2024-09-19_a15b86598152e77ea6ae3dc6ac0330c4_hijackloader_mafia

Sharing

Copy URL Twitter E-mail

General

Target

2024-09-19_a15b86598152e77ea6ae3dc6ac0330c4_hijackloader_mafia
Size

2.4MB
MD5

a15b86598152e77ea6ae3dc6ac0330c4
SHA1

e742a4ca0ca719b0836604bf9832a6afeaec8bc6
SHA256

a307afd960f742dbbff0fe947ffd3afce0afcd14bf68cc3dbb899f14c3ed70ca
SHA512

a61375a1531fdc2c5823270c8692348e5b279f91eb17475a8fa017e852409c53d432a635273d1dbc7ce175c3102e4430327320dc4b7d703e94cf7f1a31a8549b
SSDEEP

49152:hqWdBxoBrL/7TBoEodJ6Q8Gi7gwhXYvwaI6ra5e9J3O31F19bAJpgMpHWws+MATB:hqWzmBoEodJ6+i7gAYvwaI6ra5UUj0JR

Score

1^/10

Malware Config

Signatures

Files

2024-09-19_a15b86598152e77ea6ae3dc6ac0330c4_hijackloader_mafia
.exe windows:5 windows x86 arch:x86

c1c74461c0395844e3f6c417b1c25e8d

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

44:85:59:e8:d5:9f:e0:56:29:9e:6e:8f
Certificate

Issuer

CN=GlobalSign GCC R45 CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

11/12/2023, 17:00

Not After

09/10/2026, 07:40

Subject

CN=ZOHO Corporation Private Limited,O=ZOHO Corporation Private Limited,L=Chennai,ST=Tamil Nadu,C=IN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:bb:fc:a3:1c:c5:49:3e:63:9d:9b:c6:d7:2b:6c:39:2e:ee:0a:bb:39:09:dc:90:13:34:48:f0:55:5d:5d:a5
Signer

Actual PE Digest

bf:bb:fc:a3:1c:c5:49:3e:63:9d:9b:c6:d7:2b:6c:39:2e:ee:0a:bb:39:09:dc:90:13:34:48:f0:55:5d:5d:a5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Webhost\13-08-2024\WindowsBuilds\DC_NATIVE\8894969\desktopcentral\ONPREMISE\SA_SRC\native\agent\Release\dcupload.pdb

Imports

oleaut32

SysStringLen
VarBstrFromDate
SysAllocStringByteLen
SafeArrayGetUBound
SafeArrayGetLBound
VariantClear
SafeArrayAccessData
VariantInit
VariantChangeType
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString
SysAllocString
SysAllocStringLen

winhttp

WinHttpSetCredentials
WinHttpWriteData
WinHttpQueryOption
WinHttpAddRequestHeaders
WinHttpSetStatusCallback
WinHttpQueryDataAvailable
WinHttpConnect
WinHttpOpen
WinHttpSendRequest
WinHttpCloseHandle
WinHttpReadData
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpOpenRequest
WinHttpSetOption

dcagenthttp

AgentSendRequestEx

wtsapi32

WTSEnumerateSessionsA
WTSQuerySessionInformationA
WTSFreeMemory

wsock32

WSACleanup
WSAGetLastError
WSAStartup

userenv

UnloadUserProfile
LoadUserProfileA
CreateEnvironmentBlock
DestroyEnvironmentBlock

iphlpapi

GetAdaptersInfo

netapi32

NetApiBufferFree
DsGetDcNameA
NetGetJoinInformation

crypt32

CertNameToStrW
CertGetNameStringA
CertFindCertificateInStore
CryptStringToBinaryA
CertCreateCertificateContext
CertCloseStore
CertAddCertificateContextToStore
CertEnumCertificatesInStore
CertOpenStore
PFXImportCertStore
PFXVerifyPassword
CertDeleteCertificateFromStore
CertVerifyTimeValidity
CertFreeCertificateContext

dclibxml2

xmlTextReaderAttributeCount
xmlTextReaderValue
xmlTextReaderDepth
xmlTextReaderGetAttribute
xmlTextReaderRead
xmlFreeTextReader
xmlStrcmp
xmlNewTextReaderFilename
xmlParseMemory
xmlNodeListGetString
xmlParseFile
xmlFreeDoc
xmlTextReaderName
xmlCleanupParser
xmlDocGetRootElement
xmlFree

shell32

SHCreateDirectoryExA
SHAppBarMessage
DragQueryFileW
DragFinish
ShellExecuteW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetDesktopFolder
SHGetFileInfoW
SHCreateDirectoryExW
SHBrowseForFolderW
CommandLineToArgvW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathFindFileNameW
PathRenameExtensionA
StrStrIA
StrTrimA
PathFindExtensionA
PathRemoveFileSpecW

kernel32

InterlockedExchange
SetThreadPriority
GetFullPathNameW
GetVolumeInformationW
DuplicateHandle
SetEndOfFile
UnlockFile
LockFile
lstrcmpiW
GlobalAddAtomW
GlobalFlags
lstrcmpA
GlobalGetAtomNameW
QueryPerformanceCounter
ResumeThread
SuspendThread
LocalAlloc
GetFullPathNameA
GetFileAttributesExA
lstrcmpW
DisconnectNamedPipe
GlobalAlloc
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
GetLocaleInfoW
GlobalFree
FormatMessageW
FormatMessageA
LocalFree
GetSystemDirectoryA
FileTimeToLocalFileTime
GetCurrentDirectoryW
SetLastError
ProcessIdToSessionId
SetCurrentDirectoryW
SetFilePointer
CreateNamedPipeA
ConnectNamedPipe
GetModuleFileNameA
LoadLibraryW
GetFileInformationByHandle
CreateDirectoryA
CreateTimerQueueTimer
GetFileSizeEx
CreateTimerQueue
DeleteTimerQueue
GetSystemInfo
GetUserDefaultUILanguage
CreateThread
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateProcessA
GetTimeZoneInformation
FreeLibrary
GetLocaleInfoA
GetSystemTime
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetComputerNameExW
SystemTimeToFileTime
InterlockedDecrement
SetDllDirectoryA
GetTickCount
RemoveDirectoryA
GetVersionExA
CreateToolhelp32Snapshot
Process32First
OpenProcess
GetExitCodeProcess
TerminateProcess
Process32Next
GetCurrentProcess
LoadLibraryA
CreateFileA
GetEnvironmentVariableA
FindFirstFileW
GetFileSize
CopyFileW
GetCurrentProcessId
CreateDirectoryW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
FindClose
FindFirstFileA
FindNextFileA
WriteFile
FlushFileBuffers
Sleep
lstrlenW
DeleteFileW
GetModuleHandleA
GetProcAddress
GetLocalTime
GetCurrentThreadId
CreateFileW
CloseHandle
ReadFile
lstrlenA
MultiByteToWideChar
GetCommandLineW
WideCharToMultiByte
DeleteFileA
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
CompareStringW
CopyFileA
GetModuleFileNameW
ActivateActCtx
ReleaseActCtx
GetStringTypeW
SetEnvironmentVariableA
GetDriveTypeW
GetProcessHeap
WriteConsoleW
IsValidLocale
EnumSystemLocalesA
GlobalDeleteAtom
LCMapStringW
GetConsoleMode
GetConsoleCP
GetStartupInfoW
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapDestroy
HeapCreate
IsProcessorFeaturePresent
SetStdHandle
VirtualQuery
VirtualAlloc
HeapSize
HeapQueryInformation
ExitProcess
ExitThread
GetCPInfo
FindFirstFileExA
GetDriveTypeA
HeapReAlloc
GetFileType
PeekNamedPipe
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
HeapAlloc
HeapSetInformation
GetCommandLineA
RtlUnwind
RaiseException
HeapFree
DeactivateActCtx
InterlockedIncrement
GetModuleHandleW
GlobalSize
GlobalLock
GlobalUnlock
MulDiv
MoveFileExA
LocalLock
LocalUnlock
GetFileAttributesExW
GetFileAttributesW
GetFileTime
GetVersionExW
GlobalFindAtomW
FreeResource
lstrcpyW
GetWindowsDirectoryW
GetNumberFormatW
GetTempFileNameW
GetTempPathW
InitializeCriticalSectionAndSpinCount
GetProfileIntW
SearchPathW
VirtualProtect
GetUserDefaultLCID

user32

GetNextDlgGroupItem
wsprintfW
GetWindowRgn
DestroyCursor
DrawIcon
MapDialogRect
SubtractRect
GetDoubleClickTime
CharUpperBuffW
CopyIcon
RegisterClipboardFormatW
GetUpdateRect
FrameRect
IsClipboardFormatAvailable
SetMenuDefaultItem
CreateMenu
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
WaitMessage
PostThreadMessageW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
TranslateAcceleratorW
IsMenu
MonitorFromPoint
UpdateLayeredWindow
UnionRect
MessageBoxA
RemoveMenu
GetSubMenu
GetMenuItemCount
InsertMenuW
GetMenuItemID
AppendMenuW
GetMenuStringW
GetMenuState
GetSysColorBrush
GetSysColor
ReleaseDC
GetDC
GetSystemMetrics
LoadCursorW
UnhookWindowsHookEx
MessageBoxW
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetWindowLongW
GetParent
SendMessageW
GetWindowThreadProcessId
GetWindowTextW
GetWindowTextLengthW
SetWindowTextW
PtInRect
GetClassNameW
GetWindowRect
GetDlgCtrlID
GetWindow
ClientToScreen
RealChildWindowFromPoint
GetDesktopWindow
GetFocus
DestroyIcon
CharUpperW
ValidateRect
GetCursorPos
PeekMessageW
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageW
TranslateMessage
GetMessageW
CallNextHookEx
SetWindowsHookExW
SetFocus
SetScrollPos
GetScrollPos
CheckDlgButton
GetDlgItem
SendDlgItemMessageW
IsDialogMessageW
IsWindow
SetWindowLongW
MoveWindow
ShowWindow
SetWindowPos
PostMessageW
IsIconic
SetForegroundWindow
PostQuitMessage
CheckMenuItem
EnableMenuItem
ModifyMenuW
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetMenu
CallWindowProcW
DefWindowProcW
GetWindowPlacement
SetWindowPlacement
CopyRect
SetScrollInfo
GetScrollInfo
DeferWindowPos
EqualRect
ScreenToClient
AdjustWindowRectEx
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
GetClientRect
UpdateWindow
ShowScrollBar
GetScrollRange
SetScrollRange
SetMenu
TrackPopupMenu
ScrollWindow
MapWindowPoints
GetMonitorInfoW
MonitorFromWindow
GetMessagePos
GetMessageTime
DestroyWindow
GetTopWindow
EndDeferWindowPos
BeginDeferWindowPos
SetActiveWindow
GetForegroundWindow
RemovePropW
GetPropW
SetPropW
GetClassLongW
GetCapture
IsChild
WinHelpW
SendDlgItemMessageA
LoadIconW
RegisterWindowMessageW
FillRect
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowDC
BeginPaint
EndPaint
EndDialog
GetNextDlgTabItem
CreateDialogIndirectParamW
SetRectEmpty
SystemParametersInfoW
EnumDisplayMonitors
SetLayeredWindowAttributes
SetCursor
ShowOwnedPopups
DeleteMenu
InvalidateRect
SetTimer
KillTimer
InflateRect
GetMenuItemInfoW
DestroyMenu
MapVirtualKeyExW
RedrawWindow
GetMenuDefaultItem
CreatePopupMenu
IsRectEmpty
MapVirtualKeyW
SetCapture
GetAsyncKeyState
ReleaseCapture
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
OffsetRect
GetIconInfo
CopyImage
LoadImageW
IntersectRect
DrawIconEx
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
WindowFromPoint
SetClassLongW
LoadMenuW
GetSystemMenu
DrawStateW
DrawEdge
DrawFrameControl
CopyAcceleratorTableW
ToUnicodeEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableW
SetRect
SetCursorPos
BringWindowToTop
LockWindowUpdate
GetKeyNameTextW
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
IsCharLowerW

odbc32

ord29
ord39
ord43
ord11
ord18
ord8
ord4
ord13
ord26
ord72
ord48
ord49
ord3
ord19
ord12
ord16
ord20
ord2
ord1
ord31
ord41
ord9
ord36

msimg32

AlphaBlend
TransparentBlt

comctl32

ImageList_GetIconSize

gdiplus

GdipDrawImageI
GdipGetImageGraphicsContext
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP
GdipDeleteGraphics
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree

oleacc

CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow

imm32

ImmGetOpenStatus
ImmGetContext
ImmReleaseContext

advapi32

RegEnumKeyExW
RegDeleteKeyW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptReleaseContext
CryptCreateHash
CryptAcquireContextA
RegOpenKeyExA
RegCreateKeyExA
RegDeleteValueA
RegCloseKey
RegQueryValueExA
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteValueW
RegDeleteKeyA
CryptDestroyKey
CryptGenKey
CryptGetUserKey
ControlService
CloseServiceHandle
RegEnumValueA
RevertToSelf
ImpersonateLoggedOnUser
DeregisterEventSource
ReportEventA
RegisterEventSourceA
OpenProcessToken
CreateProcessAsUserA
LogonUserA
CreateProcessAsUserW
LookupPrivilegeValueA
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyA
RegOpenKeyA
RegCreateKeyExW
LookupAccountSidA
GetTokenInformation
LookupPrivilegeNameA
QueryServiceStatus
OpenServiceW
OpenSCManagerW

ole32

CoSetProxyBlanket
CoLockObjectExternal
RevokeDragDrop
CoCreateInstance
CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoInitialize
CoTaskMemFree
ReleaseStgMedium
CoTaskMemAlloc
OleDuplicateData
CreateStreamOnHGlobal
RegisterDragDrop
OleGetClipboard
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor

winmm

PlaySoundW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

gdi32

SetMapMode
GetClipBox
ExcludeClipRect
IntersectClipRect
LineTo
MoveToEx
SetTextAlign
CombineRgn
PatBlt
DPtoLP
GetBkColor
CreatePalette
GetPaletteEntries
GetNearestPaletteIndex
GetSystemPaletteEntries
CreateDIBSection
SetROP2
SetPolyFillMode
SelectPalette
SetBkMode
RestoreDC
CreateRoundRectRgn
CreatePolygonRgn
GetTextColor
CreateEllipticRgn
Polyline
Ellipse
SaveDC
GetObjectW
GetObjectType
CreatePen
CreateSolidBrush
CreateHatchBrush
CreateDIBitmap
CreateFontIndirectW
CreateCompatibleBitmap
CreateRectRgnIndirect
GetTextMetricsW
EnumFontFamiliesW
RealizePalette
GetTextCharsetInfo
SetBkColor
SetTextColor
CreateBitmap
GetTextExtentPoint32W
CreateDCW
CopyMetaFileW
Polygon
SetDIBColorTable
StretchBlt
SetPixel
Rectangle
OffsetRgn
GetRgnBox
EnumFontFamiliesExW
LPtoDP
GetWindowOrgEx
GetViewportOrgEx
PtInRegion
FillRgn
FrameRgn
GetBoundsRect
ExtFloodFill
SetPaletteEntries
SetPixelV
GetLayout
SetLayout
SelectClipRgn
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
BitBlt
GetPixel
GetStockObject
CreateCompatibleDC
CreatePatternBrush
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
OffsetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
GetTextFaceW
DeleteObject
GetDeviceCaps
SetRectRgn

comdlg32

GetFileTitleW

Sections

.text
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 411KB - Virtual size: 410KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c1c74461c0395844e3f6c417b1c25e8d

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47Certificate

Extended Key Usages

Key Usages

44:85:59:e8:d5:9f:e0:56:29:9e:6e:8fCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

bf:bb:fc:a3:1c:c5:49:3e:63:9d:9b:c6:d7:2b:6c:39:2e:ee:0a:bb:39:09:dc:90:13:34:48:f0:55:5d:5d:a5Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

oleaut32

winhttp

dcagenthttp

wtsapi32

wsock32

userenv

iphlpapi

netapi32

crypt32

dclibxml2

shell32

shlwapi

kernel32

user32

odbc32

msimg32

comctl32

gdiplus

oleacc

imm32

advapi32

ole32

winmm

winspool.drv

gdi32

comdlg32

Sections

.text Size: 1.7MB - Virtual size: 1.7MB

.rdata Size: 411KB - Virtual size: 410KB

.data Size: 68KB - Virtual size: 100KB

.rsrc Size: 512B - Virtual size: 504B

.reloc Size: 221KB - Virtual size: 221KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:03:a1:b7:08:f8:54:ab:06:72:10:d9:04:47
Certificate

44:85:59:e8:d5:9f:e0:56:29:9e:6e:8f
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

bf:bb:fc:a3:1c:c5:49:3e:63:9d:9b:c6:d7:2b:6c:39:2e:ee:0a:bb:39:09:dc:90:13:34:48:f0:55:5d:5d:a5
Signer

.text
Size: 1.7MB - Virtual size: 1.7MB

.rdata
Size: 411KB - Virtual size: 410KB

.data
Size: 68KB - Virtual size: 100KB

.rsrc
Size: 512B - Virtual size: 504B

.reloc
Size: 221KB - Virtual size: 221KB