MZ Header

Rich Header

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Packer / Compiler

Sections

Data Directory

Signers (1)

issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)09/CN=VeriSign Class 3 Code Signing 2009-2 CA
serial: 4EA536D132EFAA076646AA7F5D8F3E99

Certificates (2)

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
        Validity
            Not Before: May 21 00:00:00 2009 GMT
            Not After : May 20 23:59:59 2019 GMT
        Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009-2 CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:be:67:1d:b4:60:aa:10:49:6f:56:17:7c:66:c9:
                    5e:86:0d:d5:f1:ac:a7:71:83:8e:8b:89:f8:88:04:
                    89:15:06:ba:2d:84:21:95:e4:d1:9c:50:4c:fb:d2:
                    22:bd:da:f2:b2:35:3b:1e:8f:c3:09:fb:fc:13:2e:
                    5a:bf:89:7c:3d:3b:25:1e:f6:f3:58:7b:9c:f4:01:
                    b5:c6:0a:b8:80:ce:be:27:74:61:67:27:4d:6a:e5:
                    ec:81:61:58:79:a3:e0:17:10:12:15:27:b0:e1:4d:
                    34:7f:2b:47:20:44:b9:de:66:24:66:8a:cd:4f:ba:
                    1f:c5:38:c8:54:90:e1:72:f6:19:66:75:6a:b9:49:
                    68:cf:38:79:0d:aa:30:a8:db:2c:60:48:9e:d7:aa:
                    14:01:a9:83:d7:38:91:30:39:13:96:03:3a:7c:40:
                    54:b6:ad:e0:2f:1b:83:dc:a8:11:52:3e:02:b3:d7:
                    2b:fd:21:b6:a7:5c:a3:0f:0b:a9:a6:10:50:0e:34:
                    2e:4d:a7:ce:c9:5e:25:d4:8c:bc:f3:6e:7c:29:bc:
                    01:5d:fc:31:87:5a:d5:8c:85:67:58:88:19:a0:bf:
                    35:f0:ea:2b:a3:21:e7:90:f6:83:e5:a8:ed:60:78:
                    5e:7b:60:83:fd:57:0b:5d:41:0d:63:54:60:d6:43:
                    21:ef
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.113733.1.7.23.3
                  CPS: https://www.verisign.com/cps
                  User Notice:
                    Explicit Text: https://www.verisign.com/rpa

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            1.3.6.1.5.5.7.1.12: 
                0_.].[0Y0W0U..image/gif0!0.0...+..............k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, Code Signing
            Authority Information Access: 
                OCSP - URI:http://ocsp.verisign.com

            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.verisign.com/pca3.crl

            X509v3 Subject Alternative Name: 
                DirName:/CN=Class3CA2048-1-55
            X509v3 Subject Key Identifier: 
                97:D0:6B:A8:26:70:C8:A1:3F:94:1F:08:2D:C4:35:9B:A4:A1:1E:F2
    Signature Algorithm: sha1WithRSAEncryption
         8b:03:c0:dd:94:d8:41:a2:61:69:b0:15:a8:78:c7:30:c6:90:
         3c:7e:42:f7:24:b6:e4:83:73:17:04:7f:04:10:9c:a1:e2:fa:
         81:2f:eb:c0:ca:44:e7:72:e0:50:b6:55:10:20:83:6e:96:92:
         e4:9a:51:6a:b4:37:31:dc:a5:2d:eb:8c:00:c7:1d:4f:e7:4d:
         32:ba:85:f8:4e:be:fa:67:55:65:f0:6a:be:7a:ca:64:38:1a:
         10:10:78:45:76:31:f3:86:7a:03:0f:60:c2:b3:5d:9d:f6:8b:
         66:76:82:1b:59:e1:83:e5:bd:49:a5:38:56:e5:de:41:77:0e:
         58:0f

