privateloader | 25_W-2_1040_CLARA[.]pd-f_Release_6571[.]zip

Sharing

Copy URL

Twitter E-mail

General

Target

25_W-2_1040_CLARA.pd-f_Release_6571.zip
Size

167.8MB
MD5

d582cacecba5c76601371c032b969974
SHA1

6a264919104e8682952a0578e34a3ab76c9a2913
SHA256

259d5f3084e06b0e59cf9bf0b37f0e19d334fdfea48dd851ef6bc3a101193927
SHA512

5763477acb1a506d8423e3900877e2f881cc84e2e9aeb96ba07b1c65dab9cb601812efe281ab0cd67d2966d974fe897d5a0fca7d6aeb5c1a1e76db5d1dfe0684
SSDEEP

3145728:QU+HgXaRpS7bu6S8adWx6wm/IA1wT830go1tO8ilIXGPu6HyUzwBz:UgXa7yjadWcwKR1wT830go7O8iVPwd

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/msimg32.dll

Files

25_W-2_1040_CLARA.pd-f_Release_6571.zip
.zip
25' W-2 1040 CLARAS.pdf.exe
.exe windows:5 windows x86 arch:x86

e456fbce099e309bfeaff191fcf3b1ee

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

15-06-2016 00:00

Not After

15-06-2024 00:00

Subject

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageOCSPSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6a:e1:85:c2:92:81:e4:14:ea:62:0e:1d
Certificate

Issuer

CN=GlobalSign CodeSigning CA - SHA256 - G3,O=GlobalSign nv-sa,C=BE

Not Before

13-11-2017 16:48

Not After

13-02-2021 16:48

Subject

CN=Haihaisoft Limited,O=Haihaisoft Limited,L=Hong Kong,ST=Hong Kong,C=HK,1.2.840.113549.1.9.1=#0c156a6f7365706840686169686169736f66742e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

40:cb:42:89:5c:3e:74:94:26:97:ad:2f
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

24-01-2017 10:00

Not After

24-02-2028 10:00

Subject

CN=GlobalSign TSA for Advanced - G3 - 001-02,O=GMO GlobalSign K.K.,C=JP

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02-08-2011 10:00

Not After

29-03-2029 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18-03-2009 10:00

Not After

18-03-2029 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

20:3e:9f:9c:65:a4:62:ce:88:5d:59:c6:1d:1c:ac:b2:d0:fa:2e:e7
Signer

Actual PE Digest

20:3e:9f:9c:65:a4:62:ce:88:5d:59:c6:1d:1c:ac:b2:d0:fa:2e:e7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\sumatrapdf\hpreader-windows-standard\hpreader\Release\hpreader.pdb

Imports

wininet

HttpOpenRequestW
HttpQueryInfoW
InternetConnectW
FtpCommandA
FtpFindFirstFileA
HttpEndRequestW
InternetWriteFile
HttpSendRequestExA
InternetQueryOptionW
HttpSendRequestA
InternetGetCookieA
InternetGetLastResponseInfoW
InternetConnectA
HttpQueryInfoA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetSetOptionW
InternetOpenA
InternetCreateUrlA
InternetCrackUrlA
InternetCanonicalizeUrlA
InternetReadFile
InternetOpenUrlW
HttpOpenRequestA
InternetOpenW

gdiplus

GdipGetImageWidth
GdipInvertMatrix
GdipCloneImage
GdipDeleteMatrix
GdipSaveImageToFile
GdipTransformMatrixPoints
GdipCreateHBITMAPFromBitmap
GdipGetImageEncoders
GdipRotateMatrix
GdipDisposeImage
GdipGetImageEncodersSize
GdipTranslateMatrix
GdipDrawImageI
GdipGetImageVerticalResolution
GdipSetWorldTransform
GdipSetClipRectI
GdipCreateMatrix
GdipCreateBitmapFromStream
GdipGetImageHeight
GdipScaleMatrix
GdipCloneBitmapAreaI
GdipGetImageHorizontalResolution
GdipCreateBitmapFromStreamICM
GdipFillEllipseI
GdipCreatePen1
GdipDrawLineI
GdipFillRectangleI
GdipSetCompositingQuality
GdipCreateFromHDC
GdipSetPageUnit
GdipAlloc
GdipCreateSolidFill
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCloneBrush
GdipDeletePen
GdipFree
GdiplusShutdown
GdipDeleteBrush
GdipSetPenDashOffset
GdipSetPenLineJoin
GdipSetPixelOffsetMode
GdipCreatePath
GdipCloneFontFamily
GdipRestoreGraphics
GdipBitmapLockBits
GdipStringFormatGetGenericTypographic
GdipSetInterpolationMode
GdipGetCellAscent
GdipFillPath
GdipCreateFontFamilyFromName
GdipCreateRegion
GdipDeletePrivateFontCollection
GdipFillRectangle
GdipTranslateWorldTransform
GdipSetCompositingMode
GdipGetWorldTransform
GdipNewPrivateFontCollection
GdipDrawString
GdipCreateImageAttributes
GdipGetGenericFontFamilySansSerif
GdipClonePath
GdipDeleteRegion
GdipTransformPath
GdipGetClipBoundsI
GdipDeletePath
GdipCreateRegionPath
GdipCreateFont
GdipCreateMatrix2
GdipSaveGraphics
GdiplusStartup
GdipDisposeImageAttributes
GdipBitmapUnlockBits
GdipIsStyleAvailable
GdipSetClipRegion
GdipGetFontCollectionFamilyList
GdipCreatePath2
GdipSetImageAttributesColorMatrix
GdipDrawImageRectRectI
GdipGetEmHeight
GdipAddPathPath
GdipFillPolygon
GdipPrivateAddFontFile
GdipGetFamilyName
GdipDrawImagePointsRect
GdipSetTextRenderingHint
GdipSetPageScale
GdipDrawPath
GdipGetClip
GdipDeleteFont
GdipCreateBitmapFromScan0
GdipGetDpiY
GdipSetPenDashArray
GdipGetImageGraphicsContext
GdipDrawImageRectI
GdipGetFontCollectionFamilyCount
GdipGetMatrixElements
GdipTransformRegion
GdipCreateRegionRectI
GdipGetRegionBounds
GdipSetPenLineCap197819
GdipWidenPath
GdipCreatePen2
GdipDeleteFontFamily
GdipSetPenMiterLimit

