.bmp
arswp3/skin/AtpGreen/FileOperate.ico
arswp3/skin/AtpGreen/FrameCaptionSizing.bmp
arswp3/skin/AtpGreen/FrameCaptionmin.bmp
arswp3/skin/AtpGreen/FullScan.ico
arswp3/skin/AtpGreen/GroupBox.bmp
arswp3/skin/AtpGreen/HELP.BMP
arswp3/skin/AtpGreen/HELP1.BMP
arswp3/skin/AtpGreen/IE_PersonalBarMenu.bmp
arswp3/skin/AtpGreen/LISTVIEW.BMP
arswp3/skin/AtpGreen/ListViewHeader.bmp
arswp3/skin/AtpGreen/ListviewHeaderBackground.bmp
arswp3/skin/AtpGreen/MAX.BMP
arswp3/skin/AtpGreen/MAX1.BMP
arswp3/skin/AtpGreen/MDICaptionButton.bmp
arswp3/skin/AtpGreen/MDIGlyphClose.bmp
arswp3/skin/AtpGreen/MDIGlyphMinimize.bmp
arswp3/skin/AtpGreen/MDIGlyphRestore.bmp
arswp3/skin/AtpGreen/MIN.BMP
arswp3/skin/AtpGreen/MIN1.BMP
arswp3/skin/AtpGreen/NormalGroupBackground.bmp
arswp3/skin/AtpGreen/NormalGroupHead.bmp
arswp3/skin/AtpGreen/PROGRESSCHUNKVERT.BMP
arswp3/skin/AtpGreen/PROGRESSTRACKVERT.BMP
arswp3/skin/AtpGreen/RES.BMP
arswp3/skin/AtpGreen/RES1.BMP
arswp3/skin/AtpGreen/ResizeGrip2.bmp
arswp3/skin/AtpGreen/RestartScan.ico
arswp3/skin/AtpGreen/SCROLLARROWGLYPHS.BMP
arswp3/skin/AtpGreen/SCROLLARROWGLYPHSSMALL.BMP
arswp3/skin/AtpGreen/SCROLLARROWS.BMP
arswp3/skin/AtpGreen/SCROLLSHAFTHORIZONTAL.BMP
arswp3/skin/AtpGreen/SCROLLSHAFTVERTICAL.BMP
arswp3/skin/AtpGreen/SCROLLTHUMBGRIPPERHORIZONTAL.BMP
arswp3/skin/AtpGreen/SCROLLTHUMBGRIPPERVERTICAL.BMP
arswp3/skin/AtpGreen/SCROLLTHUMBHORIZONTAL.BMP
arswp3/skin/AtpGreen/SCROLLTHUMBVERTICAL.BMP
arswp3/skin/AtpGreen/SEPARATOR.BMP
arswp3/skin/AtpGreen/SPINBUTTONBACKGROUNDDOWN.BMP
arswp3/skin/AtpGreen/SPINBUTTONBACKGROUNDLEFT.BMP
arswp3/skin/AtpGreen/SPINBUTTONBACKGROUNDRIGHT.BMP
arswp3/skin/AtpGreen/SPINBUTTONBACKGROUNDUP.BMP
arswp3/skin/AtpGreen/SPINDOWNGLYPH.BMP
arswp3/skin/AtpGreen/SPINLEFTGLYPH.BMP
arswp3/skin/AtpGreen/SPINRIGHTGLYPH.BMP
arswp3/skin/AtpGreen/SPINUPGLYPH.BMP
arswp3/skin/AtpGreen/STATUSPANE.BMP
arswp3/skin/AtpGreen/SeparatorVert.bmp
arswp3/skin/AtpGreen/SmallFrameCaptionSizing.bmp
arswp3/skin/AtpGreen/SpecialGroupBackground.bmp
arswp3/skin/AtpGreen/SpecialGroupCollapse.bmp
arswp3/skin/AtpGreen/SpecialGroupExpand.bmp
arswp3/skin/AtpGreen/SpecialGroupHead.bmp
arswp3/skin/AtpGreen/StatusBackground.bmp
arswp3/skin/AtpGreen/Systemtools.ico
arswp3/skin/AtpGreen/TABITEM.BMP
arswp3/skin/AtpGreen/TABITEMBOTH.BMP
arswp3/skin/AtpGreen/TABITEMLEFT.BMP
arswp3/skin/AtpGreen/TABITEMRIGHT.BMP
arswp3/skin/AtpGreen/TABITEMTOP.BMP
arswp3/skin/AtpGreen/TABITEMTOPBOTH.BMP
arswp3/skin/AtpGreen/TABITEMTOPLEFT.BMP
arswp3/skin/AtpGreen/TABITEMTOPRIGHT.BMP
arswp3/skin/AtpGreen/TOOLBARBACKGROUND.bmp
arswp3/skin/AtpGreen/TOOLBARBUTTONS.BMP
arswp3/skin/AtpGreen/TabBackground.bmp
arswp3/skin/AtpGreen/TabBackground133.bmp
arswp3/skin/AtpGreen/TabPaneEdge.bmp
arswp3/skin/AtpGreen/ToolbarButtonsSplit.bmp
arswp3/skin/AtpGreen/ToolbarButtonsSplitDropdown.bmp
arswp3/skin/AtpGreen/ToolbarButtonsSplitDropdownGlyph.bmp
arswp3/skin/AtpGreen/ToolbarGripperVert.bmp
arswp3/skin/AtpGreen/atpinfo.png
.png
arswp3/skin/AtpGreen/defaultscan.ico
arswp3/skin/AtpGreen/diagnose.gif
.gif
arswp3/skin/AtpGreen/diagnoseSystem.ico
arswp3/skin/AtpGreen/diskbackup.ico
arswp3/skin/AtpGreen/diskclean.ico
arswp3/skin/AtpGreen/fixie.ico
arswp3/skin/AtpGreen/fixleak.ico
arswp3/skin/AtpGreen/fixlsp.ico
arswp3/skin/AtpGreen/fixsystem.ico
arswp3/skin/AtpGreen/frameBottom.bmp
arswp3/skin/AtpGreen/frameLeft.bmp
arswp3/skin/AtpGreen/frameRight.bmp
arswp3/skin/AtpGreen/mrt.ico
arswp3/skin/AtpGreen/mvBUTTON.bmp
arswp3/skin/AtpGreen/mvbarraprog1.bmp
arswp3/skin/AtpGreen/mvexpandir1.bmp
arswp3/skin/AtpGreen/mvprogreso1.bmp
arswp3/skin/AtpGreen/mvradiochico.bmp
arswp3/skin/AtpGreen/mvradiogran.bmp
arswp3/skin/AtpGreen/mvradiomed.bmp
arswp3/skin/AtpGreen/noleak.ico
arswp3/skin/AtpGreen/resethosts.ico
arswp3/skin/AtpGreen/safereboot.ico
arswp3/skin/AtpGreen/scan.gif
.gif
arswp3/skin/AtpGreen/scanleak.ico
arswp3/skin/AtpGreen/scannow.ico
arswp3/skin/AtpGreen/sigverify.ico
arswp3/skin/AtpGreen/sliderTrack.bmp
arswp3/skin/AtpGreen/start.png
.png
arswp3/skin/AtpGreen/startdiagnose.ico
arswp3/skin/AtpGreen/sysleak.ico
arswp3/skin/AtpGreen/titulo3.bmp
arswp3/skin/AtpGreen/udo.ico
arswp3/skin/AtpGreen/uninstall.ico
arswp3/skin/AtpGreen/webbkgnd.png
.png
arswp3/新云软件.url
.url

Sharing

General

Malware Config

Signatures

Files

cc74187c065aad3520bca551b46726c2

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

7c:91:c4:5f:7b:19:d3:fd:3b:4f:1f:9b:4c:8b:de:29Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

b6:6b:cb:85:69:35:0c:c9:0a:57:d5:fc:57:09:64:19:13:f2:f5:baSigner

Headers

File Characteristics

Imports

iphlpapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

winmm

imagehlp

wininet

psapi

wtsapi32

version

wintrust

urlmon

Sections

.text Size: 2.5MB - Virtual size: 2.5MB

.rdata Size: 612KB - Virtual size: 611KB

.data Size: 376KB - Virtual size: 403KB

.tls Size: 4KB - Virtual size: 9B

.rsrc Size: 536KB - Virtual size: 534KB

f04288002fa3db6fca8c2264f5518b77

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

7c:91:c4:5f:7b:19:d3:fd:3b:4f:1f:9b:4c:8b:de:29Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

47:d2:02:41:9b:f2:a5:03:d5:4d:91:fe:c4:0a:9e:54:a0:95:61:e2Signer

Headers

File Characteristics

PDB Paths

Imports

version

wintrust

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

7c:91:c4:5f:7b:19:d3:fd:3b:4f:1f:9b:4c:8b:de:29
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

b6:6b:cb:85:69:35:0c:c9:0a:57:d5:fc:57:09:64:19:13:f2:f5:ba
Signer

.text
Size: 2.5MB - Virtual size: 2.5MB

.rdata
Size: 612KB - Virtual size: 611KB

.data
Size: 376KB - Virtual size: 403KB

.tls
Size: 4KB - Virtual size: 9B

.rsrc
Size: 536KB - Virtual size: 534KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

7c:91:c4:5f:7b:19:d3:fd:3b:4f:1f:9b:4c:8b:de:29
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

47:d2:02:41:9b:f2:a5:03:d5:4d:91:fe:c4:0a:9e:54:a0:95:61:e2
Signer

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 64KB - Virtual size: 62KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 32KB - Virtual size: 31KB