55555_Install-Setup[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

55555_Install-Setup.rar
Size

6.6MB
MD5

e7d379b21c13680df5b2500fa61d7992
SHA1

23ef56adc585a6d2741aae4c698d731f4bbd477a
SHA256

0d20d075cf8e97e778f907255f5d6fe18de6f7d0da42c7bc2af700a2f69b72b1
SHA512

e6619302b3b9bd888bf25e2ada53c20b27e35b951c9f6ffbccb773c8bab924ae68f810fda67393c237a3309b70eae84e05447be15a67e999aa316da347814afe
SSDEEP

196608:h3A3BbfsZdE1AYM/hzSGT7MktLa5gIxvNPi:h3kbfsZdGUfM2a57xvNPi

Score

10^/10

Malware Config

Extracted

Language

ps1

Deobfuscated

URLs

exe.dropper

https://github.com/rcmaehl/MSEdgeRedirect/releases/download/0.6.1.0/MSEdgeRedirect.exe

Signatures

Files

55555_Install-Setup.rar
.rar

Password: 55555
Setup.exe
.exe windows x86

Password: 55555

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

bd:12:ac:19:af:9e:c0:fa:52:83:a8:24:59:7c:0a:57
Certificate

Issuer

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23-09-2019 00:00

Not After

22-09-2020 23:59

Subject

SERIALNUMBER=94349,CN=Telegram FZ-LLC,O=Telegram FZ-LLC,STREET=Business Central Towers\, Tower A\, Office 2301 2303,L=Dubai,ST=Dubai,C=AE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024145

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03-12-2014 00:00

Not After

02-12-2029 23:59

Subject

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02-05-2019 00:00

Not After

01-08-2030 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02-05-2019 00:00

Not After

18-01-2038 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b1:18:cb:e8:ac:87:7f:5a:70:59:72:ae:26:92:d0:ce:77:76:1c:00:13:e4:25:d8:b3:94:f4:5c:9e:41:32:d8
Signer

Actual PE Digest

b1:18:cb:e8:ac:87:7f:5a:70:59:72:ae:26:92:d0:ce:77:76:1c:00:13:e4:25:d8:b3:94:f4:5c:9e:41:32:d8

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=94349,CN=Telegram FZ-LLC,O=Telegram FZ-LLC,STREET=Business Central Towers\, Tower A\, Office 2301 2303,L=Dubai,ST=Dubai,C=AE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024145

28-01-2020 20:49
Valid: true

Chain 1

SERIALNUMBER=94349,CN=Telegram FZ-LLC,O=Telegram FZ-LLC,STREET=Business Central Towers\, Tower A\, Office 2301 2303,L=Dubai,ST=Dubai,C=AE,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024145

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 749KB - Virtual size: 749KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/apps11.txt
data/opentweaks_gamingProfile.tiw1
data/opentweaks_oobeProfile.tiw1
data/packages11.xml
data/plugins/Albacore.ViVe.dll
.dll windows x86

Password: 55555

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mscoree

_CorDllMain

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
data/plugins/Disable TPM 2.0 Check.ini
data/plugins/Enable AutoAdminLogon.ini
data/plugins/Enable Classic Context menus.ini
data/plugins/Join Domain.ini
data/plugins/Win10X Boot Animation.ini
data/plugins/aal_off.bat
data/plugins/aal_on.bat
data/plugins/tpm_off.bat
data/plugins/tpm_on.bat
data/scripts/Apps/Enable apps dark mode.ps1
data/scripts/Apps/Install apps.ps1
data/scripts/Apps/Reinstall all built-in apps.ps1
data/scripts/Apps/Remove OneDrive.ps1
.ps1
data/scripts/Apps/Remove default apps (Provisioned).ps1
data/scripts/Apps/Remove default apps (Recommended).ps1
data/scripts/Apps/Update Store apps.ps1
.ps1
data/scripts/Edge/Bypass Edge as default handler for web searches.ps1
.ps1
data/scripts/Edge/Run MSEdgeRedirect.ps1
.ps1
data/scripts/Energy/Ultimate Performance mode.ps1
data/scripts/Privacy/Disable Services.ps1
.ps1
data/scripts/Privacy/Remove telemetry of third-party apps.ps1
.ps1
data/scripts/Storage/Clean up Windows.ps1
.ps1
iconengines/qsvgicon.dll
.dll windows x64

Password: 55555

74bc1338c3acaa68f433e80dd85f5c29

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

49:1c:e9:d0:8c:03:db:03:c7:e1:1c:28:32:5d:27:35:be:34:e3:18:49:b1:76:9c:db:fd:0b:80:b7:87:64:71
Signer

Actual PE Digest

49:1c:e9:d0:8c:03:db:03:c7:e1:1c:28:32:5d:27:35:be:34:e3:18:49:b1:76:9c:db:fd:0b:80:b7:87:64:71

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

18-11-2021 05:49
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5svg

?render@QSvgRenderer@@QEAAXPEAVQPainter@@@Z
?load@QSvgRenderer@@QEAA_NAEBVQByteArray@@@Z
?load@QSvgRenderer@@QEAA_NAEBVQString@@@Z
?defaultSize@QSvgRenderer@@QEBA?AVQSize@@XZ
?isValid@QSvgRenderer@@QEBA_NXZ
??1QSvgRenderer@@UEAA@XZ
??0QSvgRenderer@@QEAA@AEBVQString@@PEAVQObject@@@Z
??0QSvgRenderer@@QEAA@PEAVQObject@@@Z

