filename | btlive.179.exe | |
---|---|---|
size | 5592880 (0x555730) | |
md5 | b44a2b786e082a17378aebe014232ee5 | |
type | PE32 executable (GUI) Intel 80386, for MS Windows, UPX compressed | |
mimetype | application/x-dosexec | |
clamav | OK | |
virustotal | → scan with virustotal.com | |
histogram |
MZ Header
signature | MZ |
bytes_in_last_block | 0x90 |
blocks_in_file | 3 |
num_relocs | 0 |
header_paragraphs | 4 |
min_extra_paragraphs | 0 |
max_extra_paragraphs | 0xffff |
ss | 0 |
sp | 0xb8 |
checksum | 0 |
ip | 0 |
cs | 0 |
reloc_table_offset | 0x40 |
overlay_number | 0 |
reserved0 | 0 |
oem_id | 0 |
oem_info | 0 |
reserved2 | 0 |
reserved3 | 0 |
reserved4 | 0 |
reserved5 | 0 |
reserved6 | 0 |
lfanew | 0xe8 |
Rich Header
lib id | version | times used |
---|---|---|
150 | 20413 | 5 |
132 | 30729 | 40 |
149 | 30729 | 17 |
123 | 50727 | 9 |
1 | 0 | 113 |
131 | 30729 | 147 |
148 | 21022 | 1 |
145 | 30729 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
This file is packed with UPX. Analysis will be incomplete without unpacking. |
Sections
name | va | vsize | raw size | flags | |
---|---|---|---|---|---|
UPX0 | 0x1000 | 0x1d000 | 0 | RWX UDATA | |
UPX1 | 0x1e000 | 0xe000 | 0xe000 | RWX IDATA | |
.rsrc | 0x2c000 | 0xc000 | 0xb200 | RW- IDATA |
Data Directory
type | va | size | |
---|---|---|---|
EXPORT | 0 | 0 | |
IMPORT | 0x36eec | 0x130 | |
RESOURCE | 0x2c000 | 0xaeec | |
EXCEPTION | 0 | 0 | |
SECURITY | 0x554198 | 0x1598 | |
BASERELOC | 0 | 0 | |
DEBUG | 0 | 0 | |
ARCHITECTURE | 0 | 0 | |
GLOBALPTR | 0 | 0 | |
TLS | 0 | 0 | |
LOAD_CONFIG | 0x2bdf8 | 0x48 | |
Bound_IAT | 0 | 0 | |
IAT | 0 | 0 | |
Delay_IAT | 0 | 0 | |
CLR_Header | 0 | 0 |
type | name | size | cp | |
---|---|---|---|---|
ICON | #1 | 20410 | 1252 | |
ICON | #2 | 9832 | 1252 | |
ICON | #3 | 4392 | 1252 | |
ICON | #4 | 2488 | 1252 | |
ICON | #5 | 1128 | 1252 | |
ICON | #6 | 4264 | 1252 | |
ICON | #7 | 1128 | 1252 | |
GROUP_ICON | #0 | 76 | 1252 | |
GROUP_ICON | #101 | 104 | 1252 | |
MANIFEST | #1 | 346 | 1252 |
module_name | hint | ord | function_name |
---|---|---|---|
KERNEL32.DLL | LoadLibraryA | ||
KERNEL32.DLL | GetProcAddress | ||
KERNEL32.DLL | VirtualProtect | ||
KERNEL32.DLL | VirtualAlloc | ||
KERNEL32.DLL | VirtualFree | ||
KERNEL32.DLL | ExitProcess | ||
COMCTL32.dll | 17 | ||
USER32.dll | MessageBoxA | ||
WS2_32.dll | 14 |
Signers (1)
issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)09/CN=VeriSign Class 3 Code Signing 2009-2 CA
serial: 36BC30562A650AFAA5AD101ECD643AB4
Certificates (4)
Certificate: Data: Version: 3 (0x2) Serial Number: 79:a2:a5:85:f9:d1:15:42:13:d9:b8:3e:f6:b6:8d:ed Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA Validity Not Before: May 1 00:00:00 2012 GMT Not After : Dec 31 23:59:59 2012 GMT Subject: C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer - G3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (1024 bit) Modulus: 00:a9:59:66:74:da:3d:8a:7d:7a:d8:fc:f5:80:44: 7b:fe:47:6a:14:55:4e:50:47:0b:ec:d3:ed:ce:f6: 38:f7:4f:69:b9:b1:f0:b6:78:82:0a:8c:76:16:67: e2:02:ad:b7:0d:a5:8a:f6:03:fc:66:d3:fc:08:2d: cc:b5:73:59:7b:89:dc:33:6e:66:5a:5e:52:37:b4: 62:d1:92:59:35:14:8b:45:ac:59:b2:4d:24:a2:98: 94:68:42:72:9f:3a:68:e2:6b:8b:9e:22:2d:f4:98: 4e:9a:c6:af:b3:e4:a0:ab:3c:28:bf:23:e1:d7:72: a4:f2:10:53:67:ae:77:af:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:FALSE