Setup_SoftWaRe[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Setup_SoftWaRe.zip
Size

578KB
MD5

c90fad7347e42c9fb3c4121f4212866b
SHA1

8e9bad66e7fc8094e6c839fabfd9e1a9d1e6a935
SHA256

a42511c5ba3467b788fcac808354cbf7416db3cf35c12a568526eae38ffac2d5
SHA512

c9c43da5e48376c66b56256c2aef8e2e4a28c0464c7f7ec162b1ad5bf40bdc4369f500bdee70563c9c1f9dbb44266cd7a9c4b280ac92d98705de93f92bc7dbc6
SSDEEP

12288:1TEG/Tx3oa6TEG/Tx3ojV/qgyHrujwluty7pwOTZ0:dLhRWLh+izH60luY7pwUe

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup_SoftWaRe/antiban.dll
unpack001/Setup_SoftWaRe/engine.dll

Files

Setup_SoftWaRe.zip
.zip
Setup_SoftWaRe/Languages/eng.txt
Setup_SoftWaRe/Setup_Soft.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/01/2023, 00:00

Not After

16/01/2026, 23:59

Subject

CN=NVIDIA Corporation,OU=2-J,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

56:ab:95:75:28:9c:a5:9f:0e:17:d4:0b:ea:05:c3:1f
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

04/10/2022, 17:21

Not After

01/01/2029, 00:00

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

24:5a:57:61:19:bf:8b:b2:7a:dd:b7:92:ec:3f:70:96:99:66:fe:cb:a7:d3:56:8c:9b:8a:d5:96:98:1a:40:22
Signer

Actual PE Digest

24:5a:57:61:19:bf:8b:b2:7a:dd:b7:92:ec:3f:70:96:99:66:fe:cb:a7:d3:56:8c:9b:8a:d5:96:98:1a:40:22

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\9aocksc\obj\Release\MSG.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 311KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup_SoftWaRe/antiban.dll
.dll windows:10 windows x86 arch:x86

4dbb8e3045930d45b27c5944d5a67b49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

AppIdPolicyEngineApi.pdb

Imports

msvcp110_win

?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Lockit@std@@QAE@XZ
?_Incref@facet@locale@std@@UAEXXZ
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??1facet@locale@std@@MAE@XZ
??_7facet@locale@std@@6B@
??0facet@locale@std@@IAE@I@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?id@?$ctype@G@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
_Wcsxfrm
?id@?$collate@G@std@@2V0locale@2@A
_Wcscoll
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?tolower@?$ctype@G@std@@QBEPBGPAGPBG@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??_7_Facet_base@std@@6B@
??1_Facet_base@std@@UAE@XZ
??1_Locinfo@std@@QAE@XZ
?tolower@?$ctype@G@std@@QBEGG@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

msvcrt

?what@exception@@UBEPBDXZ
memcmp
__RTDynamicCast
__CxxFrameHandler3
memmove
_purecall
wcsncpy_s
_except_handler4_common
realloc
_errno
??1type_info@@UAE@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
memset
_CxxThrowException
memcpy
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
_callnewh
memcpy_s
free
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABQBDH@Z
_wtoi
_wtof
tolower
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
strchr
towupper
_vsnwprintf_s
_ui64tow_s
wcstol
malloc

api-ms-win-core-errorhandling-l1-1-1

UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetLastError
RaiseException

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetProcAddress
DisableThreadLibraryCalls
GetModuleFileNameW
FindResourceExW
LoadResource
SizeofResource
GetModuleHandleW
FreeLibrary

api-ms-win-core-com-l1-1-1

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegCreateKeyExW
RegDeleteTreeW
RegGetValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

api-ms-win-core-synch-l1-2-0

InitializeCriticalSection
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-sysinfo-l1-2-1

GetSystemWindowsDirectoryW
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-processthreads-l1-1-2

GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetCurrentThreadId

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-debug-l1-1-1

OutputDebugStringA

api-ms-win-core-winrt-l1-1-0

RoActivateInstance

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsGetStringRawBuffer
WindowsCreateStringReference

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-security-sddl-l1-1-0

ConvertSecurityDescriptorToStringSecurityDescriptorW
ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-path-l1-1-0

PathCchAppend

rpcrt4

UuidCreate
UuidFromStringW
UuidCompare
UuidToStringW
RpcStringFreeW

api-ms-win-core-file-l1-2-1

CreateFileW

api-ms-win-core-handle-l1-1-0

CloseHandle

authz

AuthziAccessCheckEx
AuthziModifySecurityAttributes
AuthzFreeResourceManager
AuthzFreeContext
AuthzInitializeResourceManager
AuthzInitializeContextFromSid

api-ms-win-security-base-l1-2-0

SetSecurityDescriptorSacl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetAce
GetSecurityDescriptorDacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-appmodel-runtime-l1-1-1

PackageNameAndPublisherIdFromFamilyName
PackageFamilyNameFromId

appidapi

AppIDFreeAttributeString
AppIDGetFileAttributes
AppIDReleaseAppxFileAttributes
AppIDEncodeAttributeString
AppIDReleaseFileAttributes
AppIDDecodeAttributeString
AppIDGetAppxFileAttributes
AppIDConstructAppxAttributes

ntdll

EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
EtwTraceMessage
EtwGetTraceLoggerHandle

advapi32

RegEnumKeyW
RegCreateKeyW

shlwapi

SHCreateStreamOnFileEx

user32

UnregisterClassA

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI
DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup_SoftWaRe/config1.cfg
Setup_SoftWaRe/config2.cfg
Setup_SoftWaRe/engine.dll
.dll windows:10 windows x86 arch:x86

4dbb8e3045930d45b27c5944d5a67b49

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

AppIdPolicyEngineApi.pdb

Imports

msvcp110_win

?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Lockit@std@@QAE@XZ
?_Incref@facet@locale@std@@UAEXXZ
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??1facet@locale@std@@MAE@XZ
??_7facet@locale@std@@6B@
??0facet@locale@std@@IAE@I@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?id@?$ctype@G@std@@2V0locale@2@A
??Bid@locale@std@@QAEIXZ
_Wcsxfrm
?id@?$collate@G@std@@2V0locale@2@A
_Wcscoll
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?tolower@?$ctype@G@std@@QBEPBGPAGPBG@Z
?is@?$ctype@G@std@@QBE_NFG@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??_7_Facet_base@std@@6B@
??1_Facet_base@std@@UAE@XZ
??1_Locinfo@std@@QAE@XZ
?tolower@?$ctype@G@std@@QBEGG@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

msvcrt

?what@exception@@UBEPBDXZ
memcmp
__RTDynamicCast
__CxxFrameHandler3
memmove
_purecall
wcsncpy_s
_except_handler4_common
realloc
_errno
??1type_info@@UAE@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
memset
_CxxThrowException
memcpy
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
_callnewh
memcpy_s
free
??0exception@@QAE@ABQBD@Z
??0exception@@QAE@ABQBDH@Z
_wtoi
_wtof
tolower
??0bad_cast@@QAE@ABV0@@Z
??1bad_cast@@UAE@XZ
??0bad_cast@@QAE@PBD@Z
strchr
towupper
_vsnwprintf_s
_ui64tow_s
wcstol
malloc

api-ms-win-core-errorhandling-l1-1-1

UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetLastError
RaiseException

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetProcAddress
DisableThreadLibraryCalls
GetModuleFileNameW
FindResourceExW
LoadResource
SizeofResource
GetModuleHandleW
FreeLibrary

api-ms-win-core-com-l1-1-1

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegCreateKeyExW
RegDeleteTreeW
RegGetValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

api-ms-win-core-synch-l1-2-0

InitializeCriticalSection
Sleep
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-sysinfo-l1-2-1

GetSystemWindowsDirectoryW
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-processthreads-l1-1-2

GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetCurrentThreadId

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-debug-l1-1-1

OutputDebugStringA

api-ms-win-core-winrt-l1-1-0

RoActivateInstance

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsGetStringRawBuffer
WindowsCreateStringReference

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-security-sddl-l1-1-0

ConvertSecurityDescriptorToStringSecurityDescriptorW
ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-path-l1-1-0

PathCchAppend

rpcrt4

UuidCreate
UuidFromStringW
UuidCompare
UuidToStringW
RpcStringFreeW

api-ms-win-core-file-l1-2-1

CreateFileW

api-ms-win-core-handle-l1-1-0

CloseHandle

authz

AuthziAccessCheckEx
AuthziModifySecurityAttributes
AuthzFreeResourceManager
AuthzFreeContext
AuthzInitializeResourceManager
AuthzInitializeContextFromSid

api-ms-win-security-base-l1-2-0

SetSecurityDescriptorSacl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
GetAce
GetSecurityDescriptorDacl
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-appmodel-runtime-l1-1-1

PackageNameAndPublisherIdFromFamilyName
PackageFamilyNameFromId

appidapi

AppIDFreeAttributeString
AppIDGetFileAttributes
AppIDReleaseAppxFileAttributes
AppIDEncodeAttributeString
AppIDReleaseFileAttributes
AppIDDecodeAttributeString
AppIDGetAppxFileAttributes
AppIDConstructAppxAttributes

ntdll

EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
EtwTraceMessage
EtwGetTraceLoggerHandle

advapi32

RegEnumKeyW
RegCreateKeyW

shlwapi

SHCreateStreamOnFileEx

user32

UnregisterClassA

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI
DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56Certificate

Extended Key Usages

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

56:ab:95:75:28:9c:a5:9f:0e:17:d4:0b:ea:05:c3:1fCertificate

Extended Key Usages

Key Usages

24:5a:57:61:19:bf:8b:b2:7a:dd:b7:92:ec:3f:70:96:99:66:fe:cb:a7:d3:56:8c:9b:8a:d5:96:98:1a:40:22Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 311KB - Virtual size: 310KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

4dbb8e3045930d45b27c5944d5a67b49

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp110_win

msvcrt

api-ms-win-core-errorhandling-l1-1-1

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-com-l1-1-1

api-ms-win-core-string-l2-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-sysinfo-l1-2-1

api-ms-win-core-processthreads-l1-1-2

api-ms-win-core-profile-l1-1-0

api-ms-win-core-debug-l1-1-1

api-ms-win-core-winrt-l1-1-0

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-path-l1-1-0

rpcrt4

api-ms-win-core-file-l1-2-1

api-ms-win-core-handle-l1-1-0

authz

api-ms-win-security-base-l1-2-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-appmodel-runtime-l1-1-1

appidapi

ntdll

advapi32

shlwapi

user32

api-ms-win-core-delayload-l1-1-1

Exports

Exports

Sections

.text Size: 239KB - Virtual size: 238KB

.data Size: 6KB - Virtual size: 7KB

.idata Size: 7KB - Virtual size: 6KB

.didat Size: 512B - Virtual size: 68B

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 16KB - Virtual size: 16KB

4dbb8e3045930d45b27c5944d5a67b49

Headers

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

09:97:c5:6c:aa:59:05:53:94:d9:a9:cd:b8:be:eb:56
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

56:ab:95:75:28:9c:a5:9f:0e:17:d4:0b:ea:05:c3:1f
Certificate

24:5a:57:61:19:bf:8b:b2:7a:dd:b7:92:ec:3f:70:96:99:66:fe:cb:a7:d3:56:8c:9b:8a:d5:96:98:1a:40:22
Signer

.text
Size: 311KB - Virtual size: 310KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 239KB - Virtual size: 238KB

.data
Size: 6KB - Virtual size: 7KB

.idata
Size: 7KB - Virtual size: 6KB

.didat
Size: 512B - Virtual size: 68B

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 16KB - Virtual size: 16KB

.text
Size: 239KB - Virtual size: 238KB

.data
Size: 6KB - Virtual size: 7KB

.idata
Size: 7KB - Virtual size: 6KB

.didat
Size: 512B - Virtual size: 68B

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 16KB - Virtual size: 16KB