a8fa79bc0942b875991e894770da08b2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a8fa79bc0942b875991e894770da08b2_JaffaCakes118
Size

1.8MB
MD5

a8fa79bc0942b875991e894770da08b2
SHA1

da56235623788211362c84330ab46cd5bb96bb54
SHA256

d2b71337e29541450d8ceef6b108f039d01e2907fdcd6f8ad1282ba525b7028c
SHA512

958565822b782bfa8e00d90cc075a53075d9b81390e35aa6725ae7d17a98fd2e6d7dcbaffb754b7fb27edb26e9dd6abc82b15e1658f7c038673083b865552dd7
SSDEEP

24576:nWBEbaVX114e8TZs6m5eVz1paE8mFf5xWqFrbvesqL9PkBnqQ+p/QznJaA+eA6v+:W7TAJaE8mBpHvZq52+p/Q7JAep+

Score

1^/10

Malware Config

Signatures

Files

a8fa79bc0942b875991e894770da08b2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

14ef07e1d44aaeddc06e70af95e68020

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

30:05:7d:6e:26:0d:0a:17:ff:ad:1b:da:f6:67:eb:f4
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

13/10/2017, 00:00

Not After

12/11/2019, 23:59

Subject

CN=Shanghai Oriental Webcasting Co. Ltd.,OU=IT,O=Shanghai Oriental Webcasting Co. Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4f:15:bf:0d:75:ea:66:90:38:08:05:c5:e4:5c:fa:82
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13/10/2017, 00:00

Not After

12/11/2019, 23:59

Subject

CN=Shanghai Oriental Webcasting Co. Ltd.,OU=IT,O=Shanghai Oriental Webcasting Co. Ltd.,L=Shanghai,ST=Shanghai,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

9b:f0:ae:a5:d3:e9:78:fd:ae:10:7f:28:6c:c8:6f:a9:5f:f9:fc:b5:94:ab:d2:87:ee:3f:c1:3c:e4:02:b7:d0
Signer

Actual PE Digest

9b:f0:ae:a5:d3:e9:78:fd:ae:10:7f:28:6c:c8:6f:a9:5f:f9:fc:b5:94:ab:d2:87:ee:3f:c1:3c:e4:02:b7:d0

Digest Algorithm

sha256

PE Digest Matches

true

37:45:4c:3d:28:58:37:48:d8:ba:54:e1:50:08:3b:c5:35:63:c2:9a
Signer

Actual PE Digest

37:45:4c:3d:28:58:37:48:d8:ba:54:e1:50:08:3b:c5:35:63:c2:9a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Jenkins\workspace\srf_develop\ShuRuFa\程序\Trunk\Bin\pdbmap\WanNengWB\Skinbox32.pdb

Imports

kernel32

GetThreadLocale
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
GetLocaleInfoW
SleepEx
GetCommandLineW
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetCurrentDirectoryA
GetFileInformationByHandle
FlushFileBuffers
SetFilePointer
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
GetStringTypeA
GetSystemDirectoryA
PeekNamedPipe
WaitForMultipleObjects
GetVersion
GlobalMemoryStatus
FlushConsoleInputBuffer
GetTempFileNameW
SetConsoleCtrlHandler
ExitThread
ReadConsoleInputA
SetConsoleMode
MapViewOfFile
CreateFileMappingW
OpenFileMappingW
UnmapViewOfFile
LoadLibraryA
IsBadReadPtr
VirtualProtect
VirtualFree
VirtualAlloc
Sleep
GetLongPathNameW
LockResource
ReleaseMutex
CreateMutexW
CreateFileA
OpenProcess
LocalFree
FormatMessageW
RemoveDirectoryW
MoveFileExW
CopyFileW
DeleteFileW
GlobalUnlock
GlobalLock
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetACP
HeapCreate
HeapDestroy
HeapSize
GetModuleFileNameA
SetLastError
TlsFree
GlobalAlloc
SetFileAttributesW
GetWindowsDirectoryW
GetTempPathW
GetTickCount
GetExitCodeProcess
WaitForSingleObject
FileTimeToSystemTime
ReadFile
ExpandEnvironmentStringsW
GetFileSize
LocalAlloc
GetModuleFileNameW
GetFileAttributesW
CreateToolhelp32Snapshot
QueryPerformanceCounter
QueryPerformanceFrequency
GetEnvironmentVariableW
GetVersionExW
Process32NextW
Process32FirstW
SetUnhandledExceptionFilter
SetErrorMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
CreateFileW
CreateDirectoryW
CloseHandle
CreateProcessW
GetPrivateProfileIntW
GetLocalTime
GetProcessHeap
HeapAlloc
HeapFree
GetProcAddress
GetStdHandle
WriteFile
WideCharToMultiByte
CreateThread
FindClose
FindNextFileW
FindFirstFileW
FindResourceW
SizeofResource
InterlockedDecrement
LoadResource
InterlockedIncrement
GetModuleHandleW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenW
FreeLibrary
MultiByteToWideChar
LoadLibraryExW
LoadLibraryW
lstrcmpiW
GetLastError
RaiseException
GetPrivateProfileStringW
WritePrivateProfileStringW
GetFullPathNameA
TlsSetValue
TlsAlloc
TlsGetValue
ExitProcess
GetModuleHandleA
GetCPInfo
LCMapStringW
LCMapStringA
RtlUnwind
GetStartupInfoW
GetVersionExA
GetDriveTypeA
MoveFileW
GetSystemTimeAsFileTime
FindFirstFileA
FileTimeToLocalFileTime
HeapReAlloc
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
InterlockedExchange

user32

FindWindowExW
GetWindowThreadProcessId
MessageBoxA
GetProcessWindowStation
GetUserObjectInformationW
UnregisterClassA
ShowWindow
FindWindowW
IsWindow
IsWindowVisible
CharNextW
DefWindowProcW
SendMessageW
PostThreadMessageW
PostMessageW
GetMessageW
GetWindowRect
GetWindowLongW
SetWindowLongW
GetDesktopWindow
GetMonitorInfoW
EnumDisplayMonitors
SystemParametersInfoW
CreateWindowExW
SetWindowPos
DestroyWindow
MoveWindow
LoadCursorW
RegisterClassExW
MessageBoxW
ClientToScreen
PostQuitMessage

gdi32

SetBkMode
DeleteDC
DeleteObject
SelectObject
CreateCompatibleDC
CreateDIBSection
GetTextExtentPoint32W

advapi32

ReportEventA
DeregisterEventSource
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegEnumKeyExW
RegQueryInfoKeyW
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
GetAce
EqualSid
AddAce
AddAccessAllowedAce
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
InitializeSecurityDescriptor
LookupAccountNameW
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
RegQueryValueExW
GetTokenInformation
LookupAccountSidW
OpenProcessToken
RegisterEventSourceA

shell32

ShellExecuteW
SHGetSpecialFolderPathW

ole32

CreateStreamOnHGlobal
CLSIDFromString
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
OleUninitialize
OleInitialize
CoUninitialize
CoInitialize
CoCreateInstance

oleaut32

VarUI4FromStr

duilib32

?GetTextStyle@CLabelUI@DuiLib@@QBEIXZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@PB_W@Z
?Close@CWindowWnd@DuiLib@@QAEXI@Z
?GetStyle@WindowImplBase@DuiLib@@UAEJXZ
??8CDuiString@DuiLib@@QBE_NPB_W@Z
?OnMouseMove@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnLButtonUp@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
??1CDuiString@DuiLib@@QAE@XZ
?OnLButtonDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
??0CDuiString@DuiLib@@QAE@PB_WH@Z
?OnSetFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnKillFocus@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?messageMap@CNotifyPump@DuiLib@@1UDUI_MSGMAP@2@B
?OnKeyDown@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnCreate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?Notify@WindowImplBase@DuiLib@@UAEXAAUtagTNotifyUI@2@@Z
?OnChar@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseHover@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnMouseWheel@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnGetMinMaxInfo@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcHitTest@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcPaint@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcCalcSize@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?Term@CPaintManagerUI@DuiLib@@SAXXZ
?MessageLoop@CPaintManagerUI@DuiLib@@SAXXZ
?GetHWND@CWindowWnd@DuiLib@@QBEPAUHWND__@@XZ
?CenterWindow@CWindowWnd@DuiLib@@QAEXXZ
?Create@CWindowWnd@DuiLib@@QAEPAUHWND__@@PAU3@PB_WKKHHHHPAUHMENU__@@@Z
?SetInstance@CPaintManagerUI@DuiLib@@SAXPAUHINSTANCE__@@@Z
?SetTextStyle@CLabelUI@DuiLib@@QAEXI@Z
?MessageHandler@WindowImplBase@DuiLib@@UAEJIIJAA_N@Z
?GetSuperClassName@CWindowWnd@DuiLib@@MBEPB_WXZ
?CreateControl@WindowImplBase@DuiLib@@UAEPAVCControlUI@2@PB_W@Z
?GetClassStyle@WindowImplBase@DuiLib@@UBEIXZ
?HandleMessage@WindowImplBase@DuiLib@@UAEJIIJ@Z
?OnFinalMessage@WindowImplBase@DuiLib@@UAEXPAUHWND__@@@Z
?ResponseDefaultKeyEvent@WindowImplBase@DuiLib@@MAEJI@Z
?GetZIPFileName@WindowImplBase@DuiLib@@UBE?AVCDuiString@2@XZ
?OnClose@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnDestroy@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
?OnNcActivate@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
??0WindowImplBase@DuiLib@@QAE@XZ
??BCDuiString@DuiLib@@QBEPB_WXZ
??0CDialogBuilder@DuiLib@@QAE@XZ
?Create@CDialogBuilder@DuiLib@@QAEPAVCControlUI@2@VSTRINGorID@2@PB_WPAVIDialogBuilderCallback@2@PAVCPaintManagerUI@2@PAV32@@Z
?FindSubControl@CContainerUI@DuiLib@@QAEPAVCControlUI@2@PB_W@Z
?ShowWindow@CWindowWnd@DuiLib@@QAEX_N0@Z
?OnClick@WindowImplBase@DuiLib@@MAEXAAUtagTNotifyUI@2@@Z
?GetResourceType@WindowImplBase@DuiLib@@UBE?AW4UILIB_RESOURCETYPE@2@XZ
??1CDialogBuilder@DuiLib@@QAE@XZ
?GetResourceID@WindowImplBase@DuiLib@@UBEPB_WXZ
?GetOptionGroup@CPaintManagerUI@DuiLib@@QAEPAVCStdPtrArray@2@PB_W@Z
?GetSize@CStdPtrArray@DuiLib@@QBEHXZ
?GetAt@CStdPtrArray@DuiLib@@QBEPAXH@Z
?GetFont@CLabelUI@DuiLib@@QBEHXZ
?GetPaintDC@CPaintManagerUI@DuiLib@@QBEPAUHDC__@@XZ
?GetFont@CPaintManagerUI@DuiLib@@QAEPAUHFONT__@@H@Z
?SetIcon@CWindowWnd@DuiLib@@QAEXI@Z
?ShowModal@CWindowWnd@DuiLib@@QAEIXZ
?GetLength@CDuiString@DuiLib@@QBEHXZ
?SendMessageW@CWindowWnd@DuiLib@@QAEJIIJ@Z
?GetFocus@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@XZ
?FindControl@CPaintManagerUI@DuiLib@@QBEPAVCControlUI@2@UtagPOINT@@@Z
?IsSelected@COptionUI@DuiLib@@QBE_NXZ
?SetBkImage@CControlUI@DuiLib@@QAEXPB_W@Z
?OnSysCommand@WindowImplBase@DuiLib@@UAEJIIJAAH@Z
??1WindowImplBase@DuiLib@@UAE@XZ

gdiplus

GdipDrawImageRectRectI
GdipGetImageHeight
GdipGetImageWidth
GdipDeleteGraphics
GdipCloneImage
GdipCreateFromHDC
GdipDisposeImage
GdipCreateBitmapFromStream
GdipFree
GdipAlloc

shlwapi

PathFileExistsW

ws2_32

sendto
recvfrom
getservbyport
gethostbyaddr
shutdown
htons
getsockopt
getpeername
WSACleanup
WSAStartup
WSAGetLastError
closesocket
socket
recv
send
getsockname
ntohs
accept
listen
__WSAFDIsSet
select
ioctlsocket
gethostname
setsockopt
connect
getservbyname
htonl
inet_addr
gethostbyname
inet_ntoa
WSASetLastError
bind

urlmon

URLDownloadToFileW

psapi

GetModuleFileNameExW

wininet

HttpQueryInfoW
InternetCloseHandle
InternetOpenW
InternetSetOptionW
InternetOpenUrlW
InternetReadFile

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 312KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 364KB - Virtual size: 361KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

14ef07e1d44aaeddc06e70af95e68020

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

30:05:7d:6e:26:0d:0a:17:ff:ad:1b:da:f6:67:eb:f4Certificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

4f:15:bf:0d:75:ea:66:90:38:08:05:c5:e4:5c:fa:82Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

9b:f0:ae:a5:d3:e9:78:fd:ae:10:7f:28:6c:c8:6f:a9:5f:f9:fc:b5:94:ab:d2:87:ee:3f:c1:3c:e4:02:b7:d0Signer

37:45:4c:3d:28:58:37:48:d8:ba:54:e1:50:08:3b:c5:35:63:c2:9aSigner

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

duilib32

gdiplus

shlwapi

ws2_32

urlmon

psapi

wininet

Exports

Exports

Sections

.text Size: 1.1MB - Virtual size: 1.1MB

.rdata Size: 312KB - Virtual size: 310KB

.data Size: 44KB - Virtual size: 80KB

.rsrc Size: 364KB - Virtual size: 361KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

30:05:7d:6e:26:0d:0a:17:ff:ad:1b:da:f6:67:eb:f4
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

4f:15:bf:0d:75:ea:66:90:38:08:05:c5:e4:5c:fa:82
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

9b:f0:ae:a5:d3:e9:78:fd:ae:10:7f:28:6c:c8:6f:a9:5f:f9:fc:b5:94:ab:d2:87:ee:3f:c1:3c:e4:02:b7:d0
Signer

37:45:4c:3d:28:58:37:48:d8:ba:54:e1:50:08:3b:c5:35:63:c2:9a
Signer

.text
Size: 1.1MB - Virtual size: 1.1MB

.rdata
Size: 312KB - Virtual size: 310KB

.data
Size: 44KB - Virtual size: 80KB

.rsrc
Size: 364KB - Virtual size: 361KB