C:\Users\buste\source\repos\aim\New folder\aim\obj\Debug\aim.pdb
Static task
static1
1 signatures
General
-
Target
fake dumper.zip
-
Size
240KB
-
MD5
837d593e8c5e634b0b12d5820c2c2a24
-
SHA1
8b3b83786853fb42ef99ce2caa76106a16913bb3
-
SHA256
f7636868dbdfe44aeecbb2d53bf3abd0a9f9413444e779d30dbf1069045750a3
-
SHA512
3887f6db86680731474887e3366425727093f5bcb9ad1ff46fba41e23bfca9b7d77c06eef8c0f2f9c96cda3ffd2b51f19923fc1d549c20bdb43275e7a7149e04
-
SSDEEP
6144:8E8cqnjUTJ+AJ+DQmMNNnDfgzXlKCl8ACo82zHjPIO:8E8cqnwlnNmMDf/M82nIO
Score
3/10
Malware Config
Signatures
-
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/aim/bin/Debug/aim.exe unpack001/aim/obj/Debug/aim.exe
Files
-
fake dumper.zip.zip
-
.vs/aim/FileContentIndex/28ddf776-1673-4362-83d0-3c8afa802a2d.vsidx
-
.vs/aim/FileContentIndex/2a8842c2-8d5d-41f4-945d-4e3d9ef22c3c.vsidx
-
.vs/aim/FileContentIndex/4967b197-26e3-4a5a-b058-ba100f974b49.vsidx
-
.vs/aim/FileContentIndex/777bf9cd-fbaf-4a13-8755-2429f4f1041d.vsidx
-
.vs/aim/FileContentIndex/a2442b03-c8b3-455c-9f34-60239c1619ad.vsidx
-
.vs/aim/v17/.suo
-
.vs/aim/v17/DocumentLayout.json
-
XMLFile1.xml
-
aim.sln
-
aim/App.config
-
aim/Program.cs
-
aim/Properties/AssemblyInfo.cs
-
aim/aim.csproj
-
aim/app.manifest
-
aim/bin/Debug/aim.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
aim/bin/Debug/aim.exe.config
-
aim/bin/Debug/aim.pdb
-
aim/obj/Debug/.NETFramework,Version=v4.7.2.AssemblyAttributes.cs
-
aim/obj/Debug/DesignTimeResolveAssemblyReferencesInput.cache
-
aim/obj/Debug/aim.csproj.AssemblyReference.cache
-
aim/obj/Debug/aim.csproj.CoreCompileInputs.cache
-
aim/obj/Debug/aim.csproj.FileListAbsolute.txt
-
aim/obj/Debug/aim.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\Users\buste\source\repos\aim\New folder\aim\obj\Debug\aim.pdb
Imports
mscoree
_CorExeMain
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
aim/obj/Debug/aim.pdb
-
aim/packages.config
-
packages/System.IO.Compression.ZipFile.4.3.0/.signature.p7s
-
packages/System.IO.Compression.ZipFile.4.3.0/System.IO.Compression.ZipFile.4.3.0.nupkg.nupkg
-
packages/System.IO.Compression.ZipFile.4.3.0/ThirdPartyNotices.txt
-
packages/System.IO.Compression.ZipFile.4.3.0/dotnet_library_license.txt
-
packages/System.IO.Compression.ZipFile.4.3.0/lib/net46/System.IO.Compression.ZipFile.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
33:00:00:00:cb:d9:52:06:53:bf:3e:2a:59:00:00:00:00:00:cbCertificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07/09/2016, 17:58Not After07/09/2018, 17:58SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:5847-F761-4F70,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40Certificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/08/2016, 20:17Not After02/11/2017, 20:17SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:33:26:1a:00:00:00:00:00:31Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before31/08/2010, 22:19Not After31/08/2020, 22:29SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03/04/2007, 12:53Not After03/04/2021, 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before28/10/2015, 20:31Not After28/01/2017, 20:31SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
2b:e3:a3:2d:f8:71:76:9b:66:a7:70:02:ef:69:91:70:2e:1d:d6:c5:f3:f4:b4:cf:e9:62:5e:c5:de:66:cf:77Signer
Actual PE Digest2b:e3:a3:2d:f8:71:76:9b:66:a7:70:02:ef:69:91:70:2e:1d:d6:c5:f3:f4:b4:cf:e9:62:5e:c5:de:66:cf:77Digest Algorithmsha256PE Digest Matchestrue14:b0:8e:4d:e3:ae:df:ee:dd:e1:6b:b6:23:93:9d:2a:c5:d1:47:94Signer
Actual PE Digest14:b0:8e:4d:e3:ae:df:ee:dd:e1:6b:b6:23:93:9d:2a:c5:d1:47:94Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\A\_work\39\s\bin/obj/AnyOS.AnyCPU.Release/System.IO.Compression.ZipFile/net46\System.IO.Compression.ZipFile.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
packages/System.IO.Compression.ZipFile.4.3.0/lib/netstandard1.3/System.IO.Compression.ZipFile.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
33:00:00:00:ca:7d:32:16:7c:7e:fd:05:03:00:00:00:00:00:caCertificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07/09/2016, 17:58Not After07/09/2018, 17:58SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:728D-C45F-F9EB,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40Certificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/08/2016, 20:17Not After02/11/2017, 20:17SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:33:26:1a:00:00:00:00:00:31Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before31/08/2010, 22:19Not After31/08/2020, 22:29SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03/04/2007, 12:53Not After03/04/2021, 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before28/10/2015, 20:31Not After28/01/2017, 20:31SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:f0:f7:17:12:fb:26:4b:0a:0a:53:77:fb:fe:b3:98:25:d7:61:73:e0:aa:e6:b0:a3:79:a7:f1:00:d5:27:17Signer
