hijackloader | WinMergeU[.]EXE

Sharing

Copy URL

Twitter E-mail

General

Target

WinMergeU.EXE
Size

6.8MB
MD5

7f6e0664d4c5bcb2e823194a4b7fed92
SHA1

aeec739892a9bbd88c4031095e1428a6264c672e
SHA256

b2b5c6a6a3e050dfe2aa13db6f9b02ce578dd224926f270ea0a433195ac1ba26
SHA512

9f408086fd148d8a2769c7f97e6c3aea19e9242bc07cc8f82cacd099541269e71a09621c8de2627733846000879598ab2c45dccc348794dc815238aa39379143
SSDEEP

98304:zv4Bj7wWhZtiabODR9KI586Tz+yVpzhdfm8oAOz+yzp0BMW:sBj7wmZtiabgRE2THpzjefU

Score

10^/10

hijackloader

Malware Config

Extracted

Family

hijackloader

Attributes

directory
%APPDATA%\EMDB
inject_dll
%windir%\SysWOW64\esent.dll

xor.hex

Signatures

Detects HijackLoader (aka IDAT Loader) 1 IoCs

resource	yara_rule
sample	family_hijackloader

Hijackloader family
hijackloader

Files

WinMergeU.EXE
.exe windows:6 windows x64 arch:x64

c37edd6709efb3f13bd37e1279e732d9

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3c:c2:ac:32:38:8a:f4:7f:d7:30:02:18:8b:ea:b7:be
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

18/10/2024, 11:02

Not After

18/10/2027, 11:02

Subject

CN=Takashi Sawanaka,O=Takashi Sawanaka,L=Chiba,ST=Chiba,C=JP

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02/11/2023, 08:32

Not After

30/10/2034, 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9c:69:b7:17:ef:e4:6d:73:28:88:0d:51:30:73:68:6a:5e:c4:89:75:43:9d:ea:50:d1:f0:cb:3c:39:48:0b:92
Signer

Actual PE Digest

9c:69:b7:17:ef:e4:6d:73:28:88:0d:51:30:73:68:6a:5e:c4:89:75:43:9d:ea:50:d1:f0:cb:3c:39:48:0b:92

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

A:\encryption\bios\hxo\interpreter\vulner\x86\debug\Thread\Java.pdb

Imports

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
StrChrW
StrCmpLogicalW
SHAutoComplete
PathGetCharTypeW
PathCreateFromUrlW
UrlIsW
PathIsDirectoryW
PathFindExtensionW
PathIsContentTypeW
StrCmpIW
PathMatchSpecW
PathCompactPathW
StrFormatByteSizeW
ord2
ord12
PathFileExistsW
StrTrimW

