fnac-fur-legacy-demo[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

fnac-fur-legacy-demo.zip
Size

13.0MB
MD5

c93294002e3f3728aa5be4bb9e19192e
SHA1

1442969893c2cf1fbee2cd38bf29f6e908dc684e
SHA256

b84a0947e48ef2459b0adeb4c7f194c07193ffbd019bdc520ffda85424198b87
SHA512

8f019af28a04231f9daac96fa9e555721fbd25854723d582ed75261f7b39950ae6a3f4ae50abf91e666ae11f35258859e5196dcd8c6a70a25d87cbba3b1f984a
SSDEEP

393216:uqfBgzoLUvKJrNpizSDCqR8gSG+qdVGm+4:hJdUyiTW8gSVMV+4

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
unpack001/FNAC FUR Legacy Demo.exe
unpack001/Modules/INI++15.mfx
unpack001/Modules/Joystick2.mfx
unpack001/Modules/KcArray.mfx
unpack001/Modules/Layer.mfx
unpack001/Modules/Platform.mfx
unpack001/Modules/kcfile.mfx
unpack001/Modules/kcini.mfx
unpack001/Modules/kcwctrl.mfx
unpack001/Modules/oggflt.sft
unpack001/Modules/parser.mfx
unpack001/Modules/txtblt.mfx
unpack001/Modules/ultimatefullscreen.mfx
unpack001/Modules/waveflt.sft

Files

fnac-fur-legacy-demo.zip
.zip
FNAC FUR Legacy Demo.dat
FNAC FUR Legacy Demo.exe
.exe windows:5 windows x86 arch:x86

1c4661ad7d3fc8350c55edf0f712d992

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

winmm

timeBeginPeriod
joyGetDevCapsW
joyGetPosEx
timeEndPeriod

kernel32

WideCharToMultiByte
GlobalAddAtomW
GlobalDeleteAtom
lstrlenW
GetCommandLineW
GetExitCodeProcess
GlobalAlloc
GlobalLock
GlobalUnlock
SetErrorMode
GetCurrentDirectoryW
GlobalFree
LoadLibraryW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindNextFileA
FindFirstFileExA
DecodePointer
GetFileType
GetProcessHeap
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
IsValidCodePage
GetStringTypeW
GetCPInfo
HeapFree
HeapReAlloc
HeapAlloc
GetStdHandle
MultiByteToWideChar
GetModuleHandleExW
ExitProcess
SetEnvironmentVariableW
DeleteFileW
HeapSize
GetACP
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RtlUnwind
InitializeSListHead
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryExA
GetModuleHandleW
VirtualQuery
VirtualProtect
GetSystemInfo
RaiseException
SetCurrentDirectoryW
FindNextFileW
CreateMutexW
WriteFile
GetModuleFileNameW
Sleep
ReleaseMutex
WaitForSingleObject
FindClose
FindFirstFileW
CloseHandle
SetFilePointer
GetLastError
ReadFile
CreateFileW
CreateDirectoryW
GetTempFileNameW
GetTempPathW
WriteConsoleW
RemoveDirectoryW
GetVersionExW
GetLocaleInfoW
FreeLibrary
GetProcAddress
LoadLibraryExW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
GetModuleFileNameA

user32

OffsetRect
DestroyWindow
PostQuitMessage
DrawTextW
FillRect
GetUpdateRect
DefMDIChildProcW
EndPaint
BeginPaint
InflateRect
GetClassNameW
GetDlgItemTextW
SendDlgItemMessageW
EndDialog
GetDlgItem
SetDlgItemTextW
DrawEdge
MapVirtualKeyW
GetInputState
DrawMenuBar
SetMenuInfo
DestroyMenu
LoadMenuIndirectW
GetMenuItemCount
SetWindowPlacement
GetWindowPlacement
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
GetDesktopWindow
GetSystemMenu
UpdateWindow
GetWindow
RegisterClassW
GetTabbedTextExtentW
ModifyMenuW
GetMenuStringW
DialogBoxIndirectParamW
GetMenuItemID
RegisterClassExW
LoadImageW
LoadIconW
GetMonitorInfoW
MonitorFromWindow
GetSystemMetrics
RedrawWindow
IsIconic
IsDialogMessageW
SetTimer
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsClipboardFormatAvailable
CheckMenuItem
EnableMenuItem
GetMenu
PtInRect
PostMessageW
InvalidateRect
SetFocus
GetFocus
CallWindowProcW
RemovePropW
SetPropW
SetWindowLongW
GetPropW
MessageBoxW
GetParent
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
GetKeyState
GetWindowRect
GetWindowDC
SetCursorPos
ClientToScreen
ScreenToClient
GetCursorPos
LoadStringW
MapWindowPoints
SetWindowPos
IsZoomed
GetWindowLongW
AdjustWindowRectEx
SendMessageW
LockWindowUpdate
ShowWindow
IsWindowVisible
GetClientRect
SetWindowTextW
wsprintfW
IntersectRect
KillTimer
DestroyIcon
GetSubMenu
DeleteMenu
GetMenuState
LoadCursorW
SetCursor
SystemParametersInfoW
GetSysColor
ReleaseDC
CreateIconIndirect
GetDC
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
TranslateMDISysAccel
GetMessageW
PeekMessageW
DialogBoxParamW

