37d1716f58af3240933d8cc859299d1bb60d84ef18f3357d5d2a4bde00db9460

Sharing

Copy URL

Twitter E-mail

General

Target

37d1716f58af3240933d8cc859299d1bb60d84ef18f3357d5d2a4bde00db9460
Size

1006KB
MD5

9f4ab097994c577731065666f654d4c0
SHA1

7ce165410977be4579ff0da17629418fae62f3e6
SHA256

37d1716f58af3240933d8cc859299d1bb60d84ef18f3357d5d2a4bde00db9460
SHA512

545393923e853bc1856ee7a0d9e873cf1c4dfc7e26ed5b595b505192bd37941af8093cfbe28c484e5bc5688d38e542c71f6bebd6a8532a6f9de11c592cd551ba
SSDEEP

24576:nGInDRy4/+4jzsvo09eHmEG3g9ilMQ7f64U3Gm++FCT8:GcDx/+4vR00HnIg91Qe4UXzCw

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
37d1716f58af3240933d8cc859299d1bb60d84ef18f3357d5d2a4bde00db9460
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll

Files

37d1716f58af3240933d8cc859299d1bb60d84ef18f3357d5d2a4bde00db9460
.exe windows:4 windows x86 arch:x86

f4639a0b3116c2cfc71144b88a929cfd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW

ole32

CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

user32

MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor

kernel32

lstrcmpiA
CreateFileW
GetTempFileNameW
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
WriteFile
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
SetEnvironmentVariableW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

fe3375e7e4529b73ba45ab2246b9269b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
lstrlenW
GlobalAlloc
lstrcmpW
GetModuleHandleW
MulDiv
lstrcpyW
lstrcpynW

user32

SetWindowTextW
SetDlgItemTextW
SendDlgItemMessageW
EndDialog
DialogBoxParamW
LoadIconW
SendMessageW
ShowWindow
GetDC

gdi32

CreateFontIndirectW
GetDeviceCaps
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

509a34b3a68a773e0afb4259e68f9f82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-header.bmp
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

3b477381217c97b22146297f93df2a92

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcpyW
GetFileAttributesW
lstrcmpiW
MulDiv
lstrlenW
HeapFree
GetProcessHeap
GetCurrentDirectoryW
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
HeapAlloc
SetCurrentDirectoryW

user32

GetPropW
DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
RemovePropW
CharPrevW
GetWindowLongW
DrawTextW
GetWindowTextW
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
MapDialogRect
GetClientRect
CharNextW
SendMessageW
DrawFocusRect

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
README_de.txt
README_en.txt
README_es.txt
README_ja.txt
bin/DemoApp.bat
.bat .vbs
bin/InstallTestWrapper-NT.bat
.bat .vbs
bin/PauseTestWrapper-NT.bat
.bat .vbs
bin/QueryTestWrapper-NT.bat
.bat .vbs
bin/ResumeTestWrapper-NT.bat
.bat .vbs
bin/SetupTestWrapper.bat
.bat .vbs
bin/StartTestWrapper-NT.bat
.bat .vbs
bin/StopTestWrapper-NT.bat
.bat .vbs
bin/TeardownTestWrapper.bat
.bat .vbs
bin/TestWrapper.bat
.bat .vbs
bin/TestWrapperCommand.bat
.bat .vbs
bin/UninstallTestWrapper-NT.bat
.bat .vbs
bin/wrapper.exe
.exe windows:5 windows x86 arch:x86

1647e4f09051a9380f4f51b7774e518b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:a9:d0:55:d3:78:c3:cc:1e:73:07:f1:0a:c6:6d:60
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

20/02/2024, 00:00

Not After

19/02/2027, 23:59

Subject

SERIALNUMBER=0117-02-015715,CN=Tanuki Software\, Ltd.,O=Tanuki Software\, Ltd.,ST=Tokyo,C=JP,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024a50

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:a9:d0:55:d3:78:c3:cc:1e:73:07:f1:0a:c6:6d:60
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

20/02/2024, 00:00

Not After

19/02/2027, 23:59

Subject

SERIALNUMBER=0117-02-015715,CN=Tanuki Software\, Ltd.,O=Tanuki Software\, Ltd.,ST=Tokyo,C=JP,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024a50

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ef:56:0d:3d:d2:d5:20:5c:59:25:89:f6:80:a6:2c:a4:8a:b0:70:23:c4:2c:0a:e5:bc:71:e0:95:c5:e5:d4:42
Signer

Actual PE Digest

ef:56:0d:3d:d2:d5:20:5c:59:25:89:f6:80:a6:2c:a4:8a:b0:70:23:c4:2c:0a:e5:bc:71:e0:95:c5:e5:d4:42