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

WaitForMultipleObjects
QueryPerformanceCounter
SetThreadExecutionState
QueryPerformanceFrequency
GetSystemTime
GetTickCount
CreateFileA
GetFileSize
SetFilePointer
ReadFile
LocalFree
FormatMessageW
SetLastError
GetVersionExA
GetModuleHandleW
lstrcmpW
LoadLibraryA
CompareStringW
GlobalFindAtomW
FreeResource
GetModuleFileNameW
MoveFileW
GetThreadLocale
WriteFile
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
FileTimeToLocalFileTime
GetFileAttributesExW
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
InterlockedExchange
CompareStringA
LoadLibraryExW
lstrcmpA
EnumResourceLanguagesW
ConvertDefaultLocale
WritePrivateProfileStringW
ResetEvent
GlobalGetAtomNameW
RaiseException
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
lstrlenA
GlobalFlags
SetErrorMode
GetSystemDirectoryW
GetStartupInfoW
HeapAlloc
HeapFree
UnhandledExceptionFilter
IsDebuggerPresent
ExitProcess
GetDriveTypeW
HeapReAlloc
RtlUnwind
VirtualProtect
VirtualAlloc
HeapSize
GetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapCreate
VirtualFree
GetCPInfo
GetOEMCP
IsValidCodePage
GetConsoleCP
GetConsoleMode
LCMapStringW
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetFileAttributesA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
SetCurrentDirectoryA
GetTimeZoneInformation
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateProcessA
GetProcessHeap
FreeEnvironmentStringsA
GetEnvironmentStrings
SetEnvironmentVariableA
GetDriveTypeA
GetFullPathNameA
GetLongPathNameW
AllocConsole
CreateProcessW
SetConsoleScreenBufferSize
GetConsoleScreenBufferInfo
GetVersion
InterlockedCompareExchange
CreateDirectoryA
FindFirstFileA
FindNextFileA
DeleteFileA
IsDBCSLeadByte
SetFileAttributesA
DeviceIoControl
lstrcpynW
GetWindowsDirectoryW
GetOverlappedResult
ReadDirectoryChangesW
ResumeThread
SuspendThread
GetCurrentProcessId
Module32NextW
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
GetSystemInfo
Module32FirstW
GlobalMemoryStatusEx
OpenThread
CreateFileW
Thread32Next
GetVersionExW
Thread32First
FormatMessageA
GetCurrentThread
SetEvent
SetUnhandledExceptionFilter
VirtualQuery
GetLocaleInfoA
GetThreadContext
GetLogicalDrives
GetShortPathNameW
GetTempPathW
GetExitCodeProcess
GetTempFileNameW
GetEnvironmentVariableW
GetUserDefaultUILanguage
GetTimeFormatW
GetLocaleInfoW
GetDateFormatW
DeleteCriticalSection
CreateEventW
EnterCriticalSection
GetPrivateProfileIntW
LeaveCriticalSection
InitializeCriticalSection
GetPrivateProfileStringW
GetSystemTimeAsFileTime
GetCommandLineW
GlobalAddAtomW
GlobalDeleteAtom
GlobalUnlock
WaitForSingleObject
GetProfileStringW
GlobalLock
InterlockedIncrement
MulDiv
InterlockedDecrement
FreeLibrary
GetProcAddress
LoadLibraryW
GetCurrentProcess
lstrcatW
lstrcpyW
QueryDosDeviceW
lstrcmpiW
GetLogicalDriveStringsW
GlobalFree
GlobalAlloc
TerminateProcess
OpenProcess
TerminateThread
GetACP
WideCharToMultiByte
SetFileAttributesW
CreateDirectoryW
FileTimeToSystemTime
lstrlenW
Sleep
SystemTimeToFileTime
GetLocalTime
FindClose
DeleteFileW
FindResourceW
LoadResource
LockResource
SizeofResource
FindNextFileW
FindFirstFileW
Process32NextW
Process32FirstW
GetLastError
CreateToolhelp32Snapshot
CreateThread
MultiByteToWideChar
CloseHandle
MoveFileA

user32

SetWindowTextW
IsWindowEnabled
GetWindowThreadProcessId
CharUpperW
GetNextDlgTabItem
CreateDialogIndirectParamW
GetActiveWindow
GetDesktopWindow
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
MapDialogRect
SetWindowContextHelpId
RegisterClipboardFormatW
ValidateRect
TranslateMessage
GetMessageW
ShowOwnedPopups
LoadMenuW
TranslateAcceleratorW
BringWindowToTop
SetRectEmpty
InsertMenuItemW
LoadAcceleratorsW
InflateRect
GetSysColorBrush
GetMenuItemInfoW
UnregisterClassW
CharNextW
CopyAcceleratorTableW
IsRectEmpty
SetRect
InvalidateRgn
PostThreadMessageW
MonitorFromWindow
OemToCharA
CharToOemA
CharLowerA
CharUpperA
CharToOemBuffW
OemToCharBuffA
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
EqualRect
DeferWindowPos
GetDlgCtrlID
CopyRect
PtInRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindow
GetMenuState
GetMenuItemCount
GetSubMenu
IsCharAlphaNumericW
wsprintfA
GetMonitorInfoW
MonitorFromRect
FindWindowExW
LoadImageW
GetNextDlgGroupItem
ClientToScreen
SetWindowRgn
DrawFocusRect
OffsetRect
DrawEdge
WindowFromPoint
HideCaret
ShowCaret
SetClassLongW
PostQuitMessage
IsZoomed
IsDialogMessageW
TrackMouseEvent
IsCharUpperW
CharLowerW
GetForegroundWindow
GetScrollInfo
LoadBitmapW
ShowScrollBar
GetCursor
IsWindowVisible
UnregisterHotKey
SetScrollInfo
GetScrollPos
DialogBoxIndirectParamW
DialogBoxParamW
EndDialog
SendDlgItemMessageW
CheckDlgButton
IsDlgButtonChecked
CheckRadioButton
SetDlgItemTextW
SetActiveWindow
CloseClipboard
SetCapture
GetCapture
EmptyClipboard
OpenClipboard
ReleaseCapture
SetClipboardData
PostMessageW
ReuseDDElParam
MessageBeep
UnpackDDElParam
GetDlgItem
EndPaint
SetCursor
ScreenToClient
DrawTextW
BeginPaint
GetDC
ReleaseDC
GetSysColor
SetWindowPos
GetCursorPos
DrawFrameControl
GetMenuItemID
GetParent
ModifyMenuW
CheckMenuRadioItem
SetMenu
InsertMenuW
CheckMenuItem
GetMenu
DrawIcon
GetSystemMetrics
IsIconic
FillRect
wsprintfW
MoveWindow
SetParent
IsWindow
FindWindowW
DestroyWindow
GetWindowRect
TrackPopupMenu
SetForegroundWindow
CreateMenu
SetFocus
GetWindowLongW
AppendMenuW
EnableMenuItem
SetWindowLongW
RedrawWindow
CreatePopupMenu
RemoveMenu
MapWindowPoints
DestroyMenu
SetMenuItemInfoW
CallWindowProcW
GetMessagePos
RegisterClassExW
LoadIconW
CreateWindowExW
UpdateWindow
DefWindowProcW
EnableWindow
InvalidateRect
KillTimer
GetFocus
SetTimer
RegisterHotKey
ShowWindow
SystemParametersInfoW
GetWindowDC
GrayStringW
DrawTextExW
TabbedTextOutW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
SendMessageW
LoadCursorW
GetClientRect
GetWindowTextLengthW
GetWindowTextW
GetLastActivePopup
DispatchMessageW
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
GetKeyState
GetClassInfoExW
MessageBoxW

gdi32

GetObjectW
BitBlt
GetPixel
CreateRectRgn
CombineRgn
CreateDIBitmap
GetClipBox
SaveDC
RestoreDC
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
CreateCompatibleBitmap
ScaleWindowExtEx
LineTo
ExtSelectClipRgn
CreatePatternBrush
CreateBitmap
CreateRectRgnIndirect
GetMapMode
GetBkColor
GetTextColor
GetRgnBox
Rectangle
StretchBlt
GetDIBits
SelectClipRgn
SetDIBits
CreateCompatibleDC
ExcludeClipRect
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
CreateRoundRectRgn
CreatePen
RoundRect
GetStockObject
EndPage
StartPage
DeleteDC
CreateDCW
SetMapMode
StartDocW
EndDoc
AbortDoc
SetTextColor
CreateFontIndirectW
GetDeviceCaps
SetBkColor
SetBkMode
SelectObject
CreateSolidBrush
DeleteObject
GetTextExtentPoint32W
CreateFontW
SetWindowExtEx
FloodFill
MoveToEx

msimg32

AlphaBlend

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgExW
GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ord203
ClosePrinter

advapi32

RegOpenKeyExW
SetFileSecurityA
SetFileSecurityW
RegQueryValueExW
RegDeleteValueW
RegQueryValueExA
RegSetKeySecurity
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegQueryValueW
RegDeleteKeyW
RegOpenKeyW
RegEnumKeyW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
RegSetValueExW
RegCreateKeyExW

shell32

SHGetFileInfoW
SHChangeNotify
SHAddToRecentDocs
DragQueryFileW
DragFinish
SHGetFolderPathW
SHGetDesktopFolder
ShellExecuteExW
SHBindToParent
DragAcceptFiles
SHGetSpecialFolderPathW
ShellExecuteW

comctl32

InitCommonControlsEx
CreatePropertySheetPageW
_TrackMouseEvent
ImageList_Draw

shlwapi

StrStrW
StrRStrIW
StrStrIW
PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFindExtensionW
SHDeleteKeyW
PathAppendW
SHSetValueW
PathIsRelativeW

oledlg

OleUIBusyW

ole32

CoSetProxyBlanket
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
CreateStreamOnHGlobal
CoCreateGuid
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysStringLen
VariantClear
VariantInit
SysAllocString
SysAllocStringLen
VariantChangeType
VariantCopy
DispCallFunc
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayCreate
SafeArrayDestroy
VariantTimeToSystemTime
SystemTimeToVariantTime
OleCreateFontIndirect
SysFreeString

psapi

EnumProcesses
GetProcessImageFileNameW

ws2_32

closesocket
recv
gethostname
gethostbyname
WSAStartup
socket
htons
bind
listen
WSAGetLastError
accept
send
connect

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 399KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
YTx CLARA W-2
msimg32.dll
.dll regsvr32 windows:6 windows x86 arch:x86

7da6210aa5071f46c0f459e8e1faf1e8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Development\pdfxchange\Editor\_build\Release.Win32\PDFXEditCore.x86.pdb

Imports

kernel32

SleepConditionVariableCS
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
InitializeConditionVariable
GetFileInformationByHandleEx
GetLocaleInfoEx
VirtualProtect
VirtualQuery
CreateThread
ExitThread
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEndOfFile
GetEnvironmentVariableW
GetNativeSystemInfo
GetExitCodeThread
SwitchToThread
TryAcquireSRWLockExclusive
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
LoadLibraryExA
FlushInstructionCache
InterlockedPopEntrySList
GetUserDefaultUILanguage
MoveFileExW
GetComputerNameW
WritePrivateProfileStringW
GetPrivateProfileIntW
CompareStringEx
LockResource
FindResourceExW
OutputDebugStringA
LocaleNameToLCID
SystemTimeToTzSpecificLocalTime
K32EnumProcesses
OpenProcess
GetProcessIdOfThread
OpenThread
CreateSemaphoreW
OpenSemaphoreW
ReleaseSemaphore
GetTimeZoneInformation
CreateHardLinkW
GetTickCount64
GetOverlappedResult
VerifyVersionInfoW
GetVersionExW
VerSetConditionMask
UnlockFileEx
LockFileEx
GetFileAttributesExW
CompareFileTime
lstrcpyW
ProcessIdToSessionId
WaitNamedPipeW
TerminateThread
GetProcessTimes
CopyFileW
lstrcatW
GetFileSize
SetThreadExecutionState
WaitForThreadpoolWorkCallbacks
InitOnceComplete
InitOnceBeginInitialize
GetThreadPreferredUILanguages
GetProcessPreferredUILanguages
GetUserDefaultLangID
GlobalFlags
GetWindowsDirectoryW
LocalAlloc
GetShortPathNameA
GetSystemDirectoryW
GetTimeZoneInformationForYear
GetProcessHandleCount
HeapCompact
GetCalendarInfoW
DebugBreak
ResolveLocaleName
RtlCaptureContext
GetSystemTimeAdjustment
K32GetProcessMemoryInfo
lstrcmpiA
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalReAlloc
SetFileTime
GetShortPathNameW
GetDiskFreeSpaceExW
CopyFileExW
SetFileAttributesW
CreateSemaphoreA
CreateEventA
LoadLibraryA
FindNextFileA
FindFirstFileA
lstrcpyA
IsBadReadPtr
IsBadWritePtr
SetThreadPriority
GetDateFormatEx
GetTimeFormatEx
FreeResource
CreateMutexW
RemoveDirectoryW
CreateDirectoryW
GetComputerNameExW
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
QueueUserAPC
DuplicateHandle
LocalFileTimeToFileTime
CancelIo
CancelIoEx
GetLocaleInfoA
TryAcquireSRWLockShared
AcquireSRWLockShared
ReleaseSRWLockShared
EnumSystemLocalesEx
CreateFileMappingW
GetFileTime
GetNumberFormatW
SignalObjectAndWait
GetExitCodeProcess
GetHandleInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
K32GetProcessImageFileNameW
GlobalFree
GlobalSize
TzSpecificLocalTimeToSystemTime
lstrcmpW
GetLongPathNameW
ExpandEnvironmentStringsW
WaitForMultipleObjects
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
lstrcpynW
SystemTimeToFileTime
SetThreadPreferredUILanguages
GlobalAddAtomW
lstrlenA
LoadLibraryW
GetTickCount
GetLocalTime
GetSystemTime
GlobalMemoryStatusEx
Sleep
TryEnterCriticalSection
SetCriticalSectionSpinCount
QueryPerformanceFrequency
SetFilePointer
GetTempFileNameW
GetFullPathNameW
GetFileAttributesW
FindFirstFileW
DeleteFileW
MulDiv
GlobalLock
GlobalUnlock
GlobalAlloc
HeapDestroy
WriteConsoleW
CreateFileW
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleOutputCP
WriteFile
FlushFileBuffers
SetStdHandle
SetFilePointerEx
GetFileSizeEx
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetTempPathW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
GetFileType
GetStdHandle
HeapSize
GetCurrentThread
GetModuleHandleExW
ExitProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
OutputDebugStringW
IsDebuggerPresent
GetVersionExA
GetCurrentProcess
CreateFileMappingA
lstrlenW
UnmapViewOfFile
MapViewOfFile
GetSystemInfo
GetCurrentThreadId
GetCurrentProcessId
CreateMutexA
WaitForSingleObject
ReleaseMutex
InitializeCriticalSectionAndSpinCount
CloseHandle
WideCharToMultiByte
FormatMessageW
FormatMessageA
LocalFree
GetModuleHandleA
InitializeCriticalSection
VirtualFree
VirtualAlloc
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
lstrcmpA
SetCurrentDirectoryA
GetCurrentDirectoryA
GetModuleFileNameA
SetThreadLocale
GetThreadLocale
MultiByteToWideChar
lstrcmpiW
LCMapStringEx
SleepConditionVariableSRW
WakeAllConditionVariable
GetSystemDefaultLCID
FindResourceW
SizeofResource
LoadResource
LoadLibraryExW
CreateProcessW
GetProcAddress
GetModuleHandleW
WakeConditionVariable
GetModuleFileNameW
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
EncodePointer
FreeLibraryAndExitThread
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer

user32

SetWindowRgn
InvalidateRect
GetClientRect
IntersectRect
UnionRect
OffsetRect
EqualRect
PtInRect
GetWindowLongW
SetWindowLongW
GetParent
LoadCursorW
RegisterWindowMessageW
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
ReleaseDC
GetDC
GetKeyState
GetFocus
SetFocus
SetWindowPos
ShowWindow
DestroyWindow
IsChild
IsWindow
EndPaint
GetClassInfoExW
BroadcastSystemMessageW
PostMessageW
PostQuitMessage
GetDialogBaseUnits
GetProcessDefaultLayout
wsprintfA
GetWindowDC
CharNextExA
DrawTextW
GetTitleBarInfo
CharLowerBuffA
CharLowerW
EnumWindows
AllowSetForegroundWindow
IsCharAlphaNumericW
IsCharAlphaW
GetCaretBlinkTime
GetClassNameW
GetSysColor
ScreenToClient
ClientToScreen
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
RegisterClassExW
CallWindowProcW
DefWindowProcW
CreateWindowExW
wsprintfW
CharNextW
UnregisterClassW
BeginPaint
RedrawWindow
DestroyAcceleratorTable
CreateAcceleratorTableW
GetDlgItem
MoveWindow
SetCapture
GetCursorInfo
GetKeyboardState
FillRect
SetCursor
SetCursorPos
GetUpdateRect
UpdateWindow
GetDoubleClickTime
SendMessageW
MessageBoxW
GetCursorPos
GetGUIThreadInfo
EnableWindow
SetLayeredWindowAttributes
IsRectEmpty
MapWindowPoints
MsgWaitForMultipleObjects
GetWindowThreadProcessId
GetDesktopWindow
IsClipboardFormatAvailable
RegisterClipboardFormatW
GetClipboardData
SetClipboardData
ChangeClipboardChain
SetClipboardViewer
SendMessageTimeoutW
ScrollDC
InvalidateRgn
GetUpdateRgn
PostThreadMessageW
KillTimer
SetTimer
PrivateExtractIconsW
ReleaseCapture
mouse_event
SetRect
GetAncestor
GetWindow
SetPropW
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
InsertMenuW
DestroyMenu
CreatePopupMenu
GetWindowPlacement
CopyRect
GetWindowRect
EmptyClipboard
CloseClipboard
OpenClipboard
GetMessageTime
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
MonitorFromPoint
SystemParametersInfoW
DestroyIcon
LoadIconW
IsGUIThread
MessageBeep
GetPropW
SetForegroundWindow
LoadImageW
wvsprintfA
GetIconInfo
SetParent
DialogBoxParamW
DialogBoxIndirectParamW
EndDialog
LoadMenuW
GetSubMenu
TrackPopupMenuEx
InflateRect
GetClassLongW
CheckMenuRadioItem
DrawIconEx
GetDlgCtrlID
SetMenuDefaultItem
GetSysColorBrush
CharUpperBuffA
UpdateLayeredWindow
ValidateRgn
AdjustWindowRectEx
SetWinEventHook
UnhookWinEvent
ToUnicodeEx
GetKeyboardLayout
EndDeferWindowPos
WindowFromPoint
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
DestroyCursor
GetKeyNameTextW
MapVirtualKeyExW
GetWindowRgn
IsZoomed
GetMenuStringW
GetMenuState
GetSystemMenu
EnableMenuItem
GetMenuItemID
GetMenuItemCount
GetMessageExtraInfo
WaitForInputIdle
DrawAnimatedRects
EnumChildWindows
FindWindowW
CopyIcon
BringWindowToTop
RemovePropW
SetGestureConfig
GetMessagePos
GetCursor
CreateIconIndirect
GetKeyboardLayoutList
ShowCursor
CreateCaret
DestroyCaret
HideCaret
ShowCaret
SetCaretPos
GetDCEx
MapVirtualKeyW
GetGuiResources
RegisterClassW
GetMenu
GetSystemMetrics
IsWindowEnabled
GetCapture
GetAsyncKeyState
GetActiveWindow
CharLowerBuffW
CharUpperBuffW
CharUpperW
IsIconic
IsWindowVisible
FlashWindowEx

