net8[.]0[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

net8.0.zip
Size

7.8MB
MD5

c0abba1e3c4dd2f571ac87c7679c8c56
SHA1

8ec46b813532708e0663957594d687be528a4297
SHA256

f2904e2ec2c1f957303718b2a7642e6045a4d6ee7a645083b711b34fa979c3d4
SHA512

f612968823c90c2ea639ed609918d2f99179d45a1c5a9b717f27e2bc339d022c0e8c88ff009c612a1e59b6a61faea4608bd2de8aca5d96c646832100acf2f983
SSDEEP

196608:HSmvzdmyp8jLJNzT0V4PnHWO8DQOWDB6s2/tu:HSmvzdBiJ9Tu4PnX8IUT0

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/net8.0/SysManagerX64.dll
unpack001/net8.0/SysManagerX64.exe

Files

net8.0.zip
.zip
net8.0/EntityFramework.SqlServer.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a3:69:16:5e:a7:19:db:f3:a0:43:17:8d:50:f0:77:0c:e0:a6:4e:0c:41:41:54:00:84:99:3e:de:7a:6b:83:48
Signer

Actual PE Digest

a3:69:16:5e:a7:19:db:f3:a0:43:17:8d:50:f0:77:0c:e0:a6:4e:0c:41:41:54:00:84:99:3e:de:7a:6b:83:48

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/EntityFramework.SqlServer/Release/netstandard2.1/EntityFramework.SqlServer.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 566KB - Virtual size: 565KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/EntityFramework.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c4:99:68:ae:2a:72:65:1f:63:80:e6:34:8c:c8:d6:be:e5:a8:1b:c5:7c:dc:e3:24:db:81:8c:30:b0:e1:54:91
Signer

Actual PE Digest

c4:99:68:ae:2a:72:65:1f:63:80:e6:34:8c:c8:d6:be:e5:a8:1b:c5:7c:dc:e3:24:db:81:8c:30:b0:e1:54:91

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/EntityFramework/Release/netstandard2.1/EntityFramework.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 4.7MB - Virtual size: 4.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/Microsoft.Win32.SystemEvents.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:9e:77:97:a4:c2:bd:31:07:37:cc:a5:0b:a8:e1:6a:91:45:ac:08:2b:a2:35:da:48:76:64:06:2a:58:28:90
Signer

Actual PE Digest

30:9e:77:97:a4:c2:bd:31:07:37:cc:a5:0b:a8:e1:6a:91:45:ac:08:2b:a2:35:da:48:76:64:06:2a:58:28:90

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/Microsoft.Win32.SystemEvents/netstandard-Release/Microsoft.Win32.SystemEvents.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/Newtonsoft.Json.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

06:ce:e1:31:be:6d:55:c8:07:f7:c0:c7:fb:44:e6:20
Certificate

Issuer

CN=DigiCert CS RSA4096 Root G5,O=DigiCert\, Inc.,C=US

Not Before

15/01/2021, 00:00

Not After

14/01/2046, 23:59

Subject

CN=DigiCert CS RSA4096 Root G5,O=DigiCert\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:de:32:e9:50:9b:44:aa:34:b1:da:f1:bc:0e:c8:73
Certificate

Issuer

CN=DigiCert CS RSA4096 Root G5,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

14/07/2031, 23:59

Subject

CN=.NET Foundation Projects Code Signing CA2,O=.NET Foundation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:d1:40:7a:5a:bd:ed:43:d5:c1:73:12:1d:38:c5:29
Certificate

Issuer

CN=.NET Foundation Projects Code Signing CA2,O=.NET Foundation,C=US

Not Before

13/08/2021, 00:00

Not After

29/10/2024, 23:59

Subject

SERIALNUMBER=603 389 068,CN=Json.NET (.NET Foundation),O=Json.NET (.NET Foundation),L=Redmond,ST=Washington,C=US,1.3.6.1.4.1.311.60.2.1.2=#130a57617368696e67746f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

12:a2:f8:77:6a:5b:04:46:97:f9:ac:0c:85:0b:b9:3c:9d:a2:ac:a9:a3:72:91:5b:d9:ed:db:47:d0:c2:9e:3d
Signer

Actual PE Digest

12:a2:f8:77:6a:5b:04:46:97:f9:ac:0c:85:0b:b9:3c:9d:a2:ac:a9:a3:72:91:5b:d9:ed:db:47:d0:c2:9e:3d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/Src/Newtonsoft.Json/obj/Release/net6.0/Newtonsoft.Json.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 681KB - Virtual size: 681KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/SysManagerX64.deps.json
net8.0/SysManagerX64.dll
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\kubil\Desktop\CookieStealer\RATProject\RATProject\obj\Release\net8.0\SysManagerX64.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/SysManagerX64.exe
.exe windows:6 windows x64 arch:x64

6a91eb82bfd19d2706c7d43c46f7064e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\_work\1\s\artifacts\obj\win-x64.Release\corehost\apphost\standalone\apphost.pdb

Imports

kernel32

FreeLibrary
LoadLibraryExW
OutputDebugStringW
FindFirstFileExW
EnterCriticalSection
GetFullPathNameW
FindNextFileW
GetCurrentProcess
GetModuleHandleExW
GetModuleFileNameW
LeaveCriticalSection
GetEnvironmentVariableW
GetModuleHandleW
MultiByteToWideChar
GetFileAttributesExW
LoadLibraryA
DeleteCriticalSection
WideCharToMultiByte
IsWow64Process
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetProcAddress
GetWindowsDirectoryW
FindResourceW
GetLastError
ActivateActCtx
FindClose
CreateActCtxW
SetLastError
RaiseException
RtlPcToFileHeader
RtlUnwindEx
InitializeSListHead
GetCurrentProcessId
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStringTypeW
SwitchToThread
GetCurrentThreadId
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
QueryPerformanceCounter
GetSystemTimeAsFileTime

user32

MessageBoxW

shell32

ShellExecuteW

advapi32

RegOpenKeyExW
RegGetValueW
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegCloseKey

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_exit
exit
_initterm_e
_initterm
_get_initial_wide_environment
_initialize_wide_environment
_configure_wide_argv
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_errno
abort
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback
terminate
__p___argc

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
fputwc
__p__commode
_set_fmode
fputws
_wfsopen
fflush
__stdio_common_vfwprintf
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf
setvbuf

api-ms-win-crt-heap-l1-1-0

calloc
_set_new_mode
free
_callnewh
malloc

api-ms-win-crt-string-l1-1-0

toupper
_wcsdup
wcsncmp
wcsnlen
strcpy_s

api-ms-win-crt-convert-l1-1-0

wcstoul
_wtoi

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_time64
wcsftime

api-ms-win-crt-locale-l1-1-0

setlocale
___mb_cur_max_func
_configthreadlocale
___lc_codepage_func
___lc_locale_name_func
__pctype_func
_lock_locales
_unlock_locales

api-ms-win-crt-math-l1-1-0

__setusermatherr

Sections

.text
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
net8.0/SysManagerX64.pdb
net8.0/SysManagerX64.runtimeconfig.json
net8.0/System.CodeDom.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

44:03:c9:06:c7:46:a3:ba:29:e3:f2:3f:09:1b:76:d2:4d:9e:83:66:c2:69:f4:d7:5a:a3:eb:05:28:e4:5e:e0
Signer

Actual PE Digest

44:03:c9:06:c7:46:a3:ba:29:e3:f2:3f:09:1b:76:d2:4d:9e:83:66:c2:69:f4:d7:5a:a3:eb:05:28:e4:5e:e0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.CodeDom/netstandard-Release/System.CodeDom.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/System.Configuration.ConfigurationManager.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:70:f6:b3:2f:3f:e4:6f:fd:cd:37:a7:c3:40:94:51:6b:80:20:93:1c:e0:53:46:8f:e9:fb:34:56:54:02:8b
Signer

Actual PE Digest

47:70:f6:b3:2f:3f:e4:6f:fd:cd:37:a7:c3:40:94:51:6b:80:20:93:1c:e0:53:46:8f:e9:fb:34:56:54:02:8b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Configuration.ConfigurationManager/netstandard-Release/System.Configuration.ConfigurationManager.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/System.Data.SQLite.EF6.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:cc:b2:cf:c9:d8:bd:c8:58:f7:10:d2:76:f4:f4:ea:9c:2a:a5:3d:f6:87:61:40:27:07:06:22:f2:ba:d4:13:39:32:40:e9:67:57:9b:60:43:6c:11:e3:45:23:fe:ab:25:b1:d8:a9:f2:be:82:bc:1c:cd:8a:5f:bd:e0:90:09
Signer

Actual PE Digest

64:cc:b2:cf:c9:d8:bd:c8:58:f7:10:d2:76:f4:f4:ea:9c:2a:a5:3d:f6:87:61:40:27:07:06:22:f2:ba:d4:13:39:32:40:e9:67:57:9b:60:43:6c:11:e3:45:23:fe:ab:25:b1:d8:a9:f2:be:82:bc:1c:cd:8a:5f:bd:e0:90:09

Digest Algorithm

sha512

PE Digest Matches

true

37:03:f4:06:6e:86:a3:ce:fe:a3:88:e5:d2:b2:92:48:b0:35:e5:b0
Signer

Actual PE Digest

37:03:f4:06:6e:86:a3:ce:fe:a3:88:e5:d2:b2:92:48:b0:35:e5:b0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\sqlite\dotnet-private\System.Data.SQLite.Linq\obj\Release\netstandard2.1\System.Data.SQLite.EF6.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/System.Data.SQLite.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

37:a0:d7:e4:0f:78:51:21:4f:62:33:28:c4:84:82:bf:a9:8b:0b:6d:f3:92:4f:b9:21:9e:67:ed:13:b2:45:dc:f3:f7:34:80:10:01:70:16:6a:10:75:66:8f:25:a3:fd:71:65:59:75:0d:db:e8:17:de:db:81:62:af:34:0e:bf
Signer

Actual PE Digest

37:a0:d7:e4:0f:78:51:21:4f:62:33:28:c4:84:82:bf:a9:8b:0b:6d:f3:92:4f:b9:21:9e:67:ed:13:b2:45:dc:f3:f7:34:80:10:01:70:16:6a:10:75:66:8f:25:a3:fd:71:65:59:75:0d:db:e8:17:de:db:81:62:af:34:0e:bf

Digest Algorithm

sha512

PE Digest Matches

true

ff:2d:24:21:f9:ca:b7:b2:ed:35:bd:b8:45:72:5a:b2:3a:8b:d4:64
Signer

Actual PE Digest

ff:2d:24:21:f9:ca:b7:b2:ed:35:bd:b8:45:72:5a:b2:3a:8b:d4:64

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\sqlite\dotnet-private\System.Data.SQLite\obj\Release\netstandard2.1\System.Data.SQLite.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 394KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/System.Data.SqlClient.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:4e:a0:df:82:74:b3:23:1a:5b:bb:bf:2a:6f:3a:8d:bb:a9:66:33:7a:06:52:5d:b0:57:24:a0:2f:f6:8f:96
Signer

Actual PE Digest

5e:4e:a0:df:82:74:b3:23:1a:5b:bb:bf:2a:6f:3a:8d:bb:a9:66:33:7a:06:52:5d:b0:57:24:a0:2f:f6:8f:96

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Data.SqlClient/netcoreapp2.1-Release/System.Data.SqlClient.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/System.Drawing.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:0b:bf:86:a4:4e:62:8e:e7:04:00:00:00:00:01:0b
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2018, 20:20

Not After

23/11/2019, 20:20

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:A240-4B82-130E,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:b1:dd:ed:ba:54:e9:65:b8:5f:00:01:00:00:01:b1
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:11

Not After

26/07/2019, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:03:5e:25:1c:99:1f:a3:1e:b8:00:00:00:00:01:03
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/07/2018, 20:08

Not After

26/07/2019, 20:08

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e6:0e:cb:bc:06:b0:fc:94:2c:d3:e3:fc:04:05:4c:05:eb:a5:79:b7:3c:0f:2e:f6:3b:ef:21:c3:0d:6b:28:34
Signer

Actual PE Digest

e6:0e:cb:bc:06:b0:fc:94:2c:d3:e3:fc:04:05:4c:05:eb:a5:79:b7:3c:0f:2e:f6:3b:ef:21:c3:0d:6b:28:34

Digest Algorithm

sha256

PE Digest Matches

true

b9:37:a3:12:c9:bd:c0:d0:82:0e:18:d1:3b:d6:ec:ff:0b:2a:7b:20
Signer

Actual PE Digest

b9:37:a3:12:c9:bd:c0:d0:82:0e:18:d1:3b:d6:ec:ff:0b:2a:7b:20

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\21\s\corefx\bin\obj\AnyOS.AnyCPU.Release\System.Drawing.Common\netstandard\System.Drawing.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 122KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/System.Security.Cryptography.ProtectedData.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:03:7c:c9:f6:bc:ed:07:59:ae:08:00:00:00:00:03:7c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/05/2023, 19:03

Not After

08/05/2024, 19:03

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

43:29:22:c4:6a:fe:98:d3:cd:fe:f8:80:b0:5f:b4:5c:b9:d4:cf:a6:5b:8b:49:98:db:57:7c:92:83:2f:c9:85
Signer

Actual PE Digest

43:29:22:c4:6a:fe:98:d3:cd:fe:f8:80:b0:5f:b4:5c:b9:d4:cf:a6:5b:8b:49:98:db:57:7c:92:83:2f:c9:85

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Security.Cryptography.ProtectedData/Release/net8.0/System.Security.Cryptography.ProtectedData.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/System.Security.Permissions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:ff:0f:58:e7:7b:5d:7f:f3:95:a7:30:62:a5:f6:0b:ad:78:75:f2:f5:31:95:54:73:62:4b:f7:a4:35:29:58
Signer

Actual PE Digest

39:ff:0f:58:e7:7b:5d:7f:f3:95:a7:30:62:a5:f6:0b:ad:78:75:f2:f5:31:95:54:73:62:4b:f7:a4:35:29:58

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Security.Permissions/netcoreapp3.0-Release/System.Security.Permissions.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/System.Windows.Extensions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4f:81:fe:57:29:59:09:8b:fb:f4:6b:86:be:fe:6b:b2:09:f4:7a:da:c1:32:ae:b1:d4:84:b1:96:2a:19:73:ef
Signer

Actual PE Digest

4f:81:fe:57:29:59:09:8b:fb:f4:6b:86:be:fe:6b:b2:09:f4:7a:da:c1:32:ae:b1:d4:84:b1:96:2a:19:73:ef

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Windows.Extensions/netcoreapp3.0-Release/System.Windows.Extensions.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/linux-x64/native/SQLite.Interop.dll
.elf linux x64
net8.0/runtimes/osx-x64/native/SQLite.Interop.dll
.dylib macos arch:x64
net8.0/runtimes/unix/lib/netcoreapp2.1/System.Data.SqlClient.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b0:5a:72:6b:63:34:0d:ff:9c:33:74:06:de:0d:86:e1:c2:fd:a1:e2:3f:65:2d:0f:72:f5:1a:08:ee:fc:7f:4a
Signer

Actual PE Digest

b0:5a:72:6b:63:34:0d:ff:9c:33:74:06:de:0d:86:e1:c2:fd:a1:e2:3f:65:2d:0f:72:f5:1a:08:ee:fc:7f:4a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Data.SqlClient/netcoreapp2.1-Unix-Release/System.Data.SqlClient.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 921KB - Virtual size: 920KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/unix/lib/netcoreapp3.0/System.Drawing.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2a:f3:e9:86:a4:0e:1d:f0:50:14:79:c8:2a:36:b3:44:59:75:18:8a:ec:c1:42:d4:53:df:a4:0a:a6:ed:08:13
Signer

Actual PE Digest

2a:f3:e9:86:a4:0e:1d:f0:50:14:79:c8:2a:36:b3:44:59:75:18:8a:ec:c1:42:d4:53:df:a4:0a:a6:ed:08:13

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Drawing.Common/netcoreapp3.0-Unix-Release/System.Drawing.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 352KB - Virtual size: 352KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/win-arm64/native/sni.dll
net8.0/runtimes/win-x64/native/SQLite.Interop.dll
.dll windows:6 windows x64 arch:x64

d99c34fbf4a27bd49bd158efcb5d8cc5

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:d4:f4:c6:67:41:51:25:50:fe:04:71:14:50:fb:c3:8a:96:d0:e8:62:36:97:2d:eb:8d:05:97:81:a3:1e:a9:08:57:1c:47:e4:b3:9c:61:07:82:ad:63:6c:e8:02:52:73:2c:bf:34:b4:5d:5e:81:4d:22:e1:53:b2:5d:e2:13
Signer

Actual PE Digest

cf:d4:f4:c6:67:41:51:25:50:fe:04:71:14:50:fb:c3:8a:96:d0:e8:62:36:97:2d:eb:8d:05:97:81:a3:1e:a9:08:57:1c:47:e4:b3:9c:61:07:82:ad:63:6c:e8:02:52:73:2c:bf:34:b4:5d:5e:81:4d:22:e1:53:b2:5d:e2:13

Digest Algorithm

sha512

PE Digest Matches

true

b6:7a:e6:77:bc:d2:69:c2:1a:a2:30:5d:0d:3c:28:b0:7a:c4:c3:ff
Signer

Actual PE Digest

b6:7a:e6:77:bc:d2:69:c2:1a:a2:30:5d:0d:3c:28:b0:7a:c4:c3:ff

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\sqlite\dotnet-private\bin\2015\x64\ReleaseNativeOnlyStatic\SQLite.Interop.pdb

Imports

mscoree

CorBindToRuntimeEx

wintrust

WinVerifyTrust

kernel32

GetFullPathNameW
lstrlenW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetModuleFileNameW
SetEnvironmentVariableW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
lstrlenA
GetEnvironmentVariableA
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
lstrcmpA
UnmapViewOfFile
HeapValidate
lstrcatA
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
EnterCriticalSection
DisableThreadLibraryCalls
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
WriteConsoleW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SetStdHandle
RaiseException
HeapFree
HeapCreate
TryEnterCriticalSection
ReadFile
AreFileApisANSI
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileA
lstrcmpiW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetACP
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA

user32

wsprintfA
wsprintfW

advapi32

CryptAcquireContextW
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey

Exports

Exports

SI0019486164d7bf44
SI02ba66995d97a90f
SI03287dbc8723fdd9
SI04b638e115f7beb4
SI04ce52527311d73d
SI04fc6f8a1e017f73
SI0504e2b10fc984a6
SI08e1b81c309b0697
SI093ec945feac7a9f
SI0a5994a5732236aa
SI0a5abed06696b608
SI0b7b29d9f4d9e9cd
SI0baa26a8603fbeaa
SI0ea978ea1c0d405a
SI106a696fe4411f05
SI11c76cd24cbc4f5a
SI140dacdec9d5041b
SI143d3c343ba8f025
SI14b078570350825e
SI14f276d110ea07d2
SI1698350d8fe62095
SI19682c472152ed2e
SI1b5f3547d13ba432
SI1b7dde7e97584ae2
SI1d073d65c838cf5f
SI1d2e911ac01d0e2a
SI1da0a0558762261c
SI2443a50be142b79d
SI24b9ac65c591ee78
SI257c42d028c92062
SI25e7ed432da5abe2
SI26bead82d146f523
SI26ecabef7303a42d
SI26f15d49d07fe93a
SI279a729adc1377d7
SI2836277b871ce8fa
SI28cd73ca34f8fb73
SI2a15a1761404662d
SI2a54b637f740510b
SI2de6c00a59e7266e
SI2f17e57366f2805e
SI2f719ae9d2d6fe5e
SI3145812b5ff77358
SI3455a1cea238c256
SI350ef657c32efd79
SI352a26dec0656975
SI35b071367928739e
SI36d903e8ae1034f7
SI371968036eb4539a
SI3721ad633fe2573d
SI37ce1131ccb4e11f
SI3862a1ce27ef5703
SI38b2a832762db8ac
SI3a79cd3b97e12d27
SI3b5b10d9ddfee5ca
SI3c382270243917a2
SI3c49f645ceb670cc
SI3cbdfafed17209a8
SI3d262250f51c6b05
SI3d4a59f30e3066e7
SI3eeccb23f013126d
SI4004f11c66fafdc3
SI419eb095ca17491d
SI45c0ebd9695268ad
SI45fe92a006b7a736
SI467bb3798f593774
SI4919ea51262dac3c
SI4a17a8a321d6ec6a
SI4bab566a390e239c
SI4d728c49baeb336f
SI4de37165831bc271
SI4dfb599f3fd3e023
SI5012edaf9a9b576b
SI523067e3e1269727
SI53b960648e352398
SI5460c9874d9a9c36
SI55523c66e4a81c11
SI565732004973ce4e
SI56805d3cb6ea5260
SI58ae048217841433
SI59ef51e4227a1e60
SI5b8b7f6e43119418
SI5c09368f04cf7aa2
SI5cff166c599de746
SI5d045c2b9d9b73fa
SI5ea70b9767a9e9ce
SI606edd9d386f5df5
SI60bfb2a7e6c9c0e3
SI611d33161126275a
SI613bc819b96e1775
SI6187cc864ff10c8f
SI61c731d3f0a5a8a6
SI63f918e55acf1c40
SI66be4ec506ed664f
SI698058cf78c6a869
SI6a086e2f49de7e85
SI72535cfc141a05c2
SI73e26334041d137d
SI747f3b763c8524f5
SI75e0cee60392beec
SI7742db5e5c879069
SI77d1487d2c16c856
SI78561b4f7190c8dd
SI785b181261fdc0bd
SI7991725b877e4051
SI7af3787a4ab6b5b0
SI7d9178711dcd6811
SI7da1c71ef2b6697a
SI7e5af6a8bfaa1747
SI7f2136bd3d2988aa
SI7f3350ed5ca228bf
SI810facc01c4e99e6
SI81dd6ea067523204
SI837eea5ba53f61b3
SI83f01e67cc2cc9a2
SI85018aaa81082789
SI853298524d63488b
SI8554a644a22f6f20
SI8668b1fc92c22ce1
SI87ee2ec0596a27ef
SI8b1f1431e854f393
SI8b4ecf9e9b46e30b
SI8b6fe1d4af2fdb27
SI8bd848f76b779693
SI8c91429ec00ce6ea
SI8f46df6c19cb419c
SI9006fa68bc924c6f
SI947263e5a132a998
SI965595dac5504b14
SI96e96b93e3971a75
SI971aea6e1a3ae173
SI9ced4623ecd3a3df
SI9e7440e5cce5dc43
SI9edfb98001bcad06
SIa0b934f9dd65efc0
SIa0da56ff87b86dd4
SIa0e5ab23d1190dca
SIa129aff02640c9fe
SIa25f4de441a18204
SIa2c646e1460e3d6a
SIa48df0905a06105d
SIa5013de19e424d00
SIa9bfcac726a70265
SIa9d260dfe73149da
SIaa3c70b5d386c1fa
SIaa3fada7ca685a32
SIaa8f19242494c08c
SIabcd6360beb68a2a
SIabe868fb63f052f8
SIac677082e755b84d
SIae3be833182ff91d
SIaebfdeab19641351
SIaf4898799c5c5ab8
SIafa80a0dba5e3a76
SIb21b3064163c0cda
SIb22cf6c68ac1220a
SIb2d853f1157189a5
SIb30987ff703d6e36
SIb369846d768c8d78
SIb3941677af59e24d
SIb41581ca1b61ed15
SIb57167164aea0161
SIb7b5b2f8e5976737
SIb8a2357403777398
SIb99186e559a4aff6
SIba36cbed52191512
SIbae13b5cc010bd67
SIc0ea1e3857b0ec43
SIc0f749663083c28a
SIc0f7fc1c96c2f62b
SIc2aaa7918e50464c
SIc4f8bd1f4b581f4f
SIc5e3cd0a498a1779
SIc63f2c66e9fadd2d
SIc6b2972f1a2dc615
SIc7e5bd609ce4c68a
SIc8e3ed89cf504a6c
SIc9a5f32c73143c77
SIc9f2182c4a948277
SIca49018e24ca57ec
SIcb4a928df499bdf6
SId08a69e2f8f143ba
SId290cb03f3dc3f61
SId56a8ebc35663981
SId59e1d487aca89f9
SId5fff727332fb0f9
SId65d58073bd498dc
SId7d7db98a12d19ea
SIda2943ab88fe2b4e
SIdb6bf1b7b5944bb6
SIdbad5a35d7a3205c
SIde1622bcd84f5091
SIdfd4204af97948d5
SIe0b31ba0fca9dfae
SIe47e4c5201c5334a
SIeb85fb6ed1178f6e
SIed7328d4da7ea496
SIefa0b6ff8825450f
SIf2f03057a674dd64
SIf39369f79e9f653d
SIf44cd2b5614ea7da
SIf5c71e022d4e16c5
SIf61494071db20f41
SIf67c886bb709cc2f
SIf6ca1239c6e3c3e4
SIfe86240eeda8764b
SIfeac64b03115a142
sqlite3_cryptoapi_init
sqlite3_fts5_init
sqlite3_fts_init
sqlite3_percentile_init
sqlite3_regexp_init
sqlite3_sha_init
sqlite3_shathree_init
sqlite3_totype_init
sqlite3_vtshim_init

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/win-x64/native/sni.dll
.dll windows:6 windows x64 arch:x64

832da7315b462f507eb516997ac7ce0e

Code Sign

33:00:00:00:c9:64:4d:16:db:1a:7d:b3:15:00:00:00:00:00:c9
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B1B7-F67F-FEC2,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:8e:87:91:a4:57:1a:5f:ca:3e:00:00:00:00:00:8e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

