cbsidlm-cbsi188-Windows_Essentials_Media_Codec_Pack-ORG-10662709.exe - CNET Download.exe

info
MZ
PE
resources
strings
imports
exports
foremost
version info
signature
hexdump
disasm
log
discuss
donate

filename	cbsidlm-cbsi188-Windows_Essentials_Media_Codec_Pack-ORG-10662709.exe
size	929416 (0xe2e88)
md5	122e0fe0bd52d264ffb874e538114473

type	PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0x108

Rich Header

lib id	version	times used
150	20413	10
149	21022	43
132	21022	78
109	50727	7
131	21022	255
110	50727	1
132	30729	13
123	50727	25
1	0	318
138	21022	86
146	21022	1
148	21022	1
145	21022	1

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x14c
NumberOfSections	3
TimeDateStamp	0x532a30ef
PointerToSymbolTable	0
NumberOfSymbols	0
SizeOfOptionalHeader	0xe0
Characteristics	0x102
Magic	0x10b
LinkerVersion	9.0
SizeOfCode	0xde000
SizeOfInitializedData	0x5000
SizeOfUninitializedData	0x147000
AddressOfEntryPoint	0x225010
BaseOfCode	0x148000
BaseOfData	0x226000
ImageBase	0x400000
SectionAlignment	0x1000
FileAlignment	0x200
OperatingSystemVersion	5.0
ImageVersion	0.0
SubsystemVersion	5.0
Reserved1	0
SizeOfImage	0x22b000
SizeOfHeaders	0x1000
CheckSum	0xe30bc
Subsystem	2
DllCharacteristics	0x8140
SizeOfStackReserve	0x100000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Packer / Compiler

UPX Modified >> *$igBy Ahmed18

This file is packed with UPX. Analysis will be incomplete without unpacking.
We can unpack it for you.

»» Analyze unpacked file

Sections

name	va	vsize	raw size	flags
UPX0	0x1000	0x147000	0	RWX UDATA
UPX1	0x148000	0xde000	0xdd400	RWX IDATA
.rsrc	0x226000	0x5000	0x4800	RW- IDATA

Data Directory

type	va	size
EXPORT	0x1e46e0	0xad64
IMPORT	0x22a504	0x2d0
RESOURCE	0x226000	0x4504
EXCEPTION	0	0
SECURITY	0xe2000	0xe88
BASERELOC	0x22a7d4	0x10
DEBUG	0	0
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0	0
LOAD_CONFIG	0x2251f4	0x48
Bound_IAT	0	0
IAT	0	0
Delay_IAT	0	0
CLR_Header	0	0

show previews

type	name	size	cp
GIF	#5000	16954	1252
OFFERTMPLT	TEMPLATE1	1382	1252
OFFERTMPLT	TEMPLATE10	1624	1252
OFFERTMPLT	TEMPLATE11	1504	1252
OFFERTMPLT	TEMPLATE12	1810	1252
OFFERTMPLT	TEMPLATE2	842	1252
OFFERTMPLT	TEMPLATE3	1020	1252
OFFERTMPLT	TEMPLATE4	1264	1252
OFFERTMPLT	TEMPLATE5	829	1252
OFFERTMPLT	TEMPLATE6	1150	1252
OFFERTMPLT	TEMPLATE7	842	1252
OFFERTMPLT	TEMPLATE8	1267	1252
OFFERTMPLT	TEMPLATE9	1151	1252
BITMAP	IDB_CHECKMRK	3112	1252
ICON	#1	9832	1252
ICON	#2	4392	1252
MENU	#107	32	1252
DIALOG	#103	328	1252
STRING	#7	456	1252
STRING	#8	640	1252
STRING	#9	630	1252
STRING	#10	244	1252
STRING	#11	58	1252
STRING	#12	94	1252
STRING	#13	710	1252
ACCELERATORS	#109	16	1252
GROUP_ICON	#107	34	1252
VERSION	#1	776	1252
MANIFEST	#1	633	1252