imm32

ImmSetCompositionFontW
ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

kernel32

lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
GlobalGetAtomNameW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileTime
LocalFileTimeToFileTime
SetFileAttributesW
SystemTimeToFileTime
lstrcmpA
GetVersionExW
FlushFileBuffers
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
GetStringTypeExW
GetDiskFreeSpaceW
ReplaceFileW
GetUserDefaultLCID
LocalAlloc
GetCurrentThread
CompareStringA
GetPrivateProfileIntW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalReAlloc
GlobalFlags
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
SetErrorMode
FindResourceExW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTimeZoneInformation
SetFilePointerEx
EnumSystemLocalesW
IsValidLocale
LCMapStringW
FlsFree
FlsSetValue
FlsGetValue
LoadLibraryExW
HeapQueryInformation
GetCommandLineA
VirtualAlloc
GetConsoleOutputCP
FreeLibraryAndExitThread
ExitThread
SetStdHandle
ReadConsoleW
GetConsoleMode
ExitProcess
RtlPcToFileHeader
InterlockedPushEntrySList
RtlUnwindEx
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CreateSemaphoreW
CreatePipe
RemoveDirectoryW
GetLongPathNameW
SetEnvironmentVariableW
GetEnvironmentVariableW
GetCPInfo
ActivateActCtx
LCMapStringEx
GetLocaleInfoEx
MoveFileExW
AreFileApisANSI
GetFinalPathNameByHandleW
TryAcquireSRWLockExclusive
QueryPerformanceFrequency
FormatMessageA
OutputDebugStringW
EncodePointer
GetCurrentProcessId
SuspendThread
SetThreadPriority
GetProfileIntW
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalSize
GlobalDeleteAtom
FlsAlloc
GlobalLock
GlobalUnlock
LoadLibraryW
GetProcAddress
MulDiv
GetACP
GetTickCount
GlobalAlloc
GlobalFree
GetStringTypeW
HeapFree
InitializeCriticalSectionEx
HeapSize
GetLastError
HeapReAlloc
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetFileType
PeekNamedPipe
GetFileInformationByHandle
FindFirstFileW
FindClose
RaiseException
SearchPathW
GetPrivateProfileStringW
GetThreadLocale
DeleteFileW
lstrlenW
WaitForSingleObject
CloseHandle
CreateEventW
SetEvent
WritePrivateProfileStringW
Sleep
GetSystemDirectoryW
VirtualProtect
InitializeCriticalSection
ResetEvent
CreateActCtxW
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
VirtualQuery
LoadLibraryExA
ExpandEnvironmentStringsA
GetCompressedFileSizeW
IsValidCodePage
MoveFileW
GetExitCodeThread
CreateThread
GetDriveTypeW
ReadDirectoryChangesW
CreateFileW
GetOverlappedResult
WaitForMultipleObjects
CreateProcessW
GetExitCodeProcess
GetFileSize
ReadFile
GetCurrentThreadId
SetLastError
GetSystemDefaultLangID
GetLocaleInfoW
GetModuleHandleW
GetCommandLineW
GetCurrentDirectoryW
GetOEMCP
GetSystemInfo
GlobalMemoryStatusEx
GetTempPathW
GetShortPathNameW
lstrcmpiW
GetSystemWow64DirectoryW
CreateDirectoryW
GetFullPathNameW
GetUserDefaultLangID
ResumeThread
GetCurrentProcess
TerminateProcess
ReleaseMutex
FreeConsole
GetStdHandle
WriteConsoleW
AttachConsole
SetDllDirectoryW
SetSearchPathMode
OpenProcess
CreateMutexW
lstrcpynW
WideCharToMultiByte
LocalFree
WriteFile
SetFileTime
GetTickCount64
FormatMessageW
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetNumberFormatW
SetThreadUILanguage
SetThreadLocale
GetFileSizeEx
lstrcpyW
CopyFileW
ExpandEnvironmentStringsW
GetTempFileNameW
LoadLibraryA
GetModuleFileNameW
FindNextFileW
FindFirstFileExW
VerifyVersionInfoW
VerSetConditionMask
GetFileAttributesW
GlobalReAlloc
MultiByteToWideChar
ReleaseSemaphore

user32

LockWindowUpdate
CopyAcceleratorTableW
RealChildWindowFromPoint
PostQuitMessage
ShowOwnedPopups
SetWindowRgn
DrawIcon
UnionRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
WindowFromPoint
GetTabbedTextExtentW
SetCursorPos
GetWindowDC
DestroyCursor
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
BringWindowToTop
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
AdjustWindowRectEx
ShowScrollBar
GetScrollRange
SetScrollRange
SetScrollPos
ScrollWindow
EndPaint
BeginPaint
SetMenu
GetMenu
DeferWindowPos
SetWindowPlacement
GetWindowPlacement
GetClassInfoExW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
SetActiveWindow
CreateDialogIndirectParamW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
ValidateRect
SetWindowLongW
SendDlgItemMessageW
IsDlgButtonChecked
CheckDlgButton
GetDlgItemInt
SetDlgItemInt
MoveWindow
SetRectEmpty
SendDlgItemMessageA
DialogBoxParamW
EndDialog
GetDlgItemTextW
SetDlgItemTextW
DestroyWindow
IsWindowEnabled
UnregisterHotKey
RegisterHotKey
GetWindowTextLengthW
CreateWindowExW
GetComboBoxInfo
ChildWindowFromPoint
GetClassNameW
GetMonitorInfoW
MonitorFromPoint
GetScrollPos
GetDCEx
SetClassLongPtrW
IsRectEmpty
EndDeferWindowPos
BeginDeferWindowPos
DestroyMenu
IsDialogMessageW
GetNextDlgTabItem
ChildWindowFromPointEx
GetIconInfo
MapDialogRect
IsChild
GetWindowThreadProcessId
GetLastActivePopup
GetKeyState
GetClientRect
UpdateWindow
CreateCaret
SetCaretPos
ShowCaret
HideCaret
MessageBoxW
EnableWindow
GetSystemMetrics
InvalidateRect
wsprintfW
IntersectRect
CopyRect
GetSysColor
ReleaseCapture
KillTimer
IsWindow
GetDlgItem
GetDC
ReleaseDC
OffsetRect
EnableScrollBar
GetCursorPos
ScreenToClient
SetCursor
LoadCursorW
LoadAcceleratorsW
TranslateAcceleratorW
GetDoubleClickTime
GetCaretPos
RedrawWindow
MessageBeep
SetCapture
SetTimer
IsClipboardFormatAvailable
OpenClipboard
EmptyClipboard
SetClipboardData
RegisterClipboardFormatW
CloseClipboard
GetClipboardData
GetWindowLongW
SendMessageW
CharUpperW
GetDesktopWindow
UnregisterClassW
LoadImageW
CharNextW
CharPrevW
SetDlgItemTextA
GetWindowRect
PtInRect
TrackMouseEvent
PostThreadMessageW
PeekMessageW
GetMessageW
GetSysColorBrush
FillRect
DrawEdge
SetRect
GetMenuItemInfoW
SystemParametersInfoW
AppendMenuW
GetMenuItemCount
InsertMenuW
ModifyMenuW
GetMenuState
GetSubMenu
GetMenuItemID
CreateMenu
CreatePopupMenu
SetMenuItemBitmaps
LoadBitmapW
RemoveMenu
DeleteMenu
DestroyIcon
LoadMenuW
IsWindowVisible
DrawFrameControl
PostMessageW
SetWindowsHookExW
UnhookWindowsHookEx
SetFocus
CallNextHookEx
GetForegroundWindow
LoadIconW
GetParent
GetPropW
DefWindowProcW
CallWindowProcW
RemovePropW
GetWindowLongPtrW
SetWindowLongPtrW
GetAsyncKeyState
SetForegroundWindow
ShowWindow
FindWindowW
GetThreadDesktop
GetUserObjectInformationW
DragDetect
EqualRect
DrawIconEx
GetClassLongPtrW
GetTopWindow
GetSystemMenu
FlashWindowEx
GetActiveWindow
ReplyMessage
IsMenu
DrawMenuBar
RegisterClassW
GetClassInfoW
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetCapture
DispatchMessageW
TranslateMessage
GetWindow
SetWindowTextW
GetWindowTextW
GetMenuStringW
ClientToScreen
EnableMenuItem
InflateRect
CheckMenuRadioItem
TrackPopupMenu
CheckMenuItem
GetFocus
wsprintfA
SetParent
GetDlgCtrlID
MapWindowPoints
IsIconic
IsZoomed
SetWindowPos
SetPropW

