b4f6dcac567a1f7ee68b2c40571d6d79_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4f6dcac567a1f7ee68b2c40571d6d79_JaffaCakes118
Size

3.3MB
MD5

b4f6dcac567a1f7ee68b2c40571d6d79
SHA1

396c82d37bb32966efb0f65e13f9138d5c834385
SHA256

df2072633d712c93a1fe5a499a234c8be1fae042ba38eede15f24b24d337b9c7
SHA512

f1740c518edcd2110f3944c789979d9f695db21869eb862469d63d61c710079f04634ed780bcefe1df5f02e47049d8a4783767020c3ee2556949f1b12add7744
SSDEEP

49152:pTeDRwlsr4a1blNLhZnc1iiGlqd8qoxcO6z5WIQieNa:B454RoJm

Score

1^/10

Malware Config

Signatures

Files

b4f6dcac567a1f7ee68b2c40571d6d79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

43c0a16f2bff2b5816b5fbc90e33c54c

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5a:bd:fa:cf:e2:8a:34:46
Certificate

Issuer

CN=Apple Worldwide Developer Relations Certification Authority,OU=Apple Worldwide Developer Relations,O=Apple Inc.,C=US

Not Before

11/08/2020, 09:47

Not After

11/08/2021, 09:47

Subject

CN=iPhone Distribution: VNG SINGAPORE PTE LTD (5DTU4K85Q7),OU=5DTU4K85Q7,O=VNG SINGAPORE PTE LTD,C=SG,0.9.2342.19200300.100.1.1=#130a35445455344b38355137

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

f0:d2:40:f0:f1:79:88:5f:f2:5b:a8:ab:dc:83:8d:60:6c:91:69:92
Signer

Actual PE Digest

f0:d2:40:f0:f1:79:88:5f:f2:5b:a8:ab:dc:83:8d:60:6c:91:69:92

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
SetEvent
InterlockedIncrement
LocalFree
lstrlenA
MultiByteToWideChar
FormatMessageA
SetLastError
GetExitCodeThread
WaitForSingleObject
CreateEventA
CreateThread
ResetEvent
DeleteCriticalSection
CreateSemaphoreA
AllocConsole
GetModuleFileNameA
FreeConsole
CloseHandle
GetVersion
FindFirstFileA
SetFileAttributesA
FindNextFileA
FindClose
WaitForMultipleObjects
MulDiv
InterlockedDecrement
SystemTimeToTzSpecificLocalTime
FreeLibrary
GetTickCount
Sleep
EnterCriticalSection
TryEnterCriticalSection
LeaveCriticalSection
LoadLibraryA
GetProcAddress
InitializeCriticalSection
DeleteFileA
GetVersionExA
GetLastError
InterlockedExchange
GetPrivateProfileIntA
GlobalAlloc
GlobalLock
GlobalUnlock
GetTempPathA
GetTempFileNameA
GetStartupInfoA
GetModuleHandleA
CreateFileMappingA
MapViewOfFile
GetCurrentProcessId
CreateMutexA
OpenMutexA
VirtualProtect
LoadLibraryW
VirtualFreeEx
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
SetThreadContext
FlushInstructionCache
VirtualProtectEx
ResumeThread
GetThreadContext
GetProcessTimes
UnmapViewOfFile
RemoveDirectoryA
OutputDebugStringA

user32

EnableWindow
CloseClipboard
EmptyClipboard
GetClipboardData
OpenClipboard
SetClipboardData
GetKeyState
GetCursorPos
GetWindowTextA
ShowWindow
InSendMessage
SetCursorPos
SetCapture
ReleaseCapture
RegisterClassExA
DestroyWindow
SetWindowTextA
IsWindow
GetClientRect
LoadIconA
SetFocus
GetSystemMetrics
GetAsyncKeyState
ClientToScreen
wsprintfA
SetWindowPos
CreateWindowExA
SendMessageA
ShowCursor
LoadCursorFromFileA
LoadCursorA
SetCursor
GetMessagePos
InvalidateRect
BringWindowToTop
CopyRect
MoveWindow
ReleaseDC
GetDC
FlashWindow
IsIconic
ScreenToClient
DefWindowProcA
MessageBoxA

gdi32

GetStockObject
GetDeviceCaps
RealizePalette
SelectPalette

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
RegCloseKey

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

OleInitialize
StgCreateDocfile
OleSave
OleCreate
OleSetContainedObject
OleUninitialize

oleaut32

SysFreeString
SysAllocString
VariantClear

winmm

timeGetTime

shlwapi

PathFileExistsA

lualibdll

lua_typename
lua_isstring
lua_isnumber
lua_tonumber
lua_gettop
lua_tostring
lua_type
lua_pushnumber
lua_pushstring

engine

?g_DebugLog@@YAXPADZZ
?GetElapse@KTimer@@QAEKXZ
?Close@KPakList@@QAEXXZ
?g_SetRootPath@@YAXPAD@Z
?g_SetFilePath@@YAXPAD@Z
?Open@KPakList@@QAE_NPBD@Z
?Start@KTimer@@QAEXXZ
?SetMouseHoverTime@KWin32App@@QAEXI@Z
?Init@KDirectSound@@QAEHXZ
?SetLoadPercent@KWin32App@@QAEXH@Z
??0KWin32App@@QAE@XZ
??0KMusic@@QAE@XZ
??0KMemClass@@QAE@XZ
??_7KMp3Music@@6B@
??0KDirectSound@@QAE@XZ
??0KTimer@@QAE@XZ
?InitClass@KWin32App@@MAEHPAUHINSTANCE__@@@Z
?InitWindow@KWin32App@@MAEHPAUHINSTANCE__@@@Z
?ShowMouse@KWin32App@@UAEXH@Z
?SetMultiGame@KWin32App@@UAEXH@Z
?MsgProc@KWin32App@@UAEJPAUHWND__@@IIJ@Z
?Init@KWin32App@@UAEHPAUHINSTANCE__@@PAD_N@Z
?CloseLoadDlg@KWin32App@@QAEXXZ
?Run@KWin32App@@UAEXXZ
??1KPakList@@QAE@XZ
??0KPakList@@QAE@XZ
??1KDirectSound@@QAE@XZ
??1KMemClass@@QAE@XZ
??1KMusic@@UAE@XZ
??1KMp3Music@@UAE@XZ
?g_pIme@@3PAVKIme@@A
?TurnOn@KIme@@QAEXXZ
?LoadBuffer@KLuaScript@@QAEHPAEK@Z
?ExecuteCode@KLuaScript@@QAEHXZ
?Tell@KPakFile@@QAEKXZ
?LoadModule@KLuaModuleScript@@QAEHPAD@Z
?g_StrLen@@YAHPBD@Z
?FindRow@KTabFile@@UAEHPAD@Z
?release_image@@YAXPAUKSGImageContent@@@Z
?get_jpg_image@@YAPAUKSGImageContent@@QBDI@Z
?GetNextKey@KIniFile@@QAEHPBD0PAD@Z
?GetRect@KIniFile@@QAEXPBD0PAUtagRECT@@@Z
EDOneTimePad_Encipher
?GetFloat@KTabFile@@UAEHHPADMPAM@Z
?g_StrCpy@@YAXPADPBD@Z
?g_StrCmp@@YAHPBD0@Z
?Remove@KLinkArray@@QAEXH@Z
?Seek@KPakFile@@QAEKHI@Z
?Init@KLinkArray@@QAEXH@Z
?Insert@KLinkArray@@QAEXH@Z
??1KLinkArray@@QAE@XZ
?SetPan@KWavSound@@QAEXH@Z
?SetVolume@KWavSound@@QAEXH@Z
?g_StrLower@@YAXPAD@Z
?Stop@KWavSound@@QAEXXZ
?g_HashStr2Id@@YAKPAD@Z
?SetGlobalName@KLuaScript@@QAEXPAD@Z
?g_GetRandomSeed@@YAIXZ
?g_szCurrentExeScript@@3PADA
?Init@KCache@@UAEXH@Z
?Exit@KLuaScript@@UAEXXZ
?Reload@KScript@@UAEHPAD@Z
?Compile@KLuaScript@@UAEHPAD@Z
?Execute@KLuaScript@@UAEHXZ
?CanReload@KLuaScript@@UAEHPADH@Z
?SetScriptName@KLuaScript@@UAEXPAD@Z
??1KSoundCache@@QAE@XZ
??0KSoundCache@@QAE@XZ
?RegisterFunction@KLuaScript@@UAEHPADPAX@Z
?GetNode@KCache@@UAEPAVKCacheNode@@PADPAV2@@Z
?IsPlaying@KWavSound@@QAEHXZ
?Play@KWavSound@@QAEXHHH@Z
?Load@KLuaScript@@UAEHPAD@Z
?Init@KLuaScript@@UAEHXZ
?RegisterFunctions@KLuaScript@@QAEHQAUTLua_Funcs@@H@Z
??1KLuaScript@@UAE@XZ
??0KLuaScript@@QAE@XZ
?KSG_StringSkipSymbol@@YA_NPAPBDH@Z
?KSG_StringGetInt@@YAHPAPBDH@Z
?GetInteger@KTabFile@@UAEHHPADHPAH@Z
??0KTabFile@@QAE@XZ
?Load@KTabFile@@UAEHPAD@Z
?GetString@KTabFile@@UAEHHPAD00K@Z
?g_RandomSeed@@YAXI@Z
?GetInteger@KTabFile@@UAEHPAD0HPAH@Z
EDOneTimePad_Decipher
?g_StrCat@@YAXPADPBD@Z
?g_StrCpyLen@@YAXPADPBDH@Z
?SafeCallBegin@KLuaScript@@QAEXPAH@Z
?CallFunction@KLuaScript@@UAAHPBDHPADZZ
?SafeCallEnd@KLuaScript@@QAEXH@Z
?GetString@KTabFile@@UAEHPAD000K@Z
?FindColumn@KTabFile@@UAEHPAD@Z
?GetInteger@KTabFile@@UAEHHHHPAH@Z
?GetString@KTabFile@@UAEHHHPAD0K@Z
?Clear@KTabFile@@UAEXXZ
??1KTabFile@@UAE@XZ
?g_555To565@@YAXHHPAX@Z
?g_Random@@YAII@Z
?Exit@KDirectSound@@QAEXXZ
?EraseKey@KIniFile@@QAEXPBD0@Z
?Open@KFile@@QAEHPAD@Z
?Size@KFile@@QAEKXZ
?Seek@KFile@@QAEKJK@Z
?Read@KFile@@QAEKPAXK@Z
?Append@KFile@@QAEHPAD@Z
?g_FileExists@@YAHPAD@Z
?g_UnitePathAndName@@YAXPAD00@Z
?WriteFloat@KIniFile@@QAEXPBD0M@Z
?GetFloat@KIniFile@@QAEHPBD0MPAM@Z
?Clear@KIniFile@@QAEXXZ
?GetNextSection@KIniFile@@QAEHPBDPAD@Z
?GetString@KIniFile@@QAEHPBD00PADK@Z
?GetInteger@KIniFile@@QAEHPBD0HPAH@Z
??1KIniFile@@QAE@XZ
?GetInteger2@KIniFile@@QAEHPBD0PAH1@Z
?Load@KIniFile@@QAEHPBD@Z
??0KIniFile@@QAE@XZ
?g_GetDrawHWnd@@YAPAUHWND__@@XZ
?WriteInteger@KIniFile@@QAEXPBD0H@Z
TEncodeText
TFindSpecialCtrlInEncodedText
TGetEncodedTextLineCount
?g_CreatePath@@YAXPAD@Z
AdviseEngine
UnAdviseEngine
?g_FileName2Id@@YAKPAD@Z
??1KPakFile@@QAE@XZ
??1KFile@@QAE@XZ
?Close@KFile@@QAEXXZ
?Close@KPakFile@@QAEXXZ
?Read@KPakFile@@QAEKPAXI@Z
?Write@KFile@@QAEKPAXK@Z
?Size@KPakFile@@QAEKXZ
?Open@KPakFile@@QAEHPBD@Z
?Create@KFile@@QAEHPAD@Z
??0KFile@@QAE@XZ
??0KPakFile@@QAE@XZ
?g_GetMainHWnd@@YAPAUHWND__@@XZ
??0KIme@@QAE@XZ
??1KIme@@QAE@XZ
?OpenIME@KIme@@QAEXXZ
?EnableLanguageChange@KIme@@QAEXXZ
?CloseIME@KIme@@QAEXXZ
?DisableLanguageChange@KIme@@QAEXXZ
?IsIme@KIme@@QAEHXZ
TClearSpecialCtrlInEncodedText
TSplitString
?SetCaretPos@KIme@@QAEXHH@Z
TGetLimitLenString
TRemoveCtrlInEncodedText
?g_GetAppInstance@@YAPAUHINSTANCE__@@XZ
?g_GetRootPath@@YAXPAD@Z
?KSG_StringToMD5String@@YAHQADQBD@Z
?Save@KIniFile@@QAEHPBD@Z
?g_GetFullPath@@YAXPAD0@Z
?UCL_Compress@@YAXPBEIPAEPAIH@Z
?IsSectionExist@KIniFile@@QAEHPBD@Z
TFindStr
TFindChar
?UCL_DeCompress@@YAXPBEIPAEPAIPAX@Z
TTransLinkToPureText
?WriteString@KIniFile@@QAEXPBD00@Z
?GetStruct@KIniFile@@QAEXPBD0PAXK@Z
?WriteStruct@KIniFile@@QAEXPBD0PAXK@Z
TSplitEncodedString
?g_ScreenToClient@@YAXPAUtagPOINT@@@Z

comctl32

_TrackMouseEvent

represent2

CreateRepresentShell

netapi32

Netbios

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
??1type_info@@UAE@XZ
_onexit
__dllonexit
?terminate@@YAXXZ
_except_handler3
_mbsspn
_mbscspn
_mbsnbcmp
_mbsstr
_mbschr
_ismbcalpha
isalpha
_CIpow
toupper
_findfirst
_strupr
_findnext
_findclose
strtok
_strlwr
_timezone
printf
ctime
exit
fprintf
sscanf
strrchr
_mbsicmp
isgraph
strstr
_assert
isalnum
ceil
fread
fseek
atof
_ui64toa
mktime
strchr
atoi
malloc
memmove
isspace
tolower
_purecall
localtime
strftime
free
strncpy
_ftol
strncat
sprintf
??2@YAPAXI@Z
time
srand
rand
??3@YAXPAX@Z
__CxxFrameHandler
fopen
fwrite
fclose
memchr
strncmp
_beginthreadex
_CxxThrowException
??0exception@@QAE@ABQBD@Z
??1exception@@UAE@XZ
??0exception@@QAE@ABV0@@Z
_itoa
_strcmpi
_mkdir
_chdir
_stricmp
_memicmp
realloc
_getcwd

msvcp60

??1?$basic_fstream@DU?$char_traits@D@std@@@std@@UAE@XZ
??0?$basic_fstream@DU?$char_traits@D@std@@@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?replace@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PAD0PBD1@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBDABV?$allocator@D@1@@Z
?c_str@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEPBDXZ
??_F?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEXXZ
?compare@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEHIIPBDI@Z
?find_first_of@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBDABV10@@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?_Freeze@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADPAD0@Z
?end@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEPADXZ
??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Copy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Xlen@std@@YAXXZ
?erase@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@II@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?_Xran@std@@YAXXZ
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?assign@?$char_traits@D@std@@SAXAADABD@Z
?_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ
??0logic_error@std@@QAE@ABV01@@Z
??0out_of_range@std@@QAE@ABV01@@Z
??1out_of_range@std@@UAE@XZ
??_7out_of_range@std@@6B@
?_Refcnt@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEAAEPBD@Z
?move@?$char_traits@D@std@@SAPADPADPBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?max_size@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIXZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?append@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV?$allocator@D@1@@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ

imm32

ImmAssociateContext

ws2_32

getsockopt
WSACleanup
ioctlsocket
WSAGetLastError
inet_addr
inet_ntoa
getsockname
send
recv
connect
htons
socket
closesocket
WSAStartup
setsockopt
WSASocketA
WSAEnumNetworkEvents
WSAWaitForMultipleEvents
WSARecv
select
WSASend
WSACloseEvent
WSAEventSelect
WSACreateEvent

Exports

Exports

??0KGlobalValue@@QAE@ABV0@@Z
??0KGlobalValue@@QAE@XZ
??1KGlobalValue@@QAE@XZ
??4KGlobalValue@@QAEAAV0@ABV0@@Z
?CheckBonusTong@KGlobalValue@@QAE_NXZ
?CheckFirstTong@KGlobalValue@@QAE_NXZ
?GetBonusTongNum@KGlobalValue@@QAEHXZ
?GetFirstTongOrder@KGlobalValue@@QAEHPBD@Z
?GetTongDialogString@KGlobalValue@@QAEPADXZ
?IsBonusTong@KGlobalValue@@QAE_NPBD@Z
?IsFirstTong@KGlobalValue@@QAE_NPBD@Z
?LoadSetting@KGlobalValue@@QAEHPBD@Z
?g_GlobalSetting@@3VKGlobalValue@@A
CoreGetShell

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 204KB - Virtual size: 8.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43c0a16f2bff2b5816b5fbc90e33c54c

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

5a:bd:fa:cf:e2:8a:34:46Certificate

Extended Key Usages

Key Usages

f0:d2:40:f0:f1:79:88:5f:f2:5b:a8:ab:dc:83:8d:60:6c:91:69:92Signer

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

winmm

shlwapi

lualibdll

engine

comctl32

represent2

netapi32

msvcrt

msvcp60

imm32

ws2_32

Exports

Exports

Sections

.text Size: 2.9MB - Virtual size: 2.9MB

.rdata Size: 204KB - Virtual size: 203KB

.data Size: 204KB - Virtual size: 8.2MB

.rsrc Size: 8KB - Virtual size: 6KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

5a:bd:fa:cf:e2:8a:34:46
Certificate

f0:d2:40:f0:f1:79:88:5f:f2:5b:a8:ab:dc:83:8d:60:6c:91:69:92
Signer

.text
Size: 2.9MB - Virtual size: 2.9MB

.rdata
Size: 204KB - Virtual size: 203KB

.data
Size: 204KB - Virtual size: 8.2MB

.rsrc
Size: 8KB - Virtual size: 6KB