a16a40d0182a87fc6219693ac664286738329222983bd9e70b455f198e124ba2 (1)[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

a16a40d0182a87fc6219693ac664286738329222983bd9e70b455f198e124ba2 (1).zip
Size

309KB
MD5

0204bbacf8a88e9b7dbc3ae7a040a4c9
SHA1

87959bde294cff67d7262ce4b2f117a38642d943
SHA256

a16a40d0182a87fc6219693ac664286738329222983bd9e70b455f198e124ba2
SHA512

7c25ace20d1c005d48c714253d7f3b070b17d037fe6f02d100ffda06d2095cccfa3a831c1c94cd638489630177bd27ad3eeeb15c8e5898d0a8a150d8048601c2
SSDEEP

6144:xxFLBhEzPZ4hxz2jd7c5asK2drxIfk1LU4wSy2lr8AjhsZduDZBUIURTvVa:9LBCzRYyc5aErxIfmLUey2lAAdsZQDZl

Score

1^/10

Malware Config

Signatures

Files

a16a40d0182a87fc6219693ac664286738329222983bd9e70b455f198e124ba2 (1).zip
.zip
Talking_Points_for_China/KeyScramblerIE.DLL
.dll windows:5 windows x86 arch:x86

1a2edb7063fdbf7acc5a2c6a6f801ee8

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

2e:c5:c3:93:a1:77:fa:7a:21:a8:4a:38:25:d0:e2:47:0a:fc:42:98
Certificate

Issuer

SERIALNUMBER=QFX,OU=QFX Software Corporation,O=QFX Software Corporation,L=NY,ST=NY,C=US,2.5.4.15=#130c51465820536f667477617265,1.3.6.1.4.1.311.60.2.1.1=#13024e59,1.3.6.1.4.1.311.60.2.1.2=#13024e59,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.2.840.113549.1.9.1=#0c17716678736f667440716678736f6674776172652e636f6d

Not Before

29/02/2024, 16:11

Not After

26/02/2034, 16:11

Subject

SERIALNUMBER=QFX,OU=QFX Software Corporation,O=QFX Software Corporation,L=NY,ST=NY,C=US,2.5.4.15=#130c51465820536f667477617265,1.3.6.1.4.1.311.60.2.1.1=#13024e59,1.3.6.1.4.1.311.60.2.1.2=#13024e59,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.2.840.113549.1.9.1=#0c17716678736f667440716678736f6674776172652e636f6d

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
ExtKeyUsageOCSPSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageIPSECEndSystem
ExtKeyUsageIPSECTunnel
ExtKeyUsageIPSECUser

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageEncipherOnly
KeyUsageDecipherOnly

2e:c5:c3:93:a1:77:fa:7a:21:a8:4a:38:25:d0:e2:47:0a:fc:42:98
Certificate

Issuer

SERIALNUMBER=QFX,OU=QFX Software Corporation,O=QFX Software Corporation,L=NY,ST=NY,C=US,2.5.4.15=#130c51465820536f667477617265,1.3.6.1.4.1.311.60.2.1.1=#13024e59,1.3.6.1.4.1.311.60.2.1.2=#13024e59,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.2.840.113549.1.9.1=#0c17716678736f667440716678736f6674776172652e636f6d

Not Before

29/02/2024, 16:11

Not After

26/02/2034, 16:11

Subject

SERIALNUMBER=QFX,OU=QFX Software Corporation,O=QFX Software Corporation,L=NY,ST=NY,C=US,2.5.4.15=#130c51465820536f667477617265,1.3.6.1.4.1.311.60.2.1.1=#13024e59,1.3.6.1.4.1.311.60.2.1.2=#13024e59,1.3.6.1.4.1.311.60.2.1.3=#13025553,1.2.840.113549.1.9.1=#0c17716678736f667440716678736f6674776172652e636f6d

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping
ExtKeyUsageOCSPSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageIPSECEndSystem
ExtKeyUsageIPSECTunnel
ExtKeyUsageIPSECUser

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageKeyEncipherment
KeyUsageDataEncipherment
KeyUsageKeyAgreement
KeyUsageCertSign
KeyUsageCRLSign
KeyUsageEncipherOnly
KeyUsageDecipherOnly

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f4:bc:d6:c1:a9:55:45:35:12:a4:77:ed:e7:e9:f6:38:d2:8e:4a:27:c5:03:b1:81:ff:ea:89:b5:9f:1c:86:3c
Signer

Actual PE Digest

f4:bc:d6:c1:a9:55:45:35:12:a4:77:ed:e7:e9:f6:38:d2:8e:4a:27:c5:03:b1:81:ff:ea:89:b5:9f:1c:86:3c

Digest Algorithm

sha256

PE Digest Matches

true

ba:b2:49:4a:20:4c:33:ae:35:4a:0d:b9:ea:a3:8d:2e:2b:22:a2:89
Signer

Actual PE Digest

ba:b2:49:4a:20:4c:33:ae:35:4a:0d:b9:ea:a3:8d:2e:2b:22:a2:89

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
VirtualAlloc
LocalAlloc
OpenEventA
CreateEventA
LocalFree
SetStdHandle
WriteConsoleW
SetCurrentDirectoryW
CopyFileW
HeapReAlloc
IsValidLocale
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
MultiByteToWideChar
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
HeapAlloc
CreateDirectoryA
GetSystemTimeAsFileTime
GetProcAddress
GetModuleHandleW
ExitProcess
GetCurrentThreadId
GetCommandLineA
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
LoadLibraryW
GetLocaleInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeW
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
CreateFileW

user32

MessageBoxA

comdlg32

ChooseColorW

shlwapi

SHSetValueA

Exports

Exports

KSInit
KSMain
KSOptions
KSPromptForKey
KSSetKeyInfo
KSSetOption
KSUninit
KSUpdate
Microsoft_Visual_Studio_CORP

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Talking_Points_for_China/Talking_Points_for_China.exe
.exe windows:5 windows x86 arch:x86

5007e16b49e5fb060b690c46cb9316e8

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15/06/2016, 00:00

Not After

15/06/2024, 00:00

Subject

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7a:f1:e5:b8:82:61:50:a7:8a:17:26:9c
Certificate

Issuer

CN=GlobalSign Extended Validation CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

15/10/2020, 15:19

Not After

15/11/2023, 15:19

Subject

SERIALNUMBER=P03000012052,CN=QFX Software Corporation,O=QFX Software Corporation,STREET=1573 Katie Cv,L=Sanford,ST=Florida,C=US,1.2.840.113549.1.9.1=#0c17716678736f667440716678736f6674776172652e636f6d,1.3.6.1.4.1.311.60.2.1.2=#1307466c6f72696461,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:45

Not After

08/05/2033, 07:45

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10/12/2014, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ee:40:c1:84:d0:80:f6:fb:58:11:36:9b:1f:50:cc:5e:d9:15:88:a0:95:20:97:71:cc:f2:84:f7:81:12:63:06
Signer

Actual PE Digest

ee:40:c1:84:d0:80:f6:fb:58:11:36:9b:1f:50:cc:5e:d9:15:88:a0:95:20:97:71:cc:f2:84:f7:81:12:63:06

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\qzwang\Documents\workspace\InputSafe\winsrc\browser\InputSafeOmni\Release\KeyScrambler.pdb

Imports

keyscramblerie

KSOptions
KSPromptForKey
KSSetKeyInfo
KSUpdate
KSSetOption
KSInit
KSUninit

kernel32

GetModuleHandleExW
OpenEventW
FlushInstructionCache
GetCurrentThreadId
lstrlenW
GetModuleHandleW
InterlockedIncrement
InterlockedDecrement
lstrcmpiW
SetLastError
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
GetModuleFileNameW
CreateFileW
MoveFileExW
FindClose
FindNextFileW
FindFirstFileW
ResetEvent
SetEvent
Sleep
CreateEventW
SetEndOfFile
CreateFileA
SetStdHandle
GetProcAddress
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetStringTypeW
IsValidCodePage
GetOEMCP
DeleteCriticalSection
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetLocaleInfoW
LoadLibraryW
SetConsoleCtrlHandler
SetFilePointer
ReadFile
FlushFileBuffers
GetConsoleMode
GetConsoleCP
FatalAppExitA
GetFileType
SetHandleCount
HeapSize
HeapReAlloc
GetStdHandle
WriteFile
GetCurrentProcess
FreeLibrary
OpenProcess
WaitForSingleObject
CloseHandle
DeleteFileW
WriteConsoleW
LocalFree
InitializeCriticalSectionAndSpinCount
GetLastError
LeaveCriticalSection
VirtualAlloc
EnterCriticalSection
RaiseException
InterlockedPopEntrySList
InterlockedExchange
InitializeCriticalSection
EncodePointer
DecodePointer
RtlUnwind
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCPInfo
LCMapStringW
WideCharToMultiByte
GetStartupInfoW
HeapSetInformation
ExitProcess
GetACP
InterlockedCompareExchange
InterlockedPushEntrySList
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
VirtualFree
GetCommandLineW