Digest Algorithm

sha256

PE Digest Matches

true

94:a6:4c:22:9c:e9:a5:06:ad:e1:97:3d:10:bd:c2:22:d2:da:61:fd
Signer

Actual PE Digest

94:a6:4c:22:9c:e9:a5:06:ad:e1:97:3d:10:bd:c2:22:d2:da:61:fd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\jenkins-agent\workspace\wrapper\wrapper-32\wrapper_prerelease_3.5.59\src\c\wrapper32_VC8__Win32_Release\wrapper.pdb

Imports

mpr

WNetGetUniversalNameW

shell32

ShellExecuteExW

netapi32

NetApiBufferFree
NetWkstaGetInfo

wsock32

gethostname
ioctlsocket
htons
ntohs
recv
inet_ntoa
socket
closesocket
send
listen
accept
WSAStartup
WSAGetLastError
bind

ws2_32

getaddrinfo
getnameinfo
freeaddrinfo

shlwapi

PathFindOnPathW
PathIsDirectoryW

advapi32

ReportEventW
DeregisterEventSource
RegCreateKeyW
RegisterEventSourceW
LsaFreeMemory
RegSetValueExW
EnumServicesStatusExW
RegCloseKey
QueryServiceConfigW
ConvertSidToStringSidW
ControlService
RegisterServiceCtrlHandlerW
LsaNtStatusToWinError
RegOpenKeyExW
IsValidSid
RegEnumValueW
QueryServiceStatusEx
SetServiceStatus
LsaClose
QueryServiceStatus
StartServiceW
LookupAccountSidW
ChangeServiceConfig2W
LookupAccountNameW
RegDeleteKeyW
RegQueryInfoKeyW
OpenProcessToken
OpenSCManagerW
OpenServiceW
QueryServiceConfig2W
EqualSid
LookupPrivilegeValueW
AdjustTokenPrivileges
CreateServiceW
LsaRemoveAccountRights
CloseServiceHandle
LsaQueryInformationPolicy
IsWellKnownSid
DeleteService
StartServiceCtrlDispatcherW
LogonUserW
LsaOpenPolicy
LsaEnumerateAccountRights
GetTokenInformation
RegCreateKeyExW
LsaAddAccountRights
RegQueryValueExW

user32

FindWindowW
TranslateMessage
GetForegroundWindow
RegisterClassExW
GetWindowPlacement
SystemParametersInfoW
PeekMessageW
GetKeyState
CreateWindowExW
IsWindowVisible
UpdateWindow
DefWindowProcW
GetWindowThreadProcessId
DispatchMessageW
GetSystemMetrics
GetWindowRect
SetWindowPlacement
DestroyWindow
ShowWindow

crypt32

CertGetCertificateChain
CertCloseStore
CertFindCertificateInStore
CertFreeCertificateContext
CertFreeCertificateChain
CertGetNameStringW
CryptQueryObject
CryptDecodeObject
CryptMsgClose
CryptMsgGetParam

wintrust

WinVerifyTrust

psapi

GetModuleFileNameExW

ole32

CoUninitialize
CoInitialize

oleaut32

SysFreeString

activeds

ord3

kernel32

QueryPerformanceCounter
GetTickCount
LCMapStringA
GetStringTypeA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
RaiseException
CompareStringW
HeapSize
GetModuleHandleA
SetEndOfFile
GetProcessHeap
GetCommandLineW
SetHandleCount
LCMapStringW
GetDriveTypeA
GetCurrentDirectoryA
RtlUnwind
GetModuleFileNameA
HeapReAlloc
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
TlsFree
TlsSetValue
SetFilePointer
GetStringTypeW
SetEnvironmentVariableA
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetConsoleOutputCP
WriteConsoleA
CreateFileA
GetStartupInfoA
TlsAlloc
TlsGetValue
GetOEMCP
InterlockedIncrement
GetCPInfo
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
CompareStringA
GetConsoleMode
GetFullPathNameW
CreateMutexW
PeekNamedPipe
FreeLibrary
GetCurrentProcess
GetEnvironmentStringsW
WaitForSingleObject
ConnectNamedPipe
GetModuleHandleW
CreateNamedPipeW
WriteFile
OpenProcess
WideCharToMultiByte
LoadLibraryW
GetLocaleInfoW
GetVersionExW
SetConsoleMode
TerminateProcess
ReadFile
GetACP
MultiByteToWideChar
GetStdHandle
GetLastError
SetLastError
GetThreadLocale
GetProcAddress
Process32FirstW
GetSystemInfo
Process32NextW
SetConsoleTitleW
FreeEnvironmentStringsW
CreateToolhelp32Snapshot
ReleaseMutex
CloseHandle
GetEnvironmentVariableW
lstrcmpA
SetPriorityClass
GetDriveTypeW
AllocConsole
CreateProcessW
GenerateConsoleCtrlEvent
Sleep
GetConsoleWindow
FormatMessageW
GetExitCodeProcess
FileTimeToSystemTime
GetModuleFileNameW
CreateFileW
GetStartupInfoW
FlushFileBuffers
GetCurrentDirectoryW
GetLongPathNameW
GetLocalTime
ProcessIdToSessionId
LocalAlloc
SetConsoleCtrlHandler
CreatePipe
GetCurrentThreadId
DuplicateHandle
FileTimeToLocalFileTime
GetCurrentProcessId
LocalFree
lstrcpyW
CreateThread
ExpandEnvironmentStringsW
WriteConsoleW
lstrlenW
IsValidCodePage
HeapFree
HeapAlloc
FindClose
FindFirstFileW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetTimeZoneInformation
GetSystemTimeAsFileTime
DeleteFileW
GetConsoleCP
ReadConsoleInputA
ReadConsoleInputW
EnterCriticalSection
LeaveCriticalSection
SetStdHandle
GetFileType
InterlockedDecrement
ExitProcess
MoveFileW
FindNextFileW

