| filename | KerishDoctor.exe | |
|---|---|---|
| size | 2311808 (0x234680) | |
| md5 | ef260276b32a1be36b61d8103735a560 | |
| type | PE32 executable (GUI) Intel 80386, for MS Windows | |
| mimetype | application/x-dosexec | |
| clamav | OK | |
| virustotal | → scan with virustotal.com | |
| histogram | ||
MZ Header
| signature | MZ |
| bytes_in_last_block | 0x90 |
| blocks_in_file | 3 |
| num_relocs | 0 |
| header_paragraphs | 4 |
| min_extra_paragraphs | 0 |
| max_extra_paragraphs | 0xffff |
| ss | 0 |
| sp | 0xb8 |
| checksum | 0 |
| ip | 0 |
| cs | 0 |
| reloc_table_offset | 0x40 |
| overlay_number | 0 |
| reserved0 | 0 |
| oem_id | 0 |
| oem_info | 0 |
| reserved2 | 0 |
| reserved3 | 0 |
| reserved4 | 0 |
| reserved5 | 0 |
| reserved6 | 0 |
| lfanew | 0xc8 |
DOS stub
00000000: 0e 1f ba 0e 00 b4 09 cd 21 b8 01 4c cd 21 54 68 |........!..L.!Th| 00000010: 69 73 20 70 72 6f 67 72 61 6d 20 63 61 6e 6e 6f |is program canno| 00000020: 74 20 62 65 20 72 75 6e 20 69 6e 20 44 4f 53 20 |t be run in DOS | 00000030: 6d 6f 64 65 2e 0d 0d 0a 24 00 00 00 00 00 00 00 |mode....$.......|
PE Header
Packer / Compiler
Enigma Protector 1.1X-1.3X (Sukhov Vladimir & Serge N. Markin) |
Sections
Data Directory
| module_name | hint | ord | function_name |
|---|---|---|---|
| kernel32.dll | GetModuleHandleA | ||
| kernel32.dll | GetProcAddress | ||
| kernel32.dll | ExitProcess | ||
| kernel32.dll | LoadLibraryA | ||
| user32.dll | MessageBoxA | ||
| advapi32.dll | RegCloseKey | ||
| oleaut32.dll | SysFreeString | ||
| gdi32.dll | CreateFontA | ||
| shell32.dll | ShellExecuteA | ||
| version.dll | GetFileVersionInfoA | ||
| msvbvm60.dll | EVENT_SINK_GetIDsOfNames |
StringTable 040904B0
| Comments | Kerish Doctor |
| CompanyName | Kerish Products |
| FileDescription | Kerish Doctor |
| LegalCopyright | Kerish Products 2005-2013. All Rights reserved. |
| LegalTrademarks | Kerish Products 2005-2013. All Rights reserved. |
| ProductName | Kerish Doctor |
| FileVersion | 4.45 |
| ProductVersion | 4.45 |
| InternalName | KerishDoctor |
| OriginalFilename | KerishDoctor.exe |
VS_FIXEDFILEINFO
| FileVersion | 4.45.0.0 |
| ProductVersion | 4.45.0.0 |
| StrucVersion | 0x10000 |
| FileFlagsMask | 0 |
| FileFlags | 0 |
| FileOS | 4 |
| FileType | 1 |
| FileSubtype | 0 |
Signers (1)
issuer: /C=US/O=Thawte, Inc./CN=Thawte Code Signing CA - G2
serial: 5FC6B3B8D216CFEF94FEFBDBC8BE144D
Certificates (4)
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c6:b3:b8:d2:16:cf:ef:94:fe:fb:db:c8:be:14:4d
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=Thawte, Inc., CN=Thawte Code Signing CA - G2
Validity
Not Before: Jul 31 00:00:00 2012 GMT
Not After : Jul 31 23:59:59 2013 GMT
Subject: C=RU, ST=Voroneghskaya oblast, L=Voronegh, O=OOO AMA, OU=it, CN=OOO AMA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:ce:93:8b:0d:de:9e:bc:af:2e:0f:9f:21:9b:72:
df:69:82:0d:1e:88:3c:75:db:03:39:5f:b8:fd:7e:
d6:40:8b:8b:b8:2a:36:86:0a:b5:b9:bd:9f:9a:0f:
28:74:34:ba:d3:e9:60:21:c4:82:54:da:d1:15:bc:
f1:bb:3c:25:fc:5b:6c:b4:51:da:a8:75:b9:03:fa:
2e:39:e7:bd:f9:98:d0:0c:5d:c4:23:af:67:e9:d1:
fe:84:51:95:70:51:e6:0c:a7:4e:10:67:3b:c0:d0:
7a:02:a5:5c:db:30:5b:5d:b6:51:da:44:3f:59:7c:
e4:f4:c9:b6:a1:4d:df:41:60:52:bd:e6:ad:a8:a7:
08:eb:47:1f:83:6f:aa:aa:fd:21:5f:4d:84:c8:3b:
3d:4f:97:f2:9b:ab:70:9e:cd:34:32:6a:18:8d:bd:
65:93:fd:08:bf:8d:98:59:d2:b4:33:5e:00:24:cd:
86:ad:62:9c:54:45:14:e3:2f:a3:dd:7d:aa:d0:88:
24:08:31:eb:c3:63:51:df:df:71:86:8b:4f:d7:54:
5b:59:8f:95:0c:98:ea:ad:07:eb:eb:a3:f9:ab:d9:
6f:08:7f:0f:7b:02:93:f3:9f:45:c7:b4:96:e6:9a:
48:dc:52:52:94:a4:84:14:85:06:5c:2f:f4:a2:5e:
8f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 CRL Distribution Points:
Full Name:
URI:http://cs-g2-crl.thawte.com/ThawteCSG2.crl
X509v3 Extended Key Usage:
Code Signing, Microsoft Commercial Code Signing
2.5.29.4:
0.0.0..
