a5024c4eafc670034b24d8d7defeff1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5024c4eafc670034b24d8d7defeff1a_JaffaCakes118
Size

1.0MB
MD5

a5024c4eafc670034b24d8d7defeff1a
SHA1

93356e0d0c510ba92a726cd230b5f8be62c06eb2
SHA256

345710e9a90d9abfc606677bf95a2fab922f780140451509fc9fa00d85e664e7
SHA512

1141a030a780a524c04dd11db646f9123b812bf04cecc17f1349be968f640ae4903fe90091783d054cd75143536c14349721016bf148c2c1bd68fcf69105eb70
SSDEEP

24576:tjHWorr83SXcrB85aKXxCNGWSVBOQPhhJdhBFd:hHjr83paUoOIBOsfJTjd

Score

1^/10

Malware Config

Signatures

Files

a5024c4eafc670034b24d8d7defeff1a_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

64c0d8f54dae01f55466ffbbcf4977d2

Code Sign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:55:97:77:4a:95:5f:38:ab:aa:9e:39:fb:18:f6:7c
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/07/2019, 00:00

Not After

22/07/2022, 12:00

Subject

CN=Beijing Rising Network Security Technology Co.\, Ltd.,O=Beijing Rising Network Security Technology Co.\, Ltd.,L=北京,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/02/2011, 12:00

Not After

10/02/2026, 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:2e:01:aa:9d:c5:06:97:bf:a9:92:7c:21:84:b4:59
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/07/2019, 00:00

Not After

22/07/2022, 12:00

Subject

CN=Beijing Rising Network Security Technology Co.\, Ltd.,O=Beijing Rising Network Security Technology Co.\, Ltd.,L=北京,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3b:35:36:71:f5:3c:34:e3:35:f9:ce:95:51:5a:b6:c4:46:ec:5a:cf:63:5a:9e:7c:a1:9a:1d:43:d1:f9:27:74
Signer

Actual PE Digest

3b:35:36:71:f5:3c:34:e3:35:f9:ce:95:51:5a:b6:c4:46:ec:5a:cf:63:5a:9e:7c:a1:9a:1d:43:d1:f9:27:74

Digest Algorithm

sha256

PE Digest Matches

true

42:bc:41:5a:24:67:e2:c5:1a:ff:ed:9c:d3:97:d5:6f:8f:75:44:d9
Signer

Actual PE Digest

42:bc:41:5a:24:67:e2:c5:1a:ff:ed:9c:d3:97:d5:6f:8f:75:44:d9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\DistributedAutoLink\Temp\CompileOutputDir\filemon.pdb

Imports

syslay

GrpMsgW

netapi32

NetApiBufferFree
NetUserEnum
NetShareEnum

sfc

SfcIsFileProtected

kernel32

CreateEventW
CloseHandle
ResetEvent
ResumeThread
WaitForSingleObject
TerminateThread
SetEvent
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WaitForMultipleObjects
FindClose
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
SetLastError
GetFullPathNameW
FindFirstFileW
lstrcpyW
lstrlenW
FindNextFileW
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
GetLocalTime
GetCurrentThreadId
GetLogicalDriveStringsW
GetDriveTypeW
InterlockedIncrement
InterlockedDecrement
CreateFileW
DeviceIoControl
GetFileAttributesW
lstrlenA
GetModuleHandleA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
lstrcatW
LoadLibraryW
FreeLibrary
GetFileSize
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetTickCount
WritePrivateProfileStringW
GetPrivateProfileStringW
OutputDebugStringW
OpenProcess
ReadProcessMemory
GetCurrentProcess
IsDebuggerPresent
CreateToolhelp32Snapshot
Module32FirstW
GetLongPathNameW
GetWindowsDirectoryW
OutputDebugStringA
GetEnvironmentVariableW
GetVersionExW
GetFileAttributesA
GetCurrentProcessId
ProcessIdToSessionId
CreateDirectoryW
CopyFileW
CreateProcessW
GetShortPathNameW
DeleteFileW
GetLastError
MoveFileExW
GetUserDefaultLangID
GetVersion
GetSystemDirectoryW
LocalAlloc
LocalFree
GetFileAttributesExW
ExpandEnvironmentStringsW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
SetEndOfFile
SystemTimeToFileTime
QueryPerformanceCounter
InterlockedCompareExchange
UnlockFile
LockFile
UnlockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
Sleep
FormatMessageW
HeapValidate
ReadFile
FlushFileBuffers
GetTempPathW
HeapSize
LockFileEx
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingA
GetDiskFreeSpaceA
GetSystemInfo
GetVersionExA
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
GetEnvironmentVariableA
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedExchange
QueryDosDeviceW
RaiseException

user32

RegisterDeviceNotificationW
UnregisterDeviceNotification

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueExW
OpenProcessToken
RegOpenKeyExW
LookupAccountSidW
GetTokenInformation

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW

oleaut32

SysFreeString
VariantTimeToSystemTime
VariantClear
VariantInit
SystemTimeToVariantTime

shlwapi

PathRemoveFileSpecW
PathAddBackslashW
PathAppendW
PathFileExistsW
wnsprintfW

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

msvcp90

?empty@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE_NXZ
?data@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
?resize@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXI@Z
?data@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?resize@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXI@Z
??0?$allocator@D@std@@QAE@XZ
??0?$_String_val@DV?$allocator@D@std@@@std@@IAE@V?$allocator@D@1@@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IAEX_NI@Z
?_Tidy@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEX_NI@Z
??0?$allocator@_W@std@@QAE@XZ
??0?$_String_val@_WV?$allocator@_W@std@@@std@@IAE@V?$allocator@_W@1@@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ID@Z
?assign@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHPBD@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBD@Z
?clear@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
??A?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAADI@Z
?push_back@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXD@Z
?size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHABV12@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??$?M_WU?$char_traits@_W@std@@V?$allocator@_W@1@@std@@YA_NABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@0@0@Z
?swap@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXAAV12@@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
?clear@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEXXZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@I_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@ABV01@@Z
?_Myptr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@IAEPA_WXZ
?find@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIPB_WI@Z
?size@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEIXZ
?c_str@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBEPB_WXZ
?begin@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@XZ
?replace@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@IIPB_W@Z
?erase@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE?AV?$_String_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@V?$_String_const_iterator@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@2@0@Z
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
?append@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV12@PB_W@Z
??Y?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@PB_W@Z
??$?MDU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z

msvcr90

__clean_type_info_names_internal
__dllonexit
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_encode_pointer
_lock
_onexit
_decode_pointer
_CxxThrowException
?terminate@@YAXXZ
_malloc_crt
_encoded_null
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_except_handler4_common
_crt_debugger_hook
floor
memcpy
__CxxFrameHandler3
_itoa
_strlwr
??3@YAXPAX@Z
_beginthreadex
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABQBDH@Z
memcpy_s
memmove_s
??0exception@std@@QAE@XZ
wcsstr
wcsrchr
wcsnlen
_invalid_parameter_noinfo
??0exception@std@@QAE@ABV01@@Z
??2@YAPAXI@Z
?what@exception@std@@UBEPBDXZ
vswprintf_s
_vscwprintf
malloc
free
_wcsupr_s
_purecall
??_V@YAXPAX@Z
wcscpy_s
wcsncpy
wcsncpy_s
_wtoi
wcschr
swscanf_s
_wcsicmp
swprintf_s
_time64
ceil
_snwscanf_s
_itow_s
_vsnprintf
_vsnwprintf
wcscat_s
_wcslwr
swscanf
strcat_s
_wcsnicmp
_wcslwr_s
isalpha
_localtime64_s
wcsftime
_atoi64
wcsncat_s
iswspace
atoi
atof
sprintf
_wcsupr
memmove
strncmp
_msize
realloc
strcpy_s
rand
printf
calloc
_recalloc
strnlen
_itow
memset
_unlock

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW

psapi

GetProcessImageFileNameW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 892KB - Virtual size: 892KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

64c0d8f54dae01f55466ffbbcf4977d2

Code Sign

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

0d:55:97:77:4a:95:5f:38:ab:aa:9e:39:fb:18:f6:7cCertificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

05:2e:01:aa:9d:c5:06:97:bf:a9:92:7c:21:84:b4:59Certificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

3b:35:36:71:f5:3c:34:e3:35:f9:ce:95:51:5a:b6:c4:46:ec:5a:cf:63:5a:9e:7c:a1:9a:1d:43:d1:f9:27:74Signer

42:bc:41:5a:24:67:e2:c5:1a:ff:ed:9c:d3:97:d5:6f:8f:75:44:d9Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

syslay

netapi32

sfc

kernel32

user32

advapi32

shell32

oleaut32

shlwapi

wtsapi32

msvcp90

msvcr90

setupapi

psapi

version

Exports

Exports

Sections

.text Size: 892KB - Virtual size: 892KB

.rdata Size: 98KB - Virtual size: 98KB

.data Size: 31KB - Virtual size: 34KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 24KB - Virtual size: 24KB

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0d:55:97:77:4a:95:5f:38:ab:aa:9e:39:fb:18:f6:7c
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

05:2e:01:aa:9d:c5:06:97:bf:a9:92:7c:21:84:b4:59
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

3b:35:36:71:f5:3c:34:e3:35:f9:ce:95:51:5a:b6:c4:46:ec:5a:cf:63:5a:9e:7c:a1:9a:1d:43:d1:f9:27:74
Signer

42:bc:41:5a:24:67:e2:c5:1a:ff:ed:9c:d3:97:d5:6f:8f:75:44:d9
Signer

.text
Size: 892KB - Virtual size: 892KB

.rdata
Size: 98KB - Virtual size: 98KB

.data
Size: 31KB - Virtual size: 34KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 24KB - Virtual size: 24KB