4qoGccX68s9fdEWfdr7wu2[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

4qoGccX68s9fdEWfdr7wu2.zip
Size

4.1MB
MD5

a87c0ca4284ce27ac8e990c690a2db3b
SHA1

67f7be25ee219e8236a2fb1465aec64f737ae884
SHA256

2d70cf00054ddf8d5acbfd6d410588736f1471bc1663c14c52ca78cbd01c6cb1
SHA512

7f53f67ed15c89693a56414e13a7853b108cd9b89bea6ec3b268970d74d9a0dabee01ad54847372dc738eac596da21077d92478051c08b87ce686dcfab807d8c
SSDEEP

98304:ioWpbbqDR6GY8sUMa2NBe3gqE+8d1EwL6lQbe9UvTXCxeNDgTEX6:YJkRkTugqEKwDe+jaukTM6

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/9-.redtail_	upx

Files

4qoGccX68s9fdEWfdr7wu2.zip
.zip

Password: unzip-me
0-BOOTX64.EFI_
.exe windows:0 windows x64 arch:x64

Password: unzip-me

Code Sign

33:00:00:00:49:f1:b3:39:36:c9:c2:4d:5a:00:01:00:00:00:49
Certificate

Issuer

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-09-2021 19:40

Not After

01-09-2022 19:40

Subject

CN=Microsoft Windows UEFI Driver Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:08:d3:c4:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Corporation Third Party Marketplace Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27-06-2011 21:22

Not After

27-06-2026 21:32

Subject

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5
Signer

Actual PE Digest

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

/4
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/26
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dynamic
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rela
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbat
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
1-BOOTX64.CSV_
2-fbx64.efi_
.exe windows:0 windows x64 arch:x64

Password: unzip-me

Code Sign

b5:55:39:b3:c7:96:1d:9d
Certificate

Issuer

CN=Red Hat Secure Boot CA 5,O=Red Hat\, Inc.,1.2.840.113549.1.9.1=#0c13736563616c657274407265646861742e636f6d

Not Before

09-06-2020 09:59

Not After

18-01-2038 09:59

Subject

CN=Red Hat Secure Boot Signing 501,O=Red Hat\, Inc.,1.2.840.113549.1.9.1=#0c13736563616c657274407265646861742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fd:f8:a7:6f:57:96:7d:5b:96:b2:39:9b:1e:ef:91:c9:56:04:b3:95:8b:cf:16:eb:9f:ee:52:60:da:72:88:74
Signer

Actual PE Digest

fd:f8:a7:6f:57:96:7d:5b:96:b2:39:9b:1e:ef:91:c9:56:04:b3:95:8b:cf:16:eb:9f:ee:52:60:da:72:88:74

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

/4
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dynamic
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rela
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbat
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
3-mmx64.efi_
.exe windows:0 windows x64 arch:x64

Password: unzip-me

Code Sign

b5:55:39:b3:c7:96:1d:9d
Certificate

Issuer

CN=Red Hat Secure Boot CA 5,O=Red Hat\, Inc.,1.2.840.113549.1.9.1=#0c13736563616c657274407265646861742e636f6d

Not Before

09-06-2020 09:59

Not After

18-01-2038 09:59

Subject

CN=Red Hat Secure Boot Signing 501,O=Red Hat\, Inc.,1.2.840.113549.1.9.1=#0c13736563616c657274407265646861742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

af:44:52:c6:f4:8f:94:a1:ee:64:b3:a0:89:ea:c1:c9:0c:fe:d5:80:42:2b:87:1c:ec:85:fd:a1:6f:d6:72:dc
Signer

Actual PE Digest

af:44:52:c6:f4:8f:94:a1:ee:64:b3:a0:89:ea:c1:c9:0c:fe:d5:80:42:2b:87:1c:ec:85:fd:a1:6f:d6:72:dc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

/4
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 337KB - Virtual size: 337KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dynamic
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rela
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbat
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
4-shim.efi_
.exe windows:0 windows x64 arch:x64

Password: unzip-me

Code Sign

33:00:00:00:49:f1:b3:39:36:c9:c2:4d:5a:00:01:00:00:00:49
Certificate

Issuer

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-09-2021 19:40

Not After

01-09-2022 19:40

Subject

CN=Microsoft Windows UEFI Driver Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:08:d3:c4:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Corporation Third Party Marketplace Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27-06-2011 21:22

Not After

27-06-2026 21:32

Subject

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5
Signer

Actual PE Digest

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

/4
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/26
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dynamic
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rela
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbat
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
5-shimx64-redhat.efi_
.exe windows:0 windows x64 arch:x64

Password: unzip-me

Code Sign

b5:55:39:b3:c7:96:1d:9d
Certificate

Issuer

CN=Red Hat Secure Boot CA 5,O=Red Hat\, Inc.,1.2.840.113549.1.9.1=#0c13736563616c657274407265646861742e636f6d

Not Before

09-06-2020 09:59

Not After

18-01-2038 09:59

Subject

CN=Red Hat Secure Boot Signing 501,O=Red Hat\, Inc.,1.2.840.113549.1.9.1=#0c13736563616c657274407265646861742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5
Signer

Actual PE Digest

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

/4
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/26
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dynamic
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rela
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbat
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
6-shimx64.efi_
.exe windows:0 windows x64 arch:x64

Password: unzip-me

Code Sign

33:00:00:00:49:f1:b3:39:36:c9:c2:4d:5a:00:01:00:00:00:49
Certificate

Issuer

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

09-09-2021 19:40

Not After

01-09-2022 19:40

Subject

CN=Microsoft Windows UEFI Driver Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:08:d3:c4:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Corporation Third Party Marketplace Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27-06-2011 21:22

Not After

27-06-2026 21:32

Subject

CN=Microsoft Corporation UEFI CA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5
Signer

Actual PE Digest

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

/4
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 378KB - Virtual size: 377KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/14
Size: 512B - Virtual size: 73B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/26
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dynamic
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rela
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sbat
Size: 512B - Virtual size: 187B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
7-grub.cfg_
.vbs
8-grubx64.efi_
.exe windows:0 windows x64 arch:x64

Password: unzip-me

Code Sign

b5:55:39:b3:c7:96:1d:9e
Certificate

Issuer

CN=Red Hat Secure Boot CA 5,O=Red Hat\, Inc.,1.2.840.113549.1.9.1=#0c13736563616c657274407265646861742e636f6d

Not Before

09-06-2020 10:00

Not After

18-01-2038 10:00

Subject

CN=Red Hat Secure Boot Signing 502,O=Red Hat\, Inc.,1.2.840.113549.1.9.1=#0c13736563616c657274407265646861742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:f1:b2:51:20:13:b0:0a:fe:1b:30:a9:56:6e:bf:0b:52:d2:37:32:36:11:b2:34:4a:c9:8d:c6:d4:22:42:f2
Signer

Actual PE Digest

07:f1:b2:51:20:13:b0:0a:fe:1b:30:a9:56:6e:bf:0b:52:d2:37:32:36:11:b2:34:4a:c9:8d:c6:d4:22:42:f2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mods
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sbat
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
9-.redtail_
.elf linux x64
files-api.YdeIcd9Jnk284i6x4KkYiT.xml
.xml
manifest.json
metadata.json
script.json
sysinfo.3grGiTdIF8348FnEx5A54z.xml
.xml