+.....7.......
Authority Information Access:
OCSP - URI:http://ocsp.thawte.com
Netscape Cert Type:
Object Signing
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
16:f2:b7:c4:c7:bd:3c:df:b3:aa:c1:dc:8e:be:1c:90:82:cf:
ea:77:c2:20:14:2a:08:e1:32:1c:a7:d5:ef:d1:3b:24:19:89:
38:b9:e2:5c:b7:fa:52:5a:c0:18:8e:25:28:38:cc:49:c9:70:
a2:50:1e:63:6a:28:80:ea:50:26:47:c4:18:c1:dd:26:e8:9b:
d0:0d:e4:38:28:60:ac:85:46:19:2f:9a:c0:49:86:42:b5:98:
07:f7:70:c2:20:19:15:fe:e3:35:61:da:23:a9:c9:20:4f:9a:
fc:2d:7b:48:d1:fb:5d:22:82:d8:4c:7d:f0:d1:5e:88:3f:8a:
af:cd:f9:aa:ce:c0:99:e0:39:a6:f6:6c:71:b1:55:88:79:f4:
ad:24:20:46:f1:30:47:d1:b5:63:67:52:fd:dc:86:4c:d1:a0:
7e:84:f1:bf:a0:7b:44:65:12:af:3f:59:e1:98:98:dd:a9:d9:
99:ed:cb:ca:d2:58:67:78:07:b7:8d:2e:87:aa:8b:46:89:c4:
f9:15:24:c9:6d:9c:cf:97:43:20:ba:5b:b5:f5:f9:5b:8f:73:
6b:37:dc:38:dc:98:90:db:31:06:ce:53:aa:9c:06:e9:85:a0:
b2:da:cd:08:37:48:c4:89:7c:fd:0f:d0:29:3f:76:19:c7:9a:
5b:f4:ba:f0
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 146020 (0x23a64)
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=GeoTrust Inc., CN=GeoTrust Global CA
Validity
Not Before: Oct 18 14:38:35 2012 GMT
Not After : May 20 14:38:35 2022 GMT
Subject: C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA - G2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b1:ac:b3:49:54:4b:97:1c:12:0a:d8:25:79:91:
22:57:2a:6f:dc:b8:26:c4:43:73:6b:c2:bf:2e:50:
5a:fb:14:c2:76:8e:43:01:25:43:b4:a1:e2:45:f4:
e8:b7:7b:c3:74:cc:22:d7:b4:94:00:02:f7:4d:ed:
bf:b4:b7:44:24:6b:cd:5f:45:3b:d1:44:ce:43:12:
73:17:82:8b:69:b4:2b:cb:99:1e:ac:72:1b:26:4d:
71:1f:b1:31:dd:fb:51:61:02:53:a6:aa:f5:49:2c:
05:78:45:a5:2f:89:ce:e7:99:e7:fe:8c:e2:57:3f:
3d:c6:92:dc:4a:f8:7b:33:e4:79:0a:fb:f0:75:88:
41:9c:ff:c5:03:51:99:aa:d7:6c:9f:93:69:87:65:
29:83:85:c2:60:14:c4:c8:c9:3b:14:da:c0:81:f0:
1f:0d:74:de:92:22:ab:ca:f7:fb:74:7c:27:e6:f7:
4a:1b:7f:a7:c3:9e:2d:ae:8a:ea:a6:e6:aa:27:16:
7d:61:f7:98:71:11:bc:e2:50:a1:4b:e5:5d:fa:e5:
0e:a7:2c:9f:aa:65:20:d3:d8:96:e8:c8:7c:a5:4e:
48:44:ff:19:e2:44:07:92:0b:d7:68:84:80:5d:6a:
78:64:45:cd:60:46:7e:54:c1:13:7c:c5:79:f1:c9:
c1:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Authority Key Identifier:
C0:7A:98:68:8D:89:FB:AB:05:64:0C:11:7D:AA:7D:65:B8:CA:CC:4E
X509v3 Subject Key Identifier:
5F:9A:F5:6E:5C:CC:CC:74:9A:D4:DD:7D:EF:3F:DB:EC:4C:80:2E:DD
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.geotrust.com/crls/gtglobal.crl
Authority Information Access:
OCSP - URI:http://ocsp.geotrust.com
X509v3 Certificate Policies:
Policy: 1.3.6.1.4.1.14370.1.7
CPS: http://www.geotrust.com/resources/cps
X509v3 Subject Alternative Name:
DirName:/CN=TimeStamp-2048-1
X509v3 Extended Key Usage:
Time Stamping
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
aa:3e:3f:03:41:2f:35:13:7f:8c:3f:12:5c:10:cf:ee:67:55:
79:56:60:0f:01:52:0f:23:87:7a:41:28:47:e5:d3:66:72:bb:
02:cf:c9:0c:24:29:41:c2:da:2e:99:e0:23:91:ef:b1:33:47:
3c:c2:08:3a:06:95:73:a2:1b:0e:bc:3f:b7:e2:59:f1:69:be:
f0:d3:e1:18:8f:73:2d:e8:a3:9c:21:40:40:f3:cd:3a:b7:01:
8d:dc:4d:94:b4:7a:10:05:50:7f:1b:61:c5:82:15:8a:e4:2c:
4d:ed:34:11:eb:5b:6a:89:59:c7:de:f7:2c:84:c0:b3:bd:3a:
98:e1:45:28:8a:21:95:80:3f:c9:07:97:f0:ff:42:c1:1e:42:
84:e7:b2:c7:e0:a2:6a:99:d4:f1:d4:c6:fe:57:c0:b9:3a:e7:
f6:27:70:0d:a9:e0:7b:4a:13:95:c2:c9:b9:ab:69:07:d9:4d:
cc:66:47:42:4a:74:a7:a7:6d:b3:a7:35:e8:7e:4b:aa:ce:bd:
bc:93:9f:7d:c6:40:a5:fc:aa:1f:a8:d5:d1:f0:7e:7f:d2:e3:
4c:56:fd:40:64:f0:47:4c:51:04:30:ea:ea:94:2f:24:ca:e9:
08:c5:78:5b:a1:62:c9:1d:48:87:97:19:fa:4d:a5:78:ed:ec:
04:79:0e:36
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:97:4d:78:73:a5:bc:ab:0d:2f:b3:70:19:2f:ce:5e
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=thawte, Inc., OU=Certification Services Division, OU=(c) 2006 thawte, Inc. - For authorized use only, CN=thawte Primary Root CA
Validity
Not Before: Feb 8 00:00:00 2010 GMT
Not After : Feb 7 23:59:59 2020 GMT
Subject: C=US, O=Thawte, Inc., CN=Thawte Code Signing CA - G2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:b7:8b:cf:75:5b:9f:25:da:7e:39:b0:93:db:38:
d3:a9:23:d0:82:fa:e9:24:7e:5c:0b:8e:83:f8:e6:
7a:59:e6:a3:c5:98:a7:99:d2:44:ff:00:a6:a5:39:
04:8a:da:29:88:ea:db:a2:f3:1c:99:15:26:c2:b1:
f4:fc:e1:0c:47:a9:09:11:06:0a:20:92:b9:c7:a0:
04:8c:5c:94:19:ab:5b:25:2c:1d:62:7e:70:0d:ce:
61:6c:dd:2b:82:c9:ce:5d:48:5f:f7:c2:be:bc:41:
23:1e:4f:29:5d:d7:4f:bc:f4:c5:2a:fc:63:e6:7c:
26:4e:99:a7:79:41:9e:10:4a:7a:79:c9:c6:86:f7:
86:95:d2:26:ce:3c:18:2a:d6:7c:ce:af:cd:ad:bb:
f7:82:2c:70:26:37:45:e5:0f:47:22:c6:01:28:bd:
2e:83:5c:6a:a4:47:c1:e7:d0:d8:6b:81:46:3f:21:
17:f5:07:c5:43:5a:a6:67:2c:b8:7b:60:11:b5:83:
ee:f5:74:0a:72:71:44:3d:58:fe:e8:1a:ab:38:c3:
59:db:7f:6e:38:7d:76:c7:72:69:98:36:96:57:d3:
66:1c:d2:54:91:04:2e:54:19:b0:dc:3d:b5:22:5e:
86:d5:2a:7e:20:df:5d:e6:7a:b1:65:fe:c5:02:4e:
31:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:TRUE, pathlen:0
X509v3 CRL Distribution Points:
Full Name:
URI:http://crl.thawte.com/ThawtePCA.crl
X509v3 Key Usage: critical
Certificate Sign, CRL Sign
Authority Information Access:
OCSP - URI:http://ocsp.thawte.com
X509v3 Extended Key Usage:
TLS Web Client Authentication, Code Signing
X509v3 Subject Alternative Name:
DirName:/CN=VeriSignMPKI-2-10
X509v3 Subject Key Identifier:
D4:0D:65:3F:7A:BD:34:C6:FE:47:E7:4C:0D:C0:BD:F2:DE:15:AB:71
X509v3 Authority Key Identifier:
7B:5B:45:CF:AF:CE:CB:7A:FD:31:92:1A:6A:B6:F3:46:EB:57:48:50
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
56:fe:53:5c:e1:c7:9e:bc:a7:ed:7e:53:6d:6a:14:4b:51:8c:
40:5e:80:5f:aa:a4:e8:2f:ef:38:c8:04:c9:ca:3e:cf:df:3a:
58:4e:b0:d4:b6:63:c5:29:57:fa:02:05:9a:45:4d:68:db:2a:
1b:d4:34:3d:9f:00:c3:5a:cb:95:49:a5:6e:e1:b0:c5:fc:41:
4d:41:4a:6f:d3:77:c8:d7:38:8d:e4:19:de:18:f3:1f:15:65:
83:6d:45:0c:53:f9:0a:9a:2e:a5:5d:bf:6f:32:81:18:92:19:
6a:55:00:ad:63:1c:52:06:7e:55:d9:29:68:ae:4a:7c:18:9a:
79:88:6b:23:23:d8:27:38:2a:29:87:76:ca:fb:c7:b6:62:23:
1f:ed:7a:56:4c:dd:9c:32:5b:f5:3d:0c:46:18:95:3b:2a:23:
68:83:64:41:d9:00:6d:0f:19:24:15:68:72:bd:c5:71:67:6e:
ac:4c:db:90:eb:51:a5:1a:62:07:d0:be:6a:00:47:3c:72:2f:
ec:4f:61:3e:73:85:ce:5a:0a:b7:ba:c0:1c:13:75:e3:22:39:
28:dd:6d:1d:09:46:9d:4f:ba:e8:40:81:91:c6:a4:ce:94:72:
1b:01:cf:2a:6e:15:67:95:89:ae:7d:b7:b7:cd:f9:0a:3d:75:
b6:6b:3c:25
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:1f:df:72:99:e8:d2:45:a1:5d:0b:a8:e5:b1:59:ba
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services CA - G2
Validity
Not Before: Oct 18 00:00:00 2012 GMT
Not After : May 19 23:59:59 2022 GMT
Subject: C=US, O=Symantec Corporation, CN=Symantec Time Stamping Services Signer - G4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (2048 bit)
Modulus:
00:a2:63:0b:39:44:b8:bb:23:a7:44:49:bb:0e:ff:
a1:f0:61:0a:53:93:b0:98:db:ad:2c:0f:4a:c5:6e:
ff:86:3c:53:55:0f:15:ce:04:3f:2b:fd:a9:96:96:
d9:be:61:79:0b:5b:c9:4c:86:76:e5:e0:43:4b:22:
95:ee:c2:2b:43:c1:9f:d8:68:b4:8e:40:4f:ee:85:
38:b9:11:c5:23:f2:64:58:f0:15:32:6f:4e:57:a1:
ae:88:a4:02:d7:2a:1e:cd:4b:e1:dd:63:d5:17:89:
32:5b:b0:5e:99:5a:a8:9d:28:50:0e:17:ee:96:db:
61:3b:45:51:1d:cf:12:56:0b:92:47:fc:ab:ae:f6:
66:3d:47:ac:70:72:e7:92:e7:5f:cd:10:b9:c4:83:
64:94:19:bd:25:80:e1:e8:d2:22:a5:d0:ba:02:7a:
a1:77:93:5b:65:c3:ee:17:74:bc:41:86:2a:dc:08:
4c:8c:92:8c:91:2d:9e:77:44:1f:68:d6:a8:74:77:
db:0e:5b:32:8b:56:8b:33:bd:d9:63:c8:49:9d:3a:
c5:c5:ea:33:0b:d2:f1:a3:1b:f4:8b:be:d9:b3:57:
8b:3b:de:04:a7:7a:22:b2:24:ae:2e:c7:70:c5:be:
4e:83:26:08:fb:0b:bd:a9:4f:99:08:e1:10:28:72:
aa:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints: critical
CA:FALSE
X509v3 Extended Key Usage: critical
Time Stamping
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
OCSP - URI:http://ts-ocsp.ws.symantec.com
CA Issuers - URI:http://ts-aia.ws.symantec.com/tss-ca-g2.cer
X509v3 CRL Distribution Points:
Full Name:
URI:http://ts-crl.ws.symantec.com/tss-ca-g2.crl
X509v3 Subject Alternative Name:
DirName:/CN=TimeStamp-2048-2
X509v3 Subject Key Identifier:
46:C6:69:A3:0E:4A:14:1E:D5:4C:DA:52:63:17:3F:5E:36:BC:0D:E6
X509v3 Authority Key Identifier:
5F:9A:F5:6E:5C:CC:CC:74:9A:D4:DD:7D:EF:3F:DB:EC:4C:80:2E:DD
Signature Algorithm: sha1WithRSAEncryption
Signature Value:
63:00:32:8d:17:1f:28:dc:04:79:c9:27:19:84:b8:36:68:a7:
75:19:18:b2:4f:49:ac:5d:61:2b:86:32:d0:0d:4d:ba:b5:7c:
5e:b6:d2:37:e8:ed:5b:88:2c:d2:29:61:be:1f:50:29:4a:22:
f9:17:86:bd:87:21:5b:d1:3c:4d:bf:64:c0:ba:2e:9b:a6:10:
a1:f1:c4:84:53:b0:8d:58:f2:8e:af:12:19:77:1f:ad:f7:be:
be:81:2d:8e:82:7e:70:f8:39:96:33:65:59:a8:4f:7f:8b:22:
c9:18:7e:5e:64:e2:b9:30:6d:06:b4:b7:11:8c:66:ba:2c:26:
44:b9:8a:dc:b1:87:91:b5:dc:bf:14:a1:dc:83:a3:60:af:29:
5e:66:8a:2b:0d:ed:9d:d0:39:05:b9:b8:6f:1e:b9:ba:71:cc:
68:de:b2:79:3a:03:d6:88:e1:1d:29:b3:34:e7:21:d8:a3:0f:
2b:72:1a:42:b5:9e:45:fa:df:a7:2b:9d:d7:f2:cd:1d:c8:56:
12:2f:8d:9d:4d:ce:32:c9:26:61:64:d0:9a:78:e5:2f:12:6a:
4a:44:02:24:d8:57:85:32:7f:cd:59:8c:6b:73:33:00:a5:5e:
ab:c3:f0:22:c0:cb:08:c3:e0:f7:b8:b8:04:14:ec:4a:ef:39:
f9:cf:ca:25
pkcs7-signedData
- 1
- SHA1: nil
- 1.3.6.1.4.1.311.2.1.4
- #0
- 1.3.6.1.4.1.311.2.1.15
- :
- SHA1
07 8c 44 4c e3 4a ab 71 19 a2 fb f3 de 43 83 8e |..DL.J.q.....C..| 59 18 c9 06 |Y... |
- 1.3.6.1.4.1.311.2.1.15
- #0
- Certificates
- Certificate #0
- 2
- 5F:C6:B3:B8:D2:16:CF:EF:94:FE:FB:DB:C8:BE:14:4D
- RSA-SHA1: nil
- Issuer
- C: US
- O: Thawte, Inc.
- CN: Thawte Code Signing CA - G2
- 2012-07-31 00:00:00 UTC: 2013-07-31 23:59:59 UTC
- Subject
- C: RU
- ST: Voroneghskaya oblast
- L: Voronegh
- O: OOO AMA
- OU: it
- CN: OOO AMA
- #5
- rsaEncryption: nil
- CE:93:8B:0D:DE:9E:BC:AF:2E:0F:9F:21:9B:72:DF:69:
82:0D:1E:88:3C:75:DB:03:39:5F:B8:FD:7E:D6:40:8B:
8B:B8:2A:36:86:0A:B5:B9:BD:9F:9A:0F:28:74:34:BA:
D3:E9:60:21:C4:82:54:DA:D1:15:BC:F1:BB:3C:25:FC:
5B:6C:B4:51:DA:A8:75:B9:03:FA:2E:39:E7:BD:F9:98:
D0:0C:5D:C4:23:AF:67:E9:D1:FE:84:51:95:70:51:E6:
0C:A7:4E:10:67:3B:C0:D0:7A:02:A5:5C:DB:30:5B:5D:
B6:51:DA:44:3F:59:7C:E4:F4:C9:B6:A1:4D:DF:41:60:
52:BD:E6:AD:A8:A7:08:EB:47:1F:83:6F:AA:AA:FD:21:
5F:4D:84:C8:3B:3D:4F:97:F2:9B:AB:70:9E:CD:34:32:
6A:18:8D:BD:65:93:FD:08:BF:8D:98:59:D2:B4:33:5E:
00:24:CD:86:AD:62:9C:54:45:14:E3:2F:A3:DD:7D:AA:
D0:88:24:08:31:EB:C3:63:51:DF:DF:71:86:8B:4F:D7:
54:5B:59:8F:95:0C:98:EA:AD:07:EB:EB:A3:F9:AB:D9:
6F:08:7F:0F:7B:02:93:F3:9F:45:C7:B4:96:E6:9A:48:
DC:52:52:94:A4:84:14:85:06:5C:2F:F4:A2:5E:8F:23: 0x010001
- X509v3 extensions
- basicConstraints
- true
- nil
- crlDistributionPoints: http://cs-g2-crl.thawte.com/ThawteCSG2.crl
- extendedKeyUsage
- codeSigning: msCodeCom
- 2.5.29.4
- msCodeCom: 0x80
- authorityInfoAccess
- OCSP: http://ocsp.thawte.com
- nsCertType: 0x10
- basicConstraints
- RSA-SHA1:
16 f2 b7 c4 c7 bd 3c df b3 aa c1 dc 8e be 1c 90 |......<.........| 82 cf ea 77 c2 20 14 2a 08 e1 32 1c a7 d5 ef d1 |...w. .*..2.....| 3b 24 19 89 38 b9 e2 5c b7 fa 52 5a c0 18 8e 25 |;$..8..\..RZ...%| 28 38 cc 49 c9 70 a2 50 1e 63 6a 28 80 ea 50 26 |(8.I.p.P.cj(..P&| 47 c4 18 c1 dd 26 e8 9b d0 0d e4 38 28 60 ac 85 |G....&.....8(`..| 46 19 2f 9a c0 49 86 42 b5 98 07 f7 70 c2 20 19 |F./..I.B....p. .| 15 fe e3 35 61 da 23 a9 c9 20 4f 9a fc 2d 7b 48 |...5a.#.. O..-{H| d1 fb 5d 22 82 d8 4c 7d f0 d1 5e 88 3f 8a af cd |..]"..L}..^.?...| f9 aa ce c0 99 e0 39 a6 f6 6c 71 b1 55 88 79 f4 |......9..lq.U.y.| ad 24 20 46 f1 30 47 d1 b5 63 67 52 fd dc 86 4c |.$ F.0G..cgR...L| d1 a0 7e 84 f1 bf a0 7b 44 65 12 af 3f 59 e1 98 |..~....{De..?Y..| 98 dd a9 d9 99 ed cb ca d2 58 67 78 07 b7 8d 2e |.........Xgx....| 87 aa 8b 46 89 c4 f9 15 24 c9 6d 9c cf 97 43 20 |...F....$.m...C | ba 5b b5 f5 f9 5b 8f 73 6b 37 dc 38 dc 98 90 db |.[...[.sk7.8....| 31 06 ce 53 aa 9c 06 e9 85 a0 b2 da cd 08 37 48 |1..S..........7H| c4 89 7c fd 0f d0 29 3f 76 19 c7 9a 5b f4 ba f0 |..|...)?v...[...|
- 2
- Certificate #1
- 2
- 0x023A64
- RSA-SHA1: nil
- Issuer
- C: US
- O: GeoTrust Inc.
- CN: GeoTrust Global CA
- 2012-10-18 14:38:35 UTC: 2022-05-20 14:38:35 UTC
- Subject
- C: US
- O: Symantec Corporation
- CN: Symantec Time Stamping Services CA - G2
- #5
- rsaEncryption: nil
- B1:AC:B3:49:54:4B:97:1C:12:0A:D8:25:79:91:22:57:
2A:6F:DC:B8:26:C4:43:73:6B:C2:BF:2E:50:5A:FB:14:
C2:76:8E:43:01:25:43:B4:A1:E2:45:F4:E8:B7:7B:C3:
74:CC:22:D7:B4:94:00:02:F7:4D:ED:BF:B4:B7:44:24:
6B:CD:5F:45:3B:D1:44:CE:43:12:73:17:82:8B:69:B4:
2B:CB:99:1E:AC:72:1B:26:4D:71:1F:B1:31:DD:FB:51:
61:02:53:A6:AA:F5:49:2C:05:78:45:A5:2F:89:CE:E7:
99:E7:FE:8C:E2:57:3F:3D:C6:92:DC:4A:F8:7B:33:E4:
79:0A:FB:F0:75:88:41:9C:FF:C5:03:51:99:AA:D7:6C:
9F:93:69:87:65:29:83:85:C2:60:14:C4:C8:C9:3B:14:
DA:C0:81:F0:1F:0D:74:DE:92:22:AB:CA:F7:FB:74:7C:
27:E6:F7:4A:1B:7F:A7:C3:9E:2D:AE:8A:EA:A6:E6:AA:
27:16:7D:61:F7:98:71:11:BC:E2:50:A1:4B:E5:5D:FA:
E5:0E:A7:2C:9F:AA:65:20:D3:D8:96:E8:C8:7C:A5:4E:
48:44:FF:19:E2:44:07:92:0B:D7:68:84:80:5D:6A:78:
64:45:CD:60:46:7E:54:C1:13:7C:C5:79:F1:C9:C1:71: 0x010001
- #6
- authorityKeyIdentifier:
c0 7a 98 68 8d 89 fb ab 05 64 0c 11 7d aa 7d 65 |.z.h.....d..}.}e| b8 ca cc 4e |...N |
- subjectKeyIdentifier:
5f 9a f5 6e 5c cc cc 74 9a d4 dd 7d ef 3f db ec |_..n\..t...}.?..| 4c 80 2e dd |L... |
- basicConstraints
- true
- true: 0
- keyUsage: true, 6
- crlDistributionPoints: http://crl.geotrust.com/crls/gtglobal.crl
- authorityInfoAccess
- OCSP: http://ocsp.geotrust.com
- certificatePolicies
- 1.3.6.1.4.1.14370.1.7
- id-qt-cps: http://www.geotrust.com/resources/cps
- 1.3.6.1.4.1.14370.1.7
- subjectAltName
- CN: TimeStamp-2048-1
- extendedKeyUsage: timeStamping
- authorityKeyIdentifier:
- RSA-SHA1:
aa 3e 3f 03 41 2f 35 13 7f 8c 3f 12 5c 10 cf ee |.>?.A/5...?.\...| 67 55 79 56 60 0f 01 52 0f 23 87 7a 41 28 47 e5 |gUyV`..R.#.zA(G.| d3 66 72 bb 02 cf c9 0c 24 29 41 c2 da 2e 99 e0 |.fr.....$)A.....| 23 91 ef b1 33 47 3c c2 08 3a 06 95 73 a2 1b 0e |#...3G<..:..s...| bc 3f b7 e2 59 f1 69 be f0 d3 e1 18 8f 73 2d e8 |.?..Y.i......s-.| a3 9c 21 40 40 f3 cd 3a b7 01 8d dc 4d 94 b4 7a |..!@@..:....M..z| 10 05 50 7f 1b 61 c5 82 15 8a e4 2c 4d ed 34 11 |..P..a.....,M.4.| eb 5b 6a 89 59 c7 de f7 2c 84 c0 b3 bd 3a 98 e1 |.[j.Y...,....:..| 45 28 8a 21 95 80 3f c9 07 97 f0 ff 42 c1 1e 42 |E(.!..?.....B..B| 84 e7 b2 c7 e0 a2 6a 99 d4 f1 d4 c6 fe 57 c0 b9 |......j......W..| 3a e7 f6 27 70 0d a9 e0 7b 4a 13 95 c2 c9 b9 ab |:..'p...{J......| 69 07 d9 4d cc 66 47 42 4a 74 a7 a7 6d b3 a7 35 |i..M.fGBJt..m..5| e8 7e 4b aa ce bd bc 93 9f 7d c6 40 a5 fc aa 1f |.~K......}.@....| a8 d5 d1 f0 7e 7f d2 e3 4c 56 fd 40 64 f0 47 4c |....~...LV.@d.GL| 51 04 30 ea ea 94 2f 24 ca e9 08 c5 78 5b a1 62 |Q.0.../$....x[.b| c9 1d 48 87 97 19 fa 4d a5 78 ed ec 04 79 0e 36 |..H....M.x...y.6|
- 2
- Certificate #2
- 2
- 47:97:4D:78:73:A5:BC:AB:0D:2F:B3:70:19:2F:CE:5E
- RSA-SHA1: nil
- Issuer
- C: US
- O: thawte, Inc.
- OU: Certification Services Division
- OU: (c) 2006 thawte, Inc. - For authorized use only
- CN: thawte Primary Root CA
- 2010-02-08 00:00:00 UTC: 2020-02-07 23:59:59 UTC
- Subject
- C: US
- O: Thawte, Inc.
- CN: Thawte Code Signing CA - G2
- #5
- rsaEncryption: nil
- B7:8B:CF:75:5B:9F:25:DA:7E:39:B0:93:DB:38:D3:A9:
23:D0:82:FA:E9:24:7E:5C:0B:8E:83:F8:E6:7A:59:E6:
A3:C5:98:A7:99:D2:44:FF:00:A6:A5:39:04:8A:DA:29:
88:EA:DB:A2:F3:1C:99:15:26:C2:B1:F4:FC:E1:0C:47:
A9:09:11:06:0A:20:92:B9:C7:A0:04:8C:5C:94:19:AB:
5B:25:2C:1D:62:7E:70:0D:CE:61:6C:DD:2B:82:C9:CE:
5D:48:5F:F7:C2:BE:BC:41:23:1E:4F:29:5D:D7:4F:BC:
F4:C5:2A:FC:63:E6:7C:26:4E:99:A7:79:41:9E:10:4A:
7A:79:C9:C6:86:F7:86:95:D2:26:CE:3C:18:2A:D6:7C:
CE:AF:CD:AD:BB:F7:82:2C:70:26:37:45:E5:0F:47:22:
C6:01:28:BD:2E:83:5C:6A:A4:47:C1:E7:D0:D8:6B:81:
46:3F:21:17:F5:07:C5:43:5A:A6:67:2C:B8:7B:60:11:
B5:83:EE:F5:74:0A:72:71:44:3D:58:FE:E8:1A:AB:38:
C3:59:DB:7F:6E:38:7D:76:C7:72:69:98:36:96:57:D3:
66:1C:D2:54:91:04:2E:54:19:B0:DC:3D:B5:22:5E:86:
D5:2A:7E:20:DF:5D:E6:7A:B1:65:FE:C5:02:4E:31:2D: 0x010001
- X509v3 extensions
- basicConstraints
- true
- true: 0
- crlDistributionPoints: http://crl.thawte.com/ThawtePCA.crl
- keyUsage: true, 6
- authorityInfoAccess
- OCSP: http://ocsp.thawte.com
- extendedKeyUsage
- clientAuth: codeSigning
- subjectAltName
- CN: VeriSignMPKI-2-10
- subjectKeyIdentifier:
d4 0d 65 3f 7a bd 34 c6 fe 47 e7 4c 0d c0 bd f2 |..e?z.4..G.L....| de 15 ab 71 |...q |
- authorityKeyIdentifier:
7b 5b 45 cf af ce cb 7a fd 31 92 1a 6a b6 f3 46 |{[E....z.1..j..F| eb 57 48 50 |.WHP |
- basicConstraints
- RSA-SHA1:
56 fe 53 5c e1 c7 9e bc a7 ed 7e 53 6d 6a 14 4b |V.S\......~Smj.K| 51 8c 40 5e 80 5f aa a4 e8 2f ef 38 c8 04 c9 ca |Q.@^._.../.8....| 3e cf df 3a 58 4e b0 d4 b6 63 c5 29 57 fa 02 05 |>..:XN...c.)W...| 9a 45 4d 68 db 2a 1b d4 34 3d 9f 00 c3 5a cb 95 |.EMh.*..4=...Z..| 49 a5 6e e1 b0 c5 fc 41 4d 41 4a 6f d3 77 c8 d7 |I.n....AMAJo.w..| 38 8d e4 19 de 18 f3 1f 15 65 83 6d 45 0c 53 f9 |8........e.mE.S.| 0a 9a 2e a5 5d bf 6f 32 81 18 92 19 6a 55 00 ad |....].o2....jU..| 63 1c 52 06 7e 55 d9 29 68 ae 4a 7c 18 9a 79 88 |c.R.~U.)h.J|..y.| 6b 23 23 d8 27 38 2a 29 87 76 ca fb c7 b6 62 23 |k##.'8*).v....b#| 1f ed 7a 56 4c dd 9c 32 5b f5 3d 0c 46 18 95 3b |..zVL..2[.=.F..;| 2a 23 68 83 64 41 d9 00 6d 0f 19 24 15 68 72 bd |*#h.dA..m..$.hr.| c5 71 67 6e ac 4c db 90 eb 51 a5 1a 62 07 d0 be |.qgn.L...Q..b...| 6a 00 47 3c 72 2f ec 4f 61 3e 73 85 ce 5a 0a b7 |j.G
s..Z..| ba c0 1c 13 75 e3 22 39 28 dd 6d 1d 09 46 9d 4f |....u."9(.m..F.O| ba e8 40 81 91 c6 a4 ce 94 72 1b 01 cf 2a 6e 15 |..@......r...*n.| 67 95 89 ae 7d b7 b7 cd f9 0a 3d 75 b6 6b 3c 25 |g...}.....=u.k<%|
- 2
- Certificate #3
- 2
- 7E:1F:DF:72:99:E8:D2:45:A1:5D:0B:A8:E5:B1:59:BA
- RSA-SHA1: nil
- Issuer
- C: US
- O: Symantec Corporation
- CN: Symantec Time Stamping Services CA - G2
- 2012-10-18 00:00:00 UTC: 2022-05-19 23:59:59 UTC
- Subject
- C: US
- O: Symantec Corporation
- CN: Symantec Time Stamping Services Signer - G4
- #5
- rsaEncryption: nil
- A2:63:0B:39:44:B8:BB:23:A7:44:49:BB:0E:FF:A1:F0:
61:0A:53:93:B0:98:DB:AD:2C:0F:4A:C5:6E:FF:86:3C:
53:55:0F:15:CE:04:3F:2B:FD:A9:96:96:D9:BE:61:79:
0B:5B:C9:4C:86:76:E5:E0:43:4B:22:95:EE:C2:2B:43:
C1:9F:D8:68:B4:8E:40:4F:EE:85:38:B9:11:C5:23:F2:
64:58:F0:15:32:6F:4E:57:A1:AE:88:A4:02:D7:2A:1E:
CD:4B:E1:DD:63:D5:17:89:32:5B:B0:5E:99:5A:A8:9D:
28:50:0E:17:EE:96:DB:61:3B:45:51:1D:CF:12:56:0B:
92:47:FC:AB:AE:F6:66:3D:47:AC:70:72:E7:92:E7:5F:
CD:10:B9:C4:83:64:94:19:BD:25:80:E1:E8:D2:22:A5:
D0:BA:02:7A:A1:77:93:5B:65:C3:EE:17:74:BC:41:86:
2A:DC:08:4C:8C:92:8C:91:2D:9E:77:44:1F:68:D6:A8:
74:77:DB:0E:5B:32:8B:56:8B:33:BD:D9:63:C8:49:9D:
3A:C5:C5:EA:33:0B:D2:F1:A3:1B:F4:8B:BE:D9:B3:57:
8B:3B:DE:04:A7:7A:22:B2:24:AE:2E:C7:70:C5:BE:4E:
83:26:08:FB:0B:BD:A9:4F:99:08:E1:10:28:72:AA:CD: 0x010001
- X509v3 extensions
- basicConstraints
- true
- nil
- extendedKeyUsage: true, timeStamping
- keyUsage: true, 0x80
- authorityInfoAccess
- #0
- OCSP: http://ts-ocsp.ws.symantec.com
- caIssuers: http://ts-aia.ws.symantec.com/tss-ca-g2.cer
- #0
- crlDistributionPoints: http://ts-crl.ws.symantec.com/tss-ca-g2.crl
- subjectAltName
- CN: TimeStamp-2048-2
- subjectKeyIdentifier:
46 c6 69 a3 0e 4a 14 1e d5 4c da 52 63 17 3f 5e |F.i..J...L.Rc.?^| 36 bc 0d e6 |6... |
- authorityKeyIdentifier:
5f 9a f5 6e 5c cc cc 74 9a d4 dd 7d ef 3f db ec |_..n\..t...}.?..| 4c 80 2e dd |L... |
- basicConstraints
- RSA-SHA1:
63 00 32 8d 17 1f 28 dc 04 79 c9 27 19 84 b8 36 |c.2...(..y.'...6| 68 a7 75 19 18 b2 4f 49 ac 5d 61 2b 86 32 d0 0d |h.u...OI.]a+.2..| 4d ba b5 7c 5e b6 d2 37 e8 ed 5b 88 2c d2 29 61 |M..|^..7..[.,.)a| be 1f 50 29 4a 22 f9 17 86 bd 87 21 5b d1 3c 4d |..P)J".....![.
- 2
- Certificate #0
- 1
- unnamed
- #0
- C: US
- O: Thawte, Inc.