id	lang	string
96	1033	2e 68 18 04 14 6e 82 8b 76 88 ef 24 8a 09 be 41 \|.h...n..v..$...A\| 0e 44 03 54 01 06 e3 7f fb 3b 03 2f 03 07 12 00 \|.D.T.....;./....\| d2 02 86 02 58 ff 68 05 64 0a f7 c0 ee ff 63 05 \|....X.h.d.....c.\| 60 05 5d 05 3b 05 55 05 58 06 03 28 05 27 0f 96 \|`.].;.U.X..(.'..\| f0 ff b7 36 62 05 45 05 6f 05 46 05 3e 05 36 05 \|...6b.E.o.F.>.6.\| 1b 05 3d ff 7f 01 6e 72 54 05 53 d2 05 52 05 5a \|..=...nrT.S..R.Z\| 05 4f 05 3c 05 4a 05 35 05 19 05 06 a3 90 f8 18 \|.O.<.J.5........\| 05 13 05 51 0c 2c c2 2a 08 82 ff 02 05 50 05 4e \|...Q.,......P.N\| 05 fe 04 fc 32 a6 bb fe ff ff 2a 05 1d 05 25 05 \|....2........%.\| 23 05 22 05 20 05 41 05 43 05 16 05 fd 04 1f 05 \|#.". .A.C.......\| 17 62 05 37 41 b8 0b c2 05 e4 76 34 05 32 6a 09 \|.b.7A.....v4.2j.\| ff 57 e6 2f 05 2e 05 2b 05 29 05 11 05 15 2e 0b \|.W./...+.)......\| 42 17 84 0e 1e db b8 0b 42 91 ce 5c 0b 42 03 05 \|B.......B..\.B..\| fa ba 20 54 4b 92 f7 f6 d9 54 18 85 10 06 d3 aa \|.. TK....T......\| ca dd 12 aa 25 c6 f2 fe cd 0a 21 54 18 ca bb 9e \|....%.....!T....\| b1 6e 09 dd 12 f6 d7 66 85 6e 09 a2 c3 7a da b8 \|.n.....f.n...z..\| 0a 28 7c 01 42 41 04 3e 04 3f f2 70 8a 39 8c 10 \|.(\|.BA.>.?.p.9..\| 82 df 78 12 37 7b 79 de 03 ba 02 62 ba f4 02 0f \|..x.7{y....b....\| 60 0b 92 14 cc de 10 02 a0 0e 03 7c b4 ab 03 9f \|`..........\|....\| 86 16 73 9f 03 a1 3f 7d 5b 5c ce 1d 66 00 1b 03 \|..s...?}[\..f...\| 14 03 18 c6 5c 03 5d 47 15 df 4f d6 5f 03 64 3e \|....\.]G..O._.d>\| 17 03 7a 4c ce 46 2a f8 77 fc 03 4b 03 52 03 4a \|..zL.F*.w..K.R.J\| 92 03 3d 03 3c 03 3e 03 3f 07 f5 31 24 3f 92 02 \|..=.<.>.?..1$?..\| d5 02 40 26 4f 01 64 c1 48 82 3a c2 97 02 ef 03 \|..@&O.d.H.:.....\| 92 e7 a6 03 a4 6f 7e 02 f4 03 6a cd 09 0c de e3 \|.....o~...j.....\| b2 03 ee cb 13 54 ad de 03 6a 5a 95 0a 12 8a ff \|.....T...jZ.....\| fa aa 9a e1 02 94 02 f6 96 ec 02 80 02 1a e8 f5 \|................\| e2 fd 7e 02 90 03 1a 06 b8 02 cf 7e 10 47 b5 ed \|..~........~.G..\| ed 6e 4f 86 2e 5e 7b f5 \|.nO..^{. \|
112	1033	56 0a ab 03 fc 02 02 a3 bb f7 be df 03 a3 0e 26 \|V..............&\| 03 d9 76 e0 02 03 2a 8f 1a 27 1f fb 4e af d9 17 \|..v.....'..N...\| 22 57 8f 07 68 03 d7 6e e9 cc bb 02 03 c7 02 6c \|"W..h..n.......l\| 03 1b b8 27 80 d0 de f6 09 03 04 03 07 6b d2 15 \|...'.........k..\| d8 92 0d 6e 48 13 03 11 2a 16 b3 e6 c9 13 a8 02 \|...nH..........\| 7d b7 03 b2 2a 46 31 4c 04 2f ee c3 71 8b 87 7c \|}...F1L./..q..\|\| 02 1c 79 4a 23 aa 1f 20 17 3b 60 4f 94 1f 8e 79 \|..yJ#.. .;`O...y\| 07 54 7c 87 03 86 4f 12 06 0b 01 ce 07 ec 61 7b \|.T\|...O.......a{\| e6 02 2f 4e ff 3b 68 40 32 b2 99 a2 86 06 75 02 \|../N.;h@2.....u.\| 7a 02 b6 03 b9 80 0a 28 14 1e 0a 02 b3 38 50 48 \|z......(.....8PH\| 41 b6 8e a9 42 09 1d f8 02 62 a5 03 a2 03 9e 3e \|A...B....b.....>\| 73 ff 57 e0 6a d6 79 03 78 2e 76 03 74 03 72 03 \|s.W.j.y.x.v.t.r.\| 70 03 21 03 1c 4e 02 2f c0 03 19 da 03 6e 03 e2 \|p.!..N./.....n..\| f6 c2 77 e0 ff de 02 8e 02 af 03 8d 03 96 03 25 \|..w............%\| 86 27 03 93 03 92 c2 77 a0 41 ee 8f ae 7f 03 23 \|.'.....w.A.....#\| 03 22 02 ff 85 a8 4a 66 46 91 02 83 03 82 03 81 \|."....JfF.......\| 03 85 42 05 fe bf ca 80 03 fe 02 90 02 8d 02 96 \|..B.............\| 02 cd 02 ce ae d4 6f 30 0a a0 9a 82 d1 0e cc 02 \|......o0........\| 98 02 78 41 b7 84 a0 d2 b7 26 02 6b 03 6d 9d c6 \|..xA.....&.k.m..\| ff 1d 12 69 03 bf 02 be 02 c4 02 c3 02 c2 7e c0 \|...i..........~.\| f0 7f a7 f1 02 bd 02 bc 92 b4 02 b3 02 b9 02 b2 \|................\| 02 c9 02 c8 14 fe 6f 26 02 b1 02 dd 02 dc 02 db \|......o&........\| 02 d8 02 b0 57 a0 08 95 16 ae 82 ad 3e 38 03 37 \|....W.......>8.7\| 04 fe 0e fc 03 2b 03 56 03 f1 7e ef 02 fb 02 fa \|.....+.V..~.....\| 02 07 4a 88 ba 50 48 29 03 28 d8 91 20 dd 81 f9 \|..J..PH).(.. ...\| aa f2 02 02 91 ff 37 13 b8 ff 02 f7 7a 0d 03 0f \|......7.....z...\| 03 0e 03 0c 03 58 03 fd 37 e1 0d ff 02 55 03 9c \|.....X..7....U..\| 03 9b 03 9a 46 03 98 03 5a 3a 39 03 36 1a 50 81 \|....F...Z:9.6.P.\| 4d 76 02 a5 da 7c f6 7b f8 ff 45 1b 36 02 a6 32 \|Mv...\|.{..E.6..2\| 02 a2 02 57 03 e8 02 e7 02 53 03 50 03 48 fc 57 \|...W.....S.P.H.W\| e0 17 1a 03 51 03 49 2e 43 03 42 03 34 03 33 03 \|....Q.I.C.B.4.3.\| 31 dc 84 ed 22 82 2c 03 35 92 02 e9 9a e4 02 2a \|1...".,.5......\| b8 d9 f8 26 b6 ea 02 ab 02 aa 16 95 02 93 21 90 \|...&..........!.\| a4 45 8a 8a 02 98 08 ff 86 2b da 85 02 84 3a 02 \|.E.......+....:.\| 82 02 81 02 9e 02 9d 09 ff 17 a1 c2 9a c6 7f 02 \|................\| 7c 02 7b 02 77 02 76 02 74 bd cb dc 1d b1 00 09 \|\|.{.w.v.t.......\| 11 1e 05 4d bf 04 ec 33 01 57 8e 01 3a 8f 92 14 \|...M...3.W..:...\| 63 49 62 1e 04 2a 2a c6 46 52 01 5a 95 f7 94 54 \|cIb..**.FR.Z...T\| 20 26 1e 94 2e 02 e2 94 ea 04 2e 03 97 be 0e ea \| &..............\| 50 ad ad 96 05 0a 98 06 4a 00 22 21 70 52 50 8e \|P.......J."!pRP.\|