qt5gui

?self@QGuiApplicationPrivate@@0PEAV1@EA
?staticMetaObject@QGuiApplication@@2UQMetaObject@@B
?iconName@QIconEngine@@UEBA?AVQString@@XZ
?availableSizes@QIconEngine@@UEBA?AV?$QList@VQSize@@@@W4Mode@QIcon@@W4State@4@@Z
?insert@QPixmapCache@@SA_NAEBVQString@@AEBVQPixmap@@@Z
?find@QPixmapCache@@SA_NAEBVQString@@AEAVQPixmap@@@Z
?drawPixmap@QPainter@@QEAAXAEBVQRect@@AEBVQPixmap@@@Z
?end@QPainter@@QEAA_NXZ
?staticMetaObject@QIconEnginePlugin@@2UQMetaObject@@B
??1QPainter@@QEAA@XZ
??0QPainter@@QEAA@PEAVQPaintDevice@@@Z
?virtual_hook@QIconEngine@@UEAAXHPEAX@Z
??1QIconEngine@@UEAA@XZ
??0QIconEngine@@QEAA@AEBV0@@Z
??0QIconEngine@@QEAA@XZ
??6@YAAEAVQDataStream@@AEAV0@AEBVQPixmap@@@Z
??5@YAAEAVQDataStream@@AEAV0@AEAVQPixmap@@@Z
?fromImage@QPixmap@@SA?AV1@AEBVQImage@@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?device@QPainter@@QEBAPEAVQPaintDevice@@XZ
?size@QPixmap@@QEBA?AVQSize@@XZ
?isNull@QPixmap@@QEBA_NXZ
??4QPixmap@@QEAAAEAV0@$$QEAV0@@Z
??4QPixmap@@QEAAAEAV0@AEBV0@@Z
??1QPixmap@@UEAA@XZ
??0QPixmap@@QEAA@AEBV0@@Z
??0QPixmap@@QEAA@AEBVQString@@PEBDV?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
??0QPixmap@@QEAA@XZ
?fill@QImage@@QEAAXI@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@AEBVQSize@@W4Format@0@@Z
?devicePixelRatioF@QPaintDevice@@QEBANXZ
??1QIconEnginePlugin@@UEAA@XZ
??0QIconEnginePlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QIconEnginePlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QIconEnginePlugin@@UEAAPEAXPEBD@Z

qt5core

?self@QCoreApplication@@0PEAV1@EA
?shared_null@QHashData@@2U1@B
?mimeTypeForFile@QMimeDatabase@@QEBA?AVQMimeType@@AEBVQFileInfo@@W4MatchMode@1@@Z
??1QMimeDatabase@@QEAA@XZ
??0QMimeDatabase@@QEAA@XZ
?name@QMimeType@@QEBA?AVQString@@XZ
??1QMimeType@@QEAA@XZ
?absoluteFilePath@QFileInfo@@QEBA?AVQString@@XZ
??1QFileInfo@@QEAA@XZ
??0QFileInfo@@QEAA@AEBVQString@@@Z
?open@QFile@@UEAA_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??1QFile@@UEAA@XZ
??0QFile@@QEAA@AEBVQString@@@Z
??6QDataStream@@QEAAAEAV0@H@Z
??5QDataStream@@QEAAAEAV0@AEAH@Z
?resetStatus@QDataStream@@QEAAXXZ
?setStatus@QDataStream@@QEAAXW4Status@1@@Z
?status@QDataStream@@QEBA?AW4Status@1@XZ
?atEnd@QDataStream@@QEBA_NXZ
?isNull@QString@@QEBA_NXZ
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QChar@@QEAA@UQLatin1Char@@@Z
??0QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@AEBV0@@Z
??1QByteArray@@QEAA@XZ
??4QByteArray@@QEAAAEAV0@AEBV0@@Z
??4QByteArray@@QEAAAEAV0@$$QEAV0@@Z
?constData@QByteArray@@QEBAPEBDXZ
?qUncompress@@YA?AVQByteArray@@PEBEH@Z
??6@YAAEAVQDataStream@@AEAV0@AEBVQByteArray@@@Z
??5@YAAEAVQDataStream@@AEAV0@AEAVQByteArray@@@Z
?qCompress@@YA?AVQByteArray@@PEBEHH@Z
??0QString@@QEAA@XZ
??0QString@@QEAA@VQLatin1String@@@Z
??0QString@@QEAA@AEBV0@@Z
??1QString@@QEAA@XZ
??4QString@@QEAAAEAV0@AEBV0@@Z
?endsWith@QString@@QEBA_NVQLatin1String@@W4CaseSensitivity@Qt@@@Z
?append@QString@@QEAAAEAV1@VQChar@@@Z
?append@QString@@QEAAAEAV1@AEBV1@@Z
?number@QString@@SA?AV1@HH@Z
?number@QString@@SA?AV1@_JH@Z
??8QString@@QEBA_NVQLatin1String@@@Z
??6@YAAEAVQDataStream@@AEAV0@AEBVQString@@@Z
??5@YAAEAVQDataStream@@AEAV0@AEAVQString@@@Z
?scaled@QSize@@QEBA?AV1@AEBV1@W4AspectRatioMode@Qt@@@Z
??XQSize@@QEAAAEAV0@N@Z
?cast@QMetaObject@@QEBAPEAVQObject@@PEAV2@@Z
?isTransactionStarted@QIODevice@@QEBA_NXZ
?detach_helper@QHashData@@QEAAPEAU1@P6AXPEAUNode@1@PEAX@ZP6AX0@ZHH@Z
?rehash@QHashData@@QEAAXH@Z
?free_helper@QHashData@@QEAAXP6AXPEAUNode@1@@Z@Z
?nextNode@QHashData@@SAPEAUNode@1@PEAU21@@Z
?previousNode@QHashData@@SAPEAUNode@1@PEAU21@@Z
??0QSharedData@@QEAA@XZ
??0QSharedData@@QEAA@AEBV0@@Z
?readAll@QIODevice@@QEAA?AVQByteArray@@XZ
?allocateNode@QHashData@@QEAAPEAXH@Z

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
EnterCriticalSection
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
CloseHandle

vcruntime140

__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 106B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qgif.dll
.dll windows x64

Password: 55555

27cefd9d4e68f66b941b3efc3ea367b7

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:0b:e2:4f:18:06:ed:df:81:c9:91:91:5b:cc:ef:1d:27:90:86:de:8d:dc:89:02:eb:e7:2a:14:08:a3:d7:ff
Signer

Actual PE Digest

03:0b:e2:4f:18:06:ed:df:81:c9:91:91:5b:cc:ef:1d:27:90:86:de:8d:dc:89:02:eb:e7:2a:14:08:a3:d7:ff

