Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Overview
overview
7Static
static
3b2c10de5a8...a3.exe
windows7-x64
7b2c10de5a8...a3.exe
windows10-2004-x64
7$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...fo.dll
windows7-x64
3$PLUGINSDI...fo.dll
windows10-2004-x64
3$SYSDIR/NX...KF.dll
windows7-x64
3$SYSDIR/NX...KF.dll
windows10-2004-x64
3$SYSDIR/NXYUKEY.dll
windows7-x64
3$SYSDIR/NXYUKEY.dll
windows10-2004-x64
3$SYSDIR/NX...HB.dll
windows7-x64
3$SYSDIR/NX...HB.dll
windows10-2004-x64
3$SYSDIR/NX...HB.dll
windows7-x64
3$SYSDIR/NX...HB.dll
windows10-2004-x64
3$WINDIR/sy...64.dll
windows7-x64
1$WINDIR/sy...64.dll
windows10-2004-x64
1$WINDIR/sy...EY.dll
windows7-x64
7$WINDIR/sy...EY.dll
windows10-2004-x64
7$WINDIR/sy...HB.dll
windows7-x64
7$WINDIR/sy...HB.dll
windows10-2004-x64
7$WINDIR/sy...HB.dll
windows7-x64
1$WINDIR/sy...HB.dll
windows10-2004-x64
1NXYCSP_82_HB.dll
windows7-x64
3NXYCSP_82_HB.dll
windows10-2004-x64
3NXYCSP_82_HB0409.dll
windows7-x64
1NXYCSP_82_HB0409.dll
windows10-2004-x64
1NXYCSP_82_HB0804.chm
windows7-x64
1NXYCSP_82_HB0804.chm
windows10-2004-x64
1NXYCSP_82_HB0C04.dll
windows7-x64
1NXYCSP_82_HB0C04.dll
windows10-2004-x64
1NXYCSP_82_HB64.dll
windows7-x64
1NXYCSP_82_HB64.dll
windows10-2004-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
b2c10de5a8d8ce2f4ec23f8a52a61cdfb08f33a0e0738891c8b84eb9f2972ca3.exe
Resource
win7-20240708-en
windows7-x64
12 signatures
150 seconds
Behavioral task
behavioral2
Sample
b2c10de5a8d8ce2f4ec23f8a52a61cdfb08f33a0e0738891c8b84eb9f2972ca3.exe
Resource
win10v2004-20241007-en
windows10-2004-x64
11 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/System.dll
Resource
win7-20241023-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win7-20241010-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/UserInfo.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral7
Sample
$SYSDIR/NXYCSP_82_HB_SKF.dll
Resource
win7-20241010-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
$SYSDIR/NXYCSP_82_HB_SKF.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral9
Sample
$SYSDIR/NXYUKEY.dll
Resource
win7-20241010-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral10
Sample
$SYSDIR/NXYUKEY.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral11
Sample
$SYSDIR/NXYUKEY_HB.dll
Resource
win7-20240903-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral12
Sample
$SYSDIR/NXYUKEY_HB.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral13
Sample
$SYSDIR/NXYUSB_82_HB.dll
Resource
win7-20240708-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral14
Sample
$SYSDIR/NXYUSB_82_HB.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral15
Sample
$WINDIR/system32/NXYCSP_82_HB_SKF64.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
$WINDIR/system32/NXYCSP_82_HB_SKF64.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral17
Sample
$WINDIR/system32/NXYUKEY.dll
Resource
win7-20241010-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral18
Sample
$WINDIR/system32/NXYUKEY.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral19
Sample
$WINDIR/system32/NXYUKEY_HB.dll
Resource
win7-20241023-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral20
Sample
$WINDIR/system32/NXYUKEY_HB.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral21
Sample
$WINDIR/system32/NXYUSB_82_HB.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral22
Sample
$WINDIR/system32/NXYUSB_82_HB.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral23
Sample
NXYCSP_82_HB.dll
Resource
win7-20240903-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral24
Sample
NXYCSP_82_HB.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral25
Sample
NXYCSP_82_HB0409.dll
Resource
win7-20240708-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral26
Sample
NXYCSP_82_HB0409.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral27
Sample
NXYCSP_82_HB0804.chm
Resource
win7-20241010-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral28
Sample
NXYCSP_82_HB0804.chm
Resource
win10v2004-20241007-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral29
Sample
NXYCSP_82_HB0C04.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral30
Sample
NXYCSP_82_HB0C04.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral31
Sample
NXYCSP_82_HB64.dll
Resource
win7-20240903-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral32
Sample
NXYCSP_82_HB64.dll
Resource
win10v2004-20241007-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
b2c10de5a8d8ce2f4ec23f8a52a61cdfb08f33a0e0738891c8b84eb9f2972ca3
-
Size
755KB
-
MD5
e6130e00b6c86753b9f94ddb6d4a1eeb
-
SHA1
8a80ca1905f3727bb359a7f7408efd0c72579425
-
SHA256
b2c10de5a8d8ce2f4ec23f8a52a61cdfb08f33a0e0738891c8b84eb9f2972ca3
-
SHA512
61341a02ab0c67d364aafed4878aea2392d4922f1d712e61aabd6cf8627845e178c8655c06dbcfabbb24e77a5e5f8834094bc874f77a4d8b09945d31bc81beb5
-
SSDEEP
12288:nSakcarsQeQzb6bn7V0S2dc864XRYUVkaNumwFrCcplljtqKHfU3lC9LA6+w4oi1:SahceqG3V0c864CFawmwFmklUlCXQ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 10 IoCs
Checks for missing Authenticode signature.
resource b2c10de5a8d8ce2f4ec23f8a52a61cdfb08f33a0e0738891c8b84eb9f2972ca3 unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/UserInfo.dll unpack001/NXYCSP_82_HB.dll unpack001/NXYCSP_82_HB0409.hbl unpack001/NXYCSP_82_HB0C04.hbl unpack001/NXYCSP_82_HB64.dll unpack001/uninst.exe unpack002/$PLUGINSDIR/System.dll unpack002/$PLUGINSDIR/UserInfo.dll
Files
-
b2c10de5a8d8ce2f4ec23f8a52a61cdfb08f33a0e0738891c8b84eb9f2972ca3.exe windows:4 windows x86 arch:x86
14b0fecbed4a918c9c5c5d940cc1045e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetFileInfoW
SHBrowseForFolderW
SHFileOperationW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
DispatchMessageW
wsprintfA
IsWindowVisible
PeekMessageW
wvsprintfW
MessageBoxIndirectW
CharNextA
CharPrevW
GetSystemMetrics
GetDlgItemTextW
SetDlgItemTextW
TrackPopupMenu
CreatePopupMenu
FillRect
CloseClipboard
OpenClipboard
EndPaint
IsDlgButtonChecked
CallWindowProcW
GetMessagePos
LoadCursorW
GetAsyncKeyState
CheckDlgButton
SetWindowPos
SetCursor
GetSysColor
SetClassLongW
GetWindowLongW
IsWindowEnabled
GetWindowRect
GetSystemMenu
EnableMenuItem
RegisterClassW
ScreenToClient
EndDialog
GetClassInfoW
SystemParametersInfoW
CreateWindowExW
ExitWindowsEx
DialogBoxParamW
CharNextW
SetTimer
DestroyWindow
CreateDialogParamW
SetForegroundWindow
SetWindowTextW
PostQuitMessage
SendMessageTimeoutW
ShowWindow
wsprintfW
GetDlgItem
FindWindowExW
IsWindow
GetDC
SetWindowLongW
LoadImageW
InvalidateRect
ReleaseDC
EnableWindow
BeginPaint
SendMessageW
DefWindowProcW
GetClientRect
DrawTextW
SetClipboardData
EmptyClipboard
AppendMenuW
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
MoveFileExW
GetTempFileNameW
lstrcmpiA
WriteFile
CreateProcessW
CreateDirectoryW
RemoveDirectoryW
GlobalLock
GlobalUnlock
CreateThread
WideCharToMultiByte
lstrcpynW
GetDiskFreeSpaceW
SetErrorMode
GetVersionExW
lstrlenW
GetTempPathW
GetWindowsDirectoryW
GetCommandLineW
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetModuleFileNameW
GetFileSize
GetCurrentProcess
GetTickCount
Sleep
CreateFileW
GetFileAttributesW
SetCurrentDirectoryW
SetFileAttributesW
MoveFileW
GetFullPathNameW
GetLastError
SearchPathW
CompareFileTime
GetShortPathNameW
CloseHandle
lstrcmpiW
SetFileTime
ExpandEnvironmentStringsW
GlobalFree
lstrcmpW
GetModuleHandleW
LoadLibraryExW
GlobalAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
FreeLibrary
lstrcpyA
lstrcatW
ReadFile
MultiByteToWideChar
lstrlenA
FindClose
FindNextFileW
SetFilePointer
DeleteFileW
MulDiv
FindFirstFileW
Sections
.text Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
fc0224e99e736751432961db63a41b76
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 662B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/UserInfo.dll.dll windows:4 windows x86 arch:x86
5e62e8e248e7364886b604bd1fcf4c13
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
advapi32
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameW
kernel32
GlobalFree
GetVersion
GlobalAlloc
CloseHandle
GetModuleHandleA
GetLastError
GetCurrentProcess
GetCurrentThread
GetProcAddress
lstrcpynW
Exports
Exports
GetAccountType
GetName
GetOriginalAccountType
Sections
.text Size: 1024B - Virtual size: 714B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 705B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 240B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$SYSDIR/NXYCSP_82_HB_SKF.dll.dll windows:4 windows x86 arch:x86
235a93206ebd8b9be04573fa1af36649
Code Sign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
d7:a7:7b:64:a8:25:fc:c5:9a:e7:4e:e0:03:b7:9f:0d:99:19:0f:f5:9f:7a:1a:da:0b:b6:2b:d5:0a:98:ef:16Signer
Actual PE Digestd7:a7:7b:64:a8:25:fc:c5:9a:e7:4e:e0:03:b7:9f:0d:99:19:0f:f5:9f:7a:1a:da:0b:b6:2b:d5:0a:98:ef:16Digest Algorithmsha256PE Digest Matchestrue40:0f:e7:44:d6:f7:d4:2f:ce:6e:69:a0:5b:d1:48:33:4c:11:8f:8aSigner
Actual PE Digest40:0f:e7:44:d6:f7:d4:2f:ce:6e:69:a0:5b:d1:48:33:4c:11:8f:8aDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetPrivateProfileIntA
Sleep
CreateMutexA
OutputDebugStringA
GetLocalTime
CreateEventA
CreateThread
WaitForMultipleObjects
lstrcpyA
OpenEventA
SetEvent
CloseHandle
GetCurrentProcessId
DeviceIoControl
WriteFile
ReadFile
CreateFileA
lstrlenA
WaitForSingleObject
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetLastError
InterlockedDecrement
InterlockedIncrement
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetProcessHeap
GetModuleFileNameA
HeapFree
DeleteCriticalSection
InitializeCriticalSection
GetCurrentThreadId
LocalFree
ReleaseMutex
SetLastError
user32
BeginPaint
EndPaint
LoadStringA
SetDlgItemTextA
PostMessageA
EndDialog
GetDlgItem
ScreenToClient
LoadBitmapA
GetWindowRect
SetWindowPos
SendMessageA
RegisterDeviceNotificationA
PeekMessageA
MsgWaitForMultipleObjects
CreateDialogParamA
ShowWindow
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyWindow
GetForegroundWindow
GetParent
DialogBoxParamA
wsprintfA
gdi32
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
hid
HidD_SetFeature
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
HidD_GetFeature
setupapi
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
msvcrt
fclose
fopen
memcpy
rand
strlen
strtoul
strchr
strrchr
__CxxFrameHandler
_EH_prolog
??3@YAXPAX@Z
??2@YAPAXI@Z
_purecall
strcpy
memset
memcmp
free
malloc
sprintf
strcat
strcmp
fflush
fprintf
vsprintf
strstr
strtol
strncmp
strncpy
abs
srand
time
vfprintf
_access
_lrotl
_lrotr
clock
gmtime
isxdigit
_initterm
_adjust_fdiv
__dllonexit
_onexit
_strupr
_stricmp
msimg32
TransparentBlt
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityInfo
Exports
Exports
SKF_CancelWaitForDevEvent
SKF_ChangeDevAuthKey
SKF_ChangePIN
SKF_ClearSecureState
SKF_CloseApplication
SKF_CloseContainer
SKF_CloseHandle
SKF_ConnectDev
SKF_CreateApplication
SKF_CreateContainer
SKF_CreateFile
SKF_Decrypt
SKF_DecryptFinal
SKF_DecryptInit
SKF_DecryptUpdate
SKF_DeleteApplication
SKF_DeleteContainer
SKF_DeleteFile
SKF_DevAuth
SKF_Digest
SKF_DigestFinal
SKF_DigestInit
SKF_DigestUpdate
SKF_DisConnectDev
SKF_ECCExportSessionKey
SKF_ECCSignData
SKF_ECCVerify
SKF_Encrypt
SKF_EncryptFinal
SKF_EncryptInit
SKF_EncryptUpdate
SKF_EnumApplication
SKF_EnumContainer
SKF_EnumDev
SKF_EnumFiles
SKF_ExportCertificate
SKF_ExportPublicKey
SKF_ExtECCDecrypt
SKF_ExtECCEncrypt
SKF_ExtECCSign
SKF_ExtECCVerify
SKF_ExtRSAPriKeyOperation
SKF_ExtRSAPubKeyOperation
SKF_GenECCKeyPair
SKF_GenExtRSAKey
SKF_GenRSAKeyPair
SKF_GenRandom
SKF_GenerateAgreementDataAndKeyWithECC
SKF_GenerateAgreementDataWithECC
SKF_GenerateKeyWithECC
SKF_GetContainerType
SKF_GetDevInfo
SKF_GetDevState
SKF_GetFileInfo
SKF_GetPINInfo
SKF_ImportCertificate
SKF_ImportECCKeyPair
SKF_ImportRSAKeyPair
SKF_ImportSessionKey
SKF_LockDev
SKF_Mac
SKF_MacFinal
SKF_MacInit
SKF_MacUpdate
SKF_OpenApplication
SKF_OpenContainer
SKF_RSAExportSessionKey
SKF_RSASignData
SKF_RSAVerify
SKF_ReadFile
SKF_SetLabel
SKF_SetSymmKey
SKF_Transmit
SKF_UnblockPIN
SKF_UnlockDev
SKF_VerifyPIN
SKF_WaitForDevEvent
SKF_WriteFile
Sections
.text Size: 188KB - Virtual size: 184KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 57KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 28KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 300KB - Virtual size: 298KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 12KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$SYSDIR/NXYUKEY.dll.dll regsvr32 windows:4 windows x86 arch:x86
b6928cd6907b627d7e91055dc2e8e3b2
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
2a:12:20:61:80:c3:1d:fc:20:e4:15:57:9e:8f:40:18Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before05-06-2012 00:00Not After04-08-2014 23:59SubjectCN=GANSU PROVINCE RURAL CREDIT UNION CO LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT dept.,O=GANSU PROVINCE RURAL CREDIT UNION CO LTD,L=LANZHOU,ST=GANSU,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
aa:04:9d:a3:fe:b4:64:0b:d7:b3:1c:cd:e3:9c:2d:2a:12:7b:8e:39Signer
Actual PE Digestaa:04:9d:a3:fe:b4:64:0b:d7:b3:1c:cd:e3:9c:2d:2a:12:7b:8e:39Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mfc42
ord1200
ord1176
ord1575
ord1168
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord540
ord800
ord6467
ord1131
ord2725
ord3953
ord561
ord3738
ord4424
ord4622
ord1116
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord815
ord4274
ord823
ord825
msvcrt
??1type_info@@UAE@XZ
_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
free
__CxxFrameHandler
malloc
_except_handler3
realloc
memcpy
memset
memcmp
_purecall
sscanf
strcat
strchr
kernel32
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
WideCharToMultiByte
GetModuleFileNameA
InitializeCriticalSection
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
LocalFree
LocalAlloc
HeapDestroy
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrcpyA
lstrcatA
GetProcAddress
LoadLibraryA
InterlockedDecrement
GetModuleHandleA
InterlockedIncrement
user32
MessageBoxA
CharNextA
advapi32
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
ole32
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
oleaut32
SysFreeString
VarUI4FromStr
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysAllocStringLen
SysAllocString
setupapi
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 16KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$SYSDIR/NXYUKEY_HB.dll.dll regsvr32 windows:4 windows x86 arch:x86
c9bf3193a68a486ed5b8ea24d4fd680c
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before25-04-2007 00:00Not After09-07-2019 18:40SubjectCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before09-07-1999 18:31Not After09-07-2019 18:40SubjectCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
8b:93:63:59:6c:46:4e:c7:b5:8e:8b:44:b6:a0:b3:aeCertificate
IssuerCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USNot Before25-06-2010 00:00Not After24-06-2013 23:59SubjectCN=HENGBAO CO.\, LTD.,OU=Class 3 - for Microsoft Authenticode Signing,O=恒宝股份有限公司,L=DANYANG,ST=JIANGSU,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
Key Usages
KeyUsageDigitalSignature
55:e7:a4:f2:83:0f:71:f9:18:ac:ae:dd:5d:49:83:d1:af:4b:16:82Signer
Actual PE Digest55:e7:a4:f2:83:0f:71:f9:18:ac:ae:dd:5d:49:83:d1:af:4b:16:82Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
mfc42
ord5731
ord3922
ord1089
ord5199
ord2396
ord1131
ord2725
ord3953
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord2976
ord3081
ord2985
ord3262
ord3136
ord4465
ord3259
ord3147
ord2982
ord5714
ord5289
ord5307
ord4698
ord4079
ord5302
ord825
ord5300
ord1116
ord1176
ord1575
ord1577
ord1182
ord342
ord1243
ord2512
ord2554
ord4486
ord6375
ord815
ord4274
ord6467
ord1168
ord823
ord3346
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
msvcrt
strtol
strncmp
_access
abs
rand
memcmp
__dllonexit
_onexit
sprintf
memset
strlen
__CxxFrameHandler
memcpy
strcpy
strstr
strtoul
strchr
strrchr
_purecall
free
fclose
vfprintf
fprintf
fopen
strcat
_strupr
isxdigit
_CxxThrowException
malloc
realloc
time
srand
??1type_info@@UAE@XZ
_adjust_fdiv
_except_handler3
?terminate@@YAXXZ
_initterm
kernel32
LocalAlloc
LocalFree
Sleep
CreateThread
CloseHandle
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
HeapDestroy
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleHandleA
GetShortPathNameA
MultiByteToWideChar
lstrlenW
InterlockedDecrement
EnterCriticalSection
InterlockedIncrement
LeaveCriticalSection
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetVersion
DeviceIoControl
WriteFile
ReadFile
CreateFileA
WaitForSingleObject
GetCurrentThreadId
DeleteCriticalSection
GetCurrentProcessId
WideCharToMultiByte
ReleaseMutex
SetLastError
CreateMutexA
lstrlenA
GetModuleFileNameA
InitializeCriticalSection
user32
EndDialog
PostMessageA
SetDlgItemTextA
DialogBoxParamA
MessageBoxA
GetParent
GetForegroundWindow
CharNextA
SetWindowPos
GetWindowRect
LoadStringA
advapi32
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA
SetSecurityInfo
GetSecurityDescriptorSacl
ole32
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
oleaut32
VariantClear
VarUI4FromStr
SysFreeString
SysAllocString
SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
hid
HidP_GetCaps
HidD_GetFeature
HidD_SetFeature
HidD_GetPreparsedData
HidD_GetAttributes
setupapi
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 40KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$SYSDIR/NXYUSB_82_HB.dll.dll windows:4 windows x86 arch:x86
e87180243b77a3fcd7283dd3e10b00fd
Code Sign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
94:b6:2e:4a:e8:f3:86:ec:76:6e:cf:92:25:7f:ea:fd:c9:b3:69:2a:a8:43:fb:c4:a1:80:59:86:1b:6c:b5:83Signer
Actual PE Digest94:b6:2e:4a:e8:f3:86:ec:76:6e:cf:92:25:7f:ea:fd:c9:b3:69:2a:a8:43:fb:c4:a1:80:59:86:1b:6c:b5:83Digest Algorithmsha256PE Digest Matchestruece:d9:69:d3:d8:78:b3:83:52:1c:74:73:69:d0:0c:3c:5b:02:02:6fSigner
Actual PE Digestce:d9:69:d3:d8:78:b3:83:52:1c:74:73:69:d0:0c:3c:5b:02:02:6fDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
CreateFileA
ReadFile
WaitForSingleObject
OpenFileMappingA
WriteFile
DeviceIoControl
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
LocalFree
CreateThread
CloseHandle
GetModuleFileNameA
lstrlenA
lstrcatA
GetLocalTime
GetCurrentThreadId
GetCurrentProcessId
ReleaseMutex
SetLastError
CreateMutexA
GetLastError
Sleep
user32
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
BeginPaint
EndPaint
GetDlgItem
LoadBitmapA
GetWindowRect
SetWindowPos
GetForegroundWindow
GetParent
MessageBoxA
DialogBoxParamA
LoadStringA
SetDlgItemTextA
PostMessageA
EndDialog
ScreenToClient
gdi32
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
msimg32
TransparentBlt
msvcrt
vfprintf
fprintf
fopen
_access
isxdigit
_strupr
free
_initterm
strstr
fclose
__dllonexit
_onexit
memcmp
strcat
strrchr
strchr
strtoul
_EH_prolog
_adjust_fdiv
strtol
sprintf
memset
__CxxFrameHandler
strcpy
memcpy
strlen
??2@YAPAXI@Z
??3@YAXPAX@Z
gmtime
malloc
clock
_purecall
time
strncmp
abs
rand
srand
hid
HidD_SetFeature
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetFeature
HidD_GetAttributes
setupapi
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
advapi32
SetSecurityInfo
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
Exports
Exports
GetSN
InitUsbKey
Sections
.text Size: 32KB - Virtual size: 30KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 404KB - Virtual size: 400KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$WINDIR/system32/NXYCSP_82_HB_SKF64.dll.dll windows:4 windows x64 arch:x64
4929ab722ce7a5b5a41ef86734796690
Code Sign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
c7:05:4f:4f:84:4a:a6:0a:a2:b2:09:7d:17:a6:78:2f:5a:39:97:04:a4:f5:9b:a3:2b:15:c7:25:82:47:66:74Signer
Actual PE Digestc7:05:4f:4f:84:4a:a6:0a:a2:b2:09:7d:17:a6:78:2f:5a:39:97:04:a4:f5:9b:a3:2b:15:c7:25:82:47:66:74Digest Algorithmsha256PE Digest Matchestrueda:ad:ab:1f:3f:48:df:1f:91:0b:89:2b:05:2f:ba:0d:41:04:92:f3Signer
Actual PE Digestda:ad:ab:1f:3f:48:df:1f:91:0b:89:2b:05:2f:ba:0d:41:04:92:f3Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
GetLastError
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetProcessHeap
HeapFree
DeleteCriticalSection
InitializeCriticalSection
RtlCaptureContext
RtlLookupFunctionEntry
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
DeviceIoControl
WriteFile
GetPrivateProfileIntA
GetCurrentThreadId
OutputDebugStringA
GetLocalTime
WaitForMultipleObjects
CreateEventA
CreateThread
lstrcpyA
OpenEventA
SetEvent
RtlVirtualUnwind
CloseHandle
ReadFile
CreateFileA
lstrlenA
WaitForSingleObject
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
LocalFree
ReleaseMutex
SetLastError
CreateMutexA
GetModuleFileNameA
user32
MsgWaitForMultipleObjects
PeekMessageA
TranslateAcceleratorA
ShowWindow
CreateDialogParamA
SendMessageA
wsprintfA
SetWindowPos
TranslateMessage
LoadBitmapA
ScreenToClient
GetDlgItem
EndDialog
PostMessageA
SetDlgItemTextA
LoadStringA
EndPaint
BeginPaint
DispatchMessageA
GetMessageA
DestroyWindow
GetForegroundWindow
RegisterDeviceNotificationA
GetParent
GetWindowRect
DialogBoxParamA
gdi32
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
hid
HidD_GetFeature
HidD_SetFeature
HidP_GetCaps
HidD_GetAttributes
HidD_GetPreparsedData
setupapi
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
msvcrt
_onexit
__dllonexit
_initterm
memcpy
fopen
fclose
isxdigit
gmtime
clock
_lrotr
_lrotl
_access
vfprintf
time
srand
abs
__CxxFrameHandler
strncpy
strncmp
strtol
strstr
vsprintf
fprintf
fflush
strcmp
strcat
sprintf
malloc
free
memcmp
strcpy
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
rand
strrchr
strchr
strtoul
memset
strlen
_purecall
_strupr
_stricmp
msimg32
TransparentBlt
advapi32
SetSecurityInfo
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextA
Exports
Exports
SKF_CancelWaitForDevEvent
SKF_ChangeDevAuthKey
SKF_ChangePIN
SKF_ClearSecureState
SKF_CloseApplication
SKF_CloseContainer
SKF_CloseHandle
SKF_ConnectDev
SKF_CreateApplication
SKF_CreateContainer
SKF_CreateFile
SKF_Decrypt
SKF_DecryptFinal
SKF_DecryptInit
SKF_DecryptUpdate
SKF_DeleteApplication
SKF_DeleteContainer
SKF_DeleteFile
SKF_DevAuth
SKF_Digest
SKF_DigestFinal
SKF_DigestInit
SKF_DigestUpdate
SKF_DisConnectDev
SKF_ECCExportSessionKey
SKF_ECCSignData
SKF_ECCVerify
SKF_Encrypt
SKF_EncryptFinal
SKF_EncryptInit
SKF_EncryptUpdate
SKF_EnumApplication
SKF_EnumContainer
SKF_EnumDev
SKF_EnumFiles
SKF_ExportCertificate
SKF_ExportPublicKey
SKF_ExtECCDecrypt
SKF_ExtECCEncrypt
SKF_ExtECCSign
SKF_ExtECCVerify
SKF_ExtRSAPriKeyOperation
SKF_ExtRSAPubKeyOperation
SKF_GenECCKeyPair
SKF_GenExtRSAKey
SKF_GenRSAKeyPair
SKF_GenRandom
SKF_GenerateAgreementDataAndKeyWithECC
SKF_GenerateAgreementDataWithECC
SKF_GenerateKeyWithECC
SKF_GetContainerType
SKF_GetDevInfo
SKF_GetDevState
SKF_GetFileInfo
SKF_GetPINInfo
SKF_ImportCertificate
SKF_ImportECCKeyPair
SKF_ImportRSAKeyPair
SKF_ImportSessionKey
SKF_LockDev
SKF_Mac
SKF_MacFinal
SKF_MacInit
SKF_MacUpdate
SKF_OpenApplication
SKF_OpenContainer
SKF_RSAExportSessionKey
SKF_RSASignData
SKF_RSAVerify
SKF_ReadFile
SKF_SetLabel
SKF_SetSymmKey
SKF_Transmit
SKF_UnblockPIN
SKF_UnlockDev
SKF_VerifyPIN
SKF_WaitForDevEvent
SKF_WriteFile
Sections
.text Size: 183KB - Virtual size: 182KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 81KB - Virtual size: 81KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 298KB - Virtual size: 298KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$WINDIR/system32/NXYUKEY.dll.dll regsvr32 windows:5 windows x64 arch:x64
c0a3cc227a348a4297d91991819a0514
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
2a:12:20:61:80:c3:1d:fc:20:e4:15:57:9e:8f:40:18Certificate
IssuerCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USNot Before05-06-2012 00:00Not After04-08-2014 23:59SubjectCN=GANSU PROVINCE RURAL CREDIT UNION CO LTD,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=IT dept.,O=GANSU PROVINCE RURAL CREDIT UNION CO LTD,L=LANZHOU,ST=GANSU,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before08-02-2010 00:00Not After07-02-2020 23:59SubjectCN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
52:6e:19:10:fe:e0:7c:0c:a3:d8:5e:de:04:c7:cd:24:55:4a:65:2aSigner
Actual PE Digest52:6e:19:10:fe:e0:7c:0c:a3:d8:5e:de:04:c7:cd:24:55:4a:65:2aDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
TlsGetValue
TlsAlloc
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetVersionExA
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
LocalAlloc
CreateFileA
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
RtlUnwindEx
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlLookupFunctionEntry
FlsSetValue
GetCommandLineA
Sleep
ExitProcess
RtlPcToFileHeader
HeapReAlloc
HeapSize
HeapQueryInformation
GetACP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetStdHandle
HeapSetInformation
HeapCreate
HeapDestroy
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetModuleFileNameW
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
GetCurrentProcessId
SetLastError
GlobalAddAtomA
CloseHandle
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
CompareStringA
GlobalLock
lstrcmpA
GlobalAlloc
LockResource
WritePrivateProfileStringA
LoadLibraryA
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
FreeLibrary
IsDBCSLeadByte
GetModuleHandleW
GetProcAddress
GetModuleFileNameA
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
user32
ShowWindow
GetSysColorBrush
LoadCursorA
DestroyMenu
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrA
SetWindowLongPtrA
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetDlgCtrlID
GetWindowRect
GetClassNameA
PtInRect
GetWindowTextA
SetWindowTextA
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
UnregisterClassA
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
CharNextA
CharNextW
MessageBoxA
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetClassLongPtrA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
PostQuitMessage
GetFocus
GetParent
SendMessageA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
PostMessageA
advapi32
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegQueryValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
ole32
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
oleaut32
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
LoadRegTypeLi
VarUI4FromStr
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
shlwapi
PathFindFileNameA
PathFindExtensionA
setupapi
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
oleacc
LresultFromObject
CreateStdAccessibleObject
gdi32
GetDeviceCaps
SaveDC
DeleteDC
ScaleViewportExtEx
RestoreDC
SetBkColor
SetTextColor
SetMapMode
GetClipBox
DeleteObject
GetStockObject
ScaleWindowExtEx
SetWindowExtEx
CreateBitmap
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
winspool.drv
DocumentPropertiesA
OpenPrinterA
ClosePrinter
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 181KB - Virtual size: 180KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 59KB - Virtual size: 59KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 10KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$WINDIR/system32/NXYUKEY_HB.dll.dll regsvr32 windows:4 windows x64 arch:x64
55ec7d408f361623cfd3ae918a8a340d
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21-12-2012 00:00Not After30-12-2020 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
42:ce:8a:30:d3:56:02:f8:41:18:6c:6e:20:53:19:04Certificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before25-04-2007 00:00Not After09-07-2019 18:40SubjectCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
ExtKeyUsageClientAuth
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
44:be:0c:8b:50:00:24:b4:11:d3:36:2d:e0:b3:5f:1bCertificate
IssuerCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USNot Before09-07-1999 18:31Not After09-07-2019 18:40SubjectCN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=USExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18-10-2012 00:00Not After29-12-2020 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
8b:93:63:59:6c:46:4e:c7:b5:8e:8b:44:b6:a0:b3:aeCertificate
IssuerCN=WoSign Code Signing Authority,O=WoSign\, Inc.,C=USNot Before25-06-2010 00:00Not After24-06-2013 23:59SubjectCN=HENGBAO CO.\, LTD.,OU=Class 3 - for Microsoft Authenticode Signing,O=恒宝股份有限公司,L=DANYANG,ST=JIANGSU,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning
Key Usages
KeyUsageDigitalSignature
e0:b9:a2:49:5b:61:d5:ce:3c:7f:e5:f9:a0:25:02:ab:54:8d:c5:32Signer
Actual PE Digeste0:b9:a2:49:5b:61:d5:ce:3c:7f:e5:f9:a0:25:02:ab:54:8d:c5:32Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpyA
FreeLibrary
GetProcAddress
LoadLibraryA
SizeofResource
LoadResource
FindResourceA
LoadLibraryExA
CloseHandle
CreateThread
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
lstrcpynA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
lstrcatA
HeapDestroy
EnterCriticalSection
LeaveCriticalSection
lstrcmpiA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetVersion
DeviceIoControl
WriteFile
ReadFile
IsDBCSLeadByte
DeleteCriticalSection
InitializeCriticalSection
GetLastError
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
__C_specific_handler
VirtualQuery
GetSystemInfo
CreateFileA
VirtualAlloc
VirtualProtect
GetModuleFileNameA
GetVersionExA
lstrlenA
TerminateProcess
LocalAlloc
WaitForSingleObject
CreateMutexA
SetLastError
ReleaseMutex
LocalFree
user32
GetWindowRect
CharPrevA
SetWindowPos
CharNextA
GetForegroundWindow
PostMessageA
GetParent
MessageBoxA
DialogBoxParamA
LoadStringA
SetDlgItemTextA
EndDialog
advapi32
RegOpenKeyExA
GetSecurityDescriptorSacl
SetSecurityInfo
RegEnumKeyExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegDeleteKeyA
ole32
CoTaskMemRealloc
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
oleaut32
SysStringLen
LoadRegTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
SysAllocString
RegisterTypeLi
VariantClear
mfc42
ord6891
ord6890
ord287
ord4608
ord6819
ord4845
ord2571
ord2527
ord6078
ord4201
ord1392
ord5624
ord2426
ord3477
ord5729
ord5731
ord4378
ord5074
ord5737
ord5718
ord6060
ord3058
ord3252
ord3371
ord4824
ord3240
ord3375
ord3061
ord3175
ord3055
ord4092
ord4093
ord4087
ord3173
ord4381
ord4992
ord4779
ord3926
ord659
ord1063
ord1433
ord4224
ord2764
ord355
ord1498
ord1588
ord1562
ord1564
ord1597
ord1479
ord1551
ord812
ord1484
ord1596
ord1594
ord1421
ord288
ord1082
ord1469
msvcrt
sprintf
memset
__CxxFrameHandler
fclose
vfprintf
fprintf
fopen
strcat
strtol
isxdigit
_CxxThrowException
memcpy
strcpy
srand
rand
abs
_access
strlen
strtoul
strchr
strrchr
strstr
strncmp
memcmp
malloc
free
realloc
_purecall
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_initterm
_onexit
__dllonexit
_strupr
time
hid
HidD_GetPreparsedData
HidD_SetFeature
HidD_GetFeature
HidP_GetCaps
HidD_GetAttributes
setupapi
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
Exports
Exports
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 54KB - Virtual size: 54KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 674B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$WINDIR/system32/NXYUSB_82_HB.dll.dll windows:4 windows x64 arch:x64
ea3a631aa75dcd2e0db3c22b3552b012
Code Sign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
97:e3:a0:4a:13:08:53:c6:d0:98:ff:ec:00:ca:fd:38:be:57:32:c9:56:54:06:cd:76:e6:0c:7f:af:7d:b5:b2Signer
Actual PE Digest97:e3:a0:4a:13:08:53:c6:d0:98:ff:ec:00:ca:fd:38:be:57:32:c9:56:54:06:cd:76:e6:0c:7f:af:7d:b5:b2Digest Algorithmsha256PE Digest Matchestruec2:10:9a:f0:c7:b1:2d:20:d1:f0:83:fb:25:22:8d:c7:76:a1:5b:92Signer
Actual PE Digestc2:10:9a:f0:c7:b1:2d:20:d1:f0:83:fb:25:22:8d:c7:76:a1:5b:92Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
CreateFileA
ReadFile
WaitForSingleObject
OpenFileMappingA
WriteFile
DeviceIoControl
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
LocalFree
CreateThread
CloseHandle
lstrlenA
GetModuleFileNameA
lstrcatA
GetLocalTime
ReleaseMutex
SetLastError
CreateMutexA
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
Sleep
user32
EndDialog
SetDlgItemTextA
LoadStringA
DialogBoxParamA
MessageBoxA
GetParent
GetForegroundWindow
SetWindowPos
GetWindowRect
LoadBitmapA
ScreenToClient
GetDlgItem
EndPaint
BeginPaint
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects
PostMessageA
gdi32
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectA
DeleteDC
msvcrt
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
strrchr
strchr
malloc
_onexit
memcpy
_strupr
strncmp
abs
rand
srand
time
_purecall
clock
gmtime
strtoul
__CxxFrameHandler
memset
sprintf
strlen
strcpy
strcat
memcmp
strstr
strtol
fclose
vfprintf
fprintf
fopen
_access
isxdigit
_initterm
__dllonexit
free
msimg32
TransparentBlt
hid
HidD_SetFeature
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetFeature
HidD_GetAttributes
setupapi
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
advapi32
SetSecurityInfo
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
Exports
Exports
GetSN
InitUsbKey
Sections
.text Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 400KB - Virtual size: 400KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 384B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
IcoPic/82.ico
-
NXYCSP_82_HB.dll.dll regsvr32 windows:4 windows x86 arch:x86
cc4782f7b7ae146925e3fe3c0cfc8b8e
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
FindResourceA
GetLastError
GetModuleFileNameA
GetVersionExA
LoadLibraryA
FreeLibrary
CreateFileA
GetFileSize
ReadFile
CloseHandle
GetProcAddress
user32
GetActiveWindow
MessageBoxA
advapi32
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
msvcrt
free
_mbsrchr
sprintf
strstr
_initterm
malloc
_adjust_fdiv
Exports
Exports
CPAcquireContext
CPCreateHash
CPDecrypt
CPDeriveKey
CPDestroyHash
CPDestroyKey
CPDuplicateHash
CPDuplicateKey
CPEncrypt
CPExportKey
CPGenKey
CPGenRandom
CPGetHashParam
CPGetKeyParam
CPGetProvParam
CPGetUserKey
CPHashData
CPHashSessionKey
CPImportKey
CPReleaseContext
CPSetHashParam
CPSetKeyParam
CPSetProvParam
CPSignHash
CPVerifySignature
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 8KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 828B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 872B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 564B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
NXYCSP_82_HB.sig
-
NXYCSP_82_HB0409.hbl.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
NXYCSP_82_HB0804.chm.chm
-
NXYCSP_82_HB0C04.hbl.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
NXYCSP_82_HB64.dll.dll regsvr32 windows:4 windows x64 arch:x64
e64fb623b3aec3c87c955c4d99f5da21
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
FindResourceA
GetLastError
GetModuleFileNameA
FreeLibrary
GetVersionExA
LoadLibraryA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
CreateFileA
GetFileSize
ReadFile
GetProcAddress
CloseHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
user32
MessageBoxA
GetActiveWindow
advapi32
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey
RegSetValueExA
msvcrt
free
_initterm
sprintf
strstr
strlen
memset
strcpy
_mbsrchr
malloc
strcat
memcpy
Exports
Exports
CPAcquireContext
CPCreateHash
CPDecrypt
CPDeriveKey
CPDestroyHash
CPDestroyKey
CPDuplicateHash
CPDuplicateKey
CPEncrypt
CPExportKey
CPGenKey
CPGenRandom
CPGetHashParam
CPGetKeyParam
CPGetProvParam
CPGetUserKey
CPHashData
CPHashSessionKey
CPImportKey
CPReleaseContext
CPSetHashParam
CPSetKeyParam
CPSetProvParam
CPSignHash
CPVerifySignature
DllRegisterServer
DllUnregisterServer
Sections
.text Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 324B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 904B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 72B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
NXYCSP_82_HB64.sig
-
NXYCSP_82_HB64C.dll.dll windows:4 windows x64 arch:x64
9ce00047e50cde211f75f4290d9b73b8
Code Sign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
81:d0:62:a3:db:77:81:36:a1:7f:ac:87:7e:85:a6:29:db:02:5c:75:b1:11:a6:57:1c:53:28:9b:ff:3e:61:75Signer
Actual PE Digest81:d0:62:a3:db:77:81:36:a1:7f:ac:87:7e:85:a6:29:db:02:5c:75:b1:11:a6:57:1c:53:28:9b:ff:3e:61:75Digest Algorithmsha256PE Digest Matchestrue3d:63:38:b2:d4:15:0f:d6:52:5d:8a:a3:05:b1:86:42:bb:e1:36:6bSigner
Actual PE Digest3d:63:38:b2:d4:15:0f:d6:52:5d:8a:a3:05:b1:86:42:bb:e1:36:6bDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
crypt32
CertOpenStore
CertCreateCertificateContext
CertCloseStore
CertGetNameStringA
kernel32
FreeLibrary
lstrlenA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DeleteCriticalSection
HeapFree
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
SetLastError
WideCharToMultiByte
GlobalAlloc
GlobalFree
GetLocalTime
GetModuleFileNameA
DeviceIoControl
WriteFile
ReadFile
CreateFileA
WaitForSingleObject
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateMutexA
OpenEventA
SetEvent
CloseHandle
lstrcmpA
HeapAlloc
GetPrivateProfileStringA
lstrcpynA
GetLastError
lstrlenW
LocalFree
LocalAlloc
FileTimeToSystemTime
MultiByteToWideChar
GetCurrentThreadId
Sleep
CreateThread
InitializeCriticalSection
user32
SetFocus
GetWindowTextA
MessageBoxA
ShowWindow
SetWindowLongPtrA
GetWindowLongPtrA
InvalidateRect
GetDC
ValidateRect
ScreenToClient
GetDlgItem
GetWindowRect
LoadBitmapA
SetWindowPos
DialogBoxParamA
SendMessageA
CallNextHookEx
DefFrameProcA
DefMDIChildProcA
GetFocus
CreateDialogIndirectParamA
FillRect
MsgWaitForMultipleObjects
PeekMessageA
DispatchMessageA
GetKeyState
GetAsyncKeyState
UnhookWindowsHookEx
SetWindowsHookExA
EndDialog
SetDlgItemTextA
LoadStringA
PostMessageA
EndPaint
BeginPaint
GetDesktopWindow
GetDlgCtrlID
DefWindowProcA
GetActiveWindow
DestroyWindow
CreateDialogParamA
DefDlgProcA
FrameRect
InflateRect
ReleaseDC
LoadIconA
DrawIcon
CallWindowProcA
GetClientRect
MoveWindow
GetDlgItemTextA
SendDlgItemMessageA
GetForegroundWindow
GetParent
GetSysColor
gdi32
SetTextColor
SetBkColor
CreateSolidBrush
GetStockObject
GetObjectA
CreateCompatibleDC
SelectObject
DeleteObject
DeleteDC
ole32
StringFromGUID2
CoCreateGuid
msvcrt
__dllonexit
_initterm
atoi
strtoul
__CxxFrameHandler
strcat
sprintf
??2@YAPEAX_K@Z
strstr
strcmp
memcmp
strcpy
??3@YAXPEAX@Z
memmove
strlen
malloc
realloc
free
memset
memcpy
clock
gmtime
isdigit
_onexit
_strupr
strtol
strncmp
abs
rand
srand
time
_purecall
fclose
vfprintf
fprintf
fopen
_access
isxdigit
isalpha
msimg32
TransparentBlt
setupapi
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
hid
HidD_GetAttributes
HidD_SetFeature
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetFeature
advapi32
CryptGenRandom
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
CryptAcquireContextA
SetSecurityInfo
CryptReleaseContext
Exports
Exports
CPAcquireContext
CPCreateHash
CPDecrypt
CPDeriveKey
CPDestroyHash
CPDestroyKey
CPDuplicateHash
CPDuplicateKey
CPEncrypt
CPExportKey
CPGenKey
CPGenRandom
CPGetHashParam
CPGetKeyParam
CPGetProvParam
CPGetUserKey
CPHashData
CPHashSessionKey
CPImportKey
CPReleaseContext
CPSetHashParam
CPSetKeyParam
CPSetProvParam
CPSignHash
CPVerifySignature
GetCspName
Sections
.text Size: 167KB - Virtual size: 166KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 63KB - Virtual size: 63KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 405KB - Virtual size: 405KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 684B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
NXYCSP_82_HBc.dll.dll windows:4 windows x86 arch:x86
89db392aeff7cc5cbc539aa98161fb58
Code Sign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
38:3f:c5:b9:be:32:ad:3e:62:b4:2f:59:75:c7:e6:a4:5e:7a:70:ab:5f:8c:0d:8d:b0:8e:04:f7:73:53:00:3aSigner
Actual PE Digest38:3f:c5:b9:be:32:ad:3e:62:b4:2f:59:75:c7:e6:a4:5e:7a:70:ab:5f:8c:0d:8d:b0:8e:04:f7:73:53:00:3aDigest Algorithmsha256PE Digest Matchestrued1:48:00:db:44:5b:60:35:a2:95:e0:c1:c1:d8:4f:47:d2:b3:83:9cSigner
Actual PE Digestd1:48:00:db:44:5b:60:35:a2:95:e0:c1:c1:d8:4f:47:d2:b3:83:9cDigest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrlenA
lstrcmpA
GetPrivateProfileStringA
CreateThread
Sleep
GetCurrentThreadId
MultiByteToWideChar
FileTimeToSystemTime
LocalAlloc
LocalFree
GlobalFree
GetLocalTime
GetCurrentProcessId
DeviceIoControl
WriteFile
ReadFile
CreateFileA
WaitForSingleObject
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateMutexA
FreeLibrary
LoadLibraryA
OpenEventA
SetEvent
GetModuleFileNameA
CloseHandle
lstrlenW
InitializeCriticalSection
lstrcpynA
GetLastError
WideCharToMultiByte
SetLastError
InterlockedDecrement
InterlockedIncrement
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetProcessHeap
HeapFree
DeleteCriticalSection
GlobalAlloc
user32
GetDC
InvalidateRect
FrameRect
InflateRect
ReleaseDC
LoadIconA
DrawIcon
CallWindowProcA
GetClientRect
MoveWindow
GetForegroundWindow
GetParent
GetDesktopWindow
BeginPaint
EndPaint
PostMessageA
LoadStringA
GetWindowLongA
EndDialog
SetWindowsHookExA
UnhookWindowsHookEx
GetAsyncKeyState
DispatchMessageA
PeekMessageA
MsgWaitForMultipleObjects
FillRect
CreateDialogIndirectParamA
DefDlgProcA
DefMDIChildProcA
DefFrameProcA
GetKeyState
CallNextHookEx
SendMessageA
DialogBoxParamA
SetWindowPos
LoadBitmapA
GetWindowRect
GetDlgItem
ScreenToClient
SetDlgItemTextA
ShowWindow
SendDlgItemMessageA
MessageBoxA
DefWindowProcA
GetWindowTextA
SetFocus
GetFocus
SetWindowLongA
GetSysColor
GetDlgCtrlID
GetDlgItemTextA
GetActiveWindow
CreateDialogParamA
DestroyWindow
ValidateRect
gdi32
DeleteDC
SetTextColor
SetBkColor
CreateSolidBrush
GetStockObject
GetObjectA
CreateCompatibleDC
SelectObject
DeleteObject
ole32
StringFromGUID2
CoCreateGuid
crypt32
CertGetNameStringA
CertCloseStore
CertCreateCertificateContext
CertOpenStore
msvcrt
isxdigit
_access
fopen
fprintf
vfprintf
fclose
_purecall
time
isdigit
gmtime
clock
srand
rand
abs
strncmp
strtol
memcpy
memset
free
realloc
??3@YAXPAX@Z
strlen
memmove
memcmp
strcpy
strcmp
strstr
??2@YAPAXI@Z
sprintf
strcat
__CxxFrameHandler
_EH_prolog
strtoul
atoi
_initterm
_adjust_fdiv
__dllonexit
_onexit
malloc
isalpha
_strupr
msimg32
TransparentBlt
setupapi
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
hid
HidD_GetAttributes
HidD_SetFeature
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetFeature
advapi32
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityInfo
Exports
Exports
CPAcquireContext
CPCreateHash
CPDecrypt
CPDeriveKey
CPDestroyHash
CPDestroyKey
CPDuplicateHash
CPDuplicateKey
CPEncrypt
CPExportKey
CPGenKey
CPGenRandom
CPGetHashParam
CPGetKeyParam
CPGetProvParam
CPGetUserKey
CPHashData
CPHashSessionKey
CPImportKey
CPReleaseContext
CPSetHashParam
CPSetKeyParam
CPSetProvParam
CPSignHash
CPVerifySignature
GetCspName
Sections
.text Size: 144KB - Virtual size: 141KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 44KB - Virtual size: 43KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 29KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 408KB - Virtual size: 405KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
NXYCSP_82_HBs.ini
-
NXYCSP_82_HBu.dll.dll windows:4 windows x86 arch:x86
c59a98dbdff34fb252c76dc503a4a670
Code Sign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29-04-2021 00:00Not After28-04-2036 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:96:b0:97:d5:e5:d2:ee:85:eb:f4:d3:a3:45:ee:d4Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before29-04-2022 00:00Not After25-06-2025 23:59SubjectSERIALNUMBER=91320000253710940L,CN=恒宝股份有限公司,O=恒宝股份有限公司,L=丹阳市,ST=江苏省,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#0c09e6b19fe88b8fe79c81,1.3.6.1.4.1.311.60.2.1.3=#1302434eExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate
IssuerCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USNot Before14-07-2023 00:00Not After13-10-2034 23:59SubjectCN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before23-03-2022 00:00Not After22-03-2037 23:59SubjectCN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01-08-2022 00:00Not After09-11-2031 23:59SubjectCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
f4:be:b0:fe:19:34:29:2a:e7:fb:c7:ca:44:2a:7a:42:8c:fd:3e:a5:8c:fe:f1:5f:fd:7a:fe:68:41:04:8b:95Signer
Actual PE Digestf4:be:b0:fe:19:34:29:2a:e7:fb:c7:ca:44:2a:7a:42:8c:fd:3e:a5:8c:fe:f1:5f:fd:7a:fe:68:41:04:8b:95Digest Algorithmsha256PE Digest Matchestrue1f:0b:67:ff:45:ae:c0:0b:34:d8:80:5f:9b:61:33:d5:c3:6d:07:c8Signer
Actual PE Digest1f:0b:67:ff:45:ae:c0:0b:34:d8:80:5f:9b:61:33:d5:c3:6d:07:c8Digest Algorithmsha1PE Digest MatchestrueHeaders
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetSystemDefaultUILanguage
FindFirstFileA
WaitForSingleObject
SetEvent
OpenEventA
TerminateThread
ReleaseMutex
CreateEventA
CreateMutexA
GlobalLock
GlobalUnlock
GlobalFree
GetSystemInfo
GetVersionExA
LoadLibraryA
FreeLibrary
WritePrivateProfileStringA
GetLocalTime
GetCurrentProcessId
FindNextFileA
WriteFile
ReadFile
CreateFileA
OpenFileMappingA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetCurrentThreadId
GetSystemTimeAsFileTime
CompareFileTime
LocalAlloc
MultiByteToWideChar
LocalFree
GetTempPathA
FileTimeToSystemTime
GetModuleFileNameW
LoadLibraryW
OutputDebugStringA
GetVersion
GetFileAttributesW
FindClose
WideCharToMultiByte
CreateThread
CloseHandle
Sleep
DeviceIoControl
GetProcAddress
GetModuleHandleW
GetModuleHandleA
lstrcmpA
GetModuleFileNameA
lstrlenA
lstrcatA
lstrcpyA
SetLastError
GetPrivateProfileStringA
GetPrivateProfileIntA
GetLastError
GlobalAlloc
user32
SetFocus
SetWindowLongA
SendDlgItemMessageA
SetDlgItemTextA
DefWindowProcA
GetFocus
GetDlgItemTextA
MessageBoxA
ShowWindow
EnableWindow
GetDesktopWindow
GetWindowTextA
GetSysColor
GetDlgCtrlID
KillTimer
GetCursorPos
TrackPopupMenu
FindWindowA
PeekMessageA
TranslateMessage
DispatchMessageA
DestroyMenu
ScreenToClient
SetTimer
CharUpperA
SetForegroundWindow
LoadMenuA
GetSubMenu
CreatePopupMenu
InsertMenuA
InsertMenuItemA
CallNextHookEx
CheckMenuRadioItem
LoadStringA
SetWindowTextA
EndDialog
DialogBoxParamA
LoadIconA
CallWindowProcA
GetWindowLongA
GetParent
SendMessageA
InvalidateRect
GetDC
ValidateRect
GetKeyState
GetAsyncKeyState
UnhookWindowsHookEx
SetWindowsHookExA
LoadImageA
GetSystemMetrics
PostMessageA
LoadBitmapA
DrawFrameControl
DrawIcon
ReleaseDC
BeginPaint
EndPaint
GetDlgItem
GetClientRect
MoveWindow
GetWindowRect
SetWindowPos
DdeInitializeA
MsgWaitForMultipleObjects
FillRect
DestroyWindow
CreateDialogIndirectParamA
DefDlgProcA
DefMDIChildProcA
DefFrameProcA
DdeCreateStringHandleW
DdeConnect
DdeClientTransaction
DdeGetData
DdeGetLastError
DdeFreeDataHandle
DdeDisconnect
DdeUninitialize
GetMenuItemCount
gdi32
CreateCompatibleDC
SelectObject
DeleteDC
SetTextColor
SetBkColor
GetObjectA
DeleteObject
CreateSolidBrush
shell32
ShellExecuteExA
ShellExecuteA
Shell_NotifyIconA
advapi32
CryptAcquireContextA
CryptReleaseContext
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorSacl
SetSecurityInfo
CryptGenRandom
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
ole32
CoInitialize
CoCreateInstance
oleaut32
VariantClear
setupapi
SetupDiGetDeviceInterfaceDetailA
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
hid
HidD_GetFeature
HidD_SetFeature
HidP_GetCaps
HidD_GetPreparsedData
HidD_GetAttributes
msvcrt
_strupr
isdigit
_CxxThrowException
??1type_info@@UAE@XZ
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
free
gmtime
clock
isxdigit
_access
fprintf
vfprintf
_purecall
abs
strncmp
strtol
memcmp
strcmp
isalpha
wcslen
strrchr
strtoul
time
srand
rand
fopen
fwrite
fclose
_except_handler3
sprintf
strlen
??2@YAPAXI@Z
strcpy
strstr
memcpy
memset
_EH_prolog
__CxxFrameHandler
strcat
??3@YAXPAX@Z
crypt32
CertCloseStore
CertFreeCertificateContext
CertCreateCertificateContext
CertOpenStore
CertAddCertificateContextToStore
CertSetCertificateContextProperty
CertDeleteCertificateFromStore
CertDuplicateCertificateContext
CertCompareCertificate
CertEnumCertificatesInStore
CertOpenSystemStoreA
CertGetNameStringA
version
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA
shlwapi
PathFileExistsA
msimg32
TransparentBlt
Exports
Exports
CloseUserTool
OpenUserTool
Sections
.text Size: 65KB - Virtual size: 65KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 417KB - Virtual size: 417KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
ToolPic/82.bmp
-
uninst.exe.exe windows:4 windows x86 arch:x86
14b0fecbed4a918c9c5c5d940cc1045e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW
shell32
SHGetFileInfoW
SHBrowseForFolderW
SHFileOperationW
ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ole32
OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree
comctl32
ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked
user32
DispatchMessageW
wsprintfA
IsWindowVisible
PeekMessageW
wvsprintfW
MessageBoxIndirectW
CharNextA
CharPrevW
GetSystemMetrics
GetDlgItemTextW
SetDlgItemTextW
TrackPopupMenu
CreatePopupMenu
FillRect
CloseClipboard
OpenClipboard
EndPaint
IsDlgButtonChecked
CallWindowProcW
GetMessagePos
LoadCursorW
GetAsyncKeyState
CheckDlgButton
SetWindowPos
SetCursor
GetSysColor
SetClassLongW
GetWindowLongW
IsWindowEnabled
GetWindowRect
GetSystemMenu
EnableMenuItem
RegisterClassW
ScreenToClient
EndDialog
GetClassInfoW
SystemParametersInfoW
CreateWindowExW
ExitWindowsEx
DialogBoxParamW
CharNextW
SetTimer
DestroyWindow
CreateDialogParamW
SetForegroundWindow
SetWindowTextW
PostQuitMessage
SendMessageTimeoutW
ShowWindow
wsprintfW
GetDlgItem
FindWindowExW
IsWindow
GetDC
SetWindowLongW
LoadImageW
InvalidateRect
ReleaseDC
EnableWindow
BeginPaint
SendMessageW
DefWindowProcW
GetClientRect
DrawTextW
SetClipboardData
EmptyClipboard
AppendMenuW
gdi32
SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject
kernel32
GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
MoveFileExW
GetTempFileNameW
lstrcmpiA
WriteFile
CreateProcessW
CreateDirectoryW
RemoveDirectoryW
GlobalLock
GlobalUnlock
CreateThread
WideCharToMultiByte
lstrcpynW
GetDiskFreeSpaceW
SetErrorMode
GetVersionExW
lstrlenW
GetTempPathW
GetWindowsDirectoryW
GetCommandLineW
CopyFileW
ExitProcess
SetEnvironmentVariableW
GetModuleFileNameW
GetFileSize
GetCurrentProcess
GetTickCount
Sleep
CreateFileW
GetFileAttributesW
SetCurrentDirectoryW
SetFileAttributesW
MoveFileW
GetFullPathNameW
GetLastError
SearchPathW
CompareFileTime
GetShortPathNameW
CloseHandle
lstrcmpiW
SetFileTime
ExpandEnvironmentStringsW
GlobalFree
lstrcmpW
GetModuleHandleW
LoadLibraryExW
GlobalAlloc
WritePrivateProfileStringW
GetPrivateProfileStringW
FreeLibrary
lstrcpyA
lstrcatW
ReadFile
MultiByteToWideChar
lstrlenA
FindClose
FindNextFileW
SetFilePointer
DeleteFileW
MulDiv
FindFirstFileW
Sections
.text Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 139KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
fc0224e99e736751432961db63a41b76
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 662B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/UserInfo.dll.dll windows:4 windows x86 arch:x86
5e62e8e248e7364886b604bd1fcf4c13
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
advapi32
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameW
kernel32
GlobalFree
GetVersion
GlobalAlloc
CloseHandle
GetModuleHandleA
GetLastError
GetCurrentProcess
GetCurrentThread
GetProcAddress
lstrcpynW
Exports
Exports
GetAccountType
GetName
GetOriginalAccountType
Sections
.text Size: 1024B - Virtual size: 714B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 705B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 104B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 240B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