advapi32

CryptVerifySignatureW
CryptDestroyHash
CryptCreateHash
CryptSetProvParam
CryptSetHashParam
CryptDestroyKey
SetSecurityDescriptorDacl
DuplicateTokenEx
CreateProcessAsUserW
RegCreateKeyTransactedW
LsaLookupNames2
LsaOpenPolicy
LsaClose
LsaFreeMemory
InitializeSecurityDescriptor
RegRenameKey
CryptAcquireContextW
OpenProcessToken
CheckTokenMembership
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegSetValueExW
FreeSid
RegOpenKeyW
GetUserNameW
SetTokenInformation
SystemFunction036
CryptGenKey
CryptGenRandom
CryptGetUserKey
CryptHashData
ConvertStringSidToSidW
OpenThreadToken
CopySid
GetLengthSid
GetSidIdentifierAuthority
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
IsValidSid
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegQueryValueExW
RegEnumValueW
RegOpenKeyExA
AllocateAndInitializeSid
RegSetKeySecurity
RegDeleteTreeW
RegQueryValueExA
CryptReleaseContext
CryptGetHashParam
RegGetValueW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoMarshalInterface
IIDFromString
CoUninitialize
CoInitializeEx
CoGetApartmentType
OleCreate
CoReleaseMarshalData
DoDragDrop
RegisterDragDrop
OleDuplicateData
ReleaseStgMedium
RevokeDragDrop
CoInitializeSecurity
CoFreeUnusedLibraries
HGLOBAL_UserSize
HGLOBAL_UserMarshal
HGLOBAL_UserUnmarshal
HGLOBAL_UserFree
HWND_UserSize
HWND_UserMarshal
HWND_UserUnmarshal
HWND_UserFree
GetHGlobalFromStream
OleLockRunning
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
CoGetClassObject
CreateStreamOnHGlobal
CoWaitForMultipleHandles
CoSetProxyBlanket
OleUninitialize
OleInitialize
OleRegEnumVerbs
OleRegGetMiscStatus
OleRegGetUserType
CreateOleAdviseHolder
OleSaveToStream
CoRevokeInitializeSpy
CoGetCallerTID
CreateDataAdviseHolder
WriteClassStm
ReadClassStm
StringFromGUID2
CoCreateInstance
OleRun
PropVariantClear
CoInitialize
OleSetContainedObject
CoCreateGuid
CoRegisterClassObject
CoRevokeClassObject
CoRegisterPSClsid
CoRegisterInitializeSpy

oleaut32

SafeArrayCopy
SafeArrayGetVartype
VariantCopyInd
DispCallFunc
OleCreateFontIndirect
VarBstrCmp
SysStringByteLen
SysAllocStringByteLen
VariantInit
SafeArrayRedim
VariantCopy
GetErrorInfo
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SafeArrayUnlock
SysAllocStringLen
SysAllocString
SafeArrayDestroy
SafeArrayCreate
SystemTimeToVariantTime
SysFreeString
OleCreatePropertyFrame
LoadRegTypeLi
VariantChangeType
VariantClear
LHashValOfNameSys
LoadTypeLibEx
VarUdateFromDate
VariantTimeToSystemTime
VarBstrCat
SafeArrayCreateVector
VarDecCmp
SafeArrayLock
SafeArrayGetUBound
SysStringLen
SafeArrayGetLBound
VarDecFromStr
VarDateFromStr
VarR8FromStr
VarI4FromStr
SafeArrayUnaccessData
SafeArrayAccessData

shlwapi

PathRemoveFileSpecW
PathRelativePathToW
StrCmpLogicalW
PathIsPrefixW
PathFindExtensionW
PathIsURLW
StrToIntExW
StrStrIA
AssocQueryStringW
StrChrW
StrCmpW
UrlIsW
PathCombineW
SHCreateStreamOnFileW
PathUnExpandEnvStringsW
StrToIntW
StrCmpNIW
PathIsRelativeW
StrStrW
ord156
PathMatchSpecW
UrlCombineW
StrStrNIW
SHDeleteKeyW
StrRStrIW
PathCanonicalizeW
StrStrIW
ColorHLSToRGB
ColorRGBToHLS
StrCpyNW
PathCanonicalizeA
StrFormatByteSizeW
PathGetCharTypeW
PathCreateFromUrlW
StrChrIW
UrlUnescapeW
UrlEscapeW
ord354
PathIsRelativeA
StrRChrA
wnsprintfA
wnsprintfW
PathFileExistsW
StrRChrW

winmm

PlaySoundW
waveOutReset
waveOutWrite
waveOutPrepareHeader
sndPlaySoundW
timeBeginPeriod
waveOutOpen
timeEndPeriod
waveOutClose

ws2_32

gethostbyname
WSAGetLastError
send
select
recv
htons
connect
setsockopt
WSACleanup
bind
closesocket
getsockname
htonl
ntohs
socket
WSAStartup

wininet

InternetConnectW
HttpQueryInfoW
InternetWriteFile
InternetQueryDataAvailable
InternetOpenW
FtpFindFirstFileW
FtpPutFileW
FtpDeleteFileW
InternetFindNextFileW
FtpRenameFileW
InternetCloseHandle
InternetAttemptConnect
InternetSetCookieW
InternetQueryOptionW
InternetReadFile
FtpCreateDirectoryW
FtpRemoveDirectoryW
InternetSetOptionW
HttpQueryInfoA
InternetCrackUrlW
InternetGetLastResponseInfoW
InternetSetStatusCallbackW
FtpOpenFileW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestW
HttpSendRequestExW
HttpEndRequestW
InternetErrorDlg

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

gdi32

ExtTextOutW
AddFontMemResourceEx
RemoveFontMemResourceEx
CombineRgn
GetBkColor
GetClipBox
GetRegionData
GetRgnBox
OffsetRgn
SetRectRgn
CreateSolidBrush
SetBkColor
ResetDCW
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetStockObject
SelectObject
GetObjectW
CreateFontIndirectW
PolyBezierTo
MoveToEx
ExtCreatePen
WidenPath
StrokePath
SetMiterLimit
SelectClipPath
CloseFigure
AbortDoc
EndPage
StartPage
EndDoc
StartDocW
ModifyWorldTransform
SetWorldTransform
LineTo
GetObjectType
GdiGetBatchLimit
GdiSetBatchLimit
SetViewportExtEx
GetWorldTransform
PlayEnhMetaFileRecord
EnumEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
SetMetaFileBitsEx
PlayMetaFile
GetWindowExtEx
GetViewportExtEx
CreateFontW
SetBkMode
SetTextColor
GetTextAlign
GetBkMode
GetDCPenColor
GetDCBrushColor
SetTextAlign
SelectClipRgn
Rectangle
GetClipRgn
DeleteObject
CreateRectRgn
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
LPtoDP
SetMapMode
SaveDC
RestoreDC
GetDeviceCaps
DeleteMetaFile
DeleteDC
CreateRectRgnIndirect
CreateMetaFileW
CreateDCW
CloseMetaFile
CreateDIBSection
CreatePen
Ellipse
SetPolyFillMode
BeginPath
EndPath
FillPath
SetArcDirection
Polygon
GetBitmapBits
CreateBitmap
GetRandomRgn
GetTextExtentPoint32W
ExtSelectClipRgn
TextOutW
GetTextColor
GetPixel
GetICMProfileW
AddFontResourceExW
RemoveFontResourceExW
IntersectClipRect
TranslateCharsetInfo
CreateICW
ExtEscape
EnumFontFamiliesExW
GetFontData
GetOutlineTextMetricsW
SetGraphicsMode
GetTextMetricsW
CreatePalette
GetDIBits
GetMetaFileBitsEx
RealizePalette
SelectPalette
SetDIBitsToDevice
StretchBlt
StretchDIBits
GetEnhMetaFileBits
PlayEnhMetaFile
DPtoLP
GdiFlush
GetEnhMetaFileHeader
SetEnhMetaFileBits
SetWinMetaFileBits
DeleteEnhMetaFile
SetStretchBltMode
CopyEnhMetaFileW
ExcludeClipRect
GetGlyphOutlineW
GetCharacterPlacementW
GetGlyphIndicesW
GetCharWidthI
GetCharABCWidthsI
GetKerningPairsW
GetFontLanguageInfo
PtInRegion
FrameRgn

comdlg32

CommDlgExtendedError
PageSetupDlgW
GetOpenFileNameW
GetSaveFileNameW

shell32

CommandLineToArgvW
SHFileOperationW
ShellExecuteW
ExtractIconExW
SHChangeNotify
SHGetFolderPathW
DragQueryFileW
SHGetFileInfoW
SHCreateItemFromParsingName
GetCurrentProcessExplicitAppUserModelID
SHGetMalloc
ord28
ord727
SHGetSpecialFolderLocation
SHGetDesktopFolder
SHGetPathFromIDListW
SHBrowseForFolderW
SHAppBarMessage
Shell_NotifyIconW
ShellExecuteExW

