_CloseProcess
_FindProcess
_KillProcess
_Unload
Overview
overview
7Static
static
3d7dff6275c...d8.exe
windows7-x64
7d7dff6275c...d8.exe
windows10-2004-x64
7$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$_2_/IdleA...up.exe
windows7-x64
1$_2_/IdleA...up.exe
windows10-2004-x64
1$_2_/IdleA...35.exe
windows7-x64
1$_2_/IdleA...35.exe
windows10-2004-x64
1$_2_/Inter...ry.dll
windows7-x64
1$_2_/Inter...ry.dll
windows10-2004-x64
1$_2_/Newto...on.dll
windows7-x64
1$_2_/Newto...on.dll
windows10-2004-x64
1$_2_/Sharp...ss.dll
windows7-x64
1$_2_/Sharp...ss.dll
windows10-2004-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
d7dff6275cd3ee440af2001128ac99fe95c07f760920b44feae3f116edd8e3d8.exe
Resource
win7-20240708-en
windows7-x64
9 signatures
150 seconds
Behavioral task
behavioral2
Sample
d7dff6275cd3ee440af2001128ac99fe95c07f760920b44feae3f116edd8e3d8.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
7 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win7-20240705-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/nsProcess.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$_2_/IdleAngelsSetup.exe
Resource
win7-20240704-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral6
Sample
$_2_/IdleAngelsSetup.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
$_2_/IdleAngelsSetup_35.exe
Resource
win7-20240708-en
windows7-x64
5 signatures
150 seconds
Behavioral task
behavioral8
Sample
$_2_/IdleAngelsSetup_35.exe
Resource
win10v2004-20240709-en
windows10-2004-x64
4 signatures
150 seconds
Behavioral task
behavioral9
Sample
$_2_/Interop.IWshRuntimeLibrary.dll
Resource
win7-20240705-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral10
Sample
$_2_/Interop.IWshRuntimeLibrary.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral11
Sample
$_2_/Newtonsoft.Json.dll
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
$_2_/Newtonsoft.Json.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
$_2_/SharpCompress.dll
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral14
Sample
$_2_/SharpCompress.dll
Resource
win10v2004-20240709-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
d7dff6275cd3ee440af2001128ac99fe95c07f760920b44feae3f116edd8e3d8
-
Size
1.5MB
-
MD5
2b9cb80b9ef33f84e252e21b112942a3
-
SHA1
869ba5fd3b607d474dd6de5e948cf96b7896d87b
-
SHA256
d7dff6275cd3ee440af2001128ac99fe95c07f760920b44feae3f116edd8e3d8
-
SHA512
4f6a69493c17f370244d335c05f9800ac8599709107d417206b0527560db1749924c3f284d5a1ca819de30e7070bc9a36edb2959e1405febc1300e943386c01d
-
SSDEEP
24576:HbyhDygLImoaA78qjVRlqBeBG770IlVauVWZtSap3bpDJMw+ijE8Ws5tnSJovweA:70IzXIqN5BG770IlVau+zdzMw+ijEA5g
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource d7dff6275cd3ee440af2001128ac99fe95c07f760920b44feae3f116edd8e3d8 unpack001/$PLUGINSDIR/nsProcess.dll
Files
-
d7dff6275cd3ee440af2001128ac99fe95c07f760920b44feae3f116edd8e3d8.exe windows:4 windows x86 arch:x86
56a78d55f3f7af51443e58e0ce2fb5f6
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
Sections
.text Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 88KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 53KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/nsProcess.dll.dll windows:5 windows x86 arch:x86
a49b0342971aa199fc6349725b90146d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
lstrcpynA
lstrlenA
LoadLibraryA
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExA
GlobalFree
GlobalAlloc
user32
GetWindowThreadProcessId
EnumWindows
wsprintfA
PostMessageA
Exports
Exports
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 910B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 436B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 250B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_2_/IdleAngelsSetup.exe.exe windows:4 windows x64 arch:x64
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19/09/2018, 00:00Not After28/01/2028, 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28/07/2020, 00:00Not After18/03/2029, 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28/07/2020, 00:00Not After28/07/2030, 00:00SubjectCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7e:97:e8:0d:de:b3:d4:f1:7d:0e:c3:adCertificate
IssuerCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before31/05/2023, 09:51Not After31/05/2024, 09:51SubjectSERIALNUMBER=201835412C,CN=MUJOY PTE. LTD.,O=MUJOY PTE. LTD.,STREET=6 SHENTON WAY\, #37-03\, OUE DOWNTOWN,L=Singapore,ST=Singapore,C=SG,1.3.6.1.4.1.311.60.2.1.3=#13025347,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06/04/2022, 07:45Not After08/05/2033, 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20/06/2018, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10/12/2014, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
52:7e:75:10:c3:5a:04:95:f9:94:d1:45:dc:4a:77:13:55:13:41:26:88:65:7a:12:06:31:0f:3c:41:2d:db:07Signer
Actual PE Digest52:7e:75:10:c3:5a:04:95:f9:94:d1:45:dc:4a:77:13:55:13:41:26:88:65:7a:12:06:31:0f:3c:41:2d:db:07Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
F:\ac_develop2023\downloadPc\net6_clear\35_40\downloadmiaojugame\obj\x64\Release\IdleAngelsSetup.pdb
Sections
.text Size: 795KB - Virtual size: 795KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 52KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$_2_/IdleAngelsSetup_35.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19/09/2018, 00:00Not After28/01/2028, 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28/07/2020, 00:00Not After18/03/2029, 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28/07/2020, 00:00Not After28/07/2030, 00:00SubjectCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7e:97:e8:0d:de:b3:d4:f1:7d:0e:c3:adCertificate
IssuerCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before31/05/2023, 09:51Not After31/05/2024, 09:51SubjectSERIALNUMBER=201835412C,CN=MUJOY PTE. LTD.,O=MUJOY PTE. LTD.,STREET=6 SHENTON WAY\, #37-03\, OUE DOWNTOWN,L=Singapore,ST=Singapore,C=SG,1.3.6.1.4.1.311.60.2.1.3=#13025347,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06/04/2022, 07:45Not After08/05/2033, 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20/06/2018, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10/12/2014, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
7b:67:ef:37:70:04:1c:22:ed:fd:76:6d:fc:da:30:2b:71:8a:62:2b:23:91:4c:a4:aa:00:57:06:76:63:1c:60Signer
Actual PE Digest7b:67:ef:37:70:04:1c:22:ed:fd:76:6d:fc:da:30:2b:71:8a:62:2b:23:91:4c:a4:aa:00:57:06:76:63:1c:60Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
F:\ac_develop2023\downloadPc\net6_clear\35_40\client-sy-pc\obj\x86\Release\IdleAngelsSetup.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 295KB - Virtual size: 295KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 52KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_2_/Interop.IWshRuntimeLibrary.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19/09/2018, 00:00Not After28/01/2028, 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28/07/2020, 00:00Not After18/03/2029, 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28/07/2020, 00:00Not After28/07/2030, 00:00SubjectCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7e:97:e8:0d:de:b3:d4:f1:7d:0e:c3:adCertificate
IssuerCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before31/05/2023, 09:51Not After31/05/2024, 09:51SubjectSERIALNUMBER=201835412C,CN=MUJOY PTE. LTD.,O=MUJOY PTE. LTD.,STREET=6 SHENTON WAY\, #37-03\, OUE DOWNTOWN,L=Singapore,ST=Singapore,C=SG,1.3.6.1.4.1.311.60.2.1.3=#13025347,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06/04/2022, 07:45Not After08/05/2033, 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20/06/2018, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10/12/2014, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
33:9d:9b:ab:0a:88:8b:c6:6a:12:6e:1f:18:e5:ba:96:90:c3:6e:f6:ab:fa:f7:c1:5a:5b:84:40:77:ab:79:20Signer
Actual PE Digest33:9d:9b:ab:0a:88:8b:c6:6a:12:6e:1f:18:e5:ba:96:90:c3:6e:f6:ab:fa:f7:c1:5a:5b:84:40:77:ab:79:20Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mscoree
_CorDllMain
Sections
.text Size: 36KB - Virtual size: 34KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 888B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_2_/Newtonsoft.Json.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19/09/2018, 00:00Not After28/01/2028, 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28/07/2020, 00:00Not After18/03/2029, 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28/07/2020, 00:00Not After28/07/2030, 00:00SubjectCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7e:97:e8:0d:de:b3:d4:f1:7d:0e:c3:adCertificate
IssuerCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before31/05/2023, 09:51Not After31/05/2024, 09:51SubjectSERIALNUMBER=201835412C,CN=MUJOY PTE. LTD.,O=MUJOY PTE. LTD.,STREET=6 SHENTON WAY\, #37-03\, OUE DOWNTOWN,L=Singapore,ST=Singapore,C=SG,1.3.6.1.4.1.311.60.2.1.3=#13025347,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06/04/2022, 07:45Not After08/05/2033, 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20/06/2018, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10/12/2014, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
af:9b:2f:c8:3a:78:60:99:f0:31:1c:32:d5:4c:ee:f3:d9:c9:aa:de:cd:e3:51:20:bc:4e:ce:61:ae:38:1e:2bSigner
Actual PE Digestaf:9b:2f:c8:3a:78:60:99:f0:31:1c:32:d5:4c:ee:f3:d9:c9:aa:de:cd:e3:51:20:bc:4e:ce:61:ae:38:1e:2bDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
/_/Src/Newtonsoft.Json/obj/Release/net35/Newtonsoft.Json.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 466KB - Virtual size: 465KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$_2_/SharpCompress.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate
IssuerCN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BENot Before19/09/2018, 00:00Not After28/01/2028, 12:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSignNot Before28/07/2020, 00:00Not After18/03/2029, 00:00SubjectCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate
IssuerCN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BENot Before28/07/2020, 00:00Not After28/07/2030, 00:00SubjectCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7e:97:e8:0d:de:b3:d4:f1:7d:0e:c3:adCertificate
IssuerCN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BENot Before31/05/2023, 09:51Not After31/05/2024, 09:51SubjectSERIALNUMBER=201835412C,CN=MUJOY PTE. LTD.,O=MUJOY PTE. LTD.,STREET=6 SHENTON WAY\, #37-03\, OUE DOWNTOWN,L=Singapore,ST=Singapore,C=SG,1.3.6.1.4.1.311.60.2.1.3=#13025347,2.5.4.15=#131450726976617465204f7267616e697a6174696f6eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate
IssuerCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BENot Before06/04/2022, 07:45Not After08/05/2033, 07:45SubjectCN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BEExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before20/06/2018, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BEKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate
IssuerCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignNot Before10/12/2014, 00:00Not After10/12/2034, 00:00SubjectCN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSignKey Usages
KeyUsageCertSign
KeyUsageCRLSign
da:ba:4f:3c:d2:e9:4b:90:9e:95:27:7d:7a:5a:5c:5c:80:55:7f:09:b0:7d:b9:86:27:b5:66:38:70:5d:f8:0cSigner
Actual PE Digestda:ba:4f:3c:d2:e9:4b:90:9e:95:27:7d:7a:5a:5c:5c:80:55:7f:09:b0:7d:b9:86:27:b5:66:38:70:5d:f8:0cDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\projects\sharpcompress\src\SharpCompress\obj\Release\net35\SharpCompress.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 515KB - Virtual size: 514KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