| filename | ADExplorer.exe | |
|---|---|---|
| size | 1259968 (0x1339c0) | |
| md5 | a9e390237a96e0c6655b1a06f8d72c6f | |
| type | PE32 executable (GUI) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | scan pending | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0x110 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 259 | 30795 | 10 |
| 261 | 30795 | 170 |
| 262 | 30795 | 1 |
| 260 | 31616 | 18 |
| 259 | 31616 | 22 |
| 257 | 30795 | 31 |
| 1 | 0 | 364 |
| 263 | 30795 | 1 |
| 260 | 30795 | 25 |
| 261 | 31616 | 59 |
| 264 | 31631 | 16 |
| 255 | 31631 | 1 |
| 151 | 0 | 2 |
| 258 | 31631 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
Data Directory
TLS
| raw start | raw end | index | callbks | zero fill | flags | |
|---|---|---|---|---|---|---|
| 0x4741e0 | 0x4741e8 | 0x481294 | 0x4605a4 | 0 | 0x300000 |
| id | lang | string |
|---|---|---|
| 117 | 1033 | Search |
| 40057 | 1033 | Properties |
| 40058 | 1033 | Compare |
| 40072 | 1033 | Connect to Active Directory |
| 40073 | 1033 | Snapshot |
| 40076 | 1033 | Forward |
| 40077 | 1033 | Back |
| 40078 | 1033 | History |
| 40085 | 1033 | Help |
| module_name | hint | ord | function_name |
|---|---|---|---|
| NETAPI32.dll | 238 | NetUserGetGroups | |
| NETAPI32.dll | 240 | NetUserGetLocalGroups | |
| RPCRT4.dll | 542 | UuidFromStringW | |
| VERSION.dll | 8 | GetFileVersionInfoW | |
| VERSION.dll | 7 | GetFileVersionInfoSizeW | |
| VERSION.dll | 16 | VerQueryValueW | |
| KERNEL32.dll | 399 | FindFirstFileExW | |
| KERNEL32.dll | 393 | FindClose | |
| KERNEL32.dll | 532 | GetConsoleOutputCP | |
| KERNEL32.dll | 1349 | SetFilePointerEx | |
| KERNEL32.dll | 609 | GetFileSizeEx | |
| KERNEL32.dll | 1169 | ReadConsoleW | |
| KERNEL32.dll | 1163 | ReadConsoleInputW | |
| KERNEL32.dll | 1307 | SetConsoleMode | |
| KERNEL32.dll | 528 | GetConsoleMode | |
| KERNEL32.dll | 977 | LCMapStringW | |
| KERNEL32.dll | 873 | HeapQueryInformation | |
| KERNEL32.dll | 876 | HeapSize | |
| KERNEL32.dll | 874 | HeapReAlloc | |
| KERNEL32.dll | 448 | FreeLibraryAndExitThread | |
| KERNEL32.dll | 1263 | ResumeThread | |
| KERNEL32.dll | 371 | ExitThread | |
| KERNEL32.dll | 260 | CreateThread | |
| KERNEL32.dll | 510 | GetConsoleCP | |
| KERNEL32.dll | 654 | GetModuleHandleExW | |
| KERNEL32.dll | 939 | IsValidCodePage | |
| KERNEL32.dll | 1479 | TlsFree | |
| KERNEL32.dll | 321 | EncodePointer | |
| KERNEL32.dll | 1269 | RtlUnwind | |
| KERNEL32.dll | 1526 | VirtualQuery | |
| KERNEL32.dll | 717 | GetProcessHeap | |
| KERNEL32.dll | 871 | HeapFree | |
| KERNEL32.dll | 867 | HeapAlloc | |
| KERNEL32.dll | 1574 | WideCharToMultiByte | |
| KERNEL32.dll | 1155 | RaiseException | |
| KERNEL32.dll | 897 | InitializeSListHead | |
| KERNEL32.dll | 561 | GetCurrentThreadId | |
| KERNEL32.dll | 557 | GetCurrentProcessId | |
| KERNEL32.dll | 1133 | QueryPerformanceCounter | |
| KERNEL32.dll | 746 | GetStartupInfoW | |
| KERNEL32.dll | 925 | IsDebuggerPresent | |
| KERNEL32.dll | 933 | IsProcessorFeaturePresent | |
| KERNEL32.dll | 1460 | TerminateProcess | |
| KERNEL32.dll | 1428 | SetUnhandledExceptionFilter | |
| KERNEL32.dll | 1493 | UnhandledExceptionFilter | |
| KERNEL32.dll | 206 | CreateEventW | |
| KERNEL32.dll | 1536 | WaitForSingleObjectEx | |
| KERNEL32.dll | 1256 | ResetEvent | |
| KERNEL32.dll | 1336 | SetEvent | |
| KERNEL32.dll | 893 | InitializeCriticalSectionAndSpinCount | |
| KERNEL32.dll | 454 | GetACP | |
| KERNEL32.dll | 687 | GetOEMCP | |
| KERNEL32.dll | 469 | GetCPInfo | |
| KERNEL32.dll | 490 | GetCommandLineA | |
| KERNEL32.dll | 994 | LoadLibraryExA | |
| KERNEL32.dll | 373 | ExpandEnvironmentStringsA | |
| KERNEL32.dll | 1594 | WriteFile | |
| KERNEL32.dll | 246 | CreateProcessW | |
| KERNEL32.dll | 426 | FindResourceW | |
| KERNEL32.dll | 999 | LoadResource | |
| KERNEL32.dll | 1019 | LockResource | |
| KERNEL32.dll | 786 | GetTempPathW | |
| KERNEL32.dll | 1243 | RemoveDirectoryW | |
| KERNEL32.dll | 1443 | SizeofResource | |
| KERNEL32.dll | 201 | CreateDirectoryW | |
| KERNEL32.dll | 447 | FreeLibrary | |
| KERNEL32.dll | 381 | FileTimeToLocalFileTime | |
| KERNEL32.dll | 556 | GetCurrentProcess | |
| KERNEL32.dll | 771 | GetSystemTimeAsFileTime | |
| KERNEL32.dll | 765 | GetSystemInfo | |
| KERNEL32.dll | 631 | GetLastError | |
| KERNEL32.dll | 1444 | Sleep | |
| KERNEL32.dll | 608 | GetFileSize | |
| KERNEL32.dll | 1079 | OutputDebugStringW | |
| KERNEL32.dll | 1039 | MultiByteToWideChar | |
| KERNEL32.dll | 762 | GetSystemDirectoryW | |
| KERNEL32.dll | 218 | CreateFileW | |
| KERNEL32.dll | 1172 | ReadFile | |
| KERNEL32.dll | 1480 | TlsGetValue | |
| KERNEL32.dll | 1478 | TlsAlloc | |
| KERNEL32.dll | 443 | FormatMessageW | |
| KERNEL32.dll | 758 | GetSystemDefaultLangID | |
| KERNEL32.dll | 817 | GetUserDefaultLangID | |
| KERNEL32.dll | 1481 | TlsSetValue | |
| KERNEL32.dll | 566 | GetDateFormatW | |
| KERNEL32.dll | 1457 | SystemTimeToTzSpecificLocalTime | |
| KERNEL32.dll | 1456 | SystemTimeToFileTime | |
| KERNEL32.dll | 810 | GetTimeFormatW | |
| KERNEL32.dll | 382 | FileTimeToSystemTime | |
| KERNEL32.dll | 812 | GetTimeZoneInformation | |
| KERNEL32.dll | 166 | CompareFileTime | |
| KERNEL32.dll | 861 | GlobalUnlock | |
| KERNEL32.dll | 805 | GetTickCount | |
| KERNEL32.dll | 1022 | MapViewOfFile | |
| KERNEL32.dll | 215 | CreateFileMappingW | |
| KERNEL32.dll | 1517 | VerifyVersionInfoW | |
| KERNEL32.dll | 1513 | VerSetConditionMask | |
| KERNEL32.dll | 283 | DecodePointer | |
| KERNEL32.dll | 290 | DeleteCriticalSection | |
| KERNEL32.dll | 854 | GlobalLock | |
| KERNEL32.dll | 148 | CloseHandle | |
| KERNEL32.dll | 850 | GlobalFree | |
| KERNEL32.dll | 295 | DeleteFileW | |
| KERNEL32.dll | 843 | GlobalAlloc | |
| KERNEL32.dll | 1496 | UnmapViewOfFile | |
| KERNEL32.dll | 602 | GetFileAttributesW | |
| KERNEL32.dll | 1330 | SetEndOfFile | |
| KERNEL32.dll | 1348 | SetFilePointer | |
| KERNEL32.dll | 892 | InitializeCriticalSection | |
| KERNEL32.dll | 989 | LeaveCriticalSection | |
| KERNEL32.dll | 651 | GetModuleFileNameW | |
| KERNEL32.dll | 325 | EnterCriticalSection | |
| KERNEL32.dll | 416 | FindNextFileW | |
| KERNEL32.dll | 170 | CompareStringW | |
| KERNEL32.dll | 611 | GetFileType | |
| KERNEL32.dll | 655 | GetModuleHandleW | |
| KERNEL32.dll | 1007 | LocalFree | |
| KERNEL32.dll | 710 | GetProcAddress | |
| KERNEL32.dll | 1002 | LocalAlloc | |
| KERNEL32.dll | 748 | GetStdHandle | |
| KERNEL32.dll | 491 | GetCommandLineW | |
| KERNEL32.dll | 995 | LoadLibraryExW | |
| KERNEL32.dll | 825 | GetVersionExW | |
| KERNEL32.dll | 1365 | SetLastError | |
| KERNEL32.dll | 588 | GetEnvironmentStringsW | |
| KERNEL32.dll | 446 | FreeEnvironmentStringsW | |
| KERNEL32.dll | 1392 | SetStdHandle | |
| KERNEL32.dll | 753 | GetStringTypeW | |
| KERNEL32.dll | 435 | FlushFileBuffers | |
| KERNEL32.dll | 1593 | WriteConsoleW | |
| KERNEL32.dll | 370 | ExitProcess | |
| USER32.dll | 332 | GetDlgItem | |
| USER32.dll | 647 | MessageBoxW | |
| USER32.dll | 890 | SetWindowPos | |
| USER32.dll | 586 | IsWindowVisible | |
| USER32.dll | 181 | DestroyWindow | |
| USER32.dll | 539 | InsertMenuItemW | |
| USER32.dll | 343 | GetFocus | |
| USER32.dll | 375 | GetMenu | |
| USER32.dll | 494 | GetWindowRect | |
| USER32.dll | 452 | GetSysColorBrush | |
| USER32.dll | 33 | CallWindowProcW | |
| USER32.dll | 609 | LoadMenuW | |
| USER32.dll | 167 | DefWindowProcW | |
| USER32.dll | 384 | GetMenuItemInfoW | |
| USER32.dll | 168 | DeferWindowPos | |
| USER32.dll | 106 | CreateDialogParamW | |
| USER32.dll | 393 | GetMessageW | |
| USER32.dll | 500 | GetWindowTextLengthW | |
| USER32.dll | 487 | GetWindowLongW | |
| USER32.dll | 89 | CopyIcon | |
| USER32.dll | 682 | PostMessageW | |
| USER32.dll | 433 | GetPropW | |
| USER32.dll | 381 | GetMenuItemCount | |
| USER32.dll | 247 | EnumChildWindows | |
| USER32.dll | 118 | CreateWindowExW | |
| USER32.dll | 171 | DeleteMenu | |
| USER32.dll | 776 | ScreenToClient | |
| USER32.dll | 455 | GetSystemMetrics | |
| USER32.dll | 639 | MessageBeep | |
| USER32.dll | 114 | CreatePopupMenu | |
| USER32.dll | 654 | MsgWaitForMultipleObjects | |
| USER32.dll | 731 | RegisterClassExW | |
| USER32.dll | 492 | GetWindowPlacement | |
| USER32.dll | 591 | LoadAcceleratorsW | |
| USER32.dll | 936 | TrackPopupMenu | |
| USER32.dll | 450 | GetSubMenu | |
| USER32.dll | 282 | GetActiveWindow | |
| USER32.dll | 910 | ShowWindow | |
| USER32.dll | 16 | BeginDeferWindowPos | |
| USER32.dll | 664 | OpenClipboard | |
| USER32.dll | 663 | OffsetRect | |
| USER32.dll | 189 | DispatchMessageW | |
| USER32.dll | 559 | IsDialogMessageW | |
| USER32.dll | 177 | DestroyIcon | |
| USER32.dll | 244 | EndPaint | |
| USER32.dll | 806 | SetCursor | |
| USER32.dll | 597 | LoadCursorW | |
| USER32.dll | 184 | DialogBoxIndirectParamW | |
| USER32.dll | 895 | SetWindowTextW | |
| USER32.dll | 242 | EndDialog | |
| USER32.dll | 791 | SendMessageW | |
| USER32.dll | 520 | InflateRect | |
| USER32.dll | 501 | GetWindowTextW | |
| USER32.dll | 77 | ClientToScreen | |
| USER32.dll | 79 | CloseClipboard | |
| USER32.dll | 232 | EmptyClipboard | |
| USER32.dll | 678 | PeekMessageW | |
| USER32.dll | 818 | SetDlgItemTextW | |
| USER32.dll | 635 | MapWindowPoints | |
| USER32.dll | 889 | SetWindowPlacement | |
| USER32.dll | 837 | SetMenuDefaultItem | |
| USER32.dll | 335 | GetDlgItemTextW | |
| USER32.dll | 782 | SendDlgItemMessageW | |
| USER32.dll | 451 | GetSysColor | |
| USER32.dll | 653 | MoveWindow | |
| USER32.dll | 560 | IsDlgButtonChecked | |
| USER32.dll | 178 | DestroyMenu | |
| USER32.dll | 821 | SetFocus | |
| USER32.dll | 940 | TranslateAcceleratorW | |
| USER32.dll | 857 | SetPropW | |
| USER32.dll | 942 | TranslateMessage | |
| USER32.dll | 599 | LoadIconW | |
| USER32.dll | 303 | GetClassNameW | |
| USER32.dll | 215 | DrawMenuBar | |
| USER32.dll | 796 | SetCapture | |
| USER32.dll | 240 | EndDeferWindowPos | |
| USER32.dll | 802 | SetClipboardData | |
| USER32.dll | 333 | GetDlgItemInt | |
| USER32.dll | 888 | SetWindowLongW | |
| USER32.dll | 67 | CheckMenuItem | |
| USER32.dll | 305 | GetClientRect | |
| USER32.dll | 588 | IsZoomed | |
| USER32.dll | 12 | AppendMenuW | |
| USER32.dll | 222 | DrawTextW | |
| USER32.dll | 66 | CheckDlgButton | |
| USER32.dll | 683 | PostQuitMessage | |
| USER32.dll | 233 | EnableMenuItem | |
| USER32.dll | 636 | MenuItemFromPoint | |
| USER32.dll | 816 | SetDlgItemInt | |
| USER32.dll | 400 | GetParent | |
| USER32.dll | 186 | DialogBoxParamW | |
| USER32.dll | 692 | PtInRect | |
| USER32.dll | 968 | UpdateWindow | |
| USER32.dll | 212 | DrawFrameControl | |
| USER32.dll | 762 | ReleaseCapture | |
| USER32.dll | 601 | LoadImageW | |
| USER32.dll | 544 | InvalidateRect | |
| USER32.dll | 73 | ChildWindowFromPoint | |
| USER32.dll | 17 | BeginPaint | |
| USER32.dll | 239 | EnableWindow | |
| GDI32.dll | 482 | ExtTextOutW | |
| GDI32.dll | 884 | SelectObject | |
| GDI32.dll | 718 | GetStockObject | |
| GDI32.dll | 931 | SetTextColor | |
| GDI32.dll | 892 | SetBkMode | |
| GDI32.dll | 701 | GetObjectW | |
| GDI32.dll | 891 | SetBkColor | |
| GDI32.dll | 409 | EndDoc | |
| GDI32.dll | 651 | GetDeviceCaps | |
| GDI32.dll | 913 | SetMapMode | |
| GDI32.dll | 941 | StartDocW | |
| GDI32.dll | 67 | CreateFontIndirectW | |
| GDI32.dll | 412 | EndPage | |
| GDI32.dll | 943 | StartPage | |
| COMDLG32.dll | 21 | PrintDlgW | |
| COMDLG32.dll | 14 | GetSaveFileNameW | |
| COMDLG32.dll | 12 | GetOpenFileNameW | |
| ADVAPI32.dll | 627 | RegEnumValueW | |
| ADVAPI32.dll | 593 | RegCloseKey | |
| ADVAPI32.dll | 671 | RegSetValueExW | |
| ADVAPI32.dll | 330 | GetSecurityDescriptorLength | |
| ADVAPI32.dll | 605 | RegCreateKeyW | |
| ADVAPI32.dll | 645 | RegOpenKeyW | |
| ADVAPI32.dll | 655 | RegQueryValueExW | |
| ADVAPI32.dll | 617 | RegDeleteValueW | |
| ADVAPI32.dll | 310 | GetLengthSid | |
| ADVAPI32.dll | 129 | ConvertStringSecurityDescriptorToSecurityDescriptorW | |
| ADVAPI32.dll | 123 | ConvertSidToStringSidW | |
| ADVAPI32.dll | 131 | ConvertStringSidToSidW | |
| ADVAPI32.dll | 121 | ConvertSecurityDescriptorToStringSecurityDescriptorW | |
| ADVAPI32.dll | 341 | GetSidIdentifierAuthority | |
| ADVAPI32.dll | 642 | RegOpenKeyExW | |
| ADVAPI32.dll | 641 | RegOpenKeyExA | |
| ADVAPI32.dll | 654 | RegQueryValueExA | |
| ADVAPI32.dll | 410 | LookupPrivilegeValueW | |
| ADVAPI32.dll | 31 | AdjustTokenPrivileges | |
| ADVAPI32.dll | 523 | OpenProcessToken | |
| ADVAPI32.dll | 328 | GetSecurityDescriptorDacl | |
| ADVAPI32.dll | 290 | GetAce | |
| ADVAPI32.dll | 261 | EqualSid | |
| ADVAPI32.dll | 344 | GetSidSubAuthorityCount | |
| ADVAPI32.dll | 502 | MapGenericMask | |
| ADVAPI32.dll | 393 | IsValidSid | |
| ADVAPI32.dll | 331 | GetSecurityDescriptorOwner | |
| ADVAPI32.dll | 343 | GetSidSubAuthority | |
| ADVAPI32.dll | 329 | GetSecurityDescriptorGroup | |
| ADVAPI32.dll | 32 | AllocateAndInitializeSid | |
| ADVAPI32.dll | 404 | LookupAccountSidW | |
| SHELL32.dll | 432 | ShellExecuteW | |
| SHELL32.dll | 9 | CommandLineToArgvW | |
| ole32.dll | 459 | StringFromGUID2 | |
| ole32.dll | 40 | CoCreateInstance | |
| ole32.dll | 142 | CoUninitialize | |
| ole32.dll | 156 | CreateBindCtx | |
| ole32.dll | 93 | CoInitialize | |
| ole32.dll | 259 | IIDFromString | |
| OLEAUT32.dll | 23 | ||
| OLEAUT32.dll | 184 | ||
| OLEAUT32.dll | 185 | ||
| OLEAUT32.dll | 8 | ||
| OLEAUT32.dll | 19 | ||
| OLEAUT32.dll | 20 | ||
| OLEAUT32.dll | 6 | ||
| OLEAUT32.dll | 150 | ||
| OLEAUT32.dll | 2 | ||
| OLEAUT32.dll | 94 | ||
| OLEAUT32.dll | 7 | ||
| OLEAUT32.dll | 12 | ||
| OLEAUT32.dll | 9 | ||
| OLEAUT32.dll | 25 | ||
| COMCTL32.dll | 94 | ImageList_EndDrag | |
| COMCTL32.dll | 133 | PropertySheetW | |
| COMCTL32.dll | 14 | CreateToolbarEx | |
| COMCTL32.dll | 87 | ImageList_DragLeave | |
| COMCTL32.dll | 17 | ||
| COMCTL32.dll | 90 | ImageList_Draw | |
| COMCTL32.dll | 83 | ImageList_Create | |
| COMCTL32.dll | 86 | ImageList_DragEnter | |
| COMCTL32.dll | 111 | ImageList_ReplaceIcon | |
| COMCTL32.dll | 88 | ImageList_DragMove | |
| COMCTL32.dll | 80 | ImageList_BeginDrag | |
| COMCTL32.dll | 9 | CreatePropertySheetPageW | |
| COMCTL32.dll | 12 | CreateStatusWindowW | |
| ACTIVEDS.dll | 20 | ||
| ACTIVEDS.dll | 15 | ||
| ACTIVEDS.dll | 12 | ||
| ACTIVEDS.dll | 13 | ||
| ACTIVEDS.dll | 7 | ||
| ACTIVEDS.dll | 9 | ||
| WLDAP32.dll | 118 | ||
| WLDAP32.dll | 13 | ||
| WLDAP32.dll | 88 | ||
| WLDAP32.dll | 145 | ||
| WLDAP32.dll | 155 | ||
| WLDAP32.dll | 14 | ||
| WLDAP32.dll | 188 | ||
| WLDAP32.dll | 73 |
StringTable 040904b0
| CompanyName | Sysinternals - www.sysinternals.com |
| FileDescription | Active Directory Editor |
| FileVersion | 1.52 |
| InternalName | AdExp |
| LegalCopyright | Copyright © 2007-2022 Mark Russinovich |
| OriginalFilename | AdExp |
| ProductName | Sysinternals ADExplorer |
| ProductVersion | 1.52 |
VS_FIXEDFILEINFO
| FileVersion | 1.52.0.0 |
| ProductVersion | 1.52.0.0 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0x17 |
| FileFlags | 0 |
| FileOS | 4 |
| FileType | 0 |
| FileSubtype | 0 |
Signers (1)
issuer: /C=US/ST=Washington/L=Redmond/O=Microsoft Corporation/CN=Microsoft Code Signing PCA 2011
serial: 33000002CC8EB596A6BDD1C94E0000000002CC
Certificates (2)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:00:00:02:cc:8e:b5:96:a6:bd:d1:c9:4e:00:00:00:00:02:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Code Signing PCA 2011
Validity
Not Before: May 12 20:46:01 2022 GMT
Not After : May 11 20:46:01 2023 GMT
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Corporation
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a2:4d:b1:ec:eb:c6:c0:0e:f3:6e:77:de:cd:cd:
c7:4f:d3:38:74:99:1a:f8:56:90:ef:eb:c2:a8:6e:
34:05:c9:b5:40:b9:58:22:20:d7:fd:68:6d:b3:42:
d5:8a:36:8e:be:d9:7d:88:c7:ae:4a:19:c0:57:b9:
9c:84:8b:4a:01:50:00:06:9c:87:b9:3b:9a:bf:63:
42:23:d1:6c:03:c8:c5:9a:55:a7:76:4d:ee:2b:d4:
48:9c:dc:75:87:51:f8:a2:36:31:74:11:31:ca:83:
7a:9a:ec:30:b2:52:ac:2c:47:da:b9:49:a5:ee:1e:
56:02:c0:cf:a6:e7:d3:65:de:32:a7:62:72:8b:2d:
fc:e1:97:5d:f0:22:65:7d:0c:5f:0d:ef:a0:0d:91:
1c:8a:e8:16:28:73:d2:3a:84:71:76:30:24:d0:61:
66:d0:e1:f5:e0:cc:a8:60:ce:3e:33:79:a6:d6:81:
fb:be:64:90:a2:14:b9:28:82:f7:34:45:56:f4:c7:
70:ed:cb:13:1b:97:fd:de:e3:91:2e:fa:c9:ff:c7:
a1:15:c1:b2:59:56:fb:50:61:c9:9d:18:5d:72:01:
88:6d:f8:99:cd:99:6c:00:c4:bf:0c:80:73:33:c4:
47:28:63:54:35:26:db:2d:89:8d:fe:bb:7b:a5:18:
cb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Extended Key Usage:
1.3.6.1.4.1.311.76.8.1, Code Signing
X509v3 Subject Key Identifier:
88:B8:47:8D:32:96:CC:8A:95:22:9F:AC:33:6A:CE:1C:7D:75:AD:F4
X509v3 Subject Alternative Name:
DirName:/OU=Microsoft Operations Puerto Rico/serialNumber=230012\+470529
X509v3 Authority Key Identifier:
48:6E:64:E5:50:05:D3:82:AA:17:37:37:22:B5:6D:A8:CA:75:02:95
X509v3 CRL Distribution Points:
Full Name:
URI:http://www.microsoft.com/pkiops/crl/MicCodSigPCA2011_2011-07-08.crl
Authority Information Access:
CA Issuers - URI:http://www.microsoft.com/pkiops/certs/MicCodSigPCA2011_2011-07-08.crt
X509v3 Basic Constraints: critical
CA:FALSE
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
78:0f:03:b0:e0:07:4b:9d:cc:4c:81:d8:bb:c6:db:5e:b3:ba:
c9:0b:51:0f:a2:5f:c8:c5:9e:5d:a2:ee:dc:d7:3c:3c:39:c5:
73:57:9f:62:af:c5:dc:c1:b1:fd:a8:b0:35:b7:2c:27:63:14:
ec:12:8d:59:33:f9:25:05:41:03:61:8d:21:e4:77:99:27:17:
aa:73:ac:bf:55:ea:5c:fb:d9:78:84:83:55:62:da:05:0c:dc:
78:8b:5d:23:08:28:e8:1d:77:bf:19:64:91:26:0c:bc:1d:03:
af:76:30:ef:f5:bd:53:85:a4:e4:af:d1:0c:e9:c8:1a:f9:8a:
a8:a8:b7:03:0c:b1:95:5d:66:a5:e7:f2:ef:6f:45:29:a5:93:
ed:e7:41:77:72:38:fa:19:5d:31:8f:2c:75:f0:cf:8d:64:6d:
27:38:cc:8d:76:6c:e3:53:94:3b:0b:47:71:c3:da:ce:38:c2:
ec:a9:dd:ce:f6:47:c7:fd:15:58:bf:27:d0:d4:ff:e3:4e:2f:
7e:d9:d7:2a:27:cc:66:44:b8:a7:6b:01:de:82:be:ea:40:9c:
b3:25:ac:81:2f:f7:79:81:b0:d4:57:b8:30:e9:e2:9f:54:61:
82:b5:b5:ac:73:ce:0c:94:c6:01:43:a6:5b:8c:1c:dd:0e:8a:
2a:bd:b3:bd:ee:ec:30:36:5e:f6:d7:f2:96:89:cf:c2:19:3d:
ef:5a:d7:f2:a1:b0:e8:b9:2b:18:5b:f7:d4:82:5e:25:27:bf:
69:46:c6:75:40:cf:91:ba:c0:05:b5:6f:3c:49:60:a2:3e:5e:
3f:74:44:ab:1e:63:75:f9:10:c3:bb:4e:75:69:21:9f:48:c3:
52:1d:ae:41:e9:fd:02:d8:f7:46:42:72:1e:e4:74:19:4b:09:
54:c5:85:25:d9:08:3b:f8:05:c3:3a:0e:1a:51:cd:b2:6c:6f:
a4:03:55:f3:af:f5:aa:06:f5:a1:95:dd:ad:44:69:cc:9a:79:
dc:cb:03:68:16:3f:a7:13:9c:27:40:af:83:ab:96:b3:79:10:
5a:02:a4:e5:a0:73:be:c5:fd:e4:1c:dd:22:d1:d3:a5:53:2d:
54:f5:b8:ab:8d:57:12:f6:c5:99:43:f5:9f:aa:0b:e6:b7:4d:
76:b4:cc:8f:f1:d7:31:19:35:28:29:2c:6b:1d:55:c6:8d:ea:
bf:ed:77:70:2b:19:01:a4:0d:68:80:2f:b7:92:ef:92:c8:59:
90:36:48:3f:ff:f4:1e:7a:bb:36:75:9e:61:1d:f3:e2:81:62:
c3:d3:76:9f:76:db:f5:b6:90:5a:e5:8f:b3:01:b4:0e:af:58:
4f:d9:1b:f8:2b:38:a8:82Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:0e:90:d2:00:00:00:00:00:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Root Certificate Authority 2011
Validity
Not Before: Jul 8 20:59:09 2011 GMT
Not After : Jul 8 21:09:09 2026 GMT
Subject: C=US, ST=Washington, L=Redmond, O=Microsoft Corporation, CN=Microsoft Code Signing PCA 2011
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Modulus:
00:ab:f0:fa:72:10:1c:2e:ad:d8:6e:aa:82:10:4d:
34:ba:f2:b6:58:21:9f:42:1b:2a:6b:e9:5a:50:aa:
b8:06:38:1a:04:49:ba:7f:c3:0c:1e:dd:37:6b:c6:
12:d8:0b:f0:38:c2:99:06:b0:c8:39:d5:01:14:31:
42:d3:89:0d:79:64:87:7e:94:60:24:6c:af:9e:49:
9c:e9:68:5e:d2:df:9b:53:b2:0a:2c:c3:af:d9:a9:
2b:ae:7a:09:af:d7:96:59:ca:60:1a:05:e9:66:76:
e8:32:52:26:12:2f:e7:ab:08:50:cf:b3:44:b7:5d:
d8:c4:2e:03:75:ab:68:f3:cb:6d:f3:3a:5c:a1:16:
f4:46:ba:e0:38:64:ac:6e:64:35:78:a6:a0:63:0f:
2d:d3:40:93:f8:e3:de:07:0d:d5:5c:79:a5:49:29:
e7:0d:be:a0:13:77:be:94:3d:ef:fb:e3:2b:5a:10:
1f:4d:56:28:a2:7a:72:e0:12:3a:b7:49:5e:d8:ed:
ed:43:91:83:d9:7b:b2:7b:86:1b:d9:3e:b1:8c:5d:
e8:89:4f:84:1a:f2:a1:2f:59:e4:90:3b:2d:ae:33:
58:c5:b7:3e:fe:32:d3:b3:03:3d:b1:b2:af:92:38:
7e:d2:9d:80:2c:f5:4e:56:91:21:35:25:c3:39:6e:
64:7f:53:ba:9c:0f:ad:19:23:84:cb:f4:ba:03:86:
8d:f7:5f:f0:d0:52:bf:8c:94:87:bc:c0:21:74:25:
5f:18:28:b6:cc:27:28:38:25:98:39:4a:36:cf:7c:
b1:92:ae:1c:23:a7:a9:66:ec:61:1f:6a:e1:28:49:
9d:5f:88:e2:25:5d:d3:21:4b:3e:52:c4:b5:57:3f:
24:03:f0:d1:7a:5b:2f:d5:23:e3:70:5d:0f:51:46:
77:b3:f8:00:e1:bc:ac:02:82:5f:db:c0:15:b3:bd:
1b:d4:55:4b:e7:39:a1:0f:e9:23:49:bc:18:b8:44:
7c:45:e4:c1:c3:72:7a:e0:72:e7:24:df:bf:46:99:
c5:ef:c2:1c:57:db:83:8d:ec:4d:49:30:a7:ab:8e:
df:ec:5b:9f:af:fc:dd:b0:66:e2:c1:97:81:7b:ed:
d6:ed:4b:e7:49:29:a7:13:28:a6:a7:7d:67:80:e6:
8a:62:78:5f:b2:2f:84:d7:57:9c:5c:bf:77:28:28:
f1:ed:6d:c3:28:8f:2c:8f:40:37:4f:c1:e1:85:44:
89:c4:09:4c:c5:d4:a5:43:2f:74:95:f7:6e:f8:78:
20:58:2c:13:5d:60:95:9a:3e:4f:33:84:da:b0:88:
17:de:9e:4e:f4:96:b0:bc:46:a0:6c:98:d2:e0:d6:
88:8c:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
1.3.6.1.4.1.311.21.1:
...
X509v3 Subject Key Identifier:
48:6E:64:E5:50:05:D3:82:AA:17:37:37:22:B5:6D:A8:CA:75:02:95
1.3.6.1.4.1.311.20.2:
.
.S.u.b.C.A
X509v3 Key Usage:
Digital Signature, Certificate Sign, CRL Sign
X509v3 Basic Constraints: critical
CA:TRUE
X509v3 Authority Key Identifier:
72:2D:3A:02:31:90:43:B9:14:05:4E:E1:EA:A7:C7:31:D1:23:89:34
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.microsoft.com/pki/crl/products/MicRooCerAut2011_2011_03_22.crl
Authority Information Access:
CA Issuers - URI:http://www.microsoft.com/pki/certs/MicRooCerAut2011_2011_03_22.crt
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.311.46.3
CPS: http://www.microsoft.com/pkiops/docs/primarycps.htm
User Notice:
Explicit Text:
Signature Algorithm: sha256WithRSAEncryption
Signature Value:
67:f2:86:a5:98:e0:54:79:1a:2e:d3:d8:74:67:22:9b:0b:96:
11:e1:63:92:99:42:96:7d:d2:79:0c:90:c1:65:5f:2e:2c:3e:
f8:c3:72:d1:6d:83:fe:be:3f:e8:0a:ca:3b:bf:47:a9:a3:f3:
69:db:63:bf:22:35:a5:97:5d:65:84:90:7d:8b:46:50:55:d8:
0c:92:7c:d2:1a:4b:1c:f3:3c:42:8b:52:d0:b0:fd:6b:e3:3e:
07:2e:29:9b:e6:3d:1b:a5:d4:b5:1d:77:94:39:e2:e9:64:c9:
44:3d:78:7a:23:f3:13:7d:a6:90:74:83:8d:f4:cb:26:02:46:
2a:c2:8a:10:bb:a4:a9:05:0c:9b:ed:68:fa:68:2e:95:a0:2a:
3f:2a:6b:58:49:63:1f:09:69:6e:5a:98:96:e4:83:f4:c0:8f:
f3:46:2b:de:fc:3b:d0:bd:35:ef:6e:25:ae:e5:af:27:ed:d0:
dd:f3:0e:af:99:28:97:98:4d:0e:3d:0b:f2:08:89:d6:1f:c3:
32:18:e2:f0:c5:2d:ce:5b:9e:b4:49:39:0a:c6:0a:c2:c6:ad:
ae:e5:b2:d9:db:15:88:51:45:58:38:32:71:27:1a:7f:b1:f4:
27:f8:de:2c:3a:20:69:98:b2:59:89:68:6e:6f:a7:b7:74:c3:
40:05:06:a6:01:2a:28:3e:82:3f:13:4d:66:0b:c0:b3:4d:f5:
e1:8f:7f:1c:6f:15:7d:45:a7:76:e5:40:2a:65:a3:c3:5d:52:
62:86:c3:1d:63:36:97:86:df:da:f3:f8:f2:16:a1:9a:27:e1:
cd:a5:97:d0:ee:5d:63:41:e3:5b:07:9c:87:3e:06:77:06:d1:
06:b1:75:1f:14:be:61:61:b5:f0:dc:c6:1b:04:be:df:41:c7:
0e:28:ee:de:65:2f:ec:97:f6:a1:5c:96:d8:00:d6:a1:46:bd:
59:f3:97:a5:09:4b:48:10:99:80:1f:d0:00:29:c5:b1:9b:a5:
3f:45:77:1e:35:c6:d2:a2:a2:9f:7a:7a:22:fa:48:95:1f:ab:
fb:47:23:80:f5:9e:f8:bf:6b:b7:4b:97:e2:eb:75:78:1a:ec:
ea:37:99:79:18:4b:ff:d6:b3:23:68:75:e6:af:fa:fc:8b:eb:
0b:80:ea:69:3b:af:fc:30:ed:04:4c:8e:df:df:75:6d:63:91:
3d:d1:9d:56:4e:4f:bf:80:57:22:a1:78:11:32:21:7a:ef:41:
0a:b1:3f:fb:a8:cc:a4:5d:c1:a1:88:9b:57:71:56:4e:48:45:
c0:42:c9:9b:76:5b:0a:80:48:6b:fd:79:9f:c1:bd:6d:6d:6a:
c9:52:73:13:0d:7a:50:cdundefined method `first' for #
| offset | size | type | comment | |
|---|---|---|---|---|
| 0 | 1249792 | EXE | 11/28/2022 16:21:00 | # |
| 15c1 | 15 | HTM | # | |
| 131200 | 10176 | PKCS7 | Authenticode Signature | # |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] can't find file_offset of VA 0x81294