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

17-11-2021 14:04
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?bytesPerLine@QImage@@QEBAHXZ
?constScanLine@QImage@@QEBAPEBEH@Z
?scanLine@QImage@@QEAAPEAEH@Z
?sizeInBytes@QImage@@QEBA_JXZ
?constBits@QImage@@QEBAPEBEXZ
?bits@QImage@@QEAAPEAEXZ
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?detach@QImage@@QEAAXXZ
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??4QImage@@QEAAAEAV0@AEBV0@@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@HHW4Format@0@@Z
??0QImage@@QEAA@XZ
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
??1QImageIOPlugin@@UEAA@XZ
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z

qt5core

?shared_null@QArrayData@@2QBU1@B
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?isReadable@QIODevice@@QEBA_NXZ
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?allocate@QArrayData@@SAPEAU1@_K00V?$QFlags@W4AllocationOption@QArrayData@@@@@Z
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
??0QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@PEBDH@Z
??1QByteArray@@QEAA@XZ
??4QByteArray@@QEAAAEAV0@$$QEAV0@@Z
?constData@QByteArray@@QEBAPEBDXZ
?append@QByteArray@@QEAAAEAV1@AEBV1@@Z
?remove@QByteArray@@QEAAAEAV1@HH@Z
??0QString@@QEAA@XZ
??1QString@@QEAA@XZ
?read@QIODevice@@QEAA?AVQByteArray@@_J@Z
?peek@QIODevice@@QEAA_JPEAD_J@Z
??0QVariant@@QEAA@XZ
??1QVariant@@QEAA@XZ
??0QVariant@@QEAA@_N@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
??0QVariant@@QEAA@$$QEAV0@@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle

vcruntime140

memcpy
memset
__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qicns.dll
.dll windows x64

Password: 55555

5af56754560221ee1ca2f0c639cff643

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

6d:5c:69:5f:ca:5b:0d:b5:ef:e3:32:65:a9:a0:3f:80:8d:f6:b5:4a:d6:7c:fb:c9:3b:91:4f:7a:2a:9d:ba:52
Signer

Actual PE Digest

6d:5c:69:5f:ca:5b:0d:b5:ef:e3:32:65:a9:a0:3f:80:8d:f6:b5:4a:d6:7c:fb:c9:3b:91:4f:7a:2a:9d:ba:52

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

18-11-2021 05:50
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

?loopCount@QImageIOHandler@@UEBAHXZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?setOption@QImageIOHandler@@UEAAXW4ImageOption@1@AEBVQVariant@@@Z
?fromData@QImage@@SA?AV1@AEBVQByteArray@@PEBD@Z
?save@QImage@@QEBA_NPEAVQIODevice@@PEBDH@Z
?scaled@QImage@@QEBA?AV1@AEBVQSize@@W4AspectRatioMode@Qt@@W4TransformationMode@4@@Z
?currentImageNumber@QImageIOHandler@@UEBAHXZ
?nextImageDelay@QImageIOHandler@@UEBAHXZ
?setAlphaChannel@QImage@@QEAAXAEBV1@@Z
?setColorTable@QImage@@QEAAXV?$QVector@I@@@Z
?setPixel@QImage@@QEAAXHHI@Z
?scanLine@QImage@@QEAAPEAEH@Z
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??4QImage@@QEAAAEAV0@AEBV0@@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@$$QEAV0@@Z
??0QImage@@QEAA@AEBV0@@Z
??0QImage@@QEAA@HHW4Format@0@@Z
??0QImage@@QEAA@XZ
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
??1QImageIOPlugin@@UEAA@XZ
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B

qt5core

?skipRawData@QDataStream@@QEAAHH@Z
?writeRawData@QDataStream@@QEAAHPEBDH@Z
??6QDataStream@@QEAAAEAV0@H@Z
??5QDataStream@@QEAAAEAV0@AEAH@Z
??5QDataStream@@QEAAAEAV0@AEAC@Z
?setByteOrder@QDataStream@@QEAAXW4ByteOrder@1@@Z
?status@QDataStream@@QEBA?AW4Status@1@XZ
?shared_null@QArrayData@@2QBU1@B
??1QByteArray@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?isOpen@QIODevice@@QEBA_NXZ
?isReadable@QIODevice@@QEBA_NXZ
?isWritable@QIODevice@@QEBA_NXZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?allocate@QArrayData@@SAPEAU1@_K00V?$QFlags@W4AllocationOption@QArrayData@@@@@Z
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
??0QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@PEBDH@Z
??0QByteArray@@QEAA@AEBV0@@Z
??0QByteArray@@QEAA@$$QEAV0@@Z
?startsWith@QByteArray@@QEBA_NAEBV1@@Z
?append@QByteArray@@QEAAAEAV1@D@Z
?append@QByteArray@@QEAAAEAV1@PEBD@Z
?append@QByteArray@@QEAAAEAV1@AEBV1@@Z
?number@QByteArray@@SA?AV1@HH@Z
?number@QByteArray@@SA?AV1@_JH@Z
??1QString@@QEAA@XZ
?at@QString@@QEBA?BVQChar@@H@Z
?toLocal8Bit@QString@@QEGBA?AVQByteArray@@XZ
?fromLatin1@QString@@SA?AV1@AEBVQByteArray@@@Z
?toUInt@QString@@QEBAIPEA_NH@Z
?read@QIODevice@@QEAA?AVQByteArray@@_J@Z
?peek@QIODevice@@QEAA?AVQByteArray@@_J@Z
??0QVariant@@QEAA@XZ
??0QVariant@@QEAA@AEBVQByteArray@@@Z
??0QRegularExpression@@QEAA@AEBVQString@@V?$QFlags@W4PatternOption@QRegularExpression@@@@@Z
??1QRegularExpression@@QEAA@XZ
?match@QRegularExpression@@QEBA?AVQRegularExpressionMatch@@AEBVQString@@HW4MatchType@1@V?$QFlags@W4MatchOption@QRegularExpression@@@@@Z
?atEnd@QDataStream@@QEBA_NXZ
?hasMatch@QRegularExpressionMatch@@QEBA_NXZ
?captured@QRegularExpressionMatch@@QEBA?AVQString@@AEBV2@@Z
??0QBuffer@@QEAA@PEAVQByteArray@@PEAVQObject@@@Z
??1QBuffer@@UEAA@XZ
?open@QBuffer@@UEAA_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?close@QBuffer@@UEAAXXZ
??0QDataStream@@QEAA@PEAVQIODevice@@@Z
??1QDataStream@@QEAA@XZ
??1QRegularExpressionMatch@@QEAA@XZ

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle

vcruntime140

memcmp
memcpy
__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list

api-ms-win-crt-math-l1-1-0

sqrt

api-ms-win-crt-heap-l1-1-0

free
_callnewh
malloc

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_seh_filter_dll
_cexit
_initterm
_initterm_e
_configure_narrow_argv
_crt_atexit

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qico.dll
.dll windows x64

Password: 55555

5c6578cd72fc57aeca2a1c31cdd0b5fb

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

b6:be:7e:44:eb:d7:7d:94:b3:22:cb:17:68:40:2a:19:d8:9c:8e:a2:bf:d8:dc:91:0e:b9:f8:be:08:f2:8a:be
Signer

Actual PE Digest

b6:be:7e:44:eb:d7:7d:94:b3:22:cb:17:68:40:2a:19:d8:9c:8e:a2:bf:d8:dc:91:0e:b9:f8:be:08:f2:8a:be

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

17-11-2021 14:04
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?sharedPainter@QPaintDevice@@MEBAPEAVQPainter@@XZ
?setOption@QImageIOHandler@@UEAAXW4ImageOption@1@AEBVQVariant@@@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?redirected@QPaintDevice@@MEBAPEAV1@PEAVQPoint@@@Z
?paintEngine@QImage@@UEBAPEAVQPaintEngine@@XZ
?nextImageDelay@QImageIOHandler@@UEBAHXZ
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?loopCount@QImageIOHandler@@UEBAHXZ
?initPainter@QPaintDevice@@MEBAXPEAVQPainter@@@Z
?devType@QImage@@UEBAHXZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UEBAHXZ
?convertToFormat_inplace@QImage@@IEAA_NW4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?convertToFormat_helper@QImage@@IEBA?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?setText@QImage@@QEAAXAEBVQString@@0@Z
?fromData@QImage@@SA?AV1@AEBVQByteArray@@PEBD@Z
?metric@QImage@@MEBAHW4PaintDeviceMetric@QPaintDevice@@@Z
?invertPixels@QImage@@QEAAXW4InvertMode@1@@Z
?scaled@QImage@@QEBA?AV1@AEBVQSize@@W4AspectRatioMode@Qt@@W4TransformationMode@4@@Z
?createAlphaMask@QImage@@QEBA?AV1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?setAlphaChannel@QImage@@QEAAXAEBV1@@Z
?hasAlphaChannel@QImage@@QEBA_NXZ
?fill@QImage@@QEAAXI@Z
?setPixel@QImage@@QEAAXHHI@Z
?bytesPerLine@QImage@@QEBAHXZ
?scanLine@QImage@@QEAAPEAEH@Z
?setColorCount@QImage@@QEAAXH@Z
?setColor@QImage@@QEAAXHI@Z
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??4QImage@@QEAAAEAV0@AEBV0@@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@$$QEAV0@@Z
??0QImage@@QEAA@AEBV0@@Z
??0QImage@@QEAA@HHW4Format@0@@Z
??0QImage@@QEAA@XZ
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
??1QImageIOPlugin@@UEAA@XZ

qt5core

?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?shared_null@QArrayData@@2QBU1@B
??0QVariant@@QEAA@AEBVQSize@@@Z
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@XZ
??1QBuffer@@UEAA@XZ
??0QBuffer@@QEAA@PEAVQByteArray@@PEAVQObject@@@Z
?ungetChar@QIODevice@@QEAAXD@Z
?write@QIODevice@@QEAA_JAEBVQByteArray@@@Z
?write@QIODevice@@QEAA_JPEBD_J@Z
?read@QIODevice@@QEAA?AVQByteArray@@_J@Z
?read@QIODevice@@QEAA_JPEAD_J@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?isOpen@QIODevice@@QEBA_NXZ
?isReadable@QIODevice@@QEBA_NXZ
?isWritable@QIODevice@@QEBA_NXZ
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?allocate@QArrayData@@SAPEAU1@_K00V?$QFlags@W4AllocationOption@QArrayData@@@@@Z
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
??0QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@PEBDH@Z
??1QByteArray@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
?fromRawData@QByteArray@@SA?AV1@PEBDH@Z
??0QString@@QEAA@VQLatin1String@@@Z
??1QString@@QEAA@XZ
?number@QString@@SA?AV1@HH@Z
?open@QBuffer@@UEAA_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle

vcruntime140

memcmp
memcpy
memset
__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 161B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qjpeg.dll
.dll windows x64

Password: 55555

9ebbf4d0a446a64a6029be0a5b12d52d

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

c3:fc:7a:78:5d:1e:95:f2:72:11:fb:42:fd:8c:00:a4:d2:66:db:d2:7f:f6:c4:3d:74:be:22:a4:1c:55:24:d9
Signer

Actual PE Digest

c3:fc:7a:78:5d:1e:95:f2:72:11:fb:42:fd:8c:00:a4:d2:66:db:d2:7f:f6:c4:3d:74:be:22:a4:1c:55:24:d9