gdi32

SetTextColor
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
Polygon
Rectangle
DPtoLP
GetViewportExtEx
GetWindowExtEx
GetMapMode
LPtoDP
GetCharWidthW
GetTextMetricsW
SetDIBColorTable
PatBlt
CreateBitmap
Ellipse
GetBkMode
SetDIBits
GetDIBits
CreateSolidBrush
CreateDIBSection
DeleteObject
GetDIBColorTable
SelectObject
DeleteDC
RoundRect
GetTextColor
GetStockObject
GetBkColor
GetCharWidth32W
CreateRectRgnIndirect
GetViewportOrgEx
GetObjectW
CreateFontIndirectW
GetDeviceCaps
GetTextExtentPoint32W
BitBlt
CreateCompatibleDC
SetPolyFillMode
CreatePatternBrush
SetStretchBltMode
SetTextAlign
SetBkMode
MoveToEx
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CombineRgn
SetRectRgn
GetROP2
GetNearestColor
GetPolyFillMode
GetStretchBltMode
GetTextAlign
GetWindowOrgEx
GetTextFaceW
CreateFontW
StretchDIBits
CreateEllipticRgn
EnumFontFamiliesExW
CreateRectRgn
ExcludeClipRect
GetClipBox
GetCurrentPositionEx
GetPixel
IntersectClipRect
LineTo
RestoreDC
SaveDC
SelectClipRgn
SetMapMode
CreateDCW
EnumFontFamiliesW
CreatePen
CopyMetaFileW
SetBkColor
StartDocW
EndDoc
StartPage
EndPage
AbortDoc
SetAbortProc
GetLayout
SetLayout
SetROP2
CreateCompatibleBitmap

msimg32

AlphaBlend

advapi32

CryptGenRandom
CryptAcquireContextW
RegQueryValueW
RegEnumKeyW
RegDeleteKeyW
SetFileSecurityW
GetFileSecurityW
RegSetValueW
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyW
RegEnumKeyExW
RegEnumValueW
RegDeleteValueW
RegDeleteTreeW
RegSetValueExW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
CryptReleaseContext

shell32

DragFinish
ShellExecuteW
SHGetFileInfoW
ord701
SHGetDesktopFolder
SHGetMalloc
ExtractIconW
SHAddToRecentDocs
SetCurrentProcessExplicitAppUserModelID
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFolderPathW
ord155
SHParseDisplayName
ShellExecuteExW
SHCreateShellItem
DragQueryFileW
SHFileOperationW
SHGetPropertyStoreFromParsingName

