BpmSyncVmdGenerator[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

BpmSyncVmdGenerator.zip
Size

17.7MB
MD5

f702f3ceb359d4d3c5f111db5ad101c6
SHA1

cae24d85cc3da26e6ef22901fc8c14f835e9c2aa
SHA256

a6443fec9b5fc844dd3fb0878ddeca22bccadcd9d67b6077e7ccaf47a3960a08
SHA512

6d4858a5cdae08616228ffc53b4c22d16442f9cd31f53d82ecb80c47e783cd8d377dc438db7dd7155f2cf1f4dc6f9363fb2766ff257cceb9f22a4728e10a6c10
SSDEEP

393216:dKyY5cn/bn9GMV7qCPi2Amo5KfnJO2SIBS1D9K0DvS9Kl3n:/Y+/RGML9KKfnJFSIBS1Fl3n

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/CaptiveAppEntry.exe
unpack001/BpmSyncVmdGenerator/BpmSyncVmdGenerator.exe

Files

BpmSyncVmdGenerator.zip
.zip
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Adobe AIR.dll
.dll windows:5 windows x86 arch:x86

7af09a7dd6688900acbdc3ee6f5a763c

Code Sign

06:f0:47:88:03:10:55:d3:1d:ef:fe:fc:d0:26:d6:c5
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

15-03-2017 00:00

Not After

20-03-2019 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Flash Player,O=Adobe Systems Incorporated,POSTALCODE=95110,STREET=345 Park Avenue,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02-01-2017 00:00

Not After

01-04-2028 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

5e:4a:96:05:40:d3:a2:97:05:52:16:3c:1e:b4:17:6b:22:06:46:8e:40:ba:61:c5:54:18:f4:05:e8:64:01:b5
Signer

Actual PE Digest

5e:4a:96:05:40:d3:a2:97:05:52:16:3c:1e:b4:17:6b:22:06:46:8e:40:ba:61:c5:54:18:f4:05:e8:64:01:b5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\r\ws\St_Make\code\build\win\results\Release\info\runtime_sdk_withdrm\Adobe AIR.pdb

Imports

kernel32

GetCommandLineW
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
HeapSize
LCMapStringW
LCMapStringA
GetStringTypeW
MultiByteToWideChar
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
RaiseException
InitializeCriticalSectionAndSpinCount
FreeLibrary
HeapReAlloc
VirtualAlloc
GetLocaleInfoA
GetLocaleInfoW
IsValidCodePage
IsDBCSLeadByte
GlobalUnlock
GlobalLock
SystemTimeToFileTime
GetLocalTime
GlobalAlloc
GlobalSize
DebugBreak
GetDriveTypeW
GetVolumeInformationW
GetLogicalDriveStringsW
CloseHandle
CreateEventW
ExitThread
TerminateThread
SetEvent
ResetEvent
WaitForSingleObject
WaitForMultipleObjects
CreateWaitableTimerW
SetThreadPriority
CreateThread
GetSystemTime
GetSystemDirectoryA
GetVersionExW
QueryPerformanceFrequency
QueueUserAPC
OpenThread
SetCurrentDirectoryW
GetCurrentDirectoryW
GetSystemDirectoryW
SleepEx
GetProcessTimes
LoadLibraryW
ExpandEnvironmentStringsW
MoveFileExW
DeleteFileW
GetFileAttributesW
VirtualQuery
GetUserDefaultLangID
GetUserDefaultUILanguage
GlobalFree
SetFilePointer
CreateFileW
ReadFile
GetFileSize
CreateFileA
VerifyVersionInfoW
VerSetConditionMask
CreateProcessA
LockResource
LoadResource
FindResourceExA
FindResourceExW
GetModuleFileNameW
GetTempPathW
FindClose
FindNextFileW
FindFirstFileW
GetFileAttributesA
CreateDirectoryA
DeleteFileA
DeviceIoControl
GetTempPathA
CreateMutexA
GetFileAttributesExW
GetFileInformationByHandle
GetLongPathNameW
GetTempFileNameW
GetFullPathNameW
GetSystemWow64DirectoryW
ExpandEnvironmentStringsA
CreateProcessW
OutputDebugStringA
GetTempFileNameA
lstrlenW
SetFilePointerEx
GetFileSizeEx
SetEndOfFile
CreateDirectoryW
RemoveDirectoryW
FlushInstructionCache
ReleaseSemaphore
CreateSemaphoreW
SetNamedPipeHandleState
EndUpdateResourceW
BeginUpdateResourceW
UpdateResourceW
lstrlenA
GetExitCodeThread
DuplicateHandle
OpenProcess
GetExitCodeProcess
GetOverlappedResult
ConnectNamedPipe
CreateNamedPipeA
CompareFileTime
LocalFree
GetVersionExA
UnmapViewOfFile
ReleaseMutex
MapViewOfFile
CreateFileMappingA
GetComputerNameExW
CreateNamedPipeW
CancelIo
GetProcessHeap
GenerateConsoleCtrlEvent
FormatMessageW
SetHandleInformation
lstrcmpiW
SizeofResource
FindResourceW
LoadLibraryExW
SetThreadAffinityMask
VirtualProtect
AreFileApisANSI
FlushFileBuffers
UnlockFile
LockFile
LockFileEx
UnlockFileEx
FormatMessageA
GetFullPathNameA
GetDiskFreeSpaceA
GetDiskFreeSpaceW
CreateFileMappingW
CreateEventA
CreateWaitableTimerA
SetWaitableTimer
CancelWaitableTimer
InterlockedExchangeAdd
GetVersion
FileTimeToSystemTime
GetNumberFormatW
GetCurrencyFormatW
GetDateFormatW
GetTimeFormatW
EnumSystemLocalesW
GetProcessAffinityMask
GetNativeSystemInfo
LocalAlloc
lstrcpynW
GlobalMemoryStatus
FlushConsoleInputBuffer
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
PeekNamedPipe
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
GetConsoleCP
GetCurrentDirectoryA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsProcessorFeaturePresent
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
SetConsoleCtrlHandler
HeapAlloc
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
VirtualFree
HeapDestroy
HeapCreate
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
ExitProcess
HeapFree
GetCurrentThread
GetLastError
SetLastError
TlsFree
TlsAlloc
GetProcAddress
GetModuleHandleW
GetModuleFileNameA
GetStdHandle
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCommandLineA
GetSystemInfo
SwitchToThread
TlsGetValue
TlsSetValue
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
InterlockedExchange
InterlockedCompareExchange
GetModuleHandleA
Sleep

ole32

CoFreeUnusedLibraries
DoDragDrop
CoCreateInstance
CoInitialize
OleInitialize
OleUninitialize
RegisterDragDrop
RevokeDragDrop
OleGetClipboard
OleSetClipboard
OleIsCurrentClipboard
OleFlushClipboard
ReleaseStgMedium
CoUninitialize
CoTaskMemFree
CreateStreamOnHGlobal
CoSetProxyBlanket
CoMarshalInterThreadInterfaceInStream
CoInitializeEx
CoGetInterfaceAndReleaseStream
CoTaskMemAlloc
CoTaskMemRealloc
MkParseDisplayName
CreateBindCtx
PropVariantClear