128	1033	6e 46 b5 a6 e0 d8 2a 01 a1 36 d7 a6 50 a7 2e 25 \|nF......6..P..%\| b7 2a a3 4c 92 f5 c3 e2 04 a7 f4 30 bc 24 08 ba \|..L.......0.$..\| e2 5e 92 b0 30 59 e8 0a db 6b ef 21 5a a2 13 0a \|.^..0Y...k.!Z...\| 05 1f 02 01 ac a2 50 82 58 f2 16 00 ce 53 28 ad \|......P.X....S(.\| 8a b5 02 03 de 02 01 1f c5 12 29 b6 0e 9e b7 06 \|..........).....\| 9f 43 42 22 d5 00 9f 72 32 fa 40 a9 ef ab 00 0a \|.CB"...r2.@.....\| 07 ba 05 02 0a bc e6 11 72 dc 60 06 03 bd 00 16 \|........r.`.....\| 6a 05 1d 3f 4f 93 04 2e c0 5e 08 0e 93 29 08 3d \|j..?O....^...).=\| 4a 26 03 9e da 82 d0 62 fa c2 09 07 00 cc 04 c7 \|J&.....b........\| 8e dd de c5 03 4a c5 04 da ae b5 2d a1 c6 42 f6 \|.....J.....-..B.\| 6a 00 50 6e 02 00 ce 07 8a d0 04 16 1e ae 06 06 \|j.Pn............\| 03 5a 13 60 92 26 36 d1 02 03 6d 89 29 88 16 62 \|.Z.`.&6...m.)..b\| 42 4d 12 9e 02 03 3a 02 d6 b3 2d 6b 97 52 03 60 \|BM....:...-k.R.`\| 55 80 d9 2e 9e cb 06 e1 bb 36 88 5e 36 c7 00 a6 \|U........6.^6...\| 93 07 d8 05 d8 98 c2 01 de 4e 02 06 22 01 21 db \|.........N..".!.\| 65 ab b2 05 9a 03 d5 02 ec 73 a2 37 ea 12 0b 0e \|e........s.7....\| ae 05 12 27 f6 6c c7 17 06 1a ae 04 03 03 dd 01 \|...'.l..........\| e7 5d e7 44 8e 07 5b ae 0a 0e 04 42 33 4a 78 03 \|.].D..[....B3Jx.\| fa 0a 05 cd f7 9d c1 1e 0a 3f 04 02 05 e1 04 b5 \|.........?......\| 14 b6 54 06 c2 46 02 54 5a 46 dc c4 d7 d6 00 06 \|..T..F.TZF......\| 0b 0d 1a 0b 5a 26 5b 7f 05 d6 03 bb 05 bb 03 4a \|....Z&[........J\| d8 ee 0a 87 02 2f 9b 06 07 e5 01 03 6d 85 05 51 \|...../......m..Q\| 16 52 02 e6 3a 05 2d d1 c1 c2 e7 0b ae 52 92 12 \|.R..:.-......R..\| 5d 81 42 01 02 56 d1 06 5b 46 66 52 02 e8 c6 9b \|].B..V..[FfR....\| 56 a5 84 b2 03 fb 7d 37 99 62 06 4e 07 ed 05 03 \|V.....}7.b.N....\| 01 fa 06 bf 01 03 ad 53 93 9d ba aa ca 00 ce cf \|.......S........\| 7e 7b cf 82 d2 03 07 26 06 f2 01 f3 00 f3 16 42 \|~{.....&.......B\| f4 aa 01 85 85 08 42 4e f6 66 59 ef 06 6a f7 03 \|......BN.fY..j..\| f8 01 8a 03 4f 11 aa 04 06 76 03 28 dc 00 fe 45 \|....O....v.(...E\| 58 45 9e 60 ec 82 f1 41 50 45 2c 45 43 05 7b df \|XE.`...APE,EC.{.\| ab 4c 42 45 46 4f 34 47 4e 0a 47 3c 30 da a6 00 \|.LBEFO4GN.G<0...\| 12 4c 53 54 3c 44 c2 21 89 57 74 42 41 bb ad fb \|.LST.PO.4S.R....5\| d0 52 91 9e 43 18 72 53 8a c1 84 94 70 3c b6 3e \|.R..C.rS....p<.>\| 92 04 b6 4b 5e 4f 1c 52 59 d8 37 8c b6 26 51 55 \|...K^O.RY.7..&QU\| 46 59 0f 84 6c 05 cf 17 2c 47 52 4f 55 50 45 66 \|FY..l...,GROUPEf\| 47 1a 4e 45 b0 fd \|G.NE.. \|
144	1033	1b 1a 54 57 45 94 4f 54 08 04 9f 26 50 49 a4 ba \|..TWE.OT...&PI..\| 04 84 ee 1d c0 44 36 54 15 45 84 f1 29 64 21 1d \|.....D6T.E..)d!.\| d7 ee cc 2d 4f 8b 44 b1 49 4d 4d 12 49 1c 33 25 \|...-O.D.IMM.I.3%\| 6c 83 4a 42 5a 52 54 05 81 e0 82 83 0c 9e 4c 59 \|l.JBZRT.......LY\| 5a 6e 14 d8 31 25 58 47 22 64 56 1e d6 4c 13 14 \|Zn..1%XG"dV..L..\| 1c 53 0c 12 55 6a 49 e8 67 68 ef 0e 1e 06 9e 41 \|.S..UjI.gh.....A\| 84 41 3c 12 36 41 07 7b 6c 43 14 4b 41 16 ba 55 \|.A<.6A.{lC.KA..U\| 54 6c 6d 70 ef a6 f0 4d e4 14 06 4f 84 4d 4e 11 \|Tlmp...M...O.MN.\| c6 07 0c b3 b2 01 33 d8 52 8c 1a 3c 4b 40 58 e0 \|......3.R..I.`..F..\| fb 0f d6 47 4c 4f 42 59 49 46 3a f1 42 81 e1 0e \|...GLOBYIF:.B...\| 66 5a 54 92 a6 4c 18 42 31 b0 86 ca 48 18 f6 86 \|fZT..L.B1...H...\| 86 85 1d 9a cc 0e 57 9c e2 24 8a 6c 81 c0 04 90 \|......W..$.l....\| dc 0c 90 45 57 18 9e 42 13 08 0e f4 44 59 2b 93 \|...EW..B....DY+.\| 8d 47 e2 65 \|.G.e \|
160	1033	乨胎웡⫿䨌共氲憴Ѭءᚢꙙ硿䍂䄀嘰Ѣ匚미⳱挀ㅷ樅
176	1033	隿晹砸ᰵ蘳᩠薳潿寉嵘楔✎ꉨ헢璂唒ꉫ浌⸺䔃ۀ娼䈨츤ﰈ뀋㭒<㤔Ŷ삃危ȱ␢喁꜇᭲쀘ᢤ̫爯鏛Ẹ㘀ğ䐾
192	1033	29 be da 78 77 3d 09 1f 37 10 22 95 0b 44 4b 50 \|)..xw=..7."..DKP\| 64 6c 20 ea 64 5e 46 53 65 fc 47 22 3e 6e 1b 25 \|dl .d^FSe.G">n.%\| 45 4f 00 23 11 ae d0 c7 d3 07 07 05 6a 05 03 06 \|EO.#........j...\| 74 db ed 76 33 06 08 08 02 06 20 04 03 0a 28 0b \|t..v3..... ...(.\| 06 02 36 05 09 af dd fb fb 06 09 09 07 0a 1c 02 \|..6.............\| 03 09 04 36 06 04 2a 07 52 02 77 af 6d 67 4c 66 \|...6...R.w.mgLf\| 06 06 0c 44 04 68 07 32 98 25 dd ec 76 3c 2c 07 \|...D.h.2.%..v<,.\| 0d 02 3c 54 08 05 11 ee c9 30 b3 ba a4 bf 7a 5b \|../q...\| 6e d7 93 48 63 fb bd 01 01 0f c9 a1 70 6e 71 03 \|n..Hc.......pnq.\| b0 0f 09 98 02 10 d9 6c 66 01 06 11 24 10 df 44 \|.......lf...$..D\| 67 1f ea 03 73 eb 0f 40 bc 73 c1 7c 06 24 61 a9 \|g...s..@.s.\|.$a.\| e4 06 c4 7b bb a0 f3 b0 f6 5e 08 0e 6c 06 67 f3 \|...{.....^..l.g.\| 3c cf 60 50 2c 18 a8 fc 52 95 74 9e dc c8 6e 61 \|<.`P,...R.t...na\| 9e e7 bd 95 66 5f 70 16 9c 06 88 60 40 8b f8 de \|....f_p....`@...\| 79 28 86 a7 ae a7 bc f4 82 f1 bf 2c 08 12 21 35 \|y(.........,..!5\| 4e 67 80 b2 e4 6f ab 20 2f 18 9d 4d 7b 20 2b 58 \|Ng...o. /..M{ +X\| d0 d0 46 6d df 79 cf bb ef 5d db 36 62 1e 61 27 \|..Fm.y...].6b.a'\| 20 0a 63 62 1a ed de 2a 6e 56 1e 63 3b dd 33 b1 \| .cb...nV.c;.3.\| 1b 64 1a 9b 73 71 22 57 dd b3 a7 4e 6e 65 a1 ca \|.d..sq"W...Nne..\| 9a 3b 07 d0 3a e8 eb 81 22 06 f6 f8 a8 51 9d 16 \|.;..:..."....Q..\| c6 28 f0 e9 50 97 c3 c8 56 90 e7 03 37 46 d2 0c \|.(..P...V...7F..\| 83 09 51 45 52 20 5f 4a c2 33 07 91 75 6e f7 d2 \|..QER _J.3..un..\| 2d 09 69 2f 2d 24 \|-.i/-$ \|

module_name	ord	function_name
KERNEL32.DLL		LoadLibraryA
KERNEL32.DLL		GetProcAddress
KERNEL32.DLL		VirtualProtect
KERNEL32.DLL		VirtualAlloc
KERNEL32.DLL		VirtualFree
KERNEL32.DLL		ExitProcess
ADVAPI32.dll		FreeSid
GDI32.dll		LPtoDP
gdiplus.dll		GdipFree
ole32.dll		OleInitialize
OLEAUT32.dll	7
RPCRT4.dll		UuidCreate
SHELL32.dll		ShellExecuteA
SHLWAPI.dll		PathFileExistsW
USER32.dll		GetDC
VERSION.dll		VerQueryValueW
WS2_32.dll	19

ord	entry_va	function_name

module_name
flags	0xe8de8868
timestamp	2033-04-30 20:59:01
version	48670.10475
ordinal_base	2688781665
nFunctions	1910560080
nNames	3623117753
Names(3623117753)	0x84360e82
Functions(1910560080)	0xc9d0f008
NameOrdinals(3623117753)	0x80908d70

StringTable 040904b0

CompanyName	CNET Download.com
FileDescription	CNET Download.com
FileVersion	5, 4, 0, 188
InternalName	CNET Download.com
LegalCopyright	Copyright (C) 2013
OriginalFilename	CNET Download.exe
ProductName	CNET Download.com
ProductVersion	5, 4, 0, 188

VS_FIXEDFILEINFO

FileVersion	5.4.0.188
ProductVersion	5.4.0.188
StrucVersion	0x10000
FileFlagsMask	0x17
FileFlags	0
FileOS	4
FileType	1
FileSubtype	0

OpenSSL (terse)
ASN.1 (verbose)

Signers (1)

issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https:\/\/www.verisign.com\/rpa (c)10/CN=VeriSign Class 3 Code Signing 2010 CA

serial: 4E4BA2EE1F4C2B3D88BE589DA3471167

Certificates (2)

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            4e:4b:a2:ee:1f:4c:2b:3d:88:be:58:9d:a3:47:11:67
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https:\/\/www.verisign.com\/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA
        Validity
            Not Before: Jul 22 00:00:00 2013 GMT
            Not After : Aug 21 23:59:59 2015 GMT
        Subject: C=US, ST=California, L=San Francisco, O=CBS Interactive, OU=Digital ID Class 3 - Microsoft Software Validation v2, CN=CBS Interactive
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:d5:87:ca:12:b8:e3:a8:4a:ea:0f:69:b8:34:37:
                    d4:43:0e:64:ad:64:30:6f:69:08:58:d3:9e:ed:d1:
                    4b:20:65:63:b5:8b:95:50:e4:c8:95:c9:08:de:64:
                    45:fc:97:bc:98:6c:63:23:00:8f:f6:44:b9:11:af:
                    a0:87:0f:01:05:96:ca:d6:dd:94:23:a1:0e:db:b0:
                    0c:ac:fb:e5:f8:48:ed:19:ca:aa:30:a9:0e:18:f7:
                    48:98:24:38:e1:63:1c:04:cd:eb:e0:65:98:ad:2d:
                    79:86:ed:27:44:10:dc:ca:92:6b:c3:0f:03:b3:b8:
                    47:a7:5a:51:d9:3b:f5:b7:b0:6b:43:b4:9a:7e:92:
                    68:60:69:de:29:46:10:9a:fa:46:cd:11:cf:b2:75:
                    ad:12:30:ae:ce:d0:d0:85:73:aa:ce:11:cc:69:0d:
                    3b:68:4d:09:1c:fa:92:78:c7:91:0a:39:08:fc:14:
                    9a:a5:84:62:b6:42:eb:68:f0:e5:2b:f0:3b:4c:3c:
                    3d:e5:38:c7:33:a7:62:46:ca:1e:cc:50:93:f4:7b:
                    2d:ef:f7:ee:05:8c:08:6d:fa:ca:95:30:ab:2b:be:
                    33:ae:dd:30:76:4e:1f:bf:f9:5e:8e:d2:5e:45:38:
                    a1:e3:8b:d4:7c:8f:b1:bc:8b:05:43:da:7c:62:cc:
                    c0:a9
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://csc3-2010-crl.verisign.com/CSC3-2010.crl
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.113733.1.7.23.3
                  CPS: https://www.verisign.com/rpa
            X509v3 Extended Key Usage: 
                Code Signing
            Authority Information Access: 
                OCSP - URI:http://ocsp.verisign.com
                CA Issuers - URI:http://csc3-2010-aia.verisign.com/CSC3-2010.cer
            X509v3 Authority Key Identifier: 
                CF:99:A9:EA:7B:26:F4:4B:C9:8E:8F:D7:F0:05:26:EF:E3:D2:A7:9D
            Netscape Cert Type: 
                Object Signing
            1.3.6.1.4.1.311.2.1.27: 
                0.......
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        31:b4:73:8b:0c:22:a0:4c:bb:87:78:6d:db:2f:7c:b5:92:8d:
        ad:65:6f:49:ce:9f:1f:7d:84:86:ca:d9:e3:6e:48:af:db:18:
        38:9d:04:65:0d:36:4d:13:04:3b:a5:35:7a:3e:45:e7:35:0d:
        1d:f5:f9:4a:57:c0:c7:27:08:2f:33:3a:c9:71:ae:36:97:fe:
        e7:5f:80:98:a7:00:34:ba:73:36:fa:cb:b1:c0:89:02:84:47:
        ac:4d:3e:38:91:e0:84:5a:f9:6e:69:c8:bd:98:97:af:fe:bf:
        67:a1:c8:6f:14:7f:96:53:6c:14:ec:68:7b:28:f1:8f:b4:15:
        0e:1e:2e:f6:15:8b:57:3a:e0:a4:19:00:3c:fa:5d:ff:80:43:
        12:9a:b3:9f:d2:3b:ec:1d:d8:e8:a2:fd:ab:31:b0:fc:a8:11:
        70:64:8a:36:73:a6:67:fc:60:b6:15:66:b8:15:e9:1f:c1:7b:
        f3:f0:8d:e0:7d:e4:d3:0d:3c:57:d0:17:fa:8a:01:08:f5:d8:
        d0:93:68:a9:4c:43:5e:af:a6:9b:4b:ba:e8:85:45:a4:a1:7a:
        42:9e:50:07:5c:0e:cf:9a:92:9b:18:30:6f:af:8c:3b:ba:6f:
        4e:94:15:b4:a2:8b:2f:ad:32:c1:ac:f4:7a:44:f2:00:66:18:
        6b:57:50:f5

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
        Validity
            Not Before: Feb  8 00:00:00 2010 GMT
            Not After : Feb  7 23:59:59 2020 GMT
        Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https:\/\/www.verisign.com\/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:f5:23:4b:5e:a5:d7:8a:bb:32:e9:d4:57:f7:ef:
                    e4:c7:26:7e:ad:19:98:fe:a8:9d:7d:94:f6:36:6b:
                    10:d7:75:81:30:7f:04:68:7f:cb:2b:75:1e:cd:1d:
                    08:8c:df:69:94:a7:37:a3:9c:7b:80:e0:99:e1:ee:
                    37:4d:5f:ce:3b:14:ee:86:d4:d0:f5:27:35:bc:25:
                    0b:38:a7:8c:63:9d:17:a3:08:a5:ab:b0:fb:cd:6a:
                    62:82:4c:d5:21:da:1b:d9:f1:e3:84:3b:8a:2a:4f:
                    85:5b:90:01:4f:c9:a7:76:10:7f:27:03:7c:be:ae:
                    7e:7d:c1:dd:f9:05:bc:1b:48:9c:69:e7:c0:a4:3c:
                    3c:41:00:3e:df:96:e5:c5:e4:94:71:d6:55:01:c7:
                    00:26:4a:40:3c:b5:a1:26:a9:0c:a7:6d:80:8e:90:
                    25:7b:cf:bf:3f:1c:eb:2f:96:fa:e5:87:77:c6:b5:
                    56:b2:7a:3b:54:30:53:1b:df:62:34:ff:1e:d1:f4:
                    5a:93:28:85:e5:4c:17:4e:7e:5b:fd:a4:93:99:7f:
                    df:cd:ef:a4:75:ef:ef:15:f6:47:e7:f8:19:72:d8:
                    2e:34:1a:a6:b4:a7:4c:7e:bd:bb:4f:0c:3d:57:f1:
                    30:d6:a6:36:8e:d6:80:76:d7:19:2e:a5:cd:7e:34:
                    2d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.113733.1.7.23.3
                  CPS: https://www.verisign.com/cps
                  User Notice:
                    Explicit Text: https://www.verisign.com/rpa
            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            1.3.6.1.5.5.7.1.12: 
                0_.].[0Y0W0U..image/gif0!0.0...+..............k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.verisign.com/pca3-g5.crl
            Authority Information Access: 
                OCSP - URI:http://ocsp.verisign.com
            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, Code Signing
            X509v3 Subject Alternative Name: 
                DirName:/CN=VeriSignMPKI-2-8
            X509v3 Subject Key Identifier: 
                CF:99:A9:EA:7B:26:F4:4B:C9:8E:8F:D7:F0:05:26:EF:E3:D2:A7:9D
            X509v3 Authority Key Identifier: 
                7F:D3:65:A7:C2:DD:EC:BB:F0:30:09:F3:43:39:FA:02:AF:33:31:33
    Signature Algorithm: sha1WithRSAEncryption
    Signature Value:
        56:22:e6:34:a4:c4:61:cb:48:b9:01:ad:56:a8:64:0f:d9:8c:
        91:c4:bb:cc:0c:e5:ad:7a:a0:22:7f:df:47:38:4a:2d:6c:d1:
        7f:71:1a:7c:ec:70:a9:b1:f0:4f:e4:0f:0c:53:fa:15:5e:fe:
        74:98:49:24:85:81:26:1c:91:14:47:b0:4c:63:8c:bb:a1:34:
        d4:c6:45:e8:0d:85:26:73:03:d0:a9:8c:64:6d:dc:71:92:e6:
        45:05:60:15:59:51:39:fc:58:14:6b:fe:d4:a4:ed:79:6b:08:
        0c:41:72:e7:37:22:06:09:be:23:e9:3f:44:9a:1e:e9:61:9d:
        cc:b1:90:5c:fc:3d:d2:8d:ac:42:3d:65:36:d4:b4:3d:40:28:
        8f:9b:10:cf:23:26:cc:4b:20:cb:90:1f:5d:8c:4c:34:ca:3c:
        d8:e5:37:d6:6f:a5:20:bd:34:eb:26:d9:ae:0d:e7:c5:9a:f7:
        a1:b4:21:91:33:6f:86:e8:58:bb:25:7c:74:0e:58:fe:75:1b:
        63:3f:ce:31:7c:9b:8f:1b:96:9e:c5:53:76:84:5b:9c:ad:91:
        fa:ac:ed:93:ba:5d:c8:21:53:c2:82:53:63:af:12:0d:50:87:
        11:1b:3d:54:52:96:8a:2c:9c:3d:92:1a:08:9a:05:2e:c7:93:
        a5:48:91:d3

pkcs7-signedData

1
- SHA1: nil
- 1.3.6.1.4.1.311.2.1.4
  - #0
    - 1.3.6.1.4.1.311.2.1.15
      - :
        00 3c 00 3c 00 3c 00 4f 00 62 00 73 00 6f 00 6c |.<.<.<.O.b.s.o.l| 00 65 00 74 00 65 00 3e 00 3e 00 3e |.e.t.e.>.>.> |
    - SHA1
      - 92 44 61 51 44 c3 05 fd cd 24 f6 2e 4c 36 e7 c5 |.DaQD....$..L6..| 4c 53 cb 0c |LS.. |
- Certificates
  - Certificate #0
    - 2
      - 4E:4B:A2:EE:1F:4C:2B:3D:88:BE:58:9D:A3:47:11:67
      - RSA-SHA1: nil
      - Issuer
        C: US
        O: VeriSign, Inc.
        OU: VeriSign Trust Network
        OU: Terms of use at https://www.verisign.com/rpa (c)10
        CN: VeriSign Class 3 Code Signing 2010 CA
      - 2013-07-22 00:00:00 UTC: 2015-08-21 23:59:59 UTC
      - Subject
        C: US
        ST: California
        L: San Francisco
        O: CBS Interactive
        OU: Digital ID Class 3 - Microsoft Software Validation v2
        CN: CBS Interactive
      - #5
        rsaEncryption: nil
        D5:87:CA:12:B8:E3:A8:4A:EA:0F:69:B8:34:37:D4:43:
        0E:64:AD:64:30:6F:69:08:58:D3:9E:ED:D1:4B:20:65:
        63:B5:8B:95:50:E4:C8:95:C9:08:DE:64:45:FC:97:BC:
        98:6C:63:23:00:8F:F6:44:B9:11:AF:A0:87:0F:01:05:
        96:CA:D6:DD:94:23:A1:0E:DB:B0:0C:AC:FB:E5:F8:48:
        ED:19:CA:AA:30:A9:0E:18:F7:48:98:24:38:E1:63:1C:
        04:CD:EB:E0:65:98:AD:2D:79:86:ED:27:44:10:DC:CA:
        92:6B:C3:0F:03:B3:B8:47:A7:5A:51:D9:3B:F5:B7:B0:
        6B:43:B4:9A:7E:92:68:60:69:DE:29:46:10:9A:FA:46:
        CD:11:CF:B2:75:AD:12:30:AE:CE:D0:D0:85:73:AA:CE:
        11:CC:69:0D:3B:68:4D:09:1C:FA:92:78:C7:91:0A:39:
        08:FC:14:9A:A5:84:62:B6:42:EB:68:F0:E5:2B:F0:3B:
        4C:3C:3D:E5:38:C7:33:A7:62:46:CA:1E:CC:50:93:F4:
        7B:2D:EF:F7:EE:05:8C:08:6D:FA:CA:95:30:AB:2B:BE:
        33:AE:DD:30:76:4E:1F:BF:F9:5E:8E:D2:5E:45:38:A1:
        E3:8B:D4:7C:8F:B1:BC:8B:05:43:DA:7C:62:CC:C0:A9: 0x010001
      - X509v3 extensions
        basicConstraints
        nil
        keyUsage: true, 0x80
        crlDistributionPoints: http://csc3-2010-crl.verisign.com/CSC3-2010.crl
        certificatePolicies
        2.16.840.1.113733.1.7.23.3
        id-qt-cps: https://www.verisign.com/rpa
        extendedKeyUsage: codeSigning
        authorityInfoAccess
        #0
        OCSP: http://ocsp.verisign.com
        caIssuers: http://csc3-2010-aia.verisign.com/CSC3-2010.cer
        authorityKeyIdentifier:
        cf 99 a9 ea 7b 26 f4 4b c9 8e 8f d7 f0 05 26 ef |....{&.K......&.| e3 d2 a7 9d |.... |
        nsCertType: 0x10
        1.3.6.1.4.1.311.2.1.27
        false: true
    - RSA-SHA1:
```
31 b4 73 8b 0c 22 a0 4c  bb 87 78 6d db 2f 7c b5  |1.s..".L..xm./|.|
92 8d ad 65 6f 49 ce 9f  1f 7d 84 86 ca d9 e3 6e  |...eoI...}.....n|
48 af db 18 38 9d 04 65  0d 36 4d 13 04 3b a5 35  |H...8..e.6M..;.5|
7a 3e 45 e7 35 0d 1d f5  f9 4a 57 c0 c7 27 08 2f  |z>E.5....JW..'./|
33 3a c9 71 ae 36 97 fe  e7 5f 80 98 a7 00 34 ba  |3:.q.6..._....4.|
73 36 fa cb b1 c0 89 02  84 47 ac 4d 3e 38 91 e0  |s6.......G.M>8..|
84 5a f9 6e 69 c8 bd 98  97 af fe bf 67 a1 c8 6f  |.Z.ni.......g..o|
14 7f 96 53 6c 14 ec 68  7b 28 f1 8f b4 15 0e 1e  |...Sl..h{(......|
2e f6 15 8b 57 3a e0 a4  19 00 3c fa 5d ff 80 43  |....W:....<.]..C|
12 9a b3 9f d2 3b ec 1d  d8 e8 a2 fd ab 31 b0 fc  |.....;.......1..|
a8 11 70 64 8a 36 73 a6  67 fc 60 b6 15 66 b8 15  |..pd.6s.g.`..f..|
e9 1f c1 7b f3 f0 8d e0  7d e4 d3 0d 3c 57 d0 17  |...{....}...
```
  - Certificate #1
    - 2
      - 52:00:E5:AA:25:56:FC:1A:86:ED:96:C9:D4:4B:33:C7
      - RSA-SHA1: nil
      - Issuer
        C: US
        O: VeriSign, Inc.
        OU: VeriSign Trust Network
        OU: (c) 2006 VeriSign, Inc. - For authorized use only
        CN: VeriSign Class 3 Public Primary Certification Authority - G5
      - 2010-02-08 00:00:00 UTC: 2020-02-07 23:59:59 UTC
      - Subject
        C: US
        O: VeriSign, Inc.
        OU: VeriSign Trust Network
        OU: Terms of use at https://www.verisign.com/rpa (c)10
        CN: VeriSign Class 3 Code Signing 2010 CA
      - #5
        rsaEncryption: nil
        F5:23:4B:5E:A5:D7:8A:BB:32:E9:D4:57:F7:EF:E4:C7:
        26:7E:AD:19:98:FE:A8:9D:7D:94:F6:36:6B:10:D7:75:
        81:30:7F:04:68:7F:CB:2B:75:1E:CD:1D:08:8C:DF:69:
        94:A7:37:A3:9C:7B:80:E0:99:E1:EE:37:4D:5F:CE:3B:
        14:EE:86:D4:D0:F5:27:35:BC:25:0B:38:A7:8C:63:9D:
        17:A3:08:A5:AB:B0:FB:CD:6A:62:82:4C:D5:21:DA:1B:
        D9:F1:E3:84:3B:8A:2A:4F:85:5B:90:01:4F:C9:A7:76:
        10:7F:27:03:7C:BE:AE:7E:7D:C1:DD:F9:05:BC:1B:48:
        9C:69:E7:C0:A4:3C:3C:41:00:3E:DF:96:E5:C5:E4:94:
        71:D6:55:01:C7:00:26:4A:40:3C:B5:A1:26:A9:0C:A7:
        6D:80:8E:90:25:7B:CF:BF:3F:1C:EB:2F:96:FA:E5:87:
        77:C6:B5:56:B2:7A:3B:54:30:53:1B:DF:62:34:FF:1E:
        D1:F4:5A:93:28:85:E5:4C:17:4E:7E:5B:FD:A4:93:99:
        7F:DF:CD:EF:A4:75:EF:EF:15:F6:47:E7:F8:19:72:D8:
        2E:34:1A:A6:B4:A7:4C:7E:BD:BB:4F:0C:3D:57:F1:30:
        D6:A6:36:8E:D6:80:76:D7:19:2E:A5:CD:7E:34:2D:89: 0x010001
      - X509v3 extensions
        basicConstraints
        true
        true: 0
        certificatePolicies
        2.16.840.1.113733.1.7.23.3
        #0
        id-qt-cps: https://www.verisign.com/cps
        id-qt-unotice: https://www.verisign.com/rpa
        keyUsage: true, 6
        1.3.6.1.5.5.7.1.12
        image/gif
        SHA1:
        8f e5 d3 1a 86 ac 8d 8e 6b c3 cf 80 6a d4 48 18 |........k...j.H.| 2c 7b 19 2e |,{.. |
        http://logo.verisign.com/vslogo.gif
        crlDistributionPoints: http://crl.verisign.com/pca3-g5.crl
        authorityInfoAccess
        OCSP: http://ocsp.verisign.com
        extendedKeyUsage
        clientAuth: codeSigning
        subjectAltName
        CN: VeriSignMPKI-2-8
        subjectKeyIdentifier:
        cf 99 a9 ea 7b 26 f4 4b c9 8e 8f d7 f0 05 26 ef |....{&.K......&.| e3 d2 a7 9d |.... |
        authorityKeyIdentifier:
        7f d3 65 a7 c2 dd ec bb f0 30 09 f3 43 39 fa 02 |..e......0..C9..| af 33 31 33 |.313 |
    - RSA-SHA1:
```
56 22 e6 34 a4 c4 61 cb  48 b9 01 ad 56 a8 64 0f  |V".4..a.H...V.d.|
d9 8c 91 c4 bb cc 0c e5  ad 7a a0 22 7f df 47 38  |.........z."..G8|
4a 2d 6c d1 7f 71 1a 7c  ec 70 a9 b1 f0 4f e4 0f  |J-l..q.|.p...O..|
0c 53 fa 15 5e fe 74 98  49 24 85 81 26 1c 91 14  |.S..^.t.I$..&...|
47 b0 4c 63 8c bb a1 34  d4 c6 45 e8 0d 85 26 73  |G.Lc...4..E...&s|
03 d0 a9 8c 64 6d dc 71  92 e6 45 05 60 15 59 51  |....dm.q..E.`.YQ|
39 fc 58 14 6b fe d4 a4  ed 79 6b 08 0c 41 72 e7  |9.X.k....yk..Ar.|
37 22 06 09 be 23 e9 3f  44 9a 1e e9 61 9d cc b1  |7"...#.?D...a...|
90 5c fc 3d d2 8d ac 42  3d 65 36 d4 b4 3d 40 28  |.\.=...B=e6..=@(|
8f 9b 10 cf 23 26 cc 4b  20 cb 90 1f 5d 8c 4c 34  |....#&.K ...].L4|
ca 3c d8 e5 37 d6 6f a5  20 bd 34 eb 26 d9 ae 0d  |.<..7.o. .4.&...|
e7 c5 9a f7 a1 b4 21 91  33 6f 86 e8 58 bb 25 7c  |......!.3o..X.%||
74 0e 58 fe 75 1b 63 3f  ce 31 7c 9b 8f 1b 96 9e  |t.X.u.c?.1|.....|
c5 53 76 84 5b 9c ad 91  fa ac ed 93 ba 5d c8 21  |.Sv.[........].!|
53 c2 82 53 63 af 12 0d  50 87 11 1b 3d 54 52 96  |S..Sc...P...=TR.|
8a 2c 9c 3d 92 1a 08 9a  05 2e c7 93 a5 48 91 d3  |.,.=.........H..|
```
- Signer
  - 1
  - unnamed
    - #0
      - C: US
      - O: VeriSign, Inc.
      - OU: VeriSign Trust Network
      - OU: Terms of use at https://www.verisign.com/rpa (c)10
      - CN: VeriSign Class 3 Code Signing 2010 CA
    - 4E:4B:A2:EE:1F:4C:2B:3D:88:BE:58:9D:A3:47:11:67
  - SHA1: nil
  - #3
    - 1.3.6.1.4.1.311.2.1.12
      - nil
    - contentType: 1.3.6.1.4.1.311.2.1.4
    - 1.3.6.1.4.1.311.2.1.11: msCodeInd
    - messageDigest:
```
10 ce e0 84 17 03 91 ad  56 ff cc 59 ec 13 4f 20  |........V..Y..O |
c9 d6 7b 84                                       |..{.            |
```
  - rsaEncryption:
```
8f a0 08 17 7f e0 f1 b9  42 ce a5 d8 52 fc c2 0f  |........B...R...|
dc 87 38 f8 35 9b 22 1d  a6 3c 77 36 85 71 29 44  |..8.5."...|
ff a9 ae 2c 95 55 08 92  d8 a0 d8 42 dd 90 9a 81  |...,.U.....B....|
b6 d6 ff e7 00 3c da c0  dd 1f 4d 41 1b 4e bb f8  |.....<....MA.N..|
eb 7d d1 b0 a4 0a e6 1d  79 f7 cf bf 34 0e 71 a7  |.}......y...4.q.|
47 04 36 6c 4d 71 3c 1a  27 e3 4c c0 d2 54 3d b5  |G.6lMq<.'.L..T=.|
```