comctl32

ord17
ImageList_GetImageInfo
ImageList_ReplaceIcon
ImageList_GetIcon
ImageList_Remove
ImageList_Copy
ImageList_GetImageCount
ImageList_AddMasked
ImageList_DrawIndirect
ImageList_Draw
ImageList_Add
ImageList_DrawEx

uxtheme

IsThemeActive
GetThemePartSize
GetThemeMargins
GetThemeInt
DrawThemeBackground
DrawThemeText
GetThemeFont
GetThemeColor
CloseThemeData
SetWindowTheme
IsThemeBackgroundPartiallyTransparent
IsAppThemed
DrawThemeParentBackground
OpenThemeData

ole32

CoRevokeClassObject
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoRegisterMessageFilter
CoFreeUnusedLibraries
CoCreateGuid
CoInitializeEx
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
OleGetClipboard
OleDuplicateData
StringFromCLSID
CoLockObjectExternal
OleUninitialize
OleInitialize
CoUninitialize
CoInitialize
CoGetObject
CLSIDFromProgID
CreateStreamOnHGlobal
RegisterDragDrop
RevokeDragDrop
OleRun
CoCreateInstance
ReleaseStgMedium
PropVariantClear
CoTaskMemAlloc
CoTaskMemFree
CoCreateFreeThreadedMarshaler

oleaut32

SysFreeString
GetErrorInfo
SysAllocString
SysStringLen
CreateErrorInfo
SetErrorInfo
SysAllocStringLen
VariantInit
VariantClear
VariantChangeType
SafeArrayAccessData
VariantCopyInd
LoadTypeLi
SafeArrayGetUBound
VarBstrFromDate
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayCreate
SafeArrayRedim
SysReAllocStringLen

gdiplus

GdipDrawImageRectRectI
GdipDrawImageI
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipSaveImageToStream
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipCreateSolidFill
GdipDeleteBrush
GdipCloneBrush
GdipCreatePen1
GdipDeletePen
GdipSetSmoothingMode
GdipDrawBezierI
GdipCreatePath
GdipDeletePath
GdipStartPathFigure
GdipAddPathBezierI
GdipAddPathLineI
GdipClosePathFigure
GdipFillPath
GdipDrawPath
GdipDrawLinesI
GdipAddPathArcI
GdipFillRectangleI
GdipDrawLineI
GdipCreateBitmapFromScan0
GdipFree
GdipAlloc
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipDeleteGraphics
GdipSetInterpolationMode
GdipDrawImageRectI
GdipCreateHBITMAPFromBitmap
GdipCreateFromHDC
GdiplusStartup
GdiplusShutdown
GdipCreateBitmapFromHBITMAP

oleacc

CreateStdAccessibleObject
AccessibleObjectFromWindow
LresultFromObject

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 192KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

c37edd6709efb3f13bd37e1279e732d9

Code Sign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

3c:c2:ac:32:38:8a:f4:7f:d7:30:02:18:8b:ea:b7:beCertificate

Extended Key Usages

Key Usages

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31Certificate

Extended Key Usages

Key Usages

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

9c:69:b7:17:ef:e4:6d:73:28:88:0d:51:30:73:68:6a:5e:c4:89:75:43:9d:ea:50:d1:f0:cb:3c:39:48:0b:92Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

imm32

kernel32

user32

gdi32

msimg32

advapi32

shell32

comctl32

uxtheme

ole32

oleaut32

gdiplus

oleacc

Sections

.text Size: 3.0MB - Virtual size: 3.0MB

.rdata Size: 1.3MB - Virtual size: 1.3MB

.data Size: 192KB - Virtual size: 238KB

.pdata Size: 144KB - Virtual size: 144KB

.didat Size: 512B - Virtual size: 256B

.rsrc Size: 2.2MB - Virtual size: 2.2MB

.reloc Size: 71KB - Virtual size: 71KB

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

3c:c2:ac:32:38:8a:f4:7f:d7:30:02:18:8b:ea:b7:be
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

9c:69:b7:17:ef:e4:6d:73:28:88:0d:51:30:73:68:6a:5e:c4:89:75:43:9d:ea:50:d1:f0:cb:3c:39:48:0b:92
Signer

.text
Size: 3.0MB - Virtual size: 3.0MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 192KB - Virtual size: 238KB

.pdata
Size: 144KB - Virtual size: 144KB

.didat
Size: 512B - Virtual size: 256B

.rsrc
Size: 2.2MB - Virtual size: 2.2MB

.reloc
Size: 71KB - Virtual size: 71KB