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

17-11-2021 14:04
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?nextImageDelay@QImageIOHandler@@UEBAHXZ
?loopCount@QImageIOHandler@@UEBAHXZ
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
??1QImageIOPlugin@@UEAA@XZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UEBAHXZ
?qt_imageTransform@@YAXAEAVQImage@@V?$QFlags@W4Transformation@QImageIOHandler@@@@@Z
?qt_convert_rgb888_to_rgb32_ssse3@@YAXPEAIPEBEH@Z
?qt_convert_rgb888_to_rgb32@@YAXPEAIPEBEH@Z
?qt_getImageText@@YA?AV?$QMap@VQString@@V1@@@AEBVQImage@@AEBVQString@@@Z
?convertToFormat_inplace@QImage@@IEAA_NW4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?convertToFormat_helper@QImage@@IEBA?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?imageCount@QImageIOHandler@@UEBAHXZ
?setText@QImage@@QEAAXAEBVQString@@0@Z
?setDotsPerMeterY@QImage@@QEAAXH@Z
?setDotsPerMeterX@QImage@@QEAAXH@Z
?dotsPerMeterY@QImage@@QEBAHXZ
?dotsPerMeterX@QImage@@QEBAHXZ
?scaled@QImage@@QEBA?AV1@AEBVQSize@@W4AspectRatioMode@Qt@@W4TransformationMode@4@@Z
?colorTable@QImage@@QEBA?AV?$QVector@I@@XZ
?constScanLine@QImage@@QEBAPEBEH@Z
?scanLine@QImage@@QEAAPEAEH@Z
?colorCount@QImage@@QEBAHXZ
?size@QImage@@QEBA?AVQSize@@XZ
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?format@QImage@@QEBA?AW4Format@1@XZ
?copy@QImage@@QEBA?AV1@AEBVQRect@@@Z
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@$$QEAV0@@Z
??0QImage@@QEAA@AEBV0@@Z
??0QImage@@QEAA@AEBVQSize@@W4Format@0@@Z
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z

qt5core

?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?qt_cpu_features@@3PAV?$QBasicAtomicInteger@_K@@A
?staticMetaObject@QBuffer@@2UQMetaObject@@B
?shared_null@QListData@@2UData@1@B
?qDetectCpuFeatures@@YAXXZ
?data@QBuffer@@QEBAAEBVQByteArray@@XZ
?toSize@QVariant@@QEBA?AVQSize@@XZ
?toRect@QVariant@@QEBA?AVQRect@@XZ
?toString@QVariant@@QEBA?AVQString@@XZ
?toBool@QVariant@@QEBA_NXZ
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?isOpen@QIODevice@@QEBA_NXZ
?isReadable@QIODevice@@QEBA_NXZ
?isWritable@QIODevice@@QEBA_NXZ
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?cast@QMetaObject@@QEBAPEAVQObject@@PEAV2@@Z
??0QChar@@QEAA@UQLatin1Char@@@Z
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
??0QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@PEBDH@Z
??1QByteArray@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
?truncate@QByteArray@@QEAAXH@Z
?append@QByteArray@@QEAAAEAV1@PEBD@Z
?append@QByteArray@@QEAAAEAV1@PEBDH@Z
?append@QByteArray@@QEAAAEAV1@AEBV1@@Z
??0QString@@QEAA@XZ
??0QString@@QEAA@VQLatin1String@@@Z
??0QString@@QEAA@AEBV0@@Z
??1QString@@QEAA@XZ
??4QString@@QEAAAEAV0@AEBV0@@Z
??4QString@@QEAAAEAV0@VQLatin1String@@@Z
??4QString@@QEAAAEAV0@$$QEAV0@@Z
?indexOf@QString@@QEBAHVQChar@@HW4CaseSensitivity@Qt@@@Z
?indexOf@QString@@QEBAHVQLatin1String@@HW4CaseSensitivity@Qt@@@Z
?left@QString@@QEBA?AV1@H@Z
?mid@QString@@QEBA?AV1@HH@Z
?simplified@QString@@QEGBA?AV1@XZ
?append@QString@@QEAAAEAV1@AEBV1@@Z
?append@QString@@QEAAAEAV1@VQLatin1String@@@Z
?toUtf8@QString@@QEGBA?AVQByteArray@@XZ
?fromUtf8@QString@@SA?AV1@PEBDH@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?dispose@QListData@@SAXPEAUData@1@@Z
?append@QListData@@QEAAPEAPEAXXZ
?read@QIODevice@@QEAA_JPEAD_J@Z
?write@QIODevice@@QEAA_JPEBD_J@Z
?peek@QIODevice@@QEAA_JPEAD_J@Z
?translate@QRect@@QEAAXAEBVQPoint@@@Z
?size@QRect@@QEBA?AVQSize@@XZ
??IQRect@@QEBA?AV0@AEBV0@@Z
??0QDataStream@@QEAA@PEAVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??1QDataStream@@QEAA@XZ
?status@QDataStream@@QEBA?AW4Status@1@XZ
?setByteOrder@QDataStream@@QEAAXW4ByteOrder@1@@Z
??5QDataStream@@QEAAAEAV0@AEAF@Z
??5QDataStream@@QEAAAEAV0@AEAH@Z
?readRawData@QDataStream@@QEAAHPEADH@Z
?nextNode@QMapNodeBase@@QEBAPEBU1@XZ
?freeTree@QMapDataBase@@QEAAXPEAUQMapNodeBase@@H@Z
?freeData@QMapDataBase@@SAXPEAU1@@Z
??0QVariant@@QEAA@XZ
?toInt@QVariant@@QEBAHPEA_N@Z
??0QVariant@@QEAA@AEBV0@@Z
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@_N@Z
??0QVariant@@QEAA@AEBVQString@@@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
??0QVariant@@QEAA@AEBVQRect@@@Z
??4QVariant@@QEAAAEAV0@$$QEAV0@@Z
??1QVariant@@QEAA@XZ

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

vcruntime140

longjmp
memcpy
memset
__intrinsic_setjmp
__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
exit
_initterm_e
_initterm
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qsvg.dll
.dll windows x64

Password: 55555

966cf231bc9e28a0591a3f1562dd5a64

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:17:1e:4b:ff:7d:55:7d:6d:06:4c:2c:47:34:85:22:45:f8:b9:c0:44:2d:3f:71:52:b0:f6:d9:cd:19:2f:07
Signer

Actual PE Digest

52:17:1e:4b:ff:7d:55:7d:6d:06:4c:2c:47:34:85:22:45:f8:b9:c0:44:2d:3f:71:52:b0:f6:d9:cd:19:2f:07