gdi32

CreatePalette
SelectPalette
RealizePalette
EnumFontFamiliesExW
GetStockObject
SelectObject
GetTextExtentPointW
GetDeviceCaps
GetObjectW
CreateFontIndirectW
DeleteObject
CreatePen
Rectangle
LineTo
SetBkColor
ExtTextOutW
SetTextColor
SetBkMode
CreateRectRgn
GetClipRgn
ExcludeClipRect
SelectClipRgn
SetDIBits
CreateCompatibleBitmap
CreateSolidBrush
CreateBitmap

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

DragFinish
DragQueryFileW
ShellExecuteExW
DragAcceptFiles

Exports

Exports

AmdPowerXpressRequestHighPerformance
NvOptimusEnablement

Sections

.text
Size: 521KB - Virtual size: 520KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 289KB - Virtual size: 289KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/INI++15.mfx
.dll windows:6 windows x86 arch:x86

d9855e84ec4e71e34af0a1b3f2202c26

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
WideCharToMultiByte
WriteConsoleW
HeapSize
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
LocalFree
FormatMessageA
GetLocaleInfoEx
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileW
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
CloseHandle
GetLastError
GetFileInformationByHandleEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
InitializeCriticalSectionAndSpinCount
CreateEventW
GetModuleHandleW
GetProcAddress
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
InterlockedFlushSList
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetFileSizeEx
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
HeapFree
HeapAlloc
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
ReadConsoleW
HeapReAlloc
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW

user32

MessageBoxW

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

Exports

Exports

ContinueRunObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EndApp
GetInfos
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
LoadRunObject
PauseRunObject
SaveRunObject
StartApp

Sections

.text
Size: 269KB - Virtual size: 269KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/Joystick2.mfx
.dll windows:5 windows x86 arch:x86

965802a583fc194a26103532a3bda4e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
GetTickCount
GlobalUnlock
GlobalLock
GlobalAlloc
FreeLibrary
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
FlushFileBuffers
GetModuleHandleA
GetConsoleMode
GetConsoleCP
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
RtlUnwind
GetCurrentThreadId
GetCommandLineA
HeapAlloc
GetLastError
HeapFree
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
HeapSize
InitializeCriticalSectionAndSpinCount
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
ReadFile
SetFilePointer
SetStdHandle
CreateFileA

ole32

CoCreateInstance
CoSetProxyBlanket
CoUninitialize
CoInitialize

oleaut32

SysAllocString
SysFreeString

dinput8

DirectInput8Create

winmm

joyGetDevCapsA

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
LoadRunObject
PauseRunObject
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SaveRunObject
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/KcArray.mfx
.dll windows:4 windows x86 arch:x86

a7d556053df634a00ad13e2084d0f66e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
CloseHandle
CreateFileW
WriteFile
MultiByteToWideChar

user32

LoadStringW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

mmfs2

ord333
ord255
ord536
ord688
ord1152
ord1148
ord1150
ord1039
ord496
ord458
ord472
ord403
ord337
ord713
ord524
ord558
ord674
ord672
ord676
ord668
ord666
ord670
ord673
ord667
ord671
ord675
ord665
ord669
ord662
ord657
ord658
ord398
ord430
ord362
ord423
ord1140
ord1144
ord245
ord274
ord281

msvcrt

??2@YAPAXI@Z
_adjust_fdiv
_initterm
calloc
free
wcscpy
malloc
wcslen
??3@YAXPAX@Z
_wcsdup
_wcsicmp
wcsncpy

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditDebugItem
EndApp
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetPropCheck
SetPropValue
StartApp
UpdateEditStructure

