fe65b0e723abfba665073f984cf7e4c8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fe65b0e723abfba665073f984cf7e4c8_JaffaCakes118
Size

497KB
MD5

fe65b0e723abfba665073f984cf7e4c8
SHA1

0f26204ee6b00c9a87d22f39ccd7a445eb1b38a4
SHA256

8c821276451d8a16d15182bc27f88142400b6a58ff9f2e40bee64f08a182895d
SHA512

9f19aa8d45a9fd4b7ea6922536e27e8193ed93e7def08b30b3ddcbbf113f90525aa1d87803fa4b13119c99c5ff526e7dad9fa9749435dca9621a255265691d55
SSDEEP

12288:BVUEVlX3P16guOzxiIMFC98YuhNLhcHUgJIAx2jmYV9QZdAOTaV:zZrHP1DuO9zMAuhHcHUY2jWXA/

Score

1^/10

Malware Config

Signatures

Files

fe65b0e723abfba665073f984cf7e4c8_JaffaCakes118
.rar
AutoMail/AutoMail.exe
.exe windows:4 windows x86 arch:x86

370c37a6334a965e3c38aa696ee93fa2

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09-07-1999 18:31

Not After

09-07-2019 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

84:26:45:e9:1b:e3:97:34:51:dd:4d:4f:e3:82:4e:c0
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05-02-2010 00:00

Not After

04-02-2013 23:59

Subject

CN=Beiley Software,O=Beiley Software,POSTALCODE=85226,STREET=1161 N. Dustin Lane,L=Chandler,ST=AZ,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

wininet

InternetConnectA
InternetReadFile
HttpOpenRequestA
InternetCloseHandle
InternetOpenA
HttpSendRequestA

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

smtpsend

ord1

ws2_32

WSAGetLastError
closesocket
WSACleanup
WSAStartup

kernel32

Sleep
GetTempFileNameA
GetTempPathA
FindClose
FindNextFileA
FindFirstFileA
GetModuleFileNameA
GetLocalTime
GetPrivateProfileIntA
GetPrivateProfileStringA
WritePrivateProfileStringA
CreateDirectoryA
SetCurrentDirectoryA
GetCurrentDirectoryA
lstrcmpA
GetProfileIntA
GetVersionExA
FreeLibrary
GetProcAddress
FormatMessageA
GetLastError
LoadLibraryA
SetErrorMode
GetLocaleInfoA
CloseHandle
CreateFileA
CreateMutexA
MulDiv
ReadFile
GetFileSize
LocalFree
GetModuleHandleA
GetFileAttributesA
CopyFileA
GetTickCount
LockResource
LoadResource
FindResourceA
ExpandEnvironmentStringsA
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
WriteConsoleW
DeleteFileA
GetConsoleCP
RaiseException
InitializeCriticalSection
LCMapStringW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
WriteFile
HeapSize
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
RtlUnwind
ExitProcess
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
DeleteCriticalSection
GetStdHandle
SetHandleCount
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoA
GetProcessHeap
GetCommandLineA
GetFileType
LeaveCriticalSection
EnterCriticalSection
SetStdHandle
HeapFree
GetSystemTimeAsFileTime
SetFilePointer
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleMode
GetConsoleOutputCP
SetEndOfFile
FlushFileBuffers
HeapAlloc
HeapReAlloc
CreateThread
ExitThread
ResumeThread

user32

CreateDialogIndirectParamA
MapDialogRect
GetSystemMetrics
SendDlgItemMessageA
SetTimer
IsIconic
ClientToScreen
MoveWindow
LoadIconA
LoadCursorA
RegisterClassA
LoadMenuA
ShowWindow
GetMessageA
IsDialogMessageA
TranslateMessage
DispatchMessageA
IsWindow
PostQuitMessage
DefWindowProcA
SetWindowLongA
CallWindowProcA
GetDC
GetClientRect
GetMenu
ReleaseDC
KillTimer
DestroyMenu
DestroyWindow
FindWindowA
SetForegroundWindow
GetWindowRect
DialogBoxParamA
EnableWindow
GetParent
GetDlgItemTextA
SetFocus
EndDialog
CheckDlgButton
CreateWindowExA
SetWindowPos
GetSubMenu
EnableMenuItem
BeginPaint
EndPaint
GetDesktopWindow
MessageBoxA
LoadStringA
PostMessageA
SetDlgItemTextA
GetDlgItem
SendMessageA
GetSysColor
IsZoomed

