filenamesigntool.exe
size410056 (0x641c8)
md551370bdda624ad04cdb2d05876ff4897
typePE32+ executable (console) x86-64, for MS Windows
mimetypeapplication/x-dosexec
clamavOK
virustotal→ scan with virustotal.com
histogram

MZ Header

signatureMZ
bytes_in_last_block0x90
blocks_in_file3
num_relocs0
header_paragraphs4
min_extra_paragraphs0
max_extra_paragraphs0xffff
ss0
sp0xb8
checksum0
ip0
cs0
reloc_table_offset0x40
overlay_number0
reserved00
oem_id0
oem_info0
reserved20
reserved30
reserved40
reserved50
reserved60
lfanew0xe0

Rich Header

lib idversiontimes used
259267153
2612671522
2602671533
2572671531
10260
2652671531
255267151
258267151

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

SignaturePE
Machine0x8664
NumberOfSections6
TimeDateStamp0x2d8c3e38
PointerToSymbolTable0
NumberOfSymbols0
SizeOfOptionalHeader0xf0
Characteristics0x22
Magic0x20b
LinkerVersion14.15
SizeOfCode0x3ae00
SizeOfInitializedData0x2ba00
SizeOfUninitializedData0
AddressOfEntryPoint0x37400
BaseOfCode0x1000
ImageBase0x140000000
SectionAlignment0x1000
FileAlignment0x200
OperatingSystemVersion10.0
ImageVersion10.0
SubsystemVersion6.0
Reserved10
SizeOfImage0x6a000
SizeOfHeaders0x400
CheckSum0x6ed4c
Subsystem3
DllCharacteristics0xc160
SizeOfStackReserve0x80000
SizeOfStackCommit0x2000
SizeOfHeapReserve0x100000
SizeOfHeapCommit0x1000
LoaderFlags0
NumberOfRvaAndSizes0x10

Packer / Compiler

MS Visual C++ 8.0

Sections

namevavsizeraw sizeflags
.text0x10000x3ad6c0x3ae00R-X CODE
.rdata0x3c0000x12d620x12e00R-- IDATA
.data0x4f0000x53180x800RW- IDATA
.pdata0x550000x24600x2600R-- IDATA
.rsrc0x580000x10d680x10e00R-- IDATA
.reloc0x690000x2b00x400R-- IDATA DISCARDABLE

Data Directory

typevasize
EXPORT00
IMPORT0x4d0e40x140
RESOURCE0x580000x10d68
EXCEPTION0x550000x2460
SECURITY0x620000x21c8
BASERELOC0x690000x2b0
DEBUG0x435500x54
ARCHITECTURE00
GLOBALPTR00
TLS0x3c9880x28
LOAD_CONFIG0x3c8800x108
Bound_IAT00
IAT0x3c9b00x858
Delay_IAT00
CLR_Header00

TLS

raw
start		raw
end		indexcallbkszero
fill		flags
0x1400448e00x1400448e80x1400501b00x14003d2d800x300000
typenamesizecp
CERTIFICATEMSAUTHROOT9860
CERTIFICATEMSCVROOT18010
CERTIFICATEMSFLIGHTROOT201415450
CERTIFICATEMSROOT10460
CERTIFICATEMSROOTCERT14370
CERTIFICATEMSROOTCERT201015210
STRING#19400
STRING#727540
STRING#829580
STRING#910460
STRING#1032680
STRING#1138420
STRING#1327200
STRING#1437280
STRING#1516360
STRING#199640
STRING#2012280
STRING#2628620
STRING#3217820
STRING#636480
STRING#6422400
STRING#651020
STRING#694220
STRING#708240
STRING#766700
STRING#821460
STRING#12619140
STRING#1329920
STRING#13328000
STRING#13448780
STRING#13510220
STRING#1385360
STRING#13920240
STRING#14020320
STRING#14113840
STRING#1443760
STRING#14518740
STRING#15114700
STRING#15713220
VERSION#19440
idlangstring
01033.1253
101033Usage: signtool <command> [options] Valid commands: sign -- Sign files using an embedded signature. timestamp -- Timestamp previously-signed files. verify -- Verify embedded or catalog signatures. catdb -- Modify a catalog database. remove -- Remove embedded signature(s) or reduce the size of an embedded signed file. For help on a specific command, enter "signtool <command> /?"
1001033Usage: signtool sign [options] <filename(s)> Use the "sign" command to sign files using embedded signatures. Signing protects a file from tampering, and allows users to verify the signer (you) based on a signing certificate. The options below allow you to specify signing parameters and to select the signing certificate you wish to use.
1011033 Certificate selection options:
1021033 Signing parameter options:
1031033 Private Key selection options:
1041033 Other options:
1061033/a Select the best signing cert automatically. SignTool will find all valid certs that satisfy all specified conditions and select the one that is valid for the longest. If this option is not present, SignTool will expect to find only one valid signing cert.
1071033/c <name> Specify the Certificate Template Name (Microsoft extension) of the signing cert.
1081033/csp <name> Specify the CSP containing the Private Key Container.
1091033/d <desc.> Provide a description of the signed content.
1101033/du <URL> Provide a URL with more information about the signed content.
1111033/f <file> Specify the signing cert in a file. If this file is a PFX with a password, the password may be supplied with the "/p" option. If the file does not contain private keys, use the "/csp" and "/kc" options to specify the CSP and container name of the private key.
1121033/i <name> Specify the Issuer of the signing cert, or a substring.
1151033/kc <name> Specify the Key Container Name of the Private Key.
1161033/n <name> Specify the Subject Name of the signing cert, or a substring.
1171033/p <pass.> Specify a password to use when opening the PFX file.
1181033/q No output on success and minimal output on failure. As always, SignTool returns 0 on success, 1 on failure, and 2 on warning.
1191033/r <name> Specify the Subject Name of a Root cert that the signing cert must chain to.
1201033/s <name> Specify the Store to open when searching for the cert. The default is the "MY" Store.
1211033/sm Open a Machine store instead of a User store.
1221033/sha1 <h> Specify the SHA1 thumbprint of the signing cert.
1231033/t <URL> Specify the timestamp server's URL. If this option is not present, the signed file will not be timestamped. A warning is generated if timestamping fails.
1241033/u <usage> Specify the Enhanced Key Usage that must be present in the cert. The parameter may be specified by OID or by string. The default usage is "Code Signing" (1.3.6.1.5.5.7.3.3).
1251033/uw Specify usage of "Windows System Component Verification" (1.3.6.1.4.1.311.10.3.6).
1261033/v Print verbose success and status messages. This may also provide slightly more information on error.
1271033/ac <file> Add an additional certificate, from <file>, to the signature block.
1291033/ph Generate page hashes for executable files if supported.
1301033/nph Suppress page hashes for executable files if supported.
1311033 The default is determined by the SIGNTOOL_PAGE_HASHES environment variable and by the wintrust.dll version.
1321033/as Append this signature. If no primary signature is present, this signature will be made the primary signature instead.
1341033/es Enumerate signatures on a file.
1351033/debug Display additional debug information.
1471033/fd Specifies the file digest algorithm to use for creating file signatures. (Default is SHA1)
1481033/tr <URL> Specifies the RFC 3161 timestamp server's URL. If this option (or /t) is not specified, the signed file will not be timestamped. A warning is generated if timestamping fails. This switch cannot be used with the /t switch.
1491033/tseal <URL> Specifies the RFC 3161 timestamp server's URL for timestamping a sealed file.
1501033/td <alg> Used with the /tr or /tseal switch to request a digest algorithm used by the RFC 3161 timestamp server.
1511033/ed Enumerates digest algorithms supported on this machine that can be used for signing, page hashes and timestamps.
1521033 PKCS7 options:
1531033/p7 <path> Specifies that for each specified content file a PKCS7 file is produced. The PKCS7 file will be named: <path>\<file>.p7
1541033/p7co <OID> Specifies the <OID> that identifies the signed content.
1551033/p7ce <Value> Defined values: Embedded - Embeds the signed content in the PKCS7. DetachedSignedData - Produces the signed data part of a detached PKCS7. The default is 'Embedded'
1561033/seal Add a sealing signature if the file format supports it.
1571033/itos Create a primary signature with the intent-to-seal attribute.
1581033/force Continue to seal or sign in situations where the existing signature or sealing signature needs to be removed to support sealing.
1591033/nosealwarn Sealing-related warnings do not affect SignTool's return code.
1601033 Digest options:
1611033/dg <path> Generates the to be signed digest and the unsigned PKCS7 files. The output digest and PKCS7 files will be: <path>\<file>.dig and <path>\<file>.p7u. To output an additional XML file, see /dxml.
1621033/ds Signs the digest only. The input file should be the digest generated by the /dg option. The output file will be: <file>.signed.
1631033/di <path> Creates the signature by ingesting the signed digest to the unsigned PKCS7 file. The input signed digest and unsigned PKCS7 files should be: <path>\<file>.dig.signed and <path>\<file>.p7u.
1641033/dxml When used with the /dg option, produces an XML file. The output file will be: <path>\<file>.dig.xml.
1651033/dlib <dll> Specifies the DLL implementing the AuthenticodeDigestSign function to sign the digest with. This option is equivalent to using SignTool separately with the /dg, /ds, and /di switches, except this option invokes all three as one atomic operation.
1661033/dmdf <file> When used with the /dlib option, passes the file's contents to the AuthenticodeDigestSign function without modification.
1671033/sa <OID> <value> Specify an OID and value to be included as an authenticated attribute in the signature. The value will be encoded as an ASN1 UTF8 string. This option may be given multiple times.
1681033/rmc Specifies signing a PE file with the relaxed marker check semantic. The flag is ignored for non-PE files. During verification, certain authenticated sections of the signature will bypass invalid PE markers check. This option should only be used after careful consideration and reviewing the details of MSRC case MS12-024 to ensure that no vulnerabilities are introduced.
2001033Usage: signtool verify [options] <filename(s)> Use the "verify" command to verify embedded or catalog signatures. Verification determines if the signing certificate was issued by a trusted party, whether that certificate has been revoked, and whether the certificate is valid under a specific policy. Options allow you to specify requirements that must be met and to specify how to find the catalog, if appropriate.
2011033 Catalogs are used by Microsoft and others to sign many files very efficiently. Catalog options:
2021033 Other options:
2031033 SignTool uses the "Windows Driver" Verification Policy by default. The options below allow you to use alternate Policies. Verification Policy options:
2041033 Signature requirement options:
2051033/a Automatically attempt to verify the file using all methods. First search for a catalog using all catalog databases. If the file is not signed in any catalog, attempt to verify the embedded signature. When verifying files that may or may not be signed in a catalog, such as Windows files and drivers, this option is the easiest way to ensure that the signature is found.
2061033/ad Find the catalog automatically using the default catalog database.
2071033/as Find the catalog automatically using the system component (driver) catalog database.
2081033/ag <GUID> Find the catalog automatically in the specified catalog database. Catalog databases are identified by GUID. Example GUID: {F750E6C3-38EE-11D1-85E5-00C04FC295EE}
2091033/c <file> Specify the catalog file.
2101033/ca <h> Verify that the file is signed with an intermediate CA cert with the specified hash. This option may be specified multiple times; one of the specified hashes must match.
2111033/o <ver> When verifying a file that is in a signed catalog, verify that the file is valid for the specified platform. Parameter format is: PlatformID:VerMajor.VerMinor.BuildNumber
2121033/pa Use the "Default Authenticode" Verification Policy.
2131033/pg <GUID> Specify the verification policy by GUID (also called ActionID).
2141033/q No output on success and minimal output on failure. As always, SignTool returns 0 on success, 1 on failure, and 2 on warning.
2151033/r <name> Specify the Subject Name of a Root cert that the signing cert must chain to.
2161033/sha1 <h> Verify that the signer certificate has the specified hash. This option may be specified multiple times; one of the specified hashes must match.
2171033/tw Generate a Warning if the signature is not timestamped.
2181033/u <usage> Generate a Warning if the specified Enhanced Key Usage is not present in the cert. This option may be given multiple times.
2191033/v Print verbose success and status messages. This may also provide slightly more information on error. If you want to see information about the signer, you should use this option.
2201033/kp Perform the verification with the kernel-mode driver signing policy.
2211033 Manifest options:
2221033/ph Print and verify page hash values.
2231033/d Print Description and Description URL.
2241033/all Verify all signatures in a file with multiple signatures.
2251033/ds <index> Verify the signature at <index>.
2261033/ms Use multiple verification semantics. This is the default behavior of a Win8 WinVerifyTrust call.
2271033/p7 Verify PKCS7 files. No existing policies are used for p7 validation. The signature is checked and a chain is built for the signing certificate.
2281033/hash <SHA1 | SHA256> Optional hash algorithm to use when searching for a file in a catalog.
2291033/sl Verify sealing signatures for supported file types.
2301033/bp Perform the verification with the Biometric mode signing policy.
2331033/enclave Perform the verification with the enclave signing policy. This also prints the Unique ID and Author ID information.
3001033Usage: signtool timestamp [options] <filename(s)> Use the "timestamp" command to add a timestamp to a previously-signed file. The "/t" option is required.
3011033/q No output on success and minimal output on failure. As always, SignTool returns 0 on success and 1 on failure.
3021033/t <URL> Specify the timestamp server's URL.
3031033/v Print verbose success and status messages. This may also provide slightly more information on error.
3041033/tr <URL> Specifies the RFC 3161 timestamp server's URL.
3051033/tseal <URL> Specifies the RFC 3161 timestamp server's URL for timestamping a sealed file. One of /t, /tr or /tseal is required.
3061033/td <alg> Used with the /tr or /tseal switch to request a digest algorithm used by the RFC 3161 timestamp server.
3071033/tp <index> Timestamps the signature at <index>.
3081033/p7 Timestamps PKCS7 files.
3091033/force Remove any sealing signature that is present in order to timestamp.
3101033/nosealwarn Warnings for removing a sealing signature do not affect SignTool's return code.
4001033Usage: signtool catdb [options] <filename(s)> Use the "catdb" command to add or remove catalog files to or from a catalog database. Catalog databases are used for automatic lookup of catalog files, and are identified by GUID.
4011033 Catalog Database options allow you to select which catalog database to operate on. If you do not specify a catalog database, SignTool operates on the system component (driver) database. Catalog Database options:
4021033 Other options specify what to do with the selected catalog database, and other behavior. If you do not specify any other options, SignTool will add the specified catalogs to the catalog database, replacing any existing catalog which has the same name. Other options:
4031033/d Operate on the default catalog database instead of the system component (driver) catalog database.
4041033/g <GUID> Operate on the specified catalog database.
4051033/q No output on success and minimal output on failure. As always, SignTool returns 0 on success and 1 on failure.
4061033/r Remove the specified catalogs from the catalog database.
4071033/u Automatically generate a unique name for the added catalogs. The catalog files will be renamed if necessary to prevent name conflicts with existing catalog files.
4081033/v Print verbose success and status messages. This may also provide slightly more information on error.
5001033Usage: signtool remove [options] <filename(s)> Use the "remove" command to remove the embedded signature(s) or sections of the embedded signature on a PE/COFF file. WARNING: This command will modify the file on the disk. Please create a backup copy if you want to preserve the original file. The option "/c" and/or "/u", or "/s" is required.
5011033/u Remove the unauthenticated attributes from the signature e.g. Dual signatures and timestamps.
5021033/c Remove all certificates, except for the signer certificate from the signature.
5031033/q No output on success and minimal output on failure. As always, SignTool returns 0 on success and 1 on failure.
5041033/v Print verbose success and status messages. This may also provide slightly more information on error.
5051033/s Remove the signature(s) entirely.
10011033SignTool Error: A required parameter is missing.
10021033SignTool Error: Invalid command: %1!s!
10031033SignTool Error: Missing filename.
10041033SignTool Error: File not found: %1!s!
10051033SignTool Error: You cannot use the %1!s! option twice.
10061033SignTool Error: The %1!s! option requires a parameter.
10071033SignTool Error: Invalid option: %1!s!
10081033SignTool Error: An unexpected internal error has occurred.
10091033SignTool Error: The %1!s! option requires the %2!s! option.
10101033SignTool Error: The %1!s! option requires the use of one of the following options: %2!s!
10111033SignTool Error: The %1!s! option is incompatible with the %2!s! option.
10121033SignTool Error: The %1!s! option cannot be used with any of the following options: %2!s!
10131033SignTool Error: The %1!s! option is required.
10141033SignTool Error: There was an error opening the file list: %1!s!
10151033SignTool Error: Invalid GUID format: %1!s! Expected GUID format: {F750E6C3-38EE-11D1-85E5-00C04FC295EE}
10161033SignTool Error: Occurrence of DLL name and parameter mismatched.
10171033SignTool Error: This version of signtool does not support the %1!s! functionality.
10181033SignTool Error: Missing required parameter(s), expecting %!s!.
10191033SignTool Error: The %1!s! option cannot be used with any other option.
10201033SignTool Error: The %1!s! option is incompatible with signing multiple files.
10211033SignTool Error: Out of memory.
10221033SignTool Error: Invalid Enhanced Key Usage: %1!s!
10231033SignTool Error: Specify the RFC 3161 timestamp server's URL instead with /tr.
10241033SignTool Error: Invalid OID: %1!s!
11001033SignTool Error: Invalid SHA1 hash format: %1!s!
11011033SignTool Error: The Enhanced Key Usage string is too long.
11021033SignTool Error: Invalid Timestamp URL: %1!s!
11031033SignTool Error: Invalid hash format: %1!s!
11041033SignTool Error: The hash provided is too long.
11101033SignTool Error: Invalid DSIG value: %1!s!
11111033SignTool Error: Invalid Key Spec value: %1!s!
11121033SignTool Error: The signer's certificate is not valid for signing.
11131033SignTool Error: The specified algorithm cannot be used or is invalid.
11141033SignTool Error: No private key is available.
11151033SignTool Error: Only P7 Embedded signatures are supported with Digest Signing.
12001033SignTool Error: Invalid OS Version string: %1!s! Expected format: PlatformID:VerMajor.VerMinor Examples: 2:5.0 -- Windows NT, Version 5.0 -- Windows 2000 2:5.1 -- Windows NT, Version 5.1 -- Windows XP You may optionally add a build number to the Version string. Example: 2:5.1.2600 -- Windows XP final build
13001033SignTool Error: Invalid index selected for timestamping.
20001033Number of warnings: %1!u!
20011033Number of errors: %1!u!
20021033SignTool Warning: The following option or combination of options is not supported and will be ignored in whole or in part: %1!s!
20031033SignTool Error: No files were processed.
20041033SignTool Error: %1!s! returned error: 0x%2!08X! %3!s!
20051033SignTool Error: Signtool requires CAPICOM version 2.1.0.1 or higher. Please copy the latest version of CAPICOM.dll into the directory that contains SignTool.exe. If CAPICOM.dll exists, you may not have proper permissions to install CAPICOM.
20061033SignTool Error: Access is denied.
20071033SignTool Error: The file is being used by another process.
20081033SignTool Error: The file cannot be mapped into memory. It may be zero size.
20101033SignTool Error: This version of signtool is not supported on this operating system.
20111033SignTool Error: A required function is not present. This error likely means that you are running SignTool on an OS that does not support the options you've specified.
21001033Number of files successfully Signed: %1!u!
21011033The following certificate was selected:
21021033Issued to: %1!s!
21031033Issued by: %1!s!
21041033Expires: %1!s!
21051033SHA1 hash: %1!s!
21061033Successfully signed: %1!s!
21071033Successfully signed and timestamped: %1!s!
21081033 Attempting to sign: %1!s!
21091033SignTool Warning: Signing succeeded, but an error occurred while attempting to timestamp: %1!s!
21101033SignTool Error: The specified PFX password is not correct.
21111033SignTool Error: No certificates were found that met all the given criteria.
21121033SignTool Error: The specified CSP could not be found.
21131033SignTool Error: The private key for the selected certificate is not accessible.
21141033SignTool Error: An error occurred while attempting to load the signing certificate from: %1!s!
21151033SignTool Error: No certificate was found with the specified SHA1 Hash.
21161033SignTool Error: No certificate was found with the specified Issuer.
21171033SignTool Error: Multiple certificates were found that meet all the given criteria. Use the /a option to allow SignTool to choose the best certificate automatically or use the /sha1 option with the hash of the desired certificate. The following certificates meet all given criteria:
21181033SignTool Error: An error occurred while attempting to open the certificate store: "%1!s!"
21191033SignTool Error: An error occurred while attempting to sign: %1!s!
21201033SignTool Error: This file format cannot be signed because it is not recognized.
21211033SignTool Error: The specified private key does not match the public key of the selected certificate.
21221033SignTool Error: The "%1!s!" certificate store was not found.
21231033SignTool Error: The specified private key container was not found.
21241033SignTool Error: An error occurred while attempting to open the specified private key container.
21251033Either the file being signed or one of the DLL specified by /j switch
21261033SignTool Warning: Unable to enable page-hashes.
21271033SignTool Warning: Unable to disable page-hashes.
21281033 The following certificates have been found to be suitable for signing:
21291033The expiration date cannot be determined.
21301033Signtool Error: The provided cross certificate would not be present in the certificate chain.
21311033Signtool Error: One of the secondary signatures has an invalid or missing sequence number.
21321033SignTool Error: Multiple signature support is not implemented for this filetype.
21331033SignTool Error: Invalid index specified.
21341033SignTool Error: This file is signed with an older version of the Authenticode signature format that does not support sealing. The file will have to have its existing signature(s) removed and resigned with support for sealing. The /force option must be specified as part of the command in order to do so.
21351033SignTool Warning: The existing signature was removed and the file was successfully re-signed and sealed.
21361033SignTool Error: This file is signed with an older version of the Authenticode signature format that does not support sealing. The file will have to have its existing signature(s) removed and resigned with support for sealing. The /force option must be specified as part of the command in order to do so.
21371033SignTool Warning: The existing signature was removed and the file was successfully re-signed with the intentToSeal attribute set. The file will fail verification until the signature is sealed and users are therefore advised to seal.
21381033The file was signed with the intentToSeal attribute set. The file will fail verification until the signature is sealed and users are therefore advised to seal.
21391033SignTool Error: The file has a sealed signature. In order to append more signatures the seal will have to be removed and the file will have to be re-signed. The /force option must be specified as part of the command in order to do so.
21401033SignTool Warning: The existing seal was removed from the file and the desired signature was appended to the file. The file will fail verification until the signature is sealed and users are therefore advised to seal.
21411033SignTool Error: The file has a sealing signature. In order to seal with a new signer the existing sealing signature will be replaced. The /force option must be specified as part of the command in order to do so.
21421033SignTool Warning: The existing sealing signature was successfully replaced on the file.
21431033The file was signed but no sealing operations were performed since the file format does not support sealing signatures.
21441033SignTool Error: The existing signature cannot be timestamped and sealed in the same signtool command. Use separate commands to replace or timestamp the signature, and then seal the file.
21451033SignTool Error: A signature exists for this signer and the digest algorithm cannot be changed while sealing. Use separate commands to replace the signature, and then seal the file.
21461033SignTool Error: There was an unspecified error while sealing.
21471033For more information, please see https://aka.ms/badexeformat
22001033Number of files successfully Verified: %1!u!
22011033Number of failed Verifications: %1!u!
22021033 Verifying: %1!s!
22031033Successfully verified: %1!s!
22041033File is signed in catalog: %1!s!
22051033Unable to verify this file using a catalog.
22061033Signing Certificate Chain:
22071033Countersigned by:
22081033Timestamp Verified by:
22091033File is not timestamped.
22101033The signature is timestamped: %1!s!
22111033This catalog file has been previously evaluated.
22121033SignTool Warning: File is not timestamped: %1!s!
22131033SignTool Error: An error occurred while attempting to verify: %1!s!
22141033SignTool Error: File not valid: %1!s!
22151033SignTool Error: Signing Cert does not chain to the specified Root Cert.
22161033SignTool Error: Could not open the specified catalog: %1!s!
22171033SignTool Error: File not found in the specified catalog.
22181033SignTool Error: This catalog is not valid for the specified OS version.
22191033SignTool Error: This catalog is not valid for the current OS version. You may use the /o option to verify against a different OS version.
22201033SignTool Error: This file format cannot be verified because it is not recognized.
22211033SignTool Error: The signing certificate is not valid for the requested usage.
22221033 This error sometimes means that you are using the wrong verification policy. Consider using the /pa option.
22231033SignTool Error: No signature found.
22241033SignTool Error: A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.
22251033SignTool Error: /kp cannot be used with /bp, /pa, or /pg.
22261033The signature is timestamped, however the timestamp time is not valid.
22271033SignTool Error: Signing Cert does not chain to a Microsoft Root Cert.
22281033SignTool Warning: A discrepancy was detected in the page hashes. The computed page hashes do not match the embedded page hashes.
22291033SignTool Warning: No page hashes are present.
22311033Page hashes:
22321033Computed page hashes:
22331033File has page hashes.
22341033Cross Certificate Chain:
22351033SignTool Error: Signature did not pass crypto policy.
22361033Number of signatures successfully Verified: %1!u!
22371033SignTool Warning: The timestamp certificate is not valid for the requested usage.
22381033SignTool Warning: An error has been found with the timestamp. CERT_TRUST_STATUS.dwErrorStatus: 0x%1!08X! CERT_TRUST_STATUS.dwInfoStatus: 0x%1!08X!
22391033SignTool Error: File is marked intent-to-seal but lacks a sealing signature
22401033File is marked with intent to seal.
22411033File is not marked with intent to seal.
22421033File does not support sealing signatures.
22431033This signer seals the file.
22441033SignTool Error: The signer does not possess the specified EKUs.
22451033SignTool Error: No intermediate CA with a specified thumbprint was found.
22461033SignTool Error: The signing certificate does not have a specified SHA1 hash.
22471033SignTool Error: /bp cannot be used with /kp, /pa, or /pg.
22481033SignTool Error: The signing certificate is not valid for Biometric policy.
22491033SignTool Error: The signing certificate or attributes are not valid for Enclave policy.
22501033SignTool Warning: Enclave information could not be created.
22511033Unique ID: %1!s!
22521033Author ID: %1!s!
23001033Number of files successfully timestamped: %1!u!
23011033 Timestamping: %1!s!
23021033Successfully timestamped: %1!s!
23031033SignTool Error: An error occurred while attempting to timestamp: %1!s!
23041033SignTool Error: No signature was found. The file must be signed before it can be timestamped.
23051033SignTool Error: The specified timestamp server either could not be reached or returned an invalid response.
23061033SignTool Warning: The specified algorithm is not considered secure.
23071033SignTool Error: The file has a sealed signature. In order to timestamp the file the seal will have to be removed and the file will have to be resigned. The /force option must be specified as part of the command in order to do so.
23081033SignTool Warning: The existing seal was removed from the file and the file was successfully timestamped. The file will fail verification until the signature is sealed and users are therefore advised to seal.
23091033SignTool Error: No sealing signature was found. The file must be sealed before it can be seal timestamped.
23101033SignTool Error: The file format does not support sealing signatures and cannot be seal timestamped.
24001033Adding Catalog: %1!s!
24011033Removing Catalog: %1!s!
24021033Catalog added successfully: %1!s!
24031033Catalog added successfully: %1!s! System assigned name: %2!s!
24041033Catalog removed successfully: %1!s!
24051033Number of catalog files successfully Added: %1!u!
24061033Number of catalog files successfully Removed: %1!u!
24071033SignTool Error: An error occurred while attempting to add: %1!s!
24081033SignTool Error: An error occurred while attempting to remove: %1!s!
24091033SignTool Error: Removing a catalog is not supported on this version of windows.
24101033SignTool Error: Invalid catalog name: %1!s! Please specify just the filename, with no path or wildcard specifiers.
24111033SignTool Error: Catalog not found in the catalog database: %1!s!
24121033SignTool Error: Invalid catalog file: %1!s!
25001033Removing unauthenticated attributes from the signature on file: %1!s!
25011033Removing CA certificates from the signature on file: %1!s!
25021033Successfully committed changes to the file: %1!s!
25031033SignTool Error: Unsupported file type: %1!s!
25041033SignTool Error: Unsupported number of certificates on image (only one is expected): %1!s!
25051033SignTool Warning: No unauthenticated attributes found in the signature.
25061033SignTool Warning: No certificates were removed.
25071033Number of files successfully processed: %1!u!
25081033SignTool Error: Failed to obtain the cryptographic message: %1!s!
25091033SignTool Error: Failed to properly build the Subject Info: %1!s!
25101033Removing signature on file: %1!s!
module_namehintordfunction_name
ADVAPI32.dll200CryptDestroyKey
ADVAPI32.dll220CryptReleaseContext
ADVAPI32.dll216CryptGetUserKey
ADVAPI32.dll207CryptEnumProvidersW
ADVAPI32.dll194CryptAcquireContextW
ADVAPI32.dll199CryptDestroyHash
ADVAPI32.dll196CryptCreateHash
ADVAPI32.dll221CryptSetHashParam
ADVAPI32.dll228CryptSignHashA
KERNEL32.dll850HeapFree
KERNEL32.dll368FileTimeToSystemTime
KERNEL32.dll367FileTimeToLocalFileTime
KERNEL32.dll402FindNextFileW
KERNEL32.dll390FindFirstFileW
KERNEL32.dll615GetLastError
KERNEL32.dll1010MultiByteToWideChar
KERNEL32.dll360ExpandEnvironmentStringsW
KERNEL32.dll597GetFileType
KERNEL32.dll1569WriteFile
KERNEL32.dll967LoadLibraryW
KERNEL32.dll551GetDateFormatEx
KERNEL32.dll699GetProcessHeap
KERNEL32.dll1549WideCharToMultiByte
KERNEL32.dll734GetStringTypeW
KERNEL32.dll305EncodePointer
KERNEL32.dll266DecodePointer
KERNEL32.dll871InitializeCriticalSection
KERNEL32.dll309EnterCriticalSection
KERNEL32.dll960LeaveCriticalSection
KERNEL32.dll273DeleteCriticalSection
KERNEL32.dll1419Sleep
KERNEL32.dll1468UnhandledExceptionFilter
KERNEL32.dll1403SetUnhandledExceptionFilter
KERNEL32.dll541GetCurrentProcess
KERNEL32.dll1434TerminateProcess
KERNEL32.dll1206ReleaseSRWLockExclusive
KERNEL32.dllAcquireSRWLockExclusive
KERNEL32.dll1518WakeAllConditionVariable
KERNEL32.dll1421SleepConditionVariableSRW
KERNEL32.dll638GetModuleHandleW
KERNEL32.dll1104QueryPerformanceCounter
KERNEL32.dll542GetCurrentProcessId
KERNEL32.dll546GetCurrentThreadId
KERNEL32.dll752GetSystemTimeAsFileTime
KERNEL32.dll782GetTickCount
KERNEL32.dll635GetModuleHandleA
KERNEL32.dll854HeapSetInformation
KERNEL32.dll973LocalAlloc
KERNEL32.dll331EnumResourceNamesW
KERNEL32.dll327EnumResourceLanguagesW
KERNEL32.dll990LockResource
KERNEL32.dll970LoadResource
KERNEL32.dll1418SizeofResource
KERNEL32.dll411FindResourceExW
KERNEL32.dll846HeapAlloc
KERNEL32.dll576GetEnvironmentVariableW
KERNEL32.dll993MapViewOfFile
KERNEL32.dll196CreateFileMappingA
KERNEL32.dll594GetFileSize
KERNEL32.dll746GetSystemInfo
KERNEL32.dll1471UnmapViewOfFile
KERNEL32.dll978LocalFree
KERNEL32.dll429FormatMessageW
KERNEL32.dll134CloseHandle
KERNEL32.dll1343SetLastError
KERNEL32.dll203CreateFileW
KERNEL32.dll693GetProcAddress
KERNEL32.dll1555Wow64RevertWow64FsRedirection
KERNEL32.dll433FreeLibrary
KERNEL32.dll964LoadLibraryA
KERNEL32.dll379FindClose
KERNEL32.dll608GetFullPathNameW
KERNEL32.dll786GetTimeFormatEx
KERNEL32.dll803GetVersionExA
MFC42.dll6890
MFC42.dll6891
msvcrt.dll120__crtLCMapStringA
msvcrt.dll1133isupper
msvcrt.dll1201setlocale
msvcrt.dll1158malloc
msvcrt.dll107___lc_codepage_func
msvcrt.dll109___lc_handle_func
msvcrt.dll138__pctype_func
msvcrt.dll261_errno
msvcrt.dll110___mb_cur_max_func
msvcrt.dll1095fputc
msvcrt.dll151__uncaught_exception
msvcrt.dll1223strerror
msvcrt.dll137__mb_cur_max
msvcrt.dll1174memset
msvcrt.dll1172memmove
msvcrt.dll1170memcpy
msvcrt.dll1171memcpy_s
msvcrt.dll1262ungetwc
msvcrt.dll1261ungetc
msvcrt.dll1202setvbuf
msvcrt.dll1111fwrite
msvcrt.dll311_fseeki64
msvcrt.dll1107fsetpos
msvcrt.dll1083fgetpos
msvcrt.dll1061calloc
msvcrt.dll1081fflush
msvcrt.dll129__iob_func
msvcrt.dll75_CxxThrowException
msvcrt.dll1002_wsetlocale
msvcrt.dll670_purecall
msvcrt.dll1185puts
msvcrt.dll810_time64
msvcrt.dll1193realloc
msvcrt.dll381_initterm
msvcrt.dll47void __cdecl terminate(void)

?terminate@@YAXXZ

msvcrt.dll1217strchr
msvcrt.dll1245swscanf
msvcrt.dll1029_wtoi
msvcrt.dll87__C_specific_handler
msvcrt.dll295_fmode
msvcrt.dll651_mktime64
msvcrt.dll142__set_app_type
msvcrt.dll1074exit
msvcrt.dll270_exit
msvcrt.dll193_cexit
msvcrt.dll174_amsg_exit
msvcrt.dll1291wcsncmp
msvcrt.dll24public: class exception & __ptr64 __cdecl exception::operator=(class exception const & __ptr64) __ptr64

??4exception@@QEAAAEAV0@AEBV0@@Z

msvcrt.dll1189qsort_s
msvcrt.dll121__crtLCMapStringW
msvcrt.dll11public: __cdecl exception::exception(char const * __ptr64 const & __ptr64, int) __ptr64

??0exception@@QEAA@AEBQEBDH@Z

msvcrt.dll108___lc_collate_cp_func
msvcrt.dll117__crtCompareStringW
msvcrt.dll1169memcmp
msvcrt.dll1129islower
msvcrt.dll85_XcptFilter
msvcrt.dll1042abort
msvcrt.dll1259towlower
msvcrt.dll1078fclose
msvcrt.dll1082fgetc
msvcrt.dll157__wgetmainargs
msvcrt.dll1218strcmp
msvcrt.dll1168memchr
msvcrt.dll656_onexit
msvcrt.dll123__dllonexit
msvcrt.dll1106fseek
msvcrt.dll963_wfopen
msvcrt.dll916_wcsnicmp
msvcrt.dll1260towupper
msvcrt.dll1139iswdigit
msvcrt.dll1135iswalpha
msvcrt.dll1085fgetwc
msvcrt.dll1312wprintf
msvcrt.dll1109fwprintf
msvcrt.dll1300wcsstr
msvcrt.dll1100free
msvcrt.dll7public: __cdecl bad_cast::bad_cast(char const * __ptr64) __ptr64

??0bad_cast@@QEAA@PEBD@Z

msvcrt.dll15public: virtual __cdecl bad_cast::~bad_cast(void) __ptr64

??1bad_cast@@UEAA@XZ

msvcrt.dll6public: __cdecl bad_cast::bad_cast(class bad_cast const & __ptr64) __ptr64

??0bad_cast@@QEAA@AEBV0@@Z

msvcrt.dll35void __cdecl operator delete[](void * __ptr64)

??_V@YAXPEAX@Z

msvcrt.dll1222strcspn
msvcrt.dll1151localeconv
msvcrt.dll1173memmove_s
msvcrt.dll1209sprintf_s
msvcrt.dll906_wcsicmp
msvcrt.dll1184putchar
msvcrt.dll942_wctime64
msvcrt.dll1175mktime
msvcrt.dll1097fputwc
msvcrt.dll12public: __cdecl exception::exception(class exception const & __ptr64) __ptr64

??0exception@@QEAA@AEBV0@@Z

msvcrt.dll10public: __cdecl exception::exception(char const * __ptr64 const & __ptr64) __ptr64

??0exception@@QEAA@AEBQEBD@Z

msvcrt.dll17public: virtual __cdecl exception::~exception(void) __ptr64

??1exception@@UEAA@XZ

msvcrt.dll49public: virtual char const * __ptr64 __cdecl exception::what(void)const __ptr64

?what@exception@@UEBAPEBDXZ

msvcrt.dll91__CxxFrameHandler3
msvcrt.dll833_unlock
msvcrt.dll486_lock
msvcrt.dll210_commode
msvcrt.dll144__setusermatherr
msvcrt.dll18public: virtual __cdecl type_info::~type_info(void) __ptr64

??1type_info@@UEAA@XZ

ntdll.dll997RtlFreeHeap
ntdll.dll747RtlCaptureContext
ntdll.dll1235RtlLookupFunctionEntry
ntdll.dll716RtlAllocateHeap
ntdll.dll1532RtlVirtualUnwind
ntdll.dll1549RtlWow64EnableFsRedirectionEx
CRYPT32.dll61CertFreeCertificateChain
CRYPT32.dll181CryptMsgGetParam
CRYPT32.dll130CryptDecodeObject
CRYPT32.dll146CryptFindOIDInfo
CRYPT32.dll49CertFindAttribute
CRYPT32.dll71CertGetEnhancedKeyUsage
CRYPT32.dll174CryptMsgClose
CRYPT32.dll28CertCreateCertificateContext
CRYPT32.dll19CertCompareCertificate
CRYPT32.dll175CryptMsgControl
CRYPT32.dll38CertDuplicateStore
CRYPT32.dll18CertCloseStore
CRYPT32.dll36CertDuplicateCertificateChain
CRYPT32.dll135CryptEncodeObjectEx
CRYPT32.dll70CertGetCertificateContextProperty
CRYPT32.dll197CryptQueryObject
CRYPT32.dll4CertAddCertificateContextToStore
CRYPT32.dll89CertOpenStore
CRYPT32.dll44CertEnumCertificatesInStore
CRYPT32.dll118CertVerifyCertificateChainPolicy
CRYPT32.dll223CryptStringToBinaryW
CRYPT32.dll56CertFindRDNAttr
CRYPT32.dll171CryptMemFree
CRYPT32.dll236CryptVerifyMessageSignature
CRYPT32.dll182CryptMsgOpenToDecode
CRYPT32.dll185CryptMsgUpdate
CRYPT32.dll142CryptExportPublicKeyInfoEx
CRYPT32.dll123CryptAcquireCertificatePrivateKey
CRYPT32.dll75CertGetNameStringW
CRYPT32.dll55CertFindExtension
CRYPT32.dll80CertGetValidUsages
CRYPT32.dll69CertGetCertificateChain
CRYPT32.dll158CryptHashCertificate2
CRYPT32.dll108CertSetCertificateContextProperty
CRYPT32.dll124CryptBinaryToStringA
CRYPT32.dll222CryptStringToBinaryA
CRYPT32.dll125CryptBinaryToStringW
CRYPT32.dll23CertControlStore
CRYPT32.dll292PFXImportCertStore
CRYPT32.dll53CertFindCertificateInStore
CRYPT32.dll15CertAddStoreToCollection
CRYPT32.dll183CryptMsgOpenToEncode
CRYPT32.dll22CertComparePublicKeyInfo
CRYPT32.dll131CryptDecodeObjectEx
CRYPT32.dll211CryptSIPRetrieveSubjectGuid
CRYPT32.dll207CryptSIPLoad
CRYPT32.dll37CertDuplicateCertificateContext
CRYPT32.dll64CertFreeCertificateContext
USER32.dll613LoadStringW
ole32.dll140CoTaskMemFree
ole32.dll139CoTaskMemAlloc
OLEAUT32.dll6
OLEAUT32.dll200
WINTRUST.dll143WinVerifyTrust
WINTRUST.dll101WTHelperGetProvCertFromChain
WINTRUST.dll103WTHelperGetProvSignerFromChain
WINTRUST.dll108WTHelperProvDataFromStateData
SHLWAPI.dll59PathCanonicalizeW
SHLWAPI.dll175SHCreateStreamOnFileW
bcrypt.dll35BCryptHashData
bcrypt.dll13BCryptDestroyHash
bcrypt.dll27BCryptFinishHash
bcrypt.dll33BCryptGetProperty
bcrypt.dll2BCryptCloseAlgorithmProvider
bcrypt.dll39BCryptOpenAlgorithmProvider
bcrypt.dll6BCryptCreateHash
ncrypt.dll93NCryptSignHash
XmlLite.dll3CreateXmlWriter
MSSIGN32.dll27SignerSign
MSSIGN32.dll31SignerTimeStamp
MSSIGN32.dll26SignerFreeSignerContext

StringTable 040904B0

CompanyNameMicrosoft Corporation
FileDescriptionAuthenticode(R) - signing and verifying tool
FileVersion4.00 (WinBuild.160101.0800)
InternalNameSignTool
LegalCopyright© Microsoft Corporation. All rights reserved.
OriginalFilenameSIGNTOOL.EXE
ProductNameMicrosoft® Windows® Operating System
ProductVersion10.0.18362.1

VS_FIXEDFILEINFO

FileVersion10.0.18362.1
ProductVersion10.0.18362.1
StrucVersion0x10000
FileFlagsMask0x3f
FileFlags0
FileOS0x40004
FileType1
FileSubtype0

Signers (1)

issuer: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA 2010
serial: 3300000239B2B4E82A2234492F000000000239

Certificates (2)

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            33:00:00:02:39:b2:b4:e8:2a:22:34:49:2f:00:00:00:00:02:39
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Code Signing PCA 2010
        Validity
            Not Before: Jul 12 20:07:51 2018 GMT
            Not After : Aug  8 20:07:51 2019 GMT
        Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Corporation
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:a5:7d:ce:0a:9c:7b:90:52:8b:77:54:b2:e4:2c:
                    65:60:68:c5:ce:2a:c8:84:c6:d4:bd:8b:78:c5:47:
                    3e:95:03:8b:25:e2:eb:b9:13:bc:2c:6c:9c:ef:a5:
                    9a:43:98:d7:a6:d2:7e:33:80:d0:39:b5:1f:19:78:
                    98:5e:13:0b:f0:cc:29:8e:a8:6e:13:49:f7:47:02:
                    27:da:4f:ba:be:55:f0:73:24:05:36:76:a4:27:23:
                    f9:d2:94:41:38:cb:ea:2d:cc:98:b1:41:5f:25:f8:
                    a4:45:6c:2f:53:55:c6:09:04:0e:94:5f:e6:88:66:
                    80:a4:c5:9e:02:c8:90:e2:ed:14:cb:7d:89:63:85:
                    9e:3c:ab:7c:13:09:39:03:49:27:b1:5c:d5:ec:1f:
                    b4:92:e3:ce:04:05:16:f7:9f:84:54:ec:57:47:3f:
                    66:d7:93:6a:36:60:4a:25:91:ef:d8:a0:20:ab:3d:
                    d2:cc:a2:d3:69:d2:2c:3e:a2:1b:79:1c:64:aa:87:
                    c8:46:9f:9a:cd:f7:65:17:a9:ff:7c:8a:02:ee:e5:
                    d3:11:4e:8f:ce:3a:23:06:bf:c5:b1:54:08:2c:f2:
                    9d:5c:fe:10:03:b8:95:86:70:f8:5d:d1:91:46:7b:
                    07:69:d6:00:ef:f9:52:5a:f0:33:0c:cf:05:56:6c:
                    d0:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Extended Key Usage: 
                1.3.6.1.4.1.311.61.6.1, Code Signing
            X509v3 Subject Key Identifier: 
                FE:46:3B:D5:D1:5F:0D:6B:3B:C0:1D:0B:69:B0:20:D7:E5:5C:34:C3
            X509v3 Subject Alternative Name: 
                DirName:/OU=Microsoft Ireland Operations Limited/serialNumber=230865\+440983
            X509v3 Authority Key Identifier: 
                E6:FC:5F:7B:BB:22:00:58:E4:72:4E:B5:F4:21:74:23:32:E6:EF:AC
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.microsoft.com/pki/crl/products/MicCodSigPCA_2010-07-06.crl
            Authority Information Access: 
                CA Issuers - URI:http://www.microsoft.com/pki/certs/MicCodSigPCA_2010-07-06.crt
            X509v3 Basic Constraints: critical
                CA:FALSE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        73:a0:0a:a8:f9:3e:a1:a5:42:06:75:ae:06:91:b8:ed:2b:f9:
        72:33:88:80:cb:dc:46:82:ff:c8:d7:67:9e:2d:c8:4c:4c:49:
        e8:d9:2a:c8:3b:33:95:f0:08:4f:37:eb:1f:2b:ed:63:d8:ae:
        c6:b8:93:ce:ff:63:5f:77:6a:d0:34:d6:ca:e2:e1:29:83:ff:
        be:85:c9:45:ad:2a:e3:dc:6c:65:f6:21:a3:e9:f3:ae:c4:bf:
        50:a1:e6:ff:97:96:dc:c2:a1:68:a4:70:93:fb:8b:34:36:fb:
        32:53:6d:69:b4:f6:2b:c7:e8:1a:53:d3:08:ea:37:94:c9:a0:
        d8:c5:2c:ef:5f:c8:35:6c:aa:8f:25:40:cc:d2:9d:00:10:7e:
        27:e0:15:5a:2d:ce:17:a0:37:27:ac:c6:38:99:75:12:18:20:
        2a:e2:34:67:5b:53:3a:2b:dc:a5:03:95:5f:cd:cb:26:dc:d7:
        97:b6:27:dd:e5:49:ba:31:65:dc:a4:2f:aa:c6:bc:11:b5:a0:
        77:b0:b5:26:55:ab:ea:e5:20:25:38:93:d6:2c:c7:cd:68:90:
        41:4c:32:29:0a:cf:84:8c:fe:93:2e:04:fd:9b:23:e9:5d:6a:
        49:ca:c5:80:76:45:1a:39:0e:31:64:05:a9:ae:93:cd:dd:ec:
        32:52:44:fe

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            61:0c:52:4c:00:00:00:00:00:03
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2010
        Validity
            Not Before: Jul  6 20:40:17 2010 GMT
            Not After : Jul  6 20:50:17 2025 GMT
        Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Code Signing PCA 2010
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (2048 bit)
                Modulus:
                    00:e9:0e:64:50:79:67:b5:c4:e3:fd:09:00:4c:9e:
                    94:ac:f7:56:68:ea:44:d8:cf:c5:58:4f:a9:a5:76:
                    7c:6d:45:ba:d3:39:92:b4:a4:1e:f9:f9:65:82:e4:
                    17:d2:8f:fd:44:9c:08:e8:65:93:ce:2c:55:84:bf:
                    7d:08:e3:2e:2b:a8:41:2b:18:b7:a2:4b:6e:49:4c:
                    6b:15:07:de:d1:d2:c2:89:1e:71:94:cd:b5:7f:4b:
                    b4:af:08:d8:cc:88:d6:6b:17:94:3a:93:ce:26:3f:
                    ec:e6:fe:34:98:57:d5:1d:5d:49:f6:b2:2a:2e:d5:
                    85:bb:59:3f:f8:90:b4:2b:83:74:ca:2b:b3:3b:46:
                    e3:f0:46:49:c1:17:66:54:c9:1c:bd:1d:c4:55:62:
                    57:72:f8:67:b9:25:20:34:de:5d:a6:a5:95:5e:ab:
                    28:80:cd:d5:b2:9e:e5:03:b5:63:d3:b2:14:c8:c1:
                    c8:8a:26:0a:59:7f:07:ec:ff:0e:ed:80:12:35:4c:
                    12:a6:be:52:5b:f5:a6:da:e0:8b:0b:48:77:d6:85:
                    47:d5:10:b9:c6:e8:aa:ee:8b:6a:2d:05:5c:60:c6:
                    b4:2a:5b:9c:23:1c:5f:45:e3:1a:14:1e:6f:37:cb:
                    19:33:80:6a:89:4d:a3:6a:66:63:78:93:d5:30:cf:
                    95:1f
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            1.3.6.1.4.1.311.21.1: 
                ...
            X509v3 Subject Key Identifier: 
                E6:FC:5F:7B:BB:22:00:58:E4:72:4E:B5:F4:21:74:23:32:E6:EF:AC
            1.3.6.1.4.1.311.20.2: 
                .
.S.u.b.C.A
            X509v3 Key Usage: 
                Digital Signature, Certificate Sign, CRL Sign
            X509v3 Basic Constraints: critical
                CA:TRUE
            X509v3 Authority Key Identifier: 
                D5:F6:56:CB:8F:E8:A2:5C:62:68:D1:3D:94:90:5B:D7:CE:9A:18:C4
            X509v3 CRL Distribution Points: 
                Full Name:
                  URI:http://crl.microsoft.com/pki/crl/products/MicRooCerAut_2010-06-23.crl
            Authority Information Access: 
                CA Issuers - URI:http://www.microsoft.com/pki/certs/MicRooCerAut_2010-06-23.crt
            X509v3 Certificate Policies: 
                Policy: 1.3.6.1.4.1.311.46.3
                  CPS: http://www.microsoft.com/PKI/docs/CPS/default.htm
                  User Notice:
                    Explicit Text:  
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        1a:74:ef:57:4f:29:7b:c4:16:85:78:b8:50:d3:22:fc:09:9d:
        ac:82:97:f8:34:ff:2a:2c:97:95:12:e5:e4:bf:cf:bf:93:c8:
        e3:34:a9:db:81:b8:dc:1e:00:be:d2:35:6f:af:e5:7f:79:95:
        77:e5:02:d4:f1:eb:d8:cd:4e:1e:1b:61:a2:c2:5a:23:1a:f0:
        8c:a8:62:51:45:67:08:e3:3f:3c:1e:93:f8:30:85:17:c8:39:
        40:a6:d7:0e:b3:21:29:e5:a5:a1:69:8c:22:93:cc:74:98:e7:
        a1:47:43:f2:53:ac:c0:0f:30:69:7f:fe:d2:25:20:6d:6f:61:
        d3:df:07:d5:d9:72:00:2c:69:86:76:3d:51:db:a6:39:48:c9:
        37:61:6d:07:dd:53:19:cb:a7:d6:61:c2:bf:e2:83:ab:0f:e0:
        6b:9b:95:d6:7d:28:51:b0:89:4a:51:a4:9a:6c:c8:b7:1f:4a:
        1a:0e:69:a9:d7:dc:c1:7e:d1:49:70:aa:b6:ad:bb:72:47:63:
        17:fa:a6:d6:a2:a6:86:ec:a8:10:44:9b:63:b6:b2:69:89:06:
        c7:46:86:7a:18:3f:e8:c5:1d:21:d5:7b:f9:02:23:2d:c5:41:
        cb:bf:1d:4c:c8:16:ef:b1:9c:7f:fc:22:4b:49:8a:6e:15:e3:
        a6:7f:76:5b:d1:53:79:91:85:9d:d5:d2:db:3d:73:35:f3:3c:
        ae:54:b2:52:47:6a:c0:aa:13:95:d2:8e:11:da:99:67:5e:32:
        8c:fb:37:85:d1:dc:75:85:9c:87:c6:5a:57:85:c2:bf:dd:0d:
        8f:8c:9b:2d:eb:b4:ee:cf:27:d3:b5:5e:69:fa:a4:16:04:01:
        a7:24:67:73:cf:4d:4f:b6:de:05:56:97:7a:f7:e9:52:4d:f4:
        77:05:4f:85:c6:d8:0b:f1:8e:ed:42:09:d1:0d:76:e3:23:56:
        78:22:26:36:be:ca:b1:8c:6e:aa:1d:e4:85:da:47:33:62:8f:
        a4:c9:91:33:5f:71:1e:40:af:98:65:c9:22:e8:42:21:25:8a:
        1c:2d:60:d9:37:89:41:89:2a:16:0f:d7:61:3c:94:68:60:52:
        ef:d6:47:99:a0:80:40:ee:15:81:77:3e:9c:e0:53:18:1a:50:
        1d:38:95:9b:1e:66:33:13:27:39:17:78:87:36:ce:4e:c3:5f:
        b2:f5:3d:47:53:b6:e0:e5:db:0b:61:3d:2a:d7:92:2c:ce:37:
        5a:3e:40:42:31:a4:1f:10:08:c2:56:9c:bf:24:5d:51:02:9d:
        6a:79:d2:17:d3:da:c1:94:8e:07:7b:25:71:44:ab:06:6a:e6:
        d4:c6:df:23:9a:96:75:c5

undefined method `first' for #

offsetsizetypecomment
15c115HTM#
15d0404472BINoverlay data past EOF#
offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable











[?] can't find file_offset of VA 0x501b0