| filename | Wonders.exe | |
|---|---|---|
| size | 498992 (0x79d30) | |
| md5 | c7f1534de47a72afafb48f5d1c1da7e5 | |
| type | PE32 executable (GUI) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xf8 |
Rich Header
| lib id | version | times used |
|---|---|---|
| 125 | 50727 | 16 |
| 109 | 50727 | 72 |
| 123 | 50727 | 3 |
| 93 | 4035 | 2 |
| 1 | 0 | 78 |
| 110 | 50727 | 27 |
| 122 | 50727 | 1 |
| 124 | 50727 | 1 |
| 120 | 50727 | 1 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Sections
Data Directory
| module_name | hint | ord | function_name |
|---|---|---|---|
| kernel32.dll | GetProcAddress | ||
| kernel32.dll | GetModuleHandleA | ||
| kernel32.dll | LoadLibraryA | ||
| wrapper.dll | int __cdecl StartWrapper(void) ?StartWrapper@@YAHXZ | ||
| oleaut32.dll | VariantChangeTypeEx | ||
| kernel32.dll | RaiseException |
Signers (1)
issuer: /C=US/O=VeriSign, Inc./OU=VeriSign Trust Network/OU=Terms of use at https:\/\/www.verisign.com\/rpa (c)04/CN=VeriSign Class 3 Code Signing 2004 CA
serial: 72F3743DF8E423F8F36A6E5C1F8A2153
Certificates (4)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA
Validity
Not Before: Jun 15 00:00:00 2007 GMT
Not After : Jun 14 23:59:59 2012 GMT
Subject: C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services Signer - G2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:c4:b5:f2:52:15:bc:88:86:60:29:16:4a:5b:2f:
4b:91:6b:87:91:f3:35:54:58:35:ea:d1:36:5e:62:
4d:52:51:34:71:c2:7b:66:1d:89:c8:dd:2a:c4:6a:
0a:f6:37:d9:98:74:91:f6:92:ae:b0:b5:76:96:f1:
a9:4a:63:45:47:2e:6b:0b:92:4e:4b:2b:8c:ee:58:
4a:8b:d4:07:e4:1a:2c:f8:82:aa:58:d9:cd:42:f3:
2d:c0:75:de:8d:ab:c7:8e:1d:9a:6c:4c:08:95:1e:
de:db:ef:67:e1:72:c2:49:c2:9e:60:3c:e1:e2:be:
16:a3:63:78:69:14:7b:ad:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
Authority Information Access:
OCSP - URI:http://ocsp.verisign.com
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.verisign.com/tss-ca.crl
X509v3 Extended Key Usage: critical
Time Stamping
X509v3 Key Usage: critical
Digital Signature, Non Repudiation
X509v3 Subject Alternative Name:
DirName:/CN=TSA1-2
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
50:c5:4b:c8:24:80:df:e4:0d:24:c2:de:1a:b1:a1:02:a1:a6:
82:2d:0c:83:15:81:37:0a:82:0e:2c:b0:5a:17:61:b5:d8:05:
fe:88:db:f1:91:91:b3:56:1a:40:a6:eb:92:be:38:39:b0:75:
36:74:3a:98:4f:e4:37:ba:99:89:ca:95:42:1d:b0:b9:c7:a0:
8d:57:e0:fa:d5:64:04:42:35:4e:01:d1:33:a2:17:c8:4d:aa:
27:c7:f2:e1:86:4c:02:38:4d:83:78:c6:fc:53:e0:eb:e0:06:
87:dd:a4:96:9e:5e:0c:98:e2:a5:be:bf:82:85:c3:60:e1:df:
ad:28:d8:c7:a5:4b:64:da:c7:1b:5b:bd:ac:39:08:d5:38:22:
a1:33:8b:2f:8a:9a:eb:bc:07:21:3f:44:41:09:07:b5:65:1c:
24:bc:48:d3:44:80:eb:a1:cf:c9:02:b4:14:cf:54:c7:16:a3:
80:5c:f9:79:3e:5d:72:7d:88:17:9e:2c:43:a2:ca:53:ce:7d:
3d:f6:2a:3a:b8:4f:94:00:a5:6d:0a:83:5d:f9:5e:53:f4:18:
b3:57:0f:70:c3:fb:f5:ad:95:a0:0e:17:de:c4:16:80:60:c9:
0f:2b:6e:86:04:f1:eb:f4:78:27:d1:05:c5:ee:34:5b:5e:b9:
49:32:f2:33
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=ZA, ST=Western Cape, L=Durbanville, O=Thawte, OU=Thawte Certification, CN=Thawte Timestamping CA
Validity
Not Before: Dec 4 00:00:00 2003 GMT