oleaut32

VariantClear
SysStringByteLen
SysAllocStringByteLen
SysAllocString
LoadTypeLi
SysAllocStringLen
SysStringLen
LoadRegTypeLi
VarUI4FromStr
SysFreeString
VariantInit

ws2_32

getservbyname
htonl
inet_ntoa
gethostbyname
WSAGetLastError
inet_addr
closesocket
accept
listen
gethostname
__WSAFDIsSet
WSAEnumNetworkEvents
WSAEventSelect
WSACreateEvent
WSACloseEvent
recv
ntohs
sendto
send
recvfrom
connect
bind
getpeername
getsockname
WSAAddressToStringA
ioctlsocket
select
WSAStartup
WSASocketW
socket
ntohl
WSAIoctl
WSAAsyncSelect
WSASetLastError
gethostbyaddr
getsockopt
shutdown
setsockopt
htons
WSACleanup
getservbyport

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA
GetFileVersionInfoA

crypt32

CryptUnprotectData
CryptFindLocalizedName
CertGetEnhancedKeyUsage
CertAddEncodedCertificateToStore
CertDuplicateCertificateContext
CryptImportPublicKeyInfo
CertAddStoreToCollection
CertGetCertificateChain
CertCompareCertificate
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertVerifyTimeValidity
CertVerifyRevocation
CertAddCertificateContextToStore
CertOpenStore
CertEnumCertificatesInStore
CryptVerifyMessageSignature
CryptGetMessageCertificates
CertCreateCertificateContext
CertVerifySubjectCertificateContext
CertFindCertificateInStore
CertFreeCertificateContext
CertCloseStore
CryptProtectData

winmm

timeEndPeriod
timeGetTime
waveOutOpen
timeBeginPeriod
timeGetDevCaps
mixerSetControlDetails
waveInGetPosition
waveOutPause
waveOutRestart
mixerGetControlDetailsA
mixerOpen
mixerGetDevCapsA
mixerGetLineInfoA
mixerGetLineControlsA
mixerClose
waveInMessage
waveOutMessage
waveOutGetDevCapsA
waveInGetDevCapsA
mixerGetID
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInStop
waveInReset
waveInUnprepareHeader
waveInClose
waveInGetNumDevs
waveOutGetNumDevs
waveInGetDevCapsW
waveOutGetDevCapsW
waveOutGetPosition
timeKillEvent
waveOutClose
waveOutReset
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutWrite
timeSetEvent

oleacc

AccessibleObjectFromWindow

user32

GetClassLongW
GetWindowTextW
UpdateWindow
GetMenuBarInfo
DrawMenuBar
EnumWindows
DeleteMenu
EnumDisplayMonitors
PostQuitMessage
GetMessageW
ShowCaret
CreateCaret
DestroyCaret
SetCaretPos
InsertMenuItemW
SetMenuInfo
CreateMenu
GetMenuItemInfoW
SetMenuItemInfoW
RemoveMenu
EnumDisplayDevicesA
UpdateLayeredWindow
GetKeyboardLayout
ActivateKeyboardLayout
GetLastInputInfo
GetAsyncKeyState
UnregisterClassA
DdeUninitialize
DdeFreeStringHandle
DdeDisconnect
DdeClientTransaction
DdeConnect
DdeCreateStringHandleA
DdeInitializeW
GetMenuInfo
DestroyMenu
TrackPopupMenu
CreatePopupMenu
CharLowerW
CharUpperW
ToAscii
GetKeyboardState
MapVirtualKeyW
CharNextW
EnumDisplayDevicesW
PostMessageA
RegisterWindowMessageA
MonitorFromRect
GetMonitorInfoA
wsprintfW
GetUserObjectInformationW
GetProcessWindowStation
EndPaint
EnumDisplaySettingsW
IsWindow
GetClassInfoExW
ShowWindowAsync
SetWindowRgn
GetWindow
IsWindowVisible
ShowWindow
GetWindowDC
MapWindowPoints
SetWindowPlacement
OffsetRect
IsZoomed
GetSystemMenu
SetMenu
FlashWindowEx
GetActiveWindow
IsIconic
SetCursorPos
TrackMouseEvent
GetMessageTime
ReleaseCapture
SetCapture
GetCapture
GetWindowThreadProcessId
AttachThreadInput
LoadStringW
LoadCursorW
GetQueueStatus
SetTimer
GetWindowInfo
CopyRect
InvalidateRect
KillTimer
MonitorFromPoint
GetForegroundWindow
WaitForInputIdle
RegisterClassExW
DefWindowProcW
CloseWindow
CreateWindowExW
RemovePropW
SetForegroundWindow
CallWindowProcW
FindWindowExW
EnumChildWindows
GetFocus
GetAncestor
EnableWindow
GetWindowTextLengthW
GetDlgItemTextA
IsWindowEnabled
SetDlgItemTextA
SetRectEmpty
CreateIconIndirect
DialogBoxParamW
GetDlgItemTextW
SetDlgItemTextW
GetClientRect
MoveWindow
MessageBoxA
SendMessageTimeoutW
ClientToScreen
MonitorFromWindow
GetMonitorInfoW
DialogBoxIndirectParamW
EndDialog
GetParent
GetWindowRect
GetDesktopWindow
SetWindowPos
LoadIconW
GetDlgItem
SetWindowTextW
SetFocus
PostMessageW
DestroyWindow
SetCursor
GetCursor
DestroyIcon
GetPropW
SetPropW
SendInput
MessageBoxW
GetSysColor
GetWindowPlacement
BeginPaint
GetDoubleClickTime
RegisterClipboardFormatA
RegisterClipboardFormatW
GetClipboardFormatNameA
ReleaseDC
GetDC
ScreenToClient
GetKeyState
GetCursorPos
DispatchMessageW
TranslateMessage
MsgWaitForMultipleObjects
PeekMessageW
CloseClipboard
GetClipboardData
OpenClipboard
IsClipboardFormatAvailable
SetClipboardData
EmptyClipboard
InflateRect
GetSystemMetrics
SetRect
PostThreadMessageW
SendMessageW
SystemParametersInfoW
GetWindowLongW
SetWindowLongW
PtInRect

gdi32

GdiAlphaBlend
StretchBlt
LineTo
SetBkColor
SetStretchBltMode
GetStretchBltMode
GetTextExtentPoint32A
ExtTextOutA
GetTextExtentPoint32W
GetTextMetricsW
EnumFontFamiliesW
EnumFontFamiliesA
GetClipBox
CreateRectRgnIndirect
SelectPalette
GdiFlush
SelectClipRgn
CreateCompatibleBitmap
GetDIBits
CreateBitmap
SetPixel
CreateFontIndirectW
Rectangle
CreateDCA
GetICMProfileA
GetObjectW
BitBlt
CreateDIBSection
CreateSolidBrush
StrokePath
ExtCreatePen
CombineRgn
RealizePalette
OffsetRgn
FillPath
AbortDoc
CreatePen
GetDeviceCaps
MoveToEx
StartPage
CreateCompatibleDC
SelectObject
SetDIBitsToDevice
EndPage
DeleteDC
BeginPath
EndPath
SetPolyFillMode
PolyBezierTo
SelectClipPath
SaveDC
RestoreDC
LPtoDP
StartDocW
StretchDIBits
GetSystemPaletteEntries
CreatePalette
CreateDCW
GetFontData
EnumFontFamiliesExW
GetTextCharacterExtra
GetWorldTransform
DeleteObject
SetWorldTransform
ExtTextOutW
SetGraphicsMode
SetTextColor
CreateFontIndirectA
IntersectClipRect
GetClipRgn
CreateRectRgn
SetTextAlign
SetBkMode
SetTextCharacterExtra
GetTextAlign
GetBkMode
GetTextColor
DPtoLP
GetCurrentObject
GetBkColor
EndDoc
CreateICW
GetStockObject
ResetDCW

msimg32

AlphaBlend

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorControl
MakeSelfRelativeSD
SetEntriesInAclW
RegEnumKeyExW
CryptGenRandom
OpenProcessToken
GetTokenInformation
RegQueryInfoKeyW
RegisterEventSourceA
ReportEventA
DeregisterEventSource
IsValidSid
GetSidSubAuthorityCount
GetSidSubAuthority
CryptExportKey
CryptEncrypt
CryptImportKey
CryptGenKey
CryptDestroyKey
RegOpenKeyA
SetSecurityInfo
InitializeAcl
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExA
RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExW
RegDeleteKeyW
CryptReleaseContext
CryptDestroyHash
CryptCreateHash
CryptAcquireContextW
CryptGetHashParam
CryptHashData
SetSecurityDescriptorDacl

comdlg32

GetSaveFileNameW
PageSetupDlgW
PrintDlgW
CommDlgExtendedError
GetOpenFileNameW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
ShellExecuteExW
CommandLineToArgvW
SHGetFileInfoW
SHGetSpecialFolderLocation
SHChangeNotify
Shell_NotifyIconW
SHGetDiskFreeSpaceExW
SHFileOperationW
SHGetFolderPathW
SHGetSettings
SHGetFolderPathA
SHBrowseForFolderW
SHAppBarMessage
SHGetFolderLocation
SHGetPathFromIDListW
ord2
ord4
ShellExecuteW

shlwapi

PathAppendA
PathAppendW
StrDupW
AssocQueryStringW
StrStrIW
StrRStrIW
PathRemoveFileSpecW
PathFileExistsW
ord219
StrCmpW

wininet

InternetErrorDlg
InternetSetCookieW
InternetGetCookieW

msi

ord8
ord92
ord205
ord72
ord96
ord37
ord17
ord125
ord121
ord84
ord159
ord20
ord78
ord151
ord153
ord141
ord88
ord16
ord137
ord70
ord90
ord173
ord113
ord32

urlmon

CoInternetParseUrl
CoInternetCompareUrl
CopyStgMedium

comctl32

ImageList_Draw
ImageList_GetIconSize

mscms

OpenColorProfileW
CreateColorTransformW
CloseColorProfile
TranslateBitmapBits
DeleteColorTransform

secur32

LsaFreeReturnBuffer
LsaGetLogonSessionData

dsound

ord1
ord8

iphlpapi

GetAdaptersAddresses

dnsapi

DnsFree
DnsQuery_UTF8

winspool.drv

OpenPrinterW
GetPrinterW
ClosePrinter
EnumPrintersW

Exports

Exports

ADLWMain
AdobeCPGetAPI
AppEntryWinMain
AppInstallWinMain
CaptiveAppEntryWinMain
ExtendedAppEntryWinMain
FREAcquireBitmapData
FREAcquireBitmapData2
FREAcquireByteArray
FRECallObjectMethod
FREDispatchStatusEventAsync
FREGetArrayElementAt
FREGetArrayLength
FREGetContextActionScriptData
FREGetContextNativeData
FREGetObjectAsBool
FREGetObjectAsDouble
FREGetObjectAsInt32
FREGetObjectAsUTF8
FREGetObjectAsUint32
FREGetObjectProperty
FREGetObjectType
FREInvalidateBitmapDataRect
FRENewObject
FRENewObjectFromBool
FRENewObjectFromDouble
FRENewObjectFromInt32
FRENewObjectFromUTF8
FRENewObjectFromUint32
FREReleaseBitmapData
FREReleaseByteArray
FRESetArrayElementAt
FRESetArrayLength
FRESetContextActionScriptData
FRESetContextNativeData
FRESetObjectProperty
NAIPWMain
RuntimeInstallerWinMain

Sections

.text
Size: 12.7MB - Virtual size: 12.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 483KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 209KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 873KB - Virtual size: 873KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/Adobe AIR.vch
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/AdobeCP15.dll
.dll windows:4 windows x86 arch:x86

5654f6bff0dd174f50c057d3f5682311

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:28:2b:07:49:66:9b:59:5f:79:49:ff:06:13:4e:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

05-09-2009 00:00

Not After

01-10-2012 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80
Signer

Actual PE Digest

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

g:\Acro_root_apms\Main\build\win\results\Release\runtime\Adobe AIR\Versions\1.0\Resources\AdobeCP.pdb

Imports

kernel32

GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
CreateFileA
SetHandleCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetTimeZoneInformation
CreateFileW
SetEndOfFile
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetFilePointer
ReadFile
GetOEMCP
GetACP
HeapSize
GetModuleFileNameA
GetStdHandle
WriteFile
SetLastError
lstrlenA
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
HeapCreate
HeapDestroy
GetStringTypeW
GetStringTypeA
DeleteFileA
GetFileSize
GetFileTime
SetFileTime
CompareFileTime
GetSystemInfo
LocalFree
GlobalFree
FormatMessageA
ReleaseMutex
CreateMutexA
LCMapStringW
LCMapStringA
GetCPInfo
RaiseException
RtlUnwind
GetProcessHeap
GetVersionExA
GetCommandLineA
GetCurrentThreadId
ExitProcess
GetSystemTimeAsFileTime
HeapReAlloc
HeapAlloc
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetLastError
MultiByteToWideChar
InterlockedExchange
InterlockedCompareExchange
WideCharToMultiByte
VirtualFree
VirtualAlloc
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
CreateThread
CloseHandle
DeleteCriticalSection
EnterCriticalSection
ExitThread
LeaveCriticalSection
CreateEventA
Sleep
InitializeCriticalSection
SetEvent
WaitForSingleObject
GetCurrentThread
GetTickCount
SetStdHandle

