| filename | pexplorer.exe | |
|---|---|---|
| size | 3030264 (0x2e3cf8) | |
| md5 | 133cda68c8e5f2e3794e794afb3fc65f | |
| type | PE32 executable (GUI) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x50 |
| blocks_in_file | 2 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0xf |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0x1a |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0x100 |
DOS stub
00000000: ba 10 00 0e 1f b4 09 cd 21 b8 01 4c cd 21 90 90 |........!..L.!..| 00000010: 54 68 69 73 20 70 72 6f 67 72 61 6d 20 6d 75 73 |This program mus| 00000020: 74 20 62 65 20 72 75 6e 20 75 6e 64 65 72 20 57 |t be run under W| 00000030: 69 6e 33 32 0d 0a 24 37 00 00 00 00 00 00 00 00 |in32..$7........| 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |................| * 000000c0:
PE Header
Packer / Compiler
Sections
Data Directory
TLS
| raw start | raw end | index | callbks | zero fill | flags | |
|---|---|---|---|---|---|---|
| 0x5d1000 | 0x5d1008 | 0x5c74b4 | 0x5d2010 | 0 | 0 |
| id | lang | string |
|---|---|---|
| 65232 | 0 | The "Portable Network Graphics" image can not be resize by changing width and height properties. Try assigning the image from a bitmap. |
| 65233 | 0 | The png image could not be loaded from the resource ID. |
| 65234 | 0 | Some operation could not be performed because the system is out of resources. Close some windows and try again. |
| 65235 | 0 | This operation is not valid because the current image contains no valid header. |
| 65236 | 0 | ani |
| 65237 | 0 | ANI Image |
| 65238 | 0 | AniCursor: Unable to change Size. |
| 65239 | 0 | AniCursor: Unable to work with ClipBoard. |
| 65240 | 0 | AniCursor: Bad image format. |
| 65241 | 0 | AniCursor: Animated icon image is not valid. |
| 65242 | 0 | OLE error %.8x |
| 65243 | 0 | Method '%s' not supported by automation object |
| 65244 | 0 | Variant does not reference an automation object |
| 65248 | 0 | You must be in ShowCheckbox mode to set to this date |
| 65249 | 0 | This "Portable Network Graphics" image is not valid because it contains invalid pieces of data (crc error) |
| 65250 | 0 | The "Portable Network Graphics" image could not be loaded because one of its main piece of data (ihdr) might be corrupted |
| 65251 | 0 | This "Portable Network Graphics" image is invalid because it has missing image parts. |
| 65252 | 0 | Could not decompress the image because it contains invalid compressed data. Description: |
| 65253 | 0 | The "Portable Network Graphics" image contains an invalid palette. |
| 65254 | 0 | The file being readed is not a valid "Portable Network Graphics" image because it contains an invalid header. This file may be corruped, try obtaining it again. |
| 65255 | 0 | This "Portable Network Graphics" image is not supported or it might be invalid. (IHDR chunk is not the first) |
| 65256 | 0 | This "Portable Network Graphics" image is not supported because either it's width or height exceeds the maximum size, which is 65535 pixels length. |
| 65257 | 0 | There is no such palette entry. |
| 65258 | 0 | This "Portable Network Graphics" image contains an unknown critical part which could not be decoded. |
| 65259 | 0 | This "Portable Network Graphics" image is encoded with an unknown compression scheme which could not be decoded. |
| 65260 | 0 | This "Portable Network Graphics" image uses an unknown interlace scheme which could not be decoded. |
| 65261 | 0 | The chunks must be compatible to be assigned. |
| 65262 | 0 | This "Portable Network Graphics" image is invalid because the decoder found an unexpected end of the file. |
| 65263 | 0 | This "Portable Network Graphics" image contains no data. |
| 65264 | 0 | Converting... |
| 65265 | 0 | Rendering... |
| 65266 | 0 | Copying... |
| 65267 | 0 | Optimizing... |
| 65268 | 0 | Tab control access error |
| 65269 | 0 | Invalid index |
| 65270 | 0 | Unable to insert an item |
| 65271 | 0 | Invalid owner |
| 65272 | 0 | RichEdit line insertion error |
| 65273 | 0 | Failed to Load Stream |
| 65274 | 0 | Failed to Save Stream |
| 65275 | 0 | %s is already associated with %s |
| 65276 | 0 | %d is an invalid PageIndex value. PageIndex must be between 0 and %d |
| 65277 | 0 | This control requires version 4.70 or greater of COMCTL32.DLL |
| 65278 | 0 | Date exceeds maximum of %s |
| 65279 | 0 | Date is less than minimum of %s |
| 65280 | 0 | Image width too small for contained frames |
| 65281 | 0 | Failed to store GIF on clipboard |
| 65282 | 0 | Image exceeds Logical Screen size |
| 65283 | 0 | No global or local color table defined |
| 65284 | 0 | Invalid pixel coordinates |
| 65285 | 0 | Unsupported PixelFormat |
| 65286 | 0 | Invalid image dimensions |
| 65287 | 0 | Image has no DIB |
| 65288 | 0 | Invalid stream operation |
| 65289 | 0 | Color not in color table |
| 65290 | 0 | Color table is empty |
| 65291 | 0 | Image is empty |
| 65292 | 0 | Invalid reduction method |
| 65293 | 0 | GIF Image |
| 65294 | 0 | Loading... |
| 65295 | 0 | Saving... |
| 65296 | 0 | Unsupported GIF version |
| 65297 | 0 | Invalid GIF signature |
| 65298 | 0 | Invalid number of colors specified in Screen Descriptor |
| 65299 | 0 | Invalid number of colors specified in Image Descriptor |
| 65300 | 0 | Unknown extension type |
| 65301 | 0 | Invalid extension introducer |
| 65302 | 0 | Failed to allocate memory for GIF DIB |
| 65303 | 0 | Decoder bit buffer under-run |
| 65304 | 0 | Circular decoder table entry |
| 65305 | 0 | Invalid Image trailer |
| 65306 | 0 | Internal error: Extension Instance does not match Extension Label |
| 65307 | 0 | Unsupported Application Extension block size |
| 65308 | 0 | Unknown GIF block type |
| 65309 | 0 | Object type not supported for operation |
| 65310 | 0 | Invalid GIF data |
| 65311 | 0 | Image height too small for contained frames |
| 65312 | 0 | There is no default printer currently selected |
| 65313 | 0 | Bits index out of range |
| 65314 | 0 | Invalid data type for '%s' |
| 65315 | 0 | Failed to create key %s |
| 65316 | 0 | Failed to set data for '%s' |
| 65317 | 0 | Failed to get data for '%s' |
| 65318 | 0 | Menu '%s' is already being used by another form |
| 65319 | 0 | No MCI device open |
| 65320 | 0 | Unknown error code |
| 65321 | 0 | Invalid stream operation |
| 65322 | 0 | Error |
| 65323 | 0 | Cannot change the size of a JPEG image |
| 65324 | 0 | JPEG error #%d |
| 65325 | 0 | Premature end of data |
| 65326 | 0 | Color table overflow |
| 65327 | 0 | Invalid color index |
| 65328 | 0 | Right |
| 65329 | 0 | Down |
| 65330 | 0 | Ins |
| 65331 | 0 | Del |
| 65332 | 0 | Shift+ |
| 65333 | 0 | Ctrl+ |
| 65334 | 0 | Alt+ |
| 65335 | 0 | Value must be between %d and %d |
| 65336 | 0 | All |
| 65337 | 0 | Unable to insert a line |
| 65338 | 0 | Unable to create directory |
| 65339 | 0 | Color |
| 65340 | 0 | ABCDEFGHIJKLMNOP |
| 65341 | 0 | Invalid clipboard format |
| 65342 | 0 | Clipboard does not support Icons |
| 65343 | 0 | Text exceeds memo capacity |
| 65344 | 0 | &Retry |
| 65345 | 0 | &Ignore |
| 65346 | 0 | &All |
| 65347 | 0 | N&o to All |
| 65348 | 0 | Y&es to All |
| 65349 | 0 | BkSp |
| 65350 | 0 | Tab |
| 65351 | 0 | Esc |
| 65352 | 0 | Enter |
| 65353 | 0 | Space |
| 65354 | 0 | PgUp |
| 65355 | 0 | PgDn |
| 65356 | 0 | End |
| 65357 | 0 | Home |
| 65358 | 0 | Left |
| 65359 | 0 | Up |
| 65360 | 0 | Grid index out of range |
| 65361 | 0 | Fixed column count must be less than column count |
| 65362 | 0 | Fixed row count must be less than row count |
| 65363 | 0 | Invalid property value |
| 65364 | 0 | Invalid input value |
| 65365 | 0 | Invalid input value. Use escape key to abandon changes |
| 65366 | 0 | Warning |
| 65367 | 0 | Error |
| 65368 | 0 | Information |
| 65369 | 0 | Confirm |
| 65370 | 0 | &Yes |
| 65371 | 0 | &No |
| 65372 | 0 | OK |
| 65373 | 0 | Cancel |
| 65374 | 0 | &Help |
| 65375 | 0 | &Abort |
| 65376 | 0 | Cancel |
| 65377 | 0 | &Yes |
| 65378 | 0 | &No |
| 65379 | 0 | &Help |
| 65380 | 0 | &Close |
| 65381 | 0 | &Ignore |
| 65382 | 0 | &Retry |
| 65383 | 0 | Abort |
| 65384 | 0 | &All |
| 65385 | 0 | Cannot drag a form |
| 65386 | 0 | Metafiles |
| 65387 | 0 | Enhanced Metafiles |
| 65388 | 0 | Icons |
| 65389 | 0 | Bitmaps |
| 65390 | 0 | Grid too large for operation |
| 65391 | 0 | Too many rows or columns deleted |
| 65392 | 0 | Cannot change Visible in OnShow or OnHide |
| 65393 | 0 | Cannot make a visible window modal |
| 65394 | 0 | %s property out of range |
| 65395 | 0 | Menu index out of range |
| 65396 | 0 | Menu inserted twice |
| 65397 | 0 | Sub-menu is not in menu |
| 65398 | 0 | Not enough timers available |
| 65399 | 0 | Printer is not currently printing |
| 65400 | 0 | Printing in progress |
| 65401 | 0 | Printer selected is not valid |
| 65402 | 0 | %s on %s |
| 65403 | 0 | GroupIndex cannot be less than a previous menu item's GroupIndex |
| 65404 | 0 | Cannot create form. No MDI forms are currently active |
| 65405 | 0 | Can only modify an image if it contains a bitmap |
| 65406 | 0 | A control cannot have itself as its parent |
| 65407 | 0 | OK |
| 65408 | 0 | Scan line index out of range |
| 65409 | 0 | Cannot change the size of an icon |
| 65410 | 0 | Unknown picture file extension (.%s) |
| 65411 | 0 | Unsupported clipboard format |
| 65412 | 0 | Out of system resources |
| 65413 | 0 | Canvas does not allow drawing |
| 65414 | 0 | Invalid image size |
| 65415 | 0 | Invalid ImageList |
| 65416 | 0 | Unable to Replace Image |
| 65417 | 0 | Invalid ImageList Index |
| 65418 | 0 | Failed to read ImageList data from stream |
| 65419 | 0 | Error creating window device context |
| 65420 | 0 | Error creating window class |
| 65421 | 0 | Cannot focus a disabled or invisible window |
| 65422 | 0 | Control '%s' has no parent window |
| 65423 | 0 | Cannot hide an MDI Child Form |
| 65424 | 0 | List count out of bounds (%d) |
| 65425 | 0 | Operation not allowed on sorted string list |
| 65426 | 0 | String list does not allow duplicates |
| 65427 | 0 | A component named %s already exists |
| 65428 | 0 | ''%s'' is not a valid component name |
| 65429 | 0 | A class named %s already exists |
| 65430 | 0 | Invalid property value |
| 65431 | 0 | Invalid property path |
| 65432 | 0 | Property does not exist |
| 65433 | 0 | Property is read-only |
| 65434 | 0 | Error reading %s.%s: %s |
| 65435 | 0 | Ancestor for '%s' not found |
| 65436 | 0 | Bitmap image is not valid |
| 65437 | 0 | Icon image is not valid |
| 65438 | 0 | Metafile is not valid |
| 65439 | 0 | Invalid pixel format |
| 65440 | 0 | Wednesday |
| 65441 | 0 | Thursday |
| 65442 | 0 | Friday |
| 65443 | 0 | Saturday |
| 65444 | 0 | Cannot assign a %s to a %s |
| 65445 | 0 | Cannot create file %s |
| 65446 | 0 | Cannot open file %s |
| 65447 | 0 | Stream read error |
| 65448 | 0 | Stream write error |
| 65449 | 0 | Out of memory while expanding memory stream |
| 65450 | 0 | Can't write to a read-only resource stream |
| 65451 | 0 | Class %s not found |
| 65452 | 0 | Invalid stream format |
| 65453 | 0 | Resource %s not found |
| 65454 | 0 | List index out of bounds (%d) |
| 65455 | 0 | List capacity out of bounds (%d) |
| 65456 | 0 | July |
| 65457 | 0 | August |
| 65458 | 0 | September |
| 65459 | 0 | October |
| 65460 | 0 | November |
| 65461 | 0 | December |
| 65462 | 0 | Sun |
| 65463 | 0 | Mon |
| 65464 | 0 | Tue |
| 65465 | 0 | Wed |
| 65466 | 0 | Thu |
| 65467 | 0 | Fri |
| 65468 | 0 | Sat |
| 65469 | 0 | Sunday |
| 65470 | 0 | Monday |
| 65471 | 0 | Tuesday |
| 65472 | 0 | Mar |
| 65473 | 0 | Apr |
| 65474 | 0 | May |
| 65475 | 0 | Jun |
| 65476 | 0 | Jul |
| 65477 | 0 | Aug |
| 65478 | 0 | Sep |
| 65479 | 0 | Oct |
| 65480 | 0 | Nov |
| 65481 | 0 | Dec |
| 65482 | 0 | January |
| 65483 | 0 | February |
| 65484 | 0 | March |
| 65485 | 0 | April |
| 65486 | 0 | May |
| 65487 | 0 | June |
| 65488 | 0 | Read |
| 65489 | 0 | Write |
| 65490 | 0 | Format string too long |
| 65491 | 0 | Error creating variant array |
| 65492 | 0 | Variant is not an array |
| 65493 | 0 | Variant array index out of bounds |
| 65494 | 0 | External exception %x |
| 65495 | 0 | Assertion failed |
| 65496 | 0 | Interface not supported |
| 65497 | 0 | %s (%s, line %d) |
| 65498 | 0 | Abstract Error |
| 65499 | 0 | Access violation at address %p in module '%s'. %s of address %p |
| 65500 | 0 | Win32 Error. Code: %d. %s |
| 65501 | 0 | A Win32 API function failed |
| 65502 | 0 | Jan |
| 65503 | 0 | Feb |
| 65504 | 0 | Floating point division by zero |
| 65505 | 0 | Floating point overflow |
| 65506 | 0 | Floating point underflow |
| 65507 | 0 | Invalid pointer operation |
| 65508 | 0 | Invalid class typecast |
| 65509 | 0 | Access violation at address %p. %s of address %p |
| 65510 | 0 | Stack overflow |
| 65511 | 0 | Control-C hit |
| 65512 | 0 | Privileged instruction |
| 65513 | 0 | Exception %s in module %s at %p. %s%s |
| 65514 | 0 | Application Error |
| 65515 | 0 | Format '%s' invalid or incompatible with argument |
| 65516 | 0 | No argument for format '%s' |
| 65517 | 0 | Invalid variant type conversion |
| 65518 | 0 | Invalid variant operation |
| 65519 | 0 | Variant method calls not supported |
| 65520 | 0 | '%s' is not a valid integer value |
| 65521 | 0 | Invalid argument to time encode |
| 65522 | 0 | Invalid argument to date encode |
| 65523 | 0 | Out of memory |
| 65524 | 0 | I/O error %d |
| 65525 | 0 | File not found |
| 65526 | 0 | Invalid filename |
| 65527 | 0 | Too many open files |
| 65528 | 0 | File access denied |
| 65529 | 0 | Read beyond end of file |
| 65530 | 0 | Disk full |
| 65531 | 0 | Invalid numeric input |
| 65532 | 0 | Division by zero |
| 65533 | 0 | Range check error |
| 65534 | 0 | Integer overflow |
| 65535 | 0 | Invalid floating point operation |
StringTable 000004E3
| CompanyName | Heaventools Software |
| FileDescription | PE Explorer |
| FileVersion | 1.99.6.1400 |
| InternalName | PE Explorer |
| LegalCopyright | Copyright © 2000-2009 Heaventools Software |
| LegalTrademarks | PE Explorer is a trademark of Heaventools Software |
| OriginalFilename | pexplorer.exe |
| ProductName | PE Explorer |
| ProductVersion | 1.99.6.1400 |
| Comments |
VS_FIXEDFILEINFO
| FileVersion | 1.99.6.1400 |
| ProductVersion | 1.99.6.1400 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x3f |
| FileFlags | 0 |
| FileOS | 4 |
| FileType | 1 |
| FileSubtype | 0 |
Signers (1)
issuer: /C=US/ST=UT/L=Salt Lake City/O=The USERTRUST Network/OU=http:\/\/www.usertrust.com/CN=UTN-USERFirst-Object
serial: 9F1730A374EFEA42ED0D1B504DA8F981
Certificates (3)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA
Validity
Not Before: Jun 15 00:00:00 2007 GMT
Not After : Jun 14 23:59:59 2012 GMT
Subject: C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer - G2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:c4:b5:f2:52:15:bc:88:86:60:29:16:4a:5b:2f:
4b:91:6b:87:91:f3:35:54:58:35:ea:d1:36:5e:62:
4d:52:51:34:71:c2:7b:66:1d:89:c8:dd:2a:c4:6a:
0a:f6:37:d9:98:74:91:f6:92:ae:b0:b5:76:96:f1:
a9:4a:63:45:47:2e:6b:0b:92:4e:4b:2b:8c:ee:58:
4a:8b:d4:07:e4:1a:2c:f8:82:aa:58:d9:cd:42:f3:
2d:c0:75:de:8d:ab:c7:8e:1d:9a:6c:4c:08:95:1e:
de:db:ef:67:e1:72:c2:49:c2:9e:60:3c:e1:e2:be:
16:a3:63:78:69:14:7b:ad:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
Authority Information Access:
OCSP - URI:http://ocsp.verisign.com
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.verisign.com/tss-ca.crl
X509v3 Extended Key Usage: critical
Time Stamping
X509v3 Key Usage: critical
Digital Signature, Non Repudiation
X509v3 Subject Alternative Name:
DirName:/CN=TSA1-2
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
50:c5:4b:c8:24:80:df:e4:0d:24:c2:de:1a:b1:a1:02:a1:a6:
82:2d:0c:83:15:81:37:0a:82:0e:2c:b0:5a:17:61:b5:d8:05:
fe:88:db:f1:91:91:b3:56:1a:40:a6:eb:92:be:38:39:b0:75:
36:74:3a:98:4f:e4:37:ba:99:89:ca:95:42:1d:b0:b9:c7:a0:
8d:57:e0:fa:d5:64:04:42:35:4e:01:d1:33:a2:17:c8:4d:aa:
27:c7:f2:e1:86:4c:02:38:4d:83:78:c6:fc:53:e0:eb:e0:06:
87:dd:a4:96:9e:5e:0c:98:e2:a5:be:bf:82:85:c3:60:e1:df:
ad:28:d8:c7:a5:4b:64:da:c7:1b:5b:bd:ac:39:08:d5:38:22:
a1:33:8b:2f:8a:9a:eb:bc:07:21:3f:44:41:09:07:b5:65:1c:
24:bc:48:d3:44:80:eb:a1:cf:c9:02:b4:14:cf:54:c7:16:a3:
80:5c:f9:79:3e:5d:72:7d:88:17:9e:2c:43:a2:ca:53:ce:7d:
3d:f6:2a:3a:b8:4f:94:00:a5:6d:0a:83:5d:f9:5e:53:f4:18:
b3:57:0f:70:c3:fb:f5:ad:95:a0:0e:17:de:c4:16:80:60:c9:
0f:2b:6e:86:04:f1:eb:f4:78:27:d1:05:c5:ee:34:5b:5e:b9:
49:32:f2:33
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
Validity
Not Before: Dec 4 00:00:00 2003 GMT
Not After : Dec 3 23:59:59 2013 GMT
Subject: C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a9:ca:b2:a4:cc:cd:20:af:0a:7d:89:ac:87:75:
f0:b4:4e:f1:df:c1:0f:bf:67:61:bd:a3:64:1c:da:
bb:f9:ca:33:ab:84:30:89:58:7e:8c:db:6b:dd:36:
9e:0f:bf:d1:ec:78:f2:77:a6:7e:6f:3c:bf:93:af:
0d:ba:68:f4:6c:94:ca:bd:52:2d:ab:48:3d:f5:b6:
d5:5d:5f:1b:02:9f:fa:2f:6b:1e:a4:f7:a3:9a:a6:
1a:c8:02:e1:7f:4c:52:e3:0e:60:ec:40:1c:7e:b9:
0d:de:3f:c7:b4:df:87:bd:5f:7a:6a:31:2e:03:99:
81:13:a8:47:20:ce:31:73:0d:57:2d:cd:78:34:33:
95:12:99:12:b9:de:68:2f:aa:e6:e3:c2:8a:8c:2a:
c3:8b:21:87:66:bd:83:58:57:6f:75:bf:3c:aa:26:
87:5d:ca:10:15:3c:9f:84:ea:54:c1:0a:6e:c4:fe:
c5:4a:dd:b9:07:11:97:22:7c:db:3e:27:d1:1e:78:
ec:9f:31:c9:f1:e6:22:19:db:c4:b3:47:43:9a:1a:
5f:a0:1e:90:e4:5e:f5:ee:7c:f1:7d:ab:62:01:8f:
f5:4d:0b:de:d0:22:56:a8:95:cd:ae:88:76:ae:ee:
ba:0d:f3:e4:4d:d9:a0:fb:68:a0:ae:14:3b:b3:87:
c1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
Authority Information Access:
OCSP - URI:http://ocsp.verisign.com
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.verisign.com/ThawteTimestampingCA.crl
X509v3 Extended Key Usage:
Time Stamping
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Subject Alternative Name:
DirName:/CN=TSA2048-1-53
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
4a:6b:f9:ea:58:c2:44:1c:31:89:79:99:2b:96:bf:82:ac:01:
d6:1c:4c:cd:b0:8a:58:6e:df:08:29:a3:5e:c8:ca:93:13:e7:
04:52:0d:ef:47:27:2f:00:38:b0:e4:c9:93:4e:9a:d4:22:62:
15:f7:3f:37:21:4f:70:31:80:f1:8b:38:87:b3:e8:e8:97:00:
fe:cf:55:96:4e:24:d2:a9:27:4e:7a:ae:b7:61:41:f3:2a:ce:
e7:c9:d9:5e:dd:bb:2b:85:3e:b5:9d:b5:d9:e1:57:ff:be:b4:
c5:7e:f5:cf:0c:9e:f0:97:fe:2b:d3:3b:52:1b:1b:38:27:f7:
3f:4a
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
9f:17:30:a3:74:ef:ea:42:ed:0d:1b:50:4d:a8:f9:81
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, ST=UT, L=Salt Lake City, O=The USERTRUST Network, OU=http:\/\/www.usertrust.com, CN=UTN-USERFirst-Object
Validity
Not Before: Oct 25 00:00:00 2007 GMT
Not After : Oct 24 23:59:59 2009 GMT
Subject: C=CA/postalCode=V6H4E4, ST=BC, L=Vancouver/street=101-1001 West Broadway Dept. 381, O=Heaventools Software, CN=Heaventools Software
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:af:8a:19:df:c2:14:ba:a7:3f:53:19:b6:e8:3a:
f8:c1:ea:6e:30:e6:32:d4:9b:30:f6:36:a9:60:f7:
40:5b:98:d4:5b:74:c4:14:eb:3a:bd:96:ad:76:60:
39:32:ed:03:1a:51:80:a9:0d:27:3f:5c:67:c4:6c:
79:5c:3f:4e:0a:c3:4a:e8:c8:dc:90:21:89:3f:80:
bb:d4:44:43:8c:3f:ed:db:8d:dd:04:fd:ed:3b:d3:
7b:c8:4b:04:3a:9d:74:96:34:fa:eb:ff:ed:22:b8:
c8:2f:13:84:08:c0:30:56:56:37:cd:3e:ae:0f:41:
67:18:8e:b2:a1:c1:6b:74:2c:32:38:00:f5:d0:24:
69:f6:cb:4b:bc:34:04:fb:c4:21:f8:3f:99:be:59:
21:c5:b6:60:36:6d:32:32:c0:43:f7:5d:d7:88:f4:
57:b1:d8:a9:bd:09:b8:06:d6:1a:e5:2d:9f:21:17:
27:b0:e0:d6:66:82:f8:f6:c5:25:64:05:6c:3e:eb:
54:f3:44:78:94:80:2c:98:69:9c:e5:bc:81:8c:45:
71:d3:09:c8:90:24:5a:15:85:7c:0c:85:f8:70:b4:
69:70:b5:52:54:13:fe:ed:a0:25:a1:b1:d6:dc:d6:
52:57:7c:73:b7:c2:48:5c:86:13:75:93:0b:35:ea:
90:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
DA:ED:64:74:14:9C:14:3C:AB:DD:99:A9:BD:5B:28:4D:8B:3C:C9:D8
X509v3 Subject Key Identifier:
28:A0:D8:9C:16:56:AF:04:5D:D7:6B:D6:9D:DE:B9:10:45:FA:41:E3
X509v3 Key Usage: critical
Digital Signature
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage:
Code Signing
Netscape Cert Type:
Object Signing
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.6449.1.2.1.3.2
CPS: https://secure.comodo.net/CPS
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.usertrust.com/UTN-USERFirst-Object.crl
X509v3 Subject Alternative Name:
email:support@heaventools.com
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
92:74:6a:92:1f:ed:64:96:ac:4a:ae:82:1f:44:5d:ed:48:6a:
8b:67:3d:6d:10:1c:55:6b:d0:6c:ae:17:64:9e:a8:72:af:13:
5d:d4:a0:dd:41:63:fd:13:6d:c7:a9:58:c8:34:63:64:03:44:
51:89:db:a1:1b:c8:4f:c2:a6:3e:b8:14:89:ba:f7:fd:80:94:
d6:a6:4f:fb:6e:19:30:ae:b4:9a:a6:35:45:ef:0a:02:86:3e:
6a:8d:62:51:e5:90:02:b6:e2:87:9f:72:45:ba:c2:54:81:d1:
25:47:3e:a7:f8:37:ff:ea:ac:e4:cb:90:cf:c9:20:5e:be:4f:
f9:ab:25:d1:46:4c:e7:bd:49:dd:4e:31:2f:a8:8c:55:43:bb:
63:f8:6b:ad:fa:ab:ef:be:22:1b:7b:ed:a3:98:4c:be:f0:5d:
50:11:78:c7:b3:74:3d:9f:2c:b1:cd:2d:18:86:6e:c8:0d:74:
44:15:66:c4:9e:a3:41:de:c2:fa:8c:4d:92:a5:5a:4a:43:e3:
50:8e:a8:cb:e7:f3:5a:17:70:20:22:3c:40:3f:3a:ac:bc:fc:
53:05:a3:d2:8e:3b:a0:f4:4b:2a:a6:79:f5:e0:4e:9f:3e:8d:
02:7d:72:24:b6:59:77:10:9e:45:2c:7c:48:da:96:fe:16:b7:
77:70:a6:6c
pkcs7-signedData
- 1
- SHA1: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
- :
00 3c 00 3c 00 3c 00 4f 00 62 00 73 00 6f 00 6c |.<.<.<.O.b.s.o.l| 00 65 00 74 00 65 00 3e 00 3e 00 3e |.e.t.e.>.>.> |
- :
- SHA1
3e e1 4a da 87 39 1e bb 48 9e df 8e 13 3b 1f 68 |>.J..9..H....;.h| cd 9b 56 be |..V. |
- 1.3.6.1.4.1.311.2.1.15
- #0
- Certificates
- Certificate #0
- 2
- 38:25:D7:FA:F8:61:AF:9E:F4:90:E7:26:B5:D6:5A:D5
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- 2007-06-15 00:00:00 UTC: 2012-06-14 23:59:59 UTC
- Subject
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services Signer - G2
- #5
- rsaEncryption: nil
- C4:B5:F2:52:15:BC:88:86:60:29:16:4A:5B:2F:4B:91:
6B:87:91:F3:35:54:58:35:EA:D1:36:5E:62:4D:52:51:
34:71:C2:7B:66:1D:89:C8:DD:2A:C4:6A:0A:F6:37:D9:
98:74:91:F6:92:AE:B0:B5:76:96:F1:A9:4A:63:45:47:
2E:6B:0B:92:4E:4B:2B:8C:EE:58:4A:8B:D4:07:E4:1A:
2C:F8:82:AA:58:D9:CD:42:F3:2D:C0:75:DE:8D:AB:C7:
8E:1D:9A:6C:4C:08:95:1E:DE:DB:EF:67:E1:72:C2:49:
C2:9E:60:3C:E1:E2:BE:16:A3:63:78:69:14:7B:AD:2D: 0x010001
- X509v3 extensions
- authorityInfoAccess
- OCSP: http://ocsp.verisign.com
- basicConstraints
- true
- nil
- crlDistributionPoints: http://crl.verisign.com/tss-ca.crl
- extendedKeyUsage: true, timeStamping
- keyUsage: true, 0xc0
- subjectAltName
- CN: TSA1-2
- authorityInfoAccess
- RSA-SHA1:
50 c5 4b c8 24 80 df e4 0d 24 c2 de 1a b1 a1 02 |P.K.$....$......| a1 a6 82 2d 0c 83 15 81 37 0a 82 0e 2c b0 5a 17 |...-....7...,.Z.| 61 b5 d8 05 fe 88 db f1 91 91 b3 56 1a 40 a6 eb |a..........V.@..| 92 be 38 39 b0 75 36 74 3a 98 4f e4 37 ba 99 89 |..89.u6t:.O.7...| ca 95 42 1d b0 b9 c7 a0 8d 57 e0 fa d5 64 04 42 |..B......W...d.B| 35 4e 01 d1 33 a2 17 c8 4d aa 27 c7 f2 e1 86 4c |5N..3...M.'....L| 02 38 4d 83 78 c6 fc 53 e0 eb e0 06 87 dd a4 96 |.8M.x..S........| 9e 5e 0c 98 e2 a5 be bf 82 85 c3 60 e1 df ad 28 |.^.........`...(| d8 c7 a5 4b 64 da c7 1b 5b bd ac 39 08 d5 38 22 |...Kd...[..9..8"| a1 33 8b 2f 8a 9a eb bc 07 21 3f 44 41 09 07 b5 |.3./.....!?DA...| 65 1c 24 bc 48 d3 44 80 eb a1 cf c9 02 b4 14 cf |e.$.H.D.........| 54 c7 16 a3 80 5c f9 79 3e 5d 72 7d 88 17 9e 2c |T....\.y>]r}...,| 43 a2 ca 53 ce 7d 3d f6 2a 3a b8 4f 94 00 a5 6d |C..S.}=.*:.O...m| 0a 83 5d f9 5e 53 f4 18 b3 57 0f 70 c3 fb f5 ad |..].^S...W.p....| 95 a0 0e 17 de c4 16 80 60 c9 0f 2b 6e 86 04 f1 |........`..+n...| eb f4 78 27 d1 05 c5 ee 34 5b 5e b9 49 32 f2 33 |..x'....4[^.I2.3|
- 2
- Certificate #1
- 2
- 47:BF:19:95:DF:8D:52:46:43:F7:DB:6D:48:0D:31:A4
- RSA-SHA1: nil
- Issuer
- C: ZA
- ST: Western Cape
- L: Durbanville
- O: Thawte
- OU: Thawte Certification
- CN: Thawte Timestamping CA
- 2003-12-04 00:00:00 UTC: 2013-12-03 23:59:59 UTC
- Subject
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- #5
- rsaEncryption: nil
- A9:CA:B2:A4:CC:CD:20:AF:0A:7D:89:AC:87:75:F0:B4:
4E:F1:DF:C1:0F:BF:67:61:BD:A3:64:1C:DA:BB:F9:CA:
33:AB:84:30:89:58:7E:8C:DB:6B:DD:36:9E:0F:BF:D1:
EC:78:F2:77:A6:7E:6F:3C:BF:93:AF:0D:BA:68:F4:6C:
94:CA:BD:52:2D:AB:48:3D:F5:B6:D5:5D:5F:1B:02:9F:
FA:2F:6B:1E:A4:F7:A3:9A:A6:1A:C8:02:E1:7F:4C:52:
E3:0E:60:EC:40:1C:7E:B9:0D:DE:3F:C7:B4:DF:87:BD:
5F:7A:6A:31:2E:03:99:81:13:A8:47:20:CE:31:73:0D:
57:2D:CD:78:34:33:95:12:99:12:B9:DE:68:2F:AA:E6:
E3:C2:8A:8C:2A:C3:8B:21:87:66:BD:83:58:57:6F:75:
BF:3C:AA:26:87:5D:CA:10:15:3C:9F:84:EA:54:C1:0A:
6E:C4:FE:C5:4A:DD:B9:07:11:97:22:7C:DB:3E:27:D1:
1E:78:EC:9F:31:C9:F1:E6:22:19:DB:C4:B3:47:43:9A:
1A:5F:A0:1E:90:E4:5E:F5:EE:7C:F1:7D:AB:62:01:8F:
F5:4D:0B:DE:D0:22:56:A8:95:CD:AE:88:76:AE:EE:BA:
0D:F3:E4:4D:D9:A0:FB:68:A0:AE:14:3B:B3:87:C1:BB: 0x010001
- X509v3 extensions
- authorityInfoAccess
- OCSP: http://ocsp.verisign.com
- basicConstraints
- true
- true: 0
- crlDistributionPoints: http://crl.verisign.com/ThawteTimestampingCA.crl
- extendedKeyUsage: timeStamping
- keyUsage: true, 6
- subjectAltName
- CN: TSA2048-1-53
- authorityInfoAccess
- RSA-SHA1:
4a 6b f9 ea 58 c2 44 1c 31 89 79 99 2b 96 bf 82 |Jk..X.D.1.y.+...| ac 01 d6 1c 4c cd b0 8a 58 6e df 08 29 a3 5e c8 |....L...Xn..).^.| ca 93 13 e7 04 52 0d ef 47 27 2f 00 38 b0 e4 c9 |.....R..G'/.8...| 93 4e 9a d4 22 62 15 f7 3f 37 21 4f 70 31 80 f1 |.N.."b..?7!Op1..| 8b 38 87 b3 e8 e8 97 00 fe cf 55 96 4e 24 d2 a9 |.8........U.N$..| 27 4e 7a ae b7 61 41 f3 2a ce e7 c9 d9 5e dd bb |'Nz..aA.*....^..| 2b 85 3e b5 9d b5 d9 e1 57 ff be b4 c5 7e f5 cf |+.>.....W....~..| 0c 9e f0 97 fe 2b d3 3b 52 1b 1b 38 27 f7 3f 4a |.....+.;R..8'.?J|
- 2
- Certificate #2
- 2
- 9F:17:30:A3:74:EF:EA:42:ED:0D:1B:50:4D:A8:F9:81
- RSA-SHA1: nil
- Issuer
- C: US
- ST: UT
- L: Salt Lake City
- O: The USERTRUST Network
- OU: http://www.usertrust.com
- CN: UTN-USERFirst-Object
- 2007-10-25 00:00:00 UTC: 2009-10-24 23:59:59 UTC
- Subject
- C: CA
- postalCode: V6H4E4
- ST: BC
- L: Vancouver
- street: 101-1001 West Broadway Dept. 381
- O: Heaventools Software
- CN: Heaventools Software
- #5
- rsaEncryption: nil
- AF:8A:19:DF:C2:14:BA:A7:3F:53:19:B6:E8:3A:F8:C1:
EA:6E:30:E6:32:D4:9B:30:F6:36:A9:60:F7:40:5B:98:
D4:5B:74:C4:14:EB:3A:BD:96:AD:76:60:39:32:ED:03:
1A:51:80:A9:0D:27:3F:5C:67:C4:6C:79:5C:3F:4E:0A:
C3:4A:E8:C8:DC:90:21:89:3F:80:BB:D4:44:43:8C:3F:
ED:DB:8D:DD:04:FD:ED:3B:D3:7B:C8:4B:04:3A:9D:74:
96:34:FA:EB:FF:ED:22:B8:C8:2F:13:84:08:C0:30:56:
56:37:CD:3E:AE:0F:41:67:18:8E:B2:A1:C1:6B:74:2C:
32:38:00:F5:D0:24:69:F6:CB:4B:BC:34:04:FB:C4:21:
F8:3F:99:BE:59:21:C5:B6:60:36:6D:32:32:C0:43:F7:
5D:D7:88:F4:57:B1:D8:A9:BD:09:B8:06:D6:1A:E5:2D:
9F:21:17:27:B0:E0:D6:66:82:F8:F6:C5:25:64:05:6C:
3E:EB:54:F3:44:78:94:80:2C:98:69:9C:E5:BC:81:8C:
45:71:D3:09:C8:90:24:5A:15:85:7C:0C:85:F8:70:B4:
69:70:B5:52:54:13:FE:ED:A0:25:A1:B1:D6:DC:D6:52:
57:7C:73:B7:C2:48:5C:86:13:75:93:0B:35:EA:90:11: 0x010001
- #6
- authorityKeyIdentifier:
da ed 64 74 14 9c 14 3c ab dd 99 a9 bd 5b 28 4d |..dt...<.....[(M| 8b 3c c9 d8 |.<.. |
- subjectKeyIdentifier:
28 a0 d8 9c 16 56 af 04 5d d7 6b d6 9d de b9 10 |(....V..].k.....| 45 fa 41 e3 |E.A. |
- keyUsage: true, 0x80
- basicConstraints
- true
- nil
- extendedKeyUsage: codeSigning
- nsCertType: 0x10
- certificatePolicies
- 1.3.6.1.4.1.6449.1.2.1.3.2
- id-qt-cps: https://secure.comodo.net/CPS
- 1.3.6.1.4.1.6449.1.2.1.3.2
- crlDistributionPoints: http://crl.usertrust.com/UTN-USERFirst-Object.crl
- subjectAltName: support@heaventools.com
- authorityKeyIdentifier:
- RSA-SHA1:
92 74 6a 92 1f ed 64 96 ac 4a ae 82 1f 44 5d ed |.tj...d..J...D].| 48 6a 8b 67 3d 6d 10 1c 55 6b d0 6c ae 17 64 9e |Hj.g=m..Uk.l..d.| a8 72 af 13 5d d4 a0 dd 41 63 fd 13 6d c7 a9 58 |.r..]...Ac..m..X| c8 34 63 64 03 44 51 89 db a1 1b c8 4f c2 a6 3e |.4cd.DQ.....O..>| b8 14 89 ba f7 fd 80 94 d6 a6 4f fb 6e 19 30 ae |..........O.n.0.| b4 9a a6 35 45 ef 0a 02 86 3e 6a 8d 62 51 e5 90 |...5E....>j.bQ..| 02 b6 e2 87 9f 72 45 ba c2 54 81 d1 25 47 3e a7 |.....rE..T..%G>.| f8 37 ff ea ac e4 cb 90 cf c9 20 5e be 4f f9 ab |.7........ ^.O..| 25 d1 46 4c e7 bd 49 dd 4e 31 2f a8 8c 55 43 bb |%.FL..I.N1/..UC.| 63 f8 6b ad fa ab ef be 22 1b 7b ed a3 98 4c be |c.k.....".{...L.| f0 5d 50 11 78 c7 b3 74 3d 9f 2c b1 cd 2d 18 86 |.]P.x..t=.,..-..| 6e c8 0d 74 44 15 66 c4 9e a3 41 de c2 fa 8c 4d |n..tD.f...A....M| 92 a5 5a 4a 43 e3 50 8e a8 cb e7 f3 5a 17 70 20 |..ZJC.P.....Z.p | 22 3c 40 3f 3a ac bc fc 53 05 a3 d2 8e 3b a0 f4 |"<@?:...S....;..| 4b 2a a6 79 f5 e0 4e 9f 3e 8d 02 7d 72 24 b6 59 |K*.y..N.>..}r$.Y| 77 10 9e 45 2c 7c 48 da 96 fe 16 b7 77 70 a6 6c |w..E,|H.....wp.l|
- 2
- Certificate #0
- Signer
- 1
- unnamed
- #0
- C: US
- ST: UT
- L: Salt Lake City
- O: The USERTRUST Network
- OU: http://www.usertrust.com
- CN: UTN-USERFirst-Object
- 9F:17:30:A3:74:EF:EA:42:ED:0D:1B:50:4D:A8:F9:81
- #0
- SHA1: nil
- #3
- contentType: 1.3.6.1.4.1.311.2.1.4
- 1.3.6.1.4.1.311.2.1.11: msCodeInd
- messageDigest:
e1 b8 5f 85 38 09 18 17 10 d6 12 11 5a ff b2 b9 |.._.8.......Z...| 83 7b fd d0 |.{.. | - 1.3.6.1.4.1.311.2.1.12
00 50 00 45 00 20 00 45 00 78 00 70 00 6c 00 6f |.P.E. .E.x.p.l.o| 00 72 00 65 00 72 |.r.e.r |
: http://www.heaventools.com
- rsaEncryption:
39 b9 3a 4e 83 fe db 41 b3 c0 96 f2 cd 16 f7 0e |9.:N...A........| 01 72 d5 c5 17 bb 06 df 65 d8 f8 07 a7 b4 b4 55 |.r......e......U| 22 c6 aa d9 70 b9 6f b8 dd 2c de a9 50 a3 8b 80 |"...p.o..,..P...| e5 56 03 a7 6a a8 fe 6c 4d fb 84 0d ce d2 4a 95 |.V..j..lM.....J.| 0f bf b3 47 2f 36 06 de 54 f4 c3 04 7a b6 e0 b3 |...G/6..T...z...| 14 b5 79 df 75 90 b4 e1 5e 39 07 98 55 23 4e 37 |..y.u...^9..U#N7| 4f 67 2e 09 6a 83 20 73 e7 07 2a 3b 37 51 d8 81 |Og..j. s..*;7Q..| ab f8 72 8f f5 4f 6f 09 ba 9f 43 d2 be d3 29 4b |..r..Oo...C...)K| 1a 48 84 b8 f2 16 f3 eb 0b 9b 9e cf 07 11 a0 c4 |.H..............| 32 5b 44 91 5e 8b 50 dc b3 ae 67 95 f9 fa 10 77 |2[D.^.P...g....w| ae bc bf 21 66 02 2a 70 20 55 07 48 23 c3 41 b5 |...!f.*p U.H#.A.| f7 dd ae 25 f7 1c 1f 55 c0 52 bd ca 95 e3 42 6e |...%...U.R....Bn| d0 4f 9e fe 58 48 0f 9d 01 9d 86 e4 b4 49 73 94 |.O..XH.......Is.| e1 e7 74 4d 9d cb 26 61 05 ec 9d b1 80 ff f4 d5 |..tM..&a........| 35 cc 24 39 93 a4 9b 70 2b 48 fb c3 5a ed d0 10 |5.$9...p+H..Z...| 21 62 b5 f9 7b 31 09 a9 98 97 b0 95 4d 70 4c 32 |!b..{1......MpL2| - countersignature
- 1
- unnamed
- #0
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- 38:25:D7:FA:F8:61:AF:9E:F4:90:E7:26:B5:D6:5A:D5
- #0
- SHA1: nil
- #2
- contentType: pkcs7-data
- signingTime: 2009-10-14 13:48:05 UTC
- messageDigest:
d0 a3 56 8d 11 4b 36 65 27 58 bc e9 26 c4 5b b4 |..V..K6e'X..&.[.| 60 33 82 f0 |`3.. |
- rsaEncryption:
a0 11 73 cc 7f 67 cb 9c 59 5a e7 99 48 5a 59 71 |..s..g..YZ..HZYq| e4 e8 bd a1 c3 1b e5 7c e5 42 03 ad f5 54 8b a0 |.......|.B...T..| b3 f9 6a ed d1 89 07 f9 82 ef 88 3a 23 65 0c 27 |..j........:#e.'| 66 de 8e e6 a1 5c 5d 0c c6 c5 79 5c ff 7f 82 e9 |f....\]...y\....| ba 58 3f df 67 82 8d 3b 30 45 c7 07 83 d9 c8 f6 |.X?.g..;0E......| d7 b5 67 4f 9c 4e ba 31 a9 25 6d a2 a9 97 ea 00 |..gO.N.1.%m.....| 91 dd f6 a4 ce ea 69 1e 94 e4 85 55 0c 41 c2 26 |......i....U.A.&| b0 00 94 a2 9e 1f ce f9 e1 dc ce a7 76 cd 22 35 |............v."5|
- unnamed
- 1
| offset | size | type | comment | |
|---|---|---|---|---|
| 0 | 3025920 | EXE | 10/14/2009 17:47:59 | # |
| 15c1 | 15 | HTM | # | |
| 1f31ac | 51724 | PNG | (256 x 256) | # |
| 203bc8 | 656 | PNG | (16 x 16) | # |
| 203e58 | 2170 | PNG | (32 x 32) | # |
| 2046d4 | 2312 | PNG | (32 x 32) | # |
| 204fdc | 1918 | PNG | (32 x 32) | # |
| 20575c | 2270 | PNG | (32 x 32) | # |
| 20603c | 1645 | PNG | (32 x 32) | # |
| 2066bc | 813 | PNG | (16 x 16) | # |
| 206eb4 | 6411 | PNG | (39 x 55) | # |
| 2087c0 | 4478 | PNG | (33 x 33) | # |
| 209940 | 4606 | PNG | (33 x 33) | # |
| 20ab40 | 4094 | PNG | (33 x 33) | # |
| 2e2c00 | 4344 | PKCS7 | Authenticode Signature | # |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] ignoring invalid PEdump::BITMAPINFOHEADER
[?] can't find file_offset of VA 0x1c74b4