| filename | RegisterTool.exe | |
|---|---|---|
| size | 276152 (0x436b8) | |
| md5 | 02908c0106a61d62a7075b98d848538c | |
| type | PE32 executable (console) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xf0 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 149 | 21022 | 1 |
| 131 | 21022 | 20 |
| 132 | 21022 | 2 |
| 147 | 21022 | 4 |
| 123 | 50727 | 9 |
| 1 | 0 | 65 |
| 138 | 30729 | 2 |
| 148 | 21022 | 1 |
| 145 | 30729 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
| name | va | vsize | raw size | flags | |
|---|---|---|---|---|---|
| .text | 0x1000 | 0xec2 | 0x1000 | R-X CODE | |
| .rdata | 0x2000 | 0xcfe | 0xe00 | R-- IDATA | |
| .data | 0x3000 | 0x390 | 0x200 | RW- IDATA | |
| .rsrc | 0x4000 | 0x3ff64 | 0x40000 | R-- IDATA | |
| .reloc | 0x44000 | 0x4e0 | 0x600 | R-- IDATA DISCARDABLE |
Data Directory
Signers (1)
issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)09/CN=VeriSign Class 3 Code Signing 2009-2 CA
serial: 4EA536D132EFAA076646AA7F5D8F3E99
Certificates (2)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
Validity
Not Before: May 21 00:00:00 2009 GMT
Not After : May 20 23:59:59 2019 GMT
Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009-2 CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:67:1d:b4:60:aa:10:49:6f:56:17:7c:66:c9:
5e:86:0d:d5:f1:ac:a7:71:83:8e:8b:89:f8:88:04:
89:15:06:ba:2d:84:21:95:e4:d1:9c:50:4c:fb:d2:
22:bd:da:f2:b2:35:3b:1e:8f:c3:09:fb:fc:13:2e:
5a:bf:89:7c:3d:3b:25:1e:f6:f3:58:7b:9c:f4:01:
b5:c6:0a:b8:80:ce:be:27:74:61:67:27:4d:6a:e5:
ec:81:61:58:79:a3:e0:17:10:12:15:27:b0:e1:4d:
34:7f:2b:47:20:44:b9:de:66:24:66:8a:cd:4f:ba:
1f:c5:38:c8:54:90:e1:72:f6:19:66:75:6a:b9:49:
68:cf:38:79:0d:aa:30:a8:db:2c:60:48:9e:d7:aa:
14:01:a9:83:d7:38:91:30:39:13:96:03:3a:7c:40:
54:b6:ad:e0:2f:1b:83:dc:a8:11:52:3e:02:b3:d7:
2b:fd:21:b6:a7:5c:a3:0f:0b:a9:a6:10:50:0e:34:
2e:4d:a7:ce:c9:5e:25:d4:8c:bc:f3:6e:7c:29:bc:
01:5d:fc:31:87:5a:d5:8c:85:67:58:88:19:a0:bf:
35:f0:ea:2b:a3:21:e7:90:f6:83:e5:a8:ed:60:78:
5e:7b:60:83:fd:57:0b:5d:41:0d:63:54:60:d6:43:
21:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Certificate Policies:
Policy: 2.16.840.1.113733.1.7.23.3
CPS: https://www.verisign.com/cps
User Notice:
Explicit Text: https://www.verisign.com/rpa
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
1.3.6.1.5.5.7.1.12:
0_.].[0Y0W0U..image/gif0!0.0...+..............k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif
X509v3 Extended Key Usage:
TLS Web Client Authentication, Code Signing
Authority Information Access:
OCSP - URI:http://ocsp.verisign.com
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.verisign.com/pca3.crl
X509v3 Subject Alternative Name:
DirName:/CN=Class3CA2048-1-55
X509v3 Subject Key Identifier:
97:D0:6B:A8:26:70:C8:A1:3F:94:1F:08:2D:C4:35:9B:A4:A1:1E:F2
Signature Algorithm: sha1WithRSAEncryption
8b:03:c0:dd:94:d8:41:a2:61:69:b0:15:a8:78:c7:30:c6:90:
3c:7e:42:f7:24:b6:e4:83:73:17:04:7f:04:10:9c:a1:e2:fa:
81:2f:eb:c0:ca:44:e7:72:e0:50:b6:55:10:20:83:6e:96:92:
e4:9a:51:6a:b4:37:31:dc:a5:2d:eb:8c:00:c7:1d:4f:e7:4d:
32:ba:85:f8:4e:be:fa:67:55:65:f0:6a:be:7a:ca:64:38:1a:
10:10:78:45:76:31:f3:86:7a:03:0f:60:c2:b3:5d:9d:f6:8b:
66:76:82:1b:59:e1:83:e5:bd:49:a5:38:56:e5:de:41:77:0e:
58:0fCertificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:a5:36:d1:32:ef:aa:07:66:46:aa:7f:5d:8f:3e:99
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009-2 CA
Validity
Not Before: Jan 26 00:00:00 2010 GMT
Not After : Jan 25 23:59:59 2013 GMT
Subject: C=CN, ST=Beijing, L=Beijing, O=China Mobile Communications Corporation, OU=Digital ID Class 3 - Microsoft Software Validation v2, CN=China Mobile Communications Corporation
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (1024 bit)
Modulus:
00:e5:2b:2f:cc:f3:2c:19:93:0b:3b:9a:28:e1:a2:
18:5b:29:18:c7:b0:1f:c0:bb:09:1c:77:00:87:4b:
cf:b1:e2:b5:da:4f:25:05:a2:b6:d3:00:cf:16:00:
48:42:48:c6:b8:8e:45:f2:d3:c7:9c:2d:f3:da:4b:
54:98:a5:5c:cc:8b:12:90:07:ec:64:e4:04:ee:aa:
a9:08:f2:9c:c2:7f:a1:62:2e:35:e9:ba:36:48:2f:
84:d7:75:41:b3:db:dc:c1:50:89:a0:7c:47:13:e6:
fb:b5:3c:ff:85:d9:55:08:a4:18:55:6b:bd:b6:97:
83:99:43:f4:db:f2:c5:d5:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl
X509v3 Certificate Policies:
Policy: 2.16.840.1.113733.1.7.23.3
CPS: https://www.verisign.com/rpa
X509v3 Extended Key Usage:
Code Signing
Authority Information Access:
OCSP - URI:http://ocsp.verisign.com
CA Issuers - URI:http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer
X509v3 Authority Key Identifier:
keyid:97:D0:6B:A8:26:70:C8:A1:3F:94:1F:08:2D:C4:35:9B:A4:A1:1E:F2
Netscape Cert Type:
Object Signing
1.3.6.1.4.1.311.2.1.27:
0.......
Signature Algorithm: sha1WithRSAEncryption
46:5d:75:ae:48:b9:07:00:69:2c:68:13:43:dc:79:34:27:ca:
ad:6a:51:86:2e:72:f3:a7:cd:b7:74:26:f6:d9:dd:19:29:d6:
b3:98:89:82:a3:61:50:bf:f9:ef:1f:42:fa:60:07:42:e8:ce:
de:4d:f5:04:f6:e5:53:e2:99:3c:f8:13:6a:18:44:a2:aa:fd:
e3:69:af:e4:c9:cc:6a:8e:b4:4f:6b:54:82:db:b5:9c:07:ae:
21:79:38:3e:b4:3a:37:4d:ef:9b:81:4c:25:c3:22:ee:c5:c7:
13:2d:17:03:ef:c8:36:79:30:cb:ff:65:ad:b3:53:7a:72:20:
10:97:7f:e0:2c:86:06:b9:25:b0:7d:65:d7:39:b5:a1:f8:d1:
50:75:82:88:37:11:6d:8a:c1:31:fd:43:9a:2f:9b:61:47:6f:
77:8a:94:05:c5:a0:b8:df:17:74:cd:5c:94:bd:57:c6:7d:99:
77:9b:e2:f0:56:75:11:e1:8e:1c:36:b9:f5:5e:6b:1a:b8:37:
01:40:7d:69:b6:b1:b9:98:8f:ee:1b:46:e5:21:bf:2d:89:30:
c8:dd:6a:82:6c:4f:33:1b:7f:40:c6:4a:0e:2b:20:52:76:e8:
28:d1:d7:29:0b:5a:e2:58:8c:40:2c:79:2e:35:4a:c8:79:06:
74:07:c2:afpkcs7-signedData
- 1
- SHA1: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
- :
00 3c 00 3c 00 3c 00 4f 00 62 00 73 00 6f 00 6c |.<.<.<.O.b.s.o.l| 00 65 00 74 00 65 00 3e 00 3e 00 3e |.e.t.e.>.>.> |
- :
- SHA1
ea fd f1 89 05 35 fc 7b c0 48 47 4a 4a 36 a1 a5 |.....5.{.HGJJ6..| 5c d8 4a b1 |\.J. |
- 1.3.6.1.4.1.311.2.1.15
- #0
- Certificates
- Certificate #0
- 2
- 65:52:26:E1:B2:2E:18:E1:59:0F:29:85:AC:22:E7:5C
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- OU: Class 3 Public Primary Certification Authority
- 2009-05-21 00:00:00 UTC: 2019-05-20 23:59:59 UTC
- Subject
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)09
- CN: VeriSign Class 3 Code Signing 2009-2 CA
- #5
- rsaEncryption: nil
- BE:67:1D:B4:60:AA:10:49:6F:56:17:7C:66:C9:5E:86:
0D:D5:F1:AC:A7:71:83:8E:8B:89:F8:88:04:89:15:06:
BA:2D:84:21:95:E4:D1:9C:50:4C:FB:D2:22:BD:DA:F2:
B2:35:3B:1E:8F:C3:09:FB:FC:13:2E:5A:BF:89:7C:3D:
3B:25:1E:F6:F3:58:7B:9C:F4:01:B5:C6:0A:B8:80:CE:
BE:27:74:61:67:27:4D:6A:E5:EC:81:61:58:79:A3:E0:
17:10:12:15:27:B0:E1:4D:34:7F:2B:47:20:44:B9:DE:
66:24:66:8A:CD:4F:BA:1F:C5:38:C8:54:90:E1:72:F6:
19:66:75:6A:B9:49:68:CF:38:79:0D:AA:30:A8:DB:2C:
60:48:9E:D7:AA:14:01:A9:83:D7:38:91:30:39:13:96:
03:3A:7C:40:54:B6:AD:E0:2F:1B:83:DC:A8:11:52:3E:
02:B3:D7:2B:FD:21:B6:A7:5C:A3:0F:0B:A9:A6:10:50:
0E:34:2E:4D:A7:CE:C9:5E:25:D4:8C:BC:F3:6E:7C:29:
BC:01:5D:FC:31:87:5A:D5:8C:85:67:58:88:19:A0:BF:
35:F0:EA:2B:A3:21:E7:90:F6:83:E5:A8:ED:60:78:5E:
7B:60:83:FD:57:0B:5D:41:0D:63:54:60:D6:43:21:EF: 0x010001
- X509v3 extensions
- basicConstraints
- true
- true: 0
- certificatePolicies
- 2.16.840.1.113733.1.7.23.3
- #0
- id-qt-cps: https://www.verisign.com/cps
- id-qt-unotice: https://www.verisign.com/rpa
- #0
- 2.16.840.1.113733.1.7.23.3
- keyUsage: true, 6
- 1.3.6.1.5.5.7.1.12
- image/gif
- SHA1:
8f e5 d3 1a 86 ac 8d 8e 6b c3 cf 80 6a d4 48 18 |........k...j.H.| 2c 7b 19 2e |,{.. | - http://logo.verisign.com/vslogo.gif
