| filename | signed-kernel.efi | |
|---|---|---|
| size | 18440616 (0x11961a8) | |
| md5 | 5b30e4ea3ffc2a8a1ffa076a420f27ba | |
| type | PE32+ executable (EFI application) x86-64 (stripped to external PDB), for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0x80 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Sections
Data Directory
| type | va | size | |
|---|---|---|---|
| EXPORT | 0 | 0 | |
| IMPORT | 0 | 0 | |
| RESOURCE | 0 | 0 | |
| EXCEPTION | 0 | 0 | |
| SECURITY | 0x1195bc0 | 0x5e8 | |
| BASERELOC | 0xa000 | 0xa | |
| DEBUG | 0 | 0 | |
| ARCHITECTURE | 0 | 0 | |
| GLOBALPTR | 0 | 0 | |
| TLS | 0 | 0 | |
| LOAD_CONFIG | 0 | 0 | |
| Bound_IAT | 0 | 0 | |
| IAT | 0 | 0 | |
| Delay_IAT | 0 | 0 | |
| CLR_Header | 0 | 0 |
Signers (1)
issuer: /CN=lulz DB
serial: A05C7E038A0FCC4D
Certificates (1)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
a0:5c:7e:03:8a:0f:cc:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=lulz DB
Validity
Not Before: Jul 12 21:34:02 2016 GMT
Not After : Jul 10 21:34:02 2026 GMT
Subject: CN=lulz DB
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:87:07:05:bb:68:4c:40:a1:50:ff:a9:2b:90:
3f:48:04:20:45:00:09:cc:96:31:e3:db:a2:d4:7c:
7c:6c:e4:c0:6d:53:a5:a9:eb:5b:52:7e:2c:c3:65:
2e:aa:aa:e4:6b:d2:37:64:a8:5b:e3:a8:73:0e:e0:
f1:f3:ff:f5:7b:6f:a1:64:7f:ff:f6:e7:7c:b6:52:
33:86:0b:c8:52:1f:2b:d3:c8:e5:44:56:c7:46:35:
77:48:db:5c:cd:ac:24:80:84:4c:57:b4:3b:d8:5b:
48:4c:df:d4:82:01:50:51:f0:28:63:70:29:81:2b:
39:91:76:ac:85:67:43:00:65:76:b1:7c:11:1a:26:
af:ee:17:43:98:a6:a1:cc:e0:29:d5:cb:43:77:cf:
9a:d3:e0:5e:c9:12:5c:de:a6:4a:d3:54:e3:54:09:
80:79:d9:e3:d1:45:f1:3c:fd:54:21:05:b3:5f:9f:
0f:67:6d:14:35:4f:c1:2d:e6:5f:a5:38:37:ce:ef:
da:05:0d:21:54:fc:74:9e:0f:93:07:2b:31:43:f1:
04:6f:e0:51:88:8a:f5:88:4d:c7:f3:fe:a1:fe:63:
c0:86:41:76:60:60:42:eb:d5:ab:a0:d7:db:ce:56:
0c:a3:f8:4b:c9:ca:34:39:ae:7d:8e:6e:83:14:3e:
37:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:BD:40:43:5C:1D:5B:70:C8:73:03:9D:7C:4D:8B:C8:30:A6:AC:2D
X509v3 Authority Key Identifier:
keyid:7B:BD:40:43:5C:1D:5B:70:C8:73:03:9D:7C:4D:8B:C8:30:A6:AC:2D
X509v3 Basic Constraints:
CA:TRUE
Signature Algorithm: sha256WithRSAEncryption
25:b9:6d:2e:04:73:01:05:23:b9:bc:2f:8d:39:7f:05:65:03:
ef:ff:ba:a5:dc:a8:4c:cc:50:bb:0d:b8:7e:3c:ef:3a:48:a7:
5f:3e:f5:83:19:5b:23:a7:0d:15:e2:6a:28:43:54:07:f2:54:
50:77:ed:65:87:98:b1:23:94:18:d6:68:dd:71:c7:aa:bf:62:
db:b2:7c:f9:1c:9e:57:8a:9e:cf:d9:67:7c:e0:17:cf:15:70:
10:e4:cc:f7:2a:6b:1b:e6:84:bc:b7:53:8d:4f:2a:84:30:65:
5f:ac:7d:a3:c1:34:ce:2a:ad:68:76:6f:7b:7d:ab:b6:01:c8:
f6:dd:66:9a:4b:10:87:9f:3d:72:be:5b:ef:8a:c8:c0:ad:44:
b1:e5:99:e9:a5:70:3a:72:ec:0d:5e:4f:fe:8e:b5:99:e8:86:
46:1d:3b:09:32:42:13:e3:16:a2:bc:6c:d3:89:a6:5c:09:f3:
57:53:65:5d:6f:01:66:52:fc:d8:81:d3:8f:c4:c1:72:d7:88:
ec:72:fa:5a:be:c9:e3:d9:f1:c5:2a:34:ad:0b:bb:a7:a8:7d:
0e:5b:8b:42:9b:90:ff:b4:53:dd:ce:31:23:33:51:c4:14:5a:
9b:d8:ac:0e:89:fd:29:bd:d6:8a:37:c8:27:60:d5:d1:63:c1:
fe:44:fa:54No certificates in
#<struct PEdump::WIN_CERTIFICATE dwLength=0, wRevision=0, wCertificateType=nil, data=nil>
pkcs7-signedData
- 1
- SHA256: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
- :
00 3c 00 3c 00 3c 00 4f 00 62 00 73 00 6f 00 6c |.<.<.<.O.b.s.o.l| 00 65 00 74 00 65 00 3e 00 3e 00 3e |.e.t.e.>.>.> |
- :
- SHA256
2e 2d ee 32 34 6f f6 cd 26 99 a0 e9 f6 af 40 24 |.-.24o..&.....@$| 8d ea 41 02 83 38 c3 ba b1 0b 88 5f 78 82 2f f6 |..A..8....._x./.|
- 1.3.6.1.4.1.311.2.1.15
- #0
- #2
- 2
- A0:5C:7E:03:8A:0F:CC:4D
- RSA-SHA256: nil
- CN: lulz DB
- 2016-07-12 21:34:02 UTC: 2026-07-10 21:34:02 UTC
- CN: lulz DB
- #5
- rsaEncryption: nil
- A9:87:07:05:BB:68:4C:40:A1:50:FF:A9:2B:90:3F:48:
04:20:45:00:09:CC:96:31:E3:DB:A2:D4:7C:7C:6C:E4:
C0:6D:53:A5:A9:EB:5B:52:7E:2C:C3:65:2E:AA:AA:E4:
6B:D2:37:64:A8:5B:E3:A8:73:0E:E0:F1:F3:FF:F5:7B:
6F:A1:64:7F:FF:F6:E7:7C:B6:52:33:86:0B:C8:52:1F:
2B:D3:C8:E5:44:56:C7:46:35:77:48:DB:5C:CD:AC:24:
80:84:4C:57:B4:3B:D8:5B:48:4C:DF:D4:82:01:50:51:
F0:28:63:70:29:81:2B:39:91:76:AC:85:67:43:00:65:
76:B1:7C:11:1A:26:AF:EE:17:43:98:A6:A1:CC:E0:29:
D5:CB:43:77:CF:9A:D3:E0:5E:C9:12:5C:DE:A6:4A:D3:
54:E3:54:09:80:79:D9:E3:D1:45:F1:3C:FD:54:21:05:
B3:5F:9F:0F:67:6D:14:35:4F:C1:2D:E6:5F:A5:38:37:
CE:EF:DA:05:0D:21:54:FC:74:9E:0F:93:07:2B:31:43:
F1:04:6F:E0:51:88:8A:F5:88:4D:C7:F3:FE:A1:FE:63:
C0:86:41:76:60:60:42:EB:D5:AB:A0:D7:DB:CE:56:0C:
A3:F8:4B:C9:CA:34:39:AE:7D:8E:6E:83:14:3E:37:63: 0x010001
- #6
- subjectKeyIdentifier:
7b bd 40 43 5c 1d 5b 70 c8 73 03 9d 7c 4d 8b c8 |{.@C\.[p.s..|M..| 30 a6 ac 2d |0..- | - authorityKeyIdentifier:
7b bd 40 43 5c 1d 5b 70 c8 73 03 9d 7c 4d 8b c8 |{.@C\.[p.s..|M..| 30 a6 ac 2d |0..- | - basicConstraints: true
- subjectKeyIdentifier:
- RSA-SHA256:
25 b9 6d 2e 04 73 01 05 23 b9 bc 2f 8d 39 7f 05 |%.m..s..#../.9..| 65 03 ef ff ba a5 dc a8 4c cc 50 bb 0d b8 7e 3c |e.......L.P...~<| ef 3a 48 a7 5f 3e f5 83 19 5b 23 a7 0d 15 e2 6a |.:H._>...[#....j| 28 43 54 07 f2 54 50 77 ed 65 87 98 b1 23 94 18 |(CT..TPw.e...#..| d6 68 dd 71 c7 aa bf 62 db b2 7c f9 1c 9e 57 8a |.h.q...b..|...W.| 9e cf d9 67 7c e0 17 cf 15 70 10 e4 cc f7 2a 6b |...g|....p....*k| 1b e6 84 bc b7 53 8d 4f 2a 84 30 65 5f ac 7d a3 |.....S.O*.0e_.}.| c1 34 ce 2a ad 68 76 6f 7b 7d ab b6 01 c8 f6 dd |.4.*.hvo{}......| 66 9a 4b 10 87 9f 3d 72 be 5b ef 8a c8 c0 ad 44 |f.K...=r.[.....D| b1 e5 99 e9 a5 70 3a 72 ec 0d 5e 4f fe 8e b5 99 |.....p:r..^O....| e8 86 46 1d 3b 09 32 42 13 e3 16 a2 bc 6c d3 89 |..F.;.2B.....l..| a6 5c 09 f3 57 53 65 5d 6f 01 66 52 fc d8 81 d3 |.\..WSe]o.fR....| 8f c4 c1 72 d7 88 ec 72 fa 5a be c9 e3 d9 f1 c5 |...r...r.Z......| 2a 34 ad 0b bb a7 a8 7d 0e 5b 8b 42 9b 90 ff b4 |*4.....}.[.B....| 53 dd ce 31 23 33 51 c4 14 5a 9b d8 ac 0e 89 fd |S..1#3Q..Z......| 29 bd d6 8a 37 c8 27 60 d5 d1 63 c1 fe 44 fa 54 |)...7.'`..c..D.T|
- 2
- 1
- #0
- CN: lulz DB
- A0:5C:7E:03:8A:0F:CC:4D
- SHA256: nil
- #2
- contentType: 1.3.6.1.4.1.311.2.1.4
- signingTime: 2016-07-12 23:42:19 UTC
- messageDigest:
de 99 c3 8b d7 fb fc e2 68 3f b9 0a e2 92 8d 15 |........h?......| 2f e9 e3 09 92 66 71 58 ad 08 89 54 91 3a d5 4a |/....fqX...T.:.J|
- SMIME-CAPS
- AES-256-CBC
- AES-192-CBC
- AES-128-CBC
- DES-EDE3-CBC
- RC2-CBC: 0x80
- RC2-CBC: 0x40
- DES-CBC
- RC2-CBC: 0x28
- AES-256-CBC
- rsaEncryption:
05 74 6a 87 35 12 76 36 94 c2 e9 12 bd 37 d4 bf |.tj.5.v6.....7..| 08 0e 66 82 07 4b 87 33 20 f1 f6 a3 96 2f 53 ab |..f..K.3 ..../S.| 23 1f 81 24 67 5c 0c b6 f5 7b 7b 26 a1 42 b1 0c |#..$g\...{{&.B..| 86 f3 5c a0 e4 71 73 d3 86 5b 48 b4 ee da dd 58 |..\..qs..[H....X| 9e 62 42 07 28 be 25 8c a1 66 ce 49 39 ca b3 fc |.bB.(.%..f.I9...| 22 91 a1 da e7 e7 57 7a b3 f3 ce 0c e8 32 dc 9a |".....Wz.....2..| c0 26 6a 46 b3 62 0c ba 7b fe dc da 14 d0 24 52 |.&jF.b..{.....$R| 5a ea 0c 2b 6c 32 dd 8b 0e 39 78 b3 5c 25 a7 80 |Z..+l2...9x.\%..| 1d 5f 70 a5 f3 23 f3 f4 34 81 ba d1 bf de 58 53 |._p..#..4.....XS| 9b ae dc 58 29 23 a9 93 ab a8 3f fc 4b bc c6 14 |...X)#....?.K...| fa a8 c0 eb 3b fe e8 76 5e cd 5b 26 59 91 01 d2 |....;..v^.[&Y...| 4e 71 3a 24 36 0c 4e 15 c3 5e cf 50 df dd d7 4d |Nq:$6.N..^.P...M| 37 2d 55 04 57 22 23 d5 c3 86 81 49 9a ed 11 20 |7-U.W"#....I... | 32 e3 d8 88 5e bc 8d dc 6a 72 32 81 2e 07 78 d5 |2...^...jr2...x.| bb 3b bd b0 1c 7e ca b4 99 48 ec 3d 98 b1 67 35 |.;...~...H.=..g5| f9 d4 33 87 98 10 94 57 d8 e3 a1 2b d6 18 78 9a |..3....W...+..x.|
- #0
Cannot call to_der on
#<struct PEdump::WIN_CERTIFICATE dwLength=0, wRevision=0, wCertificateType=nil, data=nil>
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[!] PEdump::WIN_CERTIFICATE: too small length 0