gdi32

GetDeviceCaps
CreateFontA
SelectObject
SetTextAlign
GetTextExtentPoint32A
SetTextColor
TextOutA
DeleteObject
SetBkMode

comdlg32

GetOpenFileNameA
GetSaveFileNameA

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

shell32

ShellExecuteA
SHGetSpecialFolderPathA

Sections

.text
Size: 128KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
AutoMail/OrderForm.txt
AutoMail/ReadMe.txt
AutoMail/SampleHTMLMsg.html
.html
AutoMail/SampleTextMsg.txt
AutoMail/SampleTo.txt
AutoMail/automail.chm
.chm
AutoMail/cloptions.txt
AutoMail/mx9x.dll
.dll windows:4 windows x86 arch:x86

d4f594d6c4fda2a6e9f966b97c037fc4

Code Sign

4f:ae:35:22:f8:b4:6e:37:a3:ce:ff:fc:0a:a5:2b:24
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

06-02-2007 00:00

Not After

05-02-2010 23:59

Subject

CN=Beiley Software,O=Beiley Software,POSTALCODE=85226,STREET=1161 N. Dustin Lane,L=Chandler,ST=AZ,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09-07-1999 18:31

Not After

09-07-2019 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTimeAsFileTime
SystemTimeToFileTime
GetWindowsDirectoryA
GetCurrentProcessId

ws2_32

inet_ntoa
sendto
WSAStartup
WSACleanup
ioctlsocket
ntohl
htonl
select
__WSAFDIsSet
recvfrom
ntohs
send
recv
getprotobyname
socket
htons
connect
closesocket
inet_addr
WSASetLastError
WSAGetLastError

iphlpapi

GetNetworkParams

msvcrt

__dllonexit
_adjust_fdiv
_initterm
strcspn
getenv
_iob
getc
fopen
fclose
strtoul
fputc
strchr
sprintf
strncpy
bsearch
fprintf
vfprintf
fputs
memmove
ldiv
strerror
abort
_onexit
_errno
malloc
realloc
free

Exports

Exports

GetMX

Sections

.text
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AutoMail/mxxp.dll
.dll windows:4 windows x86 arch:x86

ac0f536708fae22b5214c6d5eb235b7d

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09-07-1999 18:31

Not After

09-07-2019 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

84:26:45:e9:1b:e3:97:34:51:dd:4d:4f:e3:82:4e:c0
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05-02-2010 00:00

Not After

04-02-2013 23:59

Subject

CN=Beiley Software,O=Beiley Software,POSTALCODE=85226,STREET=1161 N. Dustin Lane,L=Chandler,ST=AZ,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dnsapi

DnsQuery_A
DnsFree

kernel32

Sleep
GetLastError
HeapFree
ExitThread
CloseHandle
ResumeThread
CreateThread
HeapAlloc
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
HeapSize

Exports

Exports

GetMX

Sections

.text
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
AutoMail/sample.bat
AutoMail/smtpsend.dll
.dll windows:4 windows x86 arch:x86

759e4c5572fd5043a2426fde6516f600

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

17-05-2005 00:00

Not After

16-05-2010 23:59

Subject

CN=Comodo Time Stamping Signer,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

09-07-1999 18:31

Not After

09-07-2019 18:40

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

84:26:45:e9:1b:e3:97:34:51:dd:4d:4f:e3:82:4e:c0
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

05-02-2010 00:00

Not After

04-02-2013 23:59

Subject

CN=Beiley Software,O=Beiley Software,POSTALCODE=85226,STREET=1161 N. Dustin Lane,L=Chandler,ST=AZ,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

ioctlsocket
WSAStartup
getsockopt
ntohs
htonl
WSASetLastError
shutdown
send
recv
gethostbyname
socket
closesocket
setsockopt
htons
getservbyname
connect
WSAGetLastError

kernel32

FreeLibrary
GetSystemTime
LoadLibraryA
GetVersionExA
GetTimeZoneInformation
GetComputerNameA
GetLastError
LocalFree
GetLocalTime
FormatMessageA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
ReadConsoleInputA
SetConsoleMode
GetFullPathNameA
GetCurrentDirectoryA
GetProcAddress
GetModuleFileNameA
HeapAlloc
HeapFree
GetCurrentThreadId
GetCommandLineA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
VirtualFree
VirtualAlloc
HeapReAlloc
HeapDestroy
HeapCreate
ExitProcess
WriteFile
CloseHandle
RtlUnwind
Sleep
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSection
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
CreateFileA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
HeapSize
SetEndOfFile
ReadFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetVersion
FindFirstFileA
FindClose
GlobalMemoryStatus
FlushConsoleInputBuffer

advapi32

RegCloseKey
RegOpenKeyExA
ReportEventA
DeregisterEventSource
RegisterEventSourceA
RegQueryValueExA

user32

GetProcessWindowStation
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW

Exports

Exports

send_mail

Sections

.text
Size: 500KB - Virtual size: 499KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

370c37a6334a965e3c38aa696ee93fa2

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

84:26:45:e9:1b:e3:97:34:51:dd:4d:4f:e3:82:4e:c0Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

comctl32

wininet

version

smtpsend

ws2_32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

Sections

.text Size: 128KB - Virtual size: 126KB

.rdata Size: 24KB - Virtual size: 20KB

.data Size: 12KB - Virtual size: 22KB

.rsrc Size: 24KB - Virtual size: 23KB

d4f594d6c4fda2a6e9f966b97c037fc4

Code Sign

4f:ae:35:22:f8:b4:6e:37:a3:ce:ff:fc:0a:a5:2b:24Certificate

Extended Key Usages

Key Usages

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

kernel32

ws2_32

iphlpapi

msvcrt

Exports

Exports

Sections

.text Size: 36KB - Virtual size: 32KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 5KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

ac0f536708fae22b5214c6d5eb235b7d

Code Sign

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89Certificate

Extended Key Usages

Key Usages

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate

Extended Key Usages

Key Usages

84:26:45:e9:1b:e3:97:34:51:dd:4d:4f:e3:82:4e:c0Certificate

Extended Key Usages

Key Usages

Signer

Headers

File Characteristics

Imports

dnsapi

kernel32

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

84:26:45:e9:1b:e3:97:34:51:dd:4d:4f:e3:82:4e:c0
Certificate

.text
Size: 128KB - Virtual size: 126KB

.rdata
Size: 24KB - Virtual size: 20KB

.data
Size: 12KB - Virtual size: 22KB

.rsrc
Size: 24KB - Virtual size: 23KB

4f:ae:35:22:f8:b4:6e:37:a3:ce:ff:fc:0a:a5:2b:24
Certificate

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

.text
Size: 36KB - Virtual size: 32KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

84:26:45:e9:1b:e3:97:34:51:dd:4d:4f:e3:82:4e:c0
Certificate

.text
Size: 28KB - Virtual size: 26KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 6KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 4KB - Virtual size: 3KB

4f:63:d0:30:f8:15:a3:a5:b3:44:69:40:06:3d:16:89
Certificate

44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1b
Certificate

84:26:45:e9:1b:e3:97:34:51:dd:4d:4f:e3:82:4e:c0
Certificate

.text
Size: 500KB - Virtual size: 499KB

.rdata
Size: 140KB - Virtual size: 136KB

.data
Size: 64KB - Virtual size: 78KB

.rsrc
Size: 4KB - Virtual size: 176B

.reloc
Size: 40KB - Virtual size: 38KB