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

18-11-2021 05:49
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5svg

?load@QSvgRenderer@@QEAA_NPEAVQXmlStreamReader@@@Z
?load@QSvgRenderer@@QEAA_NAEBVQByteArray@@@Z
?defaultSize@QSvgRenderer@@QEBA?AVQSize@@XZ
??1QSvgRenderer@@UEAA@XZ
?render@QSvgRenderer@@QEAAXPEAVQPainter@@AEBVQRectF@@@Z
??0QSvgRenderer@@QEAA@PEAVQObject@@@Z

qt5gui

?nextImageDelay@QImageIOHandler@@UEBAHXZ
?loopCount@QImageIOHandler@@UEBAHXZ
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
?imageCount@QImageIOHandler@@UEBAHXZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UEBAHXZ
?write@QImageIOHandler@@UEAA_NAEBVQImage@@@Z
??1QPainter@@QEAA@XZ
??0QPainter@@QEAA@PEAVQPaintDevice@@@Z
?fill@QImage@@QEAAXI@Z
?size@QImage@@QEBA?AVQSize@@XZ
?reinterpretAsFormat@QImage@@QEAA_NW4Format@1@@Z
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??1QImage@@UEAA@XZ
?end@QPainter@@QEAA_NXZ
??0QImage@@QEAA@AEBVQSize@@W4Format@0@@Z
?mapRect@QTransform@@QEBA?AVQRectF@@AEBV2@@Z
?scale@QTransform@@QEAAAEAV1@NN@Z
?translate@QTransform@@QEAAAEAV1@NN@Z
??0QTransform@@QEAA@XZ
?invalidate@QColor@@AEAAXXZ
??BQColor@@QEBA?AVQVariant@@XZ
?rgba@QColor@@QEBAIXZ
??0QColor@@QEAA@W4GlobalColor@Qt@@@Z
?format@QImageIOHandler@@QEBA?AVQByteArray@@XZ
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
??1QImageIOPlugin@@UEAA@XZ
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z

qt5core

?staticMetaObject@QBuffer@@2UQMetaObject@@B
?data@QBuffer@@QEBAAEBVQByteArray@@XZ
?convert@QVariant@@QEBA_NHPEAX@Z
?constData@QVariant@@QEBAPEBXXZ
?toSize@QVariant@@QEBA?AVQSize@@XZ
?toRect@QVariant@@QEBA?AVQRect@@XZ
?userType@QVariant@@QEBAHXZ
??0QVariant@@QEAA@AEBVQRect@@@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@XZ
?setDevice@QXmlStreamReader@@QEAAXPEAVQIODevice@@@Z
??1QXmlStreamReader@@QEAA@XZ
?peek@QIODevice@@QEAA?AVQByteArray@@_J@Z
?readAll@QIODevice@@QEAA?AVQByteArray@@XZ
?fromRawData@QByteArray@@SA?AV1@PEBDH@Z
?startsWith@QByteArray@@QEBA_NPEBD@Z
?indexOf@QByteArray@@QEBAHPEBDH@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?isReadable@QIODevice@@QEBA_NXZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?cast@QMetaObject@@QEBAPEAVQObject@@PEAV2@@Z
??0QByteArray@@QEAA@PEBDH@Z
??1QByteArray@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
??0QXmlStreamReader@@QEAA@XZ

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EnterCriticalSection
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
CloseHandle

vcruntime140

__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qtga.dll
.dll windows x64

989285574080cbb89defeba47f8fddab

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

3a:38:1b:11:70:d0:39:fb:3b:ca:4b:34:8e:44:74:dc:59:2d:33:1c:de:91:f1:0f:4f:bb:24:fe:f5:9c:67:e0
Signer

Actual PE Digest

3a:38:1b:11:70:d0:39:fb:3b:ca:4b:34:8e:44:74:dc:59:2d:33:1c:de:91:f1:0f:4f:bb:24:fe:f5:9c:67:e0

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

18-11-2021 05:51
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
??0QImageIOHandler@@QEAA@XZ
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?setPixel@QImage@@QEAAXHHI@Z
??0QImage@@QEAA@$$QEAV0@@Z
??0QImage@@QEAA@HHW4Format@0@@Z
??0QImage@@QEAA@XZ
?write@QImageIOHandler@@UEAA_NAEBVQImage@@@Z
?nextImageDelay@QImageIOHandler@@UEBAHXZ
?loopCount@QImageIOHandler@@UEBAHXZ
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
?imageCount@QImageIOHandler@@UEBAHXZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UEBAHXZ
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??1QImage@@UEAA@XZ
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??1QImageIOPlugin@@UEAA@XZ

qt5core

?warning@QMessageLogger@@QEBAXPEBDZZ
??0QByteArray@@QEAA@PEBDH@Z
??1QByteArray@@QEAA@XZ
??0QVariant@@QEAA@XZ
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
??0QString@@QEAA@XZ
??1QString@@QEAA@XZ
??4QString@@QEAAAEAV0@$$QEAV0@@Z
?isReadable@QIODevice@@QEBA_NXZ
?read@QIODevice@@QEAA_JPEAD_J@Z
?getChar@QIODevice@@QEAA_NPEAD@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?isOpen@QIODevice@@QEBA_NXZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?translate@QCoreApplication@@SA?AVQString@@PEBD00H@Z

kernel32

LeaveCriticalSection
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
CloseHandle
InitializeSListHead

vcruntime140

_purecall
__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 117B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qtiff.dll
.dll windows x64

0d85ed3dcc9e2bbd5f578f8b735c4689

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

be:39:e8:c9:e9:57:d4:4e:2f:ce:b9:05:5a:a7:02:ff:a0:98:fb:14:59:dd:03:ab:1e:7c:70:d9:00:21:7f:49
Signer

Actual PE Digest

be:39:e8:c9:e9:57:d4:4e:2f:ce:b9:05:5a:a7:02:ff:a0:98:fb:14:59:dd:03:ab:1e:7c:70:d9:00:21:7f:49

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

18-11-2021 05:51
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

?loopCount@QImageIOHandler@@UEBAHXZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?nextImageDelay@QImageIOHandler@@UEBAHXZ
?convertToFormat_helper@QImage@@IEBA?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?setDotsPerMeterY@QImage@@QEAAXH@Z
?setDotsPerMeterX@QImage@@QEAAXH@Z
?dotsPerMeterY@QImage@@QEBAHXZ
?dotsPerMeterX@QImage@@QEBAHXZ
?hasAlphaChannel@QImage@@QEBA_NXZ
?setColorTable@QImage@@QEAAXV?$QVector@I@@@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?colorTable@QImage@@QEBA?AV?$QVector@I@@XZ
?bytesPerLine@QImage@@QEBAHXZ
?constScanLine@QImage@@QEBAPEBEH@Z
?scanLine@QImage@@QEBAPEBEH@Z
?scanLine@QImage@@QEAAPEAEH@Z
?bits@QImage@@QEAAPEAEXZ
?depth@QImage@@QEBAHXZ
?size@QImage@@QEBA?AVQSize@@XZ
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?reinterpretAsFormat@QImage@@QEAA_NW4Format@1@@Z
?format@QImage@@QEBA?AW4Format@1@XZ
?copy@QImage@@QEBA?AV1@AEBVQRect@@@Z
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@$$QEAV0@@Z
??0QImage@@QEAA@AEBVQSize@@W4Format@0@@Z
?logicalDpiY@QPaintDevice@@QEBAHXZ
?logicalDpiX@QPaintDevice@@QEBAHXZ
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
??1QImageIOPlugin@@UEAA@XZ
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z
?convertToFormat_inplace@QImage@@IEAA_NW4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z

qt5core

z_deflateInit_
??0QByteArray@@QEAA@PEBDH@Z
z_inflateInit_
z_inflateReset
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?isOpen@QIODevice@@QEBA_NXZ
?isReadable@QIODevice@@QEBA_NXZ
?isWritable@QIODevice@@QEBA_NXZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?allocate@QArrayData@@SAPEAU1@_K00V?$QFlags@W4AllocationOption@QArrayData@@@@@Z
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
z_deflateParams
??1QByteArray@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
?fromRawData@QByteArray@@SA?AV1@PEBDH@Z
?read@QIODevice@@QEAA_JPEAD_J@Z
?write@QIODevice@@QEAA_JPEBD_J@Z
?peek@QIODevice@@QEAA?AVQByteArray@@_J@Z
??0QVariant@@QEAA@XZ
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
?type@QVariant@@QEBA?AW4Type@1@XZ
?toInt@QVariant@@QEBAHPEA_N@Z
?shared_null@QArrayData@@2QBU1@B
z_deflate
z_deflateEnd
z_inflate
z_inflateEnd
z_deflateReset

kernel32

CloseHandle
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeSListHead

vcruntime140

memcmp
memcpy
memset
memmove
__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free
_callnewh
realloc

api-ms-win-crt-math-l1-1-0

floor
pow
sqrt
atan2
exp
log

api-ms-win-crt-string-l1-1-0

strcmp
strncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__stdio_common_vsprintf
__acrt_iob_func

api-ms-win-crt-utility-l1-1-0

bsearch
qsort
rand

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_initterm_e
_initterm
_cexit
_execute_onexit_table
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qwbmp.dll
.dll windows x64

da76a0e2b9c886db9cb4a69aca5e1a8a

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

55:93:4d:dd:06:8f:9c:5a:16:07:c5:21:c2:75:95:68:38:61:d2:e6:84:62:93:87:91:94:c7:20:fe:17:76:0d
Signer

Actual PE Digest

55:93:4d:dd:06:8f:9c:5a:16:07:c5:21:c2:75:95:68:38:61:d2:e6:84:62:93:87:91:94:c7:20:fe:17:76:0d

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

18-11-2021 05:51
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
??0QImageIOHandler@@QEAA@XZ
?nextImageDelay@QImageIOHandler@@UEBAHXZ
?name@QImageIOHandler@@UEBA?AVQByteArray@@XZ
?loopCount@QImageIOHandler@@UEBAHXZ
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
?setOption@QImageIOHandler@@UEAAXW4ImageOption@1@AEBVQVariant@@@Z
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
?imageCount@QImageIOHandler@@UEBAHXZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?currentImageNumber@QImageIOHandler@@UEBAHXZ
?convertToFormat_helper@QImage@@IEBA?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?invertPixels@QImage@@QEAAXW4InvertMode@1@@Z
?fill@QImage@@QEAAXI@Z
?colorTable@QImage@@QEBA?AV?$QVector@I@@XZ
?constScanLine@QImage@@QEBAPEBEH@Z
?scanLine@QImage@@QEAAPEAEH@Z
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?format@QImage@@QEBA?AW4Format@1@XZ
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??4QImage@@QEAAAEAV0@AEBV0@@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@$$QEAV0@@Z
??0QImage@@QEAA@AEBV0@@Z
??0QImage@@QEAA@HHW4Format@0@@Z
??0QImage@@QEAA@XZ
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??1QImageIOPlugin@@UEAA@XZ

qt5core

?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?isWritable@QIODevice@@QEBA_NXZ
?isReadable@QIODevice@@QEBA_NXZ
?isOpen@QIODevice@@QEBA_NXZ
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
??0QByteArray@@QEAA@PEBDH@Z
??1QByteArray@@QEAA@XZ
?read@QIODevice@@QEAA_JPEAD_J@Z
?write@QIODevice@@QEAA_JPEBD_J@Z
?putChar@QIODevice@@QEAA_ND@Z
?getChar@QIODevice@@QEAA_NPEAD@Z
??0QVariant@@QEAA@XZ
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle

vcruntime140

__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
imageformats/qwebp.dll
.dll windows x64

ccf927d1eb881d17cfdc8c8556b1a007

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07-07-2009 17:25

Not After

07-12-2030 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10-06-2015 13:42

Not After

10-11-2030 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01-12-2020 12:42

Not After

01-12-2021 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24-12-1999 17:50

Not After

24-07-2029 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22-07-2015 19:02

Not After

22-06-2029 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22-07-2020 15:33

Not After

29-12-2030 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

94:10:7a:2f:70:ac:b7:f3:a9:9d:6f:0b:56:fb:ad:72:7c:1b:2f:8a:ad:c5:9e:7c:b9:e3:25:b8:2f:48:c5:1a
Signer