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:a5:36:d1:32:ef:aa:07:66:46:aa:7f:5d:8f:3e:99
    Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009-2 CA
        Validity
            Not Before: Jan 26 00:00:00 2010 GMT
            Not After : Jan 25 23:59:59 2013 GMT
        Subject: C=CN, ST=Beijing, L=Beijing, O=China Mobile Communications Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, CN=China Mobile Communications Corporation
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (1024 bit)
                Modulus:
                    00:e5:2b:2f:cc:f3:2c:19:93:0b:3b:9a:28:e1:a2:
                    18:5b:29:18:c7:b0:1f:c0:bb:09:1c:77:00:87:4b:
                    cf:b1:e2:b5:da:4f:25:05:a2:b6:d3:00:cf:16:00:
                    48:42:48:c6:b8:8e:45:f2:d3:c7:9c:2d:f3:da:4b:
                    54:98:a5:5c:cc:8b:12:90:07:ec:64:e4:04:ee:aa:
                    a9:08:f2:9c:c2:7f:a1:62:2e:35:e9:ba:36:48:2f:
                    84:d7:75:41:b3:db:dc:c1:50:89:a0:7c:47:13:e6:
                    fb:b5:3c:ff:85:d9:55:08:a4:18:55:6b:bd:b6:97:
                    83:99:43:f4:db:f2:c5:d5:83
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl

            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.113733.1.7.23.3
                  CPS: https://www.verisign.com/rpa

            X509v3 Extended Key Usage: 
                Code Signing
            Authority Information Access: 
                OCSP - URI:http://ocsp.verisign.com
                CA Issuers - URI:http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer

            X509v3 Authority Key Identifier: 
                keyid:97:D0:6B:A8:26:70:C8:A1:3F:94:1F:08:2D:C4:35:9B:A4:A1:1E:F2