Not After : Dec 3 23:59:59 2013 GMT
Subject: C=US, O=VeriSign, Inc., CN=VeriSign Time Stamping Services CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a9:ca:b2:a4:cc:cd:20:af:0a:7d:89:ac:87:75:
f0:b4:4e:f1:df:c1:0f:bf:67:61:bd:a3:64:1c:da:
bb:f9:ca:33:ab:84:30:89:58:7e:8c:db:6b:dd:36:
9e:0f:bf:d1:ec:78:f2:77:a6:7e:6f:3c:bf:93:af:
0d:ba:68:f4:6c:94:ca:bd:52:2d:ab:48:3d:f5:b6:
d5:5d:5f:1b:02:9f:fa:2f:6b:1e:a4:f7:a3:9a:a6:
1a:c8:02:e1:7f:4c:52:e3:0e:60:ec:40:1c:7e:b9:
0d:de:3f:c7:b4:df:87:bd:5f:7a:6a:31:2e:03:99:
81:13:a8:47:20:ce:31:73:0d:57:2d:cd:78:34:33:
95:12:99:12:b9:de:68:2f:aa:e6:e3:c2:8a:8c:2a:
c3:8b:21:87:66:bd:83:58:57:6f:75:bf:3c:aa:26:
87:5d:ca:10:15:3c:9f:84:ea:54:c1:0a:6e:c4:fe:
c5:4a:dd:b9:07:11:97:22:7c:db:3e:27:d1:1e:78:
ec:9f:31:c9:f1:e6:22:19:db:c4:b3:47:43:9a:1a:
5f:a0:1e:90:e4:5e:f5:ee:7c:f1:7d:ab:62:01:8f:
f5:4d:0b:de:d0:22:56:a8:95:cd:ae:88:76:ae:ee:
ba:0d:f3:e4:4d:d9:a0:fb:68:a0:ae:14:3b:b3:87:
c1:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
Authority Information Access:
OCSP - URI:http://ocsp.verisign.com
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.verisign.com/ThawteTimestampingCA.crl
X509v3 Extended Key Usage:
Time Stamping
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 Subject Alternative Name:
DirName:/CN=TSA2048-1-53
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
4a:6b:f9:ea:58:c2:44:1c:31:89:79:99:2b:96:bf:82:ac:01:
d6:1c:4c:cd:b0:8a:58:6e:df:08:29:a3:5e:c8:ca:93:13:e7:
04:52:0d:ef:47:27:2f:00:38:b0:e4:c9:93:4e:9a:d4:22:62:
15:f7:3f:37:21:4f:70:31:80:f1:8b:38:87:b3:e8:e8:97:00:
fe:cf:55:96:4e:24:d2:a9:27:4e:7a:ae:b7:61:41:f3:2a:ce:
e7:c9:d9:5e:dd:bb:2b:85:3e:b5:9d:b5:d9:e1:57:ff:be:b4:
c5:7e:f5:cf:0c:9e:f0:97:fe:2b:d3:3b:52:1b:1b:38:27:f7:
3f:4a
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., OU=Class 3 Public Primary Certification Authority
Validity
Not Before: Jul 16 00:00:00 2004 GMT
Not After : Jul 15 23:59:59 2014 GMT
Subject: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https:\/\/www.verisign.com\/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:be:bc:ee:bc:7e:ef:83:eb:e0:37:4f:fb:03:10:
38:be:08:d2:8c:7d:9d:fa:92:7f:19:0c:c2:6b:ee:
42:52:8c:de:d3:1c:48:13:25:ea:c1:63:7a:f9:51:
65:ee:d3:aa:3b:f5:f0:94:9c:2b:fb:f2:66:d4:24:
da:f7:f5:9f:6e:19:39:36:bc:d0:a3:76:08:1e:22:
27:24:6c:38:91:27:e2:84:49:ae:1b:8a:a1:fd:25:
82:2c:10:30:e8:71:ab:28:e8:77:4a:51:f1:ec:cd:
f8:f0:54:d4:6f:c0:e3:6d:0a:8f:d9:d8:64:8d:63:
b2:2d:4e:27:f6:85:0e:fe:6d:e3:29:99:e2:85:47:
7c:2d:86:7f:e8:57:8f:ad:67:c2:33:32:91:13:20:
fc:a9:23:14:9a:6d:c2:84:4b:76:68:04:d5:71:2c:
5d:21:fa:88:0d:26:fd:1f:2d:91:2b:e7:01:55:4d:
f2:6d:35:28:82:df:d9:6b:5c:b6:d6:d9:aa:81:fd:
5f:cd:83:ba:63:9d:d0:22:fc:a9:3b:42:69:b2:8e:
3a:b5:bc:b4:9e:0f:5e:c4:ea:2c:82:8b:28:fd:53:
08:96:dd:b5:01:20:d1:f9:a5:18:e7:c0:ee:51:70:
37:e1:b6:05:48:52:48:6f:38:ea:c3:e8:6c:7b:44:
84:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Certificate Policies:
Policy: 2.16.840.1.113733.1.7.23.3
CPS: https://www.verisign.com/rpa
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.verisign.com/pca3.crl
X509v3 Extended Key Usage:
TLS Web Client Authentication, Code Signing
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Netscape Cert Type:
Object Signing CA
X509v3 Subject Alternative Name:
DirName:/CN=Class3CA2048-1-43
X509v3 Subject Key Identifier:
08:F5:51:E8:FB:FE:3D:3D:64:36:7C:68:CF:5B:78:A8:DF:B9:C5:37
X509v3 Authority Key Identifier:
DirName:/C=US/O=VeriSign, Inc./OU=Class 3 Public Primary Certification Authority
serial:70:BA:E4:1D:10:D9:29:34:B6:38:CA:7B:03:CC:BA:BF
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
ae:3a:17:b8:4a:7b:55:fa:64:55:ec:40:a4:ed:49:41:90:99:
9c:89:bc:af:2e:1d:ca:78:23:f9:1c:19:0f:7f:eb:68:bc:32:
d9:88:38:de:dc:3f:d3:89:b4:3f:b1:82:96:f1:a4:5a:ba:ed:
2e:26:d3:de:7c:01:6e:00:0a:00:a4:06:92:11:48:09:40:f9:
1c:18:79:67:23:24:e0:bb:d5:e1:50:ae:1b:f5:0e:dd:e0:2e:
81:cd:80:a3:6c:52:4f:91:75:55:8a:ba:22:f2:d2:ea:41:75:
88:2f:63:55:7d:1e:54:5a:95:59:ca:d9:34:81:c0:5f:5e:f6:
7a:b5
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:f3:74:3d:f8:e4:23:f8:f3:6a:6e:5c:1f:8a:21:53
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https:\/\/www.verisign.com\/rpa (c)04, CN=VeriSign Class 3 Code Signing 2004 CA
Validity
Not Before: Dec 13 00:00:00 2007 GMT
Not After : Jan 1 23:59:59 2009 GMT
Subject: C=US, ST=Virginia, L=Alexandria, O=Alawar Entertainment Inc, OU=Digital ID Class 3 - Microsoft Software Validation v2, OU=-, CN=Alawar Entertainment Inc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (1024 bit)
Modulus:
00:9e:0c:b1:a7:74:27:ed:ca:2d:6a:93:0c:d7:6d:
68:40:03:48:72:d9:7f:88:bd:9f:26:3a:4b:56:3e:
fd:2c:c6:ab:df:5b:31:9c:92:27:ba:d9:57:b9:db:
60:4b:95:16:31:77:f2:f2:f5:8d:36:59:04:c2:7e:
df:b8:eb:a4:1e:ae:cb:12:76:ab:ee:5a:a3:3d:b4:
f9:27:55:3c:d9:8d:87:2f:3a:4a:50:5b:26:ae:a8:
db:ba:f1:c9:97:cb:64:9e:b1:2b:b2:79:49:b0:20:
b0:bd:64:36:96:97:d3:62:8f:c2:34:5a:95:a9:5f:
2e:06:95:2b:5b:e7:1e:27:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:http://CSC3-2004-crl.verisign.com/CSC3-2004.crl
X509v3 Certificate Policies:
Policy: 2.16.840.1.113733.1.7.23.3
CPS: https://www.verisign.com/rpa
X509v3 Extended Key Usage:
Code Signing
Authority Information Access:
OCSP - URI:http://ocsp.verisign.com
CA Issuers - URI:http://CSC3-2004-aia.verisign.com/CSC3-2004-aia.cer
X509v3 Authority Key Identifier:
08:F5:51:E8:FB:FE:3D:3D:64:36:7C:68:CF:5B:78:A8:DF:B9:C5:37
Netscape Cert Type:
Object Signing
1.3.6.1.4.1.311.2.1.27:
0.......
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
27:a1:36:40:1c:69:61:65:8c:ed:29:5f:89:be:48:0c:51:1f:
55:7f:5c:97:0d:5a:c4:ce:81:ce:96:60:96:61:a1:d1:ac:35:
10:6f:02:4e:bf:a5:79:8d:d7:79:69:2f:19:3c:91:6b:b7:c3:
31:7a:3f:0f:be:fa:71:da:b6:3f:ca:0d:d6:6c:60:d2:c6:7a:
f7:85:7c:3d:55:2d:74:cf:40:8e:32:ee:54:c6:03:7b:d7:fc:
39:95:08:31:b8:41:fa:b8:3e:b3:4e:84:29:7a:d0:77:f1:ae:
6c:42:5c:e1:bf:48:d3:6b:71:18:b5:e7:a4:4f:46:f8:bb:c7:
e8:8a:ff:56:a1:f1:25:3b:db:74:9f:47:53:c2:1a:9c:36:34:
d7:23:a7:f3:91:82:81:b3:6f:19:60:85:3b:bb:89:65:da:85:
b8:2f:20:3d:78:33:e9:89:70:54:ba:da:ee:1b:3e:f3:52:f8:
3f:45:ab:f0:e6:69:1c:3d:b6:f4:96:fd:53:52:7d:85:54:c2:
d3:33:32:fe:e0:a5:0e:d8:e1:96:9d:c8:10:02:e1:30:49:d5:
85:8e:a9:12:c0:7e:3c:14:99:04:15:1c:0b:d5:f2:8c:48:b8:
84:1b:b8:d5:18:ec:a1:97:92:6c:90:f6:33:eb:35:c5:c5:33:
3b:bf:91:ac
pkcs7-signedData
- 1
- SHA1: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
- :
00 3c 00 3c 00 3c 00 4f 00 62 00 73 00 6f 00 6c |.<.<.<.O.b.s.o.l| 00 65 00 74 00 65 00 3e 00 3e 00 3e |.e.t.e.>.>.> |
- :
- SHA1
d3 b8 82 eb 3b 67 d6 7f 72 43 c1 3c f4 b7 08 c1 |....;g..rC.<....| 49 d2 56 98 |I.V. |
- 1.3.6.1.4.1.311.2.1.15
- #0
- Certificates
- Certificate #0
- 2
- 38:25:D7:FA:F8:61:AF:9E:F4:90:E7:26:B5:D6:5A:D5
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- 2007-06-15 00:00:00 UTC: 2012-06-14 23:59:59 UTC
- Subject
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services Signer - G2
- #5
- rsaEncryption: nil
- C4:B5:F2:52:15:BC:88:86:60:29:16:4A:5B:2F:4B:91:
6B:87:91:F3:35:54:58:35:EA:D1:36:5E:62:4D:52:51:
34:71:C2:7B:66:1D:89:C8:DD:2A:C4:6A:0A:F6:37:D9:
98:74:91:F6:92:AE:B0:B5:76:96:F1:A9:4A:63:45:47:
2E:6B:0B:92:4E:4B:2B:8C:EE:58:4A:8B:D4:07:E4:1A:
2C:F8:82:AA:58:D9:CD:42:F3:2D:C0:75:DE:8D:AB:C7:
8E:1D:9A:6C:4C:08:95:1E:DE:DB:EF:67:E1:72:C2:49:
C2:9E:60:3C:E1:E2:BE:16:A3:63:78:69:14:7B:AD:2D: 0x010001
- X509v3 extensions
- authorityInfoAccess
- OCSP: http://ocsp.verisign.com
- basicConstraints
- true
- nil
- crlDistributionPoints: http://crl.verisign.com/tss-ca.crl
- extendedKeyUsage: true, timeStamping
- keyUsage: true, 0xc0
- subjectAltName
- CN: TSA1-2
- authorityInfoAccess
- RSA-SHA1:
50 c5 4b c8 24 80 df e4 0d 24 c2 de 1a b1 a1 02 |P.K.$....$......| a1 a6 82 2d 0c 83 15 81 37 0a 82 0e 2c b0 5a 17 |...-....7...,.Z.| 61 b5 d8 05 fe 88 db f1 91 91 b3 56 1a 40 a6 eb |a..........V.@..| 92 be 38 39 b0 75 36 74 3a 98 4f e4 37 ba 99 89 |..89.u6t:.O.7...| ca 95 42 1d b0 b9 c7 a0 8d 57 e0 fa d5 64 04 42 |..B......W...d.B| 35 4e 01 d1 33 a2 17 c8 4d aa 27 c7 f2 e1 86 4c |5N..3...M.'....L| 02 38 4d 83 78 c6 fc 53 e0 eb e0 06 87 dd a4 96 |.8M.x..S........| 9e 5e 0c 98 e2 a5 be bf 82 85 c3 60 e1 df ad 28 |.^.........`...(| d8 c7 a5 4b 64 da c7 1b 5b bd ac 39 08 d5 38 22 |...Kd...[..9..8"| a1 33 8b 2f 8a 9a eb bc 07 21 3f 44 41 09 07 b5 |.3./.....!?DA...| 65 1c 24 bc 48 d3 44 80 eb a1 cf c9 02 b4 14 cf |e.$.H.D.........| 54 c7 16 a3 80 5c f9 79 3e 5d 72 7d 88 17 9e 2c |T....\.y>]r}...,| 43 a2 ca 53 ce 7d 3d f6 2a 3a b8 4f 94 00 a5 6d |C..S.}=.*:.O...m| 0a 83 5d f9 5e 53 f4 18 b3 57 0f 70 c3 fb f5 ad |..].^S...W.p....| 95 a0 0e 17 de c4 16 80 60 c9 0f 2b 6e 86 04 f1 |........`..+n...| eb f4 78 27 d1 05 c5 ee 34 5b 5e b9 49 32 f2 33 |..x'....4[^.I2.3|
- 2
- Certificate #1
- 2
- 47:BF:19:95:DF:8D:52:46:43:F7:DB:6D:48:0D:31:A4
- RSA-SHA1: nil
- Issuer
- C: ZA
- ST: Western Cape
- L: Durbanville
- O: Thawte
- OU: Thawte Certification
- CN: Thawte Timestamping CA
- 2003-12-04 00:00:00 UTC: 2013-12-03 23:59:59 UTC
- Subject
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- #5
- rsaEncryption: nil
- A9:CA:B2:A4:CC:CD:20:AF:0A:7D:89:AC:87:75:F0:B4:
4E:F1:DF:C1:0F:BF:67:61:BD:A3:64:1C:DA:BB:F9:CA:
33:AB:84:30:89:58:7E:8C:DB:6B:DD:36:9E:0F:BF:D1:
EC:78:F2:77:A6:7E:6F:3C:BF:93:AF:0D:BA:68:F4:6C:
94:CA:BD:52:2D:AB:48:3D:F5:B6:D5:5D:5F:1B:02:9F:
FA:2F:6B:1E:A4:F7:A3:9A:A6:1A:C8:02:E1:7F:4C:52:
E3:0E:60:EC:40:1C:7E:B9:0D:DE:3F:C7:B4:DF:87:BD:
5F:7A:6A:31:2E:03:99:81:13:A8:47:20:CE:31:73:0D:
57:2D:CD:78:34:33:95:12:99:12:B9:DE:68:2F:AA:E6:
E3:C2:8A:8C:2A:C3:8B:21:87:66:BD:83:58:57:6F:75:
BF:3C:AA:26:87:5D:CA:10:15:3C:9F:84:EA:54:C1:0A:
6E:C4:FE:C5:4A:DD:B9:07:11:97:22:7C:DB:3E:27:D1:
1E:78:EC:9F:31:C9:F1:E6:22:19:DB:C4:B3:47:43:9A:
1A:5F:A0:1E:90:E4:5E:F5:EE:7C:F1:7D:AB:62:01:8F:
F5:4D:0B:DE:D0:22:56:A8:95:CD:AE:88:76:AE:EE:BA:
0D:F3:E4:4D:D9:A0:FB:68:A0:AE:14:3B:B3:87:C1:BB: 0x010001
- X509v3 extensions
- authorityInfoAccess
- OCSP: http://ocsp.verisign.com
- basicConstraints
- true
- true: 0
- crlDistributionPoints: http://crl.verisign.com/ThawteTimestampingCA.crl
- extendedKeyUsage: timeStamping
- keyUsage: true, 6
- subjectAltName
- CN: TSA2048-1-53
- authorityInfoAccess
- RSA-SHA1:
4a 6b f9 ea 58 c2 44 1c 31 89 79 99 2b 96 bf 82 |Jk..X.D.1.y.+...| ac 01 d6 1c 4c cd b0 8a 58 6e df 08 29 a3 5e c8 |....L...Xn..).^.| ca 93 13 e7 04 52 0d ef 47 27 2f 00 38 b0 e4 c9 |.....R..G'/.8...| 93 4e 9a d4 22 62 15 f7 3f 37 21 4f 70 31 80 f1 |.N.."b..?7!Op1..| 8b 38 87 b3 e8 e8 97 00 fe cf 55 96 4e 24 d2 a9 |.8........U.N$..| 27 4e 7a ae b7 61 41 f3 2a ce e7 c9 d9 5e dd bb |'Nz..aA.*....^..| 2b 85 3e b5 9d b5 d9 e1 57 ff be b4 c5 7e f5 cf |+.>.....W....~..| 0c 9e f0 97 fe 2b d3 3b 52 1b 1b 38 27 f7 3f 4a |.....+.;R..8'.?J|
- 2
- Certificate #2
- 2
- 41:91:A1:5A:39:78:DF:CF:49:65:66:38:1D:4C:75:C2
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- OU: Class 3 Public Primary Certification Authority
- 2004-07-16 00:00:00 UTC: 2014-07-15 23:59:59 UTC
- Subject
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)04
- CN: VeriSign Class 3 Code Signing 2004 CA
- #5
- rsaEncryption: nil
- BE:BC:EE:BC:7E:EF:83:EB:E0:37:4F:FB:03:10:38:BE:
08:D2:8C:7D:9D:FA:92:7F:19:0C:C2:6B:EE:42:52:8C:
DE:D3:1C:48:13:25:EA:C1:63:7A:F9:51:65:EE:D3:AA:
3B:F5:F0:94:9C:2B:FB:F2:66:D4:24:DA:F7:F5:9F:6E:
19:39:36:BC:D0:A3:76:08:1E:22:27:24:6C:38:91:27:
E2:84:49:AE:1B:8A:A1:FD:25:82:2C:10:30:E8:71:AB:
28:E8:77:4A:51:F1:EC:CD:F8:F0:54:D4:6F:C0:E3:6D:
0A:8F:D9:D8:64:8D:63:B2:2D:4E:27:F6:85:0E:FE:6D:
E3:29:99:E2:85:47:7C:2D:86:7F:E8:57:8F:AD:67:C2:
33:32:91:13:20:FC:A9:23:14:9A:6D:C2:84:4B:76:68:
04:D5:71:2C:5D:21:FA:88:0D:26:FD:1F:2D:91:2B:E7:
01:55:4D:F2:6D:35:28:82:DF:D9:6B:5C:B6:D6:D9:AA:
81:FD:5F:CD:83:BA:63:9D:D0:22:FC:A9:3B:42:69:B2:
8E:3A:B5:BC:B4:9E:0F:5E:C4:EA:2C:82:8B:28:FD:53:
08:96:DD:B5:01:20:D1:F9:A5:18:E7:C0:EE:51:70:37:
E1:B6:05:48:52:48:6F:38:EA:C3:E8:6C:7B:44:84:BB: 0x010001
- X509v3 extensions
- basicConstraints
- true
- true: 0
- certificatePolicies
- 2.16.840.1.113733.1.7.23.3
- id-qt-cps: https://www.verisign.com/rpa
- 2.16.840.1.113733.1.7.23.3
- crlDistributionPoints: http://crl.verisign.com/pca3.crl
- extendedKeyUsage
- clientAuth: codeSigning
- keyUsage: true, 6
- nsCertType: 1
- subjectAltName
- CN: Class3CA2048-1-43
- subjectKeyIdentifier:
08 f5 51 e8 fb fe 3d 3d 64 36 7c 68 cf 5b 78 a8 |..Q...==d6|h.[x.| df b9 c5 37 |...7 |
- authorityKeyIdentifier
- unnamed
- #0
- C: US
- O: VeriSign, Inc.
- OU: Class 3 Public Primary Certification Authority
70 ba e4 1d 10 d9 29 34 b6 38 ca 7b 03 cc ba bf |p.....)4.8.{....|
- #0
- unnamed
- basicConstraints
- RSA-SHA1:
ae 3a 17 b8 4a 7b 55 fa 64 55 ec 40 a4 ed 49 41 |.:..J{U.dU.@..IA| 90 99 9c 89 bc af 2e 1d ca 78 23 f9 1c 19 0f 7f |.........x#.....| eb 68 bc 32 d9 88 38 de dc 3f d3 89 b4 3f b1 82 |.h.2..8..?...?..| 96 f1 a4 5a ba ed 2e 26 d3 de 7c 01 6e 00 0a 00 |...Z...&..|.n...| a4 06 92 11 48 09 40 f9 1c 18 79 67 23 24 e0 bb |....H.@...yg#$..| d5 e1 50 ae 1b f5 0e dd e0 2e 81 cd 80 a3 6c 52 |..P...........lR| 4f 91 75 55 8a ba 22 f2 d2 ea 41 75 88 2f 63 55 |O.uU.."...Au./cU| 7d 1e 54 5a 95 59 ca d9 34 81 c0 5f 5e f6 7a b5 |}.TZ.Y..4.._^.z.|
- 2
- Certificate #3
- 2
- 72:F3:74:3D:F8:E4:23:F8:F3:6A:6E:5C:1F:8A:21:53
- RSA-SHA1: nil
- Issuer
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)04
- CN: VeriSign Class 3 Code Signing 2004 CA
- 2007-12-13 00:00:00 UTC: 2009-01-01 23:59:59 UTC
- Subject
- C: US
- ST: Virginia
- L: Alexandria
- O: Alawar Entertainment Inc
- OU: Digital ID Class 3 - Microsoft Software Validation v2
- OU: -
- CN: Alawar Entertainment Inc
- #5
- rsaEncryption: nil
- 9E:0C:B1:A7:74:27:ED:CA:2D:6A:93:0C:D7:6D:68:40:
03:48:72:D9:7F:88:BD:9F:26:3A:4B:56:3E:FD:2C:C6:
AB:DF:5B:31:9C:92:27:BA:D9:57:B9:DB:60:4B:95:16:
31:77:F2:F2:F5:8D:36:59:04:C2:7E:DF:B8:EB:A4:1E:
AE:CB:12:76:AB:EE:5A:A3:3D:B4:F9:27:55:3C:D9:8D:
87:2F:3A:4A:50:5B:26:AE:A8:DB:BA:F1:C9:97:CB:64:
9E:B1:2B:B2:79:49:B0:20:B0:BD:64:36:96:97:D3:62:
8F:C2:34:5A:95:A9:5F:2E:06:95:2B:5B:E7:1E:27:27: 0x010001
- X509v3 extensions
- basicConstraints
- nil
- keyUsage: true, 0x80
- crlDistributionPoints: http://CSC3-2004-crl.verisign.com/CSC3-2004.crl
- certificatePolicies
- 2.16.840.1.113733.1.7.23.3
- id-qt-cps: https://www.verisign.com/rpa
- 2.16.840.1.113733.1.7.23.3
- extendedKeyUsage: codeSigning
- authorityInfoAccess
- #0
- OCSP: http://ocsp.verisign.com
- caIssuers: http://CSC3-2004-aia.verisign.com/CSC3-2004-aia.cer
- #0
- authorityKeyIdentifier:
08 f5 51 e8 fb fe 3d 3d 64 36 7c 68 cf 5b 78 a8 |..Q...==d6|h.[x.| df b9 c5 37 |...7 |
- nsCertType: 0x10
- 1.3.6.1.4.1.311.2.1.27
- false: true
- basicConstraints
- RSA-SHA1:
27 a1 36 40 1c 69 61 65 8c ed 29 5f 89 be 48 0c |'.6@.iae..)_..H.| 51 1f 55 7f 5c 97 0d 5a c4 ce 81 ce 96 60 96 61 |Q.U.\..Z.....`.a| a1 d1 ac 35 10 6f 02 4e bf a5 79 8d d7 79 69 2f |...5.o.N..y..yi/| 19 3c 91 6b b7 c3 31 7a 3f 0f be fa 71 da b6 3f |.<.k..1z?...q..?| ca 0d d6 6c 60 d2 c6 7a f7 85 7c 3d 55 2d 74 cf |...l`..z..|=U-t.| 40 8e 32 ee 54 c6 03 7b d7 fc 39 95 08 31 b8 41 |@.2.T..{..9..1.A| fa b8 3e b3 4e 84 29 7a d0 77 f1 ae 6c 42 5c e1 |..>.N.)z.w..lB\.| bf 48 d3 6b 71 18 b5 e7 a4 4f 46 f8 bb c7 e8 8a |.H.kq....OF.....| ff 56 a1 f1 25 3b db 74 9f 47 53 c2 1a 9c 36 34 |.V..%;.t.GS...64| d7 23 a7 f3 91 82 81 b3 6f 19 60 85 3b bb 89 65 |.#......o.`.;..e| da 85 b8 2f 20 3d 78 33 e9 89 70 54 ba da ee 1b |.../ =x3..pT....| 3e f3 52 f8 3f 45 ab f0 e6 69 1c 3d b6 f4 96 fd |>.R.?E...i.=....| 53 52 7d 85 54 c2 d3 33 32 fe e0 a5 0e d8 e1 96 |SR}.T..32.......| 9d c8 10 02 e1 30 49 d5 85 8e a9 12 c0 7e 3c 14 |.....0I......~<.| 99 04 15 1c 0b d5 f2 8c 48 b8 84 1b b8 d5 18 ec |........H.......| a1 97 92 6c 90 f6 33 eb 35 c5 c5 33 3b bf 91 ac |...l..3.5..3;...|
- 2
- Certificate #0
- Signer
- 1
- unnamed
- #0
- C: US
- O: VeriSign, Inc.
- OU: VeriSign Trust Network
- OU: Terms of use at https://www.verisign.com/rpa (c)04
- CN: VeriSign Class 3 Code Signing 2004 CA
- 72:F3:74:3D:F8:E4:23:F8:F3:6A:6E:5C:1F:8A:21:53
- #0
- SHA1: nil
- #3
- contentType: 1.3.6.1.4.1.311.2.1.4
- 1.3.6.1.4.1.311.2.1.11: msCodeInd
- 1.3.6.1.4.1.311.2.1.12:
00 37 00 20 04 47 04 43 04 34 04 35 04 41 |.7. .G.C.4.5.A |
- messageDigest:
41 fa c4 dd 7c 52 19 04 b4 84 7c 88 6f dd fc ac |A...|R....|.o...| 13 d1 53 98 |..S. |
- rsaEncryption:
24 f9 11 a0 f7 95 35 c1 30 db f8 cd f0 26 67 3b |$.....5.0....&g;| 71 1a a4 a6 97 bd 59 63 ad 1a 37 28 18 2b 00 10 |q.....Yc..7(.+..| d0 cd 35 b9 64 12 b0 0f 61 7f 7b 6b 4c d9 cd f6 |..5.d...a.{kL...| c8 4b 77 7e d8 ff 02 bc fa 8f 53 26 63 a9 c3 ae |.Kw~......S&c...| 2b 67 ba d6 c7 c2 98 6d c6 21 c3 22 21 52 58 60 |+g.....m.!."!RX`| 91 54 19 49 6a b7 65 f1 16 47 67 77 ff 41 e7 b1 |.T.Ij.e..Ggw.A..| 98 8a 61 d4 55 29 a0 5b a0 9c 87 d4 e9 ad ab 99 |..a.U).[........| 63 01 dc 90 7b fc 2a 9e a7 94 7a 8b b7 09 ff 79 |c...{.*...z....y| - countersignature
- 1
- unnamed
- #0
- C: US
- O: VeriSign, Inc.
- CN: VeriSign Time Stamping Services CA
- 38:25:D7:FA:F8:61:AF:9E:F4:90:E7:26:B5:D6:5A:D5
- #0
- MD5: nil
- #2
- contentType: pkcs7-data
- signingTime: 2008-08-05 06:30:43 UTC
- messageDigest:
2b 1e 6f 0f a4 47 0f e4 25 57 34 ab 95 2d 3a 20 |+.o..G..%W4..-: |
- rsaEncryption:
8b ad 69 c4 b6 64 f3 4c 02 86 65 53 b6 df 3a ef |..i..d.L..eS..:.| 67 4c 83 d0 9a ad 93 f6 f8 33 62 2c 43 d4 e6 d5 |gL.......3b,C...| ba a5 b8 5c 23 e8 02 32 e4 d3 9f a8 6e cf d2 49 |...\#..2....n..I| 27 da f7 e7 84 9c 6d fd b9 68 01 c0 69 8b 8e 91 |'.....m..h..i...| e0 05 cc 03 f1 5d 2c 80 b5 f5 c1 e4 8d a4 7c 9c |.....],.......|.| 06 3b 2a 66 a7 78 43 a8 91 ba d9 d3 05 8a 31 19 |.;*f.xC.......1.| 83 cc f6 05 b4 78 54 34 42 12 63 87 06 b2 21 d2 |.....xT4B.c...!.| 69 97 d0 e9 a1 72 51 14 aa cf aa b8 6b 01 51 88 |i....rQ.....k.Q.|
- unnamed
- 1
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
[?] ignoring invalid PEdump::BITMAPINFOHEADER
[?] can't find file_offset of VA 0x5acec
[?] can't find file_offset of VA 0x5da38
[?] can't find file_offset of VA 0x5dcec
[?] can't find file_offset of VA 0x5dfac
[?] can't find file_offset of VA 0x5e270
[?] can't find file_offset of VA 0x5e750
[?] can't find file_offset of VA 0x5eac0
[?] can't find file_offset of VA 0x5ec1c
[?] can't find file_offset of VA 0x5eca8
[?] can't find file_offset of VA 0x5ee04
[?] can't find file_offset of VA 0x61318
[?] can't find file_offset of VA 0x615cc
[?] can't find file_offset of VA 0x62a04
[?] can't find file_offset of VA 0x62e4c
[?] can't find file_offset of VA 0x6318c
[?] can't find file_offset of VA 0x63504
[?] can't find file_offset of VA 0x6386c
[?] can't find file_offset of VA 0x63f6c
[?] can't find file_offset of VA 0x64540
[?] can't find file_offset of VA 0x65c9c
[?] can't find file_offset of VA 0x65ca0
[?] can't find file_offset of VA 0x65ca4
[?] can't find file_offset of VA 0x65ca8
[?] can't find file_offset of VA 0x65cac
[?] can't find file_offset of VA 0x65cb0
[?] can't find file_offset of VA 0x65cb4
[?] can't find file_offset of VA 0x65cb8
[?] can't find file_offset of VA 0x65cbc
[?] can't find file_offset of VA 0x65cc0
[?] can't find file_offset of VA 0x65cc4
[?] can't find file_offset of VA 0x65cc8
[?] can't find file_offset of VA 0x65ccc
[?] can't find file_offset of VA 0x65cd0
[?] can't find file_offset of VA 0x65cd4
[?] can't find file_offset of VA 0x65cd8
[?] can't find file_offset of VA 0x65cdc
[?] can't find file_offset of VA 0x65ce0
[?] can't find file_offset of VA 0x65ce4
[?] can't find file_offset of VA 0x65ce8
[?] can't find file_offset of VA 0x65cec
[?] can't find file_offset of VA 0x65cf0
[?] can't find file_offset of VA 0x65cf4
[?] can't find file_offset of VA 0x65cf8
[?] can't find file_offset of VA 0x65cfc
[?] can't find file_offset of VA 0x65d00
[?] can't find file_offset of VA 0x65d04
[?] can't find file_offset of VA 0x65d08
[?] can't find file_offset of VA 0x65d0c
[?] can't find file_offset of VA 0x65d10
[?] can't find file_offset of VA 0x65d14
[?] can't find file_offset of VA 0x65d18
[?] can't find file_offset of VA 0x65d1c
[?] can't find file_offset of VA 0x65d20
[?] can't find file_offset of VA 0x65d24
[?] can't find file_offset of VA 0x65d28
[?] can't find file_offset of VA 0x65d2c
[?] can't find file_offset of VA 0x65d30
[?] can't find file_offset of VA 0x65d34
[?] can't find file_offset of VA 0x65d38
[?] can't find file_offset of VA 0x65d3c
[?] can't find file_offset of VA 0x65d40
[?] can't find file_offset of VA 0x65d44
[?] can't find file_offset of VA 0x65d48
[?] can't find file_offset of VA 0x65d4c
[?] can't find file_offset of VA 0x65d50
[?] can't find file_offset of VA 0x65d54
[?] can't find file_offset of VA 0x65d58
[?] can't find file_offset of VA 0x65d5c
[?] can't find file_offset of VA 0x65d60
[?] can't find file_offset of VA 0x65d64
[?] can't find file_offset of VA 0x65d68
[?] can't find file_offset of VA 0x65d6c
[?] can't find file_offset of VA 0x65d70
[?] can't find file_offset of VA 0x65d74
[?] can't find file_offset of VA 0x65d78
[?] can't find file_offset of VA 0x65d7c
[?] can't find file_offset of VA 0x65d80
[?] can't find file_offset of VA 0x65d84
[?] can't find file_offset of VA 0x65d88
[?] can't find file_offset of VA 0x65d8c
[?] can't find file_offset of VA 0x65d90
[?] can't find file_offset of VA 0x65d94
[?] can't find file_offset of VA 0x65d98
[?] can't find file_offset of VA 0x65d9c
[?] can't find file_offset of VA 0x65da0
[?] can't find file_offset of VA 0x65da4
[?] can't find file_offset of VA 0x65da8
[?] can't find file_offset of VA 0x65dac
[?] can't find file_offset of VA 0x65db0
[?] can't find file_offset of VA 0x65db4
[?] can't find file_offset of VA 0x65db8
[?] can't find file_offset of VA 0x65dbc
[?] can't find file_offset of VA 0x65dc0
[?] can't find file_offset of VA 0x65dc4
[?] can't find file_offset of VA 0x65dc8
[?] can't find file_offset of VA 0x65dcc
[?] can't find file_offset of VA 0x65dd0
[?] can't find file_offset of VA 0x65dd4
[?] can't find file_offset of VA 0x65dd8
[?] can't find file_offset of VA 0x65ddc
[?] can't find file_offset of VA 0x65de0
[?] too many errors getting resource data, stopped on 0 of 1
[?] can't find file_offset of VA 0x0