X509v3 CRL Distribution Points: Full Name: URI:http://crl.verisign.com/tss-ca.crl X509v3 Extended Key Usage: critical Time Stamping Authority Information Access: OCSP - URI:http://ocsp.verisign.com X509v3 Key Usage: critical Digital Signature X509v3 Subject Alternative Name: DirName:/CN=TSA1-3 X509v3 Subject Key Identifier: B4:B7:F1:89:49:26:60:E7:65:EA:73:AE:DC:D3:38:CD:BF:57:92:6F Signature Algorithm: sha1WithRSAEncryption 1e:98:aa:27:b7:78:b5:08:b5:c9:72:6d:b7:df:c0:0e:98:a6: 35:c4:88:c9:d2:f6:6d:f1:4b:1a:fb:d5:f9:2d:99:00:9e:d1: e7:9b:8b:e1:3f:bd:39:80:0c:66:cd:07:bc:5c:98:54:a6:94: ba:10:d1:4e:8b:ab:f5:6f:65:cc:67:09:a2:80:7c:52:e8:0e: 03:d6:6b:7a:c6:05:18:ec:c8:ac:42:7c:07:2c:a7:3d:08:66: dc:00:ed:fd:94:1d:73:f2:72:98:93:b1:11:d6:8f:ef:8e:ea: ac:f4:96:51:0c:d0:8d:df:31:52:4f:5e:af:7d:a7:4a:75:e6: 4e:ce:2b:9f:29:2b:e7:cf:5d:9f:03:7e:6e:27:7b:23:ad:62: 29:66:af:92:e8:2c:ce:bd:9c:7f:dc:cd:17:3c:43:c2:09:3f: 75:45:c7:9e:e4:d7:60:7f:97:c6:e4:aa:c7:69:f5:fc:cd:74: ac:2c:b0:48:c1:50:4e:70:56:1e:b5:35:d3:8e:be:b1:ed:ac: bd:fe:0c:ec:85:7d:d5:bb:85:66:44:19:5d:9f:93:eb:82:ba: 63:9e:d3:7c:61:ff:c8:1b:d9:23:58:7f:30:a3:66:a1:39:26: 5e:92:c3:3c:cb:37:32:fa:f5:a3:8d:dc:d5:b0:a3:e9:25:36: 55:d7:81:fa
Certificate: Data: Version: 3 (0x2) Serial Number: 47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4 Signature Algorithm: sha1WithRSAEncryption Issuer: C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA Validity Not Before: Dec 4 00:00:00 2003 GMT Not After : Dec 3 23:59:59 2013 GMT Subject: C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:ca:b2:a4:cc:cd:20:af:0a:7d:89:ac:87:75: f0:b4:4e:f1:df:c1:0f:bf:67:61:bd:a3:64:1c:da: bb:f9:ca:33:ab:84:30:89:58:7e:8c:db:6b:dd:36: 9e:0f:bf:d1:ec:78:f2:77:a6:7e:6f:3c:bf:93:af: 0d:ba:68:f4:6c:94:ca:bd:52:2d:ab:48:3d:f5:b6: d5:5d:5f:1b:02:9f:fa:2f:6b:1e:a4:f7:a3:9a:a6: 1a:c8:02:e1:7f:4c:52:e3:0e:60:ec:40:1c:7e:b9: 0d:de:3f:c7:b4:df:87:bd:5f:7a:6a:31:2e:03:99: 81:13:a8:47:20:ce:31:73:0d:57:2d:cd:78:34:33: 95:12:99:12:b9:de:68:2f:aa:e6:e3:c2:8a:8c:2a: c3:8b:21:87:66:bd:83:58:57:6f:75:bf:3c:aa:26: 87:5d:ca:10:15:3c:9f:84:ea:54:c1:0a:6e:c4:fe: c5:4a:dd:b9:07:11:97:22:7c:db:3e:27:d1:1e:78: ec:9f:31:c9:f1:e6:22:19:db:c4:b3:47:43:9a:1a: 5f:a0:1e:90:e4:5e:f5:ee:7c:f1:7d:ab:62:01:8f: f5:4d:0b:de:d0:22:56:a8:95:cd:ae:88:76:ae:ee: ba:0d:f3:e4:4d:d9:a0:fb:68:a0:ae:14:3b:b3:87: c1:bb Exponent: 65537 (0x10001) X509v3 extensions: Authority Information Access: OCSP - URI:http://ocsp.verisign.com X509v3 Basic Constraints: critical CA:TRUE, pathlen:0 X509v3 CRL Distribution Points: Full Name: URI:http://crl.verisign.com/ThawteTimestampingCA.crl X509v3 Extended Key Usage: Time Stamping X509v3 Key Usage: critical Certificate Sign, CRL Sign X509v3 Subject Alternative Name: DirName:/CN=TSA2048-1-53 Signature Algorithm: sha1WithRSAEncryption 4a:6b:f9:ea:58:c2:44:1c:31:89:79:99:2b:96:bf:82:ac:01: d6:1c:4c:cd:b0:8a:58:6e:df:08:29:a3:5e:c8:ca:93:13:e7: 04:52:0d:ef:47:27:2f:00:38:b0:e4:c9:93:4e:9a:d4:22:62: 15:f7:3f:37:21:4f:70:31:80:f1:8b:38:87:b3:e8:e8:97:00: fe:cf:55:96:4e:24:d2:a9:27:4e:7a:ae:b7:61:41:f3:2a:ce: e7:c9:d9:5e:dd:bb:2b:85:3e:b5:9d:b5:d9:e1:57:ff:be:b4: c5:7e:f5:cf:0c:9e:f0:97:fe:2b:d3:3b:52:1b:1b:38:27:f7: 3f:4a
Certificate: Data: Version: 3 (0x2) Serial Number: 36:bc:30:56:2a:65:0a:fa:a5:ad:10:1e:cd:64:3a:b4 Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009-2 CA Validity Not Before: Jun 21 00:00:00 2010 GMT Not After : Jul 26 23:59:59 2013 GMT Subject: C=US, ST=California, L=San Francisco, O=BitTorrent Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, CN=BitTorrent Inc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (1024 bit) Modulus: 00:b5:77:f6:92:eb:f1:4f:6f:d7:ae:a3:0b:5f:8e: 4b:ac:23:e8:4e:65:b1:7f:4d:17:74:b2:63:05:42: 47:03:8a:ce:c5:de:11:35:07:aa:1b:cd:32:5b:11: d3:22:d7:e5:99:df:3f:5b:ad:37:8c:17:68:c2:45: 82:b0:ed:f2:41:94:57:2a:fa:3b:d7:8d:b9:8c:49: 29:07:93:f8:30:73:01:62:04:38:c5:81:d7:af:79: 75:13:08:ef:4b:b6:b2:90:38:4d:b9:74:7e:34:4f: 99:a5:a5:4a:9b:71:eb:a7:f2:de:c0:55:99:c5:87: 7f:fe:47:8c:57:1a:92:d5:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: CA:FALSE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl X509v3 Certificate Policies: Policy: 2.16.840.1.113733.1.7.23.3 CPS: https://www.verisign.com/rpa X509v3 Extended Key Usage: Code Signing Authority Information Access: OCSP - URI:http://ocsp.verisign.com CA Issuers - URI:http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer X509v3 Authority Key Identifier: keyid:97:D0:6B:A8:26:70:C8:A1:3F:94:1F:08:2D:C4:35:9B:A4:A1:1E:F2 Netscape Cert Type: Object Signing 1.3.6.1.4.1.311.2.1.27: 0....... Signature Algorithm: sha1WithRSAEncryption 46:6f:c3:87:7f:56:7b:e8:d5:8c:cb:04:74:8a:3b:6e:04:58: e6:79:9a:47:7b:68:bb:22:b9:76:34:6e:cb:ce:d0:45:b1:51: da:50:6d:53:7a:aa:c0:29:7c:62:3a:fb:68:54:40:22:5b:19: 64:40:26:2a:3f:12:53:31:00:11:99:d1:90:14:b4:90:3a:86: 63:6f:ce:d1:56:bb:98:98:90:3b:5b:a0:a6:b7:a1:2a:11:bb: c8:b4:0a:d5:e1:f2:df:0c:af:25:d9:49:87:b0:84:d2:62:93: e3:df:1e:98:12:19:c4:ab:05:3d:a8:63:8f:53:90:9b:21:93: d0:b1:9a:62:a5:82:88:b8:e3:2a:3e:bc:22:d1:d5:01:6b:df: d1:c9:74:86:5e:3c:24:01:a2:cc:69:f1:d6:79:58:9a:0c:24: 1e:96:c7:6a:0c:4d:a6:3c:4c:fd:7c:30:86:51:68:17:f2:a6: 0d:ef:20:ed:cb:c4:76:93:81:1f:ca:f9:15:fc:a3:68:1a:7e: 72:6e:12:88:b9:62:c4:ee:69:77:cf:fd:ad:48:b4:fb:5f:87: 83:0d:1f:35:b5:86:16:8a:90:20:e9:47:5c:24:fc:13:76:dd: 3a:7c:d0:0d:27:bf:53:0f:c3:15:ee:17:8b:dd:e5:19:2f:10: 21:97:d0:0c
Certificate: Data: Version: 3 (0x2) Serial Number: 65:52:26:e1:b2:2e:18:e1:59:0f:29:85:ac:22:e7:5c Signature Algorithm: sha1WithRSAEncryption Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority Validity Not Before: May 21 00:00:00 2009 GMT Not After : May 20 23:59:59 2019 GMT Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)09, CN=VeriSign Class 3 Code Signing 2009-2 CA Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:67:1d:b4:60:aa:10:49:6f:56:17:7c:66:c9: 5e:86:0d:d5:f1:ac:a7:71:83:8e:8b:89:f8:88:04: 89:15:06:ba:2d:84:21:95:e4:d1:9c:50:4c:fb:d2: 22:bd:da:f2:b2:35:3b:1e:8f:c3:09:fb:fc:13:2e: 5a:bf:89:7c:3d:3b:25:1e:f6:f3:58:7b:9c:f4:01: b5:c6:0a:b8:80:ce:be:27:74:61:67:27:4d:6a:e5: ec:81:61:58:79:a3:e0:17:10:12:15:27:b0:e1:4d: 34:7f:2b:47:20:44:b9:de:66:24:66:8a:cd:4f:ba: 1f:c5:38:c8:54:90:e1:72:f6:19:66:75:6a:b9:49: 68:cf:38:79:0d:aa:30:a8:db:2c:60:48:9e:d7:aa: 14:01:a9:83:d7:38:91:30:39:13:96:03:3a:7c:40: 54:b6:ad:e0:2f:1b:83:dc:a8:11:52:3e:02:b3:d7: 2b:fd:21:b6:a7:5c:a3:0f:0b:a9:a6:10:50:0e:34: 2e:4d:a7:ce:c9:5e:25:d4:8c:bc:f3:6e:7c:29:bc: 01:5d:fc:31:87:5a:d5:8c:85:67:58:88:19:a0:bf: 35:f0:ea:2b:a3:21:e7:90:f6:83:e5:a8:ed:60:78: 5e:7b:60:83:fd:57:0b:5d:41:0d:63:54:60:d6:43: 21:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Basic Constraints: critical CA:TRUE, pathlen:0 X509v3 Certificate Policies: Policy: 2.16.840.1.113733.1.7.23.3 CPS: https://www.verisign.com/cps User Notice: Explicit Text: https://www.verisign.com/rpa X509v3 Key Usage: critical Certificate Sign, CRL Sign 1.3.6.1.5.5.7.1.12: 0_.].