17/11/2016, 22:09

Not After

17/02/2018, 22:09

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

28:2a:bb:72:6d:64:2a:1e:fe:22:24:a7:64:bd:f7:d2:72:da:aa:d5:9b:23:ec:90:5c:0c:ad:a6:34:97:ec:ab
Signer

Actual PE Digest

28:2a:bb:72:6d:64:2a:1e:fe:22:24:a7:64:bd:f7:d2:72:da:aa:d5:9b:23:ec:90:5c:0c:ad:a6:34:97:ec:ab

Digest Algorithm

sha256

PE Digest Matches

true

93:fd:9e:aa:3f:3e:c0:86:43:a3:2d:e3:4f:97:a9:bc:dd:22:e1:ba
Signer

Actual PE Digest

93:fd:9e:aa:3f:3e:c0:86:43:a3:2d:e3:4f:97:a9:bc:dd:22:e1:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\410\s\bin\obj\Windows_NT.x64.Release\Native\sni\Release\sni.pdb

Imports

kernel32

SetEvent
CreateSemaphoreA
SetLastError
GetQueuedCompletionStatus
Sleep
FileTimeToSystemTime
GetSystemDirectoryA
CreateThread
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
InitializeSListHead
CreateIoCompletionPort
GetComputerNameA
TlsSetValue
FormatMessageW
TlsAlloc
TlsGetValue
TlsFree
WaitForMultipleObjects
SetHandleInformation
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
ReleaseSemaphore
MultiByteToWideChar
GetComputerNameExA
WideCharToMultiByte
CompareStringA
LCMapStringA
SetFileCompletionNotificationModes
GetTickCount
GetOverlappedResult
CreateFileA
DisconnectNamedPipe
WaitForSingleObject
PeekNamedPipe
WriteFile
GetCurrentProcess
WaitNamedPipeA
SetNamedPipeHandleState
ReadFile
QueryDepthSList
InterlockedPopEntrySList
CreateEventA
InterlockedPushEntrySList
RaiseException
RtlPcToFileHeader
RtlUnwindEx
IsDebuggerPresent
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
EncodePointer
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FreeLibrary
DeleteCriticalSection
GetProcAddress
CloseHandle
LoadLibraryA
InterlockedFlushSList
GetLastError
PostQueuedCompletionStatus
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection

user32

CharNextExA

advapi32

RegCloseKey
ImpersonateNamedPipeClient
CryptDestroyKey
CryptReleaseContext
IsTokenRestricted
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RevertToSelf

rpcrt4

UuidCreate

ws2_32

shutdown
getpeername
WSASend
connect
WSAEnumProtocolsW
WSARecv
WSAPoll
getnameinfo
ntohs
WSAIoctl
getsockname
bind
WSAGetLastError
setsockopt
sendto
freeaddrinfo
htons
htonl
recv
socket
WSAStartup
WSAStringToAddressW
select
closesocket
__WSAFDIsSet
WSACleanup
getaddrinfo

api-ms-win-crt-string-l1-1-0

_stricmp
_wcsnicmp
strncmp
_stricmp_l
strcpy_s
_strnicmp_l
strcmp
wcsncpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vsprintf

api-ms-win-crt-convert-l1-1-0

_atoi_l
atoi

api-ms-win-crt-multibyte-l1-1-0

_mbsspn
_mbschr
_mbsnbicmp_l

api-ms-win-crt-runtime-l1-1-0

abort
_cexit
terminate
_initterm
_initterm_e
_crt_atexit
_execute_onexit_table
_register_onexit_function
_invalid_parameter_noinfo
_errno
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

_callnewh
_calloc_base
free
_free_base
malloc

Exports

Exports

GetSniMaxComposedSpnLength
SNIAddProviderWrapper
SNICheckConnectionWrapper
SNICloseWrapper
SNIGetInfoWrapper
SNIGetLastError
SNIInitialize
SNIOpenSyncExWrapper
SNIOpenWrapper
SNIPacketAllocateWrapper
SNIPacketGetDataWrapper
SNIPacketRelease
SNIPacketResetWrapper
SNIPacketSetData
SNIQueryInfo
SNIReadAsyncWrapper
SNIReadSyncOverAsync
SNIRemoveProviderWrapper
SNISecGenClientContextWrapper
SNISecInitPackage
SNISetInfoWrapper
SNITerminate
SNIWaitForSSLHandshakeToCompleteWrapper
SNIWriteAsyncWrapper
SNIWriteSyncOverAsync
UnmanagedIsTokenRestricted

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/win-x86/native/SQLite.Interop.dll
.dll windows:6 windows x86 arch:x86

c7ed3cced4a9a7e77612b9900591b547

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

01/10/2021, 00:00

Not After

12/12/2024, 23:59

Subject

SERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d4:95:db:a3:94:61:26:b1:2d:bf:e5:f6:9d:dc:72:f7:db:9d:f3:dc:57:45:22:31:d8:03:41:3c:a9:c1:40:36:35:f1:d8:eb:0f:93:68:3d:65:82:2c:53:e9:4e:6a:73:c0:da:2a:28:82:1f:1c:8a:cf:a4:68:b4:d9:8a:39:10
Signer

Actual PE Digest

d4:95:db:a3:94:61:26:b1:2d:bf:e5:f6:9d:dc:72:f7:db:9d:f3:dc:57:45:22:31:d8:03:41:3c:a9:c1:40:36:35:f1:d8:eb:0f:93:68:3d:65:82:2c:53:e9:4e:6a:73:c0:da:2a:28:82:1f:1c:8a:cf:a4:68:b4:d9:8a:39:10

Digest Algorithm

sha512

PE Digest Matches

true

4e:c9:2e:71:0b:72:3e:5b:a9:de:43:94:da:02:17:9e:ee:b8:68:7e
Signer

Actual PE Digest

4e:c9:2e:71:0b:72:3e:5b:a9:de:43:94:da:02:17:9e:ee:b8:68:7e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\dev\sqlite\dotnet-private\bin\2015\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb

Imports

mscoree

CorBindToRuntimeEx

wintrust

WinVerifyTrust

kernel32

GetFullPathNameW
lstrlenW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetModuleFileNameW
SetEnvironmentVariableW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
lstrlenA
GetEnvironmentVariableA
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
lstrcmpA
UnmapViewOfFile
HeapValidate
lstrcatA
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
EnterCriticalSection
DisableThreadLibraryCalls
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
WriteConsoleW
lstrcmpiW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
RaiseException
SetStdHandle
DecodePointer
HeapFree
HeapCreate
TryEnterCriticalSection
ReadFile
AreFileApisANSI
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CreateFileA
MapViewOfFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetACP
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA

user32

wsprintfA
wsprintfW

advapi32

CryptAcquireContextW
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey

Exports

Exports

SI02ba66995d97a90f
SI03287dbc8723fdd9
SI04ce52527311d73d
SI0504e2b10fc984a6
SI08e1b81c309b0697
SI093ec945feac7a9f
SI0a5994a5732236aa
SI0a5abed06696b608
SI0b7b29d9f4d9e9cd
SI0baa26a8603fbeaa
SI0ea978ea1c0d405a
SI106a696fe4411f05
SI11c76cd24cbc4f5a
SI143d3c343ba8f025
SI14b078570350825e
SI14f276d110ea07d2
SI1698350d8fe62095
SI19682c472152ed2e
SI1b5f3547d13ba432
SI1b7dde7e97584ae2
SI2443a50be142b79d
SI24b9ac65c591ee78
SI257c42d028c92062
SI26bead82d146f523
SI26ecabef7303a42d
SI26f15d49d07fe93a
SI279a729adc1377d7
SI2836277b871ce8fa
SI28cd73ca34f8fb73
SI2a15a1761404662d
SI2a54b637f740510b
SI2f17e57366f2805e
SI3145812b5ff77358
SI3455a1cea238c256
SI350ef657c32efd79
SI352a26dec0656975
SI35b071367928739e
SI371968036eb4539a
SI3721ad633fe2573d
SI37ce1131ccb4e11f
SI38b2a832762db8ac
SI3c382270243917a2
SI3c49f645ceb670cc
SI3cbdfafed17209a8
SI3d4a59f30e3066e7
SI3eeccb23f013126d
SI45c0ebd9695268ad
SI45fe92a006b7a736
SI467bb3798f593774
SI4919ea51262dac3c
SI4a17a8a321d6ec6a
SI4bab566a390e239c
SI4d728c49baeb336f
SI4de37165831bc271
SI523067e3e1269727
SI53b960648e352398
SI5460c9874d9a9c36
SI55523c66e4a81c11
SI565732004973ce4e
SI56805d3cb6ea5260
SI5c09368f04cf7aa2
SI5cff166c599de746
SI5d045c2b9d9b73fa
SI5ea70b9767a9e9ce
SI606edd9d386f5df5
SI60bfb2a7e6c9c0e3
SI6187cc864ff10c8f
SI61c731d3f0a5a8a6
SI63f918e55acf1c40
SI66be4ec506ed664f
SI698058cf78c6a869
SI6a086e2f49de7e85
SI72535cfc141a05c2
SI73e26334041d137d
SI747f3b763c8524f5
SI75e0cee60392beec
SI7742db5e5c879069
SI77d1487d2c16c856
SI78561b4f7190c8dd
SI785b181261fdc0bd
SI7991725b877e4051
SI7af3787a4ab6b5b0
SI7d9178711dcd6811
SI7da1c71ef2b6697a
SI7e5af6a8bfaa1747
SI7f2136bd3d2988aa
SI81dd6ea067523204
SI837eea5ba53f61b3
SI83f01e67cc2cc9a2
SI85018aaa81082789
SI853298524d63488b
SI8554a644a22f6f20
SI8668b1fc92c22ce1
SI87ee2ec0596a27ef
SI8b1f1431e854f393
SI8b6fe1d4af2fdb27
SI8bd848f76b779693
SI8c91429ec00ce6ea
SI8f46df6c19cb419c
SI9006fa68bc924c6f
SI96e96b93e3971a75
SI9ced4623ecd3a3df
SI9e7440e5cce5dc43
SI9edfb98001bcad06
SIa0b934f9dd65efc0
SIa129aff02640c9fe
SIa25f4de441a18204
SIa2c646e1460e3d6a
SIa5013de19e424d00
SIa9bfcac726a70265
SIa9d260dfe73149da
SIaa3fada7ca685a32
SIaa8f19242494c08c
SIabcd6360beb68a2a
SIabe868fb63f052f8
SIac677082e755b84d
SIae3be833182ff91d
SIb21b3064163c0cda
SIb22cf6c68ac1220a
SIb2d853f1157189a5
SIb30987ff703d6e36
SIb41581ca1b61ed15
SIb57167164aea0161
SIb7b5b2f8e5976737
SIb8a2357403777398
SIb99186e559a4aff6
SIba36cbed52191512
SIbae13b5cc010bd67
SIc0ea1e3857b0ec43
SIc0f7fc1c96c2f62b
SIc4f8bd1f4b581f4f
SIc5e3cd0a498a1779
SIc63f2c66e9fadd2d
SIc6b2972f1a2dc615
SIc7e5bd609ce4c68a
SIc9a5f32c73143c77
SIc9f2182c4a948277
SIca49018e24ca57ec
SIcb4a928df499bdf6
SId08a69e2f8f143ba
SId290cb03f3dc3f61
SId59e1d487aca89f9
SId5fff727332fb0f9
SIdb6bf1b7b5944bb6
SIdbad5a35d7a3205c
SIde1622bcd84f5091
SIdfd4204af97948d5
SIe47e4c5201c5334a
SIed7328d4da7ea496
SIefa0b6ff8825450f
SIf2f03057a674dd64
SIf44cd2b5614ea7da
SIf61494071db20f41
SIf67c886bb709cc2f
SIfe86240eeda8764b
SIfeac64b03115a142
_SI0019486164d7bf44@12
_SI04b638e115f7beb4@20
_SI04fc6f8a1e017f73@20
_SI140dacdec9d5041b@12
_SI1d073d65c838cf5f@12
_SI1d2e911ac01d0e2a@4
_SI1da0a0558762261c@8
_SI25e7ed432da5abe2@0
_SI2de6c00a59e7266e@4
_SI2f719ae9d2d6fe5e@8
_SI36d903e8ae1034f7@12
_SI3862a1ce27ef5703@4
_SI3a79cd3b97e12d27@8
_SI3b5b10d9ddfee5ca@4
_SI3d262250f51c6b05@32
_SI4004f11c66fafdc3@4
_SI419eb095ca17491d@12
_SI4dfb599f3fd3e023@12
_SI5012edaf9a9b576b@12
_SI58ae048217841433@12
_SI59ef51e4227a1e60@40
_SI5b8b7f6e43119418@0
_SI611d33161126275a@24
_SI613bc819b96e1775@8
_SI7f3350ed5ca228bf@112
_SI810facc01c4e99e6@12
_SI8b4ecf9e9b46e30b@12
_SI947263e5a132a998@36
_SI965595dac5504b14@12
_SI971aea6e1a3ae173@12
_SIa0da56ff87b86dd4@12
_SIa0e5ab23d1190dca@8
_SIa48df0905a06105d@4
_SIaa3c70b5d386c1fa@4
_SIaebfdeab19641351@12
_SIaf4898799c5c5ab8@44
_SIafa80a0dba5e3a76@12
_SIb369846d768c8d78@4
_SIb3941677af59e24d@12
_SIc0f749663083c28a@8
_SIc2aaa7918e50464c@4
_SIc8e3ed89cf504a6c@8
_SId56a8ebc35663981@12
_SId65d58073bd498dc@12
_SId7d7db98a12d19ea@8
_SIda2943ab88fe2b4e@20
_SIe0b31ba0fca9dfae@4
_SIeb85fb6ed1178f6e@16
_SIf39369f79e9f653d@8
_SIf5c71e022d4e16c5@12
_SIf6ca1239c6e3c3e4@8
sqlite3_cryptoapi_init
sqlite3_fts5_init
sqlite3_fts_init
sqlite3_percentile_init
sqlite3_regexp_init
sqlite3_sha_init
sqlite3_shathree_init
sqlite3_totype_init
sqlite3_vtshim_init