ntdll

NtWaitForKeyedEvent
NtReleaseKeyedEvent
NtCreateKeyedEvent

comctl32

ImageList_LoadImageW
_TrackMouseEvent

uxtheme

GetThemeInt
IsThemeActive
DrawThemeBackground
OpenThemeData
CloseThemeData
DrawThemeParentBackground
SetWindowTheme

usp10

ScriptIsComplex
ScriptPlace
ScriptString_pLogAttr
ScriptStringFree
ScriptStringAnalyse
ScriptGetFontProperties
ScriptGetProperties
ScriptShape
ScriptBreak
ScriptGetLogicalWidths
ScriptFreeCache
ScriptLayout
ScriptItemize

imm32

ImmGetContext
ImmReleaseContext
ImmGetCompositionStringW
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmGetProperty

setupapi

SetupDiGetClassDevsW
CM_Get_Device_IDW
SetupDiEnumDeviceInfo

crypt32

CertOpenSystemStoreW
CryptVerifyDetachedMessageSignature
CryptVerifyMessageSignature
CryptAcquireCertificatePrivateKey
CryptImportPublicKeyInfo
CertOIDToAlgId
CertFreeCertificateContext
CertCreateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CryptMsgGetParam
CryptMsgUpdate
CryptMsgClose
CryptMsgOpenToDecode
CertCreateContext
CryptMsgCalculateEncodedLength
CertGetCertificateContextProperty
CertDuplicateStore
CryptHashCertificate
CertVerifyTimeValidity
CertFindExtension
CertCloseServerOcspResponse
CertOpenServerOcspResponse
PFXImportCertStore
CertFreeCertificateChain
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptSignMessage
CertGetNameStringW
CertGetIntendedKeyUsage
CryptDecodeObject
CryptDecodeObjectEx
CertNameToStrW
CertDuplicateCertificateContext
CertFreeServerOcspResponseContext
CryptMsgOpenToEncode
CertVerifyRevocation
CryptFindOIDInfo
CertCompareCertificate
CertGetServerOcspResponseContext
CryptEncodeObjectEx
CryptEncodeObject
CryptMsgControl
CertSetCertificateContextProperty
CertAddEncodedCertificateToStore
CryptSignAndEncodeCertificate
CryptExportPublicKeyInfo
PFXExportCertStore
CertGetEnhancedKeyUsage

Exports

Exports

AlphaBlend
DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer
AlphaBlend
PXV_GetInstance
AlphaBlend

Sections

.text
Size: 39.9MB - Virtual size: 39.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 404KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e456fbce099e309bfeaff191fcf3b1ee

Code Sign

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cdCertificate

Extended Key Usages

Key Usages

6a:e1:85:c2:92:81:e4:14:ea:62:0e:1dCertificate

Extended Key Usages

Key Usages

40:cb:42:89:5c:3e:74:94:26:97:ad:2fCertificate

Extended Key Usages

Key Usages

04:00:00:00:00:01:31:89:c6:50:04Certificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

20:3e:9f:9c:65:a4:62:ce:88:5d:59:c6:1d:1c:ac:b2:d0:fa:2e:e7Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

gdiplus

version

kernel32

user32

gdi32

msimg32

comdlg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oledlg

ole32

oleaut32

psapi

ws2_32

Sections

.text Size: 2.8MB - Virtual size: 2.8MB

.rdata Size: 2.7MB - Virtual size: 2.7MB

.data Size: 399KB - Virtual size: 496KB

.rsrc Size: 187KB - Virtual size: 186KB

7da6210aa5071f46c0f459e8e1faf1e8

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

oleaut32

shlwapi

winmm

ws2_32

wininet

version

gdi32

comdlg32

shell32

ntdll

comctl32

uxtheme

usp10

imm32

setupapi

crypt32

Exports

Exports

Sections

.text Size: 39.9MB - Virtual size: 39.9MB

.rdata Size: 7.4MB - Virtual size: 7.4MB

48:1b:6a:07:26:d2:e8:3f:26:02:d4:82:5a:cd
Certificate

6a:e1:85:c2:92:81:e4:14:ea:62:0e:1d
Certificate

40:cb:42:89:5c:3e:74:94:26:97:ad:2f
Certificate

04:00:00:00:00:01:31:89:c6:50:04
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

20:3e:9f:9c:65:a4:62:ce:88:5d:59:c6:1d:1c:ac:b2:d0:fa:2e:e7
Signer

.text
Size: 2.8MB - Virtual size: 2.8MB

.rdata
Size: 2.7MB - Virtual size: 2.7MB

.data
Size: 399KB - Virtual size: 496KB

.rsrc
Size: 187KB - Virtual size: 186KB

.text
Size: 39.9MB - Virtual size: 39.9MB

.rdata
Size: 7.4MB - Virtual size: 7.4MB

.data
Size: 404KB - Virtual size: 1.3MB

.rsrc
Size: 2.9MB - Virtual size: 2.9MB