            Netscape Cert Type: 
                Object Signing
            1.3.6.1.4.1.311.2.1.27: 
                0.......
    Signature Algorithm: sha1WithRSAEncryption
         46:5d:75:ae:48:b9:07:00:69:2c:68:13:43:dc:79:34:27:ca:
         ad:6a:51:86:2e:72:f3:a7:cd:b7:74:26:f6:d9:dd:19:29:d6:
         b3:98:89:82:a3:61:50:bf:f9:ef:1f:42:fa:60:07:42:e8:ce:
         de:4d:f5:04:f6:e5:53:e2:99:3c:f8:13:6a:18:44:a2:aa:fd:
         e3:69:af:e4:c9:cc:6a:8e:b4:4f:6b:54:82:db:b5:9c:07:ae:
         21:79:38:3e:b4:3a:37:4d:ef:9b:81:4c:25:c3:22:ee:c5:c7:
         13:2d:17:03:ef:c8:36:79:30:cb:ff:65:ad:b3:53:7a:72:20:
         10:97:7f:e0:2c:86:06:b9:25:b0:7d:65:d7:39:b5:a1:f8:d1:
         50:75:82:88:37:11:6d:8a:c1:31:fd:43:9a:2f:9b:61:47:6f:
         77:8a:94:05:c5:a0:b8:df:17:74:cd:5c:94:bd:57:c6:7d:99:
         77:9b:e2:f0:56:75:11:e1:8e:1c:36:b9:f5:5e:6b:1a:b8:37:
         01:40:7d:69:b6:b1:b9:98:8f:ee:1b:46:e5:21:bf:2d:89:30:
         c8:dd:6a:82:6c:4f:33:1b:7f:40:c6:4a:0e:2b:20:52:76:e8:
         28:d1:d7:29:0b:5a:e2:58:8c:40:2c:79:2e:35:4a:c8:79:06:
         74:07:c2:af
pkcs7-signedData
  • 1
    • SHA1: nil
    • 1.3.6.1.4.1.311.2.1.4
      • #0
        • 1.3.6.1.4.1.311.2.1.15
          • :
            00 3c 00 3c 00 3c 00 4f  00 62 00 73 00 6f 00 6c  |.<.<.<.O.b.s.o.l|
            00 65 00 74 00 65 00 3e  00 3e 00 3e              |.e.t.e.>.>.>    |
        • SHA1
          • ea fd f1 89 05 35 fc 7b  c0 48 47 4a 4a 36 a1 a5  |.....5.{.HGJJ6..|
            5c d8 4a b1                                       |\.J.            |
    • Certificates
      • Certificate #0
        • 2
          • 65:52:26:E1:B2:2E:18:E1:59:0F:29:85:AC:22:E7:5C
          • RSA-SHA1: nil
          • Issuer
            • C: US
            • O: VeriSign, Inc.
            • OU: Class 3 Public Primary Certification Authority
          • 2009-05-21 00:00:00 UTC: 2019-05-20 23:59:59 UTC
          • Subject
            • C: US
            • O: VeriSign, Inc.
            • OU: VeriSign Trust Network
            • OU: Terms of use at https://www.verisign.com/rpa (c)09
            • CN: VeriSign Class 3 Code Signing 2009-2 CA
          • #5
            • rsaEncryption: nil
            • BE:67:1D:B4:60:AA:10:49:6F:56:17:7C:66:C9:5E:86:
              0D:D5:F1:AC:A7:71:83:8E:8B:89:F8:88:04:89:15:06:
              BA:2D:84:21:95:E4:D1:9C:50:4C:FB:D2:22:BD:DA:F2:
              B2:35:3B:1E:8F:C3:09:FB:FC:13:2E:5A:BF:89:7C:3D:
              3B:25:1E:F6:F3:58:7B:9C:F4:01:B5:C6:0A:B8:80:CE:
              BE:27:74:61:67:27:4D:6A:E5:EC:81:61:58:79:A3:E0:
              17:10:12:15:27:B0:E1:4D:34:7F:2B:47:20:44:B9:DE:
              66:24:66:8A:CD:4F:BA:1F:C5:38:C8:54:90:E1:72:F6:
              19:66:75:6A:B9:49:68:CF:38:79:0D:AA:30:A8:DB:2C:
              60:48:9E:D7:AA:14:01:A9:83:D7:38:91:30:39:13:96:
              03:3A:7C:40:54:B6:AD:E0:2F:1B:83:DC:A8:11:52:3E:
              02:B3:D7:2B:FD:21:B6:A7:5C:A3:0F:0B:A9:A6:10:50:
              0E:34:2E:4D:A7:CE:C9:5E:25:D4:8C:BC:F3:6E:7C:29:
              BC:01:5D:FC:31:87:5A:D5:8C:85:67:58:88:19:A0:BF:
              35:F0:EA:2B:A3:21:E7:90:F6:83:E5:A8:ED:60:78:5E:
              7B:60:83:FD:57:0B:5D:41:0D:63:54:60:D6:43:21:EF
              : 0x010001
          • X509v3 extensions
            • basicConstraints
              • true
              • true: 0
            • certificatePolicies