[0Y0W0U..image/gif0!0.0...+..............k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif X509v3 Extended Key Usage: TLS Web Client Authentication, Code Signing Authority Information Access: OCSP - URI:http://ocsp.verisign.com X509v3 CRL Distribution Points: Full Name: URI:http://crl.verisign.com/pca3.crl X509v3 Subject Alternative Name: DirName:/CN=Class3CA2048-1-55 X509v3 Subject Key Identifier: 97:D0:6B:A8:26:70:C8:A1:3F:94:1F:08:2D:C4:35:9B:A4:A1:1E:F2 Signature Algorithm: sha1WithRSAEncryption 8b:03:c0:dd:94:d8:41:a2:61:69:b0:15:a8:78:c7:30:c6:90: 3c:7e:42:f7:24:b6:e4:83:73:17:04:7f:04:10:9c:a1:e2:fa: 81:2f:eb:c0:ca:44:e7:72:e0:50:b6:55:10:20:83:6e:96:92: e4:9a:51:6a:b4:37:31:dc:a5:2d:eb:8c:00:c7:1d:4f:e7:4d: 32:ba:85:f8:4e:be:fa:67:55:65:f0:6a:be:7a:ca:64:38:1a: 10:10:78:45:76:31:f3:86:7a:03:0f:60:c2:b3:5d:9d:f6:8b: 66:76:82:1b:59:e1:83:e5:bd:49:a5:38:56:e5:de:41:77:0e: 58:0f
pkcs7-signedData
- 1
- SHA1: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
- :
00 3c 00 3c 00 3c 00 4f 00 62 00 73 00 6f 00 6c |.<.<.<.O.b.s.o.l| 00 65 00 74 00 65 00 3e 00 3e 00 3e |.e.t.e.>.>.> |
- :
- SHA1
88 87 e8 d2 2e 93 ed de bf 88 5a 43 ff aa c6 24 |..........ZC...$| 41 3b 2f 7b |A;/{ |
- 1.3.6.1.4.1.311.2.1.15
- #0
- Certificates
- Certificate #0
- 2
- 79:A2:A5:85:F9:D1:15:42:13:D9:B8:3E:F6:B6:8D:ED
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- 2012-05-01 00:00:00 UTC: 2012-12-31 23:59:59 UTC
- Subject
- C: US
- O: Symantec Corporation
- CN: Symantec Time Stamping Services Signer - G3
- #5
- rsaEncryption: nil
- A9:59:66:74:DA:3D:8A:7D:7A:D8:FC:F5:80:44:7B:FE:
47:6A:14:55:4E:50:47:0B:EC:D3:ED:CE:F6:38:F7:4F:
69:B9:B1:F0:B6:78:82:0A:8C:76:16:67:E2:02:AD:B7:
0D:A5:8A:F6:03:FC:66:D3:FC:08:2D:CC:B5:73:59:7B:
89:DC:33:6E:66:5A:5E:52:37:B4:62:D1:92:59:35:14:
8B:45:AC:59:B2:4D:24:A2:98:94:68:42:72:9F:3A:68:
E2:6B:8B:9E:22:2D:F4:98:4E:9A:C6:AF:B3:E4:A0:AB:
3C:28:BF:23:E1:D7:72:A4:F2:10:53:67:AE:77:AF:51: 0x010001
- X509v3 extensions
- basicConstraints
- true
- nil
- crlDistributionPoints: http://crl.verisign.com/tss-ca.crl
- extendedKeyUsage: true, timeStamping
- authorityInfoAccess
- OCSP: http://ocsp.verisign.com
- keyUsage: true, 0x80
- subjectAltName
- CN: TSA1-3
- subjectKeyIdentifier:
b4 b7 f1 89 49 26 60 e7 65 ea 73 ae dc d3 38 cd |....I&`.e.s...8.| bf 57 92 6f |.W.o |
- basicConstraints
- RSA-SHA1:
1e 98 aa 27 b7 78 b5 08 b5 c9 72 6d b7 df c0 0e |...'.x....rm....| 98 a6 35 c4 88 c9 d2 f6 6d f1 4b 1a fb d5 f9 2d |..5.....m.K....-| 99 00 9e d1 e7 9b 8b e1 3f bd 39 80 0c 66 cd 07 |........?.9..f..| bc 5c 98 54 a6 94 ba 10 d1 4e 8b ab f5 6f 65 cc |.\.T.....N...oe.| 67 09 a2 80 7c 52 e8 0e 03 d6 6b 7a c6 05 18 ec |g...|R....kz....| c8 ac 42 7c 07 2c a7 3d 08 66 dc 00 ed fd 94 1d |..B|.,.=.f......| 73 f2 72 98 93 b1 11 d6 8f ef 8e ea ac f4 96 51 |s.r............Q| 0c d0 8d df 31 52 4f 5e af 7d a7 4a 75 e6 4e ce |....1RO^.}.Ju.N.| 2b 9f 29 2b e7 cf 5d 9f 03 7e 6e 27 7b 23 ad 62 |+.)+..]..~n'{#.b| 29 66 af 92 e8 2c ce bd 9c 7f dc cd 17 3c 43 c2 |)f...,.......