- SHA1:
- image/gif
- extendedKeyUsage
- clientAuth: codeSigning
- authorityInfoAccess
- OCSP: http://ocsp.verisign.com
- crlDistributionPoints: http://crl.verisign.com/pca3.crl
- subjectAltName
- CN: Class3CA2048-1-55
- subjectKeyIdentifier:
97 d0 6b a8 26 70 c8 a1 3f 94 1f 08 2d c4 35 9b |..k.&p..?...-.5.| a4 a1 1e f2 |.... |
- basicConstraints
- RSA-SHA1:
8b 03 c0 dd 94 d8 41 a2 61 69 b0 15 a8 78 c7 30 |......A.ai...x.0| c6 90 3c 7e 42 f7 24 b6 e4 83 73 17 04 7f 04 10 |..<~B.$...s.....| 9c a1 e2 fa 81 2f eb c0 ca 44 e7 72 e0 50 b6 55 |...../...D.r.P.U| 10 20 83 6e 96 92 e4 9a 51 6a b4 37 31 dc a5 2d |. .n....Qj.71..-| eb 8c 00 c7 1d 4f e7 4d 32 ba 85 f8 4e be fa 67 |.....O.M2...N..g| 55 65 f0 6a be 7a ca 64 38 1a 10 10 78 45 76 31 |Ue.j.z.d8...xEv1| f3 86 7a 03 0f 60 c2 b3 5d 9d f6 8b 66 76 82 1b |..z..`..]...fv..| 59 e1 83 e5 bd 49 a5 38 56 e5 de 41 77 0e 58 0f |Y....I.8V..Aw.X.|
- 2
- Certificate #1
- 2
- 4E:A5:36:D1:32:EF:AA:07:66:46:AA:7F:5D:8F:3E:99
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)09
- CN: VeriSign Class 3 Code Signing 2009-2 CA
- 2010-01-26 00:00:00 UTC: 2013-01-25 23:59:59 UTC
- Subject
- C: CN
- ST: Beijing
- L: Beijing
- O: China Mobile Communications Corporation
- OU: Digital ID Class 3 - Microsoft Software Validation v2
- CN: China Mobile Communications Corporation
- #5
- rsaEncryption: nil
- E5:2B:2F:CC:F3:2C:19:93:0B:3B:9A:28:E1:A2:18:5B:
29:18:C7:B0:1F:C0:BB:09:1C:77:00:87:4B:CF:B1:E2:
B5:DA:4F:25:05:A2:B6:D3:00:CF:16:00:48:42:48:C6:
B8:8E:45:F2:D3:C7:9C:2D:F3:DA:4B:54:98:A5:5C:CC:
8B:12:90:07:EC:64:E4:04:EE:AA:A9:08:F2:9C:C2:7F:
A1:62:2E:35:E9:BA:36:48:2F:84:D7:75:41:B3:DB:DC:
C1:50:89:A0:7C:47:13:E6:FB:B5:3C:FF:85:D9:55:08:
A4:18:55:6B:BD:B6:97:83:99:43:F4:DB:F2:C5:D5:83: 0x010001
- X509v3 extensions
- basicConstraints
- nil
- keyUsage: true, 0x80
- crlDistributionPoints: http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl
- certificatePolicies
- 2.16.840.1.113733.1.7.23.3
- id-qt-cps: https://www.verisign.com/rpa
- 2.16.840.1.113733.1.7.23.3
- extendedKeyUsage: codeSigning
- authorityInfoAccess
- #0
- OCSP: http://ocsp.verisign.com
- caIssuers: http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer
- #0
- authorityKeyIdentifier:
97 d0 6b a8 26 70 c8 a1 3f 94 1f 08 2d c4 35 9b |..k.&p..?...-.5.| a4 a1 1e f2 |.... |
- nsCertType: 0x10
- 1.3.6.1.4.1.311.2.1.27
- false: true
- basicConstraints
- RSA-SHA1:
46 5d 75 ae 48 b9 07 00 69 2c 68 13 43 dc 79 34 |F]u.H...i,h.C.y4| 27 ca ad 6a 51 86 2e 72 f3 a7 cd b7 74 26 f6 d9 |'..jQ..r....t&..| dd 19 29 d6 b3 98 89 82 a3 61 50 bf f9 ef 1f 42 |..)......aP....B| fa 60 07 42 e8 ce de 4d f5 04 f6 e5 53 e2 99 3c |.`.B...M....S..<| f8 13 6a 18 44 a2 aa fd e3 69 af e4 c9 cc 6a 8e |..j.D....i....j.| b4 4f 6b 54 82 db b5 9c 07 ae 21 79 38 3e b4 3a |.OkT......!y8>.:| 37 4d ef 9b 81 4c 25 c3 22 ee c5 c7 13 2d 17 03 |7M...L%."....-..| ef c8 36 79 30 cb ff 65 ad b3 53 7a 72 20 10 97 |..6y0..e..Szr ..| 7f e0 2c 86 06 b9 25 b0 7d 65 d7 39 b5 a1 f8 d1 |..,...%.}e.9....| 50 75 82 88 37 11 6d 8a c1 31 fd 43 9a 2f 9b 61 |Pu..7.m..1.C./.a| 47 6f 77 8a 94 05 c5 a0 b8 df 17 74 cd 5c 94 bd |Gow........t.\..| 57 c6 7d 99 77 9b e2 f0 56 75 11 e1 8e 1c 36 b9 |W.}.w...Vu....6.| f5 5e 6b 1a b8 37 01 40 7d 69 b6 b1 b9 98 8f ee |.^k..7.@}i......| 1b 46 e5 21 bf 2d 89 30 c8 dd 6a 82 6c 4f 33 1b |.F.!.-.0..j.lO3.| 7f 40 c6 4a 0e 2b 20 52 76 e8 28 d1 d7 29 0b 5a |.@.J.+ Rv.(..).Z| e2 58 8c 40 2c 79 2e 35 4a c8 79 06 74 07 c2 af |.X.@,y.5J.y.t...|
- 2
- Certificate #0
- Signer
- 1
- unnamed
- #0
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)09
- CN: VeriSign Class 3 Code Signing 2009-2 CA
- 4E:A5:36:D1:32:EF:AA:07:66:46:AA:7F:5D:8F:3E:99
- #0
- SHA1: nil
- #3
- contentType: 1.3.6.1.4.1.311.2.1.4
- 1.3.6.1.4.1.311.2.1.11: msCodeInd
- 1.3.6.1.4.1.311.2.1.12:
00 46 00 65 00 74 00 69 00 6f 00 6e |.F.e.t.i.o.n |
- messageDigest:
10 7c 07 fc ff fa 23 69 0e 82 ac a1 df 77 f1 7d |.|....#i.....w.}| 20 d0 f7 69 | ..i |
- rsaEncryption:
d9 b1 b0 60 48 30 c3 71 ef 1e 71 48 b0 22 36 c2 |...`H0.q..qH."6.| c5 28 8f 03 00 3e 01 9c 60 25 77 29 e3 4f 23 39 |.(...>..`%w).O#9| cf 0d 8a 45 ba 1f 16 07 2d d9 82 af 34 d1 5d 69 |...E....-...4.]i| fb 07 46 65 9b 87 40 9a 20 26 d1 73 18 7f 11 91 |..Fe..@. &.s....| 5e bf ab f2 5c 52 4f 5f 86 14 6e 0e 95 70 d5 1b |^...\RO_..n..p..| 45 77 de 94 7c 40 21 2b 9a 68 89 35 1a 19 f9 72 |Ew..|@!+.h.5...r| f6 1f 63 7b 77 e9 c2 61 1c 8b 40 99 73 99 7d bd |..c{w..a..@.s.}.| 4c 6d 57 81 9b 46 ca be d3 a1 04 ef cf 24 44 6e |LmW..F.......$Dn|
| offset | size | type | comment | |
|---|---|---|---|---|
| 0 | 272896 | EXE | 02/25/2010 09:57:23 | # |
| 15c1 | 15 | HTM | # | |
| 2cd8 | 23453 | PNG | (256 x 256) | # |
| 94d8 | 38484 | PNG | (256 x 256) | # |
| 14eac | 44540 | PNG | (256 x 256) | # |
| 42a00 | 3256 | PKCS7 | Authenticode Signature | # |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] ignoring invalid PEdump::BITMAPINFOHEADER