4bdd8fced80995a9b3caa2535960cad2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4bdd8fced80995a9b3caa2535960cad2_JaffaCakes118
Size

1.2MB
MD5

4bdd8fced80995a9b3caa2535960cad2
SHA1

99da342e1b824a8e60ab7b96c6d186b3c0210690
SHA256

47b08b90ed54987419002a726241f3b8826fa38ad59cb115ca862cd22adbfe66
SHA512

8c9d6687c3fd2c442700f33c82864bdd04ccd7f6d00f7e3c04110f07c631a8b0802069de31229dbcd5fe758e5c61fddf6617d51cfd9e164ff7a69f8537383d0d
SSDEEP

24576:JasLTtG1l8gi+OHHYoDwTwITcfUqyFy3m8:JasLTtoni+VxTwITcf/yFy3m8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4bdd8fced80995a9b3caa2535960cad2_JaffaCakes118

Files

4bdd8fced80995a9b3caa2535960cad2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetFileSize
GetModuleFileNameA
GetTickCount
GetCurrentProcess
CopyFileA
CloseHandle
GetWindowsDirectoryA
GetTempPathA
GetCommandLineA
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
CreateFileA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
SetErrorMode
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
ExitProcess

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
CreateDialogParamA
DestroyWindow
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/thewordchs.exe
.exe windows:4 windows x86 arch:x86

8f76b08a4d30e83cc0bf133ef561f4ff

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

25/04/2007, 00:00

Not After

09/07/2019, 18:40

Subject

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09/07/1999, 18:31

Not After

09/07/2019, 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

5c:d0:ce:76:ad:95:ee:77:79:41:cb:5b:5e:c2:a8:c9
Certificate

Issuer

CN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=US

Not Before

11/07/2008, 00:00

Not After

11/07/2009, 23:59

Subject

CN=PhoenixStudio.org,OU=Class 3 - for Microsoft Authenticode Signing,O=Beijing Shengjing Wanwei Technology Co.\,Ltd,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

Key Usages

KeyUsageDigitalSignature

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

30/04/2007, 00:00

Not After

29/04/2012, 23:59

Subject

CN=WoSign Time Stamping Signer,O=WoSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

midiStreamClose

ws2_32

WSAGetLastError

imm32

ImmNotifyIME
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
ImmDisableIME

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

GetVersionExW
GetTempFileNameW
GlobalAlloc
OpenProcess
GlobalFree
LockResource
SizeofResource
LoadResource
FindResourceW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetWindowsDirectoryW
HeapFree
HeapAlloc
GetProcessHeap
LocalFree
TerminateThread
GetExitCodeThread
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
SetLastError
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerW
GetDiskFreeSpaceExW
SetEndOfFile
SetFilePointer
WriteFile
TlsFree
TlsAlloc
GetFileAttributesW
GetSystemDefaultLangID
GetUserDefaultLangID
EnumResourceLanguagesW
GetVersion
FreeResource
LocalAlloc
TlsSetValue
ExitProcess
SetUnhandledExceptionFilter
SetProcessWorkingSetSize
TerminateProcess
LoadLibraryExW
SetErrorMode
GlobalDeleteAtom
GlobalAddAtomW
CreateSemaphoreW
ReleaseSemaphore
FlushInstructionCache
GetModuleHandleW
VirtualQuery
TlsGetValue
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GetCommandLineW
lstrcmpW
VirtualProtect
GetCurrentProcess
ReadProcessMemory
WriteProcessMemory
GetLongPathNameW
GetFileTime
SetFileTime
GetLastError
GetStartupInfoA
GetModuleHandleA
GetFileSize
ReadFile
GetProcAddress
FreeLibrary
LoadLibraryW
CreateDirectoryW
lstrlenW
FindClose
FindNextFileW
GetPrivateProfileStringW
WritePrivateProfileStringW
GetShortPathNameW
FindFirstFileW
GetModuleFileNameW
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
InterlockedIncrement
lstrlenA
GetTickCount
MultiByteToWideChar
WideCharToMultiByte
DeleteFileW
GetTempPathW
lstrcatW
GetLocaleInfoW
CloseHandle
WaitForSingleObject
CopyFileW
RemoveDirectoryW
CreateMutexW
ReleaseMutex
GetCurrentThreadId
GetSystemDirectoryW
IsBadWritePtr
IsBadReadPtr
MoveFileExW
MoveFileW
CreateFileW
SystemTimeToFileTime
GetSystemTime
GlobalUnlock
GlobalLock
SetFileAttributesW
GetPrivateProfileIntW
lstrcmpiW
ResetEvent
SetEvent
CreateEventW
FindFirstChangeNotificationW
FindCloseChangeNotification
FindNextChangeNotification
WaitForMultipleObjects

user32

GetMenuItemID
keybd_event
MapVirtualKeyW
TrackPopupMenuEx
CheckMenuItem
SubtractRect
IsChild
EnumChildWindows
SetCursorPos
IsIconic
SetActiveWindow
GetSystemMetrics
CopyIcon
DrawIconEx
DialogBoxParamW
LoadImageW
SetWindowPos
GetWindowRect
ShowWindow
SetWindowLongW
GetDlgItem
SendMessageW
LoadStringW
SetWindowTextW
GetWindowTextW
PostMessageW
MoveWindow
SetFocus
MessageBoxW
IsWindowVisible
SetPropW
ScreenToClient
RemovePropW
GetPropW
CheckDlgButton
EnableWindow
CreateWindowExW
IsWindow
InflateRect
CopyRect
RegisterClassExW
SetParent
CopyImage
GetForegroundWindow
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetWindowsHookExW
UnhookWindowsHookEx
DestroyMenu
InsertMenuW
IsWindowEnabled
GetKeyboardLayoutNameW
GetClientRect
EndPaint
GetSysColor
IsDlgButtonChecked
DrawEdge
DrawTextW
FillRect
BeginPaint
DestroyWindow
SetForegroundWindow
GetParent
DefWindowProcW
ReleaseDC
GetDC
OffsetRect
CallWindowProcW
GetWindowLongW
GetComboBoxInfo
PtInRect
GetCursorPos
GetKeyState
GetAsyncKeyState
SetCursor
LoadCursorW
CharNextW
DrawIcon
LoadIconW
MapWindowPoints
GetDesktopWindow
SetDlgItemTextW
CharLowerW
PostThreadMessageW
GetMessageW
DdeNameService
DestroyIcon
LoadKeyboardLayoutW
LoadAcceleratorsW
TranslateAcceleratorW
DestroyAcceleratorTable
CreateAcceleratorTableW
CopyAcceleratorTableW
GetKeyNameTextW
GetClipboardData
IsClipboardFormatAvailable
GetMonitorInfoW
MonitorFromWindow
SetRect
RegisterHotKey
UnregisterHotKey
SystemParametersInfoW
WindowFromPoint
SetRectEmpty
GetWindowDC
CallNextHookEx
MenuItemFromPoint
GetMenuState
EndMenu
EqualRect
CheckMenuRadioItem
GetSystemMenu
EndDialog
GetMenuStringW
IsMenu
PostQuitMessage
GetMenuInfo
GetMenuItemCount
GetMenuItemInfoW
IsZoomed
SetWindowRgn
SetMenuInfo
GetSysColorBrush
FindWindowW
GetWindowPlacement
SetWindowPlacement
TrackMouseEvent
InvalidateRect
UpdateWindow
RegisterWindowMessageW
GetWindowModuleFileNameW
SetMenuItemInfoW
EnumWindows
GetWindowThreadProcessId
FindWindowExW
GetMenu
SendMessageTimeoutW
EnumThreadWindows
GetClassNameW
GetMessagePos
SetCapture
ReleaseCapture
ShowCursor
KillTimer
ClientToScreen
SetTimer
RedrawWindow
GetFocus
DeleteMenu
GetAncestor
LoadMenuW
GetSubMenu
EnableMenuItem
CreatePopupMenu
InsertMenuItemW
TrackPopupMenu
GetDlgItemTextW
LoadBitmapW
PeekMessageW
TranslateMessage
DispatchMessageW
CharUpperW
DdeGetData
DdeFreeDataHandle
DdeQueryStringW
DdeFreeStringHandle
DdeUninitialize
DdeInitializeW
DdeCreateStringHandleW

gdi32

CreateRectRgnIndirect
FillRgn
GetDIBits
CreateDIBSection
MoveToEx
LineTo
CreateRoundRectRgn
CombineRgn
CreateRectRgn
SelectClipRgn
GetObjectW
CreateFontIndirectW
CreatePatternBrush
SetBkColor
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
DeleteDC
Rectangle
EnumFontsW
GetStockObject
SetTextColor
SetBkMode
DeleteObject
CreateSolidBrush
SelectObject

comdlg32

GetSaveFileNameW
ChooseColorW
GetOpenFileNameW

advapi32

RegDeleteKeyW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegGetKeySecurity
GetSidIdentifierAuthority
GetSidSubAuthorityCount
GetSidSubAuthority
RegOpenKeyExW
RegCreateKeyW
RegSetValueExW
RegOpenKeyW
RegQueryValueExW
RegCloseKey
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
RegEnumKeyW
RegQueryInfoKeyW
RegSetKeySecurity
CopySid
RegCreateKeyExW
OpenProcessToken
GetTokenInformation
AddAce

shell32

Shell_NotifyIconW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetMalloc
DragQueryFileW
SHAppBarMessage
SHFreeNameMappings
SHChangeNotify
SHGetSpecialFolderPathW
DoEnvironmentSubstW
ExtractIconExW
ShellExecuteExW
SHGetFileInfoW
SHFileOperationW
ShellExecuteW

ole32

OleInitialize
CoMarshalInterThreadInterfaceInStream
OleSetContainedObject
OleDraw
CoCreateGuid
CoGetInterfaceAndReleaseStream
CLSIDFromString
DoDragDrop
StringFromCLSID
CoTaskMemFree
CoRegisterClassObject
CoRevokeClassObject
CoInitialize
CoUninitialize
ReleaseStgMedium
CoCreateInstance
RegisterDragDrop
CoGetMalloc
OleCreate
RevokeDragDrop
OleDuplicateData
CreateStreamOnHGlobal
CoTaskMemAlloc
OleUninitialize

oleaut32

SafeArrayCreateVector
SafeArrayAccessData
SafeArrayDestroy
SysAllocStringByteLen
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
SysStringLen

wininet

HttpOpenRequestW
HttpSendRequestExW
InternetOpenW
InternetConnectW
InternetSetStatusCallbackW
InternetCloseHandle
InternetReadFileExA
InternetReadFile
HttpEndRequestW
FtpOpenFileW
InternetWriteFile
InternetGetLastResponseInfoW
FtpCommandW
InternetQueryOptionW
FtpGetFileSize
InternetCanonicalizeUrlW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
UnlockUrlCacheEntryFileW
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA
UnlockUrlCacheEntryFileA
FindNextUrlCacheEntryA
FindCloseUrlCache
InternetSetOptionA
GetUrlCacheEntryInfoW
InternetCrackUrlW
CommitUrlCacheEntryW
CreateUrlCacheEntryW
HttpQueryInfoW
InternetGetConnectedState
InternetSetOptionW