- 2
- Certificate #1
- 2
- 47:BF:19:95:DF:8D:52:46:43:F7:DB:6D:48:0D:31:A4
- RSA-SHA1: nil
- Issuer
- C: ZA
- ST: Western Cape
- L: Durbanville
- O: Thawte
- OU: Thawte Certification
- CN: Thawte Timestamping CA
- 2003-12-04 00:00:00 UTC: 2013-12-03 23:59:59 UTC
- Subject
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- #5
- rsaEncryption: nil
- A9:CA:B2:A4:CC:CD:20:AF:0A:7D:89:AC:87:75:F0:B4:
4E:F1:DF:C1:0F:BF:67:61:BD:A3:64:1C:DA:BB:F9:CA:
33:AB:84:30:89:58:7E:8C:DB:6B:DD:36:9E:0F:BF:D1:
EC:78:F2:77:A6:7E:6F:3C:BF:93:AF:0D:BA:68:F4:6C:
94:CA:BD:52:2D:AB:48:3D:F5:B6:D5:5D:5F:1B:02:9F:
FA:2F:6B:1E:A4:F7:A3:9A:A6:1A:C8:02:E1:7F:4C:52:
E3:0E:60:EC:40:1C:7E:B9:0D:DE:3F:C7:B4:DF:87:BD:
5F:7A:6A:31:2E:03:99:81:13:A8:47:20:CE:31:73:0D:
57:2D:CD:78:34:33:95:12:99:12:B9:DE:68:2F:AA:E6:
E3:C2:8A:8C:2A:C3:8B:21:87:66:BD:83:58:57:6F:75:
BF:3C:AA:26:87:5D:CA:10:15:3C:9F:84:EA:54:C1:0A:
6E:C4:FE:C5:4A:DD:B9:07:11:97:22:7C:DB:3E:27:D1:
1E:78:EC:9F:31:C9:F1:E6:22:19:DB:C4:B3:47:43:9A:
1A:5F:A0:1E:90:E4:5E:F5:EE:7C:F1:7D:AB:62:01:8F:
F5:4D:0B:DE:D0:22:56:A8:95:CD:AE:88:76:AE:EE:BA:
0D:F3:E4:4D:D9:A0:FB:68:A0:AE:14:3B:B3:87:C1:BB: 0x010001
- X509v3 extensions
- authorityInfoAccess
- OCSP: http://ocsp.verisign.com
- basicConstraints
- true
- true: 0
- crlDistributionPoints: http://crl.verisign.com/ThawteTimestampingCA.crl
- extendedKeyUsage: timeStamping
- keyUsage: true, 6
- subjectAltName
- CN: TSA2048-1-53
- authorityInfoAccess
- RSA-SHA1:
4a 6b f9 ea 58 c2 44 1c 31 89 79 99 2b 96 bf 82 |Jk..X.D.1.y.+...| ac 01 d6 1c 4c cd b0 8a 58 6e df 08 29 a3 5e c8 |....L...Xn..).^.| ca 93 13 e7 04 52 0d ef 47 27 2f 00 38 b0 e4 c9 |.....R..G'/.8...| 93 4e 9a d4 22 62 15 f7 3f 37 21 4f 70 31 80 f1 |.N.."b..?7!Op1..| 8b 38 87 b3 e8 e8 97 00 fe cf 55 96 4e 24 d2 a9 |.8........U.N$..| 27 4e 7a ae b7 61 41 f3 2a ce e7 c9 d9 5e dd bb |'Nz..aA.*....^..| 2b 85 3e b5 9d b5 d9 e1 57 ff be b4 c5 7e f5 cf |+.>.....W....~..| 0c 9e f0 97 fe 2b d3 3b 52 1b 1b 38 27 f7 3f 4a |.....+.;R..8'.?J|
- 2
- Certificate #2
- 2
- 36:BC:30:56:2A:65:0A:FA:A5:AD:10:1E:CD:64:3A:B4
