BaristaBagging[.]json

Resubmissions

04/09/2024, 17:30

240904-v24nestgmq 1

04/09/2024, 17:20

240904-vwl67avgmg 8

Sharing

Copy URL

Twitter E-mail

General

Target

BaristaBagging.json
Size

8.6MB
MD5

5c32783ed50ced55e9a3a8a2e5a0c0d4
SHA1

fd69896cb6268c93f977a56fe62201c1280710c7
SHA256

5436a830f3d34bf161b846de94286967ddb63a0090b8ac59ea0cd3e066bf00bc
SHA512

9d0f1f60da250408e4402e4e4475703eef586bb592b778836ec99fad07b0ce7abddc2611746e2835d99e28de69dfdf483eed7ab3e1d5444328e15d45ce28691b
SSDEEP

196608:ZEVEZEPE8Jf808zwUIvP4Btk3CDHKhiBm4omLvorU:ZEVEZEPEwf8xzw734BtnSCmlmDT

Score

1^/10

Malware Config

Signatures

Files

BaristaBagging.json
.exe windows:10 windows x86 arch:x86

9c7e5eec67e3177ed79d1b4cb6ed896a

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

26/01/2022, 00:00

Not After

26/02/2025, 23:59

Subject

CN=Razer USA Ltd.,O=Razer USA Ltd.,L=Irvine,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4a:de:d0:a2:33:35:88:3a:ea:13:9b:35:81:04:db:15:bd:1f:4b:30:49:c6:a6:d4:8e:45:3b:71:5e:9f:d2:c3
Signer

Actual PE Digest

4a:de:d0:a2:33:35:88:3a:ea:13:9b:35:81:04:db:15:bd:1f:4b:30:49:c6:a6:d4:8e:45:3b:71:5e:9f:d2:c3

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

SearchIndexer.pdb

Imports

msvcp_win

?_Winerror_map@std@@YAHH@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?epptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?gbump@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXH@Z
?egptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?gptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?eback@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
_Wcsxfrm
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?pptr@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBEPA_WXZ
?_Xbad_alloc@std@@YAXXZ
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?_Syserror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?setp@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W0@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Xbad_function_call@std@@YAXXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?is@?$ctype@_W@std@@QBE_NF_W@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??0_Lockit@std@@QAE@H@Z
?id@?$collate@_W@std@@2V0locale@2@A
??1_Lockit@std@@QAE@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
_Wcscoll
?c_str@?$_Yarn@D@std@@QBEPBDXZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
?setg@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXPA_W00@Z
?_Xlength_error@std@@YAXPBD@Z

api-ms-win-crt-string-l1-1-0

memset
wcsncmp
wcspbrk
memmove_s

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_c_exit
_register_thread_local_exe_atexit_callback
_initterm

api-ms-win-crt-private-l1-1-0

_o__recalloc
_o__register_onexit_function
_o__seh_filter_exe
_o__set_app_type
_o__set_errno
_o__set_fmode
_o__set_new_mode
_o__wcsicmp
_o__wcslwr_s
_o__wcsnicmp
memmove
_o__wtol
_o__initialize_narrow_environment
_o_calloc
_o_ceil
_o_exit
_o_free
_o_iswspace
_o_iswxdigit
_o_malloc
_o_qsort
_o_realloc
_o_terminate
_o_towupper
_o_wcsncpy_s
_o_wcstok
_o_wcstol
_o_wmemcpy_s
__current_exception
__current_exception_context
_except_handler4_common
_CxxThrowException
_o__get_narrow_winmain_command_line
_o__get_errno
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___std_exception_destroy
_o___std_exception_copy
_o___p__commode
_o__invalid_parameter_noinfo_noreturn
_o__exit
_o__errno
_o__invalid_parameter_noinfo
_o____lc_codepage_func
__std_terminate
_o__initialize_onexit_table
_o_abort
__CxxFrameHandler3
wcschr
wcsstr
strchr
_o__crt_atexit
_o__controlfp_s
_o__configure_narrow_argv
_o__configthreadlocale
memcmp
memcpy

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
LockResource
FindResourceExW
LoadResource
FindStringOrdinal
GetModuleHandleW
GetModuleFileNameA
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
GetProcAddress
LoadStringW
SizeofResource
GetModuleHandleExA

api-ms-win-core-synch-l1-1-0

InitializeSRWLock
OpenEventW
ReleaseSemaphore
ReleaseMutex
CreateEventW
ResetEvent
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
TryAcquireSRWLockExclusive
CreateMutexW
SetEvent
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
AcquireSRWLockExclusive
CreateSemaphoreExW
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapSize
HeapAlloc
HeapDestroy
HeapReAlloc
HeapSetInformation
HeapFree

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetErrorMode
SetLastError
GetLastError
RaiseException

api-ms-win-core-processthreads-l1-1-0

GetCurrentThread
OpenProcessToken
TerminateProcess
CreateThread
GetCurrentProcessId
OpenThreadToken
TlsAlloc
GetCurrentThreadId
TlsFree
SetPriorityClass
GetStartupInfoW
GetCurrentProcess

api-ms-win-core-localization-l1-2-0

GetSystemPreferredUILanguages
FormatMessageA
GetSystemDefaultLCID
LocaleNameToLCID
FormatMessageW
GetNLSVersionEx
LCMapStringW
GetLocaleInfoEx
ResolveLocaleName
GetLocaleInfoW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

oleaut32

SysStringByteLen
LoadRegTypeLi
LoadTypeLi
SysAllocStringLen
VariantClear
SysAllocStringByteLen
SysStringLen
SysAllocString
SafeArrayDestroy
SetErrorInfo
GetErrorInfo
VarUI4FromStr
VarBstrCat
SafeArrayGetElement
SafeArrayGetUBound
SysFreeString
VariantInit

api-ms-win-core-registry-l1-1-0

RegGetValueW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW
RegGetKeySecurity
RegCloseKey
RegEnumValueW
RegDeleteTreeW
RegEnumKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegDeleteKeyExW
RegCreateKeyExW

api-ms-win-core-shlwapi-legacy-l1-1-0

PathIsRootW
PathIsUNCServerShareW
PathCanonicalizeW
PathAddBackslashW
PathIsUNCServerW
PathStripToRootW
PathIsUNCW
PathFileExistsW
PathSkipRootW
PathAppendW
PathRemoveBackslashW
PathFindNextComponentW

api-ms-win-core-com-l1-1-0

CoInitializeEx
CoImpersonateClient
CoRevertToSelf
CoReleaseServerProcess
CLSIDFromString
CoMarshalInterface
CoAddRefServerProcess
PropVariantClear
CoRegisterClassObject
CoInitializeSecurity
StringFromGUID2
CoResumeClassObjects
CoUninitialize
CoCreateFreeThreadedMarshaler
CoTaskMemRealloc
CoCreateInstance
IIDFromString
CoGetMalloc
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolQueueTask

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
IsThreadpoolTimerSet
CreateThreadpoolTimer

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce
Sleep
InitOnceBeginInitialize
InitOnceComplete
InitOnceInitialize

ntdll

RtlNtStatusToDosError
RtlIsStateSeparationEnabled
NtQueryWnfStateData
NtSetInformationFile
NtOpenFile
RtlInitUnicodeString
RtlQueryWnfStateData
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfStateChangeNotification
RtlPublishWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlQueryPackageClaims
RtlGetPersistedStateLocation
RtlGetDeviceFamilyInfoEnum

api-ms-win-core-file-l1-1-0

SetFileAttributesW
GetFileAttributesW
FindClose
GetFileAttributesExW
DeleteFileW
FindNextFileW
FindFirstFileExW
SetFileTime
CreateDirectoryW
GetVolumeInformationW
FindFirstVolumeW
FindFirstFileW
GetFileTime
FindVolumeClose
FindNextVolumeW
CreateFileW
CompareFileTime
RemoveDirectoryW
GetLogicalDrives
GetDriveTypeW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-file-l1-2-0

GetVolumeNameForVolumeMountPointW
GetVolumePathNamesForVolumeNameW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW
lstrcmpW

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventWriteTransfer
EventUnregister
EventEnabled
EventActivityIdControl

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetVersionExW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount64

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
CompareStringOrdinal
WideCharToMultiByte
CompareStringW

api-ms-win-shcore-registry-l1-1-0

SHDeleteKeyW
SHGetValueW
SHSetValueW
SHCopyKeyW

api-ms-win-shell-shdirectory-l1-1-0

ord290

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetEnvironmentVariableW
SearchPathW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-service-management-l1-1-0

OpenServiceW
OpenSCManagerW
CloseServiceHandle

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent
SetProcessMitigationPolicy

api-ms-win-service-management-l2-1-0

ChangeServiceConfig2W

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoOriginateErrorW

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage
GetSystemDefaultUILanguage

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-file-l2-1-0

GetFileInformationByHandleEx

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

shcore

SHStrDupW
ord1

combase

ord184

mssrch

?GetFilterHostProcessPoolManager@CSearchServiceObj@@SGJPAPAUIFilterHostProcessPoolManager@@@Z
??1CSearchServiceObj@@QAE@XZ
??0CSearchServiceObj@@QAE@XZ
?Cleanup@CSearchServiceObj@@SGXXZ
?GetFileChangeClientManagerInstance@@YA?AV?$shared_ptr@UIFileChangeClientManager@ChangeTracking@Windows@@@std@@XZ

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrStrIW
StrCmpNICW

api-ms-win-core-path-l1-1-0

PathCchSkipRoot

api-ms-win-core-kernel32-legacy-l1-1-0

MoveFileW
GetSystemPowerStatus
RegisterWaitForSingleObject

api-ms-win-service-winsvc-l1-1-0

ControlService
QueryServiceStatus

api-ms-win-service-core-l1-1-1

EnumDependentServicesW

api-ms-win-core-processthreads-l1-1-3

SetThreadDescription

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

api-ms-win-core-winrt-l1-1-0

RoRegisterActivationFactories
RoGetActivationFactory
RoRevokeActivationFactories

api-ms-win-core-winrt-string-l1-1-0

WindowsIsStringEmpty
WindowsStringHasEmbeddedNull
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsCreateString
WindowsDeleteString

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-service-core-l1-1-0

RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
SetServiceStatus

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile
CreateFileMappingW
MapViewOfFile

api-ms-win-core-localization-l1-2-2

LCIDToLocaleName

rpcrt4

I_RpcBindingInqLocalClientPID

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-shcore-stream-l1-1-0

SHCreateMemStream

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-appmodel-runtime-l1-1-1

GetApplicationUserModelIdFromToken

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

propsys

ord437

Sections

.text
Size: 636KB - Virtual size: 635KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 360B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

9c7e5eec67e3177ed79d1b4cb6ed896a

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:eaCertificate

Extended Key Usages

Key Usages

4a:de:d0:a2:33:35:88:3a:ea:13:9b:35:81:04:db:15:bd:1f:4b:30:49:c6:a6:d4:8e:45:3b:71:5e:9f:d2:c3Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp_win

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

oleaut32

api-ms-win-core-registry-l1-1-0

api-ms-win-core-shlwapi-legacy-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-shcore-taskpool-l1-1-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-sysinfo-l1-2-0

api-ms-win-core-kernel32-legacy-l1-1-1

api-ms-win-core-synch-l1-2-0

ntdll

api-ms-win-core-file-l1-1-0

api-ms-win-core-io-l1-1-0

api-ms-win-core-file-l1-2-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-shcore-registry-l1-1-0

api-ms-win-shell-shdirectory-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-string-l2-1-0

api-ms-win-service-management-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-service-management-l2-1-0

api-ms-win-core-winrt-error-l1-1-0

api-ms-win-core-localization-obsolete-l1-2-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-file-l2-1-0

api-ms-win-core-file-l2-1-2

api-ms-win-core-profile-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-core-apiquery-l1-1-0

shcore

combase

mssrch

api-ms-win-core-shlwapi-obsolete-l1-1-0

api-ms-win-core-path-l1-1-0

api-ms-win-core-kernel32-legacy-l1-1-0

api-ms-win-service-winsvc-l1-1-0

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

06:c3:e3:0f:10:1b:62:fe:0a:49:9e:b1:18:90:12:ea
Certificate

4a:de:d0:a2:33:35:88:3a:ea:13:9b:35:81:04:db:15:bd:1f:4b:30:49:c6:a6:d4:8e:45:3b:71:5e:9f:d2:c3
Signer

.text
Size: 636KB - Virtual size: 635KB

.data
Size: 5KB - Virtual size: 12KB

.idata
Size: 18KB - Virtual size: 17KB

.didat
Size: 512B - Virtual size: 360B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 35KB - Virtual size: 35KB