55d5b3d4d481da8a68bb4e3ba37f7ccd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

55d5b3d4d481da8a68bb4e3ba37f7ccd_JaffaCakes118
Size

2.1MB
MD5

55d5b3d4d481da8a68bb4e3ba37f7ccd
SHA1

be8ac614f4e97c454c1b62cfc8f05658848d0a59
SHA256

73bbc1a43fb91aa4e971fa897ade2cfe64f6f87e357cb630522f2174bc3989ca
SHA512

76ed50a67ca8e24252fb06cc344d8331c80d706b7f117ecb9ecf9e890f34cd09498e5f88c2bdeb4fe1ea5d107b89641511cb0a08eafb954eb9c4289ea129e25f
SSDEEP

49152:cn3+qAatifKk2itSqsHj2wDdn3+qAUz+y:cn3PYik2iBmj2Kn3dz+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Aero/Aero+/Shell/NormalColor/en-US/shellstyle.dll.mui
unpack001/Aero/Aero+/Shell/NormalColor/shellstyle.dll
unpack001/Aero/Aero+/aero+.msstyles
unpack001/Aero/Aero_No_User/aero.msstyles
unpack001/Aero/Original/Shell/NormalColor/en-US/shellstyle.dll.mui
unpack001/Aero/Original/Shell/NormalColor/shellstyle.dll
unpack001/Aero/Original/aero.msstyles

Files

55d5b3d4d481da8a68bb4e3ba37f7ccd_JaffaCakes118
.zip
Aero/Aero+/Shell/NormalColor/en-US/shellstyle.dll.mui
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aero/Aero+/Shell/NormalColor/shellstyle.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 340KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aero/Aero+/aero+.msstyles
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1015KB - Virtual size: 1015KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Aero/Aero_No_User/aero.msstyles
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Aero/Original/Shell/NormalColor/en-US/shellstyle.dll.mui
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aero/Original/Shell/NormalColor/shellstyle.dll
.dll windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rsrc
Size: 340KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aero/Original/aero.msstyles
.dll windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1015KB - Virtual size: 1015KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Aero/Preview.jpg
.jpg
Aero/UniversalThemePatcher-x64.exe_
.exe windows:5 windows x64 arch:x64

f631ae8ca1c7afaeec16b2938253cd05

Code Sign

18:23:2a:ce:52:10:a6:b0:4d:86:17:a5:00:40:af:4c
Certificate

Issuer

CN=deepxw Software,O=deepxw Software,1.2.840.113549.1.9.1=#1306646565707877

Not Before

18/01/2008, 16:00

Not After

31/12/2011, 16:00

Subject

CN=deepxw Software,O=deepxw Software,1.2.840.113549.1.9.1=#1306646565707877

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

90:79:83:6f:36:cc:71:14:ac:50:87:4e:aa:5e:24:0e:5b:46:07:ef
Signer

Actual PE Digest

90:79:83:6f:36:cc:71:14:ac:50:87:4e:aa:5e:24:0e:5b:46:07:ef

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

b:\universalthemepatcher\universalthemepatcher\x64\objfre_wnet_AMD64\amd64\UniversalThemePatcher-x64.pdb

Imports

mfc42u

ord3783
ord2903
ord2393
ord1441
ord1126
ord6660
ord5687
ord4721
ord5245
ord5406
ord6437
ord1777
ord5663
ord5702
ord4771
ord3761
ord337
ord4557
ord984
ord525
ord3177
ord6328
ord1499
ord4548
ord1287
ord1284
ord2846
ord626
ord6614
ord4214
ord5077
ord3742
ord1647
ord1812
ord1771
ord6243
ord4014
ord4826
ord620
ord2459
ord2049
ord6886
ord1122
ord6147
ord6184
ord5815
ord6832
ord6050
ord4436
ord6021
ord2900
ord665
ord624
ord1930
ord4599
ord4131
ord2517
ord852
ord1063
ord659
ord3916
ord4983
ord6053
ord5711
ord5730
ord1584
ord5065
ord4368
ord2752
ord5724
ord5722
ord3468
ord2412
ord5615
ord1388
ord4191
ord6071
ord2515
ord2559
ord4836
ord6813
ord4598
ord1035
ord4770
ord4988
ord4371
ord3164
ord4077
ord4083
ord4082
ord3046
ord3166
ord3052
ord3366
ord3231
ord4815
ord3362
ord3243
ord3049
ord5699
ord2140
ord2457
ord5683
ord1736
ord5484
ord3933
ord6814
ord2060
ord2670
ord4789
ord5229
ord4017
ord5712
ord4694
ord6812
ord5586
ord2399
ord4752
ord1778
ord4365
ord6440
ord1040
ord2427
ord3790
ord1463
ord6887
ord3830
ord4473
ord5039

msvcrt

_wcmdln
__wgetmainargs
_initterm
__setusermatherr
_commode
_c_exit
exit
??1type_info@@UEAA@XZ
__dllonexit
_XcptFilter
__C_specific_handler
_wcsicmp
_cexit
__set_app_type
_exit
memset
__CxxFrameHandler
malloc
wcsrchr
wcstoul
__argc
__wargv
_wcslwr
wcsstr
_fmode
_onexit
?terminate@@YAXXZ
memcpy
free

advapi32

GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

kernel32

MoveFileExW
DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetVersion
GetEnvironmentVariableW
FindFirstFileW
GetPrivateProfileStringW
IsValidLocale
GetLocaleInfoW
FindNextFileW
lstrcmpiW
GetModuleFileNameW
GetVersionExW
GetModuleHandleW
GetProcAddress
GetSystemInfo
CopyFileW
lstrcpyW
lstrcmpW
lstrcatW
GetCurrentProcess
GetLastError
GetTempFileNameW
LoadLibraryW
UnmapViewOfFile
IsBadReadPtr
MapViewOfFile
CreateFileW
WriteFile
SetFilePointer
Sleep
ReadFile
lstrcpynW
LockResource
LoadResource
FindResourceExW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStartupInfoW
CloseHandle
GetExitCodeProcess
WaitForSingleObject
FreeLibrary
GetWindowsDirectoryW
CreateMutexW
GetFileSize
CreateFileMappingW

gdi32

GetObjectW
CreateSolidBrush
GetStockObject
CreateFontIndirectW

user32

CharNextW
MessageBeep
LoadCursorW
SetCursor
InvalidateRect
ExitWindowsEx
SetWindowPos
GetClassNameW
GetSystemMetrics
LoadIconW
GetClientRect
IsIconic
GetSystemMenu
PostMessageW
SendMessageW
AppendMenuW
EnableWindow
MessageBoxW
DrawIcon
wsprintfW

shell32

DragQueryFileW
ShellExecuteExW
ShellExecuteW
DragFinish

shlwapi

PathFileExistsW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

imagehlp

CheckSumMappedFile
MapFileAndCheckSumW

comctl32

CreateStatusWindowW

wintrust

CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust
CryptCATAdminReleaseCatalogContext
CryptCATCatalogInfoFromContext

netapi32

NetUserGetInfo
NetApiBufferFree

Sections

.text
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aero/UniversalThemePatcher-x86.exe_
.exe windows:5 windows x86 arch:x86

315a1b02d7617389cdbdf1e1faba5302

Code Sign

18:23:2a:ce:52:10:a6:b0:4d:86:17:a5:00:40:af:4c
Certificate

Issuer

CN=deepxw Software,O=deepxw Software,1.2.840.113549.1.9.1=#1306646565707877

Not Before

18/01/2008, 16:00

Not After

31/12/2011, 16:00

Subject

CN=deepxw Software,O=deepxw Software,1.2.840.113549.1.9.1=#1306646565707877

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

63:21:92:f9:d0:34:fb:ef:08:ff:6e:e2:8b:fb:26:de:9b:0e:4f:b4
Signer

Actual PE Digest

63:21:92:f9:d0:34:fb:ef:08:ff:6e:e2:8b:fb:26:de:9b:0e:4f:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

b:\universalthemepatcher\universalthemepatcher\x86\objfre_wnet_x86\i386\UniversalThemePatcher-x86.pdb

Imports

mfc42u

ord815
ord641
ord2506
ord3948
ord2858
ord2371
ord1143
ord861
ord6237
ord5261
ord4370
ord4847
ord4992
ord6048
ord1767
ord5237
ord5276
ord4419
ord3592
ord324
ord4229
ord755
ord470
ord3087
ord5949
ord1197
ord4219
ord942
ord940
ord2810
ord540
ord561
ord4155
ord4704
ord3568
ord1634
ord1808
ord1761
ord5871
ord3792
ord4470
ord535
ord823
ord858
ord5798
ord5446
ord6390
ord5706
ord4124
ord5679
ord2855
ord3397
ord3716
ord567
ord538
ord1921
ord4270
ord3871
ord2036
ord2440
ord1569
ord3733
ord4616
ord5710
ord5285
ord5303
ord4692
ord4074
ord2717
ord5830
ord5298
ord5296
ord3341
ord2388
ord5193
ord1089
ord3917
ord5727
ord2504
ord2546
ord4480
ord6371
ord4269
ord825
ord795
ord4418
ord4621
ord4075
ord3074
ord3820
ord3826
ord3825
ord2971
ord3076
ord2980
ord3257
ord3131
ord4459
ord3254
ord3142
ord2977
ord5273
ord2116
ord2438
ord5257
ord1720
ord5059
ord3744
ord6372
ord2047
ord2640
ord4435
ord4831
ord3793
ord5286
ord4347
ord6370
ord5157
ord2377
ord4401
ord1768
ord4073
ord6051
ord800
ord3614
ord2406
ord3621
ord1165
ord3658
ord6195
ord4667

msvcrt

__p__commode
__p__fmode
__set_app_type
_except_handler3
__wgetmainargs
_adjust_fdiv
_onexit
_wcmdln
exit
_cexit
__setusermatherr
__dllonexit
_initterm
__argc
__wargv
_XcptFilter
_exit
_wcsicmp
malloc
free
wcsrchr
wcstoul
??1type_info@@UAE@XZ
_controlfp
?terminate@@YAXXZ
wcslen
_wcslwr
wcsstr
__CxxFrameHandler
_c_exit

advapi32

GetUserNameW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken

kernel32

DeleteFileW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
GetVersion
GetEnvironmentVariableW
FindFirstFileW
GetLocaleInfoW
GetPrivateProfileStringW
IsValidLocale
FindNextFileW
lstrcmpiW
GetModuleFileNameW
GetVersionExW
GetModuleHandleW
GetProcAddress
GetSystemInfo
CopyFileW
lstrcpyW
lstrcmpW
GetWindowsDirectoryW
CreateMutexW
GetLastError
MoveFileExW
FreeLibrary
LoadLibraryW
UnmapViewOfFile
IsBadReadPtr
GetFileSize
CreateFileW
WriteFile
SetFilePointer
Sleep
ReadFile
lstrcpynW
LockResource
LoadResource
FindResourceExW
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetTempFileNameW
CloseHandle
GetExitCodeProcess
GetCurrentProcess
WaitForSingleObject
lstrcatW
CreateFileMappingW
MapViewOfFile

gdi32

GetObjectW
CreateSolidBrush
GetStockObject
CreateFontIndirectW

user32

CharNextW
MessageBeep
LoadCursorW
SetCursor
InvalidateRect
ExitWindowsEx
GetClassNameW
wsprintfW
GetSystemMetrics
LoadIconW
GetClientRect
IsIconic
GetSystemMenu
PostMessageW
EnableWindow
MessageBoxW
DrawIcon
AppendMenuW
SendMessageW
SetWindowPos

shell32

DragQueryFileW
ShellExecuteExW
ShellExecuteW
DragFinish

shlwapi

PathFileExistsW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

imagehlp

CheckSumMappedFile
MapFileAndCheckSumW

comctl32

CreateStatusWindowW

wintrust

CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseContext
CryptCATAdminAcquireContext
CryptCATAdminCalcHashFromFileHandle
WinVerifyTrust
CryptCATAdminReleaseCatalogContext
CryptCATCatalogInfoFromContext

netapi32

NetUserGetInfo
NetApiBufferFree

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Aero/aero+.theme
Aero/aero.theme

Sharing

General

Malware Config

Signatures

Files

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 120KB - Virtual size: 120KB

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 340KB - Virtual size: 344KB

Headers

DLL Characteristics

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 8B

.data Size: - Virtual size: 808B

.rsrc Size: 1015KB - Virtual size: 1015KB

.reloc Size: 512B - Virtual size: 110B

Headers

DLL Characteristics

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 8B

.data Size: - Virtual size: 808B

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 512B - Virtual size: 110B

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 120KB - Virtual size: 120KB

Headers

DLL Characteristics

File Characteristics

Sections

.rsrc Size: 340KB - Virtual size: 344KB

Headers

DLL Characteristics

File Characteristics

Sections

.rdata Size: 512B - Virtual size: 8B

.data Size: - Virtual size: 808B

.rsrc Size: 1015KB - Virtual size: 1015KB

.reloc Size: 512B - Virtual size: 110B

f631ae8ca1c7afaeec16b2938253cd05

Code Sign

18:23:2a:ce:52:10:a6:b0:4d:86:17:a5:00:40:af:4cCertificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

Key Usages

90:79:83:6f:36:cc:71:14:ac:50:87:4e:aa:5e:24:0e:5b:46:07:efSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mfc42u

msvcrt

advapi32

kernel32

gdi32

user32

shell32

shlwapi

version

imagehlp

comctl32

wintrust

netapi32

Sections

.text Size: 59KB - Virtual size: 59KB

.data Size: 1024B - Virtual size: 3KB

.rsrc
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 340KB - Virtual size: 344KB

.rdata
Size: 512B - Virtual size: 8B

.data
Size: - Virtual size: 808B

.rsrc
Size: 1015KB - Virtual size: 1015KB

.reloc
Size: 512B - Virtual size: 110B

.rdata
Size: 512B - Virtual size: 8B

.data
Size: - Virtual size: 808B

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 512B - Virtual size: 110B

.rsrc
Size: 120KB - Virtual size: 120KB

.rsrc
Size: 340KB - Virtual size: 344KB

.rdata
Size: 512B - Virtual size: 8B

.data
Size: - Virtual size: 808B

.rsrc
Size: 1015KB - Virtual size: 1015KB

.reloc
Size: 512B - Virtual size: 110B

18:23:2a:ce:52:10:a6:b0:4d:86:17:a5:00:40:af:4c
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

90:79:83:6f:36:cc:71:14:ac:50:87:4e:aa:5e:24:0e:5b:46:07:ef
Signer

.text
Size: 59KB - Virtual size: 59KB

.data
Size: 1024B - Virtual size: 3KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 25KB - Virtual size: 25KB

18:23:2a:ce:52:10:a6:b0:4d:86:17:a5:00:40:af:4c
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

63:21:92:f9:d0:34:fb:ef:08:ff:6e:e2:8b:fb:26:de:9b:0e:4f:b4
Signer

.text
Size: 41KB - Virtual size: 41KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 25KB - Virtual size: 25KB