1[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1.zip
Size

320KB
MD5

4c66b267770260cc65e41ccdfcf2dcca
SHA1

fa465f900881f63cd1a831f485eea5b6c51c6cc6
SHA256

b44f4c89905358dcde51324ca26ce85aa163eff35d335dc1f85a5cf6898636f3
SHA512

a5fcba5be28f96cb2abb3e45f083565bffcd4cc32cdb57d372fa76f9c6f92d3fe49693d18caae0c694753c892afa77a775c4826b50467a917d43a2d1efe5f98f
SSDEEP

6144:upG3aFI4b9yRp1VnjlqujY7BJEWIyrPzoa0ppRk3L0fOu47+Ne1D16:upVVw9RoJELNM0mR7jc

Score

1^/10

Malware Config

Signatures

Files

1.zip
.zip
1/7+ Taskbar Tweaker.exe
.exe windows:6 windows x64 arch:x64

76651c503f447fafab32a6406cb8204d

Code Sign

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

16/04/2020, 18:36

Not After

16/04/2045, 18:44

Subject

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0c
Certificate

Issuer

CN=Microsoft ID Verified CS AOC CA 01,O=Microsoft Corporation,C=US

Not Before

15/08/2024, 19:26

Not After

18/08/2024, 19:26

Subject

CN=Michael Maltsev,O=Michael Maltsev,L=Rishon LeZion,ST=Central,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0c
Certificate

Issuer

CN=Microsoft ID Verified CS AOC CA 01,O=Microsoft Corporation,C=US

Not Before

15/08/2024, 19:26

Not After

18/08/2024, 19:26

Subject

CN=Michael Maltsev,O=Michael Maltsev,L=Rishon LeZion,ST=Central,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:07:37:8c:5b:a1:d9:5b:8c:d4:00:00:00:00:00:07
Certificate

Issuer

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Not Before

13/04/2021, 17:31

Not After

13/04/2026, 17:31

Subject

CN=Microsoft ID Verified CS AOC CA 01,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

01/04/2021, 20:05

Not After

01/04/2036, 20:15

Subject

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

19/11/2020, 20:32

Not After

19/11/2035, 20:42

Subject

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:43:4c:cc:7d:f4:98:8b:5a:d4:00:00:00:00:00:43
Certificate

Issuer

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Not Before

18/04/2024, 17:59

Not After

17/04/2025, 17:59

Subject

CN=Microsoft Public RSA Time Stamping Authority,OU=Microsoft Ireland Operations Limited+OU=nShield TSS ESN:491A-05E0-D947,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ac:36:05:50:40:29:47:e7:7b:9c:89:f8:c5:9d:e7:fc:06:e4:d9:72:cf:b9:65:ad:86:03:a0:df:ea:91:4b:d4
Signer

Actual PE Digest

ac:36:05:50:40:29:47:e7:7b:9c:89:f8:c5:9d:e7:fc:06:e4:d9:72:cf:b9:65:ad:86:03:a0:df:ea:91:4b:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

comctl32

ord345
InitCommonControlsEx

wininet

HttpSendRequestW
InternetReadFile
HttpOpenRequestW
InternetOpenW
InternetConnectW
InternetCloseHandle
InternetSetStatusCallbackW
HttpEndRequestW
InternetWriteFile
HttpSendRequestExW
HttpQueryInfoW

uxtheme

SetWindowTheme

dbghelp

SymInitialize
SymFromAddrW
SymCleanup
MiniDumpWriteDump

shlwapi

PathFindFileNameW
PathCombineW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

HeapFree
GetCurrentProcess
RtlCaptureStackBackTrace
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
GetVersionExW
GetProcessTimes
GetSystemTimeAsFileTime
HeapReAlloc
lstrlenW
lstrcmpA
DeleteFileW
UnmapViewOfFile
CreateFileW
GetFileSize
CloseHandle
CreateFileMappingW
MapViewOfFile
GetTempPathW
GetTempFileNameW
GetCurrentThreadId
GetCurrentProcessId
lstrcpyW
lstrcatW
WriteFile
SetLastError
WritePrivateProfileStringW
GetLastError
GetPrivateProfileStringW
GetModuleHandleW
SizeofResource
GetThreadUILanguage
GetFileAttributesW
lstrcmpW
ReadFile
HeapSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetUnhandledExceptionFilter
GetCommandLineW
SetThreadUILanguage
LocalFree
ExitProcess
CreateMutexW
WaitForSingleObject
ReleaseMutex
GetTickCount
lstrcmpiW
OpenMutexW
OpenProcess
CreateEventW
DuplicateHandle
CreateThread
ResumeThread
SetEvent
LoadLibraryW
GetProcAddress
FreeLibrary
VirtualAllocEx
CreateRemoteThread
VirtualFreeEx
WaitForMultipleObjects
ReadProcessMemory
WriteProcessMemory
VerSetConditionMask
VerifyVersionInfoW
CreateDirectoryW
lstrlenA
CreateProcessW
GetProcessHeap
CompareStringW
EnumResourceLanguagesW
FindResourceExW
MultiByteToWideChar
RemoveDirectoryW
HeapAlloc
GetModuleHandleExW
LCIDToLocaleName

user32

MessageBoxW
DestroyWindow
GetClientRect
GetWindowRect
GetDlgItem
EnableWindow
DefWindowProcW
IsWindowEnabled
GetFocus
GetKeyState
GetDlgCtrlID
BeginDeferWindowPos
EndDeferWindowPos
GetSystemMetrics
MapWindowPoints
CreateWindowExW
SetWindowPos
SetWindowLongW
ClientToScreen
CreatePopupMenu
AppendMenuW
TrackPopupMenu
DestroyMenu
RedrawWindow
DeferWindowPos
SetWindowsHookExW
SetFocus
GetWindowTextW
UnhookWindowsHookEx
CallWindowProcW
CallNextHookEx
FindWindowW
GetWindowThreadProcessId
AllowSetForegroundWindow
PostMessageW
RegisterWindowMessageW
GetThreadDesktop
SendMessageW
SetWindowTextW
IsDialogMessageW
TranslateMessage
DispatchMessageW
UnregisterClassW
LoadImageW
GetSysColor
KillTimer
SetTimer
SetForegroundWindow
GetLastActivePopup
IsWindowVisible
GetCursorPos
ReplyMessage
PostQuitMessage
DestroyIcon
GetDC
ReleaseDC
SystemParametersInfoW
GetSystemMenu
GetMenuItemCount
InsertMenuItemW
PtInRect
GetPropW
FindWindowExW
WaitForInputIdle
GetClassInfoW
RegisterClassW
LoadStringW
GetWindow
GetClassNameW
MoveWindow
CheckDlgButton
SendDlgItemMessageW
DialogBoxParamW
IsDlgButtonChecked
EndDialog
wvsprintfW
GetWindowLongPtrW
SetDlgItemTextW
GetMessageW
wsprintfW
SetWindowLongPtrW
ShowWindow
CreateDialogParamW
CreateDialogIndirectParamW
GetUserObjectInformationW
GetWindowLongW
GetParent

gdi32

CreatePatternBrush
SelectObject
DeleteObject
SetBrushOrgEx
DeleteDC
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetObjectW
SetBkMode
GetTextExtentPoint32W

advapi32

DuplicateToken
RegCreateKeyExW
RegCloseKey
RegDeleteTreeW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
GetFileSecurityW
GetUserNameW
RegOpenKeyExW
AccessCheck
MapGenericMask
RegGetValueW
OpenProcessToken

shell32

SetCurrentProcessExplicitAppUserModelID
CommandLineToArgvW
ShellExecuteW
Shell_NotifyIconW
Shell_NotifyIconGetRect

ole32

CoUninitialize
CoInitializeEx

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 383KB - Virtual size: 383KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
1/inject.dll
.dll windows:6 windows x64 arch:x64

b1f33c9d26234da424f54c0836725104

Code Sign

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

16/04/2020, 18:36

Not After

16/04/2045, 18:44

Subject

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0c
Certificate

Issuer

CN=Microsoft ID Verified CS AOC CA 01,O=Microsoft Corporation,C=US

Not Before

15/08/2024, 19:26

Not After

18/08/2024, 19:26

Subject

CN=Michael Maltsev,O=Michael Maltsev,L=Rishon LeZion,ST=Central,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0c
Certificate

Issuer

CN=Microsoft ID Verified CS AOC CA 01,O=Microsoft Corporation,C=US

Not Before

15/08/2024, 19:26

Not After

18/08/2024, 19:26

Subject

CN=Michael Maltsev,O=Michael Maltsev,L=Rishon LeZion,ST=Central,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:07:37:8c:5b:a1:d9:5b:8c:d4:00:00:00:00:00:07
Certificate

Issuer

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Not Before

13/04/2021, 17:31

Not After

13/04/2026, 17:31

Subject

CN=Microsoft ID Verified CS AOC CA 01,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

01/04/2021, 20:05

Not After

01/04/2036, 20:15

Subject

CN=Microsoft ID Verified Code Signing PCA 2021,O=Microsoft Corporation,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Identity Verification Root Certificate Authority 2020,O=Microsoft Corporation,C=US

Not Before

19/11/2020, 20:32

Not After

19/11/2035, 20:42

Subject

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:42:9a:c8:6f:a5:1b:a6:7d:06:00:00:00:00:00:42
Certificate

Issuer

CN=Microsoft Public RSA Timestamping CA 2020,O=Microsoft Corporation,C=US

Not Before

18/04/2024, 17:59

Not After

17/04/2025, 17:59

Subject

CN=Microsoft Public RSA Time Stamping Authority,OU=Microsoft Ireland Operations Limited+OU=nShield TSS ESN:451A-05E0-D947,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

32:0f:c2:27:07:ba:d6:38:9b:da:94:3a:9a:56:d8:bb:ea:1e:29:28:fb:6c:1b:d1:aa:4b:47:88:5c:22:68:8f
Signer

Actual PE Digest

32:0f:c2:27:07:ba:d6:38:9b:da:94:3a:9a:56:d8:bb:ea:1e:29:28:fb:6c:1b:d1:aa:4b:47:88:5c:22:68:8f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

comctl32

ord338
ord328
ord412
ord410
ImageList_Remove
ImageList_SetImageCount
ImageList_ReplaceIcon
ImageList_Create
ord336
ord334
ord413

shlwapi

SHStrDupW
PathFindFileNameW
StrCmpLogicalW

uxtheme

DrawThemeParentBackground
CloseThemeData
SetWindowTheme
OpenThemeData

dwmapi

DwmIsCompositionEnabled

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

wininet

InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetReadFile
InternetOpenW
InternetCloseHandle

kernel32

GetFileType
GetStdHandle
LCMapStringW
HeapAlloc
GetProcessHeap
GetModuleHandleExW
HeapFree
GetCurrentProcess
RtlCaptureStackBackTrace
GetModuleFileNameW
FindResourceW
LoadResource
LockResource
GetVersionExW
GetProcessTimes
GetSystemTimeAsFileTime
HeapReAlloc
lstrlenW
lstrcmpA
DeleteFileW
UnmapViewOfFile
CreateFileW
GetFileSize
CloseHandle
CreateFileMappingW
MapViewOfFile
GetTempPathW
GetTempFileNameW
GetCurrentThreadId
GetCurrentProcessId
lstrcpyW
lstrcatW
WriteFile
SetLastError
WritePrivateProfileStringW
GetLastError
GetPrivateProfileStringW
InitializeSRWLock
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
SetUnhandledExceptionFilter
K32GetModuleInformation
GetModuleHandleW
WaitForMultipleObjects
FreeLibraryAndExitThread
CreateThread
DuplicateHandle
Sleep
lstrcmpiA
VirtualProtect
GetProcAddress
OpenProcess
TerminateProcess
MulDiv
DebugBreak
GetTickCount
lstrcmpW
lstrcmpiW
HeapSize
SetThreadPriority
ResumeThread
WaitForSingleObject
SetEvent
GetProcessId
OpenMutexW
CreateProcessW
SetThreadUILanguage
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalReAlloc
GlobalFree
ReleaseMutex
GlobalFindAtomW
HeapCreate
Thread32Next
CreateMutexW
Thread32First
SuspendThread
CreateToolhelp32Snapshot
HeapDestroy
GetThreadContext
GetThreadId
FlushInstructionCache
SetThreadContext
OpenThread
VirtualFree
VirtualAlloc
GetSystemInfo
VirtualQuery
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
MultiByteToWideChar
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
ExitProcess
RtlPcToFileHeader
EncodePointer
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InterlockedFlushSList
RtlUnwindEx
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
FreeLibrary
RaiseException
SetStdHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
GetStringTypeW
CreateEventW

user32

GetForegroundWindow
GetDesktopWindow
WaitForInputIdle
FindWindowW
GetGUIThreadInfo
GetWindowTextLengthW
SetForegroundWindow
GetClassNameW
EnumThreadWindows
FindWindowExW
InflateRect
CalculatePopupWindowPosition
ShowWindow
GetWindowLongPtrW
DialogBoxParamW
SystemParametersInfoW
GetDlgItem
SetWindowLongW
EndDialog
MonitorFromWindow
SetWindowLongPtrW
MoveWindow
SetCapture
ReleaseCapture
SetWindowTextW
LoadImageW
DestroyIcon
GetClassLongPtrW
CreatePopupMenu
AppendMenuW
SetMenuItemInfoW
TrackPopupMenu
DestroyMenu
GetMenuItemInfoW
CascadeWindows
TileWindows
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetFocus
DefWindowProcW
SetPropW
RemovePropW
GetDoubleClickTime
SendInput
SetRectEmpty
CallNextHookEx
PostThreadMessageW
GetClientRect
GetKeyState
RegisterHotKey
UnhookWindowsHookEx
UnregisterClassW
CreateWindowExW
RegisterClassW
UnregisterHotKey
IntersectRect
GetParent
GetWindowRect
DispatchMessageW
TranslateMessage
PostQuitMessage
GetMessageW
GetCursorPos
SetWindowsHookExW
PtInRect
MapWindowPoints
LoadCursorW
SetCursor
WindowFromPoint
GetCapture
GetPropW
EnableWindow
RedrawWindow
IsChild
SetWindowPos
ReleaseDC
GetDC
GetSystemMetrics
ClientToScreen
MonitorFromPoint
SendMessageW
InternalGetWindowText
InvalidateRect
IsWindow
KillTimer
SetTimer
SwitchToThisWindow
ShowWindowAsync
GetWindow
IsWindowVisible
GetAncestor
GetLastActivePopup
IsZoomed
GetMenuState
GetSystemMenu
GetWindowLongW
IsWindowEnabled
IsIconic
PostMessageW
GetScrollInfo
GetClassLongW
GetClassInfoW
AllowSetForegroundWindow
GetWindowThreadProcessId
SendMessageTimeoutW
LoadStringW
RegisterWindowMessageW
wsprintfW
wvsprintfW
DestroyWindow
PeekMessageW

gdi32

GetDeviceCaps

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegCreateKeyExW
RegGetValueW

shell32

Shell_NotifyIconGetRect
SHGetPropertyStoreForWindow

ole32

PropVariantClear
CoCreateInstance

Exports

Exports

Init

Sections

.text
Size: 220KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

76651c503f447fafab32a6406cb8204d

Code Sign

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99Certificate

Key Usages

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0cCertificate

Extended Key Usages

Key Usages

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0cCertificate

Extended Key Usages

Key Usages

33:00:00:00:07:37:8c:5b:a1:d9:5b:8c:d4:00:00:00:00:00:07Certificate

Key Usages

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07Certificate

Key Usages

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05Certificate

Extended Key Usages

Key Usages

33:00:00:00:43:4c:cc:7d:f4:98:8b:5a:d4:00:00:00:00:00:43Certificate

Extended Key Usages

Key Usages

ac:36:05:50:40:29:47:e7:7b:9c:89:f8:c5:9d:e7:fc:06:e4:d9:72:cf:b9:65:ad:86:03:a0:df:ea:91:4b:d4Signer

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

wininet

uxtheme

dbghelp

shlwapi

version

kernel32

user32

gdi32

advapi32

shell32

ole32

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 6KB

.pdata Size: 3KB - Virtual size: 2KB

.rsrc Size: 383KB - Virtual size: 383KB

b1f33c9d26234da424f54c0836725104

Code Sign

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99Certificate

Key Usages

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0cCertificate

Extended Key Usages

Key Usages

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0cCertificate

Extended Key Usages

Key Usages

33:00:00:00:07:37:8c:5b:a1:d9:5b:8c:d4:00:00:00:00:00:07Certificate

Key Usages

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07Certificate

Key Usages

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05Certificate

Extended Key Usages

Key Usages

33:00:00:00:42:9a:c8:6f:a5:1b:a6:7d:06:00:00:00:00:00:42Certificate

Extended Key Usages

Key Usages

32:0f:c2:27:07:ba:d6:38:9b:da:94:3a:9a:56:d8:bb:ea:1e:29:28:fb:6c:1b:d1:aa:4b:47:88:5c:22:68:8fSigner

Headers

DLL Characteristics

File Characteristics

Imports

comctl32

shlwapi

uxtheme

dwmapi

version

wininet

kernel32

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0c
Certificate

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0c
Certificate

33:00:00:00:07:37:8c:5b:a1:d9:5b:8c:d4:00:00:00:00:00:07
Certificate

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

33:00:00:00:43:4c:cc:7d:f4:98:8b:5a:d4:00:00:00:00:00:43
Certificate

ac:36:05:50:40:29:47:e7:7b:9c:89:f8:c5:9d:e7:fc:06:e4:d9:72:cf:b9:65:ad:86:03:a0:df:ea:91:4b:d4
Signer

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 6KB

.pdata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 383KB - Virtual size: 383KB

54:98:d2:d1:d4:5b:19:95:48:13:79:c8:11:c0:87:99
Certificate

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0c
Certificate

33:00:01:56:0c:5e:6d:35:82:04:e6:d6:24:00:00:00:01:56:0c
Certificate

33:00:00:00:07:37:8c:5b:a1:d9:5b:8c:d4:00:00:00:00:00:07
Certificate

33:00:00:00:07:87:a3:34:a3:7b:a5:8e:1c:00:00:00:00:00:07
Certificate

33:00:00:00:05:e5:cf:0f:ff:66:2e:c9:87:00:00:00:00:00:05
Certificate

33:00:00:00:42:9a:c8:6f:a5:1b:a6:7d:06:00:00:00:00:00:42
Certificate

32:0f:c2:27:07:ba:d6:38:9b:da:94:3a:9a:56:d8:bb:ea:1e:29:28:fb:6c:1b:d1:aa:4b:47:88:5c:22:68:8f
Signer

.text
Size: 220KB - Virtual size: 220KB

.rdata
Size: 61KB - Virtual size: 60KB

.data
Size: 3KB - Virtual size: 10KB

.pdata
Size: 11KB - Virtual size: 10KB

.rsrc
Size: 19KB - Virtual size: 19KB

.reloc
Size: 2KB - Virtual size: 1KB