a5m2_2[.]19[.]0_x86[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

a5m2_2.19.0_x86.zip
Size

16.0MB
MD5

c83faadd0f985d06c35cc2277fce89db
SHA1

e6cb661d736f18c8b9474addf67f1294f6c67abb
SHA256

554a346419e2830c531140077712dadf30599ac0072ddc0724331dd2813134ac
SHA512

a158249208d07d9835c12a43ca83b250c4ef7026f3e491bbf940e4a769caa61bd82be0c0eb4b46fad37e3432123013cf5fbb1e9cd54b227acc7ddc1fe5f109c8
SSDEEP

393216:jiFiVz9rzLuP2/tv3DJTVJA6yuLIxl6+/J+Dlt3Ewqkkw:jUgnLi2vtV26JLIS+/JwL35kw

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
unpack001/A5M2.ENU
unpack001/A5M2.exe
unpack001/sqlite3.dll

Files

a5m2_2.19.0_x86.zip
.zip

Password: infected
A5M2.ENU
.dll windows:6 windows x86 arch:x86

Password: infected

a6b7f8a23ea4ef0bcd71cfd9f3ff70ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetACP
CompareStringW
LocalFree
CloseHandle
TlsAlloc
HeapFree
GetTickCount
WideCharToMultiByte
MultiByteToWideChar
LoadLibraryA
GetVersion
VirtualFree
RaiseException
GetProcessHeap
ExitProcess
HeapAlloc
GetStartupInfoW
SwitchToThread
InitializeCriticalSection
VirtualAlloc
WriteFile
RtlUnwind
GetSystemInfo
GetCommandLineW
GetProcAddress
DeleteCriticalSection
TlsGetValue
GetStdHandle
TlsSetValue
VerifyVersionInfoW
GetModuleHandleW
FreeLibrary
LocalAlloc
GetCurrentThreadId
VerSetConditionMask
UnhandledExceptionFilter
TlsFree
VirtualQuery
Sleep
SetThreadLocale

oleaut32

SysFreeString

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 13KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
A5M2.exe
.exe windows:5 windows x86 arch:x86

Password: infected

47985bb8bf836c44ceed7097a0bdead1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mpr

WNetEnumResourceW
WNetGetUniversalNameW
WNetCloseEnum
WNetOpenEnumW

winmm

sndPlaySoundW
timeGetTime

oleacc

LresultFromObject

shlwapi

SHCreateStreamOnFileW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetDefaultPrinterW
EnumPrintersW

comdlg32

FindTextW
ReplaceTextW
ChooseFontW
ChooseColorW
GetSaveFileNameW
GetOpenFileNameW
PrintDlgW

comctl32

ImageList_GetImageInfo
FlatSB_SetScrollInfo
InitCommonControls
ImageList_DragMove
ImageList_Destroy
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_Add
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_Create
ImageList_EndDrag
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_GetScrollPos
FlatSB_SetScrollPos
InitializeFlatSB
ImageList_Copy
FlatSB_GetScrollInfo
ImageList_Write
ImageList_DrawIndirect
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Replace
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_DragLeave
ImageList_LoadImageW
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetOverlayImage

shell32

SHBrowseForFolderW
DragQueryFileW
Shell_NotifyIconW
DragAcceptFiles
SHGetPathFromIDListW
DragFinish
SHGetMalloc
SHGetDesktopFolder
SHFileOperationW
SHAppBarMessage
ShellExecuteW
SHAddToRecentDocs