Sections

.text
Size: 319KB - Virtual size: 319KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
conf/demoapp.conf
conf/wrapper.conf
doc/index.html
.html
doc/revisions.txt
doc/wrapper-community-license-1.3.txt
lib/wrapper.dll
.dll windows:5 windows x86 arch:x86

1b54fa51c169b2fcd58821f2bd9b6b24

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:a9:d0:55:d3:78:c3:cc:1e:73:07:f1:0a:c6:6d:60
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

20/02/2024, 00:00

Not After

19/02/2027, 23:59

Subject

SERIALNUMBER=0117-02-015715,CN=Tanuki Software\, Ltd.,O=Tanuki Software\, Ltd.,ST=Tokyo,C=JP,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024a50

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25/05/2021, 00:00

Not After

31/12/2028, 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22/03/2021, 00:00

Not After

21/03/2036, 23:59

Subject

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:a9:d0:55:d3:78:c3:cc:1e:73:07:f1:0a:c6:6d:60
Certificate

Issuer

CN=Sectigo Public Code Signing CA EV R36,O=Sectigo Limited,C=GB

Not Before

20/02/2024, 00:00

Not After

19/02/2027, 23:59

Subject

SERIALNUMBER=0117-02-015715,CN=Tanuki Software\, Ltd.,O=Tanuki Software\, Ltd.,ST=Tokyo,C=JP,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024a50

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/05/2023, 00:00

Not After

02/08/2034, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

53:78:7c:20:8f:5b:ea:2b:72:39:f4:74:9f:67:bb:f1:d8:7c:7d:e5:af:99:bb:f4:ff:3f:cb:9e:8d:90:0c:38
Signer

Actual PE Digest

53:78:7c:20:8f:5b:ea:2b:72:39:f4:74:9f:67:bb:f1:d8:7c:7d:e5:af:99:bb:f4:ff:3f:cb:9e:8d:90:0c:38

Digest Algorithm

sha256

PE Digest Matches

true

67:97:17:60:f1:93:77:d8:41:fc:f1:17:d7:de:98:51:51:8c:71:9b
Signer

Actual PE Digest

67:97:17:60:f1:93:77:d8:41:fc:f1:17:d7:de:98:51:51:8c:71:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\jenkins-agent\workspace\wrapper\wrapper-32\wrapper_prerelease_3.5.59\src\c\wrapperJNI32_VC8__Win32_Release\wrapper.pdb

Imports

wsock32

inet_addr
ntohs
WSAGetLastError

advapi32

EnumServicesStatusW
ControlService
OpenServiceW
RegCloseKey
RegEnumKeyExW
RegOpenKeyW
LookupAccountSidW
ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
CloseServiceHandle
QueryServiceStatus
OpenSCManagerW
GetServiceDisplayNameW
StartServiceW

user32

MonitorFromPoint
GetThreadDesktop

iphlpapi

GetTcpTable

kernel32

CompareStringW
CreateFileA
GetLocaleInfoW
HeapSize
SetEnvironmentVariableA
TerminateProcess
CompareStringA
GetLastError
MultiByteToWideChar
GetACP
WideCharToMultiByte
WaitForSingleObject
ReleaseMutex
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
FileTimeToSystemTime
LocalFree
FormatMessageW
CloseHandle
OpenProcess
GetProcAddress
GetModuleHandleW
GetCurrentProcessId
SetConsoleCtrlHandler
CreateMutexW
GetVersionExW
AddVectoredExceptionHandler
SetProcessShutdownParameters
GetProcessShutdownParameters
GetModuleFileNameW
SetLastError
RaiseException
GenerateConsoleCtrlEvent
SetConsoleTitleW
LoadLibraryW
Sleep
lstrlenW
HeapAlloc
HeapFree
InterlockedDecrement
DuplicateHandle
GetCurrentProcess
GetFileType
CreateFileW
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DeleteCriticalSection
FatalAppExitA
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetCPInfo
InterlockedIncrement
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetStdHandle
SetHandleCount
GetStartupInfoA
SetFilePointer
SetEndOfFile
GetProcessHeap
ReadFile
InterlockedExchange
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
RtlUnwind
InitializeCriticalSectionAndSpinCount
FreeLibrary
LoadLibraryA
LCMapStringA
GetStringTypeA
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW

Exports

Exports

_Java_org_tanukisoftware_wrapper_WrapperManager_accessViolationInner@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeDispose@12
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeExec@24
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeGetControlEvent@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeGetDpiAwareness@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeGetDpiScale@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeGetInteractiveUser@12
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeGetJavaPID@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeGetLibraryVersion@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeGetPortStatus@20
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeGetUser@12
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeInit@12
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeIsProfessionalEdition@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeIsStandardEdition@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeListServices@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeLoadWrapperProperties@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeRaiseExceptionInner@12
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeRaiseFailFastExceptionInner@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeRedirectPipes@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeRequestThreadDump@8
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeSendServiceControlCode@16
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeSetConsoleTitle@12
_Java_org_tanukisoftware_wrapper_WrapperManager_nativeSetDpiAwareness@12

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lib/wrapper.jar
.jar
lib/wrapperdemo.jar
.jar
lib/wrappertest.jar
.jar
src/bin/App.bat.in
.vbs
src/bin/AppCommand.bat.in
.vbs
src/bin/AppNoWrapper.bat.in
src/bin/AppTemplate.bat.in
.vbs
src/bin/AppTemplatePassThrough.bat.in
.vbs
src/bin/InstallApp-NT.bat.in
.vbs
src/bin/PauseApp-NT.bat.in
.vbs
src/bin/QueryApp-NT.bat.in
.vbs
src/bin/ResumeApp-NT.bat.in
.vbs
src/bin/SetupApp.bat.in
.vbs
src/bin/StartApp-NT.bat.in
.vbs
src/bin/StopApp-NT.bat.in
.vbs
src/bin/TeardownApp.bat.in
.vbs
src/bin/UninstallApp-NT.bat.in
.vbs
src/conf/wrapper.conf.in

Sharing

General

Malware Config

Signatures

Files

f4639a0b3116c2cfc71144b88a929cfd

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 3.6MB

.ndata Size: - Virtual size: 144KB

.rsrc Size: 50KB - Virtual size: 49KB

fe3375e7e4529b73ba45ab2246b9269b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 681B

.data Size: 512B - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 352B

.reloc Size: 512B - Virtual size: 352B

509a34b3a68a773e0afb4259e68f9f82

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 120B

.reloc Size: 1024B - Virtual size: 662B

3b477381217c97b22146297f93df2a92

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 638B

1647e4f09051a9380f4f51b7774e518b

Code Sign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16Certificate

Extended Key Usages

Key Usages

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6eCertificate

Extended Key Usages

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 3.6MB

.ndata
Size: - Virtual size: 144KB

.rsrc
Size: 50KB - Virtual size: 49KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 681B

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 352B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 662B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 638B

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

0c:a9:d0:55:d3:78:c3:cc:1e:73:07:f1:0a:c6:6d:60
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

0c:a9:d0:55:d3:78:c3:cc:1e:73:07:f1:0a:c6:6d:60
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

ef:56:0d:3d:d2:d5:20:5c:59:25:89:f6:80:a6:2c:a4:8a:b0:70:23:c4:2c:0a:e5:bc:71:e0:95:c5:e5:d4:42
Signer

94:a6:4c:22:9c:e9:a5:06:ad:e1:97:3d:10:bd:c2:22:d2:da:61:fd
Signer

.text
Size: 319KB - Virtual size: 319KB

.rdata
Size: 181KB - Virtual size: 181KB

.data
Size: 6KB - Virtual size: 172KB

.rsrc
Size: 28KB - Virtual size: 27KB

.reloc
Size: 23KB - Virtual size: 22KB

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

33:d7:08:a8:91:40:53:19:e2:a5:bb:d3:39:b9:ad:6e
Certificate

0c:a9:d0:55:d3:78:c3:cc:1e:73:07:f1:0a:c6:6d:60
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4
Certificate