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/win-x86/native/sni.dll
.dll windows:6 windows x86 arch:x86

00f5001ebf137746556043a7c9155eca

Code Sign

33:00:00:00:b5:ac:7d:6d:87:6b:26:11:47:00:00:00:00:00:b5
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:8e:87:91:a4:57:1a:5f:ca:3e:00:00:00:00:00:8e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

17/11/2016, 22:09

Not After

17/02/2018, 22:09

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

be:e0:1f:b9:15:bc:e5:77:a2:a0:e3:dd:41:4e:59:93:c8:28:3b:1c:91:bd:9d:1c:42:fa:96:2c:4e:9a:f0:04
Signer

Actual PE Digest

be:e0:1f:b9:15:bc:e5:77:a2:a0:e3:dd:41:4e:59:93:c8:28:3b:1c:91:bd:9d:1c:42:fa:96:2c:4e:9a:f0:04

Digest Algorithm

sha256

PE Digest Matches

true

a4:da:98:d6:cc:38:31:14:3a:60:44:18:10:f5:a7:26:00:cf:81:f1
Signer

Actual PE Digest

a4:da:98:d6:cc:38:31:14:3a:60:44:18:10:f5:a7:26:00:cf:81:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\A\_work\410\s\bin\obj\Windows_NT.x86.Release\Native\sni\Release\sni.pdb

Imports

kernel32

SetEvent
CreateSemaphoreA
SetLastError
GetQueuedCompletionStatus
Sleep
FileTimeToSystemTime
GetSystemDirectoryA
CreateThread
SystemTimeToTzSpecificLocalTime
GetSystemTimeAsFileTime
InitializeSListHead
CreateIoCompletionPort
GetComputerNameA
TlsSetValue
FormatMessageW
TlsAlloc
WaitForMultipleObjects
TlsFree
SetHandleInformation
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
ReleaseSemaphore
MultiByteToWideChar
GetComputerNameExA
WideCharToMultiByte
CompareStringA
LCMapStringA
SetFileCompletionNotificationModes
GetTickCount
GetOverlappedResult
CreateFileA
DisconnectNamedPipe
WaitForSingleObject
PeekNamedPipe
WriteFile
GetCurrentProcess
WaitNamedPipeA
SetNamedPipeHandleState
ReadFile
QueryDepthSList
InterlockedPopEntrySList
CreateEventA
InterlockedPushEntrySList
RtlUnwind
RaiseException
IsDebuggerPresent
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EncodePointer
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeLibrary
DeleteCriticalSection
GetProcAddress
CloseHandle
LoadLibraryA
InterlockedFlushSList
GetLastError
PostQueuedCompletionStatus
InitializeCriticalSection
LeaveCriticalSection
TlsGetValue
EnterCriticalSection

user32

CharNextExA

advapi32

RegCloseKey
ImpersonateNamedPipeClient
CryptDestroyKey
CryptReleaseContext
IsTokenRestricted
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RevertToSelf

rpcrt4

UuidCreate

ws2_32

WSAIoctl
WSASend
getpeername
getsockname
ntohs
shutdown
bind
WSARecv
WSAPoll
getnameinfo
WSACleanup
__WSAFDIsSet
closesocket
select
WSAEnumProtocolsW
connect
WSAGetLastError
setsockopt
sendto
freeaddrinfo
htons
htonl
socket
WSAStartup
getaddrinfo
WSAStringToAddressW
recv

api-ms-win-crt-string-l1-1-0

_wcsnicmp
_stricmp
strcpy_s
strncmp
_stricmp_l
wcsncpy_s
_strnicmp_l

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
__stdio_common_vsprintf

api-ms-win-crt-convert-l1-1-0

_atoi_l
atoi

api-ms-win-crt-multibyte-l1-1-0

_mbsnbicmp_l
_mbschr
_mbsspn

api-ms-win-crt-runtime-l1-1-0

_cexit
abort
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
terminate
_invalid_parameter_noinfo
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_errno

api-ms-win-crt-heap-l1-1-0

_calloc_base
_callnewh
free
malloc
_free_base

Exports

Exports

GetSniMaxComposedSpnLength
SNIAddProviderWrapper
SNICheckConnectionWrapper
SNICloseWrapper
SNIGetInfoWrapper
SNIGetLastError
SNIInitialize
SNIOpenSyncExWrapper
SNIOpenWrapper
SNIPacketAllocateWrapper
SNIPacketGetDataWrapper
SNIPacketRelease
SNIPacketResetWrapper
SNIPacketSetData
SNIQueryInfo
SNIReadAsyncWrapper
SNIReadSyncOverAsync
SNIRemoveProviderWrapper
SNISecGenClientContextWrapper
SNISecInitPackage
SNISetInfoWrapper
SNITerminate
SNIWaitForSSLHandshakeToCompleteWrapper
SNIWriteAsyncWrapper
SNIWriteSyncOverAsync
UnmanagedIsTokenRestricted

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/win/lib/netcoreapp2.1/System.Data.SqlClient.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:19:cd:f5:fe:84:9f:0d:b7:12:9f:2e:74:05:d3:43:22:d5:87:16:a4:53:03:48:15:d7:dd:91:51:64:27:c8
Signer

Actual PE Digest

ff:19:cd:f5:fe:84:9f:0d:b7:12:9f:2e:74:05:d3:43:22:d5:87:16:a4:53:03:48:15:d7:dd:91:51:64:27:c8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Data.SqlClient/netcoreapp2.1-Windows_NT-Release/System.Data.SqlClient.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 988KB - Virtual size: 987KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/win/lib/netcoreapp3.0/Microsoft.Win32.SystemEvents.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:f7:4c:37:b5:a1:24:1c:1b:ec:c6:dc:90:53:56:d7:41:0a:d6:d6:7b:6f:7c:34:bd:15:0d:39:a9:85:c3:5c
Signer

Actual PE Digest

bb:f7:4c:37:b5:a1:24:1c:1b:ec:c6:dc:90:53:56:d7:41:0a:d6:d6:7b:6f:7c:34:bd:15:0d:39:a9:85:c3:5c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/Microsoft.Win32.SystemEvents/netcoreapp3.0-Windows_NT-Release/Microsoft.Win32.SystemEvents.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/win/lib/netcoreapp3.0/System.Drawing.Common.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:56:58:d0:ed:03:be:e9:1a:e9:e9:1f:c7:9c:f5:47:bf:5b:b8:8a:75:a7:83:5a:3a:eb:49:ac:c6:68:7a:59
Signer

Actual PE Digest

25:56:58:d0:ed:03:be:e9:1a:e9:e9:1f:c7:9c:f5:47:bf:5b:b8:8a:75:a7:83:5a:3a:eb:49:ac:c6:68:7a:59

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Drawing.Common/netcoreapp3.0-Windows_NT-Release/System.Drawing.Common.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 393KB - Virtual size: 392KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/runtimes/win/lib/netcoreapp3.0/System.Windows.Extensions.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:5c:57:a8:b3:57:78:7e:10:b8:e2:0a:e2:89:c5:a0:0a:ef:07:09:ac:f3:6f:99:06:ee:5d:4d:97:5b:46:3e
Signer

Actual PE Digest

e9:5c:57:a8:b3:57:78:7e:10:b8:e2:0a:e2:89:c5:a0:0a:ef:07:09:ac:f3:6f:99:06:ee:5d:4d:97:5b:46:3e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

/_/artifacts/obj/System.Windows.Extensions/netcoreapp3.0-Windows_NT-Release/System.Windows.Extensions.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
net8.0/test/GoogleChromeUser Data1413pasc.txt
net8.0/test/GoogleChromeUser Data2013pasc.txt
net8.0/test/GoogleChromeUser Data2271cad.txt
net8.0/test/GoogleChromeUser Data2638.txt
net8.0/test/GoogleChromeUser Data3835cad.txt
net8.0/test/GoogleChromeUser Data4042pasc.txt
net8.0/test/GoogleChromeUser Data5824.txt
net8.0/test/GoogleChromeUser Data7811.txt
net8.0/test/GoogleChromeUser Data8865cad.txt

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

a3:69:16:5e:a7:19:db:f3:a0:43:17:8d:50:f0:77:0c:e0:a6:4e:0c:41:41:54:00:84:99:3e:de:7a:6b:83:48Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 566KB - Virtual size: 565KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

c4:99:68:ae:2a:72:65:1f:63:80:e6:34:8c:c8:d6:be:e5:a8:1b:c5:7c:dc:e3:24:db:81:8c:30:b0:e1:54:91Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 4.7MB - Virtual size: 4.7MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

30:9e:77:97:a4:c2:bd:31:07:37:cc:a5:0b:a8:e1:6a:91:45:ac:08:2b:a2:35:da:48:76:64:06:2a:58:28:90Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 11KB - Virtual size: 10KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

dae02f32a21e03ce65412f6e56942daa

Code Sign

06:ce:e1:31:be:6d:55:c8:07:f7:c0:c7:fb:44:e6:20Certificate

Key Usages

0a:de:32:e9:50:9b:44:aa:34:b1:da:f1:bc:0e:c8:73Certificate

Extended Key Usages

Key Usages

0c:d1:40:7a:5a:bd:ed:43:d5:c1:73:12:1d:38:c5:29Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

12:a2:f8:77:6a:5b:04:46:97:f9:ac:0c:85:0b:b9:3c:9d:a2:ac:a9:a3:72:91:5b:d9:ed:db:47:d0:c2:9e:3dSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

a3:69:16:5e:a7:19:db:f3:a0:43:17:8d:50:f0:77:0c:e0:a6:4e:0c:41:41:54:00:84:99:3e:de:7a:6b:83:48
Signer

.text
Size: 566KB - Virtual size: 565KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

c4:99:68:ae:2a:72:65:1f:63:80:e6:34:8c:c8:d6:be:e5:a8:1b:c5:7c:dc:e3:24:db:81:8c:30:b0:e1:54:91
Signer

.text
Size: 4.7MB - Virtual size: 4.7MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

30:9e:77:97:a4:c2:bd:31:07:37:cc:a5:0b:a8:e1:6a:91:45:ac:08:2b:a2:35:da:48:76:64:06:2a:58:28:90
Signer

.text
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

06:ce:e1:31:be:6d:55:c8:07:f7:c0:c7:fb:44:e6:20
Certificate

0a:de:32:e9:50:9b:44:aa:34:b1:da:f1:bc:0e:c8:73
Certificate

0c:d1:40:7a:5a:bd:ed:43:d5:c1:73:12:1d:38:c5:29
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

12:a2:f8:77:6a:5b:04:46:97:f9:ac:0c:85:0b:b9:3c:9d:a2:ac:a9:a3:72:91:5b:d9:ed:db:47:d0:c2:9e:3d
Signer

.text
Size: 681KB - Virtual size: 681KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 90KB - Virtual size: 90KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 2KB - Virtual size: 6KB

.pdata
Size: 5KB - Virtual size: 4KB

_RDATA
Size: 512B - Virtual size: 500B

.reloc
Size: 1024B - Virtual size: 792B

.rsrc
Size: 1KB - Virtual size: 1KB

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

44:03:c9:06:c7:46:a3:ba:29:e3:f2:3f:09:1b:76:d2:4d:9e:83:66:c2:69:f4:d7:5a:a3:eb:05:28:e4:5e:e0
Signer

.text
Size: 166KB - Virtual size: 165KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

47:70:f6:b3:2f:3f:e4:6f:fd:cd:37:a7:c3:40:94:51:6b:80:20:93:1c:e0:53:46:8f:e9:fb:34:56:54:02:8b
Signer