echgo-dev_[unknowncheats[.]me]_[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

echgo-dev_[unknowncheats.me]_.zip
Size

17.0MB
MD5

cb9bf7741edcdb61550129c92bd3ea7f
SHA1

89f09da3a143042d0e8d488ff8d114df5a014066
SHA256

2c707f7341cc4236a11b9fef5173f11583ea4e41fab164d024555eece8458822
SHA512

55cf986b812654ed00a9dd9c2468937214e7072e199eabfb7e37dce6809164c287b2104fcb5d98576b66c7ed7e0b0905d6de7aa96ed852048cf9f32f3e875069
SSDEEP

393216:L84gpaAieXU0TzJzwVsRdgcMQuPnPic/Kn/fB:L84/eE0TzycMQuP6c/Kn3B

Score

7^/10

themida

Malware Config

Signatures

Themida packer 1 IoCs

Detects Themida, an advanced Windows software protection system.

themida

resource	yara_rule
static1/unpack001/echo-09FE1E-463d79-r.exe	themida

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/echgo-dev.exe

Files

echgo-dev_[unknowncheats.me]_.zip
.zip
echgo-dev.exe
.exe windows:6 windows x64 arch:x64

c7269d59926fa4252270f407e4dab043

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
Sleep
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
PostQueuedCompletionStatus
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 373KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 281B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/65
Size: 845KB - Virtual size: 845KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 565KB - Virtual size: 564KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/90
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 399KB - Virtual size: 398KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
echgo.exe
.exe windows:6 windows x64 arch:x64

c7269d59926fa4252270f407e4dab043

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:8c:52:ec:df:d9:ae:65:be:45:96:45:8b:4c:31:af
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/12/2021, 00:00

Not After

16/12/2022, 23:59

Subject

SERIALNUMBER=13017981,CN=Inspect Element Ltd,O=Inspect Element Ltd,L=POOLE,C=GB,1.3.6.1.4.1.311.60.2.1.3=#13024742,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d6:77:47:34:e6:2a:42:7e:6d:7f:ca:5f:93:77:74:1a:7f:5d:5e:f5:fd:65:9c:cf:c2:14:23:18:04:e8:42:13
Signer

Actual PE Digest

d6:77:47:34:e6:2a:42:7e:6d:7f:ca:5f:93:77:74:1a:7f:5d:5e:f5:fd:65:9c:cf:c2:14:23:18:04:e8:42:13

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
Sleep
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
PostQueuedCompletionStatus
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 373KB - Virtual size: 760KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 281B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 457KB - Virtual size: 456KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/65
Size: 846KB - Virtual size: 845KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 566KB - Virtual size: 565KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/90
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 399KB - Virtual size: 398KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
echo-09FE1E-463d79-r.exe
.exe windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:8c:52:ec:df:d9:ae:65:be:45:96:45:8b:4c:31:af
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/12/2021, 00:00

Not After

16/12/2022, 23:59

Subject

SERIALNUMBER=13017981,CN=Inspect Element Ltd,O=Inspect Element Ltd,L=POOLE,C=GB,1.3.6.1.4.1.311.60.2.1.3=#13024742,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:d3:43:91:da:59:68:9f:c5:d8:af:0e:d0:14:4a:46:a9:62:ff:27:2f:d8:13:21:49:57:f0:13:d8:9b:47:58
Signer

Actual PE Digest

15:d3:43:91:da:59:68:9f:c5:d8:af:0e:d0:14:4a:46:a9:62:ff:27:2f:d8:13:21:49:57:f0:13:d8:9b:47:58

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

.text
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 71KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 8KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.themida
Size: - Virtual size: 11.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boot
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 16B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7269d59926fa4252270f407e4dab043

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 2.7MB - Virtual size: 2.7MB

.data Size: 373KB - Virtual size: 760KB

/4 Size: 512B - Virtual size: 281B

/19 Size: 456KB - Virtual size: 456KB

/32 Size: 92KB - Virtual size: 91KB

/46 Size: 512B - Virtual size: 48B

/65 Size: 845KB - Virtual size: 845KB

/78 Size: 565KB - Virtual size: 564KB

/90 Size: 156KB - Virtual size: 155KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 112KB - Virtual size: 111KB

.symtab Size: 399KB - Virtual size: 398KB

c7269d59926fa4252270f407e4dab043

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

01:8c:52:ec:df:d9:ae:65:be:45:96:45:8b:4c:31:afCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

d6:77:47:34:e6:2a:42:7e:6d:7f:ca:5f:93:77:74:1a:7f:5d:5e:f5:fd:65:9c:cf:c2:14:23:18:04:e8:42:13Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 2.7MB - Virtual size: 2.7MB

.rdata Size: 2.7MB - Virtual size: 2.7MB

.data Size: 373KB - Virtual size: 760KB

/4 Size: 512B - Virtual size: 281B

/19 Size: 457KB - Virtual size: 456KB

/32 Size: 92KB - Virtual size: 91KB

/46 Size: 512B - Virtual size: 48B

/65 Size: 846KB - Virtual size: 845KB

/78 Size: 566KB - Virtual size: 565KB

/90 Size: 156KB - Virtual size: 156KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 112KB - Virtual size: 112KB

.symtab Size: 399KB - Virtual size: 398KB

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

01:8c:52:ec:df:d9:ae:65:be:45:96:45:8b:4c:31:afCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

15:d3:43:91:da:59:68:9f:c5:d8:af:0e:d0:14:4a:46:a9:62:ff:27:2f:d8:13:21:49:57:f0:13:d8:9b:47:58Signer

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 3.2MB - Virtual size: 3.2MB

.rdata Size: 1.0MB - Virtual size: 1.0MB

.data Size: 62KB - Virtual size: 89KB

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 373KB - Virtual size: 760KB

/4
Size: 512B - Virtual size: 281B

/19
Size: 456KB - Virtual size: 456KB

/32
Size: 92KB - Virtual size: 91KB

/46
Size: 512B - Virtual size: 48B

/65
Size: 845KB - Virtual size: 845KB

/78
Size: 565KB - Virtual size: 564KB

/90
Size: 156KB - Virtual size: 155KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 112KB - Virtual size: 111KB

.symtab
Size: 399KB - Virtual size: 398KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

01:8c:52:ec:df:d9:ae:65:be:45:96:45:8b:4c:31:af
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

d6:77:47:34:e6:2a:42:7e:6d:7f:ca:5f:93:77:74:1a:7f:5d:5e:f5:fd:65:9c:cf:c2:14:23:18:04:e8:42:13
Signer

.text
Size: 2.7MB - Virtual size: 2.7MB

.rdata
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 373KB - Virtual size: 760KB

/4
Size: 512B - Virtual size: 281B

/19
Size: 457KB - Virtual size: 456KB

/32
Size: 92KB - Virtual size: 91KB

/46
Size: 512B - Virtual size: 48B

/65
Size: 846KB - Virtual size: 845KB

/78
Size: 566KB - Virtual size: 565KB

/90
Size: 156KB - Virtual size: 156KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 112KB - Virtual size: 112KB

.symtab
Size: 399KB - Virtual size: 398KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

01:8c:52:ec:df:d9:ae:65:be:45:96:45:8b:4c:31:af
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

15:d3:43:91:da:59:68:9f:c5:d8:af:0e:d0:14:4a:46:a9:62:ff:27:2f:d8:13:21:49:57:f0:13:d8:9b:47:58
Signer

.text
Size: 3.2MB - Virtual size: 3.2MB

.rdata
Size: 1.0MB - Virtual size: 1.0MB

.data
Size: 62KB - Virtual size: 89KB

.pdata
Size: 132KB - Virtual size: 132KB

_RDATA
Size: 512B - Virtual size: 244B

.imports
Size: 1024B - Virtual size: 4KB

.tls
Size: 512B - Virtual size: 4KB

.rsrc
Size: 173KB - Virtual size: 173KB

.themida
Size: - Virtual size: 11.1MB

.boot
Size: 5.6MB - Virtual size: 5.6MB

.reloc
Size: 16B - Virtual size: 4KB