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)09
- CN: VeriSign Class 3 Code Signing 2009-2 CA
- 2010-06-21 00:00:00 UTC: 2013-07-26 23:59:59 UTC
- Subject
- C: US
- ST: California
- L: San Francisco
- O: BitTorrent Inc
- OU: Digital ID Class 3 - Microsoft Software Validation v2
- CN: BitTorrent Inc
- #5
- rsaEncryption: nil
- B5:77:F6:92:EB:F1:4F:6F:D7:AE:A3:0B:5F:8E:4B:AC:
23:E8:4E:65:B1:7F:4D:17:74:B2:63:05:42:47:03:8A:
CE:C5:DE:11:35:07:AA:1B:CD:32:5B:11:D3:22:D7:E5:
99:DF:3F:5B:AD:37:8C:17:68:C2:45:82:B0:ED:F2:41:
94:57:2A:FA:3B:D7:8D:B9:8C:49:29:07:93:F8:30:73:
01:62:04:38:C5:81:D7:AF:79:75:13:08:EF:4B:B6:B2:
90:38:4D:B9:74:7E:34:4F:99:A5:A5:4A:9B:71:EB:A7:
F2:DE:C0:55:99:C5:87:7F:FE:47:8C:57:1A:92:D5:ED: 0x010001
- X509v3 extensions
- basicConstraints
- nil
- keyUsage: true, 0x80
- crlDistributionPoints: http://csc3-2009-2-crl.verisign.com/CSC3-2009-2.crl
- certificatePolicies
- 2.16.840.1.113733.1.7.23.3
- id-qt-cps: https://www.verisign.com/rpa
- 2.16.840.1.113733.1.7.23.3
- extendedKeyUsage: codeSigning
- authorityInfoAccess
- #0
- OCSP: http://ocsp.verisign.com
- caIssuers: http://csc3-2009-2-aia.verisign.com/CSC3-2009-2.cer
- #0
- authorityKeyIdentifier:
97 d0 6b a8 26 70 c8 a1 3f 94 1f 08 2d c4 35 9b |..k.&p..?...-.5.| a4 a1 1e f2 |.... |
- nsCertType: 0x10
- 1.3.6.1.4.1.311.2.1.27
- false: true
- basicConstraints
- RSA-SHA1:
46 6f c3 87 7f 56 7b e8 d5 8c cb 04 74 8a 3b 6e |Fo...V{.....t.;n| 04 58 e6 79 9a 47 7b 68 bb 22 b9 76 34 6e cb ce |.X.y.G{h.".v4n..| d0 45 b1 51 da 50 6d 53 7a aa c0 29 7c 62 3a fb |.E.Q.PmSz..)|b:.| 68 54 40 22 5b 19 64 40 26 2a 3f 12 53 31 00 11 |hT@"[.d@&*?.S1..| 99 d1 90 14 b4 90 3a 86 63 6f ce d1 56 bb 98 98 |......:.co..V...| 90 3b 5b a0 a6 b7 a1 2a 11 bb c8 b4 0a d5 e1 f2 |.;[....*........| df 0c af 25 d9 49 87 b0 84 d2 62 93 e3 df 1e 98 |...%.I....b.....| 12 19 c4 ab 05 3d a8 63 8f 53 90 9b 21 93 d0 b1 |.....=.c.S..!...| 9a 62 a5 82 88 b8 e3 2a 3e bc 22 d1 d5 01 6b df |.b.....*>."...k.| d1 c9 74 86 5e 3c 24 01 a2 cc 69 f1 d6 79 58 9a |..t.^<$...i..yX.| 0c 24 1e 96 c7 6a 0c 4d a6 3c 4c fd 7c 30 86 51 |.$...j.M.
- 2
- Certificate #3
- 2
- 65:52:26:E1:B2:2E:18:E1:59:0F:29:85:AC:22:E7:5C
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- OU: Class 3 Public Primary Certification Authority
- 2009-05-21 00:00:00 UTC: 2019-05-20 23:59:59 UTC
- Subject
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)09
- CN: VeriSign Class 3 Code Signing 2009-2 CA
- #5
- rsaEncryption: nil
- BE:67:1D:B4:60:AA:10:49:6F:56:17:7C:66:C9:5E:86:
0D:D5:F1:AC:A7:71:83:8E:8B:89:F8:88:04:89:15:06:
BA:2D:84:21:95:E4:D1:9C:50:4C:FB:D2:22:BD:DA:F2:
B2:35:3B:1E:8F:C3:09:FB:FC:13:2E:5A:BF:89:7C:3D:
3B:25:1E:F6:F3:58:7B:9C:F4:01:B5:C6:0A:B8:80:CE:
BE:27:74:61:67:27:4D:6A:E5:EC:81:61:58:79:A3:E0:
17:10:12:15:27:B0:E1:4D:34:7F:2B:47:20:44:B9:DE:
66:24:66:8A:CD:4F:BA:1F:C5:38:C8:54:90:E1:72:F6:
19:66:75:6A:B9:49:68:CF:38:79:0D:AA:30:A8:DB:2C:
60:48:9E:D7:AA:14:01:A9:83:D7:38:91:30:39:13:96:
03:3A:7C:40:54:B6:AD:E0:2F:1B:83:DC:A8:11:52:3E:
02:B3:D7:2B:FD:21:B6:A7:5C:A3:0F:0B:A9:A6:10:50:
0E:34:2E:4D:A7:CE:C9:5E:25:D4:8C:BC:F3:6E:7C:29:
BC:01:5D:FC:31:87:5A:D5:8C:85:67:58:88:19:A0:BF:
35:F0:EA:2B:A3:21:E7:90:F6:83:E5:A8:ED:60:78:5E:
7B:60:83:FD:57:0B:5D:41:0D:63:54:60:D6:43:21:EF: 0x010001
- X509v3 extensions
- basicConstraints
- true
- true: 0
- certificatePolicies
- 2.16.840.1.113733.1.7.23.3
- #0
- id-qt-cps: https://www.verisign.com/cps
- id-qt-unotice: https://www.verisign.com/rpa
- #0
- 2.16.840.1.113733.1.7.23.3
- keyUsage: true, 6
- 1.3.6.1.5.5.7.1.12
- image/gif
- SHA1:
8f e5 d3 1a 86 ac 8d 8e 6b c3 cf 80 6a d4 48 18 |........k...j.H.| 2c 7b 19 2e |,{.. |
- http://logo.verisign.com/vslogo.gif
- SHA1:
- image/gif
- extendedKeyUsage
- clientAuth: codeSigning
- authorityInfoAccess
- OCSP: http://ocsp.verisign.com
- crlDistributionPoints: http://crl.verisign.com/pca3.crl
- subjectAltName
- CN: Class3CA2048-1-55
- subjectKeyIdentifier:
97 d0 6b a8 26 70 c8 a1 3f 94 1f 08 2d c4 35 9b |..k.&p..?...-.5.| a4 a1 1e f2 |.... |
- basicConstraints
- RSA-SHA1:
8b 03 c0 dd 94 d8 41 a2 61 69 b0 15 a8 78 c7 30 |......A.ai...x.0| c6 90 3c 7e 42 f7 24 b6 e4 83 73 17 04 7f 04 10 |..<~B.$...s.....| 9c a1 e2 fa 81 2f eb c0 ca 44 e7 72 e0 50 b6 55 |...../...D.r.P.U| 10 20 83 6e 96 92 e4 9a 51 6a b4 37 31 dc a5 2d |. .n....Qj.71..-| eb 8c 00 c7 1d 4f e7 4d 32 ba 85 f8 4e be fa 67 |.....O.M2...N..g| 55 65 f0 6a be 7a ca 64 38 1a 10 10 78 45 76 31 |Ue.j.z.d8...xEv1| f3 86 7a 03 0f 60 c2 b3 5d 9d f6 8b 66 76 82 1b |..z..`..]...fv..| 59 e1 83 e5 bd 49 a5 38 56 e5 de 41 77 0e 58 0f |Y....I.8V..Aw.X.|
- 2
- Certificate #0
- Signer
- 1
- unnamed
- #0
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)09
- CN: VeriSign Class 3 Code Signing 2009-2 CA
- 36:BC:30:56:2A:65:0A:FA:A5:AD:10:1E:CD:64:3A:B4
- #0
- SHA1: nil
- #3
- contentType: 1.3.6.1.4.1.311.2.1.4
- 1.3.6.1.4.1.311.2.1.11: msCodeInd
- messageDigest:
5c 5a 77 43 d1 5b a0 2e 7c 88 f6 2f a1 d4 4f e8 |\ZwC.[..|../..O.| c1 1b 0c 09 |.... |
- 1.3.6.1.4.1.311.2.1.12
00 42 00 69 00 74 00 54 00 6f 00 72 00 72 00 65 |.B.i.t.T.o.r.r.e| 00 6e 00 74 |.n.t |
: www.bittorrent.com
- rsaEncryption:
81 ae 42 61 f3 3e 32 61 7b ff ef 70 94 c7 f0 4d |..Ba.>2a{..p...M| fa dc 90 57 1d f9 08 35 ef 9e 16 0a 74 5a b8 35 |...W...5....tZ.5| 59 c8 40 c3 63 2f 4f f4 74 5f 3f eb e2 7e 4f 27 |Y.@.c/O.t_?..~O'| 8d 6d 63 d2 5b 70 d6 e1 35 82 78 f8 de 0d bd ba |.mc.[p..5.x.....| d5 f8 50 03 00 4b ac 1e 09 e7 48 6d ef df eb 1f |..P..K....Hm....| 08 fe d4 16 59 22 2d f3 a8 c5 16 17 56 09 5e dd |....Y"-.....V.^.| ae 25 83 f3 d9 e5 13 fd 05 e4 87 26 a1 4a 99 8a |.%.........&.J..| b3 ba a5 c0 2e 4b 7c bc a0 4d 52 e9 a8 ea 6c 46 |.....K|..MR...lF|
- countersignature
- 1
- unnamed
- #0
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- 79:A2:A5:85:F9:D1:15:42:13:D9:B8:3E:F6:B6:8D:ED
- #0
- SHA1: nil
- #2
- contentType: pkcs7-data
- signingTime: 2012-08-15 23:56:34 UTC
- messageDigest:
6e 4c eb 97 33 83 3b 29 17 fa 79 06 b8 62 72 3a |nL..3.;)..y..br:| 81 e9 78 f8 |..x. |
- rsaEncryption:
96 4b ed dd 3e 05 bf 7e 03 d9 1d ed e7 8d 31 04 |.K..>..~......1.| 72 f0 13 71 68 6c 69 7e a3 53 ef d1 52 6d ff a0 |r..qhli~.S..Rm..| 46 36 40 c4 aa 14 e8 7b cc 59 c7 15 a5 31 f8 3f |F6@....{.Y...1.?| c5 88 9c 7d 2f 5f 83 9e 7c cd c2 90 6b 12 03 94 |...}/_..|...k...| ef 46 9d 9c 82 62 96 27 0d 11 f8 41 35 da 98 4c |.F...b.'...A5..L| c7 43 b9 e3 f0 e8 25 c9 b8 3d b3 4e d1 29 c3 92 |.C....%..=.N.)..| cc 54 b8 58 f6 90 75 5d c1 41 34 17 a7 38 3b f4 |.T.X..u].A4..8;.| 8b 0c 66 14 a3 b8 ec b2 fb 89 5c f3 0d 28 53 ef |..f.......\..(S.|
- unnamed
- 1
offset | size | type | comment | |
---|---|---|---|---|
0 | 103936 | EXE | 07/18/2011 11:56:29 | # |
15c1 | 15 | HTM | # | |
e63c | 20410 | PNG | (256 x 256) | # |
54ff4b | 13206 | ZIP | # | |
5532e1 | 9295 | BIN | overlay data past EOF | # |
Scanning the drive for archives: 1 file, 5592880 bytes (5462 KiB) -- Type = PE WARNING = Checksum error Physical Size = 5592880 CPU = x86 Characteristics = Executable 32-bit NoRelocs Created = 2011-07-18 11:56:29 Headers Size = 4096 Checksum = 128 Image Size = 229376 Section Alignment = 4096 File Alignment = 512 Code Size = 57344 Initialized Data Size = 49152 Uninitialized Data Size = 118784 Linker Version = 9.0 OS Version = 5.0 Image Version = 0.0 Subsystem Version = 5.0 Subsystem = Windows GUI DLL Characteristics = TerminalServerAware Stack Reserve = 1048576 Stack Commit = 4096 Heap Reserve = 1048576 Heap Commit = 4096 Image Base = 4194304 ---- Path = [0] Size = 5483416 Packed Size = 5483416 Virtual Size = 5483416 Offset = 103936 -- Path = [0] Type = zip WARNINGS: There are data after the end of archive Offset = 5466443 Physical Size = 13206 Tail Size = 3767 Date Time Attr Size Compressed Name ------------------- ----- ------------ ------------ ------------------------ 2011-07-27 21:48:00 ..... 7 9 EGG-INFO/top_level.txt 2011-07-27 21:48:00 ..... 8 10 EGG-INFO/requires.txt 2011-07-27 21:48:02 ..... 290 144 EGG-INFO/SOURCES.txt 2011-07-27 21:48:00 ..... 1 3 EGG-INFO/dependency_links.txt 2011-07-27 21:48:00 ..... 268 196 EGG-INFO/PKG-INFO 2011-07-27 21:48:02 ..... 1 3 EGG-INFO/zip-safe 2011-07-07 21:40:22 ..... 170 111 hoover/__init__.py 2011-07-27 21:41:20 ..... 2722 889 hoover/handlers.py 2011-07-27 21:48:02 ..... 520 234 hoover/exceptions.pyc 2011-07-27 21:48:02 ..... 2147 898 hoover/utils.pyc 2011-07-27 21:48:02 ..... 5469 2446 hoover/session.pyc 2011-07-07 21:40:22 ..... 1029 419 hoover/utils.py 2011-06-07 20:25:54 ..... 426 241 hoover/hoover_sample.py 2011-07-09 00:49:06 ..... 1568 534 hoover/input.py 2011-07-27 21:40:12 ..... 4404 1528 hoover/session.py 2011-07-27 21:48:02 ..... 2550 1034 hoover/input.pyc 2011-07-27 21:48:02 ..... 717 454 hoover/hoover_sample.pyc 2011-07-27 21:48:02 ..... 2840 1423 hoover/handlers.pyc 2011-07-27 21:48:02 ..... 386 268 hoover/__init__.pyc 2011-06-15 20:13:08 ..... 74 50 hoover/exceptions.py ------------------- ----- ------------ ------------ ------------------------ 2011-07-27 21:48:02 25597 10894 20 files Warnings: 2
Please donate some bucks to keep this site up and running: | |
Ko-fi | |
---|---|
Yandex.Money | |
Thank you! |
[?] ignoring invalid PEdump::BITMAPINFOHEADER