| filename | WindowsUpdateBox.exe | |
|---|---|---|
| size | 24049480 (0x16ef748) | |
| md5 | 41117fce567c56ccbdb6fd2bf32345fd | |
| type | PE32+ executable (GUI) x86-64, for MS Windows, InstallShield self-extracting archive | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xe8 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 259 | 28900 | 3 |
| 261 | 28900 | 6 |
| 260 | 28900 | 21 |
| 257 | 28900 | 37 |
| 1 | 0 | 321 |
| 264 | 28900 | 62 |
| 255 | 28900 | 1 |
| 258 | 28900 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Sections
Data Directory
StringTable 040904B0
| CompanyName | Microsoft Corporation |
| FileDescription | Windows 10 Setup |
| FileVersion | 10.0.20206.1000 (rs_prerelease.200828-1431) |
| InternalName | bluestub.exe |
| LegalCopyright | © Microsoft Corporation. All rights reserved. |
| OriginalFilename | bluestub.exe |
| ProductName | Microsoft® Windows® Operating System |
| ProductVersion | 10.0.20206.1000 |
VS_FIXEDFILEINFO
| FileVersion | 10.0.20206.1000 |
| ProductVersion | 10.0.20206.1000 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x3f |
| FileFlags | 0 |
| FileOS | 0x40004 |
| FileType | 1 |
| FileSubtype | 0 |
Signers (1)
issuer: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Development PCA 2014
serial: 3300000548E95479381FF578D2000000000548
Certificates (2)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:00:00:05:48:e9:54:79:38:1f:f5:78:d2:00:00:00:00:05:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Development PCA 2014
Validity
Not Before: Apr 1 19:27:46 2020 GMT
Not After : Jan 31 19:27:46 2021 GMT
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Windows
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b4:7a:f2:5b:e2:90:bd:bb:24:85:97:7f:97:69:
a7:a6:ca:a7:22:dd:0f:58:16:44:72:7b:52:7e:c4:
1f:63:a9:08:ae:e5:27:13:20:5d:4b:b5:00:fc:61:
09:dd:dc:bb:52:a3:a9:ef:4a:b7:6d:63:66:b2:04:
f5:46:d0:f8:93:0f:1f:31:08:8d:ae:76:7a:15:4d:
8a:fe:d9:da:6b:b5:bc:58:49:78:a9:b9:c4:58:88:
b8:df:4c:53:bb:96:69:4d:6b:82:df:b0:76:ff:81:
ab:ec:82:83:e9:10:87:7b:e9:95:52:9c:43:9a:bd:
71:47:a0:4a:2a:68:e5:b5:f7:74:21:0f:34:19:be:
44:fb:ac:7e:ea:b9:a1:46:4a:ac:ea:92:43:8f:82:
dd:f5:e2:32:7b:86:ef:bf:bf:5a:c4:f7:e7:18:9d:
63:c7:ba:7e:4a:cb:c5:0f:3b:a0:48:0b:e2:94:fc:
a0:77:ef:52:59:92:67:01:c9:25:4c:d7:c3:a8:af:
af:a6:f5:63:a8:4b:f8:4a:20:49:6f:f8:0d:20:2b:
02:53:19:d5:00:3c:2c:5f:2d:ad:b1:9a:06:02:97:
22:b2:78:d4:a6:71:7c:69:04:4a:63:a3:a3:e9:31:
30:99:77:d9:4a:c9:18:1f:c3:98:c3:f8:9a:09:84:
b7:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
1.3.6.1.4.1.311.10.3.13, 1.3.6.1.4.1.311.10.3.27, 1.3.6.1.4.1.311.10.3.6, Code Signing
X509v3 Subject Key Identifier:
DA:9F:5C:38:0E:3F:EF:1C:5D:12:8E:00:53:6C:18:F8:E3:F2:6C:09
X509v3 Subject Alternative Name:
DirName:/OU=Microsoft Corporation/serialNumber=231093\+459556
X509v3 Authority Key Identifier:
84:DD:10:36:7B:0B:D2:08:A3:26:56:9F:22:95:25:41:85:2C:09:C0
X509v3 CRL Distribution Points:
Full Name:
URI:http://www.microsoft.com/pkiops/crl/Microsoft%20Development%20PCA%202014.crl
Authority Information Access:
CA Issuers - URI:http://www.microsoft.com/pkiops/certs/Microsoft%20Development%20PCA%202014.crt
X509v3 Basic Constraints: critical
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
4d:ce:a1:7c:d9:4d:45:fc:a9:c3:c2:f6:2b:38:a3:d8:a9:48:
54:27:78:c8:a5:62:60:b9:5a:8e:e8:59:c7:e8:8d:0c:03:ba:
fa:2d:a1:5a:b5:9d:36:58:15:ab:3f:d4:aa:58:1b:e9:37:a0:
ce:77:ad:f7:db:e3:f2:c6:b2:7a:03:fb:c3:1d:c9:d2:e9:f6:
fb:74:2e:fe:7e:fe:98:12:44:0f:13:03:fb:85:3d:aa:69:35:
e5:28:8c:26:93:9a:32:86:34:1f:34:39:50:01:12:a2:5e:03:
63:ed:cd:55:d3:58:5d:e0:0d:60:fc:21:10:84:5d:ed:ab:63:
bb:82:c5:e6:4d:3c:a3:3a:0c:72:8e:8e:1c:93:cb:9e:86:0c:
1d:4a:b8:c5:27:c6:ab:cb:45:a8:53:3a:ab:8a:4f:10:0f:4c:
21:84:f5:2a:0a:27:bf:89:2d:35:4d:b0:0a:15:60:a0:ac:88:
65:4f:f3:34:10:84:18:11:27:2a:9e:9c:fb:f4:fa:40:28:8c:
e7:58:7e:b6:a4:31:95:ce:36:18:14:57:e7:3f:ab:3e:5c:6c:
04:c3:a4:73:cd:8a:ce:1a:e8:5d:bc:44:0e:40:0e:0f:5e:f7:
c3:af:23:21:b4:09:85:ae:47:a1:7b:7e:19:dd:5d:78:cf:2b:
3e:01:d1:13:20:0c:31:02:2a:d1:5e:5d:9e:58:f8:15:5e:47:
ab:b4:af:0d:35:95:70:53:c8:25:9b:60:91:30:1a:7b:df:f7:
ce:5c:d8:b0:cf:0d:f2:80:99:28:9d:de:70:dd:5a:4b:41:72:
d5:d0:e8:1c:ae:63:38:fe:27:fd:d9:fb:20:46:09:7d:e1:9d:
87:4a:24:f1:11:45:a5:a2:66:18:6d:14:e3:1f:cb:ff:83:5e:
1b:61:f3:ea:03:eb:e9:ae:e0:12:e7:a4:7a:0a:2d:3d:7b:4e:
96:a7:ee:89:e6:7a:df:ba:d9:e9:cb:d7:a3:78:e8:66:bc:87:
21:a1:0f:0d:61:f5:bb:2b:c1:5c:16:84:9c:d4:62:8b:8d:03:
f4:c7:67:00:de:32:89:9e:5d:16:d6:ac:23:a0:8c:65:e4:19:
d3:b1:ef:81:a2:20:bd:fe:93:7a:37:45:6d:d2:8f:b5:7a:19:
57:a3:3e:41:b4:86:04:48:17:b6:b7:14:fd:d4:b1:24:b8:7e:
4a:eb:bc:bc:b6:dd:2d:cf:ac:84:fd:34:d0:e1:80:c7:e2:79:
29:39:68:86:fb:ed:33:6d:20:38:95:19:86:2d:ec:59:11:2f:
5b:54:85:e2:da:3c:57:55:24:28:0b:8b:ab:72:a8:d3:9d:cd:
b0:c0:88:de:e1:ee:e8:69
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Development Root Certificate Authority 2014
Validity
Not Before: May 28 17:33:33 2014 GMT
Not After : May 28 17:43:33 2029 GMT
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Development PCA 2014
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:cb:53:0c:41:f9:4d:44:24:c8:da:65:4e:66:6c:
c5:82:95:70:72:33:f3:b7:2e:86:ae:16:41:bc:dc:
d4:b8:69:fb:12:c0:94:be:af:94:c2:7f:76:9c:3c:
d3:54:d4:b5:88:ed:8f:b1:0c:1b:51:4a:8f:ea:90:
e3:ac:4e:f7:df:d2:12:7b:8e:7f:72:d0:35:3c:ac:
e8:e9:67:cc:e9:32:32:31:e8:43:5f:df:14:9a:40:
8f:18:0b:99:07:13:3b:71:92:9b:1d:19:f9:9b:95:
f7:4f:35:61:38:56:32:b2:ed:64:84:18:fa:5a:85:
b1:92:bf:01:b8:c6:96:93:04:3a:a8:ea:ec:82:ea:
cd:1e:82:c2:e6:00:e4:99:3d:89:a5:dd:71:20:9e:
88:dd:5e:4d:ad:6d:cf:09:f3:a8:a6:13:6f:0c:03:
e1:0c:2e:98:b4:c2:a3:07:9c:1a:6f:5f:d3:76:2f:
be:99:ee:95:c6:b0:94:5f:b1:b8:a6:4b:93:2f:02:
f1:cc:23:c2:43:96:38:a5:bf:9b:7c:2d:6c:1c:35:
47:b8:80:3c:e7:fa:9f:0c:9c:ef:df:5e:8c:cf:74:
0b:0c:33:97:7f:ea:04:d5:c5:33:d3:0f:9e:b0:90:
25:da:ba:fd:68:9e:c9:b4:01:6e:a9:ef:63:33:30:
e9:08:c8:eb:93:cf:5b:99:bf:a1:ca:54:3a:c0:8a:
1d:93:6c:8a:d0:bc:2f:c7:22:fe:40:e3:44:76:9a:
d2:94:df:17:65:4b:7b:26:80:ce:d9:47:33:4d:f5:
66:e4:fc:c6:cd:72:ac:7e:f1:70:92:83:3e:72:21:
90:c0:ec:8d:ff:59:b1:5b:b3:32:50:94:c5:c1:6c:
7b:6a:56:c8:f9:10:7c:4b:1a:9e:61:2c:a2:21:ee:
5f:9c:a4:64:ec:32:d2:b4:7b:9a:88:42:a9:2c:56:
2e:17:96:fe:93:2b:44:0c:5e:9f:23:ce:02:f6:3b:
89:98:c0:41:fc:41:d7:fa:28:7d:44:01:f2:91:b2:
d1:ba:62:9e:d8:05:63:06:56:a6:c2:18:01:66:fd:
bd:44:2b:4d:59:c2:f0:9b:2c:10:74:34:6f:20:a1:
2a:3d:58:ce:5c:f0:51:e1:25:a1:e9:bf:b3:35:71:
c9:0d:65:c5:6c:75:01:b7:c3:fc:b3:96:93:c2:d8:
af:4d:59:2a:fd:cc:cf:a6:f3:c3:b5:96:92:7a:ab:
b4:4a:ae:38:a2:02:3d:e6:91:90:dd:a3:ec:a9:25:
c9:08:c1:51:b1:a9:20:5c:8c:6a:3a:91:e7:09:12:
7f:ce:ca:78:cf:28:43:aa:74:0b:5c:9e:11:70:ff:
c4:59:35
Exponent: 65537 (0x10001)
X509v3 extensions:
1.3.6.1.4.1.311.21.1:
...
X509v3 Subject Key Identifier:
84:DD:10:36:7B:0B:D2:08:A3:26:56:9F:22:95:25:41:85:2C:09:C0
X509v3 Certificate Policies:
Policy: X509v3 Any Policy
Policy: 1.3.6.1.4.1.311.76.509.1.1
CPS: http://www.microsoft.com/pkiops/Docs/Repository.htm
1.3.6.1.4.1.311.20.2:
.
.S.u.b.C.A
X509v3 Key Usage:
Digital Signature, Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Authority Key Identifier:
85:70:00:9F:77:59:1E:8C:AC:3C:9F:77:26:28:19:CC:9A:C1:8F:32
X509v3 CRL Distribution Points:
Full Name:
URI:http://www.microsoft.com/pkiops/crl/Microsoft%20Development%20Root%20Certificate%20Authority%202014.crl
Authority Information Access:
CA Issuers - URI:http://www.microsoft.com/pkiops/certs/Microsoft%20Development%20Root%20Certificate%20Authority%202014.crt
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
4e:ea:1d:0c:fe:d3:82:d1:75:5f:f0:30:df:77:8d:ac:83:56:
b0:34:cd:be:a7:07:f3:74:ac:ee:3c:4a:5d:1f:da:bd:2a:f6:
68:fb:2a:37:43:97:09:79:2c:01:bd:a1:d4:9a:75:38:94:97:
62:c8:eb:73:bc:89:94:43:cb:28:b4:4b:55:b9:f1:56:d5:24:
e2:cb:a7:f0:46:40:d6:fe:30:fe:29:32:53:ed:39:21:03:73:
30:95:2d:6a:b1:87:03:df:51:7c:f1:46:13:f9:f5:05:44:dd:
0f:92:63:3a:71:cc:cf:a0:55:f1:6d:2d:95:21:e0:76:54:64:
95:d9:66:8f:7f:6b:25:c5:8a:86:19:71:34:c5:53:22:f6:dc:
55:9b:da:ba:e6:a5:f2:f7:f6:2c:76:46:d2:61:de:48:da:e3:
70:1e:55:e0:31:8c:5b:f4:b3:c2:1d:fa:ff:7e:b1:8d:b5:de:
fe:94:fd:01:4a:cb:fa:1f:4c:0d:b4:5a:72:22:82:b6:2b:23:
53:0a:9d:2e:df:55:3d:fc:18:b3:32:5b:4e:b1:af:00:bf:9a:
f8:91:56:2e:71:4e:44:52:c7:35:79:d3:75:4a:b8:44:a5:a5:
f9:67:44:cf:27:30:dc:78:4f:7e:09:d5:a1:51:c0:6b:3f:8a:
e3:59:0b:71:ef:ca:92:35:9d:d1:2a:b7:8c:75:20:43:92:74:
2e:12:df:4e:7a:7b:59:a6:0c:65:87:ca:9b:69:53:75:22:ac:
d9:f6:d9:0f:39:be:c6:93:49:e1:6d:d8:63:72:e5:86:5c:29:
c7:d5:db:a5:f9:5e:93:39:b0:c5:84:c9:71:e2:15:54:a6:cc:
8a:a9:1e:46:24:4d:e4:3c:9f:c1:05:df:8c:34:33:6e:05:c1:
a1:40:d9:a8:0b:95:49:73:0c:03:4f:cc:c3:7c:52:23:de:a4:
36:c5:cd:82:3d:cb:f8:f0:12:7c:d8:1c:2d:5d:b7:ba:05:7e:
c0:0e:19:9f:52:7b:53:3f:06:9a:bd:94:27:62:4f:55:03:96:
e2:89:af:f3:cc:67:95:30:2d:1a:b4:00:bb:55:c7:6f:8b:90:
7d:4d:4f:2c:42:50:84:63:3e:2b:76:c3:04:f7:56:e0:e0:31:
76:50:e5:02:0c:00:aa:0e:4f:f4:a4:29:1f:12:96:62:a8:64:
dc:f1:c3:0e:26:d7:62:e3:c6:ad:a4:68:00:67:30:41:01:17:
1f:df:61:64:8b:83:1d:37:ba:82:f1:68:9d:b4:69:9f:ad:82:
dc:db:13:52:d6:4c:55:0b:0c:cd:f3:d5:b9:59:c6:f7:71:8b:
7d:ff:71:5e:3d:d9:de:00
pkcs7-signedData
- 1
- SHA256: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
- :
- SHA256
e1 6d cc 61 e8 1f 07 b4 58 f6 c9 0d 84 ef 18 40 |.m.a....X......@| 50 47 af 53 09 87 d6 0a 5a c5 36 6b db 0b 3b a3 |PG.S....Z.6k..;.|
- 1.3.6.1.4.1.311.2.1.15
- #0
- Certificates
- Certificate #0
- 2
- 33:00:00:05:48:E9:54:79:38:1F:F5:78:D2:00:00:00:
00:05:48 - RSA-SHA256: nil
- Issuer
- C: US
- ST: Washington
- L: Redmond
- O: Microsoft Corporation
- CN: Microsoft Development PCA 2014
- 2020-04-01 19:27:46 UTC: 2021-01-31 19:27:46 UTC
- Subject
- C: US
- ST: Washington
- L: Redmond
- O: Microsoft Corporation
- CN: Microsoft Windows
- #5
- rsaEncryption: nil
- B4:7A:F2:5B:E2:90:BD:BB:24:85:97:7F:97:69:A7:A6:
CA:A7:22:DD:0F:58:16:44:72:7B:52:7E:C4:1F:63:A9:
08:AE:E5:27:13:20:5D:4B:B5:00:FC:61:09:DD:DC:BB:
52:A3:A9:EF:4A:B7:6D:63:66:B2:04:F5:46:D0:F8:93:
0F:1F:31:08:8D:AE:76:7A:15:4D:8A:FE:D9:DA:6B:B5:
BC:58:49:78:A9:B9:C4:58:88:B8:DF:4C:53:BB:96:69:
4D:6B:82:DF:B0:76:FF:81:AB:EC:82:83:E9:10:87:7B:
E9:95:52:9C:43:9A:BD:71:47:A0:4A:2A:68:E5:B5:F7:
74:21:0F:34:19:BE:44:FB:AC:7E:EA:B9:A1:46:4A:AC:
EA:92:43:8F:82:DD:F5:E2:32:7B:86:EF:BF:BF:5A:C4:
F7:E7:18:9D:63:C7:BA:7E:4A:CB:C5:0F:3B:A0:48:0B:
E2:94:FC:A0:77:EF:52:59:92:67:01:C9:25:4C:D7:C3:
A8:AF:AF:A6:F5:63:A8:4B:F8:4A:20:49:6F:F8:0D:20:
2B:02:53:19:D5:00:3C:2C:5F:2D:AD:B1:9A:06:02:97:
22:B2:78:D4:A6:71:7C:69:04:4A:63:A3:A3:E9:31:30:
99:77:D9:4A:C9:18:1F:C3:98:C3:F8:9A:09:84:B7:CF: 0x010001
- #6
- extendedKeyUsage
- 1.3.6.1.4.1.311.10.3.13: 1.3.6.1.4.1.311.10.3.27, 1.3.6.1.4.1.311.10.3.6, codeSigning
- subjectKeyIdentifier:
da 9f 5c 38 0e 3f ef 1c 5d 12 8e 00 53 6c 18 f8 |..\8.?..]...Sl..| e3 f2 6c 09 |..l. |
- subjectAltName
- #0
- OU: Microsoft Corporation
- serialNumber: 231093+459556
- #0
- authorityKeyIdentifier:
84 dd 10 36 7b 0b d2 08 a3 26 56 9f 22 95 25 41 |...6{....&V.".%A| 85 2c 09 c0 |.,.. | - crlDistributionPoints: http://www.microsoft.com/pkiops/crl/Microsoft%20Development%20PCA%202014.crl
- authorityInfoAccess
- caIssuers: http://www.microsoft.com/pkiops/certs/Microsoft%20Development%20PCA%202014.crt
- basicConstraints
- true
- nil
- extendedKeyUsage
- 33:00:00:05:48:E9:54:79:38:1F:F5:78:D2:00:00:00:
- RSA-SHA256:
4d ce a1 7c d9 4d 45 fc a9 c3 c2 f6 2b 38 a3 d8 |M..|.ME.....+8..| a9 48 54 27 78 c8 a5 62 60 b9 5a 8e e8 59 c7 e8 |.HT'x..b`.Z..Y..| 8d 0c 03 ba fa 2d a1 5a b5 9d 36 58 15 ab 3f d4 |.....-.Z..6X..?.| aa 58 1b e9 37 a0 ce 77 ad f7 db e3 f2 c6 b2 7a |.X..7..w.......z| 03 fb c3 1d c9 d2 e9 f6 fb 74 2e fe 7e fe 98 12 |.........t..~...| 44 0f 13 03 fb 85 3d aa 69 35 e5 28 8c 26 93 9a |D.....=.i5.(.&..| 32 86 34 1f 34 39 50 01 12 a2 5e 03 63 ed cd 55 |2.4.49P...^.c..U| d3 58 5d e0 0d 60 fc 21 10 84 5d ed ab 63 bb 82 |.X]..`.!..]..c..| c5 e6 4d 3c a3 3a 0c 72 8e 8e 1c 93 cb 9e 86 0c |..M<.:.r........| 1d 4a b8 c5 27 c6 ab cb 45 a8 53 3a ab 8a 4f 10 |.J..'...E.S:..O.| 0f 4c 21 84 f5 2a 0a 27 bf 89 2d 35 4d b0 0a 15 |.L!..*.'..-5M...| 60 a0 ac 88 65 4f f3 34 10 84 18 11 27 2a 9e 9c |`...eO.4....'*..| fb f4 fa 40 28 8c e7 58 7e b6 a4 31 95 ce 36 18 |...@(..X~..1..6.| 14 57 e7 3f ab 3e 5c 6c 04 c3 a4 73 cd 8a ce 1a |.W.?.>\l...s....| e8 5d bc 44 0e 40 0e 0f 5e f7 c3 af 23 21 b4 09 |.].D.@..^...#!..| 85 ae 47 a1 7b 7e 19 dd 5d 78 cf 2b 3e 01 d1 13 |..G.{~..]x.+>...| 20 0c 31 02 2a d1 5e 5d 9e 58 f8 15 5e 47 ab b4 | .1.*.^].X..^G..| af 0d 35 95 70 53 c8 25 9b 60 91 30 1a 7b df f7 |..5.pS.%.`.0.{..| ce 5c d8 b0 cf 0d f2 80 99 28 9d de 70 dd 5a 4b |.\.......(..p.ZK| 41 72 d5 d0 e8 1c ae 63 38 fe 27 fd d9 fb 20 46 |Ar.....c8.'... F| 09 7d e1 9d 87 4a 24 f1 11 45 a5 a2 66 18 6d 14 |.}...J$..E..f.m.| e3 1f cb ff 83 5e 1b 61 f3 ea 03 eb e9 ae e0 12 |.....^.a........| e7 a4 7a 0a 2d 3d 7b 4e 96 a7 ee 89 e6 7a df ba |..z.-={N.....z..| d9 e9 cb d7 a3 78 e8 66 bc 87 21 a1 0f 0d 61 f5 |.....x.f..!...a.| bb 2b c1 5c 16 84 9c d4 62 8b 8d 03 f4 c7 67 00 |.+.\....b.....g.| de 32 89 9e 5d 16 d6 ac 23 a0 8c 65 e4 19 d3 b1 |.2..]...#..e....| ef 81 a2 20 bd fe 93 7a 37 45 6d d2 8f b5 7a 19 |... ...z7Em...z.| 57 a3 3e 41 b4 86 04 48 17 b6 b7 14 fd d4 b1 24 |W.>A...H.......$| b8 7e 4a eb bc bc b6 dd 2d cf ac 84 fd 34 d0 e1 |.~J.....-....4..| 80 c7 e2 79 29 39 68 86 fb ed 33 6d 20 38 95 19 |...y)9h...3m 8..| 86 2d ec 59 11 2f 5b 54 85 e2 da 3c 57 55 24 28 |.-.Y./[T...
- 2
- Certificate #1
- 2
- 33:00:00:00:03:C6:F9:B4:C3:AE:BE:59:4B:00:00:00:
00:00:03 - RSA-SHA256: nil
- Issuer
- C: US
- ST: Washington
- L: Redmond
- O: Microsoft Corporation
- CN: Microsoft Development Root Certificate Authority 2014
- 2014-05-28 17:33:33 UTC: 2029-05-28 17:43:33 UTC
- Subject
- C: US
- ST: Washington
- L: Redmond
- O: Microsoft Corporation
- CN: Microsoft Development PCA 2014
- #5
- rsaEncryption: nil
- CB:53:0C:41:F9:4D:44:24:C8:DA:65:4E:66:6C:C5:82:
95:70:72:33:F3:B7:2E:86:AE:16:41:BC:DC:D4:B8:69:
FB:12:C0:94:BE:AF:94:C2:7F:76:9C:3C:D3:54:D4:B5:
88:ED:8F:B1:0C:1B:51:4A:8F:EA:90:E3:AC:4E:F7:DF:
D2:12:7B:8E:7F:72:D0:35:3C:AC:E8:E9:67:CC:E9:32:
32:31:E8:43:5F:DF:14:9A:40:8F:18:0B:99:07:13:3B:
71:92:9B:1D:19:F9:9B:95:F7:4F:35:61:38:56:32:B2:
ED:64:84:18:FA:5A:85:B1:92:BF:01:B8:C6:96:93:04:
3A:A8:EA:EC:82:EA:CD:1E:82:C2:E6:00:E4:99:3D:89:
A5:DD:71:20:9E:88:DD:5E:4D:AD:6D:CF:09:F3:A8:A6:
13:6F:0C:03:E1:0C:2E:98:B4:C2:A3:07:9C:1A:6F:5F:
D3:76:2F:BE:99:EE:95:C6:B0:94:5F:B1:B8:A6:4B:93:
2F:02:F1:CC:23:C2:43:96:38:A5:BF:9B:7C:2D:6C:1C:
35:47:B8:80:3C:E7:FA:9F:0C:9C:EF:DF:5E:8C:CF:74:
0B:0C:33:97:7F:EA:04:D5:C5:33:D3:0F:9E:B0:90:25:
DA:BA:FD:68:9E:C9:B4:01:6E:A9:EF:63:33:30:E9:08:
C8:EB:93:CF:5B:99:BF:A1:CA:54:3A:C0:8A:1D:93:6C:
8A:D0:BC:2F:C7:22:FE:40:E3:44:76:9A:D2:94:DF:17:
65:4B:7B:26:80:CE:D9:47:33:4D:F5:66:E4:FC:C6:CD:
72:AC:7E:F1:70:92:83:3E:72:21:90:C0:EC:8D:FF:59:
B1:5B:B3:32:50:94:C5:C1:6C:7B:6A:56:C8:F9:10:7C:
4B:1A:9E:61:2C:A2:21:EE:5F:9C:A4:64:EC:32:D2:B4:
7B:9A:88:42:A9:2C:56:2E:17:96:FE:93:2B:44:0C:5E:
9F:23:CE:02:F6:3B:89:98:C0:41:FC:41:D7:FA:28:7D:
44:01:F2:91:B2:D1:BA:62:9E:D8:05:63:06:56:A6:C2:
18:01:66:FD:BD:44:2B:4D:59:C2:F0:9B:2C:10:74:34:
6F:20:A1:2A:3D:58:CE:5C:F0:51:E1:25:A1:E9:BF:B3:
35:71:C9:0D:65:C5:6C:75:01:B7:C3:FC:B3:96:93:C2:
D8:AF:4D:59:2A:FD:CC:CF:A6:F3:C3:B5:96:92:7A:AB:
B4:4A:AE:38:A2:02:3D:E6:91:90:DD:A3:EC:A9:25:C9:
08:C1:51:B1:A9:20:5C:8C:6A:3A:91:E7:09:12:7F:CE:
CA:78:CF:28:43:AA:74:0B:5C:9E:11:70:FF:C4:59:35: 0x010001
- #6
- 1.3.6.1.4.1.311.21.1: 0
- subjectKeyIdentifier:
84 dd 10 36 7b 0b d2 08 a3 26 56 9f 22 95 25 41 |...6{....&V.".%A| 85 2c 09 c0 |.,.. | - certificatePolicies
- anyPolicy
- 1.3.6.1.4.1.311.76.509.1.1
- id-qt-cps: http://www.microsoft.com/pkiops/Docs/Repository.htm
- 1.3.6.1.4.1.311.76.509.1.1
- anyPolicy
- 1.3.6.1.4.1.311.20.2:
00 53 00 75 00 62 00 43 00 41 |.S.u.b.C.A |
- keyUsage: 0x86
- basicConstraints: true, true
- authorityKeyIdentifier:
85 70 00 9f 77 59 1e 8c ac 3c 9f 77 26 28 19 cc |.p..wY...<.w&(..| 9a c1 8f 32 |...2 |
- crlDistributionPoints: http://www.microsoft.com/pkiops/crl/Microsoft%20Development%20Root%20Certificate%20Authority%202014.crl
- authorityInfoAccess
- caIssuers: http://www.microsoft.com/pkiops/certs/Microsoft%20Development%20Root%20Certificate%20Authority%202014.crt
- 33:00:00:00:03:C6:F9:B4:C3:AE:BE:59:4B:00:00:00:
- RSA-SHA256:
4e ea 1d 0c fe d3 82 d1 75 5f f0 30 df 77 8d ac |N.......u_.0.w..| 83 56 b0 34 cd be a7 07 f3 74 ac ee 3c 4a 5d 1f |.V.4.....t..
- 2
- Certificate #0
- Signer
- 1
- unnamed
- #0
- C: US
- ST: Washington
- L: Redmond
- O: Microsoft Corporation
- CN: Microsoft Development PCA 2014
- 33:00:00:05:48:E9:54:79:38:1F:F5:78:D2:00:00:00:
00:05:48
- #0
- SHA256: nil
- #3
- contentType: 1.3.6.1.4.1.311.2.1.4
- 1.3.6.1.4.1.311.2.1.11: msCodeInd
- messageDigest:
c0 41 42 81 e1 c2 29 5c bb d2 8a a8 01 8e 80 c7 |.AB...)\........| 86 d6 51 36 c1 35 81 e9 a4 ca f3 01 0b 92 a8 d4 |..Q6.5..........|
- 1.3.6.1.4.1.311.10.3.28: v3COSB8/MAAtlWHCGgsxSl7d0JN1kC8Vbesu19XlRk0=
- 1.3.6.1.4.1.311.2.1.12
00 4d 00 69 00 63 00 72 00 6f 00 73 00 6f 00 66 |.M.i.c.r.o.s.o.f| 00 74 00 20 00 57 00 69 00 6e 00 64 00 6f 00 77 |.t. .W.i.n.d.o.w| 00 73 |.s |
: http://www.microsoft.com/windows
- rsaEncryption:
89 61 e9 86 12 70 3f a4 4f 2b 31 ea e5 a1 1b b6 |.a...p?.O+1.....| f8 c8 5f 47 87 c0 f5 27 64 35 27 78 3d 3b 78 ca |.._G...'d5'x=;x.| 66 63 ab 1e 0f c9 a1 89 17 17 6c 75 20 f4 04 77 |fc........lu ..w| a1 5d 43 0c b5 24 29 00 c8 89 14 2c c1 b2 2d d2 |.]C..$)....,..-.| d7 83 c3 1a 49 a9 d3 78 3a 4f e1 a3 07 c8 33 10 |....I..x:O....3.| aa a4 50 c6 e1 0b f2 1c 0e af 62 6e d5 29 9b b5 |..P.......bn.)..| 01 5c 39 d6 ff 6a 74 29 5a bc a1 4b 81 ee cf 4a |.\9..jt)Z..K...J| b2 2d 8f 5d 9b 23 3c 4c 69 7c 08 3a c9 ae 2c 55 |.-.].#
| offset | size | type | comment | |
|---|---|---|---|---|
| 15c1 | 15 | HTM | # | |
| 9c148 | 16975 | PNG | (256 x 256) | # |
| a78d8 | 16975 | PNG | (256 x 256) | # |
| abb27 | 23346209 | BIN | overlay data past EOF | # |
Scanning the drive for archives: 1 file, 24049480 bytes (23 MiB) -- Type = PE Physical Size = 24049480 CPU = x64 64-bit = + Characteristics = Executable LargeAddress RemovableRun NetRun Created = 2035-12-18 02:29:21 Headers Size = 4096 Checksum = 24071021 Name = bluestub.exe Image Size = 729088 Section Alignment = 4096 File Alignment = 4096 Code Size = 495616 Initialized Data Size = 229376 Uninitialized Data Size = 0 Linker Version = 14.26 OS Version = 10.0 Image Version = 10.0 Subsystem Version = 6.1 Subsystem = Windows GUI DLL Characteristics = Relocated NX-Compatible TerminalServerAware 0x4020 Stack Reserve = 524288 Stack Commit = 8192 Heap Reserve = 1048576 Heap Commit = 4096 Image Base = 5368709120 Comment = FileVersion: 10.0.20206.1000 FileVersion: 10.0.20206.1000 (rs_prerelease.200828-1431) ProductVersion: 10.0.20206.1000 CompanyName: Microsoft Corporation FileDescription: Windows 10 Setup InternalName: bluestub.exe LegalCopyright: © Microsoft Corporation. All rights reserved. OriginalFilename: bluestub.exe ProductName: Microsoft® Windows® Operating System ---- Path = [0] Size = 23316008 Packed Size = 23316008 Virtual Size = 23316008 Offset = 729088 -- Path = [0] Type = Cab Offset = 180 Physical Size = 23315828 Method = MSZip Blocks = 1 Volumes = 1 Volume Index = 0 ID = 0 Date Time Attr Size Compressed Name ------------------- ----- ------------ ------------ ------------------------ 2020-08-28 22:16:14 ....A 86304 AppCompatServicing.dll 2020-08-28 17:19:10 ....A 270624 ReserveManager.dll 2020-08-28 17:25:16 ....A 180512 AppraiserRes.dll 2020-08-28 22:20:54 ....A 188704 DU.dll 2020-06-22 13:04:14 ....A 1365856 DiagTrack.dll 2020-06-22 13:04:14 ....A 88256 DiagTrackRunner.exe 2020-08-28 22:09:22 ....A 74016 Diager.dll 2020-08-28 17:28:14 ....A 1085728 Facilitator.dll 2020-08-28 22:21:12 ....A 1516792 GatherOsState.exe 2020-08-28 22:21:08 ....A 295200 Mitigation.dll 2020-08-28 17:29:00 ....A 49440 NXQuery.sys 2020-06-22 13:03:44 ....A 1824 SFCN.DAT 2020-06-22 13:03:44 ....A 1644 SFLCID.DAT 2020-06-22 13:04:12 ....A 5593408 SFLISTRS1.DAT 2020-06-22 13:04:12 ....A 4935438 SFLISTWT.DAT 2020-06-22 13:04:12 ....A 2636850 SFLISTWT.WOA.DAT 2020-08-28 20:26:52 ....A 11602 SFPAT.INF 2020-08-28 20:26:52 ....A 169870 SFPATRS1.INF 2020-08-28 20:26:52 ....A 165729 SFPATWT.INF 2020-08-28 17:29:12 ....A 397600 acmigration.dll 2020-08-28 17:19:36 ....A 336160 acres.dll 2020-08-28 22:13:04 ....A 864544 aeinv.dll 2020-08-28 17:22:44 ....A 2150688 appraiser.dll 2020-08-28 17:23:52 ....A 2611971 appraiser.sdb 2020-08-28 22:09:36 ....A 225568 cmi2migxml.dll 2020-08-28 22:11:44 ....A 172320 compatctrl.dll 2020-08-28 22:09:34 ....A 749856 csiagent.dll 2020-08-28 17:29:02 ....A 729376 devinv.dll 2020-08-28 17:21:36 ....A 1122592 dismapi.dll 2020-08-28 17:19:46 ....A 442656 dismcore.dll 2020-08-28 17:23:50 ....A 200992 dismcoreps.dll 2020-08-28 17:22:44 ....A 291104 dismprov.dll 2020-08-28 17:19:46 ....A 82208 folderprovider.dll 2020-08-28 22:11:54 ....A 684320 generaltel.dll 2020-08-28 17:22:08 ....A 246048 imagingprovider.dll 2020-08-28 17:22:42 ....A 180512 logprovider.dll 2020-08-28 22:09:32 ....A 10027296 migcore.dll 2020-08-28 22:09:36 ....A 274720 mighost.exe 2020-08-28 22:09:36 ....A 1339680 migstore.dll 2020-06-22 13:10:08 ....A 1475 nxquery.inf 2020-06-22 13:03:36 ....A 1240 reagent.admx 2020-08-28 22:09:44 ....A 1175840 reagent.dll 2020-06-22 13:03:36 ....A 837 reagent.xml 2020-08-28 22:21:10 ....A 69920 reportgen.dll 2020-08-28 22:11:56 ....A 397600 setupcompat.dll 2020-08-17 17:15:46 ....A 11155 setupplatform.cfg 2020-08-28 22:09:38 ....A 10420512 setupplatform.dll 2020-08-28 17:23:50 ....A 229664 unattend.dll 2020-08-28 22:09:40 ....A 1216800 unbcl.dll 2020-08-28 17:22:24 ....A 614688 vhdprovider.dll 2020-08-28 22:21:00 ....A 319776 wdsclientapi.dll 2020-08-28 17:29:10 ....A 278816 wdscore.dll 2020-08-28 22:09:36 ....A 86304 wdscsl.dll 2020-08-28 22:09:48 ....A 995616 wdsimage.dll 2020-08-28 22:20:54 ....A 692512 wdstptc.dll 2020-08-28 22:09:40 ....A 352544 wdsutil.dll 2020-08-28 17:21:42 ....A 655648 wimprovider.dll 2020-08-28 17:22:28 ....A 1495328 wpx.dll 2020-08-28 22:21:22 ....A 3137824 MediaSetupUIMgr.dll 2020-08-28 22:22:44 ....A 2711840 SetupCore.dll 2020-08-28 22:22:50 ....A 1032480 SetupMgr.dll 2020-08-28 22:22:46 ....A 1564960 WinDlp.dll 2020-08-28 22:22:48 ....A 885024 SetupHost.exe 2020-08-28 22:22:40 ....A 299296 SetupPlatform.exe 2020-08-28 22:23:58 ....A 20768 migres.dll 2020-08-28 17:25:22 ....A 229664 compatAppraiserResources.dll 2020-08-28 22:21:42 ....A 3232032 compatResources.dll 2020-08-28 22:17:06 ....A 773167 hwcompat.txt 2020-08-28 22:17:06 ....A 51 hwexclude.txt 2020-08-28 17:29:12 ....A 570744 SetupDiag.exe ------------------- ----- ------------ ------------ ------------------------ 2020-08-28 22:23:58 75322133 24049480 70 files
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] ignoring invalid PEdump::BITMAPINFOHEADER