Actual PE Digest07:f0:f7:17:12:fb:26:4b:0a:0a:53:77:fb:fe:b3:98:25:d7:61:73:e0:aa:e6:b0:a3:79:a7:f1:00:d5:27:17Digest Algorithmsha256PE Digest Matchestrue8a:04:22:59:8f:94:d8:af:bd:b6:23:d5:0c:d1:92:c7:5d:40:b7:f6Signer
Actual PE Digest8a:04:22:59:8f:94:d8:af:bd:b6:23:d5:0c:d1:92:c7:5d:40:b7:f6Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\A\_work\39\s\bin\obj\AnyOS.AnyCPU.Release\System.IO.Compression.ZipFile\System.IO.Compression.ZipFile.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 10KB - Virtual size: 10KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/net46/System.IO.Compression.ZipFile.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
33:00:00:00:cb:d9:52:06:53:bf:3e:2a:59:00:00:00:00:00:cbCertificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07/09/2016, 17:58Not After07/09/2018, 17:58SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:5847-F761-4F70,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40Certificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before18/08/2016, 20:17Not After02/11/2017, 20:17SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:33:26:1a:00:00:00:00:00:31Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before31/08/2010, 22:19Not After31/08/2020, 22:29SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03/04/2007, 12:53Not After03/04/2021, 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before28/10/2015, 20:31Not After28/01/2017, 20:31SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
2b:e3:a3:2d:f8:71:76:9b:66:a7:70:02:ef:69:91:70:2e:1d:d6:c5:f3:f4:b4:cf:e9:62:5e:c5:de:66:cf:77Signer
Actual PE Digest2b:e3:a3:2d:f8:71:76:9b:66:a7:70:02:ef:69:91:70:2e:1d:d6:c5:f3:f4:b4:cf:e9:62:5e:c5:de:66:cf:77Digest Algorithmsha256PE Digest Matchestrue14:b0:8e:4d:e3:ae:df:ee:dd:e1:6b:b6:23:93:9d:2a:c5:d1:47:94Signer
Actual PE Digest14:b0:8e:4d:e3:ae:df:ee:dd:e1:6b:b6:23:93:9d:2a:c5:d1:47:94Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\A\_work\39\s\bin/obj/AnyOS.AnyCPU.Release/System.IO.Compression.ZipFile/net46\System.IO.Compression.ZipFile.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/System.IO.Compression.ZipFile.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Code Sign
33:00:00:00:9c:ee:fe:14:55:a9:5d:35:50:00:00:00:00:00:9cCertificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before30/03/2016, 19:21Not After30/06/2017, 19:21SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:5847-F761-4F70,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0aCertificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before04/06/2015, 17:42Not After04/09/2016, 17:42SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:33:26:1a:00:00:00:00:00:31Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before31/08/2010, 22:19Not After31/08/2020, 22:29SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03/04/2007, 12:53Not After03/04/2021, 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before28/10/2015, 20:31Not After28/01/2017, 20:31SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
01:6c:de:6d:ce:ca:f3:95:a4:01:5d:86:3c:9b:d9:13:60:ee:9a:91:0c:5d:2e:3f:80:99:b1:f8:69:d3:d1:47Signer
Actual PE Digest01:6c:de:6d:ce:ca:f3:95:a4:01:5d:86:3c:9b:d9:13:60:ee:9a:91:0c:5d:2e:3f:80:99:b1:f8:69:d3:d1:47Digest Algorithmsha256PE Digest Matchestruef3:4b:c7:12:0d:f5:22:85:f3:cc:a9:ae:ca:e9:37:69:a4:3c:d9:76Signer
Actual PE Digestf3:4b:c7:12:0d:f5:22:85:f3:cc:a9:ae:ca:e9:37:69:a4:3c:d9:76Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
D:\A\_work\21\s\bin\obj\ref\System.IO.Compression.ZipFile\4.0.1.0\System.IO.Compression.ZipFile.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/de/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/es/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/fr/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/it/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/ja/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/ko/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/ru/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/zh-hans/System.IO.Compression.ZipFile.xml
-
packages/System.IO.Compression.ZipFile.4.3.0/ref/netstandard1.3/zh-hant/System.IO.Compression.ZipFile.xml