Extracted

• ea6989e3a607d753377b05bae55140d8.exe

  .exe windows:5 windows x86 arch:x86

  8e9e6de8c6aa184371108e1074479bb3

  
  

  Code Sign

  08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9

  Certificate

  Issuer

  CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

  Not Before

  29/04/2021, 00:00

  Not After

  28/04/2036, 23:59

  Subject

  CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  01:5a:6b:ec:4d:7f:54:9f:e5:25:c8:52:df:67:0e:13

  Certificate

  Issuer

  CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

  Not Before

  16/01/2023, 00:00

  Not After

  15/01/2026, 23:59

  Subject

  CN=Avast Software s.r.o.,O=Avast Software s.r.o.,L=Praha,C=CZ

  Extended Key Usages

  ExtKeyUsageCodeSigning

  Key Usages

  KeyUsageDigitalSignature

  3a:52:6a:2c:84:ce:55:e6:1d:65:fc:cc:12:d8:e9:89

  Certificate

  Issuer

  CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

  Not Before

  15/01/2024, 00:00

  Not After

  14/04/2035, 23:59

  Subject

  CN=Sectigo Public Time Stamping Signer R35,O=Sectigo Limited,ST=Manchester,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageContentCommitment

  7a:23:ae:da:53:69:96:0f:91:c8:3e:5c:f4:c7:e3:3f

  Certificate

  Issuer

  CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

  Not Before

  22/03/2021, 00:00

  Not After

  21/03/2036, 23:59

  Subject

  CN=Sectigo Public Time Stamping CA R36,O=Sectigo Limited,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  36:c2:b0:bd:7c:1b:3a:e7:a3:b3:dd:36:cb:c9:75:68

  Certificate

  Issuer

  CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

  Not Before

  22/03/2021, 00:00

  Not After

  18/01/2038, 23:59

  Subject

  CN=Sectigo Public Time Stamping Root R46,O=Sectigo Limited,C=GB

  Extended Key Usages

  ExtKeyUsageTimeStamping

  Key Usages

  KeyUsageDigitalSignature

  KeyUsageCertSign

  KeyUsageCRLSign

  e1:69:8b:1f:74:0e:6b:cb:6b:f6:6a:b0:2d:01:e3:f2:de:e2:67:f6:5d:ea:ac:b6:eb:8e:8d:64:8c:6c:d3:0a

  Signer

  Actual PE Digest

  e1:69:8b:1f:74:0e:6b:cb:6b:f6:6a:b0:2d:01:e3:f2:de:e2:67:f6:5d:ea:ac:b6:eb:8e:8d:64:8c:6c:d3:0a

  Digest Algorithm

  sha256

  PE Digest Matches

  false

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_32BIT_MACHINE

  Imports

  msvcrt

  strncpy

  ??_V@YAXPAX@Z

  memchr

  ??_U@YAPAXI@Z

  strtok

  atexit

  strtok_s

  strcpy_s

  vsprintf_s

  memmove

  strlen

  malloc

  free

  memcmp

  ??2@YAPAXI@Z

  memset

  memcpy

  __CxxFrameHandler3

  kernel32

  GetCurrentProcess

  RaiseException

  GetStringTypeW

  MultiByteToWideChar

  LCMapStringW

  IsValidCodePage

  GetOEMCP

  lstrlenA

  HeapAlloc

  GetProcessHeap

  VirtualProtect

  WaitForSingleObject

  CreateProcessA

  lstrcatA

  VirtualQueryEx

  OpenProcess

  ReadProcessMemory

  WriteFile

  GetACP

  GetCPInfo

  UnhandledExceptionFilter

  SetUnhandledExceptionFilter

  IsDebuggerPresent

  EncodePointer

  DecodePointer

  TerminateProcess

  InitializeCriticalSectionAndSpinCount

  LeaveCriticalSection

  EnterCriticalSection

  RtlUnwind

  GetProcAddress

  GetModuleHandleW

  ExitProcess

  Sleep

  GetStdHandle

  GetModuleFileNameW

  GetLastError

  LoadLibraryW

  TlsGetValue

  TlsSetValue

  InterlockedIncrement

  SetLastError

  GetCurrentThreadId

  InterlockedDecrement

  WideCharToMultiByte

  Sections

  .text

  Size: 115KB - Virtual size: 115KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .rdata

  Size: 52KB - Virtual size: 51KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 121KB - Virtual size: 2.2MB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .reloc

  Size: 17KB - Virtual size: 17KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 10KB - Virtual size: 10KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