user32

GetCursorPos

advapi32

CryptAcquireContextW
CryptImportKey
CryptDecrypt
CryptGetUserKey
CryptDestroyKey
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyA
RegCloseKey
RegSetValueExA
CryptReleaseContext
CryptSetKeyParam
CryptGenRandom
CryptAcquireContextA
CryptSetProvParam
CryptGetProvParam

wininet

InternetCloseHandle
HttpOpenRequestA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetConnectA
InternetSetOptionA
InternetSetStatusCallback
InternetOpenA
InternetReadFile
HttpAddRequestHeadersA
HttpQueryInfoA
HttpSendRequestA
InternetQueryOptionA

ws2_32

getsockopt
shutdown
closesocket
select
inet_addr
gethostbyname
WSAGetLastError
WSAStartup
connect
ioctlsocket
htons
setsockopt
socket
recv
__WSAFDIsSet
send
accept

crypt32

CryptMsgOpenToDecode
CryptMsgGetParam
CryptDecodeObject
CertFindCertificateInStore
CertEnumCertificatesInStore
CryptMsgUpdate
CryptMsgOpenToEncode
CryptMsgClose
CertGetEnhancedKeyUsage
CertAddCertificateContextToStore
CertDuplicateCertificateContext
CryptImportPublicKeyInfo
CertFreeCertificateContext
CertFindExtension
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertGetNameStringW
CertGetNameStringA
CryptProtectData
CryptUnprotectData
CertCloseStore
CertDeleteCertificateFromStore
CertOpenStore
CryptFindLocalizedName
CryptAcquireCertificatePrivateKey
CertAddEncodedCertificateToStore

Exports

Exports

AdobeCPGetAPI
C_EDCAuthenticationManager_allowHttpConnection
C_EDCAuthenticationManager_deleteUserCredentials
C_EDCAuthenticationManager_getAuthenticatedPrincipal
C_EDCAuthenticationManager_getClientVersion
C_EDCAuthenticationManager_getSAMLToken
C_EDCAuthenticationManager_getServerVersion
C_EDCAuthenticationManager_getUserCredentials
C_EDCAuthenticationManager_isAllowHttpConnection
C_EDCAuthenticationManager_isLoggedIn
C_EDCAuthenticationManager_isUserCredentialsCachingEnabled
C_EDCAuthenticationManager_login
C_EDCAuthenticationManager_logout
C_EDCAuthenticationManager_setSAMLToken
C_EDCByteBuffer_delete
C_EDCByteBuffer_getBytes
C_EDCByteBuffer_getLength
C_EDCCertificateInfoList_delete
C_EDCClientCallbacks_new
C_EDCClient_terminate
C_EDCConsumer_DownloadVoucher
C_EDCConsumer_delete
C_EDCConsumer_getBackgroundSyncFrequency
C_EDCConsumer_getDocHistoryURL
C_EDCConsumer_getLicenseId
C_EDCConsumer_getRevocationURL
C_EDCConsumer_getSecureTime
C_EDCConsumer_getSynchronizationProgress
C_EDCConsumer_getURL
C_EDCConsumer_isAnonymous
C_EDCConsumer_isOffline
C_EDCConsumer_isSyncing
C_EDCConsumer_iterate
C_EDCConsumer_logCustomEvents
C_EDCConsumer_logEvents
C_EDCConsumer_new
C_EDCConsumer_newFromIterationResponse
C_EDCConsumer_newFromPublishAsResponse
C_EDCConsumer_publishAs
C_EDCConsumer_requestAccess
C_EDCConsumer_setBackgroundSyncFrequency
C_EDCConsumer_setOffline
C_EDCConsumer_startSynchronization
C_EDCDecryptor_decryptBytes
C_EDCDecryptor_delete
C_EDCDecryptor_getDecryptionKey
C_EDCDecryptor_setDecryptionKey
C_EDCDeleteString
C_EDCPermSet_delete
C_EDCRevocationData_delete
C_EDCVoucherPropList_delete
C_EDCVoucherStore_get
C_EDCVoucherStore_new
C_EDCVoucherStore_put
C_EDCVoucherStore_remove
C_EDCVoucherStore_removeFromDisk
C_EDCVoucher_canRevoke
C_EDCVoucher_canViewAuditHistory
C_EDCVoucher_delete
C_EDCVoucher_getAuthenticatedUserFriendlyName
C_EDCVoucher_getAuthenticatedUserId
C_EDCVoucher_getClockSkew
C_EDCVoucher_getDecryptor
C_EDCVoucher_getEncryptor
C_EDCVoucher_getExpirationDate
C_EDCVoucher_getExtendedVoucherProperties
C_EDCVoucher_getExternalAuthLeasePeriod
C_EDCVoucher_getFirstPlaybackDate
C_EDCVoucher_getLicenseId
C_EDCVoucher_getOfflineLeasePeriodExpirationDate
C_EDCVoucher_getOfflineLeasePeriodRemaining
C_EDCVoucher_getOfflineLeaseStartDate
C_EDCVoucher_getPermissions
C_EDCVoucher_getPlaybackWindowExpirationDate
C_EDCVoucher_getPolicy
C_EDCVoucher_getRevocationData
C_EDCVoucher_getStartDate
C_EDCVoucher_getWatermark
C_EDCVoucher_isAudited
C_EDCVoucher_isExternalAuthorizationSet
C_EDCVoucher_isRevoked
C_EDCWatermarkTemplate_delete
C_EDCvoucherStore_delete
C_PDRLPolicyPropertyList_delete
C_PDRLPolicy_addPolicyEntry
C_PDRLPolicy_clearPolicyEntries
C_PDRLPolicy_countPolicyEntries
C_PDRLPolicy_delete
C_PDRLPolicy_getCreationDate
C_PDRLPolicy_getEncryptionMethod
C_PDRLPolicy_getInstanceVersionNum
C_PDRLPolicy_getLastModifiedDate
C_PDRLPolicy_getOfflineLeasePeriod
C_PDRLPolicy_getPolicyDescription
C_PDRLPolicy_getPolicyEntry
C_PDRLPolicy_getPolicyId
C_PDRLPolicy_getPolicyName
C_PDRLPolicy_getPolicyType
C_PDRLPolicy_getProperty
C_PDRLPolicy_getSchemaVersion
C_PDRLPolicy_getValidityPeriod
C_PDRLPolicy_getWatermarkId
C_PDRLPolicy_isAudited
C_PDRLPolicy_isCertifiedMode
C_PDRLPolicy_isEncryptAttachments
C_PDRLPolicy_isPlaintextMetadata
C_PDRLPolicy_isWatermarked
C_PDRLPolicy_new
C_PDRLPolicy_policyFromXML
C_PDRLPolicy_removePolicyEntry
C_PDRLPolicy_setAudited
C_PDRLPolicy_setCertifiedMode
C_PDRLPolicy_setEncryptAttachments
C_PDRLPolicy_setEncryptionMethod
C_PDRLPolicy_setOfflineLeasePeriod
C_PDRLPolicy_setPlaintextMetadata
C_PDRLPolicy_setPolicyDescription
C_PDRLPolicy_setPolicyName
C_PDRLPolicy_setProperty
C_PDRLPolicy_setValidityPeriod
C_PDRLPolicy_setWatermarkId
C_PDRLPolicy_toXML

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 468KB - Virtual size: 465KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 588KB - Virtual size: 597KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 156KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/CaptiveAppEntry.exe
.exe windows:5 windows x86 arch:x86

0149ed03f5810d92496c2f5e11b99ce2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\r\ws\St_Make\code\build\win\results\Release\info\CaptiveAppEntry.pdb

Imports

kernel32

SetStdHandle
GetVersionExW
ExitProcess
GetUserDefaultUILanguage
GetModuleHandleW
WriteConsoleW
GetStdHandle
GetCommandLineW
HeapAlloc
GetProcessHeap
GetFullPathNameW
HeapFree
GetFileAttributesW
LoadLibraryW
GetProcAddress
CreateFileW
InitializeCriticalSection
GetLastError
DuplicateHandle
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetFileType
GetCommandLineA
GetStartupInfoA
CloseHandle
SetHandleCount
DeleteCriticalSection
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetLastError
InitializeCriticalSectionAndSpinCount
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
SetFilePointer
CreateFileA
GetModuleFileNameW

shell32

CommandLineToArgvW

user32

FindWindowA
ShowWindow
MessageBoxExW

shlwapi

PathAppendW
StrCmpW
PathRemoveFileSpecW

msi

ord90

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING-LGPL-2.1
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING-MPL-1.1
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/Licenses/pcre2/COPYING
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/Licenses/pixman/COPYING
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/NPSWF32.dll
.dll windows:5 windows x86 arch:x86

b8ee5247fe5026a539c47b8fccacd597

Code Sign

06:f0:47:88:03:10:55:d3:1d:ef:fe:fc:d0:26:d6:c5
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

15-03-2017 00:00

Not After

20-03-2019 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Flash Player,O=Adobe Systems Incorporated,POSTALCODE=95110,STREET=345 Park Avenue,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02-01-2017 00:00

Not After

01-04-2028 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ee:f1:c7:7a:e9:4b:3c:30:70:10:48:cc:6e:c1:49:a3:ca:e5:a1:fb:ac:10:b6:9f:de:ec:10:8d:48:55:f4:46
Signer

Actual PE Digest

ee:f1:c7:7a:e9:4b:3c:30:70:10:48:cc:6e:c1:49:a3:ca:e5:a1:fb:ac:10:b6:9f:de:ec:10:8d:48:55:f4:46

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\depot\main\FlashRuntime\Main\code\products\AIR\AIRCaptivePlugin\Release\NPSWF32.pdb

Imports

user32

EndPaint
DestroyWindow
FillRect
LoadImageW
UnregisterClassW
GetClientRect
BeginPaint
LoadIconW
GetWindowLongW
SetWindowLongW
SetWindowPos
FrameRect
CreateWindowExW
RegisterClassW
DefWindowProcW

gdi32

BitBlt
SelectObject
CreateCompatibleDC
GetObjectW
GetStockObject
DeleteObject

shell32

ShellExecuteW

msvcr90

_encoded_null
memcpy
_except_handler4_common
_onexit
??3@YAXPAX@Z
??2@YAPAXI@Z
_encode_pointer
_malloc_crt
free
memset
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetTickCount
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/WebKit.dll
.dll windows:5 windows x86 arch:x86

6299045c5703cf0723d4895c87bd214a

Code Sign

06:f0:47:88:03:10:55:d3:1d:ef:fe:fc:d0:26:d6:c5
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

15-03-2017 00:00

Not After

20-03-2019 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Flash Player,O=Adobe Systems Incorporated,POSTALCODE=95110,STREET=345 Park Avenue,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12-01-2016 00:00

Not After

11-01-2031 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02-01-2017 00:00

Not After

01-04-2028 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

86:ba:13:94:c2:4b:e0:2a:46:1f:97:58:98:34:8b:94:9e:a4:50:97:19:50:b5:11:26:b6:8f:96:87:46:ba:29
Signer

Actual PE Digest

86:ba:13:94:c2:4b:e0:2a:46:1f:97:58:98:34:8b:94:9e:a4:50:97:19:50:b5:11:26:b6:8f:96:87:46:ba:29

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\r\ws\St_Make\code\build\win\results\Release\info\WebKit.pdb

Imports

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileA
GetDriveTypeW
FindFirstFileW
GetModuleHandleW
Sleep
CreateDirectoryA
SetStdHandle
GetFileType
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetModuleHandleA
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
GetCurrentProcess
HeapDestroy
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetFullPathNameA
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
GetFullPathNameW
LCMapStringA
LCMapStringW
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEndOfFile
GetProcessHeap
CompareStringA
SetEnvironmentVariableA
TerminateProcess
RaiseException
GetDateFormatA
GetTimeFormatA
LeaveCriticalSection
EnterCriticalSection
GetTimeZoneInformation
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
GetSystemTimeAsFileTime
LoadLibraryW
FormatMessageW
LocalFree
GetFileAttributesA
ExitProcess
GetVersionExW
GetLocaleInfoW
MultiByteToWideChar
GetLastError
GetCurrentDirectoryW
SetCurrentDirectoryW
LoadLibraryExW
FreeLibrary
GetProcAddress
GetFileAttributesExW
CreateFileW
GetFileSize
ReadFile
FoldStringW
GetCurrentThread
GetThreadTimes
GetSystemInfo
VirtualFree
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
DeleteFileA
CreateFileA
SetFilePointer
WriteFile
CloseHandle
InterlockedDecrement
InterlockedIncrement
GetTickCount
HeapCreate
CompareStringW

user32

FillRect
SystemParametersInfoW
GetDC
ReleaseDC
GetLastInputInfo
SendMessageW
GetPropW
ReleaseCapture
SetCapture
CallWindowProcW
SetParent
CreateWindowExW
DefWindowProcA
SetWindowLongA
SetPropW
SetWindowRgn
MoveWindow
DestroyWindow
UpdateWindow
InvalidateRect
GetFocus
IsChild
GetUpdateRect
IntersectRect
EqualRect
GetWindowRgn
DefWindowProcW
LoadCursorW
RegisterClassExW
GetKeyboardState
SetKeyboardState
ShowWindow
SetFocus
GetWindowRect
ClientToScreen
SetWindowLongW
GetWindowLongW

gdi32

ModifyWorldTransform
RestoreDC
SaveDC
CreateCompatibleDC
CreateDIBSection
SelectObject
SetGraphicsMode
GetWorldTransform
SetWorldTransform
GetClipBox
CreateRectRgn
GetRgnBox
DeleteObject
RemoveFontMemResourceEx
CreateFontIndirectW
GetTextFaceW
EnumFontFamiliesExW
GetFontUnicodeRanges
GetStockObject
DeleteEnhMetaFile
EnumEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
IntersectClipRect
GetOutlineTextMetricsW
GetGlyphOutlineW
GetTextMetricsW
GetCharWidthI
GetGlyphIndicesW
GetFontData
DeleteDC
GdiFlush
BitBlt
GetClipRgn
GetGraphicsMode
ExtSelectClipRgn
ExtCreateRegion
SelectClipRgn
CreateCompatibleBitmap
ExtTextOutW
SetBkMode
SetTextAlign
SetTextColor
SetMapMode
GetCharWidth32W
GetDeviceCaps
StretchDIBits
CreateSolidBrush
AddFontMemResourceEx
GetObjectW

usp10

ScriptStringAnalyse
ScriptShape
ScriptXtoCP
ScriptPlace
ScriptItemize
ScriptFreeCache
ScriptStringFree
ScriptStringOut

urlmon

FindMimeFromData

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeBeginPeriod
timeEndPeriod

advapi32

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

ole32

CoCreateGuid
CoTaskMemFree
CoCreateInstance

Exports

Exports

WebKitGetAPI
cairo_append_path
cairo_arc
cairo_arc_negative
cairo_clip
cairo_clip_extents
cairo_clip_preserve
cairo_close_path
cairo_copy_clip_rectangle_list
cairo_copy_page
cairo_copy_path
cairo_copy_path_flat
cairo_create
cairo_curve_to
cairo_debug_reset_static_data
cairo_destroy
cairo_device_acquire
cairo_device_destroy
cairo_device_finish
cairo_device_flush
cairo_device_get_reference_count
cairo_device_get_type
cairo_device_get_user_data
cairo_device_reference
cairo_device_release
cairo_device_set_user_data
cairo_device_status
cairo_device_to_user
cairo_device_to_user_distance
cairo_fill
cairo_fill_extents
cairo_fill_preserve
cairo_font_extents
cairo_font_face_destroy
cairo_font_face_get_reference_count
cairo_font_face_get_type
cairo_font_face_get_user_data
cairo_font_face_reference
cairo_font_face_set_user_data
cairo_font_face_status
cairo_font_options_copy
cairo_font_options_create
cairo_font_options_destroy
cairo_font_options_equal
cairo_font_options_get_antialias
cairo_font_options_get_hint_metrics
cairo_font_options_get_hint_style
cairo_font_options_get_subpixel_order
cairo_font_options_hash
cairo_font_options_merge
cairo_font_options_set_antialias
cairo_font_options_set_hint_metrics
cairo_font_options_set_hint_style
cairo_font_options_set_subpixel_order
cairo_font_options_status
cairo_format_stride_for_width
cairo_get_antialias
cairo_get_current_point
cairo_get_dash
cairo_get_dash_count
cairo_get_fill_rule
cairo_get_font_face
cairo_get_font_matrix
cairo_get_font_options
cairo_get_group_target
cairo_get_line_cap
cairo_get_line_join
cairo_get_line_width
cairo_get_matrix
cairo_get_miter_limit
cairo_get_operator
cairo_get_reference_count
cairo_get_scaled_font
cairo_get_source
cairo_get_target
cairo_get_tolerance
cairo_get_user_data
cairo_glyph_allocate
cairo_glyph_extents
cairo_glyph_free
cairo_glyph_path
cairo_has_current_point
cairo_identity_matrix
cairo_image_surface_create
cairo_image_surface_create_for_data
cairo_image_surface_create_from_png
cairo_image_surface_create_from_png_stream
cairo_image_surface_get_data
cairo_image_surface_get_format
cairo_image_surface_get_height
cairo_image_surface_get_stride
cairo_image_surface_get_width
cairo_in_clip
cairo_in_fill
cairo_in_stroke
cairo_line_to
cairo_mask
cairo_mask_surface
cairo_matrix_init
cairo_matrix_init_identity
cairo_matrix_init_rotate
cairo_matrix_init_scale
cairo_matrix_init_translate
cairo_matrix_invert
cairo_matrix_multiply
cairo_matrix_rotate
cairo_matrix_scale
cairo_matrix_transform_distance
cairo_matrix_transform_point
cairo_matrix_translate
cairo_mesh_pattern_begin_patch
cairo_mesh_pattern_curve_to
cairo_mesh_pattern_end_patch
cairo_mesh_pattern_get_control_point
cairo_mesh_pattern_get_corner_color_rgba
cairo_mesh_pattern_get_patch_count
cairo_mesh_pattern_get_path
cairo_mesh_pattern_line_to
cairo_mesh_pattern_move_to
cairo_mesh_pattern_set_control_point
cairo_mesh_pattern_set_corner_color_rgb
cairo_mesh_pattern_set_corner_color_rgba
cairo_move_to
cairo_new_path
cairo_new_sub_path
cairo_paint
cairo_paint_with_alpha
cairo_path_destroy
cairo_path_extents
cairo_pattern_add_color_stop_rgb
cairo_pattern_add_color_stop_rgba
cairo_pattern_create_for_surface
cairo_pattern_create_linear
cairo_pattern_create_mesh
cairo_pattern_create_radial
cairo_pattern_create_raster_source
cairo_pattern_create_rgb
cairo_pattern_create_rgba
cairo_pattern_destroy
cairo_pattern_get_color_stop_count
cairo_pattern_get_color_stop_rgba
cairo_pattern_get_extend
cairo_pattern_get_filter
cairo_pattern_get_linear_points
cairo_pattern_get_matrix
cairo_pattern_get_radial_circles
cairo_pattern_get_reference_count
cairo_pattern_get_rgba
cairo_pattern_get_surface
cairo_pattern_get_type
cairo_pattern_get_user_data
cairo_pattern_reference
cairo_pattern_set_extend
cairo_pattern_set_filter
cairo_pattern_set_matrix
cairo_pattern_set_user_data
cairo_pattern_status
cairo_pop_group
cairo_pop_group_to_source
cairo_push_group
cairo_push_group_with_content
cairo_raster_source_pattern_get_acquire
cairo_raster_source_pattern_get_callback_data
cairo_raster_source_pattern_get_copy
cairo_raster_source_pattern_get_finish
cairo_raster_source_pattern_get_snapshot
cairo_raster_source_pattern_set_acquire
cairo_raster_source_pattern_set_callback_data
cairo_raster_source_pattern_set_copy
cairo_raster_source_pattern_set_finish
cairo_raster_source_pattern_set_snapshot
cairo_recording_surface_create
cairo_recording_surface_get_extents
cairo_recording_surface_ink_extents
cairo_rectangle
cairo_rectangle_list_destroy
cairo_reference
cairo_region_contains_point
cairo_region_contains_rectangle
cairo_region_copy
cairo_region_create
cairo_region_create_rectangle
cairo_region_create_rectangles
cairo_region_destroy
cairo_region_equal
cairo_region_get_extents
cairo_region_get_rectangle
cairo_region_intersect
cairo_region_intersect_rectangle
cairo_region_is_empty
cairo_region_num_rectangles
cairo_region_reference
cairo_region_status
cairo_region_subtract
cairo_region_subtract_rectangle
cairo_region_translate
cairo_region_union
cairo_region_union_rectangle
cairo_region_xor
cairo_region_xor_rectangle
cairo_rel_curve_to
cairo_rel_line_to
cairo_rel_move_to
cairo_reset_clip
cairo_restore
cairo_rotate
cairo_save
cairo_scale
cairo_scaled_font_create
cairo_scaled_font_destroy
cairo_scaled_font_extents
cairo_scaled_font_get_ctm
cairo_scaled_font_get_font_face
cairo_scaled_font_get_font_matrix
cairo_scaled_font_get_font_options
cairo_scaled_font_get_reference_count
cairo_scaled_font_get_scale_matrix
cairo_scaled_font_get_type
cairo_scaled_font_get_user_data
cairo_scaled_font_glyph_extents
cairo_scaled_font_reference
cairo_scaled_font_set_user_data
cairo_scaled_font_status
cairo_scaled_font_text_extents
cairo_scaled_font_text_to_glyphs
cairo_select_font_face
cairo_set_antialias
cairo_set_dash
cairo_set_fill_rule
cairo_set_font_face
cairo_set_font_matrix
cairo_set_font_options
cairo_set_font_size
cairo_set_line_cap
cairo_set_line_join
cairo_set_line_width
cairo_set_matrix
cairo_set_miter_limit
cairo_set_operator
cairo_set_scaled_font
cairo_set_source
cairo_set_source_rgb
cairo_set_source_rgba
cairo_set_source_surface
cairo_set_tolerance
cairo_set_user_data
cairo_show_glyphs
cairo_show_page
cairo_show_text
cairo_show_text_glyphs
cairo_status
cairo_status_to_string
cairo_stroke
cairo_stroke_extents
cairo_stroke_preserve
cairo_surface_copy_page
cairo_surface_create_similar
cairo_surface_create_similar_image
cairo_surface_destroy
cairo_surface_finish
cairo_surface_flush
cairo_surface_get_content
cairo_surface_get_device
cairo_surface_get_device_offset
cairo_surface_get_device_scale
cairo_surface_get_fallback_resolution
cairo_surface_get_font_options
cairo_surface_get_mime_data
cairo_surface_get_reference_count
cairo_surface_get_type
cairo_surface_get_user_data
cairo_surface_has_show_text_glyphs
cairo_surface_map_to_image
cairo_surface_mark_dirty
cairo_surface_mark_dirty_rectangle
cairo_surface_reference
cairo_surface_set_device_offset
cairo_surface_set_device_scale
cairo_surface_set_fallback_resolution
cairo_surface_set_mime_data
cairo_surface_set_user_data
cairo_surface_show_page
cairo_surface_status
cairo_surface_supports_mime_type
cairo_surface_unmap_image
cairo_surface_write_to_png
cairo_surface_write_to_png_stream
cairo_text_cluster_allocate
cairo_text_cluster_free
cairo_text_extents
cairo_text_path
cairo_toy_font_face_create
cairo_toy_font_face_get_family
cairo_toy_font_face_get_slant
cairo_toy_font_face_get_weight
cairo_transform
cairo_translate
cairo_user_font_face_create
cairo_user_font_face_get_init_func
cairo_user_font_face_get_render_glyph_func
cairo_user_font_face_get_text_to_glyphs_func
cairo_user_font_face_get_unicode_to_glyph_func
cairo_user_font_face_set_init_func
cairo_user_font_face_set_render_glyph_func
cairo_user_font_face_set_text_to_glyphs_func
cairo_user_font_face_set_unicode_to_glyph_func
cairo_user_to_device
cairo_user_to_device_distance
cairo_win32_font_face_create_for_hfont
cairo_win32_font_face_create_for_logfontw
cairo_win32_font_face_create_for_logfontw_hfont
cairo_win32_scaled_font_done_font
cairo_win32_scaled_font_get_device_to_logical
cairo_win32_scaled_font_get_logical_to_device
cairo_win32_scaled_font_get_metrics_factor
cairo_win32_scaled_font_select_font
cairo_win32_surface_create
cairo_win32_surface_create_with_ddb
cairo_win32_surface_create_with_dib
cairo_win32_surface_get_dc
cairo_win32_surface_get_image

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 860KB - Virtual size: 859KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unwante
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/WebKit/LGPL License.txt
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/WebKit/Notice WebKit.txt
BpmSyncVmdGenerator/Adobe AIR/Versions/1.0/Resources/adobecp.dll
.dll windows:5 windows x86 arch:x86

f4d75a8a5b2825f8ba8adc7f0386dd03

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15-06-2007 00:00

Not After

14-06-2012 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04-12-2003 00:00

Not After

03-12-2013 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

21-05-2009 00:00

Not After

20-05-2019 23:59

Subject

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7e:28:2b:07:49:66:9b:59:5f:79:49:ff:06:13:4e:92
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2009-2 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)09,O=VeriSign\, Inc.,C=US

Not Before

05-09-2009 00:00

Not After

01-10-2012 23:59

Subject

CN=Adobe Systems Incorporated,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=Universal Client,O=Adobe Systems Incorporated,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

dc:b1:f9:d3:51:00:c0:c2:b0:ed:ca:d6:90:dd:6c:98:18:e3:14:5c
Signer

Actual PE Digest

dc:b1:f9:d3:51:00:c0:c2:b0:ed:ca:d6:90:dd:6c:98:18:e3:14:5c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushConsoleInputBuffer
ReleaseMutex
CreateMutexA
OutputDebugStringA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemInfo
DeviceIoControl
CreateFileA
GetVersionExW
InterlockedDecrement
WideCharToMultiByte
WaitForSingleObject
InterlockedExchange
Sleep
lstrcpynW
lstrlenW
InterlockedIncrement
CreateEventW
SetEvent
ResetEvent
VirtualFree
GetCurrentProcess
VirtualAlloc
GetModuleHandleW
CreateThread
lstrlenA
HeapFree
GetProcessHeap
InterlockedCompareExchange
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
HeapAlloc
MultiByteToWideChar
GetSystemTimeAsFileTime
GetCommandLineA
ExitProcess
SetConsoleCtrlHandler
ReadConsoleInputA
SetConsoleMode
GetConsoleMode
LCMapStringA
LCMapStringW
GetCPInfo
GetStringTypeW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
WriteFile
GetModuleFileNameA
HeapCreate
HeapDestroy
HeapSize
GetACP
GetOEMCP
IsValidCodePage
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
ReadFile
GetConsoleCP
FlushFileBuffers
SetStdHandle
SetFilePointer
GetLocaleInfoA
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileW
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetEndOfFile
GetVersionExA
LoadLibraryA
FreeLibrary
CloseHandle
GlobalMemoryStatus
GetCurrentProcessId
QueryPerformanceCounter
GetStdHandle
GetFileType
GetVersion
GetModuleHandleA
GetProcAddress
GetLastError
GetCurrentThreadId
GetTickCount
GetCurrentThread
HeapReAlloc
GetTimeZoneInformation

user32

GetCursorPos
GetUserObjectInformationW
GetProcessWindowStation
GetDesktopWindow
MessageBoxA
GetClientRect
EndPaint
BeginPaint
SetRectEmpty
wsprintfW
GetForegroundWindow
GetWindowRect

ole32

CoInitialize
CoSetProxyBlanket
CoTaskMemAlloc
CoFreeUnusedLibraries
CoTaskMemFree
CoUninitialize
CoCreateInstance

oleaut32

SysAllocString
SysStringLen
VariantClear
VariantInit
SysFreeString

advapi32

CryptGenRandom
CryptEncrypt
GetUserNameA
CryptImportKey
CryptGenKey
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextW
RegisterEventSourceA
ReportEventA
CryptExportKey
DeregisterEventSource

Exports

Exports

AdobeCPGetAPI

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BpmSyncVmdGenerator/BpmSyncVmdGenerator.exe
.exe windows:5 windows x86 arch:x86

0149ed03f5810d92496c2f5e11b99ce2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\r\ws\St_Make\code\build\win\results\Release\info\CaptiveAppEntry.pdb

Imports

kernel32

SetStdHandle
GetVersionExW
ExitProcess
GetUserDefaultUILanguage
GetModuleHandleW
WriteConsoleW
GetStdHandle
GetCommandLineW
HeapAlloc
GetProcessHeap
GetFullPathNameW
HeapFree
GetFileAttributesW
LoadLibraryW
GetProcAddress
CreateFileW
InitializeCriticalSection
GetLastError
DuplicateHandle
GetCurrentProcess
EnterCriticalSection
LeaveCriticalSection
GetFileType
GetCommandLineA
GetStartupInfoA
CloseHandle
SetHandleCount
DeleteCriticalSection
Sleep
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetLastError
InitializeCriticalSectionAndSpinCount
WriteFile
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
GetCurrentThreadId
InterlockedDecrement
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
HeapReAlloc
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
VirtualAlloc
HeapSize
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetLocaleInfoA
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
SetFilePointer
CreateFileA
GetModuleFileNameW

shell32

CommandLineToArgvW

user32

FindWindowA
ShowWindow
MessageBoxExW

shlwapi

PathAppendW
StrCmpW
PathRemoveFileSpecW

msi

ord90

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
BpmSyncVmdGenerator/BpmSyncVmdGenerator.swf
BpmSyncVmdGenerator/META-INF/AIR/application.xml
BpmSyncVmdGenerator/META-INF/AIR/hash
BpmSyncVmdGenerator/META-INF/signatures.xml
BpmSyncVmdGenerator/data/asset.swf
BpmSyncVmdGenerator/icons/BpmSyncVmdGenerator128.png
.png
BpmSyncVmdGenerator/icons/BpmSyncVmdGenerator16.png
.png
BpmSyncVmdGenerator/icons/BpmSyncVmdGenerator192.png
.png
BpmSyncVmdGenerator/icons/BpmSyncVmdGenerator32.png
.png
BpmSyncVmdGenerator/icons/BpmSyncVmdGenerator48.png
.png
BpmSyncVmdGenerator/icons/BpmSyncVmdGenerator512.png
.png
BpmSyncVmdGenerator/mimetype
BpmSyncVmdGenerator/presets.json
BpmSyncVmdGenerator/readme.txt

Sharing

General

Malware Config

Signatures

Files

7af09a7dd6688900acbdc3ee6f5a763c

Code Sign

06:f0:47:88:03:10:55:d3:1d:ef:fe:fc:d0:26:d6:c5Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

5e:4a:96:05:40:d3:a2:97:05:52:16:3c:1e:b4:17:6b:22:06:46:8e:40:ba:61:c5:54:18:f4:05:e8:64:01:b5Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

ole32

oleaut32

ws2_32

version

crypt32

winmm

oleacc

user32

gdi32

msimg32

advapi32

comdlg32

shell32

shlwapi

wininet

msi

urlmon

comctl32

mscms

secur32

dsound

iphlpapi

dnsapi

winspool.drv

Exports

Exports

Sections

.text Size: 12.7MB - Virtual size: 12.7MB

.rodata Size: 4KB - Virtual size: 4KB

.rdata Size: 6.5MB - Virtual size: 6.5MB

.data Size: 483KB - Virtual size: 1.4MB

.rsrc Size: 209KB - Virtual size: 208KB

.reloc Size: 873KB - Virtual size: 873KB

5654f6bff0dd174f50c057d3f5682311

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5cCertificate

Extended Key Usages

Key Usages

7e:28:2b:07:49:66:9b:59:5f:79:49:ff:06:13:4e:92Certificate

Extended Key Usages

Key Usages

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80Signer

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

06:f0:47:88:03:10:55:d3:1d:ef:fe:fc:d0:26:d6:c5
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

5e:4a:96:05:40:d3:a2:97:05:52:16:3c:1e:b4:17:6b:22:06:46:8e:40:ba:61:c5:54:18:f4:05:e8:64:01:b5
Signer

.text
Size: 12.7MB - Virtual size: 12.7MB

.rodata
Size: 4KB - Virtual size: 4KB

.rdata
Size: 6.5MB - Virtual size: 6.5MB

.data
Size: 483KB - Virtual size: 1.4MB

.rsrc
Size: 209KB - Virtual size: 208KB

.reloc
Size: 873KB - Virtual size: 873KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Certificate

7e:28:2b:07:49:66:9b:59:5f:79:49:ff:06:13:4e:92
Certificate

e8:b0:ea:0a:41:61:02:e3:b2:62:68:45:b3:b3:9c:19:38:0c:5c:80
Signer

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 468KB - Virtual size: 465KB

.data
Size: 588KB - Virtual size: 597KB

.data1
Size: 4KB - Virtual size: 84B

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 156KB - Virtual size: 154KB

.text
Size: 34KB - Virtual size: 33KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 4KB - Virtual size: 11KB

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 4KB - Virtual size: 4KB

06:f0:47:88:03:10:55:d3:1d:ef:fe:fc:d0:26:d6:c5
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

ee:f1:c7:7a:e9:4b:3c:30:70:10:48:cc:6e:c1:49:a3:ca:e5:a1:fb:ac:10:b6:9f:de:ec:10:8d:48:55:f4:46
Signer

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 29KB - Virtual size: 28KB

.reloc
Size: 1024B - Virtual size: 592B

06:f0:47:88:03:10:55:d3:1d:ef:fe:fc:d0:26:d6:c5
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate