NahimicService[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

NahimicService.exe
Size

1.8MB
MD5

4143d3420958b9a2b97e0af6ff790daf
SHA1

49538361491afe628b496ab70da748d495d9c771
SHA256

2064253cd76dec3fd59d310f3b642e0ab0ced01c1bd222752e90ce9e558febf6
SHA512

5c3371a0921cfbd9a83fd9c78eb4a8105d5ff8ae312384752736a33d66bbff16794c2db72700b1b740a90a4f1fbb5c9c1bb3d56dfa1110de65805e4ce6e1fe47
SSDEEP

49152:2SUw2DiMEFp2Xk692ozYNXJZGF3ekGtGAlTwyl8sDCb:2SUVDV92ozu6rGtsb

Score

1^/10

Malware Config

Signatures

Files

NahimicService.exe
.exe windows:6 windows x64 arch:x64

34789f1baed06f9e647c4beb8c5d421e

Code Sign

0c:a6:a7:a3:91:6e:cd:e9:6f:5e:a6:2a:34:14:87:60
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/08/2020, 00:00

Not After

08/11/2023, 12:00

Subject

SERIALNUMBER=453 587 420,CN=A-Volute SAS,O=A-Volute SAS,L=Roubaix,C=FR,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#13054c696c6c65,1.3.6.1.4.1.311.60.2.1.2=#130f48617574732d64652d4672616e6365,1.3.6.1.4.1.311.60.2.1.3=#13024652

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09/06/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:60:51:40:a0:10:da:a7:48:24:f8:36:b0:9d:cc:ae:0d:af:e9:fc:20:3b:2f:fc:eb:9f:49:ff:b7:9f:d3:02
Signer

Actual PE Digest

30:60:51:40:a0:10:da:a7:48:24:f8:36:b0:9d:cc:ae:0d:af:e9:fc:20:3b:2f:fc:eb:9f:49:ff:b7:9f:d3:02

Digest Algorithm

sha256

PE Digest Matches

true

30:60:51:40:a0:10:da:a7:48:24:f8:36:b0:9d:cc:ae:0d:af:e9:fc:20:3b:2f:fc:eb:9f:49:ff:b7:9f:d3:02
Signer

Actual PE Digest

30:60:51:40:a0:10:da:a7:48:24:f8:36:b0:9d:cc:ae:0d:af:e9:fc:20:3b:2f:fc:eb:9f:49:ff:b7:9f:d3:02

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\BuildAgent\work\fac0970a3d49f93d\Out\Release\Win64\NahimicService.pdb

Imports

shlwapi

PathIsRelativeW
PathFileExistsW

wtsapi32

WTSEnumerateSessionsExW
WTSQueryUserToken
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification
WTSEnumerateSessionsW
WTSQuerySessionInformationW
WTSFreeMemoryExW
WTSSendMessageW
WTSFreeMemory

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsGetStringRawBuffer
WindowsCreateString
WindowsCreateStringReference

api-ms-win-core-winrt-l1-1-0

RoInitialize
RoActivateInstance

wintrust

WinVerifyTrust

crypt32

CertGetNameStringW
CryptMsgGetParam
CertCloseStore
CryptQueryObject
CertFreeCertificateContext
CryptMsgClose
CertFindCertificateInStore

setupapi

SetupGetInfDriverStoreLocationW

rpcrt4

RpcBindingVectorFree
NdrServerCall2
RpcEpUnregister
RpcEpRegisterW
RpcServerUseProtseqEpW
RpcServerUnregisterIf
RpcServerRegisterIf3
RpcServerListen
RpcServerInqBindings
NdrClientCall2

api-ms-win-core-libraryloader-l1-2-0

FreeLibraryAndExitThread
GetModuleFileNameA
GetProcAddress
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryExW
FreeLibrary
GetModuleHandleW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-threadpool-l1-2-0

SubmitThreadpoolWork
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolWork
CloseThreadpoolWait
WaitForThreadpoolWaitCallbacks

api-ms-win-core-kernel32-legacy-l1-1-0

RegisterWaitForSingleObject
WTSGetActiveConsoleSessionId
UnregisterWait

api-ms-win-core-heap-l1-1-0

HeapFree
HeapSize
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapDestroy

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
RaiseException
GetLastError
UnhandledExceptionFilter
SetLastError

api-ms-win-core-synch-l1-1-0

CreateEventW
InitializeCriticalSectionEx
WaitForSingleObject
CreateMutexW
OpenMutexW
InitializeCriticalSectionAndSpinCount
CreateMutexExW
OpenSemaphoreW
CreateEventExW
OpenEventW
LeaveCriticalSection
WaitForSingleObjectEx
ResetEvent
DeleteCriticalSection
ReleaseSemaphore
TryEnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CreateSemaphoreExW
ReleaseMutex
EnterCriticalSection
SetEvent

api-ms-win-core-file-l1-1-0

GetFileInformationByHandle
FindNextFileA
CreateDirectoryW
GetFullPathNameW
GetFileAttributesExW
SetFilePointerEx
ReadFile
FlushFileBuffers
CreateFileW
UnlockFileEx
LockFileEx
GetFileTime
FindClose
FindNextFileW
WriteFile
GetFileType
FindFirstFileW
FindFirstFileExA
SetEndOfFile
GetDriveTypeW
FindFirstFileExW
DeleteFileW

api-ms-win-core-processthreads-l1-1-0

OpenProcessToken
SetPriorityClass
ProcessIdToSessionId
GetCurrentThread
GetPriorityClass
GetCurrentProcess
CreateProcessAsUserW
GetThreadPriority
GetExitCodeThread
SwitchToThread
SetThreadPriority
CreateProcessW
GetCurrentProcessId
GetStartupInfoW
TerminateThread
ExitProcess
GetExitCodeProcess
GetCurrentThreadId
TerminateProcess
SetThreadToken
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
ExitThread

api-ms-win-core-privateprofile-l1-1-0

GetPrivateProfileStringW

api-ms-win-core-localization-l1-2-0

GetUserDefaultLCID
GetACP
FormatMessageW
EnumSystemLocalesW
LCMapStringW
IsValidCodePage
GetOEMCP
GetCPInfo
IsValidLocale
GetLocaleInfoW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW
OutputDebugStringA

api-ms-win-core-registry-l1-1-0

RegNotifyChangeKeyValue
RegOpenCurrentUser
RegQueryValueExW
RegSetValueExW
RegGetValueW
RegCreateKeyExW
RegOpenKeyExW
RegSetKeySecurity
RegEnumValueW
RegCloseKey
RegEnumKeyExW
RegDeleteTreeW

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-security-base-l1-1-0

GetTokenInformation
DuplicateTokenEx
GetSidSubAuthority
CopySid
DuplicateToken
GetAclInformation
EqualSid
AddAce
InitializeAcl
GetLengthSid
GetAce
CreateWellKnownSid
InitializeSid
RevertToSelf
AddAccessAllowedAce
IsValidSid
AddAccessAllowedAceEx
CheckTokenMembership
SetSecurityDescriptorDacl
AdjustTokenPrivileges
InitializeSecurityDescriptor
FreeSid
GetSidLengthRequired
AllocateAndInitializeSid

api-ms-win-core-sysinfo-l1-1-0

GetVersionExW
GetSystemTimeAsFileTime
GetTickCount
GetSystemDirectoryW
GetLogicalProcessorInformation

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit
SafeArrayCopy
SafeArrayCreate
SafeArrayGetLBound
SafeArrayUnlock
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayLock
SafeArrayGetVartype

api-ms-win-core-string-l1-1-0

GetStringTypeW
MultiByteToWideChar
CompareStringW
WideCharToMultiByte

api-ms-win-core-com-l1-1-0

CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CoUninitialize
CoSetProxyBlanket
PropVariantClear
CoInitializeEx

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind
RtlCaptureContext
RtlPcToFileHeader
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlUnwindEx

api-ms-win-core-processthreads-l1-1-1

OpenProcess
GetThreadTimes
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedPushEntrySList
QueryDepthSList
InterlockedFlushSList
InterlockedPopEntrySList

api-ms-win-security-base-l1-2-2

DeriveCapabilitySidsFromName

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-security-provider-l1-1-0

SetNamedSecurityInfoW
GetNamedSecurityInfoW
SetEntriesInAclW

api-ms-win-core-synch-l1-2-0

SignalObjectAndWait
Sleep

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-toolhelp-l1-1-0

Process32FirstW
CreateToolhelp32Snapshot
Process32NextW

api-ms-win-core-shutdown-l1-1-0

InitiateSystemShutdownExW

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW
LookupAccountSidW

api-ms-win-core-psapi-l1-1-0

K32EnumProcesses
K32GetModuleBaseNameW
K32EnumProcessModules

api-ms-win-core-version-l1-1-1

GetFileVersionInfoSizeW
GetFileVersionInfoW

api-ms-win-core-version-l1-1-0

VerQueryValueW

api-ms-win-core-processenvironment-l1-1-0

GetCurrentDirectoryW
GetStdHandle
GetEnvironmentVariableW
GetCommandLineA
GetCommandLineW
SetStdHandle
GetEnvironmentStringsW
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-console-l1-1-0

GetConsoleCP
ReadConsoleW
GetConsoleMode
WriteConsoleW

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation

api-ms-win-core-versionansi-l1-1-1

GetFileVersionInfoSizeA
GetFileVersionInfoA

api-ms-win-core-versionansi-l1-1-0

VerQueryValueA

kernel32

SleepConditionVariableCS
WakeConditionVariable
InitializeConditionVariable
GetTickCount64
QueryPerformanceFrequency
LoadLibraryA
CreateThread
Module32NextW
Module32FirstW
VirtualQuery
InitOnceExecuteOnce
InitializeCriticalSection
SystemTimeToFileTime
GetSystemTime
GetThreadId
GetModuleHandleA
RemoveDirectoryW

user32

AllowSetForegroundWindow
UnregisterDeviceNotification
UnregisterClassW
DestroyWindow
CreateWindowExW
PeekMessageW
RegisterClassExW
DefWindowProcW
PostMessageW
MessageBoxW
TranslateMessage
GetMessageW
DispatchMessageW
UnregisterPowerSettingNotification
RegisterPowerSettingNotification
RegisterDeviceNotificationW

shell32

CommandLineToArgvW
ShellExecuteExW

ole32

CoInitialize

dbghelp

SymFromAddr
SymInitialize
SymGetOptions
SymSetOptions

winhttp

WinHttpOpen
WinHttpCloseHandle
WinHttpReceiveResponse
WinHttpCrackUrl
WinHttpSendRequest
WinHttpQueryHeaders
WinHttpConnect
WinHttpOpenRequest

ext-ms-win-shell32-shellfolders-l1-1-0

SHGetKnownFolderPath

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-ntuser-sysparams-l1-1-0

GetSystemMetrics

api-ms-win-core-file-l1-2-2

AreFileApisANSI

api-ms-win-core-file-l2-1-0

CreateHardLinkW

api-ms-win-core-threadpool-legacy-l1-1-0

ChangeTimerQueueTimer
QueueUserWorkItem
DeleteTimerQueueTimer
CreateTimerQueueTimer
UnregisterWaitEx
CreateTimerQueue

api-ms-win-core-kernel32-legacy-l1-1-2

GetBinaryTypeW

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
UnmapViewOfFile
VirtualAlloc
VirtualFree
MapViewOfFile
VirtualProtect

api-ms-win-core-console-l2-1-0

SetConsoleCursorPosition
AttachConsole
ReadConsoleOutputW
GetConsoleScreenBufferInfo

api-ms-win-service-management-l1-1-0

OpenSCManagerW
CreateServiceW
OpenServiceW
DeleteService
CloseServiceHandle

api-ms-win-service-core-l1-1-0

StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
SetServiceStatus

api-ms-win-service-management-l2-1-0

ChangeServiceConfig2W

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus
ControlService

api-ms-win-core-namedpipe-l1-1-0

PeekNamedPipe

api-ms-win-core-systemtopology-l1-1-0

GetNumaHighestNodeNumber

api-ms-win-core-processtopology-obsolete-l1-1-0

GetProcessAffinityMask
SetThreadAffinityMask

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW
RegDeleteKeyValueW

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 463KB - Virtual size: 463KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34789f1baed06f9e647c4beb8c5d421e

Code Sign

0c:a6:a7:a3:91:6e:cd:e9:6f:5e:a6:2a:34:14:87:60Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0Certificate

Extended Key Usages

Key Usages

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dcCertificate

Extended Key Usages

61:0b:aa:c1:00:00:00:00:00:09Certificate

Key Usages

30:60:51:40:a0:10:da:a7:48:24:f8:36:b0:9d:cc:ae:0d:af:e9:fc:20:3b:2f:fc:eb:9f:49:ff:b7:9f:d3:02Signer

30:60:51:40:a0:10:da:a7:48:24:f8:36:b0:9d:cc:ae:0d:af:e9:fc:20:3b:2f:fc:eb:9f:49:ff:b7:9f:d3:02Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

wtsapi32

userenv

api-ms-win-core-winrt-string-l1-1-0

api-ms-win-core-winrt-l1-1-0

wintrust

crypt32

setupapi

rpcrt4

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-libraryloader-l1-2-1

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-kernel32-legacy-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-privateprofile-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-util-l1-1-0

api-ms-win-security-base-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

oleaut32

api-ms-win-core-string-l1-1-0

api-ms-win-core-com-l1-1-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-interlocked-l1-1-0

api-ms-win-security-base-l1-2-2

api-ms-win-core-heap-l2-1-0

api-ms-win-security-provider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-file-l2-1-2

api-ms-win-security-sddl-l1-1-0

api-ms-win-core-toolhelp-l1-1-0

api-ms-win-core-shutdown-l1-1-0

api-ms-win-security-lsalookup-l2-1-0

api-ms-win-core-psapi-l1-1-0

api-ms-win-core-version-l1-1-1

api-ms-win-core-version-l1-1-0

api-ms-win-core-processenvironment-l1-1-0

api-ms-win-core-datetime-l1-1-0

0c:a6:a7:a3:91:6e:cd:e9:6f:5e:a6:2a:34:14:87:60
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

01:24:0a:fb:1e:38:0b:8a:16:f1:4b:71:9d:f4:d3:c0
Certificate

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

30:60:51:40:a0:10:da:a7:48:24:f8:36:b0:9d:cc:ae:0d:af:e9:fc:20:3b:2f:fc:eb:9f:49:ff:b7:9f:d3:02
Signer

30:60:51:40:a0:10:da:a7:48:24:f8:36:b0:9d:cc:ae:0d:af:e9:fc:20:3b:2f:fc:eb:9f:49:ff:b7:9f:d3:02
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 463KB - Virtual size: 463KB

.data
Size: 21KB - Virtual size: 74KB

.pdata
Size: 68KB - Virtual size: 68KB

.rsrc
Size: 1024B - Virtual size: 776B

.reloc
Size: 15KB - Virtual size: 15KB