Sharing

General

Malware Config

Signatures

Files

Password: unzip-me

Password: unzip-me

Code Sign

33:00:00:00:49:f1:b3:39:36:c9:c2:4d:5a:00:01:00:00:00:49Certificate

Extended Key Usages

61:08:d3:c4:00:00:00:00:00:04Certificate

Key Usages

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5Signer

Headers

File Characteristics

Sections

/4 Size: 119KB - Virtual size: 118KB

.text Size: 378KB - Virtual size: 377KB

.reloc Size: 512B - Virtual size: 10B

/14 Size: 512B - Virtual size: 73B

.data Size: 181KB - Virtual size: 181KB

/26 Size: 1024B - Virtual size: 936B

.dynamic Size: 512B - Virtual size: 240B

.rela Size: 109KB - Virtual size: 109KB

.sbat Size: 512B - Virtual size: 187B

Password: unzip-me

Code Sign

b5:55:39:b3:c7:96:1d:9dCertificate

Extended Key Usages

Key Usages

fd:f8:a7:6f:57:96:7d:5b:96:b2:39:9b:1e:ef:91:c9:56:04:b3:95:8b:cf:16:eb:9f:ee:52:60:da:72:88:74Signer

Headers

File Characteristics

Sections

/4 Size: 13KB - Virtual size: 12KB

.text Size: 37KB - Virtual size: 36KB

.reloc Size: 512B - Virtual size: 10B

.data Size: 15KB - Virtual size: 14KB

.dynamic Size: 512B - Virtual size: 240B

.rela Size: 4KB - Virtual size: 4KB

.sbat Size: 512B - Virtual size: 187B

Password: unzip-me

Code Sign

b5:55:39:b3:c7:96:1d:9dCertificate

Extended Key Usages

Key Usages

af:44:52:c6:f4:8f:94:a1:ee:64:b3:a0:89:ea:c1:c9:0c:fe:d5:80:42:2b:87:1c:ec:85:fd:a1:6f:d6:72:dcSigner

Headers

File Characteristics

Sections

/4 Size: 106KB - Virtual size: 105KB

.text Size: 337KB - Virtual size: 337KB

.reloc Size: 512B - Virtual size: 10B

.data Size: 165KB - Virtual size: 165KB

.dynamic Size: 512B - Virtual size: 240B

.rela Size: 108KB - Virtual size: 107KB

.sbat Size: 512B - Virtual size: 187B

Password: unzip-me

Code Sign

33:00:00:00:49:f1:b3:39:36:c9:c2:4d:5a:00:01:00:00:00:49Certificate

Extended Key Usages

61:08:d3:c4:00:00:00:00:00:04Certificate

Key Usages

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5Signer

Headers

File Characteristics

Sections

/4 Size: 119KB - Virtual size: 118KB

.text Size: 378KB - Virtual size: 377KB

.reloc Size: 512B - Virtual size: 10B

/14 Size: 512B - Virtual size: 73B

.data Size: 181KB - Virtual size: 181KB

/26 Size: 1024B - Virtual size: 936B

.dynamic Size: 512B - Virtual size: 240B

.rela Size: 109KB - Virtual size: 109KB

.sbat Size: 512B - Virtual size: 187B

Password: unzip-me

Code Sign

b5:55:39:b3:c7:96:1d:9dCertificate

Extended Key Usages

33:00:00:00:49:f1:b3:39:36:c9:c2:4d:5a:00:01:00:00:00:49
Certificate

61:08:d3:c4:00:00:00:00:00:04
Certificate

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5
Signer

/4
Size: 119KB - Virtual size: 118KB

.text
Size: 378KB - Virtual size: 377KB

.reloc
Size: 512B - Virtual size: 10B

/14
Size: 512B - Virtual size: 73B

.data
Size: 181KB - Virtual size: 181KB

/26
Size: 1024B - Virtual size: 936B

.dynamic
Size: 512B - Virtual size: 240B

.rela
Size: 109KB - Virtual size: 109KB

.sbat
Size: 512B - Virtual size: 187B

b5:55:39:b3:c7:96:1d:9d
Certificate

fd:f8:a7:6f:57:96:7d:5b:96:b2:39:9b:1e:ef:91:c9:56:04:b3:95:8b:cf:16:eb:9f:ee:52:60:da:72:88:74
Signer

/4
Size: 13KB - Virtual size: 12KB

.text
Size: 37KB - Virtual size: 36KB

.reloc
Size: 512B - Virtual size: 10B

.data
Size: 15KB - Virtual size: 14KB

.dynamic
Size: 512B - Virtual size: 240B

.rela
Size: 4KB - Virtual size: 4KB

.sbat
Size: 512B - Virtual size: 187B

b5:55:39:b3:c7:96:1d:9d
Certificate

af:44:52:c6:f4:8f:94:a1:ee:64:b3:a0:89:ea:c1:c9:0c:fe:d5:80:42:2b:87:1c:ec:85:fd:a1:6f:d6:72:dc
Signer

/4
Size: 106KB - Virtual size: 105KB

.text
Size: 337KB - Virtual size: 337KB

.reloc
Size: 512B - Virtual size: 10B

.data
Size: 165KB - Virtual size: 165KB

.dynamic
Size: 512B - Virtual size: 240B

.rela
Size: 108KB - Virtual size: 107KB

.sbat
Size: 512B - Virtual size: 187B

33:00:00:00:49:f1:b3:39:36:c9:c2:4d:5a:00:01:00:00:00:49
Certificate

61:08:d3:c4:00:00:00:00:00:04
Certificate

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5
Signer

/4
Size: 119KB - Virtual size: 118KB

.text
Size: 378KB - Virtual size: 377KB

.reloc
Size: 512B - Virtual size: 10B

/14
Size: 512B - Virtual size: 73B

.data
Size: 181KB - Virtual size: 181KB

/26
Size: 1024B - Virtual size: 936B

.dynamic
Size: 512B - Virtual size: 240B

.rela
Size: 109KB - Virtual size: 109KB

.sbat
Size: 512B - Virtual size: 187B

b5:55:39:b3:c7:96:1d:9d
Certificate

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5
Signer

/4
Size: 119KB - Virtual size: 118KB

.text
Size: 378KB - Virtual size: 377KB

.reloc
Size: 512B - Virtual size: 10B

/14
Size: 512B - Virtual size: 73B

.data
Size: 181KB - Virtual size: 181KB

/26
Size: 1024B - Virtual size: 936B

.dynamic
Size: 512B - Virtual size: 240B

.rela
Size: 109KB - Virtual size: 109KB

.sbat
Size: 512B - Virtual size: 187B

33:00:00:00:49:f1:b3:39:36:c9:c2:4d:5a:00:01:00:00:00:49
Certificate

61:08:d3:c4:00:00:00:00:00:04
Certificate

5a:f2:4f:a7:41:9a:5b:b4:ce:be:93:42:21:c3:15:5c:b3:91:87:73:c5:b7:03:3d:59:cd:dd:a3:44:f3:eb:f5
Signer

/4
Size: 119KB - Virtual size: 118KB

.text
Size: 378KB - Virtual size: 377KB

.reloc
Size: 512B - Virtual size: 10B

/14
Size: 512B - Virtual size: 73B

.data
Size: 181KB - Virtual size: 181KB

/26
Size: 1024B - Virtual size: 936B

.dynamic
Size: 512B - Virtual size: 240B

.rela
Size: 109KB - Virtual size: 109KB

.sbat
Size: 512B - Virtual size: 187B

b5:55:39:b3:c7:96:1d:9e
Certificate

07:f1:b2:51:20:13:b0:0a:fe:1b:30:a9:56:6e:bf:0b:52:d2:37:32:36:11:b2:34:4a:c9:8d:c6:d4:22:42:f2
Signer

.text
Size: 100KB - Virtual size: 100KB

.data
Size: 72KB - Virtual size: 72KB

mods
Size: 2.2MB - Virtual size: 2.2MB

.sbat
Size: 4KB - Virtual size: 4KB

.reloc
Size: 8KB - Virtual size: 8KB