fe30fc91f400686f1b011fef548df643_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fe30fc91f400686f1b011fef548df643_JaffaCakes118
Size

2.2MB
MD5

fe30fc91f400686f1b011fef548df643
SHA1

e6649a682bc88b72be763f3ba20243a2a25a7031
SHA256

7e0078fa03ddea07b97254554dbaecff900de3687142e0cc862021bac0a6f2c1
SHA512

bb944b90cd2e9c0b73751687352519b6591afdf8442e26af5725cb523b074b78dd0cdcd3c63f7f1e4bd68328ad884a6ac30196de106813928c9e7ed4bf9fa8e7
SSDEEP

49152:LfsEQWE5dlgPnVJjt1mT5cfOmaP26STTGPv15eVT1:LfAd+PnVJ51mTOf/rTz

Score

1^/10

Malware Config

Signatures

Files

fe30fc91f400686f1b011fef548df643_JaffaCakes118
.dll windows:5 windows x86 arch:x86

101f4f3a9778d823cd11134a7c767656

Code Sign

02:03:73:a8:e9:8d:b5:38:04:27:6a:5c:26:97:7c:5a
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/12/2019, 00:00

Not After

23/12/2020, 12:00

Subject

SERIALNUMBER=91310114MA1GW1DE8X,CN=Shanghai Shaji Network Technology Co.\, Ltd,O=Shanghai Shaji Network Technology Co.\, Ltd,POSTALCODE=200000,STREET=嘉定区真南路4268号2幢J7461室,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:03:73:a8:e9:8d:b5:38:04:27:6a:5c:26:97:7c:5a
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

17/12/2019, 00:00

Not After

23/12/2020, 12:00

Subject

SERIALNUMBER=91310114MA1GW1DE8X,CN=Shanghai Shaji Network Technology Co.\, Ltd,O=Shanghai Shaji Network Technology Co.\, Ltd,POSTALCODE=200000,STREET=嘉定区真南路4268号2幢J7461室,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:c8:83:81:1f:d6:53:99:d8:ad:75:ab:29:6b:e4:d6:c7:db:56:14:9d:fa:5c:3e:91:35:f8:a9:d3:5c:bb:16
Signer

Actual PE Digest

06:c8:83:81:1f:d6:53:99:d8:ad:75:ab:29:6b:e4:d6:c7:db:56:14:9d:fa:5c:3e:91:35:f8:a9:d3:5c:bb:16

Digest Algorithm

sha256

PE Digest Matches

true

46:67:12:f5:5b:2c:57:7f:9e:f1:d9:ab:03:9f:75:f6:61:2a:6a:6c
Signer

Actual PE Digest

46:67:12:f5:5b:2c:57:7f:9e:f1:d9:ab:03:9f:75:f6:61:2a:6a:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\VIP\UserLogon\Bin\UserAndPayClient.pdb

Imports

kernel32

DeleteFileW
WritePrivateProfileStringA
LoadResource
SizeofResource
GetPrivateProfileStringA
GetModuleFileNameA
WideCharToMultiByte
MultiByteToWideChar
SetFilePointer
GetTickCount
FindResourceW
ReadFile
InitializeCriticalSection
TerminateThread
LocalFree
GetProcAddress
GlobalLock
GlobalUnlock
lstrlenW
LoadLibraryW
GetModuleHandleW
GetCurrentDirectoryW
ExitProcess
GetACP
InterlockedIncrement
MulDiv
FreeResource
LockResource
GetFileSize
CreateFileW
FormatMessageW
VerSetConditionMask
GetCurrentProcessId
GetCurrentProcess
GetFileType
WriteFile
SetFileTime
DuplicateHandle
SystemTimeToFileTime
DosDateTimeToFileTime
CreateDirectoryW
GlobalAlloc
lstrcpyW
EnterCriticalSection
CreateSemaphoreW
SleepEx
ExpandEnvironmentStringsA
FreeLibrary
WaitForMultipleObjects
GetStdHandle
PeekNamedPipe
SetLastError
FormatMessageA
LoadLibraryA
GetModuleHandleA
GetSystemDirectoryA
VerifyVersionInfoA
FlushConsoleInputBuffer
GetCurrentThreadId
QueryPerformanceCounter
GlobalMemoryStatus
GetSystemTime
EncodePointer
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetDriveTypeW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
SetFilePointerEx
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
ReadConsoleW
GetConsoleCP
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
GetStringTypeW
GetFullPathNameW
SetStdHandle
FlushFileBuffers
GetFileAttributesExW
SetEndOfFile
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetLocalTime
GetTempPathA
ReleaseSemaphore
FindClose
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetModuleFileNameW
WaitForSingleObject
FindFirstFileW
CloseHandle
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
DecodePointer
GetLastError
RaiseException
InterlockedDecrement
LeaveCriticalSection
Sleep

user32

GetMonitorInfoW
SetCursor
InflateRect
LoadCursorW
DefWindowProcW
PostQuitMessage
CallWindowProcW
RegisterClassW
RegisterClassExW
GetClassInfoExW
EnableWindow
SetPropW
GetPropW
MoveWindow
CreateAcceleratorTableW
InvalidateRgn
ClientToScreen
FillRect
GetGUIThreadInfo
CharPrevW
DrawTextW
SetRect
UpdateLayeredWindow
GetWindowRgn
CreatePopupMenu
DestroyMenu
EnableMenuItem
AppendMenuW
TrackPopupMenu
MonitorFromWindow
ShowCaret
GetCaretPos
IsWindowEnabled
SetWindowTextW
GetWindowTextW
GetWindowTextLengthW
MessageBoxW
GetKeyboardLayout
GetKeyNameTextW
MapVirtualKeyExW
GetProcessWindowStation
GetUserObjectInformationW
MessageBoxA
GetClientRect
InvalidateRect
GetUpdateRect
EndPaint
BeginPaint
ReleaseDC
ReleaseCapture
SetCapture
GetKeyState
GetFocus
GetActiveWindow
SetFocus
CharNextW
IsZoomed
IsIconic
IsWindowVisible
SetWindowPos
DestroyWindow
CreateWindowExW
DispatchMessageW
TranslateMessage
GetMessageW
HideCaret
OffsetRect
SetWindowRgn
LoadImageW
GetWindow
SetWindowLongW
PtInRect
IsRectEmpty
UnionRect
IntersectRect
GetSysColor
MapWindowPoints
ScreenToClient
SetCaretPos
GetCaretBlinkTime
CreateCaret
GetCursorPos
ShowWindow
IsWindow
GetParent
GetDC
PostMessageW
KillTimer
FindWindowW
SendMessageW
GetWindowLongW
SetTimer
SetForegroundWindow
GetWindowRect

shell32

ShellExecuteA
SHGetSpecialFolderPathA
ShellExecuteW
SHGetSpecialFolderPathW
DragQueryFileW

ole32

CoUninitialize
CoCreateGuid
RevokeDragDrop
DoDragDrop
OleDuplicateData
CoCreateInstance
CreateStreamOnHGlobal
ReleaseStgMedium
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CoInitialize
RegisterDragDrop

oleaut32

SysStringLen
VariantCopy
VariantInit
SysAllocString
SysFreeString
VariantChangeType
VariantClear

ws2_32

WSAStartup
shutdown
htonl
gethostname
gethostbyname
ioctlsocket
sendto
recvfrom
listen
accept
freeaddrinfo
getaddrinfo
WSAIoctl
socket
setsockopt
ntohs
htons
getsockopt
getsockname
getpeername
connect
closesocket
bind
send
recv
WSASetLastError
select
getservbyname
__WSAFDIsSet
WSAGetLastError
WSACleanup

urlmon

URLDownloadToFileW
URLDownloadToFileA

shlwapi

PathRemoveFileSpecA

gdi32

GetStockObject
RestoreDC
SaveDC
SelectObject
CloseEnhMetaFile
CreateEnhMetaFileW
GetEnhMetaFileHeader
PlayEnhMetaFile
GetTextMetricsW
GetObjectW
SetWindowOrgEx
CreateRoundRectRgn
GetDeviceCaps
CreateCompatibleBitmap
CreatePenIndirect
CreateRectRgnIndirect
CreateSolidBrush
GetCharABCWidthsW
DeleteObject
GetClipBox
GetTextExtentPoint32W
LineTo
RoundRect
SelectClipRgn
ExtSelectClipRgn
SetBkColor
SetBkMode
DeleteDC
CreateFontIndirectW
CreatePen
CreateDIBitmap
CreateCompatibleDC
CombineRgn
BitBlt
SetBitmapBits
GetBitmapBits
PtInRegion
CreateRectRgn
GdiFlush
TextOutW
MoveToEx
GetObjectA
CreateDIBSection
SetTextColor
SetStretchBltMode
StretchBlt

advapi32

DeregisterEventSource
ReportEventA
RegisterEventSourceA

imm32

ImmGetContext
ImmSetCompositionWindow
ImmReleaseContext

comctl32

_TrackMouseEvent
ord17
InitCommonControlsEx

gdiplus

GdipLoadImageFromStreamICM
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipDrawImageRectI
GdipLoadImageFromStream
GdipSetStringFormatTrimming
GdipSetStringFormatLineAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipDeleteFont
GdipCreateFontFromLogfontA
GdipCreateFontFromDC
GdipFillRectangleI
GdipDrawRectangleI
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetPenMode
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipFree
GdipAlloc
GdiplusShutdown
GdiplusStartup
GdipSetStringFormatAlign

wldap32

ord50
ord46
ord211
ord60
ord301
ord200
ord30
ord79
ord35
ord33
ord32
ord27
ord41
ord22
ord26
ord143

Exports

Exports

??0CTalk2Svr@Talk2Svr@@QAE@ABV01@@Z
??0CTalk2Svr@Talk2Svr@@QAE@PAUHWND__@@@Z
??1CTalk2Svr@Talk2Svr@@QAE@XZ
??4CTalk2Svr@Talk2Svr@@QAEAAV01@ABV01@@Z
?AutoLogon@CTalk2Svr@Talk2Svr@@QAEXXZ
?AutoLogonData@CTalk2Svr@Talk2Svr@@SA?AUtag_Check_Vip_Info@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?CheckPayDown@CTalk2Svr@Talk2Svr@@QAEXXZ
?CheckUserIsVip@CTalk2Svr@Talk2Svr@@QAE_NXZ
?CopyTwoTag@CTalk2Svr@Talk2Svr@@SAXAAUtag_Check_Vip_Info@@0@Z
?GetCheckVip@CTalk2Svr@Talk2Svr@@SA?AUtag_Check_Vip_Info@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00PAH@Z
?GetMacCode@CTalk2Svr@Talk2Svr@@QAEPADXZ
?GetPayPlanList@CTalk2Svr@Talk2Svr@@SA?AV?$vector@Utag_Pay_plan_Info@@V?$allocator@Utag_Pay_plan_Info@@@std@@@std@@PAH@Z
?GetPlanIdIndex@CTalk2Svr@Talk2Svr@@SAHHAAV?$vector@Utag_Pay_plan_Info@@V?$allocator@Utag_Pay_plan_Info@@@std@@@std@@@Z
?GetPos@CTalk2Svr@Talk2Svr@@QAEPADXZ
?GetQrcoed@CTalk2Svr@Talk2Svr@@SA?AUtag_Qrcode_Info@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0000PAH@Z
?GetSetting@CTalk2Svr@Talk2Svr@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@PAH@Z
?GetSettingQQ@CTalk2Svr@Talk2Svr@@QAEPADXZ
?GetUserLogon@CTalk2Svr@Talk2Svr@@QAEXAAUtag_Check_Vip_Info@@@Z
?GetValueByIni@CTalk2Svr@Talk2Svr@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@0@Z
?GetVipMsg@CTalk2Svr@Talk2Svr@@QAEXAAUtag_Pay_plan_Info@@H@Z
?GotoQQ@CTalk2Svr@Talk2Svr@@QAEXXZ
?Init@CTalk2Svr@Talk2Svr@@QAEXXZ
?SendFeedBack@CTalk2Svr@Talk2Svr@@SAHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
?SendReport@CTalk2Svr@Talk2Svr@@SAHAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@11@Z
?SendVerificationCode@CTalk2Svr@Talk2Svr@@SAHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV34@PAH@Z
?SetUserLogon@CTalk2Svr@Talk2Svr@@QAEXAAUtag_Check_Vip_Info@@@Z
?ShowLogonWnd@CTalk2Svr@Talk2Svr@@QAEHXZ
?ShowPayWnd@CTalk2Svr@Talk2Svr@@QAEHHPAD000@Z
?ShowRenewPayWnd@CTalk2Svr@Talk2Svr@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SignOut@CTalk2Svr@Talk2Svr@@QAE_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PAH@Z
?Utf8toANSI@CTalk2Svr@Talk2Svr@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@@Z
?Utf8toUnicode@CTalk2Svr@Talk2Svr@@SA?AV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@4@@Z
?WriteUserMsgTpIni@CTalk2Svr@Talk2Svr@@QAEXXZ
?WriteValuetoIni@CTalk2Svr@Talk2Svr@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00@Z
?get_message@CTalk2Svr@Talk2Svr@@CA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@PAH0@Z
?login_phone@CTalk2Svr@Talk2Svr@@SA?AUtag_Check_Vip_Info@@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@00PAH@Z
?post_message@CTalk2Svr@Talk2Svr@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V34@AAV34@PAH@Z
?signout@CTalk2Svr@Talk2Svr@@SAHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0AAV34@PAH@Z
?urlencode_message@CTalk2Svr@Talk2Svr@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV34@@Z

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 426KB - Virtual size: 425KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

101f4f3a9778d823cd11134a7c767656

Code Sign

02:03:73:a8:e9:8d:b5:38:04:27:6a:5c:26:97:7c:5aCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

02:03:73:a8:e9:8d:b5:38:04:27:6a:5c:26:97:7c:5aCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12Certificate

Extended Key Usages

Key Usages

06:c8:83:81:1f:d6:53:99:d8:ad:75:ab:29:6b:e4:d6:c7:db:56:14:9d:fa:5c:3e:91:35:f8:a9:d3:5c:bb:16Signer

46:67:12:f5:5b:2c:57:7f:9e:f1:d9:ab:03:9f:75:f6:61:2a:6a:6cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

ole32

oleaut32

ws2_32

urlmon

shlwapi

gdi32

advapi32

imm32

comctl32

gdiplus

wldap32

Exports

Exports

Sections

.text Size: 1.6MB - Virtual size: 1.6MB

.rdata Size: 426KB - Virtual size: 425KB

.data Size: 42KB - Virtual size: 56KB

.gfids Size: 512B - Virtual size: 448B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 86KB - Virtual size: 85KB

.reloc Size: 83KB - Virtual size: 82KB

02:03:73:a8:e9:8d:b5:38:04:27:6a:5c:26:97:7c:5a
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

02:03:73:a8:e9:8d:b5:38:04:27:6a:5c:26:97:7c:5a
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

06:c8:83:81:1f:d6:53:99:d8:ad:75:ab:29:6b:e4:d6:c7:db:56:14:9d:fa:5c:3e:91:35:f8:a9:d3:5c:bb:16
Signer

46:67:12:f5:5b:2c:57:7f:9e:f1:d9:ab:03:9f:75:f6:61:2a:6a:6c
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 426KB - Virtual size: 425KB

.data
Size: 42KB - Virtual size: 56KB

.gfids
Size: 512B - Virtual size: 448B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 86KB - Virtual size: 85KB

.reloc
Size: 83KB - Virtual size: 82KB