Sections

.text
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/Layer.mfx
.dll windows:5 windows x86 arch:x86

d82a75f35f09c2900baf6b3b35d9f046

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord1036
ord1048
ord945
ord76

kernel32

WriteFile
CloseHandle
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
HeapAlloc
HeapFree
GetACP
GetStdHandle
GetFileType
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
DecodePointer
WriteConsoleW

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
Initialize
PauseRunObject
SelectPopup
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UpdateEditStructure

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/Platform.mfx
.dll windows:4 windows x86 arch:x86

7ac92effb48eb06ce8ecfd6dc13ef282

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

free
_initterm
malloc
_adjust_fdiv
atoi

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditObject
EditorDisplay
EnumElts
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
Initialize
IsTransparent
LoadObject
MakeIcon
PauseRunObject
PrepareToWriteObject
PutObject
RemoveObject
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/kcclock.mfx
.dll windows:5 windows x86 arch:x86

a550e10ba3801239c3310ccaf1727864

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/11/2020, 00:00

Not After

08/01/2023, 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

46:68:e0:27:8e:bf:41:a0:90:9e:2d:f7:69:d7:1b:62:dd:92:f0:f7
Signer

Actual PE Digest

46:68:e0:27:8e:bf:41:a0:90:9e:2d:f7:69:d7:1b:62:dd:92:f0:f7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord29
ord30
ord28
ord1081
ord48
ord1063
ord1062
ord50
ord78
ord179
ord27
ord1072
ord1068
ord39
ord176
ord37
ord45

kernel32

SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GlobalAlloc
GlobalLock
GlobalFree
WriteFile
ReadFile
GetLocalTime
SetLocalTime
GetProfileStringW
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
CloseHandle
WriteConsoleW
DecodePointer
GlobalUnlock
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
CreateFileW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
LCMapStringW
HeapAlloc
HeapFree
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW

user32

SendMessageW
LoadStringW
wsprintfW

gdi32

GetTextExtentPointW
GetStockObject
Ellipse
DeleteObject
CreatePen
SelectObject

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditProp
EditorDisplay
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetImageInfosRunObject
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectFont
GetRunObjectInfos
GetRunObjectTextColor
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetEditSize
SetPropCheck
SetPropValue
SetRunObjectFont
SetRunObjectTextColor
SetTextClr
SetTextFont
UpdateEditStructure
WToA

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/kcfile.mfx
.dll windows:5 windows x86 arch:x86

24a4c462ef36770e86c586341f070bd8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

mmfs2

ord433
ord432
ord422
ord419
ord1033
ord425

kernel32

SetEndOfFile
HeapReAlloc
HeapSize
GetTimeZoneInformation
WriteConsoleW
SetFilePointerEx
WriteFile
ReadFile
SetErrorMode
CloseHandle
GetDriveTypeW
GetSystemDirectoryW
GetTempPathW
GetTempFileNameW
GetWindowsDirectoryW
CreateFileW
GetVolumeInformationW
WideCharToMultiByte
FlushFileBuffers
GetStringTypeW
GetProcessHeap
GetLogicalDriveStringsW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
DecodePointer
RaiseException
GetFullPathNameW
DeleteFileW
GetFileAttributesExW
MoveFileExW
SetEnvironmentVariableA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
RemoveDirectoryW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
HeapAlloc
HeapFree
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
CompareStringW
LCMapStringW
SetStdHandle
GetStdHandle
FindClose
FindFirstFileExA
FindNextFileA

user32

wsprintfW
SendMessageW

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHBrowseForFolderW
SHGetMalloc

ole32

CoUninitialize
CoInitialize

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
UpdateEditStructure

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/kcini.mfx
.dll windows:5 windows x86 arch:x86

e2787d9a548bd0a3d6305062f94cc683

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
WriteFile
ReadFile
FindClose
OpenFile
GetPrivateProfileStringA
GetPrivateProfileStringW
WritePrivateProfileStringA
WritePrivateProfileStringW
GetWindowsDirectoryW
SetCurrentDirectoryW
GetCurrentDirectoryW
FindFirstFileW
CopyFileW
GetVersionExW
MultiByteToWideChar
WideCharToMultiByte
DecodePointer
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
GetFileType
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
SetEnvironmentVariableW
CreateDirectoryW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapAlloc
HeapFree
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStdHandle
CreateFileW

user32

wsprintfW

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditDebugItem
EditObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetPropCheck
GetPropValue
GetProperties
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
Initialize
IsPropEnabled
LoadRunObject
PauseRunObject
ReInitRunObject
SaveRunObject
SetPropCheck
SetPropValue
UpdateEditStructure
UpdateFileNames
UsesFile
WToA

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/kcwctrl.mfx
.dll windows:5 windows x86 arch:x86

92322080accb4919c9d313df6d7159b4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord19
ord101
ord102
ord103
ord16
ord32
ord173
ord174
ord372
ord610
ord493
ord341
ord417
ord342
ord445
ord361
ord1000
ord982
ord63

user32

GetActiveWindow
SetFocus
IsZoomed
IsIconic
GetSystemMetrics
SetWindowPos
FlashWindow
ShowWindow
IsWindow
SendMessageW
GetFocus
GetDC
ReleaseDC
InvalidateRect
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
GetClientRect
GetWindowRect
AdjustWindowRect
ScreenToClient
MapWindowPoints
GetWindowLongW
GetParent
SetParent
FindWindowW
MonitorFromWindow
GetMonitorInfoW
IsWindowVisible

gdi32

GetDeviceCaps

kernel32

DecodePointer
WriteConsoleW
CloseHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
SetStdHandle
HeapReAlloc
HeapSize
GetStringTypeW
GetFileType
GetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
CreateFileW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
HeapFree
HeapAlloc
LCMapStringW
WideCharToMultiByte
MultiByteToWideChar
GetEnvironmentStringsW
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
InterlockedFlushSList
RtlUnwind
GetModuleFileNameA
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RaiseException
ExitProcess
GetModuleHandleExW

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
PauseRunObject
ReInitRunObject
WindowProc

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/mmf2d3d11.dll
.dll windows:6 windows x86 arch:x86

f202759cfe800e40c17c5513b9dbe690

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:44:a1:db:15:21:35:40:ff:50:83:0f:00:86:1a:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

05/02/2023, 00:00

Not After

11/02/2025, 23:59

Subject

CN=Clickteam SAS,O=Clickteam SAS,L=Boulogne Billancourt,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9a:5c:7d:e0:55:03:cc:27:c8:81:ec:16:a8:56:b0:00:bf:bb:00:d5
Signer

Actual PE Digest

9a:5c:7d:e0:55:03:cc:27:c8:81:ec:16:a8:56:b0:00:bf:bb:00:d5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord1121
ord751
ord624
ord397
ord395
ord919
ord871
ord960
ord936
ord857
ord971
ord904
ord903
ord935
ord908
ord862
ord396
ord946
ord845
ord869
ord1110
ord836
ord838
ord925
ord855
ord912
ord394
ord949
ord889
ord863
ord918
ord879
ord930
ord854
ord915
ord922
ord941
ord924
ord968
ord977
ord987
ord1002
ord928
ord1005
ord1001
ord1015
ord1013
ord1018
ord853
ord921
ord992
ord852
ord993
ord965
ord851
ord961
ord1138
ord860
ord931
ord995
ord978
ord1107
ord1100
ord1137
ord1103
ord1102
ord1112
ord1111
ord868
ord1090
ord966
ord1095
ord873
ord973
ord969
ord947
ord872
ord943
ord1136
ord1109
ord861
ord907
ord962
ord888
ord902
ord887
ord890
ord891
ord892
ord952
ord951
ord950
ord932
ord933
ord934
ord917
ord920
ord939
ord940
ord886
ord938
ord937
ord926
ord874
ord850
ord899
ord898
ord956
ord955
ord699
ord697
ord375
ord610
ord372
ord286
ord264
ord172
ord981
ord870
ord846
ord906
ord877
ord568
ord844
ord1104

d3d11

D3D11CreateDevice

kernel32

DecodePointer
GetStringTypeW
GetFileSizeEx
SetStdHandle
GetConsoleCP
WriteFile
FlushFileBuffers
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetConsoleMode
SetFilePointerEx
HeapSize
GetFileType
GetStdHandle
LCMapStringW
HeapFree
HeapAlloc
HeapReAlloc
GetModuleHandleExW
ExitProcess
RaiseException
RtlUnwind
LoadLibraryW
CreateTimerQueue
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
DuplicateHandle
WriteConsoleW
VirtualProtect
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibraryAndExitThread
FreeLibrary
GetThreadTimes
GetCurrentThread
EncodePointer
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
CreateThread
SignalObjectAndWait
Sleep
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
SetEvent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
GetTickCount
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
InitializeCriticalSectionAndSpinCount
SetLastError
QueryPerformanceCounter
TryEnterCriticalSection
GetLastError
CloseHandle
CreateFileW
VirtualFree
EnterCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection

user32

OffsetRect
ShowWindow
SetWindowPos
GetWindowRect
GetWindowLongW
GetClientRect
GetParent
SetWindowLongW

gdi32

GetObjectW

Exports

Exports

SEFree
SEFunction
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/mmf2d3d8.dll
.dll windows:5 windows x86 arch:x86

64b0686318eee36fb6b5e0aeeba27718

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/11/2020, 00:00

Not After

08/01/2023, 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fb:80:97:cd:2c:62:ef:b6:15:81:d8:a9:14:ce:d6:f1:9c:dc:58:58
Signer

Actual PE Digest

fb:80:97:cd:2c:62:ef:b6:15:81:d8:a9:14:ce:d6:f1:9c:dc:58:58

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord397
ord395
ord751
ord568
ord610
ord286
ord264
ord1112
ord1111
ord1110
ord971
ord969
ord978
ord1095
ord966
ord965
ord1018
ord962
ord961
ord1138
ord960
ord1107
ord956
ord955
ord952
ord951
ord950
ord949
ord977
ord947
ord946
ord903
ord943
ord941
ord940
ord1001
ord396
ord836
ord838
ord925
ord844
ord924
ord968
ord855
ord394
ord981
ord1137
ord1100
ord845
ord846
ord850
ord851
ord852
ord939
ord938
ord937
ord936
ord935
ord1005
ord934
ord1103
ord933
ord932
ord1002
ord931
ord930
ord1109
ord928
ord624
ord926
ord922
ord921
ord920
ord919
ord918
ord1102
ord917
ord995
ord915
ord912
ord993
ord992
ord908
ord907
ord906
ord987
ord904
ord1015
ord902
ord899
ord898
ord892
ord891
ord890
ord889
ord888
ord887
ord886
ord879
ord877
ord1013
ord874
ord973
ord873
ord872
ord871
ord870
ord869
ord1090
ord868
ord1136
ord863
ord862
ord861
ord860
ord857
ord854
ord853

d3d8

Direct3DCreate8

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
DecodePointer
GetStringTypeW
HeapAlloc
GetACP
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
IsProcessorFeaturePresent
WriteFile
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetProcessHeap
HeapFree
CloseHandle
GetVersionExA
CreateFileW
GetLastError
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
MultiByteToWideChar
Sleep

user32

DrawTextW
DrawTextA
GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
GetParent
SetWindowLongA
GetWindowLongA
OffsetRect
ShowWindow
ReleaseDC
GetDC
DrawTextExW
GetSystemMetrics
SetWindowPos
GetWindowRect

gdi32

SetBkColor
DeleteDC
CreateDIBSection
CreateCompatibleDC
CreateFontIndirectA
DeleteObject
SetBkMode
SetTextColor
SelectObject
GetObjectA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

SEFree
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 313KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/mmf2d3d9.dll
.dll windows:5 windows x86 arch:x86

180c83ab59795576d7f7665df0409410

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/11/2020, 00:00

Not After

08/01/2023, 23:59

Subject

CN=Clickteam SARL,O=Clickteam SARL,L=Boulogne Billancourt,ST=Ile de France,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d5:63:e3:05:16:c5:02:56:ce:72:6c:97:3e:4e:65:0c:5a:21:38:2f
Signer

Actual PE Digest

d5:63:e3:05:16:c5:02:56:ce:72:6c:97:3e:4e:65:0c:5a:21:38:2f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord397
ord395
ord751
ord568
ord610
ord286
ord264
ord1112
ord1111
ord1110
ord971
ord969
ord978
ord1095
ord966
ord965
ord1018
ord926
ord396
ord836
ord838
ord925
ord844
ord924
ord968
ord855
ord394
ord981
ord1137
ord1100
ord845
ord846
ord850
ord851
ord962
ord961
ord1138
ord960
ord1107
ord956
ord955
ord952
ord951
ord950
ord949
ord977
ord947
ord946
ord903
ord943
ord941
ord940
ord939
ord938
ord937
ord936
ord935
ord1005
ord934
ord1103
ord933
ord932
ord1002
ord931
ord930
ord1109
ord928
ord1001
ord624
ord922
ord921
ord920
ord919
ord918
ord1102
ord917
ord995
ord915
ord912
ord993
ord992
ord908
ord907
ord906
ord987
ord904
ord1015
ord902
ord899
ord898
ord892
ord891
ord890
ord889
ord888
ord887
ord886
ord879
ord877
ord1013
ord874
ord973
ord873
ord872
ord871
ord870
ord869
ord1090
ord868
ord1136
ord863
ord862
ord861
ord860
ord857
ord854
ord853
ord852

d3d9

Direct3DCreate9

kernel32

GetConsoleMode
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
DecodePointer
GetStringTypeW
GetACP
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
GetStdHandle
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
VirtualQuery
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetFileType
GetConsoleCP
FindClose
SetFilePointerEx
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
FlushFileBuffers
WriteConsoleW
HeapSize
HeapReAlloc
FreeLibrary
GetFullPathNameA
HeapFree
GetProcessHeap
HeapAlloc
lstrcmpiA
WriteFile
OutputDebugStringA
UnmapViewOfFile
CloseHandle
CreateFileW
CreateFileA
CreateFileMappingA
GetFileSize
MapViewOfFile
Sleep
MultiByteToWideChar
GetCurrentThreadId
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetVersionExA
WideCharToMultiByte
GetSystemInfo
IsProcessorFeaturePresent
LoadLibraryA
GetModuleHandleA
GetProcAddress
VirtualFree
VirtualAlloc
InterlockedExchange
InterlockedCompareExchange
GetLastError

user32

GetMonitorInfoA
MonitorFromWindow
SystemParametersInfoA
GetParent
SetWindowLongA
GetWindowLongA
OffsetRect
GetWindowRect
ShowWindow
GetDC
GetTabbedTextExtentW
DrawTextExW
GetSystemMetrics
SetWindowPos
ReleaseDC

gdi32

CreateDIBSection
DeleteDC
DeleteObject
GetCharacterPlacementA
GetCharacterPlacementW
SetTextColor
SetBkColor
SetBkMode
GetGlyphOutlineA
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
GetTextMetricsA
GetObjectW
GetTextMetricsW
SelectObject
GetObjectA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

Exports

Exports

SEFree
SEGetSIPrototype
SEInitialize

Sections

.text
Size: 877KB - Virtual size: 876KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/mmfs2.dll
.dll windows:5 windows x86 arch:x86

fb76a0ebed426f70a384439c25a3c837

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

08:44:a1:db:15:21:35:40:ff:50:83:0f:00:86:1a:f6
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

05/02/2023, 00:00

Not After

11/02/2025, 23:59

Subject

CN=Clickteam SAS,O=Clickteam SAS,L=Boulogne Billancourt,C=FR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bf:e3:ab:6d:70:47:a9:85:28:35:06:1e:41:52:b0:f8:38:c5:e4:a0
Signer

Actual PE Digest

bf:e3:ab:6d:70:47:a9:85:28:35:06:1e:41:52:b0:f8:38:c5:e4:a0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

timeSetEvent
timeGetTime
mciSendCommandW
mciSendCommandA
timeKillEvent

ddraw

DirectDrawCreate

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindFirstFileExA
LCMapStringW
DecodePointer
GetProcessHeap
HeapReAlloc
GetACP
GetStdHandle
HeapAlloc
GetModuleHandleExW
ExitProcess
HeapCompact
HeapSize
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetFileType
GetStringTypeW
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetVersion
InterlockedExchange
LocalFree
LocalAlloc
WriteConsoleW
SetErrorMode
GetCurrentProcessId
FindResourceA
GetSystemInfo
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetCurrentThreadId
FreeResource
CreateFileW
CreateFileA
CloseHandle
SetFilePointerEx
SetFilePointer
ReadFile
WriteFile
GetLastError
GetVersionExW
FindNextFileW
FindNextFileA
FindFirstFileW
FindFirstFileA
LoadLibraryW
LoadLibraryA
FindClose
GetProcAddress
FreeLibrary
GetVersionExA
FindResourceW
LoadResource
LockResource
Sleep
GetModuleFileNameA
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
WideCharToMultiByte
MultiByteToWideChar
HeapFree

user32

GetWindow
SetActiveWindow
RegisterClassExA
RegisterClassA
PeekMessageA
DispatchMessageA
TranslateMessage
ChangeDisplaySettingsA
ClientToScreen
GetClassNameA
GetWindowDC
CreateIconIndirect
IntersectRect
DrawTextExW
DrawTextExA
SetRect
LoadStringW
LoadStringA
SetDlgItemTextW
GetWindowLongA
GetSysColor
ScreenToClient
MessageBoxW
InvalidateRect
SetDlgItemTextA
SetDlgItemInt
GetDlgItem
ShowWindow
DrawEdge
wsprintfW
CopyRect
DrawFocusRect
SendMessageW
DefMDIChildProcW
DefMDIChildProcA
DefFrameProcW
DefFrameProcA
GetClassNameW
GetParent
FillRect
EndPaint
BeginPaint
IsIconic
DefWindowProcW
DefWindowProcA
EnumDisplaySettingsA
LoadCursorA
SetWindowLongW
SetWindowLongA
SetCursor
AdjustWindowRectEx
GetWindowRect
GetClientRect
ReleaseDC
GetDC
SetMenu
GetSystemMetrics
GetKeyboardState
SetWindowPos
DestroyWindow
CreateWindowExW
CreateWindowExA
SendMessageA

gdi32

BitBlt
SetDIBits
SelectClipRgn
IntersectClipRect
GetDIBits
GetClipRgn
DeleteDC
CreateRectRgn
CreateCompatibleDC
CreateCompatibleBitmap
CreateBitmap
ExtTextOutW
ExtTextOutA
GetObjectW
GetObjectA
SetTextAlign
SetTextColor
GetTextAlign
CreateFontIndirectW
StretchBlt
RealizePalette
GetPaletteEntries
CreatePalette
GdiFlush
Polyline
SetROP2
SetBkMode
SetBkColor
SelectObject
Rectangle
GetClipBox
SetPixel
SelectPalette
GetSystemPaletteEntries
GetStockObject
GetPixel
GetDeviceCaps
DeleteObject
CreateFontIndirectA
StretchDIBits
MoveToEx
Polygon
CreateDIBSection
SetDIBColorTable
SetWindowOrgEx
CreateSolidBrush
Ellipse
CreateHalftonePalette
CreatePen
LineTo

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameA

dsound

ord1

Sections

.text
Size: 405KB - Virtual size: 405KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/oggflt.sft
.dll windows:4 windows x86 arch:x86

8c071a971a35f2e806d3d72ab5fda000

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord259
ord283
ord738

msvcrt

malloc
realloc
memmove
free
memchr
floor
_ftol
calloc
qsort
exit
frexp
ceil
_CIpow
ldexp
_errno
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/parser.mfx
.dll windows:4 windows x86 arch:x86

c288edee36f0d3aea77e86e3112a1a2e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadStringA
LoadMenuA
GetMenuStringA
DestroyMenu

msvcrt

_strlwr
_adjust_fdiv
??3@YAXPAX@Z
??2@YAPAXI@Z
__CxxFrameHandler
free
tolower
_stricmp
strncmp
_strnicmp
malloc
strncpy
_strupr
strtok
_itoa
_close
_write
_open
_read
realloc
isspace
isalnum
_ltoa
_initterm

Exports

Exports

ContinueRunObject
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditObject
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
HandleRunObject
PauseRunObject
ReInitRunObject

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 510B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/txtblt.mfx
.dll windows:4 windows x86 arch:x86

06355eaec6629e1c9a3cb7d4288e7e7a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadFile
GetFileSize
CreateFileA
LocalFree
LocalAlloc
WriteFile
CloseHandle

user32

MessageBoxA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

mmfs2

ord610
ord342
ord724
ord620
ord445
ord745
ord679
ord414
ord611
ord274
ord137
ord363
ord245
ord423
ord520
ord585
ord372
ord172
ord401
ord140
ord753
ord691
ord554
ord286
ord493
ord34
ord170
ord344
ord487
ord169
ord264
ord50
ord354
ord762
ord343

msvcrt

sin
_strlwr
_strupr
strcpy
??2@YAPAXI@Z
strlen
??3@YAXPAX@Z
strncpy
memset
strcat
_strdup
_strrev
cos
tan
_ftol
free
_initterm
malloc
_adjust_fdiv

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
EditObject
EditorDisplay
EnumElts
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionString
GetExpressionTitle
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
HandleRunObject
Initialize
IsTransparent
LoadObject
MakeIcon
PauseRunObject
PrepareToWriteObject
PutObject
RemoveObject
SetEditSize
SetTextAlignment
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/ultimatefullscreen.mfx
.dll windows:5 windows x86 arch:x86

a1fe34352ff57d72053d98e08e863984

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord753

user32

ShowWindow
SetWindowPos
GetWindowRect
GetSystemMetrics
IsZoomed

kernel32

IsDebuggerPresent
GetStringTypeW
MultiByteToWideChar
LCMapStringW
IsValidCodePage
HeapAlloc
GetLastError
HeapFree
HeapReAlloc
RtlUnwind
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
GetProcAddress
GetModuleHandleW
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
HeapCreate
HeapDestroy
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
HeapSize
IsProcessorFeaturePresent
RaiseException
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryW
GetCPInfo
GetACP
GetOEMCP

Exports

Exports

ContinueRunObject
CreateFromFile
CreateObject
CreateRunObject
DestroyRunObject
DisplayRunObject
DuplicateObject
EditDebugItem
EditObject
EditParameter
EditProp
EditorDisplay
EndApp
EndFrame
Free
GetActionCodeFromMenu
GetActionInfos
GetActionMenu
GetActionString
GetActionTitle
GetConditionCodeFromMenu
GetConditionInfos
GetConditionMenu
GetConditionString
GetConditionTitle
GetDebugItem
GetDebugTree
GetDependencies
GetExpressionCodeFromMenu
GetExpressionInfos
GetExpressionMenu
GetExpressionParam
GetExpressionString
GetExpressionTitle
GetFilters
GetHelpFileName
GetInfos
GetObjInfos
GetObjectRect
GetParameterString
GetPropCheck
GetPropCreateParam
GetPropValue
GetProperties
GetRegID
GetRunObjectDataSize
GetRunObjectInfos
GetTextAlignment
GetTextCaps
GetTextClr
GetTextFont
HandleRunObject
InitParameter
Initialize
IsPropEnabled
IsTransparent
LoadObject
MakeIconEx
PauseRunObject
PrepareToWriteObject
PutObject
ReleasePropCreateParam
ReleaseProperties
RemoveObject
SetPropCheck
SetPropValue
SetTextAlignment
SetTextClr
SetTextFont
StartApp
StartFrame
UnloadObject
UpdateEditStructure
UpdateFileNames
UsesFile

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Modules/waveflt.sft
.dll windows:4 windows x86 arch:x86

a37b82eab5fe34efed01d6399d87638b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mmfs2

ord259
ord283
ord738

msvcrt

??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
malloc
_ftol
free
_initterm
_adjust_fdiv

Exports

Exports

CanReadFile
CreateFilter
GetFilterExts
GetFilterID
GetFilterName

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 583B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 182B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
README.txt

Sharing

General

Malware Config

Signatures

Files

1c4661ad7d3fc8350c55edf0f712d992

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

winmm

kernel32

user32

gdi32

comdlg32

shell32

Exports

Exports

Sections

.text Size: 521KB - Virtual size: 520KB

.rdata Size: 95KB - Virtual size: 95KB

.data Size: 6KB - Virtual size: 10KB

.rsrc Size: 289KB - Virtual size: 289KB

.reloc Size: 26KB - Virtual size: 25KB

d9855e84ec4e71e34af0a1b3f2202c26

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

shell32

ole32

Exports

Exports

Sections

.text Size: 269KB - Virtual size: 269KB

.rdata Size: 183KB - Virtual size: 183KB

.data Size: 5KB - Virtual size: 8KB

.rsrc Size: 512B - Virtual size: 232B

.reloc Size: 11KB - Virtual size: 10KB

965802a583fc194a26103532a3bda4e6

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

dinput8

winmm

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 15KB - Virtual size: 15KB

.reloc Size: 8KB - Virtual size: 7KB

a7d556053df634a00ad13e2084d0f66e

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

mmfs2

msvcrt

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 8KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 760B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 552B

d82a75f35f09c2900baf6b3b35d9f046

Headers

DLL Characteristics

File Characteristics

.text
Size: 521KB - Virtual size: 520KB

.rdata
Size: 95KB - Virtual size: 95KB

.data
Size: 6KB - Virtual size: 10KB

.rsrc
Size: 289KB - Virtual size: 289KB

.reloc
Size: 26KB - Virtual size: 25KB

.text
Size: 269KB - Virtual size: 269KB

.rdata
Size: 183KB - Virtual size: 183KB

.data
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 232B

.reloc
Size: 11KB - Virtual size: 10KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 15KB - Virtual size: 15KB

.reloc
Size: 8KB - Virtual size: 7KB

.text
Size: 12KB - Virtual size: 8KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 760B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 552B

.text
Size: 85KB - Virtual size: 84KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 1024B - Virtual size: 708B

.rsrc
Size: 13KB - Virtual size: 13KB

.reloc
Size: 512B - Virtual size: 220B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

05:06:71:9c:4a:1a:31:e2:5f:f2:72:51:72:f1:b6:3c
Certificate

46:68:e0:27:8e:bf:41:a0:90:9e:2d:f7:69:d7:1b:62:dd:92:f0:f7
Signer

.text
Size: 59KB - Virtual size: 59KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 3KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB