TubeBox_Setup_Eng.exe - KBM2.exe

info
MZ
PE
resources
strings
imports
foremost
version info
signature
hexdump
disasm
log
discuss
donate

filename	TubeBox_Setup_Eng.exe
size	535672 (0x82c78)
md5	b71be763ad3578fc389f3249e929e111

type	PE32 executable (GUI) Intel 80386, for MS Windows
mimetype	application/x-dosexec

clamav	OK
virustotal	→ scan with virustotal.com

histogram

MZ Header

signature	MZ
bytes_in_last_block	0x90
blocks_in_file	3
num_relocs	0
header_paragraphs	4
min_extra_paragraphs	0
max_extra_paragraphs	0xffff
ss	0
sp	0xb8
checksum	0
ip	0
cs	0
reloc_table_offset	0x40
overlay_number	0
reserved0	0
oem_id	0
oem_info	0
reserved2	0
reserved3	0
reserved4	0
reserved5	0
reserved6	0
lfanew	0xf0

Rich Header

lib id	version	times used
132	30729	1
131	30729	17
158	40219	27
170	40219	182
171	40219	170
147	30729	37
1	0	607
175	40219	30
154	40219	1
157	40219	1

DOS stub

00000000: 0e 1f ba 0e 00 b4 09 cd  21 b8 01 4c cd 21 54 68  |........!..L.!Th|
00000010: 69 73 20 70 72 6f 67 72  61 6d 20 63 61 6e 6e 6f  |is program canno|
00000020: 74 20 62 65 20 72 75 6e  20 69 6e 20 44 4f 53 20  |t be run in DOS |
00000030: 6d 6f 64 65 2e 0d 0d 0a  24 00 00 00 00 00 00 00  |mode....$.......|

PE Header

Signature	PE
Machine	0x14c
NumberOfSections	5
TimeDateStamp	0x50eb4216
PointerToSymbolTable	0
NumberOfSymbols	0
SizeOfOptionalHeader	0xe0
Characteristics	0x102
Magic	0x10b
LinkerVersion	10.0
SizeOfCode	0x54c00
SizeOfInitializedData	0x2ce00
SizeOfUninitializedData	0
AddressOfEntryPoint	0x397cb
BaseOfCode	0x1000
BaseOfData	0x56000
ImageBase	0x400000
SectionAlignment	0x1000
FileAlignment	0x200
OperatingSystemVersion	5.1
ImageVersion	0.0
SubsystemVersion	5.1
Reserved1	0
SizeOfImage	0x89000
SizeOfHeaders	0x400
CheckSum	0x89fa0
Subsystem	2
DllCharacteristics	0x8140
SizeOfStackReserve	0x100000
SizeOfStackCommit	0x1000
SizeOfHeapReserve	0x100000
SizeOfHeapCommit	0x1000
LoaderFlags	0
NumberOfRvaAndSizes	0x10

Packer / Compiler

MS Visual C++ v8.0

Sections

name	va	vsize	raw size	flags
.text	0x1000	0x54b62	0x54c00	R-X CODE
.rdata	0x56000	0x173c6	0x17400	R-- IDATA
.data	0x6e000	0x7c4c	0x3600	RW- IDATA
.rsrc	0x76000	0x5ee8	0x6000	R-- IDATA
.reloc	0x7c000	0xc2ae	0xc400	R-- IDATA DISCARDABLE

Data Directory

type	va	size
EXPORT	0	0
IMPORT	0x6af30	0x17c
RESOURCE	0x76000	0x5ee8
EXCEPTION	0	0
SECURITY	0x81e00	0xe78
BASERELOC	0x7c000	0x62a4
DEBUG	0	0
ARCHITECTURE	0	0
GLOBALPTR	0	0
TLS	0	0
LOAD_CONFIG	0x61940	0x40
Bound_IAT	0	0
IAT	0x56000	0x6bc
Delay_IAT	0	0
CLR_Header	0	0

show previews

type	name	size	cp
CURSOR	#2	308	1252
CURSOR	#3	180	1252
CURSOR	#4	308	1252
CURSOR	#5	308	1252
CURSOR	#6	308	1252
CURSOR	#7	308	1252
CURSOR	#8	308	1252
CURSOR	#9	308	1252
CURSOR	#10	308	1252
CURSOR	#11	308	1252
CURSOR	#12	308	1252
CURSOR	#13	308	1252
CURSOR	#14	308	1252
CURSOR	#15	308	1252
CURSOR	#16	308	1252
CURSOR	#17	308	1252
BITMAP	#30994	184	1252
BITMAP	#30996	324	1252
ICON	#1	5220	1252
DIALOG	#102	230	1252
DIALOG	#133	268	1252
DIALOG	#30721	232	1252
DIALOG	#30734	52	1252
STRING	#3841	130	1252
STRING	#3842	42	1252
STRING	#3843	388	1252
STRING	#3857	1254	1252
STRING	#3858	612	1252
STRING	#3859	730	1252
STRING	#3860	138	1252
STRING	#3865	172	1252
STRING	#3866	222	1252
STRING	#3867	1192	1252
STRING	#3868	552	1252
STRING	#3869	44	1252
STRING	#3887	1340	1252
RCDATA	IDR_TEXTDATA	17	1252
GROUP_CURSOR	#30977	34	1252
GROUP_CURSOR	#30998	20	1252
GROUP_CURSOR	#30999	20	1252
GROUP_CURSOR	#31000	20	1252
GROUP_CURSOR	#31001	20	1252
GROUP_CURSOR	#31002	20	1252
GROUP_CURSOR	#31003	20	1252
GROUP_CURSOR	#31004	20	1252
GROUP_CURSOR	#31005	20	1252
GROUP_CURSOR	#31006	20	1252
GROUP_CURSOR	#31007	20	1252
GROUP_CURSOR	#31008	20	1252
GROUP_CURSOR	#31009	20	1252
GROUP_CURSOR	#31010	20	1252
GROUP_CURSOR	#31011	20	1252
GROUP_ICON	IDR_MAINICO	20	1252
GROUP_ICON	#128	20	1252
VERSION	#1	740	1252
HTML	#104	453	1252
MANIFEST	#1	1514	1252

id	lang	string
61440	1033	Open
61441	1033	Save As
61442	1033	All Files (.)
61443	1033	Untitled
61446	1033	an unnamed file
61457	1033	&Hide
61472	1033	No error message is available.
61473	1033	Attempted an unsupported operation.
61474	1033	A required resource was unavailable.
61475	1033	Out of memory.
61476	1033	An unknown error has occurred.
61477	1033	Encountered an improper argument.
61696	1033	Incorrect filename.
61697	1033	Failed to open document.
61698	1033	Failed to save document.
61699	1033	Save changes to %1?
61700	1033	Failed to create empty document.
61701	1033	The file is too large to open.
61702	1033	Could not start print job.
61703	1033	Failed to launch help.
61704	1033	Internal application error.
61705	1033	Command failed.
61706	1033	Insufficient memory to perform operation.
61707	1033	System registry entries have been removed and the INI file (if any) was deleted.
61708	1033	Not all of the system registry entries (or INI file) were removed.
61709	1033	This program requires the file %s, which was not found on this system.
61710	1033	This program is linked to the missing export %s in the file %s. This machine may have an incompatible version of %s.
61712	1033	Enter an integer.
61713	1033	Enter a number.
61714	1033	Enter an integer between %1 and %2.
61715	1033	Enter a number between %1 and %2.
61716	1033	Enter no more than %1 characters.
61717	1033	Select a button.
61718	1033	Enter an integer between 0 and 255.
61719	1033	Enter a positive integer.
61720	1033	Enter a date and/or time.
61721	1033	Enter a currency.
61722	1033	Enter a GUID.
61723	1033	Enter a time.
61724	1033	Enter a date.
61728	1033	Unexpected file format.
61729	1033	%1 Cannot find this file. Verify that the correct path and file name are given.
61730	1033	Destination disk drive is full.
61731	1033	Unable to read from %1, it is opened by someone else.
61732	1033	Unable to write to %1, it is read-only or opened by someone else.
61733	1033	Encountered an unexpected error while reading %1.
61734	1033	Encountered an unexpected error while writing %1.
61744	1033	%1: %2 Continue running script?
61745	1033	Dispatch exception: %1
61836	1033	Unable to read write-only property.
61837	1033	Unable to write read-only property.
61840	1033	Unable to load mail system support.
61841	1033	Mail system DLL is invalid.
61842	1033	Send Mail failed to send message.
61856	1033	No error occurred.
61857	1033	An unknown error occurred while accessing %1.
61858	1033	%1 was not found.
61859	1033	%1 contains an incorrect path.
61860	1033	Could not open %1 because there are too many open files.
61861	1033	Access to %1 was denied.
61862	1033	An incorrect file handle was associated with %1.
61863	1033	Could not remove %1 because it is the current directory.
61864	1033	Could not create %1 because the directory is full.
61865	1033	Seek failed on %1
61866	1033	Encountered a hardware I/O error while accessing %1.
61867	1033	Encountered a sharing violation while accessing %1.
61868	1033	Encountered a locking violation while accessing %1.
61869	1033	Disk full while accessing %1.
61870	1033	Attempted to access %1 past its end.
61872	1033	No error occurred.
61873	1033	An unknown error occurred while accessing %1.
61874	1033	Attempted to write to the reading %1.
61875	1033	Attempted to access %1 past its end.
61876	1033	Attempted to read from the writing %1.
61877	1033	%1 has a bad format.
61878	1033	%1 contained an unexpected object.
61879	1033	%1 contains an incorrect schema.
61888	1033	pixels
62177	1033	Uncheck
62178	1033	Check
62179	1033	Mixed
62180	1033	One or more auto-saved documents were found.
62181	1033	These are more recently saved than the currently open documents and contain changes that were made before the application closed.
62182	1033	Do you want to recover these auto-saved documents?
62183	1033	Note that if you choose to recover the auto-saved documents, you must explicitly save them to overwrite the original documents. If you choose to not recover the auto-saved versions, they will be deleted.
62184	1033	Recover the auto-saved documents Open the auto-saved versions instead of the explicitly saved versions
62185	1033	Don't recover the auto-saved documents Use the last explicitly saved versions of the documents
62186	1033	%s [Recovered]

module_name	hint	ord	function_name
WININET.dll	155		InternetQueryDataAvailable
WININET.dll	154		InternetOpenW
WININET.dll	153		InternetOpenUrlW
WININET.dll	159		InternetReadFile
WININET.dll	98		InternetAttemptConnect
WININET.dll	107		InternetCloseHandle
RPCRT4.dll	507		UuidCreate
RPCRT4.dll	516		UuidToStringW
VERSION.dll	6		GetFileVersionInfoW
VERSION.dll	14		VerQueryValueW
KERNEL32.dll	843		LocalReAlloc
KERNEL32.dll	1222		TlsFree
KERNEL32.dll	1357		lstrlenA
KERNEL32.dll	652		GetThreadLocale
KERNEL32.dll	293		FileTimeToSystemTime
KERNEL32.dll	1317		WriteFile
KERNEL32.dll	343		FlushFileBuffers
KERNEL32.dll	850		LockFile
KERNEL32.dll	1236		UnlockFile
KERNEL32.dll	1107		SetEndOfFile
KERNEL32.dll	232		DuplicateHandle
KERNEL32.dll	302		FindClose
KERNEL32.dll	313		FindFirstFileW
KERNEL32.dll	679		GetVolumeInformationW
KERNEL32.dll	507		GetFullPathNameW
KERNEL32.dll	1112		SetErrorMode
KERNEL32.dll	487		GetFileAttributesExW
KERNEL32.dll	292		FileTimeToLocalFileTime
KERNEL32.dll	490		GetFileAttributesW
KERNEL32.dll	497		GetFileSizeEx
KERNEL32.dll	498		GetFileTime
KERNEL32.dll	391		GetCommandLineW
KERNEL32.dll	738		InitializeCriticalSection
KERNEL32.dll	611		GetStartupInfoW
KERNEL32.dll	234		EncodePointer
KERNEL32.dll	202		DecodePointer
KERNEL32.dll	633		GetSystemTimeAsFileTime
KERNEL32.dll	370		GetCPInfo
KERNEL32.dll	1048		RtlUnwind
KERNEL32.dll	722		HeapReAlloc
KERNEL32.dll	281		ExitProcess
KERNEL32.dll	1263		VirtualProtect
KERNEL32.dll	1257		VirtualAlloc
KERNEL32.dll	627		GetSystemInfo
KERNEL32.dll	1265		VirtualQuery
KERNEL32.dll	282		ExitThread
KERNEL32.dll	181		CreateThread
KERNEL32.dll	721		HeapQueryInformation
KERNEL32.dll	724		HeapSize
KERNEL32.dll	1189		SetUnhandledExceptionFilter
KERNEL32.dll	612		GetStdHandle
KERNEL32.dll	353		FreeEnvironmentStringsW
KERNEL32.dll	474		GetEnvironmentStringsW
KERNEL32.dll	1135		SetHandleCount
KERNEL32.dll	499		GetFileType
KERNEL32.dll	717		HeapCreate
KERNEL32.dll	935		QueryPerformanceCounter
KERNEL32.dll	1235		UnhandledExceptionFilter
KERNEL32.dll	768		IsDebuggerPresent
KERNEL32.dll	360		GetACP
KERNEL32.dll	567		GetOEMCP
KERNEL32.dll	778		IsValidCodePage
KERNEL32.dll	617		GetStringTypeW
KERNEL32.dll	772		IsProcessorFeaturePresent
KERNEL32.dll	813		LCMapStringW
KERNEL32.dll	410		GetConsoleCP
KERNEL32.dll	428		GetConsoleMode
KERNEL32.dll	664		GetTimeZoneInformation
KERNEL32.dll	667		GetUserDefaultLCID
KERNEL32.dll	516		GetLocaleInfoA
KERNEL32.dll	269		EnumSystemLocalesA
KERNEL32.dll	780		IsValidLocale
KERNEL32.dll	1316		WriteConsoleW
KERNEL32.dll	1159		SetStdHandle
KERNEL32.dll	1110		SetEnvironmentVariableA
KERNEL32.dll	701		GlobalHandle
KERNEL32.dll	705		GlobalReAlloc
KERNEL32.dll	1223		TlsGetValue
KERNEL32.dll	836		LocalAlloc
KERNEL32.dll	697		GlobalFlags
KERNEL32.dll	1224		TlsSetValue
KERNEL32.dll	133		CreateEventW
KERNEL32.dll	1210		SuspendThread
KERNEL32.dll	1113		SetEvent
KERNEL32.dll	1177		SetThreadPriority
KERNEL32.dll	945		RaiseException
KERNEL32.dll	578		GetPrivateProfileStringW
KERNEL32.dll	1323		WritePrivateProfileStringW
KERNEL32.dll	572		GetPrivateProfileIntW
KERNEL32.dll	1345		lstrcmpA
KERNEL32.dll	452		GetCurrentThread
KERNEL32.dll	670		GetUserDefaultUILanguage
KERNEL32.dll	105		ConvertDefaultLocale
KERNEL32.dll	622		GetSystemDefaultUILanguage
KERNEL32.dll	97		CompareStringA
KERNEL32.dll	518		GetLocaleInfoW
KERNEL32.dll	830		LoadLibraryExW
KERNEL32.dll	748		InterlockedExchange
KERNEL32.dll	751		InterlockedIncrement
KERNEL32.dll	449		GetCurrentProcessId
KERNEL32.dll	698		GlobalFree
KERNEL32.dll	691		GlobalAlloc
KERNEL32.dll	702		GlobalLock
KERNEL32.dll	709		GlobalUnlock
KERNEL32.dll	870		MulDiv
KERNEL32.dll	357		FreeResource
KERNEL32.dll	453		GetCurrentThreadId
KERNEL32.dll	690		GlobalAddAtomW
KERNEL32.dll	695		GlobalFindAtomW
KERNEL32.dll	693		GlobalDeleteAtom
KERNEL32.dll	100		CompareStringW
KERNEL32.dll	1346		lstrcmpW
KERNEL32.dll	747		InterlockedDecrement
KERNEL32.dll	1017		ReleaseActCtx
KERNEL32.dll	120		CreateActCtxW
KERNEL32.dll	1126		SetFilePointer
KERNEL32.dll	496		GetFileSize
KERNEL32.dll	960		ReadFile
KERNEL32.dll	143		CreateFileW
KERNEL32.dll	532		GetModuleFileNameW
KERNEL32.dll	631		GetSystemTime
KERNEL32.dll	659		GetTickCount
KERNEL32.dll	704		GlobalMemoryStatusEx
KERNEL32.dll	671		GetUserGeoID
KERNEL32.dll	719		HeapFree
KERNEL32.dll	586		GetProcessHeap
KERNEL32.dll	715		HeapAlloc
KERNEL32.dll	668		GetUserDefaultLangID
KERNEL32.dll	620		GetSystemDefaultLangID
KERNEL32.dll	214		DeleteFileW
KERNEL32.dll	643		GetTempFileNameW
KERNEL32.dll	645		GetTempPathW
KERNEL32.dll	209		DeleteCriticalSection
KERNEL32.dll	238		EnterCriticalSection
KERNEL32.dll	825		LeaveCriticalSection
KERNEL32.dll	739		InitializeCriticalSectionAndSpinCount
KERNEL32.dll	479		GetExitCodeProcess
KERNEL32.dll	1273		WaitForSingleObject
KERNEL32.dll	168		CreateProcessW
KERNEL32.dll	1297		WideCharToMultiByte
KERNEL32.dll	1358		lstrlenW
KERNEL32.dll	840		LocalFree
KERNEL32.dll	350		FormatMessageW
KERNEL32.dll	1202		Sleep
KERNEL32.dll	536		GetModuleHandleW
KERNEL32.dll	1043		ResumeThread
KERNEL32.dll	920		Process32NextW
KERNEL32.dll	1216		TerminateProcess
KERNEL32.dll	896		OpenProcess
KERNEL32.dll	82		CloseHandle
KERNEL32.dll	918		Process32FirstW
KERNEL32.dll	190		CreateToolhelp32Snapshot
KERNEL32.dll	448		GetCurrentProcess
KERNEL32.dll	354		FreeLibrary
KERNEL32.dll	1352		lstrcpyW
KERNEL32.dll	581		GetProcAddress
KERNEL32.dll	676		GetVersionExW
KERNEL32.dll	831		LoadLibraryW
KERNEL32.dll	624		GetSystemDirectoryW
KERNEL32.dll	334		FindResourceW
KERNEL32.dll	833		LoadResource
KERNEL32.dll	852		LockResource
KERNEL32.dll	1201		SizeofResource
KERNEL32.dll	871		MultiByteToWideChar
KERNEL32.dll	2		ActivateActCtx
KERNEL32.dll	514		GetLastError
KERNEL32.dll	196		DeactivateActCtx
KERNEL32.dll	1139		SetLastError
KERNEL32.dll	1221		TlsAlloc
KERNEL32.dll	745		InterlockedCompareExchange
KERNEL32.dll	723		HeapSetInformation
USER32.dll	686		SetRect
USER32.dll	699		SetTimer
USER32.dll	483		KillTimer
USER32.dll	640		SetCapture
USER32.dll	49		CharNextW
USER32.dll	82		CopyAcceleratorTableW
USER32.dll	468		IsRectEmpty
USER32.dll	447		InvalidateRgn
USER32.dll	353		GetNextDlgGroupItem
USER32.dll	525		MessageBeep
USER32.dll	60		CharUpperW
USER32.dll	592		RegisterClipboardFormatW
USER32.dll	539		MoveWindow
USER32.dll	715		SetWindowTextW
USER32.dll	461		IsDialogMessageW
USER32.dll	648		SetCursor
USER32.dll	349		GetMessageW
USER32.dll	764		TranslateMessage
USER32.dll	288		GetCursorPos
USER32.dll	672		SetMenuItemBitmaps
USER32.dll	333		GetMenuCheckMarkDimensions
USER32.dll	487		LoadBitmapW
USER32.dll	535		ModifyMenuW
USER32.dll	214		EnableMenuItem
USER32.dll	63		CheckMenuItem
USER32.dll	97		CreateDialogIndirectParamW
USER32.dll	354		GetNextDlgTabItem
USER32.dll	218		EndDialog
USER32.dll	705		SetWindowContextHelpId
USER32.dll	516		MapDialogRect
USER32.dll	567		PostQuitMessage
USER32.dll	446		InvalidateRect
USER32.dll	420		GetWindowThreadProcessId
USER32.dll	476		IsWindowEnabled
USER32.dll	220		EndPaint
USER32.dll	14		BeginPaint
USER32.dll	402		GetWindowDC
USER32.dll	613		ReleaseDC
USER32.dll	289		GetDC
USER32.dll	424		GrayStringW
USER32.dll	207		DrawTextExW
USER32.dll	208		DrawTextW
USER32.dll	750		TabbedTextOutW
USER32.dll	342		GetMenuState
USER32.dll	611		RegisterWindowMessageW
USER32.dll	627		SendDlgItemMessageW
USER32.dll	809		WinHelpW
USER32.dll	457		IsChild
USER32.dll	264		GetCapture
USER32.dll	719		SetWindowsHookExW
USER32.dll	28		CallNextHookEx
USER32.dll	272		GetClassLongW
USER32.dll	685		SetPropW
USER32.dll	363		GetPropW
USER32.dll	617		RemovePropW
USER32.dll	300		GetFocus
USER32.dll	658		SetFocus
USER32.dll	419		GetWindowTextW
USER32.dll	301		GetForegroundWindow
USER32.dll	324		GetLastActivePopup
USER32.dll	175		DispatchMessageW
USER32.dll	295		GetDlgItem
USER32.dll	389		GetTopWindow
USER32.dll	166		DestroyWindow
USER32.dll	348		GetMessageTime
USER32.dll	347		GetMessagePos
USER32.dll	563		PeekMessageW
USER32.dll	538		MonitorFromWindow
USER32.dll	317		GetKeyState
USER32.dll	668		SetMenu
USER32.dll	659		SetForegroundWindow
USER32.dll	586		RedrawWindow
USER32.dll	480		IsWindowVisible
USER32.dll	796		ValidateRect
USER32.dll	785		UpdateWindow
USER32.dll	533		MessageBoxW
USER32.dll	269		GetClassInfoExW
USER32.dll	590		RegisterClassW
USER32.dll	621		ScreenToClient
USER32.dll	243		EqualRect
USER32.dll	294		GetDlgCtrlID
USER32.dll	30		CallWindowProcW
USER32.dll	710		SetWindowPos
USER32.dll	576		PtInRect
USER32.dll	768		UnhookWindowsHookEx
USER32.dll	256		GetActiveWindow
USER32.dll	338		GetMenuItemID
USER32.dll	3		AdjustWindowRectEx
USER32.dll	475		IsWindow
USER32.dll	406		GetWindowLongW
USER32.dll	708		SetWindowLongW
USER32.dll	331		GetMenu
USER32.dll	110		CreateWindowExW
USER32.dll	774		UnregisterClassW
USER32.dll	579		RealChildWindowFromPoint
USER32.dll	164		DestroyMenu
USER32.dll	378		GetSubMenu
USER32.dll	337		GetMenuItemCount
USER32.dll	445		IntersectRect
USER32.dll	626		SendDlgItemMessageA
USER32.dll	549		OffsetRect
USER32.dll	291		GetDesktopWindow
USER32.dll	569		PostThreadMessageW
USER32.dll	412		GetWindowRect
USER32.dll	263		GetAsyncKeyState
USER32.dll	612		ReleaseCapture
USER32.dll	285		GetCursor
USER32.dll	71		ClientToScreen
USER32.dll	495		LoadImageW
USER32.dll	566		PostMessageW
USER32.dll	528		MessageBoxExW
USER32.dll	493		LoadIconW
USER32.dll	216		EnableWindow
USER32.dll	491		LoadCursorW
USER32.dll	521		MapWindowPoints
USER32.dll	356		GetParent
USER32.dll	380		GetSysColorBrush
USER32.dll	379		GetSysColor
USER32.dll	748		SystemParametersInfoW
USER32.dll	230		EnumDisplayMonitors
USER32.dll	687		SetRectEmpty
USER32.dll	85		CopyRect
USER32.dll	351		GetMonitorInfoW
USER32.dll	382		GetSystemMetrics
USER32.dll	276		GetClientRect
USER32.dll	636		SendMessageW
USER32.dll	274		GetClassNameW
USER32.dll	398		GetWindow
USER32.dll	156		DefWindowProcW
USER32.dll	270		GetClassInfoW
USER32.dll	639		SetActiveWindow
USER32.dll	735		ShowWindow
GDI32.dll	680		SetViewportExtEx
GDI32.dll	625		ScaleViewportExtEx
GDI32.dll	684		SetWindowExtEx
GDI32.dll	626		ScaleWindowExtEx
GDI32.dll	555		GetWindowExtEx
GDI32.dll	310		ExtSelectClipRgn
GDI32.dll	227		DeleteDC
GDI32.dll	41		CreateBitmap
GDI32.dll	574		OffsetViewportOrgEx
GDI32.dll	631		SelectObject
GDI32.dll	496		GetMapMode
GDI32.dll	425		GetBkColor
GDI32.dll	536		GetTextColor
GDI32.dll	524		GetRgnBox
GDI32.dll	681		SetViewportOrgEx
GDI32.dll	552		GetViewportExtEx
GDI32.dll	302		Escape
GDI32.dll	312		ExtTextOutW
GDI32.dll	697		TextOutW
GDI32.dll	74		CreatePatternBrush
GDI32.dll	75		CreatePen
GDI32.dll	84		CreateSolidBrush
GDI32.dll	509		GetObjectW
GDI32.dll	525		GetStockObject
GDI32.dll	64		CreateFontIndirectW
GDI32.dll	294		EnumFontFamiliesW
GDI32.dll	535		GetTextCharsetInfo
GDI32.dll	606		RectVisible
GDI32.dll	602		PtVisible
GDI32.dll	230		DeleteObject
GDI32.dll	459		GetDeviceCaps
GDI32.dll	448		GetClipBox
GDI32.dll	660		SetMapMode
GDI32.dll	617		RestoreDC
GDI32.dll	624		SaveDC
GDI32.dll	638		SetBkColor
GDI32.dll	678		SetTextColor
GDI32.dll	80		CreateRectRgnIndirect
GDI32.dll	54		CreateDIBitmap
GDI32.dll	550		GetTextMetricsW
COMDLG32.dll	10		GetFileTitleW
WINSPOOL.DRV	29		ClosePrinter
WINSPOOL.DRV	144		OpenPrinterW
WINSPOOL.DRV	78		DocumentPropertiesW
ADVAPI32.dll	560		RegCloseKey
ADVAPI32.dll	594		RegEnumValueW
ADVAPI32.dll	623		RegQueryValueW
ADVAPI32.dll	592		RegEnumKeyW
ADVAPI32.dll	580		RegDeleteKeyW
ADVAPI32.dll	584		RegDeleteValueW
ADVAPI32.dll	569		RegCreateKeyExW
ADVAPI32.dll	503		OpenProcessToken
ADVAPI32.dll	639		RegSetValueW
ADVAPI32.dll	572		RegCreateKeyW
ADVAPI32.dll	612		RegOpenKeyW
ADVAPI32.dll	622		RegQueryValueExW
ADVAPI32.dll	638		RegSetValueExW
ADVAPI32.dll	609		RegOpenKeyExW
ADVAPI32.dll	31		AdjustTokenPrivileges
ADVAPI32.dll	407		LookupPrivilegeValueW
SHELL32.dll	302		Shell_NotifyIconW
SHELL32.dll	290		ShellExecuteW
COMCTL32.dll	123		InitCommonControlsEx
SHLWAPI.dll	71		PathFindExtensionW
SHLWAPI.dll	73		PathFindFileNameW
SHLWAPI.dll	151		PathStripToRootW
SHLWAPI.dll	113		PathIsUNCW
SHLWAPI.dll	232		SHRegGetValueW
ole32.dll	8		CLSIDFromString
ole32.dll	6		CLSIDFromProgID
ole32.dll	15		CoCreateGuid
ole32.dll	103		CoTaskMemAlloc
ole32.dll	38		CoGetClassObject
ole32.dll	104		CoTaskMemFree
ole32.dll	108		CoUninitialize
ole32.dll	16		CoCreateInstance
ole32.dll	62		CoInitialize
ole32.dll	373		StgOpenStorageOnILockBytes
ole32.dll	360		StgCreateDocfileOnILockBytes
ole32.dll	128		CreateILockBytesOnHGlobal
ole32.dll	329		OleUninitialize
ole32.dll	29		CoFreeUnusedLibraries
ole32.dll	306		OleInitialize
ole32.dll	95		CoRevokeClassObject
ole32.dll	308		OleIsCurrentClipboard
ole32.dll	301		OleFlushClipboard
ole32.dll	86		CoRegisterMessageFilter
OLEAUT32.dll		184
OLEAUT32.dll		185
OLEAUT32.dll		16
OLEAUT32.dll		15
OLEAUT32.dll		18
OLEAUT32.dll		24
OLEAUT32.dll		162
OLEAUT32.dll		146
OLEAUT32.dll		10
OLEAUT32.dll		12
OLEAUT32.dll		4
OLEAUT32.dll		9
OLEAUT32.dll		8
OLEAUT32.dll		6
OLEAUT32.dll		7
OLEAUT32.dll		420
OLEAUT32.dll		23
OLEAUT32.dll		2
oledlg.dll	3		OleUIBusyW
urlmon.dll	104		URLDownloadToFileW
IPHLPAPI.DLL	63		GetAdaptersInfo
OLEACC.dll	20		LresultFromObject
OLEACC.dll	4		CreateStdAccessibleObject

StringTable 040904b0

CompanyName	Sterkly LLC
FileDescription	KBM2 Installer
FileVersion	2.1.0.5
InternalName	KBM2.exe
LegalCopyright	(c) Sterkly LLC. All rights reserved.
OriginalFilename	KBM2.exe
ProductName	KBM2 Installer
ProductVersion	2.1.0.5

VS_FIXEDFILEINFO

FileVersion	2.1.0.5
ProductVersion	2.1.0.5
StrucVersion	0x10000
FileFlagsMask	0x3f
FileFlags	0
FileOS	0x40004
FileType	1
FileSubtype	0

OpenSSL (terse)
ASN.1 (verbose)

Signers (1)

issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https://www.verisign.com/rpa (c)10/CN=VeriSign Class 3 Code Signing 2010 CA

serial: 136DB6717AA1462B8176971FE58FEBD6

Certificates (2)

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            13:6d:b6:71:7a:a1:46:2b:81:76:97:1f:e5:8f:eb:d6
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA
        Validity
            Not Before: Jan 26 00:00:00 2012 GMT
            Not After : Jan 25 23:59:59 2013 GMT
        Subject: C=US, ST=California, L=Carlsbad, O=sterkly LLC, OU=Digital ID Class 3 - Microsoft Software Validation v2, CN=sterkly LLC
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:c0:0c:74:f8:f2:b2:e9:b7:c6:88:55:e3:50:e1:
                    67:44:95:63:0c:20:5d:ae:da:d3:75:55:eb:8a:cf:
                    11:e2:ea:4b:15:a2:a3:bc:25:e0:6f:a8:d7:77:d2:
                    09:bb:b5:49:84:f6:4c:13:a4:b6:40:94:74:1b:4e:
                    e3:26:e3:fd:74:d1:6e:a0:96:70:07:be:70:5f:16:
                    b1:a2:42:97:8d:13:2f:d7:1b:67:4a:c0:62:ad:36:
                    91:26:35:94:8e:a6:44:4d:84:4e:4f:7e:9d:a6:f5:
                    95:66:82:60:65:fe:55:09:c1:6c:ef:af:9a:22:12:
                    d2:41:40:ac:6c:5a:13:7d:a2:84:c3:a0:c9:d3:60:
                    77:ac:a5:d1:21:e8:18:57:6f:eb:04:ca:0c:54:2c:
                    2c:85:23:5f:f9:70:dc:36:22:9e:fe:ef:0b:90:71:
                    f5:b0:84:a7:39:8d:09:48:2a:29:b4:4e:8e:b3:f6:
                    ef:3e:d3:72:b0:02:ae:7a:97:cb:a9:3f:3e:d7:9e:
                    2d:ac:c3:74:15:39:b1:bc:aa:19:bd:8f:ca:4e:11:
                    58:62:3f:26:14:9e:07:23:f7:25:fc:15:d7:9f:ed:
                    16:42:02:20:99:7a:59:75:a6:42:f6:0e:35:8c:25:
                    23:d2:33:ca:64:4f:e5:97:f9:61:71:10:51:4f:2a:
                    4c:8b
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: 
                CA:FALSE
            X509v3 Key Usage: critical
                Digital Signature
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://csc3-2010-crl.verisign.com/CSC3-2010.crl

            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.113733.1.7.23.3
                  CPS: https://www.verisign.com/rpa

            X509v3 Extended Key Usage: 
                Code Signing
            Authority Information Access: 
                OCSP - URI:http://ocsp.verisign.com
                CA Issuers - URI:http://csc3-2010-aia.verisign.com/CSC3-2010.cer

            X509v3 Authority Key Identifier: 
                keyid:CF:99:A9:EA:7B:26:F4:4B:C9:8E:8F:D7:F0:05:26:EF:E3:D2:A7:9D

            Netscape Cert Type: 
                Object Signing
            1.3.6.1.4.1.311.2.1.27: 
                0.......
    Signature Algorithm: sha1WithRSAEncryption
         d8:97:e0:02:f4:a4:d1:54:05:df:6c:3e:1a:94:1d:3e:c0:69:
         0c:6b:ac:70:39:66:de:91:d3:e0:3f:29:cc:25:f2:08:5a:62:
         09:ee:c0:41:ce:61:82:89:b6:44:ec:9b:85:b6:2f:43:73:a8:
         11:bb:8f:7f:60:95:50:bb:d0:21:74:b0:12:2e:af:8a:bf:8a:
         40:c9:a3:49:b1:94:ef:7c:36:6a:18:ae:e0:b2:cc:97:55:33:
         3d:10:0e:c0:d5:f3:26:e8:69:c1:14:d2:fb:46:08:3e:44:82:
         65:ed:a4:a2:76:86:32:a4:36:cc:21:b0:d9:f0:62:42:6a:1c:
         93:c0:19:52:69:2a:8c:ca:bb:f4:58:d1:7e:14:b2:17:d2:09:
         47:73:43:c3:4b:49:7e:54:fb:af:95:90:9f:a7:06:4a:77:c1:
         23:99:92:a6:93:66:de:48:6b:dd:f2:36:01:83:8d:cf:15:03:
         52:62:0b:65:a9:3d:2e:ff:08:a1:fe:17:b3:aa:c1:1c:f6:18:
         72:09:6a:cc:96:05:d1:68:06:be:00:4f:bd:13:ba:5e:fc:c8:
         bb:ea:f6:7d:74:be:38:65:e5:ed:2b:ff:8b:02:4f:e5:79:81:
         c0:20:c1:4e:a6:e9:99:49:26:a6:a2:f0:ea:f2:fb:10:c6:6c:
         24:9f:23:11

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
        Signature Algorithm: sha1WithRSAEncryption
        Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
        Validity
            Not Before: Feb  8 00:00:00 2010 GMT
            Not After : Feb  7 23:59:59 2020 GMT
        Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 Code Signing 2010 CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:f5:23:4b:5e:a5:d7:8a:bb:32:e9:d4:57:f7:ef:
                    e4:c7:26:7e:ad:19:98:fe:a8:9d:7d:94:f6:36:6b:
                    10:d7:75:81:30:7f:04:68:7f:cb:2b:75:1e:cd:1d:
                    08:8c:df:69:94:a7:37:a3:9c:7b:80:e0:99:e1:ee:
                    37:4d:5f:ce:3b:14:ee:86:d4:d0:f5:27:35:bc:25:
                    0b:38:a7:8c:63:9d:17:a3:08:a5:ab:b0:fb:cd:6a:
                    62:82:4c:d5:21:da:1b:d9:f1:e3:84:3b:8a:2a:4f:
                    85:5b:90:01:4f:c9:a7:76:10:7f:27:03:7c:be:ae:
                    7e:7d:c1:dd:f9:05:bc:1b:48:9c:69:e7:c0:a4:3c:
                    3c:41:00:3e:df:96:e5:c5:e4:94:71:d6:55:01:c7:
                    00:26:4a:40:3c:b5:a1:26:a9:0c:a7:6d:80:8e:90:
                    25:7b:cf:bf:3f:1c:eb:2f:96:fa:e5:87:77:c6:b5:
                    56:b2:7a:3b:54:30:53:1b:df:62:34:ff:1e:d1:f4:
                    5a:93:28:85:e5:4c:17:4e:7e:5b:fd:a4:93:99:7f:
                    df:cd:ef:a4:75:ef:ef:15:f6:47:e7:f8:19:72:d8:
                    2e:34:1a:a6:b4:a7:4c:7e:bd:bb:4f:0c:3d:57:f1:
                    30:d6:a6:36:8e:d6:80:76:d7:19:2e:a5:cd:7e:34:
                    2d:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Basic Constraints: critical
                CA:TRUE, pathlen:0
            X509v3 Certificate Policies: 
                Policy: 2.16.840.1.113733.1.7.23.3
                  CPS: https://www.verisign.com/cps
                  User Notice:
                    Explicit Text: https://www.verisign.com/rpa

            X509v3 Key Usage: critical
                Certificate Sign, CRL Sign
            1.3.6.1.5.5.7.1.12: 
                0_.].[0Y0W0U..image/gif0!0.0...+..............k...j.H.,{..0%.#http://logo.verisign.com/vslogo.gif
            X509v3 CRL Distribution Points: 

                Full Name:
                  URI:http://crl.verisign.com/pca3-g5.crl

            Authority Information Access: 
                OCSP - URI:http://ocsp.verisign.com

            X509v3 Extended Key Usage: 
                TLS Web Client Authentication, Code Signing
            X509v3 Subject Alternative Name: 
                DirName:/CN=VeriSignMPKI-2-8
            X509v3 Subject Key Identifier: 
                CF:99:A9:EA:7B:26:F4:4B:C9:8E:8F:D7:F0:05:26:EF:E3:D2:A7:9D
            X509v3 Authority Key Identifier: 
                keyid:7F:D3:65:A7:C2:DD:EC:BB:F0:30:09:F3:43:39:FA:02:AF:33:31:33

    Signature Algorithm: sha1WithRSAEncryption
         56:22:e6:34:a4:c4:61:cb:48:b9:01:ad:56:a8:64:0f:d9:8c:
         91:c4:bb:cc:0c:e5:ad:7a:a0:22:7f:df:47:38:4a:2d:6c:d1:
         7f:71:1a:7c:ec:70:a9:b1:f0:4f:e4:0f:0c:53:fa:15:5e:fe:
         74:98:49:24:85:81:26:1c:91:14:47:b0:4c:63:8c:bb:a1:34:
         d4:c6:45:e8:0d:85:26:73:03:d0:a9:8c:64:6d:dc:71:92:e6:
         45:05:60:15:59:51:39:fc:58:14:6b:fe:d4:a4:ed:79:6b:08:
         0c:41:72:e7:37:22:06:09:be:23:e9:3f:44:9a:1e:e9:61:9d:
         cc:b1:90:5c:fc:3d:d2:8d:ac:42:3d:65:36:d4:b4:3d:40:28:
         8f:9b:10:cf:23:26:cc:4b:20:cb:90:1f:5d:8c:4c:34:ca:3c:
         d8:e5:37:d6:6f:a5:20:bd:34:eb:26:d9:ae:0d:e7:c5:9a:f7:
         a1:b4:21:91:33:6f:86:e8:58:bb:25:7c:74:0e:58:fe:75:1b:
         63:3f:ce:31:7c:9b:8f:1b:96:9e:c5:53:76:84:5b:9c:ad:91:
         fa:ac:ed:93:ba:5d:c8:21:53:c2:82:53:63:af:12:0d:50:87:
         11:1b:3d:54:52:96:8a:2c:9c:3d:92:1a:08:9a:05:2e:c7:93:
         a5:48:91:d3

pkcs7-signedData

1
- SHA1: nil
- 1.3.6.1.4.1.311.2.1.4
  - #0
    - 1.3.6.1.4.1.311.2.1.15
      - :
        00 3c 00 3c 00 3c 00 4f 00 62 00 73 00 6f 00 6c |.<.<.<.O.b.s.o.l| 00 65 00 74 00 65 00 3e 00 3e 00 3e |.e.t.e.>.>.> |
    - SHA1
      - ab d4 8c 47 ab a8 22 d9 7d fa 55 22 ae 62 6b ff |...G..".}.U".bk.| 6c ec 71 e1 |l.q. |
- Certificates
  - Certificate #0
    - 2
      - 13:6D:B6:71:7A:A1:46:2B:81:76:97:1F:E5:8F:EB:D6
      - RSA-SHA1: nil
      - Issuer
        C: US
        O: VeriSign, Inc.
        OU: VeriSign Trust Network
        OU: Terms of use at https://www.verisign.com/rpa (c)10
        CN: VeriSign Class 3 Code Signing 2010 CA
      - 2012-01-26 00:00:00 UTC: 2013-01-25 23:59:59 UTC
      - Subject
        C: US
        ST: California
        L: Carlsbad
        O: sterkly LLC
        OU: Digital ID Class 3 - Microsoft Software Validation v2
        CN: sterkly LLC
      - #5
        rsaEncryption: nil
        C0:0C:74:F8:F2:B2:E9:B7:C6:88:55:E3:50:E1:67:44:
        95:63:0C:20:5D:AE:DA:D3:75:55:EB:8A:CF:11:E2:EA:
        4B:15:A2:A3:BC:25:E0:6F:A8:D7:77:D2:09:BB:B5:49:
        84:F6:4C:13:A4:B6:40:94:74:1B:4E:E3:26:E3:FD:74:
        D1:6E:A0:96:70:07:BE:70:5F:16:B1:A2:42:97:8D:13:
        2F:D7:1B:67:4A:C0:62:AD:36:91:26:35:94:8E:A6:44:
        4D:84:4E:4F:7E:9D:A6:F5:95:66:82:60:65:FE:55:09:
        C1:6C:EF:AF:9A:22:12:D2:41:40:AC:6C:5A:13:7D:A2:
        84:C3:A0:C9:D3:60:77:AC:A5:D1:21:E8:18:57:6F:EB:
        04:CA:0C:54:2C:2C:85:23:5F:F9:70:DC:36:22:9E:FE:
        EF:0B:90:71:F5:B0:84:A7:39:8D:09:48:2A:29:B4:4E:
        8E:B3:F6:EF:3E:D3:72:B0:02:AE:7A:97:CB:A9:3F:3E:
        D7:9E:2D:AC:C3:74:15:39:B1:BC:AA:19:BD:8F:CA:4E:
        11:58:62:3F:26:14:9E:07:23:F7:25:FC:15:D7:9F:ED:
        16:42:02:20:99:7A:59:75:A6:42:F6:0E:35:8C:25:23:
        D2:33:CA:64:4F:E5:97:F9:61:71:10:51:4F:2A:4C:8B: 0x010001
      - X509v3 extensions
        basicConstraints
        nil
        keyUsage: true, 0x80
        crlDistributionPoints: http://csc3-2010-crl.verisign.com/CSC3-2010.crl
        certificatePolicies
        2.16.840.1.113733.1.7.23.3
        id-qt-cps: https://www.verisign.com/rpa
        extendedKeyUsage: codeSigning
        authorityInfoAccess
        #0
        OCSP: http://ocsp.verisign.com
        caIssuers: http://csc3-2010-aia.verisign.com/CSC3-2010.cer
        authorityKeyIdentifier:
        cf 99 a9 ea 7b 26 f4 4b c9 8e 8f d7 f0 05 26 ef |....{&.K......&.| e3 d2 a7 9d |.... |
        nsCertType: 0x10
        1.3.6.1.4.1.311.2.1.27
        false: true
    - RSA-SHA1:
```
d8 97 e0 02 f4 a4 d1 54  05 df 6c 3e 1a 94 1d 3e  |.......T..l>...>|
c0 69 0c 6b ac 70 39 66  de 91 d3 e0 3f 29 cc 25  |.i.k.p9f....?).%|
f2 08 5a 62 09 ee c0 41  ce 61 82 89 b6 44 ec 9b  |..Zb...A.a...D..|
85 b6 2f 43 73 a8 11 bb  8f 7f 60 95 50 bb d0 21  |../Cs.....`.P..!|
74 b0 12 2e af 8a bf 8a  40 c9 a3 49 b1 94 ef 7c  |t.......@..I...||
36 6a 18 ae e0 b2 cc 97  55 33 3d 10 0e c0 d5 f3  |6j......U3=.....|
26 e8 69 c1 14 d2 fb 46  08 3e 44 82 65 ed a4 a2  |&.i....F.>D.e...|
76 86 32 a4 36 cc 21 b0  d9 f0 62 42 6a 1c 93 c0  |v.2.6.!...bBj...|
19 52 69 2a 8c ca bb f4  58 d1 7e 14 b2 17 d2 09  |.Ri*....X.~.....|
47 73 43 c3 4b 49 7e 54  fb af 95 90 9f a7 06 4a  |GsC.KI~T.......J|
77 c1 23 99 92 a6 93 66  de 48 6b dd f2 36 01 83  |w.#....f.Hk..6..|
8d cf 15 03 52 62 0b 65  a9 3d 2e ff 08 a1 fe 17  |....Rb.e.=......|
b3 aa c1 1c f6 18 72 09  6a cc 96 05 d1 68 06 be  |......r.j....h..|
00 4f bd 13 ba 5e fc c8  bb ea f6 7d 74 be 38 65  |.O...^.....}t.8e|
e5 ed 2b ff 8b 02 4f e5  79 81 c0 20 c1 4e a6 e9  |..+...O.y.. .N..|
99 49 26 a6 a2 f0 ea f2  fb 10 c6 6c 24 9f 23 11  |.I&........l$.#.|
```
  - Certificate #1
    - 2
      - 52:00:E5:AA:25:56:FC:1A:86:ED:96:C9:D4:4B:33:C7
      - RSA-SHA1: nil
      - Issuer
        C: US
        O: VeriSign, Inc.
        OU: VeriSign Trust Network
        OU: (c) 2006 VeriSign, Inc. - For authorized use only
        CN: VeriSign Class 3 Public Primary Certification Authority - G5
      - 2010-02-08 00:00:00 UTC: 2020-02-07 23:59:59 UTC
      - Subject
        C: US
        O: VeriSign, Inc.
        OU: VeriSign Trust Network
        OU: Terms of use at https://www.verisign.com/rpa (c)10
        CN: VeriSign Class 3 Code Signing 2010 CA
      - #5
        rsaEncryption: nil
        F5:23:4B:5E:A5:D7:8A:BB:32:E9:D4:57:F7:EF:E4:C7:
        26:7E:AD:19:98:FE:A8:9D:7D:94:F6:36:6B:10:D7:75:
        81:30:7F:04:68:7F:CB:2B:75:1E:CD:1D:08:8C:DF:69:
        94:A7:37:A3:9C:7B:80:E0:99:E1:EE:37:4D:5F:CE:3B:
        14:EE:86:D4:D0:F5:27:35:BC:25:0B:38:A7:8C:63:9D:
        17:A3:08:A5:AB:B0:FB:CD:6A:62:82:4C:D5:21:DA:1B:
        D9:F1:E3:84:3B:8A:2A:4F:85:5B:90:01:4F:C9:A7:76:
        10:7F:27:03:7C:BE:AE:7E:7D:C1:DD:F9:05:BC:1B:48:
        9C:69:E7:C0:A4:3C:3C:41:00:3E:DF:96:E5:C5:E4:94:
        71:D6:55:01:C7:00:26:4A:40:3C:B5:A1:26:A9:0C:A7:
        6D:80:8E:90:25:7B:CF:BF:3F:1C:EB:2F:96:FA:E5:87:
        77:C6:B5:56:B2:7A:3B:54:30:53:1B:DF:62:34:FF:1E:
        D1:F4:5A:93:28:85:E5:4C:17:4E:7E:5B:FD:A4:93:99:
        7F:DF:CD:EF:A4:75:EF:EF:15:F6:47:E7:F8:19:72:D8:
        2E:34:1A:A6:B4:A7:4C:7E:BD:BB:4F:0C:3D:57:F1:30:
        D6:A6:36:8E:D6:80:76:D7:19:2E:A5:CD:7E:34:2D:89: 0x010001
      - X509v3 extensions
        basicConstraints
        true
        true: 0
        certificatePolicies
        2.16.840.1.113733.1.7.23.3
        #0
        id-qt-cps: https://www.verisign.com/cps
        id-qt-unotice: https://www.verisign.com/rpa
        keyUsage: true, 6
        1.3.6.1.5.5.7.1.12
        image/gif
        SHA1:
        8f e5 d3 1a 86 ac 8d 8e 6b c3 cf 80 6a d4 48 18 |........k...j.H.| 2c 7b 19 2e |,{.. |
        http://logo.verisign.com/vslogo.gif
        crlDistributionPoints: http://crl.verisign.com/pca3-g5.crl
        authorityInfoAccess
        OCSP: http://ocsp.verisign.com
        extendedKeyUsage
        clientAuth: codeSigning
        subjectAltName
        CN: VeriSignMPKI-2-8
        subjectKeyIdentifier:
        cf 99 a9 ea 7b 26 f4 4b c9 8e 8f d7 f0 05 26 ef |....{&.K......&.| e3 d2 a7 9d |.... |
        authorityKeyIdentifier:
        7f d3 65 a7 c2 dd ec bb f0 30 09 f3 43 39 fa 02 |..e......0..C9..| af 33 31 33 |.313 |
    - RSA-SHA1:
```
56 22 e6 34 a4 c4 61 cb  48 b9 01 ad 56 a8 64 0f  |V".4..a.H...V.d.|
d9 8c 91 c4 bb cc 0c e5  ad 7a a0 22 7f df 47 38  |.........z."..G8|
4a 2d 6c d1 7f 71 1a 7c  ec 70 a9 b1 f0 4f e4 0f  |J-l..q.|.p...O..|
0c 53 fa 15 5e fe 74 98  49 24 85 81 26 1c 91 14  |.S..^.t.I$..&...|
47 b0 4c 63 8c bb a1 34  d4 c6 45 e8 0d 85 26 73  |G.Lc...4..E...&s|
03 d0 a9 8c 64 6d dc 71  92 e6 45 05 60 15 59 51  |....dm.q..E.`.YQ|
39 fc 58 14 6b fe d4 a4  ed 79 6b 08 0c 41 72 e7  |9.X.k....yk..Ar.|
37 22 06 09 be 23 e9 3f  44 9a 1e e9 61 9d cc b1  |7"...#.?D...a...|
90 5c fc 3d d2 8d ac 42  3d 65 36 d4 b4 3d 40 28  |.\.=...B=e6..=@(|
8f 9b 10 cf 23 26 cc 4b  20 cb 90 1f 5d 8c 4c 34  |....#&.K ...].L4|
ca 3c d8 e5 37 d6 6f a5  20 bd 34 eb 26 d9 ae 0d  |.<..7.o. .4.&...|
e7 c5 9a f7 a1 b4 21 91  33 6f 86 e8 58 bb 25 7c  |......!.3o..X.%||
74 0e 58 fe 75 1b 63 3f  ce 31 7c 9b 8f 1b 96 9e  |t.X.u.c?.1|.....|
c5 53 76 84 5b 9c ad 91  fa ac ed 93 ba 5d c8 21  |.Sv.[........].!|
53 c2 82 53 63 af 12 0d  50 87 11 1b 3d 54 52 96  |S..Sc...P...=TR.|
8a 2c 9c 3d 92 1a 08 9a  05 2e c7 93 a5 48 91 d3  |.,.=.........H..|
```
- Signer
  - 1
  - unnamed
    - #0
      - C: US
      - O: VeriSign, Inc.
      - OU: VeriSign Trust Network
      - OU: Terms of use at https://www.verisign.com/rpa (c)10
      - CN: VeriSign Class 3 Code Signing 2010 CA
    - 13:6D:B6:71:7A:A1:46:2B:81:76:97:1F:E5:8F:EB:D6
  - SHA1: nil
  - #3
    - 1.3.6.1.4.1.311.2.1.12
      - nil
    - contentType: 1.3.6.1.4.1.311.2.1.4
    - 1.3.6.1.4.1.311.2.1.11: msCodeInd
    - messageDigest:
```
f3 87 dc f5 2c 39 be f0  eb c9 03 5d ac fd 5a 66  |....,9.....]..Zf|
f1 9e 74 5a                                       |..tZ            |
```
  - rsaEncryption:
```
be ee c6 33 1f 5b fb 9e  05 b8 14 dd 1b f8 d6 d7  |...3.[..........|
a5 4f 9e c9 32 9d dd 61  1e f0 4c 59 da d0 0d 5a  |.O..2..a..LY...Z|
a3 d9 5a d3 0c 47 2e a9  06 b9 94 c8 ca 13 23 58  |..Z..G........#X|
51 5d 0c 18 93 60 d5 2d  89 3f 02 ed 35 a8 ec 8a  |Q]...`.-.?..5...|
44 1b 38 4c 9d 65 d4 6c  5a df f4 8d 4f cd 0b 66  |D.8L.e.lZ...O..f|
bd 5d 7f 64 95 3d 08 be  3c 54 79 14 05 41 45 63  |.].d.=...h...|
2f d9 34 a1 6c 9c 29 70  46 1f 9e 86 91 09 13 e6  |/.4.l.)pF.......|
```

show previews

offset	size	type	comment
0	531968	EXE	01/07/2013 21:45:58	#
15c1	15	HTM		#
81e00	3704	PKCS7	Authenticode Signature	#

offset:( 0x )size:( 0x )hotkeys:-=[]<>, offset/size fields are also editable

Please donate some bucks to keep this site up and running:
Ko-fi
Yandex.Money
Thank you!

everything is OK

TubeBox_Setup_Eng.exe- KBM2.exe - KBM2 Installer

MZ Header

Rich Header

DOS stub

PE Header

Packer / Compiler

Sections

Data Directory

StringTable 040904b0

VS_FIXEDFILEINFO

Signers (1)

Certificates (2)

TubeBox_Setup_Eng.exe
- KBM2.exe - KBM2 Installer