PASS-1234[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

PASS-1234.zip
Size

37.0MB
MD5

65760834f3a039f72057f2debd91dd64
SHA1

11027039cec72c0cdabb0a9ca8271f4bb2e7f3b2
SHA256

a9f9d70ac11bceafc5b850cf44b959c2796a6b1c728f7a4e42fa09c0a87ef693
SHA512

3295e82acd101b622301eecfbfe23b61f6137e6ce86190ded172afcbe3c0143205dd2849f208c5fc3692ec59485e4eca095101a7d7826ccecc2573eaf51cd638
SSDEEP

786432:fnuq+CaDeprnuq+CaDepAnuq+CaDeplnuq+CaDepCnuq+CaDepXnuq+CaDepcnu6:G3Caap63CaapJ3CaapQ3CaapP3Caap+V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/PASS-1234.exe

Files

PASS-1234.zip
.zip

Password: 1234
PASS-1234.exe
.exe windows:6 windows x86 arch:x86

Password: 1234

3ccbd572e5c574aa059c8de8b80553b8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateFileW
CreateThread
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileSize
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
RtlUnwind
SetEnvironmentVariableW
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObject
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

_SerializeData@16

Sections

.text
Size: 145KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.BSS
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
PASS1234.txt
libbry/libb1.dll
.dll windows:6 windows x64 arch:x64

Password: 1234

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libbry/libb2.dll
.dll windows:6 windows x64 arch:x64

Password: 1234

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libbry/libb3.dll
.dll windows:6 windows x64 arch:x64

Password: 1234

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libbry/libb4.dll
.dll windows:6 windows x64 arch:x64

Password: 1234

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libbry/libb5.dll
.dll windows:6 windows x64 arch:x64

Password: 1234

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libbry/libb6.dll
.dll windows:6 windows x64 arch:x64

Password: 1234

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libbry/libb7.dll
.dll windows:6 windows x64 arch:x64

Password: 1234

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libbry/libb8.dll
.dll windows:6 windows x64 arch:x64

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
libbry/libb9.dll
.dll windows:6 windows x64 arch:x64

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

19-12-2023 00:00

Not After

07-03-2027 23:59

Subject

CN=Bandicam Company Corp.,O=Bandicam Company Corp.,L=Yeongdeungpo-gu,ST=Seoul,C=KR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14-07-2023 00:00

Not After

13-10-2034 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

Actual PE Digest

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d

Digest Algorithm

sha256

PE Digest Matches

true

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

Actual PE Digest

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
GetFileSize
LocalFree
CreateDirectoryW
GetFullPathNameW
WideCharToMultiByte
MultiByteToWideChar
WaitForSingleObject
CreateToolhelp32Snapshot
GetCurrentProcessId
TerminateProcess
GetSystemInfo
HeapDestroy
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceExW
FindResourceW
EnterCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
GetTickCount64
QueryPerformanceFrequency
VirtualProtect
WriteProcessMemory
WriteFile
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
VirtualAlloc
VirtualFree
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
CreateFileMappingW
VirtualQuery
HeapCreate
Thread32Next
GetSystemDirectoryW
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
GetLocalTime
CreateEventA
FreeLibraryAndExitThread
CreateThread
DisableThreadLibraryCalls
GetTickCount
InitializeCriticalSectionEx
RaiseException
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
SetStdHandle
SetFilePointerEx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetStringTypeW
GetFileType
GetStdHandle
LCMapStringW
ExitProcess
GetModuleHandleExW
ExitThread
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
InterlockedFlushSList
RtlPcToFileHeader
RtlUnwindEx
GetModuleFileNameW
GetCurrentProcess
FreeLibrary
LoadLibraryW
GetProcAddress
GetModuleHandleW
SetLastError
FindClose
FindNextFileW
GetSystemTimeAsFileTime
ReadFile
SetFilePointer
CreateFileW
OutputDebugStringA
OutputDebugStringW
CloseHandle
Thread32First
GetLastError
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
GetStartupInfoW
InitializeSListHead

user32

FindWindowW
GetWindowLongW
WindowFromDC
GetClientRect
GetClassNameW
PostMessageW
wsprintfW
FillRect
RegisterWindowMessageW
SetForegroundWindow
GetForegroundWindow
GetDesktopWindow
GetParent
IsWindow

gdi32

CreateSolidBrush
DeleteObject

advapi32

SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCreateKeyExW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
SetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid

shlwapi

PathIsDirectoryW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

PlaySoundW

Exports

Exports

Bdcam_Initialize
Bdcam_SharedData
Bdcam_Uninitialize

Sections

.text
Size: 470KB - Virtual size: 470KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18.6MB - Virtual size: 18.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hkshare
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 488KB - Virtual size: 488KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 1234

Password: 1234

3ccbd572e5c574aa059c8de8b80553b8

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 145KB - Virtual size: 145KB

.rdata Size: 40KB - Virtual size: 39KB

.data Size: 5KB - Virtual size: 8KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 232B

.reloc Size: 7KB - Virtual size: 6KB

.BSS Size: 325KB - Virtual size: 325KB

Password: 1234

d00a47711b777b01d9243d5a72affed1

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0dSigner

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

version

winmm

Exports

Exports

Sections

.text Size: 470KB - Virtual size: 470KB

.rdata Size: 18.6MB - Virtual size: 18.6MB

.data Size: 51KB - Virtual size: 108KB

.pdata Size: 21KB - Virtual size: 21KB

_RDATA Size: 512B - Virtual size: 244B

.hkshare Size: 19KB - Virtual size: 19KB

.BANDI0 Size: 1.5MB - Virtual size: 1.5MB

.reloc Size: 488KB - Virtual size: 488KB

.rsrc Size: 1KB - Virtual size: 1KB

Password: 1234

.text
Size: 145KB - Virtual size: 145KB

.rdata
Size: 40KB - Virtual size: 39KB

.data
Size: 5KB - Virtual size: 8KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 232B

.reloc
Size: 7KB - Virtual size: 6KB

.BSS
Size: 325KB - Virtual size: 325KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

.text
Size: 470KB - Virtual size: 470KB

.rdata
Size: 18.6MB - Virtual size: 18.6MB

.data
Size: 51KB - Virtual size: 108KB

.pdata
Size: 21KB - Virtual size: 21KB

_RDATA
Size: 512B - Virtual size: 244B

.hkshare
Size: 19KB - Virtual size: 19KB

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 488KB - Virtual size: 488KB

.rsrc
Size: 1KB - Virtual size: 1KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

2b:a6:c4:5d:89:3d:d6:84:39:24:c3:1c:64:96:fd:b3:9c:32:c2:e5:8f:2e:e8:88:91:c1:04:07:e5:37:7d:0d
Signer

37:53:c8:d3:b5:81:cb:4f:5f:69:2b:34:cd:ce:14:1b:85:9a:4e:85
Signer

.text
Size: 470KB - Virtual size: 470KB

.rdata
Size: 18.6MB - Virtual size: 18.6MB

.data
Size: 51KB - Virtual size: 108KB

.pdata
Size: 21KB - Virtual size: 21KB

_RDATA
Size: 512B - Virtual size: 244B

.hkshare
Size: 19KB - Virtual size: 19KB

.BANDI0
Size: 1.5MB - Virtual size: 1.5MB

.reloc
Size: 488KB - Virtual size: 488KB

.rsrc
Size: 1KB - Virtual size: 1KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:ee:6b:b1:7d:06:13:6b:a5:92:d6:aa:c7:fc:a6:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate