debc38d0cddabbf02075e34b765bed83_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

debc38d0cddabbf02075e34b765bed83_JaffaCakes118
Size

2.9MB
MD5

debc38d0cddabbf02075e34b765bed83
SHA1

e8b834e663514786c2773b1f644a2ffc98e5618c
SHA256

bd37b0151c6eb97c22201a381464a61cdff7390c8da852d58f467922c7dfeaa3
SHA512

18ee507cf0019d340ecc741f3b33fc6d06502495020c1eddbde367551b0dddfdb010b43a209a1a8fca039f182f20253621124137c8643c45ac55d37206a2ec5d
SSDEEP

49152:bycB/OQJ7+6qNx09wPUFCDZgFKk4vViP84v/+3e9kF7g/KTndSmXp8:Gg77BwPlD9m2Oqxqqnd

Score

1^/10

Malware Config

Signatures

Files

debc38d0cddabbf02075e34b765bed83_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6320dca008d7f92e5d56c7c9181feac1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

47:33:bb:60:89:e3:2f:cd:22:4d:0e:49:de:b6:63:da
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

28/09/2018, 00:00

Not After

01/02/2020, 23:59

Subject

CN=Beijing Qihu Technology Co.\, Ltd.,OU=研发部,O=Beijing Qihu Technology Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5b:21:3a:c4:69:7a:65:f6:b7:82:7d:9e:48:92:64:dc
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

28/09/2018, 00:00

Not After

01/02/2020, 23:59

Subject

CN=Beijing Qihu Technology Co.\, Ltd.,OU=研发部,O=Beijing Qihu Technology Co.\, Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

54:cd:63:e6:61:16:69:0f:74:a5:6e:90:4b:2d:43:a5:75:7d:6e:70:cd:b9:3b:2c:bf:12:62:8c:8f:25:fb:60
Signer

Actual PE Digest

54:cd:63:e6:61:16:69:0f:74:a5:6e:90:4b:2d:43:a5:75:7d:6e:70:cd:b9:3b:2c:bf:12:62:8c:8f:25:fb:60

Digest Algorithm

sha256

PE Digest Matches

true

84:6c:5e:34:d2:6c:7e:68:26:ec:85:61:21:c9:25:74:e8:7e:81:ee
Signer

Actual PE Digest

84:6c:5e:34:d2:6c:7e:68:26:ec:85:61:21:c9:25:74:e8:7e:81:ee

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\vmagent_new\bin\joblist\380267\out\Release\ComputerZTray.pdb

Imports

kernel32

MulDiv
CopyFileW
MoveFileExW
GetExitCodeProcess
ResetEvent
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
OpenEventW
OutputDebugStringW
GetTempFileNameW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
MoveFileW
GetSystemDirectoryW
GetFileSize
GetPrivateProfileStringA
ExpandEnvironmentStringsW
GlobalAddAtomW
GlobalFindAtomW
FindClose
GetFullPathNameW
FindFirstFileW
FindNextFileW
OutputDebugStringA
FlushFileBuffers
FormatMessageW
GetTempPathW
CreateDirectoryW
DeviceIoControl
WriteFile
Sleep
TerminateProcess
GetFileAttributesExW
CreateFileW
CreateFileMappingW
UnmapViewOfFile
MapViewOfFile
ReleaseMutex
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
WriteConsoleW
ReadConsoleW
SetFilePointer
SetConsoleCtrlHandler
EnumSystemLocalesW
GetUserDefaultLCID
QueryDosDeviceW
CreateMutexW
GetDateFormatW
GetCurrentThread
GetACP
GetStdHandle
GetModuleFileNameA
ExitProcess
GetTimeZoneInformation
GetConsoleMode
GetLongPathNameW
SetFilePointerEx
GetFileType
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
RtlUnwind
TerminateThread
DosDateTimeToFileTime
FileTimeToDosDateTime
FileTimeToLocalFileTime
GetSystemTime
SetFileTime
GetFileTime
SetEndOfFile
InterlockedExchangeAdd
QueryPerformanceCounter
UnhandledExceptionFilter
GetSystemWindowsDirectoryW
FreeResource
CreateFileA
lstrcmpiA
lstrcmpA
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
GetStringTypeW
LoadLibraryExA
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
EncodePointer
IsDebuggerPresent
IsValidLocale
GetLogicalDriveStringsW
GetShortPathNameW
GlobalFree
GetTimeFormatW
lstrlenW
GlobalUnlock
GlobalLock
GlobalAlloc
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
WideCharToMultiByte
GetVersionExW
GetStartupInfoW
CreateProcessW
OpenMutexW
GetCurrentProcess
GetVersion
MultiByteToWideChar
GetPrivateProfileIntW
CreateEventW
WaitForMultipleObjects
SetEvent
InterlockedCompareExchange
InterlockedExchange
SetLastError
FindResourceExW
FindResourceW
GetModuleHandleW
GetModuleFileNameW
CancelWaitableTimer
SetWaitableTimer
CreateWaitableTimerW
WaitForSingleObjectEx
LocalFileTimeToFileTime
SystemTimeToFileTime
ResumeThread
OpenProcess
GlobalMemoryStatusEx
WritePrivateProfileStringW
GetPrivateProfileStringW
GetLocalTime
IsBadReadPtr
DeleteFileW
GetCommandLineW
LoadLibraryExW
lstrcmpiW
SetErrorMode
SetUnhandledExceptionFilter
GetCurrentProcessId
VirtualProtect
FreeLibrary
InterlockedDecrement
InterlockedIncrement
DecodePointer
LocalFree
LocalAlloc
PeekNamedPipe
CreatePipe
SetHandleInformation
GetConsoleCP
ReadFile
SizeofResource
LoadResource
GetCurrentThreadId
LockResource
LoadLibraryW
GetTickCount
CloseHandle
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
GetProcAddress
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
SetStdHandle

user32

GetWindowTextLengthW
InvalidateRect
GetDialogBaseUnits
SendMessageW
MapWindowPoints
DefWindowProcW
CallWindowProcW
UnregisterClassW
RegisterClassExW
GetClassInfoExW
CreateWindowExW
RedrawWindow
SetLayeredWindowAttributes
LoadStringW
UnregisterClassA
DestroyWindow
GetWindowLongW
SetWindowLongW
LoadCursorW
SendMessageTimeoutW
WaitForInputIdle
IsWindow
FindWindowW
wsprintfW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
ShowWindow
CharNextW
MessageBoxW
OpenClipboard
CloseClipboard
EmptyClipboard
GetWindowThreadProcessId
SetTimer
KillTimer
GetDC
ReleaseDC
IsWindowEnabled
GetFocus
GetSystemMetrics
GetMenuStringW
GetMenuItemInfoW
DrawTextW
GetSysColor
FillRect
FrameRect
IsDialogMessageW
MonitorFromWindow
IsWindowVisible
IsIconic
SetForegroundWindow
GetDlgItem
InflateRect
SetRectEmpty
CopyRect
SetRect
OffsetRect
PtInRect
SetCursor
DrawFocusRect
BeginPaint
EndPaint
IsRectEmpty
RegisterWindowMessageW
FindWindowExW
SetFocus
EnableWindow
SetWindowTextW
CreatePopupMenu
DestroyMenu
GetMenuItemCount
TrackPopupMenuEx
SetMenuInfo
InsertMenuItemW
GetWindowDC
GetWindowRgn
GetSysColorBrush
SetActiveWindow
PostMessageW
SendNotifyMessageW
ExitWindowsEx
LoadIconW
RegisterDeviceNotificationW
UnregisterDeviceNotification
PostQuitMessage
GetMenuInfo
GetForegroundWindow
GetParent
GetClientRect
GetWindowRect
GetCursorPos
WindowFromPoint
GetDesktopWindow
GetShellWindow
GetClassNameW
SetWindowRgn
SetWindowPos
UpdateLayeredWindow
UnhookWinEvent
SetWinEventHook
GetWindowTextW
ClientToScreen
GetAncestor
GetWindowInfo
GetMonitorInfoW
MonitorFromPoint
SystemParametersInfoW
EnumDisplaySettingsW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetWindow

gdi32

GetTextMetricsW
CreateSolidBrush
CreateRectRgn
CombineRgn
ExtTextOutW
MoveToEx
SetTextColor
SetBkMode
SetDCPenColor
SetBkColor
LineTo
GetStockObject
CreateRectRgnIndirect
GetDeviceCaps
CreateFontIndirectW
SetViewportOrgEx
GetObjectW
CreateDIBSection
SelectObject
DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
EnumFontFamiliesW
DeleteObject
CreateFontW
CreateRoundRectRgn
Rectangle
SelectClipRgn
GetTextExtentPoint32W
SetDCBrushColor
GetCurrentObject

advapi32

QueryServiceConfigW
UnlockServiceDatabase
StartServiceW
QueryServiceStatusEx
QueryServiceStatus
QueryServiceLockStatusW
QueryServiceConfig2W
OpenServiceW
OpenSCManagerW
LockServiceDatabase
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfig2W
ChangeServiceConfigW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegDeleteValueW
RegCloseKey
GetUserNameW
RegDeleteKeyW
RegEnumKeyExW
RegQueryInfoKeyW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetTokenInformation
SetTokenInformation
CreateWellKnownSid
GetLengthSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
DuplicateTokenEx
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
CryptAcquireContextW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
RegCreateKeyExW
RegEnumKeyExA
CryptDestroyKey
CryptSetKeyParam
CryptGenRandom
CryptImportKey
CryptEncrypt
CryptDecrypt
CryptContextAddRef

shell32

SHAppBarMessage
SHGetSpecialFolderPathW
ShellExecuteW
ShellExecuteExW
CommandLineToArgvW
ord165
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHLoadInProc
SHCreateDirectoryExW
SHFileOperationW
Shell_NotifyIconW

ole32

CreateStreamOnHGlobal
CLSIDFromProgID
CoTaskMemFree
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
CoInitializeSecurity
CoUninitialize
CoInitialize
CoTaskMemAlloc
CoInitializeEx
CoSetProxyBlanket
CoCreateGuid

oleaut32

VariantChangeType
GetErrorInfo
SetErrorInfo
CreateErrorInfo
SysAllocString
SysFreeString
VariantInit
VariantClear
VarUI4FromStr
SysStringByteLen
SysAllocStringByteLen
SysStringLen

shlwapi

SHSetValueA
StrCmpNIW
StrTrimA
StrStrIA
StrToIntW
SHGetValueA
StrToIntExW
SHDeleteValueW
PathIsRootW
PathRemoveExtensionW
PathCombineW
PathFileExistsW
SHGetValueW
PathAppendW
PathRemoveFileSpecW
StrCmpIW
PathIsRelativeW
StrStrIW
SHSetValueW
PathFindFileNameW
PathIsURLW
PathIsDirectoryW
AssocQueryStringW

comctl32

_TrackMouseEvent

gdiplus

GdipBitmapUnlockBits
GdipDrawImagePointRectI
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFont
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipSetTextRenderingHint
GdipSetImageAttributesColorMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipDrawImageRectI
GdipDrawImagePointsI

secur32

GetUserNameExW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

psapi

EmptyWorkingSet
EnumProcesses
GetProcessImageFileNameW
GetModuleFileNameExW

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

imm32

ImmDisableIME

ws2_32

inet_addr
htons
ioctlsocket
recv
closesocket
__WSAFDIsSet
WSAGetLastError
select
connect
socket
send

setupapi

CM_Locate_DevNodeW
SetupDiGetDeviceInstanceIdW
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
CM_Get_Child
CM_Get_Device_IDW
CM_Get_DevNode_Status
CM_Get_Parent
CM_Get_Sibling
CMP_WaitNoPendingInstallEvents

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData

wininet

InternetGetConnectedState

iphlpapi

GetAdaptersInfo

winmm

timeGetDevCaps
timeBeginPeriod
timeEndPeriod
timeGetTime
PlaySoundW

urlmon

URLDownloadToFileW
URLDownloadToCacheFileW

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 360KB - Virtual size: 359KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 914KB - Virtual size: 914KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6320dca008d7f92e5d56c7c9181feac1

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

47:33:bb:60:89:e3:2f:cd:22:4d:0e:49:de:b6:63:daCertificate

Extended Key Usages

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

5b:21:3a:c4:69:7a:65:f6:b7:82:7d:9e:48:92:64:dcCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

54:cd:63:e6:61:16:69:0f:74:a5:6e:90:4b:2d:43:a5:75:7d:6e:70:cd:b9:3b:2c:bf:12:62:8c:8f:25:fb:60Signer

84:6c:5e:34:d2:6c:7e:68:26:ec:85:61:21:c9:25:74:e8:7e:81:eeSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

comctl32

gdiplus

secur32

version

psapi

wtsapi32

imm32

ws2_32

setupapi

crypt32

wintrust

wininet

iphlpapi

winmm

urlmon

Sections

.text Size: 1.5MB - Virtual size: 1.5MB

.rdata Size: 360KB - Virtual size: 359KB

.data Size: 38KB - Virtual size: 59KB

.rsrc Size: 914KB - Virtual size: 914KB

.reloc Size: 86KB - Virtual size: 86KB

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

47:33:bb:60:89:e3:2f:cd:22:4d:0e:49:de:b6:63:da
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

5b:21:3a:c4:69:7a:65:f6:b7:82:7d:9e:48:92:64:dc
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

54:cd:63:e6:61:16:69:0f:74:a5:6e:90:4b:2d:43:a5:75:7d:6e:70:cd:b9:3b:2c:bf:12:62:8c:8f:25:fb:60
Signer

84:6c:5e:34:d2:6c:7e:68:26:ec:85:61:21:c9:25:74:e8:7e:81:ee
Signer

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 360KB - Virtual size: 359KB

.data
Size: 38KB - Virtual size: 59KB

.rsrc
Size: 914KB - Virtual size: 914KB

.reloc
Size: 86KB - Virtual size: 86KB