2024-08-20_5e0050075499d8eca7cb4d4821df726f_avoslocker_hijackloader_revil

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-20_5e0050075499d8eca7cb4d4821df726f_avoslocker_hijackloader_revil
Size

16.4MB
MD5

5e0050075499d8eca7cb4d4821df726f
SHA1

07abf1a9cd98241ef602180add90de8a885cb3db
SHA256

e6c2f96be9f392206ce783fa69b234c19068385ce4c4e05f2b75c8b2d342067b
SHA512

24540da362e45318d0a0339aea18834a6be24f91dcd340b6e08af728ce1a9cd2082bfc485c52f9e23ed65be70007bbb54fc124104abfe324840548217c1206b0
SSDEEP

393216:6kwjvyNIB2GOUsqRtPWtnwOal7gt/yo2:QmJqj+tnwOalkt/Q

Score

1^/10

Malware Config

Signatures

Files

2024-08-20_5e0050075499d8eca7cb4d4821df726f_avoslocker_hijackloader_revil
.exe windows:6 windows x86 arch:x86

c25e647e6c4c79b1901abeb2d8447fb9

Code Sign

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

16/04/2020, 18:36

Not After

16/04/2045, 18:44

Subject

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:3f:98:07:56:4b:d3:47:8a:e5:8f:00:00:00:00:3f:98
Certificate

Issuer

CN=Microsoft ID Verified CS EOC CA 02,O=Microsoft Corporation,C=US

Not Before

19/01/2024, 10:49

Not After

22/01/2024, 10:49

Subject

CN=G DATA CyberDefense AG,O=G DATA CyberDefense AG,L=Bochum,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:3f:98:07:56:4b:d3:47:8a:e5:8f:00:00:00:00:3f:98
Certificate

Issuer

CN=Microsoft ID Verified CS EOC CA 02,O=Microsoft Corporation,C=US

Not Before

19/01/2024, 10:49

Not After

22/01/2024, 10:49

Subject

CN=G DATA CyberDefense AG,O=G DATA CyberDefense AG,L=Bochum,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:05:fb:7a:5c:32:13:61:df:5d:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Not Before

13/04/2021, 17:31

Not After

13/04/2026, 17:31

Subject

CN=Microsoft ID Verified CS EOC CA 02,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

01/04/2021, 20:05

Not After

01/04/2036, 20:15

Subject

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

19/11/2020, 20:32

Not After

19/11/2035, 20:42

Subject

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:2f:28:35:21:b5:92:0b:e0:fa:00:00:00:00:00:2f
Certificate

Issuer

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Not Before

15/06/2023, 19:38

Not After

14/06/2024, 19:38

Subject

CN=Microsoft Public RSA Time Stamping Authority,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:4E89-9666-FFE7,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

26:19:a9:da:e3:8c:0c:93:4d:c6:75:e9:d4:71:b5:70
Certificate

Issuer

CN=G DATA CyberDefense AG

Not Before

10/03/2021, 11:26

Not After

31/12/2029, 23:00

Subject

CN=G DATA CyberDefense AG

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

63:89:08:c4:04:10:6e:d4:35:74:69:7b:08:6b:63:1d:15:03:71:e9:11:c0:c4:85:f7:f7:b1:71:45:95:0a:3e
Signer

Actual PE Digest

63:89:08:c4:04:10:6e:d4:35:74:69:7b:08:6b:63:1d:15:03:71:e9:11:c0:c4:85:f7:f7:b1:71:45:95:0a:3e

Digest Algorithm

sha256

PE Digest Matches

true

63:89:08:c4:04:10:6e:d4:35:74:69:7b:08:6b:63:1d:15:03:71:e9:11:c0:c4:85:f7:f7:b1:71:45:95:0a:3e
Signer

Actual PE Digest

63:89:08:c4:04:10:6e:d4:35:74:69:7b:08:6b:63:1d:15:03:71:e9:11:c0:c4:85:f7:f7:b1:71:45:95:0a:3e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\j\workspace\tupengine_release_1-production_2\bin\Release32v14x\GDSetup.pdb

Imports

ws2_32

getservbyname
closesocket
setsockopt
WSASetLastError
send
recv
socket
connect
getservbyport
gethostbyaddr
select
inet_addr
htons
htonl
__WSAFDIsSet
FreeAddrInfoW
GetAddrInfoW
WSAAddressToStringW
WSANtohs
inet_ntoa
WSAGetLastError
WSACleanup
gethostbyname
ntohs
gethostname
ioctlsocket
getsockname
bind
WSAStartup

kernel32

IsWow64Process
QueryFullProcessImageNameW
GetThreadId
GetThreadPriority
InterlockedPopEntrySList
CreateEventA
GetOverlappedResult
GetLogicalDrives
VerifyVersionInfoW
GetModuleFileNameA
DebugBreak
VerSetConditionMask
GetSystemTime
ConvertFiberToThread
ReadConsoleA
SetConsoleMode
DeleteFiber
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
ReadConsoleW
GetConsoleMode
GetConsoleOutputCP
EnumSystemLocalesW
IsValidLocale
LCMapStringW
SetConsoleCtrlHandler
SetEnvironmentVariableW
ExitProcess
GetCommandLineA
HeapQueryInformation
WriteConsoleW
GetFileType
GetStdHandle
VirtualQuery
VirtualAlloc
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedPushEntrySList
RtlUnwind
TryEnterCriticalSection
GetExitCodeThread
SwitchToThread
CloseHandle
SleepConditionVariableCS
InitOnceExecuteOnce
QueueUserWorkItem
LCMapStringEx
GetCPInfo
CompareStringEx
InitializeCriticalSectionEx
InitOnceComplete
InitOnceBeginInitialize
WakeConditionVariable
InitializeConditionVariable
TryAcquireSRWLockExclusive
QueryPerformanceFrequency
CreateSymbolicLinkW
GetFileInformationByHandleEx
CreateHardLinkW
CreateDirectoryExW
DeviceIoControl
AreFileApisANSI
SetFileInformationByHandle
GetFileInformationByHandle
FindFirstFileExW
GetStringTypeW
GetLocaleInfoEx
RaiseException
TerminateProcess
GetCurrentThreadId
OpenProcess
GetComputerNameExW
GetProcAddress
CreateToolhelp32Snapshot
Process32FirstW
FreeResource
GetSystemDirectoryA
CreateFileA
Process32NextW
GetFileAttributesW
RemoveDirectoryW
SetLastError
WaitForSingleObject
ProcessIdToSessionId
CopyFileExW
MoveFileExW
FileTimeToSystemTime
GetDateFormatW
PeekNamedPipe
OutputDebugStringW
WideCharToMultiByte
MultiByteToWideChar
FormatMessageW
FormatMessageA
LocalFree
FindResourceW
SizeofResource
LockResource
LoadResource
GetModuleHandleExW
GetModuleFileNameW
GetNativeSystemInfo
GetVersionExW
GetSystemTimeAsFileTime
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
Sleep
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
HeapReAlloc
GetLastError
HeapSize
InitializeCriticalSectionAndSpinCount
HeapFree
GetModuleHandleW
FindFirstFileA
FindNextFileA
GetTempPathA
GetCommandLineW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetUserDefaultLCID
GetFileTime
FindResourceExW
GetFullPathNameW
FlushFileBuffers
VirtualProtect
GetLocaleInfoW
GlobalFlags
SystemTimeToFileTime
lstrcmpA
LocalReAlloc
LocalAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SuspendThread
SetThreadPriority
CompareStringW
GlobalFindAtomW
GlobalAddAtomW
GlobalDeleteAtom
GetTimeFormatW
CreateFileW
EncodePointer
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
MulDiv
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
SetErrorMode
OutputDebugStringA
GetACP
IsBadReadPtr
LoadLibraryExW
UnmapViewOfFile
MapViewOfFileEx
CreateFileMappingW
GetSystemInfo
SetFileTime
SetFileAttributesW
GetTempFileNameW
SetFilePointer
GetFileSizeEx
SetCurrentDirectoryW
SetFilePointerEx
SetEndOfFile
OpenMutexA
CreateMutexA
GetDriveTypeW
GetWindowsDirectoryW
GetSystemDirectoryW
GetTempPathW
CreateDirectoryW
GetFileAttributesExW
ReadFile
GetFileSize
FreeLibrary
GetCurrentDirectoryW
CopyFileW
GetCurrentThread
CreateProcessW
GetExitCodeProcess
GetUserDefaultLangID
OpenMutexW
GetTickCount
LoadLibraryW
GlobalMemoryStatusEx
GetDiskFreeSpaceExW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
CreateMutexW
ReleaseMutex
MoveFileW
LoadLibraryA
GetModuleHandleA
ResumeThread
TerminateThread
GetCurrentProcessId
GetCurrentProcess
WaitForMultipleObjects
OpenEventW
CreateEventW
ResetEvent
SetEvent
DuplicateHandle
WriteFile
lstrcmpW

user32

wsprintfW
SendMessageW
ExitWindowsEx
MessageBoxW
LoadStringW
EnableWindow
GetWindowRect
SendDlgItemMessageA
GetClientRect
SetRectEmpty
OffsetRect
GetParent
GetSubMenu
IsWindow
ShowWindow
MoveWindow
SetWindowPos
GetDlgItem
PostQuitMessage
DestroyMenu
RealChildWindowFromPoint
GetWindowThreadProcessId
LoadCursorW
GetSysColorBrush
GetSystemMetrics
TranslateMessage
GetMessageW
GetDesktopWindow
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
GetMonitorInfoW
MonitorFromWindow
WinHelpW
LoadIconW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetLastActivePopup
GetTopWindow
GetClassNameW
GetClassLongW
PtInRect
MapWindowPoints
AdjustWindowRectEx
RemovePropW
GetPropW
SetPropW
GetScrollPos
RedrawWindow
ValidateRect
SetForegroundWindow
GetForegroundWindow
SetActiveWindow
UpdateWindow
SetMenu
GetMenu
GetCapture
GetKeyState
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
DefWindowProcW
PostMessageW
GetMessageTime
GetMessagePos
PeekMessageW
DispatchMessageW
RegisterWindowMessageW
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
CopyRect
GetSysColor
ScreenToClient
ClientToScreen
EndPaint
BeginPaint
ReleaseDC
GetDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowLongW
GetProcessWindowStation
GetUserObjectInformationW
GetWindowTextW
GetMenuItemCount
GetMenuItemID
SetWindowTextW
IsWindowEnabled
GetFocus
SetFocus
GetDlgCtrlID

gdi32

CreateDIBSection
ScaleWindowExtEx
ScaleViewportExtEx
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
GetObjectW
SetTextColor
SetMapMode
SetBkMode
SetBkColor
SelectObject
SaveDC
RestoreDC
RectVisible
PtVisible
GetStockObject
GetClipBox
Escape
DeleteObject
CreateCompatibleDC
CreateBitmap
GetDeviceCaps
DeleteDC

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

advapi32

OpenProcessToken
RegOpenKeyExW
RegQueryValueExW
DeregisterEventSource
RegQueryValueExA
RegOpenKeyW
RegFlushKey
QueryServiceStatusEx
QueryServiceConfig2W
QueryServiceConfigW
ChangeServiceConfig2W
ChangeServiceConfigW
StartServiceW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
CryptEnumProvidersW
CryptSignHashW
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptGenRandom
RegisterEventSourceW
ReportEventW
RegDeleteKeyW
RegEnumKeyW
RegEnumKeyExW
RegEnumValueW
CreateProcessAsUserW
ImpersonateLoggedOnUser
RevertToSelf
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
AdjustTokenPrivileges
CryptDecrypt
CryptExportKey
CryptDestroyKey
CryptGenKey
RegDeleteValueW
RegSetValueExW
SetEntriesInAclW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
CreateWellKnownSid
RegQueryInfoKeyW
IsWellKnownSid
GetSecurityInfo
ConvertStringSidToSidW
ConvertSidToStringSidW
RegUnLoadKeyW
RegSetKeySecurity
RegLoadKeyW
RegCreateKeyExW
LookupAccountSidW
MakeSelfRelativeSD
MakeAbsoluteSD
IsValidSid
InitializeSid
InitializeAcl
ImpersonateSelf
GetTokenInformation
GetSidSubAuthority
GetSidLengthRequired
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorLength
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorControl
GetLengthSid
GetAclInformation
GetAce
CopySid
AddAce
OpenThreadToken
SetThreadToken
LookupPrivilegeValueW
RegCloseKey

shell32

SHCreateDirectoryExA
SHGetFolderPathW
SHGetSpecialFolderPathW
ord165
ShellExecuteExW
ord680
SHGetSpecialFolderLocation
SHCreateDirectoryExW
SHGetPathFromIDListW
SHGetMalloc
ShellExecuteW

shlwapi

PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameW
PathIsDirectoryW
ord437
PathAddBackslashA
PathAppendA
PathFileExistsA
PathRemoveExtensionW
SHCreateStreamOnFileW
PathFileExistsW

ole32

CoInitialize
CoTaskMemAlloc
PropVariantClear
CoCreateInstance
CoTaskMemFree
CoCreateGuid
StringFromCLSID
CoInitializeSecurity
CoInitializeEx
CoUninitialize
StringFromGUID2

oleaut32

VariantChangeType
VariantClear
VariantInit
SysAllocStringLen
SysAllocStringByteLen
SysStringByteLen
SysFreeString
SysAllocString
SystemTimeToVariantTime
VariantCopyInd

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW
WTSQueryUserToken

userenv

DestroyEnvironmentBlock
UnloadUserProfile
CreateEnvironmentBlock

dbghelp

MiniDumpWriteDump

httpapi

HttpQueryServiceConfiguration
HttpTerminate
HttpInitialize

rpcrt4

RpcStringFreeW
UuidCreate
UuidToStringW
UuidFromStringW
UuidIsNil
UuidCreateNil

oleacc

LresultFromObject
CreateStdAccessibleObject

crypt32

CryptQueryObject
CertGetNameStringW
CryptMsgGetParam
CryptMsgClose
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CertEnumCertificatesInStore
CertGetCertificateContextProperty
CertOpenSystemStoreW
CertOpenStore
CertDuplicateCertificateContext

msimg32

AlphaBlend

netapi32

NetApiBufferFree
NetStatisticsGet

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

bcrypt

BCryptCloseAlgorithmProvider
BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptHashData
BCryptDestroyKey
BCryptEncrypt
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptFinishHash
BCryptDestroyHash
BCryptCreateHash
BCryptGenRandom
BCryptDuplicateHash

winhttp

WinHttpSetOption
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpSetCredentials
WinHttpSendRequest
WinHttpAddRequestHeaders
WinHttpOpenRequest
WinHttpQueryOption
WinHttpQueryDataAvailable
WinHttpWriteData
WinHttpReadData
WinHttpConnect
WinHttpCloseHandle
WinHttpOpen
WinHttpCrackUrl
WinHttpSetStatusCallback
WinHttpSetTimeouts

dnsapi

DnsQuery_W
DnsFree

setupapi

SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiDestroyDeviceInfoList

iphlpapi

GetAdaptersAddresses
GetBestInterfaceEx

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 303KB - Virtual size: 302KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 210KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c25e647e6c4c79b1901abeb2d8447fb9

Code Sign

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99Certificate

Key Usages

33:00:00:3f:98:07:56:4b:d3:47:8a:e5:8f:00:00:00:00:3f:98Certificate

Extended Key Usages

Key Usages

33:00:00:3f:98:07:56:4b:d3:47:8a:e5:8f:00:00:00:00:3f:98Certificate

Extended Key Usages

Key Usages

33:00:00:00:05:fb:7a:5c:32:13:61:df:5d:00:00:00:00:00:05Certificate

Key Usages

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07Certificate

Key Usages

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05Certificate

Extended Key Usages

Key Usages

33:00:00:00:2f:28:35:21:b5:92:0b:e0:fa:00:00:00:00:00:2fCertificate

Extended Key Usages

Key Usages

26:19:a9:da:e3:8c:0c:93:4d:c6:75:e9:d4:71:b5:70Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

63:89:08:c4:04:10:6e:d4:35:74:69:7b:08:6b:63:1d:15:03:71:e9:11:c0:c4:85:f7:f7:b1:71:45:95:0a:3eSigner

63:89:08:c4:04:10:6e:d4:35:74:69:7b:08:6b:63:1d:15:03:71:e9:11:c0:c4:85:f7:f7:b1:71:45:95:0a:3eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

shlwapi

ole32

oleaut32

wtsapi32

userenv

dbghelp

httpapi

rpcrt4

oleacc

crypt32

msimg32

netapi32

version

bcrypt

winhttp

dnsapi

setupapi

iphlpapi

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 1.4MB - Virtual size: 1.4MB

.data Size: 81KB - Virtual size: 162KB

.rsrc Size: 303KB - Virtual size: 302KB

.reloc Size: 210KB - Virtual size: 209KB

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

33:00:00:3f:98:07:56:4b:d3:47:8a:e5:8f:00:00:00:00:3f:98
Certificate

33:00:00:3f:98:07:56:4b:d3:47:8a:e5:8f:00:00:00:00:3f:98
Certificate

33:00:00:00:05:fb:7a:5c:32:13:61:df:5d:00:00:00:00:00:05
Certificate

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

33:00:00:00:2f:28:35:21:b5:92:0b:e0:fa:00:00:00:00:00:2f
Certificate

26:19:a9:da:e3:8c:0c:93:4d:c6:75:e9:d4:71:b5:70
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

63:89:08:c4:04:10:6e:d4:35:74:69:7b:08:6b:63:1d:15:03:71:e9:11:c0:c4:85:f7:f7:b1:71:45:95:0a:3e
Signer

63:89:08:c4:04:10:6e:d4:35:74:69:7b:08:6b:63:1d:15:03:71:e9:11:c0:c4:85:f7:f7:b1:71:45:95:0a:3e
Signer

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 1.4MB - Virtual size: 1.4MB

.data
Size: 81KB - Virtual size: 162KB

.rsrc
Size: 303KB - Virtual size: 302KB

.reloc
Size: 210KB - Virtual size: 209KB