- CN: Thawte Code Signing CA - G2
- 5F:C6:B3:B8:D2:16:CF:EF:94:FE:FB:DB:C8:BE:14:4D
- #0
- SHA1: nil
- #2
- 1.3.6.1.4.1.311.2.1.12
- nil
- contentType: 1.3.6.1.4.1.311.2.1.4
- 1.3.6.1.4.1.311.2.1.11: msCodeCom
- messageDigest:
81 9c e6 3b 24 ac 2a 7b 1c 50 8b 7f 0d 65 4a b9 |...;$.*{.P...eJ.| 6d 73 16 c9 |ms.. |
- 1.3.6.1.4.1.311.2.1.12
- rsaEncryption:
01 94 53 d5 12 7f 39 5e 14 60 2e e7 57 bf d1 44 |..S...9^.`..W..D| e0 84 75 a0 04 50 b8 f3 0b 5a 1c 19 6e 1b 68 37 |..u..P...Z..n.h7| f1 ee 77 50 59 0c 81 3b 14 f9 63 31 29 59 4d 1c |..wPY..;..c1)YM.| 2f 08 e1 f2 f1 1e 30 28 14 50 14 48 df cf f5 5d |/.....0(.P.H...]| b6 84 17 3f 4e c2 f5 0a af ef fb 06 91 d5 97 4f |...?N..........O| 42 f5 5f d4 aa 87 1d 95 b6 e5 eb 9d df ec 1b c8 |B._.............| a5 37 e8 cc be 42 92 24 5a 0b 31 d9 06 dc 72 09 |.7...B.$Z.1...r.| 9c fb 02 cc 35 ca 15 e5 96 0f 36 8e 90 a8 3b a7 |....5.....6...;.| aa 08 8b 13 9c fc ca 42 f0 65 ef 4c b1 12 e3 55 |.......B.e.L...U| 9f 82 5b 32 42 5d 82 4a 60 50 47 7f bd 9f 4d 15 |..[2B].J`PG...M.| 10 55 a0 c1 39 c1 de f0 fe a3 b1 52 e5 7c c6 80 |.U..9......R.|..| 80 eb 27 e3 e9 98 26 35 2e 55 ad e1 d8 8a b5 96 |..'...&5.U......| 78 96 30 28 34 22 f7 98 ed 24 94 fb ef fc 9e 3a |x.0(4"...$.....:| 0f d8 fb 5b ef e8 cf 6f 65 0a fd e5 26 bd a7 34 |...[...oe...&..4| 20 56 fa 6c e8 73 ca b7 85 e9 b0 a5 e8 fa 24 68 | V.l.s........$h| 62 f4 af 9b b1 6b 5c 69 b4 2c 53 a0 14 b8 45 1a |b....k\i.,S...E.|
- countersignature
- 1
- unnamed
- #0
- C: US
- O: Symantec Corporation
- CN: Symantec Time Stamping Services CA - G2
- 7E:1F:DF:72:99:E8:D2:45:A1:5D:0B:A8:E5:B1:59:BA
- #0
- SHA1: nil
- #2
- contentType: pkcs7-data
- signingTime: 2013-01-02 08:42:02 UTC
- messageDigest:
bc 28 55 8f 6e 41 8b d1 f8 1c 7c f7 7f d5 50 7d |.(U.nA....|...P}| f0 85 27 d3 |..'. |
- rsaEncryption:
6e 9f 8a a6 e8 77 94 95 fe 9f 76 a1 a5 4b ef 52 |n....w....v..K.R| 29 c9 51 9f 6c 38 76 61 28 80 41 e9 19 ad 05 0a |).Q.l8va(.A.....| 0f db 8a 4d 91 ec 88 47 8b 1c 1c d5 4e b1 cf 8d |...M...G....N...| d7 eb e7 c8 69 e7 46 14 75 2d 07 5b 37 de e9 3e |....i.F.u-.[7..>| 32 f2 76 2f 86 64 5b 55 f5 85 83 58 7f 2b 7d d9 |2.v/.d[U...X.+}.| 52 6b 2c e8 aa b4 14 0e 47 bc 6c 02 ef 88 64 89 |Rk,.....G.l...d.| 52 af 39 6f 2a c2 13 72 dc 06 89 36 c5 45 41 67 |R.9o*..r...6.EAg| e0 8a da 29 32 df a9 7d 9d c1 1e ea e5 62 e8 26 |...)2..}.....b.&| 7c e0 83 60 10 25 30 5e 64 5d 9a 26 e4 62 23 30 ||..`.%0^d].&.b#0| 92 6a ad 65 cd 64 39 fc bc f3 03 32 52 5f 05 45 |.j.e.d9....2R_.E| 2c e1 d7 53 c6 99 0c 47 50 9e 9d e8 ac 9d d6 e4 |,..S...GP.......| da b0 0d 4b cc f4 8c 3e f2 0d 2b b6 19 fb a2 2b |...K...>..+....+| 51 26 91 62 3d bb d1 96 23 ae 7a 70 c1 d2 e1 c7 |Q&.b=...#.zp....| 5a a4 6b 1a 50 de d4 c4 b3 94 36 13 0b a5 98 fb |Z.k.P.....6.....| a8 bf 91 12 11 ec af 83 29 ee 0a a6 bb 75 d2 40 |........)....u.@| 32 e2 d5 02 28 24 96 23 a3 f1 b7 3f 73 87 37 be |2...($.#...?s.7.|
- unnamed
- 1
- unnamed
| offset | size | type | comment | |
|---|---|---|---|---|
| 0 | 2306048 | EXE | 01/02/2013 08:40:03 | # |
| 15c1 | 15 | HTM | # | |
| 233000 | 5760 | PKCS7 | Authenticode Signature | # |
 |
| Please donate some bucks to keep this site up and running: | |
| Ko-fi | |
|---|---|
| Yandex.Money | |
| Thank you! | |
everything is OK