show previews

offset	size	type	comment
0	925696	EXE	03/20/2014 00:06:07	#
15c1	15	HTM		#
e2000	3720	PKCS7	Authenticode Signature	#

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

[?] ignoring invalid PEdump::BITMAPINFOHEADER

[!] string size(53340) > stringtable size(456). truncated to 454

[!] cannot convert "\x18\x04\x14n\x82\x8Bv\x88\xEF$\x8A\t\xBEA\x0ED"... to UTF-16

[!] string size(5292) > stringtable size(640). truncated to 638

[!] cannot convert "\xAB\x03\xFC\x02\x02\xA3\xBB\xF7\xBE\xDF\x03\xA3\x0E&\x03\xD9"... to UTF-16

[!] string size(36060) > stringtable size(630). truncated to 628

[!] cannot convert "\xB5\xA6\xE0\xD8*\x01\xA16\xD7\xA6P\xA7.%\xB7*"... to UTF-16

[!] string size(13366) > stringtable size(244). truncated to 242

[!] cannot convert "TWE\x94OT\b\x04\x9F&PI\xA4\xBA\x04\x84"... to UTF-16

[!] string size(36068) > stringtable size(58). truncated to 56

[!] string size(72230) > stringtable size(94). truncated to 92

[!] string size(97362) > stringtable size(710). truncated to 708

[!] cannot convert "\xDAxw=\t\x1F7\x10\"\x95\vDKPdl"... to UTF-16

[?] can't find file_offset of VA 0x4cf45dcb

[?] can't find file_offset of VA 0xc9d0f008

[?] can't find file_offset of VA 0x80908d70

[?] can't find file_offset of VA 0x84360e82