test[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

test.zip
Size

3.1MB
MD5

6b5177bcb6f037f9d666ec7a15f22e0a
SHA1

ee36c886a80856beb839867cd75b6c95cbf1cee7
SHA256

a064873399bc22094e51831a26fd88a65e40747eb9c118af6184d9a8408d975b
SHA512

d9db43bfc295f87aedad25da0899a8d38f46a24904af46fc656faddd7648a2f31d6ff1ca1bd7e025fb32a7e19429e7f1c814eee0c8f52e456d39f02b76882e74
SSDEEP

98304:lFF/D9viL3iMWgQbNMNwO6RzSs7Bb9j3/:lkL3xWg+NMNtAzSsdd

Score

1^/10

Malware Config

Signatures

Files

test.zip
.zip
Adobe 2024/Set-up.exe
.exe windows:5 windows x86 arch:x86

26d1142062053486e607ffede8dd675c

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3a:13:15:cd:ca:d6:82:ba:b0:4b:a9:43:3c:c5:4c:69:d7:13:c1:b1:d2:2b:14:18:26:62:f2:5a:7a:17:08:9f
Signer

Actual PE Digest

3a:13:15:cd:ca:d6:82:ba:b0:4b:a9:43:3c:c5:4c:69:d7:13:c1:b1:d2:2b:14:18:26:62:f2:5a:7a:17:08:9f

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Set-up.pdb

Imports

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathIsRelativeW
PathRemoveBackslashW
PathIsNetworkPathW
PathStripPathW
UrlIsW
SHGetValueW
UrlEscapeW
PathFindFileNameW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW
PathAppendW
PathIsDirectoryW
PathRenameExtensionW
PathIsSystemFolderW
PathFileExistsA
PathAddBackslashW
PathIsRootW
PathStripToRootW

shell32

SHCreateDirectoryExW
ord51
SHGetKnownFolderPath
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ord680
SHGetMalloc
SHGetFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW
SHGetSpecialFolderPathW
CommandLineToArgvW

kernel32

FindNextFileW
WaitForMultipleObjects
CreateFileW
CreateEventW
SetEvent
ResetEvent
GetOverlappedResult
ReadDirectoryChangesW
MultiByteToWideChar
WideCharToMultiByte
GetFileSizeEx
FindClose
GetFileAttributesW
SetFileAttributesW
DeleteFileW
GetLocalTime
GetTimeFormatW
GetDateFormatW
GetCurrentProcess
DeviceIoControl
GetTempPathW
GetVersionExW
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
RaiseException
LoadLibraryW
GetProcAddress
CreateProcessW
GetModuleHandleW
FreeLibrary
InitializeCriticalSectionEx
DecodePointer
MulDiv
GetModuleFileNameW
TerminateProcess
RemoveDirectoryW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CopyFileW
GetExitCodeProcess
ReadFile
SetLastError
lstrlenW
LocalAlloc
GetDiskFreeSpaceExW
GetCurrentDirectoryW
SetCurrentDirectoryW
MoveFileExW
GetFileSize
lstrcpyW
lstrcmpiW
lstrcmpW
GetDriveTypeW
GetFullPathNameW
HeapSize
HeapReAlloc
HeapDestroy
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemDirectoryW
SetDllDirectoryW
GetStdHandle
AttachConsole
FreeConsole
GetConsoleWindow
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
LeaveCriticalSection
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
CreateFileMappingA
LockFileEx
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalFree
VerSetConditionMask
FindFirstFileW
GetUserDefaultLCID
LCMapStringW
DuplicateHandle
ProcessIdToSessionId
TerminateThread
CreateThread
FindResourceExW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultUILanguage
SetNamedPipeHandleState
CreateNamedPipeW
ConnectNamedPipe
CreateDirectoryW
ReleaseSemaphore
OpenSemaphoreW
CreateSemaphoreW
GetTimeZoneInformation
VirtualFree
VirtualAlloc
QueryPerformanceFrequency
GetCurrentThread
SetFilePointerEx
ResumeThread
SetThreadPriority
EnterCriticalSection
CompareStringW
GetCPInfo
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetExitCodeThread
SwitchToThread
GetModuleHandleExW
QueueUserWorkItem
IsProcessorFeaturePresent
LoadLibraryExA
VirtualQuery
VirtualProtect
GetCurrentProcessId
GetCurrentThreadId
OpenMutexW
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetProcessHeap
HeapAlloc
HeapFree
LocalFree
GetLastError
FormatMessageW
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
CreateTimerQueue
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
DeleteCriticalSection
RegisterWaitForSingleObject
UnregisterWait
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
SetStdHandle
WriteConsoleW
ExitProcess
GetConsoleCP
GetConsoleMode
IsValidLocale
EnumSystemLocalesW
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetACP
VerifyVersionInfoW
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSection
SetEnvironmentVariableW
GetFullPathNameA

user32

CharNextW
BringWindowToTop
TranslateAcceleratorW
GetClassNameW
SetCapture
GetDlgItem
GetParent
RegisterWindowMessageW
ReleaseCapture
SetForegroundWindow
InvalidateRect
GetForegroundWindow
GetSysColor
AttachThreadInput
IsChild
DestroyAcceleratorTable
ClientToScreen
RedrawWindow
InvalidateRgn
IsWindow
SetFocus
ScreenToClient
FillRect
GetFocus
GetWindow
IsIconic
BeginPaint
EndPaint
GetWindowTextW
GetSystemMetrics
GetMessageW
DefWindowProcW
GetWindowLongW
DestroyWindow
SetWindowPos
CreateWindowExW
SendMessageW
RegisterClassExW
GetActiveWindow
DispatchMessageW
CreateAcceleratorTableW
SetWindowTextW
CallWindowProcW
GetWindowTextLengthW
GetWindowThreadProcessId
wsprintfW
PostThreadMessageW
TranslateMessage
LoadCursorW
SetWindowLongW
PostQuitMessage
GetDesktopWindow
GetClassInfoExW
GetDC
MessageBoxW
ShowWindow
GetAsyncKeyState
ReleaseDC
PostMessageW
UnregisterClassW
GetClientRect
EnumWindows
MoveWindow
GetShellWindow
LoadImageW
SystemParametersInfoW
EnableMenuItem
LoadIconW
GetSystemMenu
GetClassLongW
AppendMenuW
SetClassLongW
GetWindowRect

gdi32

DeleteDC
GetObjectW
DeleteObject
CreateSolidBrush
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
GetStockObject
BitBlt
CreateCompatibleDC

advapi32

SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetTokenInformation
CreateWellKnownSid
LookupPrivilegeValueW
OpenProcessToken
RegFlushKey
RegCloseKey
RegDeleteKeyExW
RegCreateKeyExW
RegSetValueExW
LookupAccountSidW
RegOpenKeyExW
RegEnumValueW
EqualSid
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
DuplicateTokenEx
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegQueryValueExW
GetUserNameW
CredWriteW
CredReadW
CredDeleteW
CredFree
CredEnumerateW
AdjustTokenPrivileges

ole32

CoCreateGuid
CoAddRefServerProcess
OleRun
CoUninitialize
CoInitialize
CLSIDFromString
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
StringFromGUID2
OleInitialize
OleUninitialize
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
CoReleaseServerProcess

oleaut32

VariantChangeType
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
SysAllocString
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
SysAllocStringByteLen
VariantCopy
SysStringByteLen
DispCallFunc
GetErrorInfo
VariantClear

bcrypt

BCryptCloseAlgorithmProvider
BCryptVerifySignature
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptDecrypt
BCryptDestroyKey
BCryptEncrypt
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptCreateHash
BCryptHashData
BCryptFinishHash
BCryptGetProperty

crypt32

CertGetIssuerCertificateFromStore
CertGetNameStringW
CryptProtectData
CryptUnprotectData
CryptStringToBinaryW
CertOpenStore
CertFindCertificateInStore
CertFreeCertificateContext
CertCreateCertificateContext
CryptHashCertificate2
CryptImportPublicKeyInfoEx2
CertVerifySubjectCertificateContext
CertAddCertificateContextToStore
CertCloseStore

secur32

GetUserNameExW

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperGetProvSignerFromChain

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 907KB - Virtual size: 906KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Autoplay/langdata/en_US/lang.dat
Autoplay/langdata/ru_RU/lang.dat
Autoplay/main.ini
Autoplay/resdata/Autoplay.ico
Autoplay/resdata/autoplay_bg_eng.bmp
Autoplay/resdata/autoplay_bg_rus.bmp
Autoplay/resdata/autoplay_button_eng_N.bmp
Autoplay/resdata/autoplay_button_eng_R.bmp
Autoplay/resdata/autoplay_button_eng_S.bmp
Autoplay/resdata/autoplay_button_rus_N.bmp
Autoplay/resdata/autoplay_button_rus_R.bmp
Autoplay/resdata/autoplay_button_rus_S.bmp
Autoplay/resdata/autoplay_disc_N.ico
Autoplay/resdata/autoplay_disc_R.ico
Autoplay/resdata/autoplay_disc_S.ico
Autoplay/resdata/autoplay_generic_extras_N.ico
Autoplay/resdata/autoplay_generic_extras_R.ico
Autoplay/resdata/autoplay_generic_extras_S.ico
Autoplay/resdata/autoplay_readme_N.ico
Autoplay/resdata/autoplay_readme_R.ico
Autoplay/resdata/autoplay_readme_S.ico
Autoplay/resdata/autoplay_secondary-content_N.ico
Autoplay/resdata/autoplay_secondary-content_R.ico
Autoplay/resdata/autoplay_secondary-content_S.ico
Autoplay/resdata/autoplay_secondarylink_N.bmp
Autoplay/resdata/autoplay_secondarylink_R.bmp
Autoplay/resdata/autoplay_secondarylink_S.bmp
autoplay.exe
.exe windows:4 windows x86 arch:x86

ec7603dfc11290c5ea59ede1b41eac50

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

07/11/2007, 00:00

Not After

10/12/2008, 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Information Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

55:7e:59:12:c0:ed:63:3a:cb:5b:e7:da:2f:6c:23:99:5e:d6:5d:d2
Signer

Actual PE Digest

55:7e:59:12:c0:ed:63:3a:cb:5b:e7:da:2f:6c:23:99:5e:d6:5d:d2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

_TrackMouseEvent
ord17

msvfw32

MCIWndCreateW
MCIWndCreateA

winmm

waveOutSetVolume
waveOutGetVolume
PlaySoundA
waveOutGetNumDevs

shlwapi

PathRemoveFileSpecW

kernel32

InterlockedExchange
GetModuleHandleA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemDirectoryA
LoadLibraryA
SetLastError
GetOEMCP
GetACP
SetEndOfFile
CreateFileA
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
VirtualQuery
GetSystemInfo
VirtualProtect
GetLocaleInfoA
IsBadCodePtr
IsBadReadPtr
SetFilePointer
GetStringTypeA
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
CompareStringA
WaitForSingleObject
CloseHandle
DeviceIoControl
MulDiv
FreeLibrary
Sleep
ReleaseMutex
GetLastError
GetUserDefaultLCID
GetUserDefaultUILanguage
GetSystemDefaultLangID
WriteFile
ReadFile
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
SetEnvironmentVariableA
HeapSize
HeapReAlloc
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
RaiseException
ExitProcess
TerminateProcess
GetCurrentProcess
GetVersionExA
HeapAlloc
HeapFree
LCMapStringA

user32

DestroyIcon
GetSystemMetrics
SetFocus
BeginPaint
FillRect
DrawEdge
keybd_event
SetForegroundWindow
UpdateWindow
TranslateMessage
ReleaseDC
GetAsyncKeyState
SetCursor
EndPaint
RedrawWindow
MoveWindow
GetIconInfo
CreateIconIndirect
GetClientRect
InvalidateRect
ShowWindow
PostQuitMessage
DrawIconEx
SetRect
GetDC
GetWindowRect

gdi32

CreateSolidBrush
GetStockObject
PatBlt
CreateCompatibleBitmap
CreateCompatibleDC
SetTextAlign
SetLayout
LineTo
SetBkMode
StretchBlt
BitBlt
SetTextColor
CreatePenIndirect
SelectObject
MoveToEx
Polyline
DeleteObject
DeleteDC

advapi32

RegQueryValueA
RegCloseKey

Sections

.text
Size: 116KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 538KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
autorun.inf
m0nkrus.nfo

Sharing

General

Malware Config

Signatures

Files

26d1142062053486e607ffede8dd675c

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

3a:13:15:cd:ca:d6:82:ba:b0:4b:a9:43:3c:c5:4c:69:d7:13:c1:b1:d2:2b:14:18:26:62:f2:5a:7a:17:08:9fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

shell32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

bcrypt

crypt32

secur32

wintrust

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 907KB - Virtual size: 906KB

.data Size: 135KB - Virtual size: 160KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 198KB - Virtual size: 197KB

ec7603dfc11290c5ea59ede1b41eac50

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2Certificate

Extended Key Usages

Key Usages

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6dCertificate

Extended Key Usages

Key Usages

55:7e:59:12:c0:ed:63:3a:cb:5b:e7:da:2f:6c:23:99:5e:d6:5d:d2Signer

Headers

File Characteristics

Imports

comctl32

msvfw32

winmm

shlwapi

kernel32

user32

gdi32

advapi32

Sections

.text Size: 116KB - Virtual size: 114KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 12KB - Virtual size: 538KB

.rsrc Size: 28KB - Virtual size: 24KB

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

3a:13:15:cd:ca:d6:82:ba:b0:4b:a9:43:3c:c5:4c:69:d7:13:c1:b1:d2:2b:14:18:26:62:f2:5a:7a:17:08:9f
Signer

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 907KB - Virtual size: 906KB

.data
Size: 135KB - Virtual size: 160KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 198KB - Virtual size: 197KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

4b:ea:81:7c:ba:c7:c3:8a:ba:72:e7:be:6f:00:de:6d
Certificate

55:7e:59:12:c0:ed:63:3a:cb:5b:e7:da:2f:6c:23:99:5e:d6:5d:d2
Signer

.text
Size: 116KB - Virtual size: 114KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 12KB - Virtual size: 538KB

.rsrc
Size: 28KB - Virtual size: 24KB