              • 2.16.840.1.113733.1.7.23.3
                • #0
                  • id-qt-cps: https://www.verisign.com/cps
                  • id-qt-unotice: https://www.verisign.com/rpa
            • keyUsage: true, 6
            • 1.3.6.1.5.5.7.1.12
              • image/gif
                • SHA1:
                  8f e5 d3 1a 86 ac 8d 8e  6b c3 cf 80 6a d4 48 18  |........k...j.H.|
                  2c 7b 19 2e                                       |,{..            |
                • http://logo.verisign.com/vslogo.gif
            • extendedKeyUsage
              • clientAuth: codeSigning
            • authorityInfoAccess
              • OCSP: http://ocsp.verisign.com
            • crlDistributionPoints: http://crl.verisign.com/pca3.crl
            • subjectAltName
              • CN: Class3CA2048-1-55
            • subjectKeyIdentifier:
              97 d0 6b a8 26 70 c8 a1  3f 94 1f 08 2d c4 35 9b  |..k.&p..?...-.5.|
              a4 a1 1e f2                                       |....            |
        • RSA-SHA1:
          8b 03 c0 dd 94 d8 41 a2  61 69 b0 15 a8 78 c7 30  |......A.ai...x.0|
          c6 90 3c 7e 42 f7 24 b6  e4 83 73 17 04 7f 04 10  |..<~B.$...s.....|
          9c a1 e2 fa 81 2f eb c0  ca 44 e7 72 e0 50 b6 55  |...../...D.r.P.U|
          10 20 83 6e 96 92 e4 9a  51 6a b4 37 31 dc a5 2d  |. .n....Qj.71..-|
          eb 8c 00 c7 1d 4f e7 4d  32 ba 85 f8 4e be fa 67  |.....O.M2...N..g|
          55 65 f0 6a be 7a ca 64  38 1a 10 10 78 45 76 31  |Ue.j.z.d8...xEv1|
          f3 86 7a 03 0f 60 c2 b3  5d 9d f6 8b 66 76 82 1b  |..z..`..]...fv..|
          59 e1 83 e5 bd 49 a5 38  56 e5 de 41 77 0e 58 0f  |Y....I.8V..Aw.X.|
      • Certificate #1
        • 2
          • 4E:A5:36:D1:32:EF:AA:07:66:46:AA:7F:5D:8F:3E:99
          • RSA-SHA1: nil
          • Issuer
            • C: US
            • O: VeriSign, Inc.
            • OU: VeriSign Trust Network
            • OU: Terms of use at https://www.verisign.com/rpa (c)09
            • CN: VeriSign Class 3 Code Signing 2009-2 CA
          • 2010-01-26 00:00:00 UTC: 2013-01-25 23:59:59 UTC
          • Subject
            • C: CN
            • ST: Beijing
            • L: Beijing
            • O: China Mobile Communications Corporation
            • OU: Digital ID Class 3 - Microsoft Software Validation v2
            • CN: China Mobile Communications Corporation
          • #5
            • rsaEncryption: nil
            • E5:2B:2F:CC:F3:2C:19:93:0B:3B:9A:28:E1:A2:18:5B:
              29:18:C7:B0:1F:C0:BB:09:1C:77:00:87:4B:CF:B1:E2:
              B5:DA:4F:25:05:A2:B6:D3:00:CF:16:00:48:42:48:C6:
              B8:8E:45:F2:D3:C7:9C:2D:F3:DA:4B:54:98:A5:5C:CC:
              8B:12:90:07:EC:64:E4:04:EE:AA:A9:08:F2:9C:C2:7F:
              A1:62:2E:35:E9:BA:36:48:2F:84:D7:75:41:B3:DB:DC:
              C1:50:89:A0:7C:47:13:E6:FB:B5:3C:FF:85:D9:55:08:
              A4:18:55:6B:BD:B6:97:83:99:43:F4:DB:F2:C5:D5:83
              : 0x010001
          • X509v3 extensions
            • basicConstraints
              • nil
            • keyUsage: true, 0x80
            • crlDistributionPoints: http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl
            • certificatePolicies
              • 2.16.840.1.113733.1.7.23.3
                • id-qt-cps: https://www.verisign.com/rpa
            • extendedKeyUsage: codeSigning
            • authorityInfoAccess
              • #0
                • OCSP: http://ocsp.verisign.com
                • caIssuers: http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer
            • authorityKeyIdentifier:
              97 d0 6b a8 26 70 c8 a1  3f 94 1f 08 2d c4 35 9b  |..k.&p..?...-.5.|
              a4 a1 1e f2                                       |....            |
            • nsCertType: 0x10
            • 1.3.6.1.4.1.311.2.1.27
              • false: true
        • RSA-SHA1:
          46 5d 75 ae 48 b9 07 00  69 2c 68 13 43 dc 79 34  |F]u.H...i,h.C.y4|
          27 ca ad 6a 51 86 2e 72  f3 a7 cd b7 74 26 f6 d9  |'..jQ..r....t&..|
          dd 19 29 d6 b3 98 89 82  a3 61 50 bf f9 ef 1f 42  |..)......aP....B|
          fa 60 07 42 e8 ce de 4d  f5 04 f6 e5 53 e2 99 3c  |.`.B...M....S..<|
          f8 13 6a 18 44 a2 aa fd  e3 69 af e4 c9 cc 6a 8e  |..j.D....i....j.|
          b4 4f 6b 54 82 db b5 9c  07 ae 21 79 38 3e b4 3a  |.OkT......!y8>.:|
          37 4d ef 9b 81 4c 25 c3  22 ee c5 c7 13 2d 17 03  |7M...L%."....-..|
          ef c8 36 79 30 cb ff 65  ad b3 53 7a 72 20 10 97  |..6y0..e..Szr ..|
          7f e0 2c 86 06 b9 25 b0  7d 65 d7 39 b5 a1 f8 d1  |..,...%.}e.9....|
          50 75 82 88 37 11 6d 8a  c1 31 fd 43 9a 2f 9b 61  |Pu..7.m..1.C./.a|
          47 6f 77 8a 94 05 c5 a0  b8 df 17 74 cd 5c 94 bd  |Gow........t.\..|
          57 c6 7d 99 77 9b e2 f0  56 75 11 e1 8e 1c 36 b9  |W.}.w...Vu....6.|
          f5 5e 6b 1a b8 37 01 40  7d 69 b6 b1 b9 98 8f ee  |.^k..7.@}i......|
          1b 46 e5 21 bf 2d 89 30  c8 dd 6a 82 6c 4f 33 1b  |.F.!.-.0..j.lO3.|
          7f 40 c6 4a 0e 2b 20 52  76 e8 28 d1 d7 29 0b 5a  |.@.J.+ Rv.(..).Z|
          e2 58 8c 40 2c 79 2e 35  4a c8 79 06 74 07 c2 af  |.X.@,y.5J.y.t...|
    • Signer
      • 1
      • unnamed
        • #0
          • C: US
          • O: VeriSign, Inc.
          • OU: VeriSign Trust Network
          • OU: Terms of use at https://www.verisign.com/rpa (c)09
          • CN: VeriSign Class 3 Code Signing 2009-2 CA
        • 4E:A5:36:D1:32:EF:AA:07:66:46:AA:7F:5D:8F:3E:99
      • SHA1: nil
      • #3
        • contentType: 1.3.6.1.4.1.311.2.1.4
        • 1.3.6.1.4.1.311.2.1.11: msCodeInd
        • 1.3.6.1.4.1.311.2.1.12:
          00 46 00 65 00 74 00 69  00 6f 00 6e              |.F.e.t.i.o.n    |
        • messageDigest:
          10 7c 07 fc ff fa 23 69  0e 82 ac a1 df 77 f1 7d  |.|....#i.....w.}|
          20 d0 f7 69                                       | ..i            |
      • rsaEncryption:
        d9 b1 b0 60 48 30 c3 71  ef 1e 71 48 b0 22 36 c2  |...`H0.q..qH."6.|
        c5 28 8f 03 00 3e 01 9c  60 25 77 29 e3 4f 23 39  |.(...>..`%w).O#9|
        cf 0d 8a 45 ba 1f 16 07  2d d9 82 af 34 d1 5d 69  |...E....-...4.]i|
        fb 07 46 65 9b 87 40 9a  20 26 d1 73 18 7f 11 91  |..Fe..@. &.s....|
        5e bf ab f2 5c 52 4f 5f  86 14 6e 0e 95 70 d5 1b  |^...\RO_..n..p..|
        45 77 de 94 7c 40 21 2b  9a 68 89 35 1a 19 f9 72  |Ew..|@!+.h.5...r|
        f6 1f 63 7b 77 e9 c2 61  1c 8b 40 99 73 99 7d bd  |..c{w..a..@.s.}.|
        4c 6d 57 81 9b 46 ca be  d3 a1 04 ef cf 24 44 6e  |LmW..F.......$Dn|
offsetsizetypecomment
0272896EXE02/25/2010 09:57:23#
2cd823453PNG(256 x 256)#
94d838484PNG(256 x 256)#
14eac44540PNG(256 x 256)#
42a003256PKCS7Authenticode Signature#
offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

[?] ignoring invalid PEdump::BITMAPINFOHEADER