user32

GetClassInfoExW
LoadCursorW
DefWindowProcW
SetWindowLongW
LoadBitmapW
UpdateWindow
SetWindowRgn
MessageBoxW
BroadcastSystemMessageW
EndPaint
BeginPaint
CallWindowProcW
GetParent
GetWindow
GetWindowRect
MonitorFromWindow
GetMonitorInfoW
GetClientRect
MapWindowPoints
SetWindowPos
KillTimer
SetTimer
PostMessageW
GetWindowLongW
RegisterClassExW
CreateWindowExW
DestroyWindow
CharNextW
PeekMessageW
GetMessageW
TranslateMessage
DispatchMessageW
UnregisterClassA

gdi32

BitBlt
SelectObject
CreateCompatibleDC
DeleteObject
GetObjectW
CreateRoundRectRgn
DeleteDC

advapi32

RegOpenKeyExW
GetSecurityDescriptorSacl
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetSecurityInfo

shell32

SHGetFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CoTaskMemFree
CoUninitialize
CoInitialize
CoTaskMemRealloc
CoTaskMemAlloc

oleaut32

SysFreeString
VarUI4FromStr

shlwapi

PathCombineW
PathRemoveFileSpecW

comctl32

InitCommonControlsEx

Sections

.text
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 245KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1a2edb7063fdbf7acc5a2c6a6f801ee8

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

2e:c5:c3:93:a1:77:fa:7a:21:a8:4a:38:25:d0:e2:47:0a:fc:42:98Certificate

Extended Key Usages

Key Usages

2e:c5:c3:93:a1:77:fa:7a:21:a8:4a:38:25:d0:e2:47:0a:fc:42:98Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

f4:bc:d6:c1:a9:55:45:35:12:a4:77:ed:e7:e9:f6:38:d2:8e:4a:27:c5:03:b1:81:ff:ea:89:b5:9f:1c:86:3cSigner

ba:b2:49:4a:20:4c:33:ae:35:4a:0d:b9:ea:a3:8d:2e:2b:22:a2:89Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

comdlg32

shlwapi

Exports

Exports

Sections

.text Size: 106KB - Virtual size: 105KB

.rdata Size: 22KB - Virtual size: 21KB

.data Size: 19KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 8KB

5007e16b49e5fb060b690c46cb9316e8

Code Sign

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0fCertificate

Extended Key Usages

Key Usages

7a:f1:e5:b8:82:61:50:a7:8a:17:26:9cCertificate

Extended Key Usages

Key Usages

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6aCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

ee:40:c1:84:d0:80:f6:fb:58:11:36:9b:1f:50:cc:5e:d9:15:88:a0:95:20:97:71:cc:f2:84:f7:81:12:63:06Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

keyscramblerie

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

Sections

.text Size: 192KB - Virtual size: 191KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

2e:c5:c3:93:a1:77:fa:7a:21:a8:4a:38:25:d0:e2:47:0a:fc:42:98
Certificate

2e:c5:c3:93:a1:77:fa:7a:21:a8:4a:38:25:d0:e2:47:0a:fc:42:98
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

f4:bc:d6:c1:a9:55:45:35:12:a4:77:ed:e7:e9:f6:38:d2:8e:4a:27:c5:03:b1:81:ff:ea:89:b5:9f:1c:86:3c
Signer

ba:b2:49:4a:20:4c:33:ae:35:4a:0d:b9:ea:a3:8d:2e:2b:22:a2:89
Signer

.text
Size: 106KB - Virtual size: 105KB

.rdata
Size: 22KB - Virtual size: 21KB

.data
Size: 19KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB

48:1b:6a:07:a9:42:4c:1e:aa:fe:f3:cd:f1:0f
Certificate

7a:f1:e5:b8:82:61:50:a7:8a:17:26:9c
Certificate

01:b2:8b:d4:cf:ee:ee:0d:be:d0:b3:0d:9b:f8:43:6a
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

ee:40:c1:84:d0:80:f6:fb:58:11:36:9b:1f:50:cc:5e:d9:15:88:a0:95:20:97:71:cc:f2:84:f7:81:12:63:06
Signer

.text
Size: 192KB - Virtual size: 191KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 6KB - Virtual size: 14KB

.rsrc
Size: 245KB - Virtual size: 245KB

.reloc
Size: 10KB - Virtual size: 10KB