DEMANDA LABORAL POR ABUSO DE CONFIANZA 01[.]XZ

Sharing

Copy URL

Twitter E-mail

General

Target

DEMANDA LABORAL POR ABUSO DE CONFIANZA 01.XZ
Size

4.8MB
MD5

87aa9b12c1b0c3e870690b9439b839d6
SHA1

74aa95746c8b1c2fa9463b0a549feea78b112d11
SHA256

a53ec05a1c33d2d78afa7e0b7385a8e60388d19110ba1cf72afa99d295bad315
SHA512

a5bed4661483d10e8521e9b26b3dbf628e560102c1ca93c239016d0c11e4c87c92cc4b7dfbc7773456be01e1795714009b1b4b6dad245e83196025d41c69f267
SSDEEP

98304:xWI7FJcIkR6IQVD9ROh6kAAgTsT3ZwwZ1/Yre2HX3EA1lwRhIXVomHyILbav:wUyR6IoDPejArTe3ZNwp3EqamdL0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/VERSION.dll

Files

DEMANDA LABORAL POR ABUSO DE CONFIANZA 01.XZ
.7z

Password: FYU789
DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/01 DEMANDA LABORAL POR ABUSO DE CONFIANZA.exe
.exe windows:6 windows x64 arch:x64

Password: FYU789

aae1acda830ee648157bb074f2514044

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:93:5b:ba:23:6b:f2:1f:0e:01:cc:5f:e3:78:90:b2
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25-02-2024 00:00

Not After

26-02-2025 23:59

Subject

CN=Cisco Systems\, Inc.,O=Cisco Systems\, Inc.,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

ea:cc:14:ed:e0:74:44:0f:48:03:d8:cf:eb:f0:9c:4d:72:56:3a:0c:28:24:69:8e:8e:b1:58:a4:15:1c:4e:d1
Signer

Actual PE Digest

ea:cc:14:ed:e0:74:44:0f:48:03:d8:cf:eb:f0:9c:4d:72:56:3a:0c:28:24:69:8e:8e:b1:58:a4:15:1c:4e:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

CiscoCollabHost.pdb

Imports

shlwapi

PathIsDirectoryW
PathFileExistsW
PathRemoveFileSpecW

advapi32

GetUserNameW

kernel32

GetModuleFileNameW
CreateFileW
GetCommandLineW
lstrlenW
GetLastError
LoadLibraryW
GetProcAddress
ExitProcess
FreeLibrary
SetDllDirectoryW
WriteFile
GetTimeFormatEx
GetSystemTime
GetDateFormatEx
CloseHandle

user32

CharLowerW

shell32

SHGetKnownFolderPath
CommandLineToArgvW

ole32

CoTaskMemFree

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/CiscoSparkLauncher.dll
.dll windows:6 windows x64 arch:x64

Password: FYU789

e0cb9e655a81c9b36e7455134a7452cb

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:93:5b:ba:23:6b:f2:1f:0e:01:cc:5f:e3:78:90:b2
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

25-02-2024 00:00

Not After

26-02-2025 23:59

Subject

CN=Cisco Systems\, Inc.,O=Cisco Systems\, Inc.,L=San Jose,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:93:04:68:12:8a:b3:d9:39:4a:d4:88:9d:04:63:33:b9:6f:c6:68:1a:8b:bc:d7:70:58:ce:ee:0c:d0:5c:7f
Signer

Actual PE Digest

38:93:04:68:12:8a:b3:d9:39:4a:d4:88:9d:04:63:33:b9:6f:c6:68:1a:8b:bc:d7:70:58:ce:ee:0c:d0:5c:7f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

CiscoSparkLauncher.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

advapi32

CryptGetProvParam
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
RegGetValueW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
GetUserNameW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetUserKey
CryptExportKey
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
DeregisterEventSource

kernel32

DecodePointer
DeleteCriticalSection
CompareFileTime
CopyFileW
CloseHandle
GetComputerNameW
WideCharToMultiByte
LoadLibraryExW
SwitchToThread
SetLastError
GetStdHandle
GetFileType
WriteFile
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleExW
InitializeCriticalSectionEx
DeleteFiber
ConvertFiberToThread
LoadLibraryA
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
ReadFile
SetConsoleCtrlHandler
RemoveDirectoryW
DeleteFileW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
ExitProcess
RtlUnwind
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwindEx
RaiseException
OutputDebugStringW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
InitializeSListHead
CreateEventW
SetEndOfFile
WriteConsoleW
GetModuleFileNameW
QueryUnbiasedInterruptTime
GetSystemWindowsDirectoryW
FreeLibrary
GetModuleHandleW
GetCurrentProcessId
GetProcAddress
SetFilePointerEx
LoadLibraryW
GetCurrentProcess
FindClose
GetEnvironmentVariableW
SetEnvironmentVariableW
FindNextFileW
GetFullPathNameW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapSize
WaitForSingleObjectEx
SetStdHandle
HeapReAlloc
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetConsoleOutputCP
FlushFileBuffers
FindFirstFileW
CreateProcessW
GetLastError
GetCommandLineW
HeapAlloc
HeapFree
GetFileSizeEx
RtlVirtualUnwind
FormatMessageA
GetStringTypeW
LocalFree
GetLocaleInfoEx
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindFirstFileExW
GetFileAttributesExW
GetFileInformationByHandle
SetFileInformationByHandle
AreFileApisANSI
DeviceIoControl
MoveFileExW
GetFileInformationByHandleEx
CreateSymbolicLinkW
QueryPerformanceFrequency
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
TryAcquireSRWLockExclusive
InitializeSRWLock
EncodePointer
LCMapStringEx
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringEx
GetCPInfo
SetEvent
ResetEvent

user32

GetProcessWindowStation
MessageBoxW
GetUserObjectInformationW

shell32

SHGetKnownFolderPath
SHCreateDirectoryExW

ole32

CoTaskMemFree
CoUninitialize
CoInitialize

shlwapi

PathRemoveFileSpecW

bcrypt

BCryptGenRandom

ws2_32

closesocket
WSASetLastError
send
recv
WSAGetLastError
WSACleanup

crypt32

CertFindCertificateInStore
CertCloseStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
CertEnumCertificatesInStore

Exports

Exports

SparkEntryPoint

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 719KB - Virtual size: 718KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DEMANDA LABORAL POR ABUSO DE CONFIANZA 01/VERSION.dll
.dll windows:4 windows x64 arch:x64

Password: FYU789

5fa4efc326cf4df607cc9530d92ea27c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_unlock
abort
calloc
fputc
free
fwrite
localeconv
malloc
memcpy
memset
puts
realloc
strerror
strlen
strncmp
vfprintf
wcslen

Exports

Exports

GetFileVersionInfoA
GetFileVersionInfoByHandle
GetFileVersionInfoExA
GetFileVersionInfoExW
GetFileVersionInfoSizeA
GetFileVersionInfoSizeExA
GetFileVersionInfoSizeExW
GetFileVersionInfoSizeW
GetFileVersionInfoW
VerFindFileA
VerFindFileW
VerInstallFileA
VerInstallFileW
VerLanguageNameA
VerLanguageNameW
VerQueryValueA
VerQueryValueW

Sections

.text
Size: 791KB - Virtual size: 791KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6.1MB - Virtual size: 6.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 555B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: FYU789

Password: FYU789

aae1acda830ee648157bb074f2514044

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:93:5b:ba:23:6b:f2:1f:0e:01:cc:5f:e3:78:90:b2Certificate

Extended Key Usages

Key Usages

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

ea:cc:14:ed:e0:74:44:0f:48:03:d8:cf:eb:f0:9c:4d:72:56:3a:0c:28:24:69:8e:8e:b1:58:a4:15:1c:4e:d1Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

advapi32

kernel32

user32

shell32

ole32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 66KB

.pdata Size: 512B - Virtual size: 192B

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 512B - Virtual size: 68B

Password: FYU789

e0cb9e655a81c9b36e7455134a7452cb

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:93:5b:ba:23:6b:f2:1f:0e:01:cc:5f:e3:78:90:b2Certificate

Extended Key Usages

Key Usages

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

38:93:04:68:12:8a:b3:d9:39:4a:d4:88:9d:04:63:33:b9:6f:c6:68:1a:8b:bc:d7:70:58:ce:ee:0c:d0:5c:7fSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

advapi32

kernel32

user32

shell32

ole32

shlwapi

bcrypt

ws2_32

crypt32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 719KB - Virtual size: 718KB

.data Size: 19KB - Virtual size: 40KB

.pdata Size: 70KB - Virtual size: 69KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:93:5b:ba:23:6b:f2:1f:0e:01:cc:5f:e3:78:90:b2
Certificate

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

ea:cc:14:ed:e0:74:44:0f:48:03:d8:cf:eb:f0:9c:4d:72:56:3a:0c:28:24:69:8e:8e:b1:58:a4:15:1c:4e:d1
Signer

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 66KB

.pdata
Size: 512B - Virtual size: 192B

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 512B - Virtual size: 68B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:93:5b:ba:23:6b:f2:1f:0e:01:cc:5f:e3:78:90:b2
Certificate

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

38:93:04:68:12:8a:b3:d9:39:4a:d4:88:9d:04:63:33:b9:6f:c6:68:1a:8b:bc:d7:70:58:ce:ee:0c:d0:5c:7f
Signer

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 719KB - Virtual size: 718KB

.data
Size: 19KB - Virtual size: 40KB

.pdata
Size: 70KB - Virtual size: 69KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 23KB - Virtual size: 22KB

.text
Size: 791KB - Virtual size: 791KB

.data
Size: 512B - Virtual size: 112B

.rdata
Size: 6.1MB - Virtual size: 6.1MB

.pdata
Size: 2KB - Virtual size: 1KB

.xdata
Size: 2KB - Virtual size: 1KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 1024B - Virtual size: 555B

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 80B