user32

DdeSetUserHandle
CopyImage
MoveWindow
SetMenuItemInfoW
GetMenuItemInfoW
DefFrameProcW
SetCaretPos
GetCaretPos
ScrollWindowEx
GetDlgCtrlID
FrameRect
ToAsciiEx
RegisterWindowMessageW
GetMenuStringW
FillRect
DdeCmpStringHandles
SendMessageA
IsClipboardFormatAvailable
EnumWindows
ShowOwnedPopups
GetClassInfoExW
GetClassInfoW
GetScrollRange
SetActiveWindow
GetActiveWindow
DrawEdge
GetKeyboardLayoutList
LoadBitmapW
EnumChildWindows
GetScrollBarInfo
UnhookWindowsHookEx
SetCapture
GetCapture
CreatePopupMenu
ShowCaret
GetMenuItemID
DestroyCaret
CharLowerBuffW
PostMessageW
SetWindowLongW
IsZoomed
SetParent
DrawMenuBar
GetClientRect
IsChild
SendDlgItemMessageW
IsIconic
CallNextHookEx
DdeDisconnect
ShowWindow
SetForegroundWindow
GetWindowTextW
GetAsyncKeyState
IsDialogMessageW
DestroyWindow
RegisterClassW
EndMenu
CharNextW
GetFocus
GetDC
SetFocus
ReleaseDC
GetClassLongW
SetScrollRange
DrawTextW
PeekMessageA
MessageBeep
SetClassLongW
SetRectEmpty
LockWindowUpdate
RemovePropW
GetSubMenu
DestroyIcon
IsWindowVisible
PtInRect
DispatchMessageA
UnregisterClassW
GetTopWindow
SendMessageW
GetMessageTime
NotifyWinEvent
GetComboBoxInfo
DdeNameService
DdeAccessData
CreateMenu
LoadStringW
CharLowerW
SetWindowRgn
SetWindowPos
GetMenuItemCount
GetSysColorBrush
GetWindowDC
DdeQueryConvInfo
DrawTextExW
EnumClipboardFormats
GetScrollInfo
SetWindowTextW
GetMessageExtraInfo
GetSysColor
EnableScrollBar
TrackPopupMenu
DrawIconEx
DdePostAdvise
GetClassNameW
DdeCreateDataHandle
GetMessagePos
GetIconInfo
SetScrollInfo
GetKeyNameTextW
GetDesktopWindow
SetCursorPos
GetCursorPos
SetMenu
GetMenuState
GetMenu
SetRect
GetKeyState
IsRectEmpty
ValidateRect
IsCharAlphaW
GetCursor
KillTimer
BeginDeferWindowPos
WaitMessage
TranslateMDISysAccel
GetWindowPlacement
CreateIconIndirect
GetMenuItemRect
CreateWindowExW
ChildWindowFromPoint
GetDCEx
PeekMessageW
MonitorFromWindow
GetUpdateRect
SetTimer
WindowFromPoint
BeginPaint
DrawStateW
RegisterClipboardFormatW
DdeUnaccessData
MapVirtualKeyW
OffsetRect
IsWindowUnicode
DispatchMessageW
CreateAcceleratorTableW
DefMDIChildProcW
GetSystemMenu
SetScrollPos
GetScrollPos
DdeClientTransaction
InflateRect
DrawFocusRect
ReleaseCapture
LoadCursorW
DdeConnect
ScrollWindow
GetLastActivePopup
DdeUninitialize
CallWindowProcA
SetMenuInfo
GetMenuInfo
GetSystemMetrics
CharUpperBuffW
ClientToScreen
SetClipboardData
GetClipboardData
SetWindowPlacement
SetCaretBlinkTime
GetCaretBlinkTime
DdeFreeStringHandle
GetMonitorInfoW
CheckMenuItem
CharUpperW
DefWindowProcW
GetForegroundWindow
EnableWindow
GetWindowThreadProcessId
RedrawWindow
EndPaint
MsgWaitForMultipleObjectsEx
LoadKeyboardLayoutW
ActivateKeyboardLayout
GetParent
CreateCaret
MonitorFromRect
InsertMenuItemW
DdeQueryStringA
GetPropW
MessageBoxW
SetPropW
UpdateWindow
MsgWaitForMultipleObjects
DestroyMenu
SetWindowsHookExW
GetDoubleClickTime
EmptyClipboard
GetDlgItem
AdjustWindowRectEx
IsWindow
DrawIcon
EnumThreadWindows
InvalidateRect
SetKeyboardState
GetKeyboardState
ScreenToClient
DrawFrameControl
IsCharAlphaNumericW
BringWindowToTop
DdeFreeDataHandle
SetCursor
CreateIcon
DdeInitializeA
RemoveMenu
DdeCreateStringHandleA
GetKeyboardLayoutNameW
OpenClipboard
TranslateMessage
MapWindowPoints
EnumDisplayMonitors
CallWindowProcW
CountClipboardFormats
CloseClipboard
DestroyCursor
CharUpperBuffA
CopyIcon
PostQuitMessage
DdeGetLastError
ShowScrollBar
EnableMenuItem
DeferWindowPos
HideCaret
EndDeferWindowPos
FindWindowExW
MonitorFromPoint
LoadIconW
SystemParametersInfoW
GetWindow
GetWindowLongW
GetWindowRect
ToUnicode
InsertMenuW
IsWindowEnabled
IsDialogMessageA
CharNextA
FindWindowW
DeleteMenu
GetKeyboardLayout

version

GetFileVersionInfoSizeW
VerQueryValueW
VerQueryValueA
GetFileVersionInfoW

oleaut32

SafeArrayPutElement
VariantClear
SysReAllocStringLen
DispGetParam
CreateErrorInfo
GetActiveObject
SafeArrayGetLBound
SafeArrayGetUBound
VariantCopy
SafeArrayCopy
SafeArrayDestroy
SysStringLen
SafeArrayAccessData
SysFreeString
VariantInit
GetErrorInfo
SetErrorInfo
SafeArrayCreate
SafeArrayGetElement
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayRedim
VariantChangeType
VariantCopyInd

netapi32

Netbios

msvcrt

qsort
isupper
isalpha
isalnum
toupper
memchr
memcmp
memcpy
memset
isprint
isspace
iscntrl
isxdigit
ispunct
isgraph
tolower
islower

advapi32

RegSetValueExW
RegConnectRegistryW
RegEnumKeyExW
RegLoadKeyW
GetUserNameW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegUnLoadKeyW
RegSaveKeyW
RegDeleteValueW
RegReplaceKeyW
RegQueryValueW
RegFlushKey
RegEnumValueW
RegQueryValueExW
RegCloseKey
CreateProcessAsUserW
RegCreateKeyExW
RegRestoreKeyW
LogonUserW

imagehlp

ImageDirectoryEntryToData

kernel32

SetFileTime
GetFileType
FlushViewOfFile
GetACP
GetStringTypeExW
GetExitCodeProcess
LocalFree
CloseHandle
SizeofResource
VirtualProtectEx
GetCurrentProcessId
TerminateThread
IsDebuggerPresent
GetFullPathNameW
FindNextFileW
GlobalSize
GetCPInfoExW
GetSystemTime
WriteProcessMemory
GetTempPathA
EnumSystemLocalesW
GetTimeZoneInformation
FileTimeToLocalFileTime
SystemTimeToTzSpecificLocalTime
FreeLibrary
HeapDestroy
GetUserDefaultLCID
GetDiskFreeSpaceA
SetLastError
WaitNamedPipeW
GetModuleFileNameW
GetLastError
GlobalAlloc
GlobalUnlock
OpenMutexW
CompareStringW
CreateThread
HeapValidate
LoadLibraryA
CreateMutexW
ResetEvent
GetVolumeInformationW
RaiseException
FormatMessageW
GetCurrentThread
GetLogicalDrives
HeapReAlloc
ExpandEnvironmentStringsW
LoadLibraryExW
FileTimeToSystemTime
GetShortPathNameW
VirtualQuery
GlobalFindAtomW
VirtualQueryEx
Sleep
SetFilePointer
FlushFileBuffers
LoadResource
SuspendThread
GetTickCount
WritePrivateProfileStringW
HeapCompact
lstrcmpiA
GetFileSize
CreateMailslotW
GetStartupInfoW
GetFileAttributesW
GetThreadPriority
SetThreadPriority
VirtualAlloc
GetSystemInfo
GetTempPathW
LeaveCriticalSection
GetLogicalDriveStringsW
WinExec
HeapCreate
VerSetConditionMask
GetDiskFreeSpaceW
GetUserDefaultUILanguage
GetConsoleOutputCP
CompareStringA
WaitForSingleObjectEx
HeapFree
WideCharToMultiByte
MultiByteToWideChar
FindClose
LoadLibraryW
SetEvent
GetLocaleInfoW
FormatMessageA
GetLocalTime
WaitForSingleObject
DeleteCriticalSection
SetErrorMode
TzSpecificLocalTimeToSystemTime
GetComputerNameW
IsValidLocale
LoadLibraryExA
LocalAlloc
GetPrivateProfileStringW
WaitForMultipleObjectsEx
SetFileAttributesW
QueryDosDeviceW
UnlockFile
SetEnvironmentVariableW
QueryPerformanceFrequency
VirtualFree
GetProcessHeap
HeapAlloc
ExitProcess
GetFileAttributesA
RtlUnwind
GetCPInfo
GetStdHandle
GetModuleHandleW
TryEnterCriticalSection
ReadFile
FileTimeToDosDateTime
CreateProcessW
HeapSize
FindResourceW
LockFileEx
CopyFileW
MapViewOfFile
AreFileApisANSI
MulDiv
CreateFileA
GetVersion
GetDriveTypeW
FreeResource
DeleteFileA
MoveFileW
GlobalAddAtomW
GetSystemTimeAsFileTime
OpenProcess
SwitchToThread
GetExitCodeThread
OutputDebugStringW
GetFileAttributesExW
SetNamedPipeHandleState
TerminateProcess
LockResource
GetCurrentThreadId
UnhandledExceptionFilter
GlobalFree
EnterCriticalSection
ReleaseMutex
GetFullPathNameA
GlobalDeleteAtom
GetCurrentDirectoryW
SetCurrentDirectoryW
InitializeCriticalSection
GlobalLock
GetCurrentProcess
GetCommandLineW
GetProcAddress
ResumeThread
DuplicateHandle
GetVersionExW
VerifyVersionInfoW
GetWindowsDirectoryW
UnlockFileEx
LCMapStringW
FindFirstFileW
LockFile
UnmapViewOfFile
GetConsoleCP
GlobalHandle
lstrlenW
SetEndOfFile
QueryPerformanceCounter
lstrcmpW
lstrcpyW
CreateMutexA
SystemTimeToFileTime
CreateFileW
GetSystemDirectoryW
EnumResourceNamesW
DeleteFileW
IsDBCSLeadByteEx
GetSystemDefaultLCID
GetEnvironmentVariableW
OutputDebugStringA
WriteFile
CreateFileMappingW
ExitThread
CreatePipe
TlsGetValue
GetDateFormatW
PulseEvent
TlsSetValue
CreateDirectoryW
GetSystemDefaultUILanguage
EnumCalendarInfoW
RemoveDirectoryW
CreateEventW
SetThreadLocale
GetThreadLocale

shfolder

SHGetFolderPathW

wsock32

gethostbyaddr
getsockopt
setsockopt
select
WSACleanup
gethostbyname
bind
gethostname
closesocket
WSAGetLastError
connect
getpeername
inet_addr
sendto
WSAAsyncSelect
WSAAsyncGetServByName
WSACancelAsyncRequest
send
accept
htons
ntohs
WSAStartup
getservbyname
__WSAFDIsSet
getsockname
listen
socket
recv
inet_ntoa
ioctlsocket
shutdown
recvfrom
WSAAsyncGetHostByName

ole32

RevokeDragDrop
OleRegEnumVerbs
IsAccelerator
CoCreateInstance
CoUninitialize
CLSIDFromString
ReleaseStgMedium
RegisterDragDrop
IsEqualGUID
ProgIDFromCLSID
CreateStreamOnHGlobal
OleInitialize
CoGetMalloc
CLSIDFromProgID
OleUninitialize
CoGetClassObject
CoInitialize
CoTaskMemFree
OleDraw
CoTaskMemAlloc
StringFromCLSID
OleSetMenuDescriptor
DoDragDrop

gdi32

Pie
SetBkMode
CreateCompatibleBitmap
GetEnhMetaFileHeader
CloseEnhMetaFile
RectVisible
AngleArc
TranslateCharsetInfo
ResizePalette
SetAbortProc
SetTextColor
GetTextColor
StretchBlt
RoundRect
SelectClipRgn
RestoreDC
SetRectRgn
GetTextMetricsW
GetWindowOrgEx
CreatePalette
CreateDCW
CreateICW
PolyBezierTo
GetStockObject
CreateSolidBrush
GetBkMode
Polygon
MoveToEx
ResetDCW
PlayEnhMetaFile
Ellipse
StartPage
GetBitmapBits
StartDocW
AbortDoc
GetSystemPaletteEntries
GetEnhMetaFileBits
CreatePenIndirect
GetEnhMetaFilePaletteEntries
SetMapMode
CreateFontIndirectW
PolyBezier
ExtCreatePen
LPtoDP
GetNearestColor
EndDoc
GetObjectW
GetCurrentObject
GetWinMetaFileBits
SetROP2
GetEnhMetaFileDescriptionW
ArcTo
CreateEnhMetaFileW
Arc
CreateRectRgnIndirect
SelectPalette
SetGraphicsMode
ExcludeClipRect
MaskBlt
SetWindowOrgEx
GetCharacterPlacementW
EndPage
DeleteEnhMetaFile
Chord
SetDIBits
SetViewportOrgEx
GetViewportOrgEx
CreateRectRgn
RealizePalette
SetDIBColorTable
GetDIBColorTable
CreateBrushIndirect
PatBlt
SetEnhMetaFileBits
Rectangle
SaveDC
DeleteDC
BitBlt
SetWorldTransform
FrameRgn
GetDeviceCaps
GetTextExtentPoint32W
GetClipBox
GetClipRgn
Polyline
IntersectClipRect
CreateBitmap
CombineRgn
SetWinMetaFileBits
CreateDIBitmap
GetStretchBltMode
CreateDIBSection
SetStretchBltMode
GetDIBits
ExtCreateRegion
LineTo
GetRgnBox
EnumFontsW
SetWindowExtEx
CreateHalftonePalette
SelectObject
DeleteObject
ExtFloodFill
UnrealizeObject
CopyEnhMetaFileW
SetBkColor
CreateCompatibleDC
GetObjectA
GetBrushOrgEx
GetCurrentPositionEx
SetDCPenColor
GetNearestPaletteIndex
CreateRoundRectRgn
GetTextExtentPointW
ExtTextOutW
SetBrushOrgEx
GetPixel
GdiFlush
SetViewportExtEx
SetPixel
PolyPolyline
EnumFontFamiliesExW
StretchDIBits
GetPaletteEntries

Exports

Exports

__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 20.2MB - Virtual size: 20.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 530KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 109B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 88B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
TileServerList.txt
VirusCheck.txt
WebView2Loader.dll
.dll windows:5 windows x86 arch:x86

Password: infected

a64b009ff2c9503726050a45e231f4c9

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

58:d3:f7:46:e5:db:4f:12:10:fc:b0:0d:da:35:f9:b1:42:3b:6b:67:5c:8a:fc:85:d6:b8:6a:4e:fb:fd:9f:cc
Signer

Actual PE Digest

58:d3:f7:46:e5:db:4f:12:10:fc:b0:0d:da:35:f9:b1:42:3b:6b:67:5c:8a:fc:85:d6:b8:6a:4e:fb:fd:9f:cc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

WebView2Loader.dll.pdb

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ResetEvent
RtlUnwind
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

CompareBrowserVersions
CreateCoreWebView2Environment
CreateCoreWebView2EnvironmentWithOptions
GetAvailableCoreWebView2BrowserVersionString

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 72B

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
build_info.txt
geom_js\images\layers-2x.png
.png

Password: infected
geom_js\images\layers.png
.png

Password: infected
geom_js\images\marker-icon-2x.png
.png

Password: infected
geom_js\images\marker-icon.png
.png

Password: infected
geom_js\images\marker-shadow.png
.png

Password: infected
geom_js\leaflet.css
geom_js\leaflet.js
.js
geom_js\wkx.js
.js
geom_js\wkx.min.js
.js
history.txt
.vbs
license.txt
license_en.txt
picture.zip
.zip
readme.txt
readme_en.txt
sample\ConnectionTest.dms
.js
sample\ConnectionTest2.dms
.js
sample\ConnectionTest3.dms
.js
sample\CreateTableDefinition.xls
.xls windows office2003
sample\ERDTest.dms
.js
sampledb\ShoppingSite.a5er
sampledb\ShoppingSite.mdb
scripts\Tool\SqlEmbededStr.dms
.js
scripts\TreeDB\FavoritesExport.dms
.js
scripts\TreeDB\FavoritesImport.dms
.js
scripts\TreeDB\OpenSchemaTable.dms
.js
scripts\TreeDB\oracle_procedureSources.dms
.js
scripts\TreeDB\oracle_viewSources.dms
.js
scripts\TreeDB\reccount_query.dms
.js
scripts\TreeTB\CsvCopy.dms
.js
scripts\TreeTB\InsertStatements.dms
.js
scripts\TreeTB\TableInfo.dms
.js
sqlite3.dll
.dll windows:4 windows x86 arch:x86

11b10a7da6569f73171e32f4246fce97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexW
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessHeap
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetVersionExA
GetVersionExW
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
InterlockedCompareExchange
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetFilePointer
SetUnhandledExceptionFilter
Sleep
SystemTimeToFileTime
TerminateProcess
TlsGetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile

msvcrt

__dllonexit
__setusermatherr
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_iob
_lock
_onexit
localtime
calloc
cosh
fprintf
free
fwrite
log10
malloc
memcmp
memmove
qsort
realloc
sinh
strcmp
strcspn
strlen
strncmp
strrchr
_unlock
abort
acos
asin
atan
tan
tanh
vfprintf

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_autovacuum_pages
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_pointer
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_changes64
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_filename
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_create_window_function
sqlite3_data_count
sqlite3_data_directory
sqlite3_database_file_object
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_name
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_deserialize
sqlite3_drop_modules
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_error_offset
sqlite3_errstr
sqlite3_exec
sqlite3_expanded_sql
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_filename_database
sqlite3_filename_journal
sqlite3_filename_wal
sqlite3_finalize
sqlite3_free
sqlite3_free_filename
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_hard_heap_limit64
sqlite3_initialize
sqlite3_interrupt
sqlite3_is_interrupted
sqlite3_keyword_check
sqlite3_keyword_count
sqlite3_keyword_name
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare16_v3
sqlite3_prepare_v2
sqlite3_prepare_v3
sqlite3_preupdate_blobwrite
sqlite3_preupdate_count
sqlite3_preupdate_depth
sqlite3_preupdate_hook
sqlite3_preupdate_new
sqlite3_preupdate_old
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_pointer
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_rtree_geometry_callback
sqlite3_rtree_query_callback
sqlite3_serialize
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_set_last_insert_rowid
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_isexplain
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_str_append
sqlite3_str_appendall
sqlite3_str_appendchar
sqlite3_str_appendf
sqlite3_str_errcode
sqlite3_str_finish
sqlite3_str_length
sqlite3_str_new
sqlite3_str_reset
sqlite3_str_value
sqlite3_str_vappendf
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_temp_directory
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_total_changes64
sqlite3_trace
sqlite3_trace_v2
sqlite3_transfer_bindings
sqlite3_txn_state
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_key
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_encoding
sqlite3_value_free
sqlite3_value_frombind
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_nochange
sqlite3_value_numeric_type
sqlite3_value_pointer
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_collation
sqlite3_vtab_config
sqlite3_vtab_distinct
sqlite3_vtab_in
sqlite3_vtab_in_first
sqlite3_vtab_in_next
sqlite3_vtab_nochange
sqlite3_vtab_on_conflict
sqlite3_vtab_rhs_value
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_mbcs_to_utf8_v2
sqlite3_win32_set_directory
sqlite3_win32_set_directory16
sqlite3_win32_set_directory8
sqlite3_win32_sleep
sqlite3_win32_unicode_to_utf8
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_utf8_to_mbcs_v2
sqlite3_win32_utf8_to_unicode
sqlite3_win32_write_debug
sqlite3changegroup_add
sqlite3changegroup_add_strm
sqlite3changegroup_delete
sqlite3changegroup_new
sqlite3changegroup_output
sqlite3changegroup_output_strm
sqlite3changeset_apply
sqlite3changeset_apply_strm
sqlite3changeset_apply_v2
sqlite3changeset_apply_v2_strm
sqlite3changeset_concat
sqlite3changeset_concat_strm
sqlite3changeset_conflict
sqlite3changeset_finalize
sqlite3changeset_fk_conflicts
sqlite3changeset_invert
sqlite3changeset_invert_strm
sqlite3changeset_new
sqlite3changeset_next
sqlite3changeset_old
sqlite3changeset_op
sqlite3changeset_pk
sqlite3changeset_start
sqlite3changeset_start_strm
sqlite3changeset_start_v2
sqlite3changeset_start_v2_strm
sqlite3rebaser_configure
sqlite3rebaser_create
sqlite3rebaser_delete
sqlite3rebaser_rebase
sqlite3rebaser_rebase_strm
sqlite3session_attach
sqlite3session_changeset
sqlite3session_changeset_size
sqlite3session_changeset_strm
sqlite3session_config
sqlite3session_create
sqlite3session_delete
sqlite3session_diff
sqlite3session_enable
sqlite3session_indirect
sqlite3session_isempty
sqlite3session_memory_used
sqlite3session_object_config
sqlite3session_patchset
sqlite3session_patchset_strm
sqlite3session_table_filter

Sections

.text
Size: 722KB - Virtual size: 721KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 803B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

a6b7f8a23ea4ef0bcd71cfd9f3ff70ed

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

Exports

Exports

Sections

.text Size: 34KB - Virtual size: 34KB

.itext Size: 512B - Virtual size: 268B

.data Size: 2KB - Virtual size: 2KB

.bss Size: - Virtual size: 13KB

.idata Size: 1KB - Virtual size: 1KB

.didata Size: 512B - Virtual size: 292B

.edata Size: 512B - Virtual size: 109B

.rdata Size: 512B - Virtual size: 69B

.reloc Size: 3KB - Virtual size: 2KB

.rsrc Size: 1.8MB - Virtual size: 1.8MB

Password: infected

47985bb8bf836c44ceed7097a0bdead1

Headers

DLL Characteristics

File Characteristics

Imports

mpr

winmm

oleacc

shlwapi

winspool.drv

comdlg32

comctl32

shell32

user32

version

oleaut32

netapi32

msvcrt

advapi32

imagehlp

kernel32

shfolder

wsock32

ole32

gdi32

Exports

Exports

Sections

.text Size: 20.2MB - Virtual size: 20.2MB

.itext Size: 126KB - Virtual size: 125KB

.data Size: 1.2MB - Virtual size: 1.2MB

.bss Size: - Virtual size: 530KB

.idata Size: 20KB - Virtual size: 19KB

.didata Size: 25KB - Virtual size: 24KB

.edata Size: 512B - Virtual size: 109B

.tls Size: - Virtual size: 88B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 1.4MB - Virtual size: 1.4MB

.rsrc Size: 6.5MB - Virtual size: 6.5MB

Password: infected

a64b009ff2c9503726050a45e231f4c9

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26Certificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

58:d3:f7:46:e5:db:4f:12:10:fc:b0:0d:da:35:f9:b1:42:3b:6b:67:5c:8a:fc:85:d6:b8:6a:4e:fb:fd:9f:ccSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

.text
Size: 34KB - Virtual size: 34KB

.itext
Size: 512B - Virtual size: 268B

.data
Size: 2KB - Virtual size: 2KB

.bss
Size: - Virtual size: 13KB

.idata
Size: 1KB - Virtual size: 1KB

.didata
Size: 512B - Virtual size: 292B

.edata
Size: 512B - Virtual size: 109B

.rdata
Size: 512B - Virtual size: 69B

.reloc
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 20.2MB - Virtual size: 20.2MB

.itext
Size: 126KB - Virtual size: 125KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.bss
Size: - Virtual size: 530KB

.idata
Size: 20KB - Virtual size: 19KB

.didata
Size: 25KB - Virtual size: 24KB

.edata
Size: 512B - Virtual size: 109B

.tls
Size: - Virtual size: 88B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 1.4MB - Virtual size: 1.4MB

.rsrc
Size: 6.5MB - Virtual size: 6.5MB

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

58:d3:f7:46:e5:db:4f:12:10:fc:b0:0d:da:35:f9:b1:42:3b:6b:67:5c:8a:fc:85:d6:b8:6a:4e:fb:fd:9f:cc
Signer

.text
Size: 61KB - Virtual size: 60KB

.rdata
Size: 27KB - Virtual size: 26KB

.data
Size: 2KB - Virtual size: 4KB

.00cfg
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

.voltbl
Size: 512B - Virtual size: 72B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 4KB

.text
Size: 722KB - Virtual size: 721KB

.data
Size: 10KB - Virtual size: 9KB

.rdata
Size: 81KB - Virtual size: 81KB

.bss
Size: - Virtual size: 1KB

.edata
Size: 11KB - Virtual size: 10KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 44B

.tls
Size: 512B - Virtual size: 32B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 15KB - Virtual size: 15KB

/4
Size: 1KB - Virtual size: 1KB

/19
Size: 50KB - Virtual size: 50KB

/31
Size: 10KB - Virtual size: 9KB

/45
Size: 12KB - Virtual size: 11KB

/57
Size: 3KB - Virtual size: 2KB

/70
Size: 1024B - Virtual size: 803B

/81
Size: 15KB - Virtual size: 14KB

/92
Size: 1024B - Virtual size: 848B