shlwapi

UrlCombineW
PathMatchSpecW
UrlIsOpaqueW
PathFindFileNameW
PathCombineW
StrStrIW
PathFindExtensionW
PathGetDriveNumberW
PathIsDirectoryW
PathIsURLW
SHGetValueW
PathIsRootW
SHAutoComplete
UrlGetPartW
SHDeleteKeyW
SHDeleteValueW
PathRemoveFileSpecW
StrCpyNW
StrStrIA
PathMatchSpecA
UrlCanonicalizeW
SHEnumKeyExW
SHEnumValueW
PathFileExistsW
PathIsUNCW
UrlIsW
SHQueryInfoKeyW
StrRetToBufW
SHSetValueW

msvcrt

_i64tow
_wtoi64
localtime
wcsftime
gmtime
_ui64tow
swscanf
_beginthreadex
time
wcscat
wcschr
fseek
ftell
fread
_wtol
_ltow
_itow
malloc
free
_wfopen
fwprintf
fclose
iswdigit
swprintf
vswprintf
wcsncmp
_ftol
_wtoi
_except_handler3
memmove
wcscmp
_wcsicmp
wcsstr
??2@YAPAXI@Z
wcsrchr
wcsncpy
wcscpy
_snwprintf
wcslen
wcspbrk
__CxxFrameHandler
_snprintf
wcsncat
fwrite
_wcsnicmp
_purecall
fputs
strrchr
strncpy
strchr
mktime
wcstod
iswspace
realloc
strpbrk
strstr
sscanf
iswlower
atoi
fopen
_wstrtime
strncmp
_atoi64
fputws
exit
scanf
printf
sprintf
isalnum
toupper
_ui64toa
towlower
towupper
_ismbslead
fprintf
_strnicmp
fgets
rewind
_CxxThrowException
__dllonexit
_onexit
?terminate@@YAXXZ
_exit
_XcptFilter
_acmdln
__getmainargs
_initterm
__setusermatherr
_stricmp
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
??1type_info@@UAE@XZ
_controlfp
_CIpow

urlmon

ObtainUserAgentString
RegisterBindStatusCallback
RevokeBindStatusCallback
CoInternetCombineUrl
CoInternetGetSession

gdiplus

GdipSaveImageToFile
GdipGetImageEncodersSize
GdiplusStartup
GdipLoadImageFromStream
GdipAlloc
GdipDeleteGraphics
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipCreateImageAttributes
GdipCreateFromHDC
GdipFree
GdipDisposeImage
GdipDrawImageRectRectI
GdipCloneImage
GdipGetImageWidth
GdipGetImageHeight
GdipGetImageEncoders

comctl32

ImageList_ReplaceIcon
ImageList_Remove
ImageList_Duplicate
ImageList_GetImageCount
ImageList_AddMasked
ImageList_Create
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetIconSize
InitCommonControlsEx
ImageList_Destroy
ImageList_GetIcon
ImageList_DrawEx
ImageList_GetImageInfo
ImageList_DragShowNolock
ImageList_DragMove
ImageList_EndDrag
ImageList_Add
ImageList_Draw
ord16
ImageList_SetBkColor

Sections

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 674KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dd1742eadfc6df18ded3c26ae64ad610

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 151KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 21KB - Virtual size: 20KB

8f76b08a4d30e83cc0bf133ef561f4ff

Code Sign

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

5c:d0:ce:76:ad:95:ee:77:79:41:cb:5b:5e:c2:a8:c9Certificate

Extended Key Usages

Key Usages

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0dCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

winmm

ws2_32

imm32

version

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

wininet

shlwapi

msvcrt

urlmon

gdiplus

comctl32

Sections

.rdata Size: 61KB - Virtual size: 60KB

.data Size: 674KB - Virtual size: 2.2MB

.rsrc Size: 336KB - Virtual size: 336KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 151KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 21KB - Virtual size: 20KB

42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

5c:d0:ce:76:ad:95:ee:77:79:41:cb:5b:5e:c2:a8:c9
Certificate

43:73:c5:9c:4f:32:a9:e5:b5:d3:de:f1:26:9a:12:0d
Certificate

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 674KB - Virtual size: 2.2MB

.rsrc
Size: 336KB - Virtual size: 336KB