a06364183b3634742ae95810e44cf68b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a06364183b3634742ae95810e44cf68b_JaffaCakes118
Size

961KB
MD5

a06364183b3634742ae95810e44cf68b
SHA1

213a94104e6b2dfb82c9237cf771379059f5bf13
SHA256

9595298da9157fcef570755f8c7fedacfd65b72beca4759ffc828ebdbd7e3fcd
SHA512

cdf53d5d5518563eae448f2f06bc15c615be1ea9f0bdcfee46f813434cedc652bf9037cbf707a6cd457a29c466da797296dfcadce1bc17886bed99b4a6f176b0
SSDEEP

24576:X6x6IES76q55hcYH1ORVExnfwJVIrF/oUoQ9b5cNSfkLwqkW8TBF0w+uPiUT:Tq53cYH1OR4WBQnGj8T784iUT

Score

1^/10

Malware Config

Signatures

Files

a06364183b3634742ae95810e44cf68b_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

fc1d4df883907de64fd3f58593fc90ac

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21/05/2009, 00:00

Not After

20/05/2019, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

26/01/2010, 00:00

Not After

25/01/2013, 23:59

Subject

CN=Tencent Technology(Shenzhen) Company Limited,OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Tencent Technology(Shenzhen) Company Limited,L=shenzhen,ST=guangdong,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

70:81:8a:c3:7e:8f:e5:61:ec:08:6e:61:ad:22:51:ea:1e:1b:5b:f6
Signer

Actual PE Digest

70:81:8a:c3:7e:8f:e5:61:ec:08:6e:61:ad:22:51:ea:1e:1b:5b:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\qqpcmgr_proj\QQPCMgr_Trojan\qqpcmgr_proj\Basic\Output\BinFinal\QMTrayPlugin\QMTrojanPlugin\QMTrojanPlugin.pdb

Imports

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

ws2_32

ntohl
htonl
htons

shlwapi

SHSetValueW
SHGetValueW
PathRemoveFileSpecW
PathFindFileNameW
PathAddBackslashW
PathAppendW
PathFileExistsW
StrCmpNIW

common

?QueryPluginCore@CoreCenter@Util@@YAHPA_WPAPAUITXPluginCore@@@Z
?ToLower@CTXBSTR@@QAEJXZ
?IsFileExist@FS@@YAHPB_W@Z
?SetTimeout@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?LoadStringW@TXStringBundle@@YAPB_WPB_W@Z
?GetLength@CTXStringW@@QBEHXZ
?Replace@CTXStringW@@QAEHPB_W0@Z
??0CTXStringW@@QAE@PA_W@Z
?CreateTXData@Data@Util@@YAHPAPAUITXData@@@Z
?GetFileHash@FS@Util@@YAHPB_WAAVCTXBuffer@@AAK@Z
?AddPlugin@CoreCenter@Util@@YAHPA_WPAUITXData@@@Z
?InitPluginFileSystem@Boot@Util@@YAHPA_W@Z
??0CTXBSTR@@QAE@ABV0@@Z
?InitPluginI18NConfig@Boot@Util@@YAHPA_W@Z
?InitPluginCoreConfig@Boot@Util@@YAHPA_W@Z
?InitPluginGFConfig@Boot@Util@@YAHPA_W@Z
?InitPluginModeConfig@Boot@Util@@YAHPA_W@Z
?EnablePlugin@CoreCenter@Util@@YAHPA_W@Z
?CreateTXBuffer@Data@Util@@YAHPAPAUITXBuffer@@@Z
?TXLog_DoTXLogVW@@YAXPAUtagLogObj@@PB_W1PAD@Z
??BCTXBSTR@@QBEPA_WXZ
??1CTXBSTR@@QAE@XZ
?Format@CTXStringW@@QAAXPB_WZZ
??H@YA?AVCTXStringW@@ABV0@0@Z
?RecordTransEnd@Perf@Util@@YAJ_JPB_WHH11H@Z
??0CTXStringW@@QAE@XZ
??4CTXStringW@@QAEAAV0@PB_W@Z
??BCTXStringW@@QBEPB_WXZ
?RecordTransBegin@Perf@Util@@YA_JPB_WHH00@Z
??0CTXStringW@@QAE@PB_W@Z
??H@YA?AVCTXStringW@@PB_WABV0@@Z
??H@YA?AVCTXStringW@@ABV0@PB_W@Z
??1CTXStringW@@QAE@XZ
?SetInterval@TXTimer@@YAHIPAUITXTimerCallback@@I@Z
?EraseTimerCallback@TXTimer@@YAHPAUITXTimerCallback@@I@Z
?GetPlatformCore@Core@Util@@YAHPAPAUITXCore@@@Z
?IsEmpty@CTXBSTR@@QAEHXZ
??ICTXBSTR@@QAEPAPA_WXZ
??0CTXBSTR@@QAE@PB_W@Z

kernel32

ReadConsoleInputW
FlushConsoleInputBuffer
ResumeThread
AllocConsole
SetThreadPriority
ReleaseMutex
FormatMessageW
GetPrivateProfileStringW
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
lstrcpynW
CreateMutexW
OpenMutexW
CreateProcessW
CreateEventW
ResetEvent
SetEvent
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
MoveFileW
GetThreadPriority
LocalFree
OpenFileMappingW
GetCommandLineW
GetLongPathNameW
ExpandEnvironmentStringsW
IsBadCodePtr
OpenEventW
GetSystemDirectoryW
GetVersionExW
ReadFile
GetSystemTime
GetSystemInfo
GetCurrentProcessId
SetFilePointer
WriteFile
FreeConsole
GetTempPathW
GetModuleHandleW
GetCurrentDirectoryW
WriteConsoleInputW
GetProcessHeap
HeapAlloc
GetTempPathA
GetFileAttributesA
AreFileApisANSI
DeleteFileA
InterlockedCompareExchange
UnlockFile
GetFullPathNameW
GetDiskFreeSpaceA
LockFile
GetFullPathNameA
UnlockFileEx
CreateFileA
GetSystemTimeAsFileTime
FormatMessageA
FlushFileBuffers
GetFileAttributesExW
MapViewOfFile
SetEndOfFile
LockFileEx
LoadLibraryA
CreateTimerQueueTimer
InitializeCriticalSectionAndSpinCount
CreateFileMappingA
OpenFileMappingA
InterlockedExchange
ChangeTimerQueueTimer
SwitchToThread
DeleteTimerQueueTimer
DuplicateHandle
SetLastError
VirtualQuery
GetSystemDefaultLangID
WriteConsoleW
MultiByteToWideChar
FillConsoleOutputCharacterW
CreatePipe
CopyFileW
IsDebuggerPresent
SetUnhandledExceptionFilter
TerminateProcess
HeapSize
HeapReAlloc
ScrollConsoleScreenBufferW
GetLocaleInfoA
GetACP
GetVersionExA
SetConsoleCtrlHandler
HeapFree
WaitForSingleObject
GetConsoleScreenBufferInfo
GetStdHandle
SetConsoleCursorPosition
SetConsoleTitleW
GetLocalTime
GetCurrentProcess
GetLastError
GetFileAttributesW
GetPrivateProfileIntW
LoadLibraryW
HeapDestroy
WideCharToMultiByte
GetDiskFreeSpaceW
CreateFileW
GetFileSize
DeviceIoControl
GetProcAddress
FreeLibrary
RaiseException
GetThreadLocale
SetThreadLocale
UnhandledExceptionFilter
CloseHandle
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleFileNameW
Sleep
InterlockedDecrement
InterlockedIncrement
lstrlenW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection

user32

GetForegroundWindow
IsIconic
GetWindowTextW
GetDesktopWindow
FindWindowA
GetSystemMetrics
IsWindowVisible
EnumWindows
GetLastInputInfo
GetMessageExtraInfo
MapVirtualKeyW
keybd_event
RedrawWindow
SendMessageW
ShowWindow
FindWindowW
IsWindow
MoveWindow
GetSystemMenu
RemoveMenu
MsgWaitForMultipleObjects
PeekMessageW
TranslateMessage
DispatchMessageW
GetWindowRect
GetCursorPos
PtInRect
SetWindowPos
UnregisterClassA
SendMessageTimeoutW
GetClassNameW

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
GetSecurityDescriptorSacl
SetSecurityDescriptorSacl
FreeSid
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegOpenKeyExA

shell32

ShellExecuteW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHOpenFolderAndSelectItems
ShellExecuteExW

ole32

CoInitialize
StgOpenStorage
CoUninitialize
CoCreateInstance
CoFreeUnusedLibrariesEx
StgIsStorageFile
CoTaskMemFree
StgCreateDocfile
CoCreateGuid

oleaut32

VariantInit
SysAllocStringLen
VariantClear
LoadRegTypeLi
SysStringLen
SysFreeString
VariantCopy
SysAllocString
LoadTypeLi

atl80

ord32
ord31
ord30
ord23
ord61
ord15
ord18
ord22
ord64
ord10
ord11

msvcp80

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
?setw@std@@YA?AU?$_Smanip@H@1@H@Z
??0?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@H@Z
??_D?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?str@?$basic_ostringstream@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@2@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@_W@Z
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?swap@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXAAV12@@Z
?compare@?$char_traits@D@std@@SAHPBD0I@Z
?copy@?$char_traits@D@std@@SAPADPADPBDI@Z
?compare@?$char_traits@_W@std@@SAHPB_W0I@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@_W@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?find_first_of@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?rfind@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??$?HDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
?copy@?$char_traits@_W@std@@SAPA_WPA_WPB_WI@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V32@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_WI@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
?npos@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@2IB
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEI_WI@Z
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@D@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@0@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@II@Z
??$?H_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@ABV10@PB_W@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ

comctl32

_TrackMouseEvent

msvcr80

isspace
_mbsstr
_mbslwr_s
strtoul
_wmkdir
_wstat64
isalnum
wcscpy_s
_wtoi
_wcsnicmp
wcstoul
wcsncat_s
wcschr
_mktime64
wcsnlen
wcsncat
wcsspn
wcscspn
memmove
realloc
_snprintf_s
tolower
swscanf_s
fread
_wfopen_s
strncmp
_vswprintf_c_l
wcscat_s
_snwscanf
rand
strncpy_s
_except_handler3
?_type_info_dtor_internal_method@type_info@@QAEXXZ
__clean_type_info_names_internal
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
?terminate@@YAXXZ
_except_handler4_common
_wsplitpath_s
_vsnprintf
strrchr
setlocale
_memicmp
_mbschr
strchr
isprint
_crt_debugger_hook
??3@YAXPAX@Z
memcpy_s
_CxxThrowException
memmove_s
wcsrchr
_wcslwr_s
_vscwprintf
vswprintf_s
_invalid_parameter_noinfo
free
swprintf_s
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
__CxxFrameHandler3
_purecall
??2@YAPAXI@Z
??0exception@std@@QAE@ABV01@@Z
??_V@YAXPAX@Z
calloc
_time64
malloc
_beginthreadex
wcsstr
_snwprintf
wcsncpy
wcsncpy_s
_localtime64_s
memset
_wcsicmp
memcpy
_snwprintf_s
printf
fflush
fwrite
_wfopen
fclose
_vsnwprintf_s

mfc80u

ord1908

gf

?RawCreateGFElementByXtml@GF@Util@@YAJPA_WPAPAUIGFElement@@PAU3@0@Z

netapi32

Netbios
NetWkstaTransportEnum
NetApiBufferFree

Exports

Exports

??4_Init_locks@std@@QAEAAV01@ABV01@@Z
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 716KB - Virtual size: 714KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc1d4df883907de64fd3f58593fc90ac

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0Certificate

Extended Key Usages

Key Usages

70:81:8a:c3:7e:8f:e5:61:ec:08:6e:61:ad:22:51:ea:1e:1b:5b:f6Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

ws2_32

shlwapi

common

kernel32

user32

advapi32

shell32

ole32

oleaut32

atl80

msvcp80

comctl32

msvcr80

mfc80u

gf

netapi32

Exports

Exports

Sections

.text Size: 716KB - Virtual size: 714KB

.rdata Size: 144KB - Virtual size: 142KB

.data Size: 32KB - Virtual size: 34KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 48KB - Virtual size: 46KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

5d:06:88:f9:04:0a:d5:22:87:fc:32:ad:ec:eb:85:b0
Certificate

70:81:8a:c3:7e:8f:e5:61:ec:08:6e:61:ad:22:51:ea:1e:1b:5b:f6
Signer

.text
Size: 716KB - Virtual size: 714KB

.rdata
Size: 144KB - Virtual size: 142KB

.data
Size: 32KB - Virtual size: 34KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 48KB - Virtual size: 46KB