Actual PE Digest

94:10:7a:2f:70:ac:b7:f3:a9:9d:6f:0b:56:fb:ad:72:7c:1b:2f:8a:ad:c5:9e:7c:b9:e3:25:b8:2f:48:c5:1a

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

18-11-2021 05:51
Valid: true

Chain 1

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

?paintEngine@QImage@@UEBAPEAVQPaintEngine@@XZ
?metric@QImage@@MEBAHW4PaintDeviceMetric@QPaintDevice@@@Z
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
?initPainter@QPaintDevice@@MEBAXPEAVQPainter@@@Z
?devType@QImage@@UEBAHXZ
?redirected@QPaintDevice@@MEBAPEAV1@PEAVQPoint@@@Z
??1QPainter@@QEAA@XZ
??0QPainter@@QEAA@PEAVQPaintDevice@@@Z
?setOption@QImageIOHandler@@UEAAXW4ImageOption@1@AEBVQVariant@@@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
?drawImage@QPainter@@QEAAXAEBVQRect@@AEBVQImage@@@Z
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
?convertToFormat_helper@QImage@@IEBA?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?hasAlphaChannel@QImage@@QEBA_NXZ
?fill@QImage@@QEAAXW4GlobalColor@Qt@@@Z
?bytesPerLine@QImage@@QEBAHXZ
?sizeInBytes@QImage@@QEBA_JXZ
?bits@QImage@@QEAAPEAEXZ
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?format@QImage@@QEBA?AW4Format@1@XZ
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??4QImage@@QEAAAEAV0@AEBV0@@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@AEBV0@@Z
??0QImage@@QEAA@HHW4Format@0@@Z
?invalidate@QColor@@AEAAXXZ
??BQColor@@QEBA?AVQVariant@@XZ
?fromRgba@QColor@@SA?AV1@I@Z
??1QImageIOPlugin@@UEAA@XZ
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z
?sharedPainter@QPaintDevice@@MEBAPEAVQPainter@@XZ

qt5core

??6QDebug@@QEAAAEAV0@H@Z
?toInt@QVariant@@QEBAHPEA_N@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@XZ
?peek@QIODevice@@QEAA?AVQByteArray@@_J@Z
?write@QIODevice@@QEAA_JPEBD_J@Z
?readAll@QIODevice@@QEAA?AVQByteArray@@XZ
?endsWith@QByteArray@@QEBA_NPEBD@Z
?startsWith@QByteArray@@QEBA_NPEBD@Z
?constData@QByteArray@@QEBAPEBDXZ
??4QByteArray@@QEAAAEAV0@$$QEAV0@@Z
??1QByteArray@@QEAA@XZ
??6QDebug@@QEAAAEAV0@PEBD@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?isOpen@QIODevice@@QEBA_NXZ
?isReadable@QIODevice@@QEBA_NXZ
?isWritable@QIODevice@@QEBA_NXZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?warning@QMessageLogger@@QEBA?AVQDebug@@XZ
??0QByteArray@@QEAA@XZ
??1QDebug@@QEAA@XZ

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle

vcruntime140

memset
memcpy
memmove
__C_specific_handler
__std_terminate
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-math-l1-1-0

pow
log10
log

api-ms-win-crt-utility-l1-1-0

qsort
bsearch

api-ms-win-crt-heap-l1-1-0

_callnewh
calloc
malloc
free

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_register_onexit_function
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_cexit
_execute_onexit_table
_crt_atexit
_initterm

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 393KB - Virtual size: 393KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 118B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
langs/Croatian.ini
langs/Czech.ini
langs/Danish.ini
langs/English.ini
langs/Finnish.ini
langs/Hebrew.ini
langs/Hungarian.ini
.ps1
langs/Indonesian.ini
langs/Japanese.ini
langs/Kazakh.ini
langs/Korean.ini
.ps1
langs/Kurdish.ini
langs/Lithuanian.ini
langs/Norwegian.ini
langs/SimpChinese.ini
langs/Sinhala.ini
langs/Slovak.ini
langs/Swedish.ini
langs/Thai.ini
langs/TradChinese.ini
langs/Ukrainian.ini
langs/Uyghur.ini
langs/UyghurLatin.ini
langs/Uzbek.ini
langs/Vietnamese.ini
resources.pak

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: 55555

Password: 55555

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

bd:12:ac:19:af:9e:c0:fa:52:83:a8:24:59:7c:0a:57Certificate

Extended Key Usages

Key Usages

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1Certificate

Extended Key Usages

Key Usages

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

b1:18:cb:e8:ac:87:7f:5a:70:59:72:ae:26:92:d0:ce:77:76:1c:00:13:e4:25:d8:b3:94:f4:5c:9e:41:32:d8Signer

Signature Validations

Verification

28-01-2020 20:49 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 749KB - Virtual size: 749KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: 55555

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

Imports

mscoree

Sections

.text Size: 13KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 512B - Virtual size: 12B

Password: 55555

74bc1338c3acaa68f433e80dd85f5c29

Code Sign

4a:53:8c:28Certificate

Key Usages

87:82:52:60:00:00:00:00:51:d3:73:d9Certificate

Extended Key Usages

Key Usages

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34Certificate

Extended Key Usages

Key Usages

38:63:de:f8Certificate

Key Usages

58:da:13:ff:00:00:00:00:51:ce:0d:f7Certificate

Extended Key Usages

Key Usages

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4Certificate

Extended Key Usages

Key Usages

49:1c:e9:d0:8c:03:db:03:c7:e1:1c:28:32:5d:27:35:be:34:e3:18:49:b1:76:9c:db:fd:0b:80:b7:87:64:71Signer

Signature Validations

Verification

18-11-2021 05:49 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

qt5svg

qt5gui

qt5core

kernel32

vcruntime140

bd:12:ac:19:af:9e:c0:fa:52:83:a8:24:59:7c:0a:57
Certificate

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

b1:18:cb:e8:ac:87:7f:5a:70:59:72:ae:26:92:d0:ce:77:76:1c:00:13:e4:25:d8:b3:94:f4:5c:9e:41:32:d8
Signer

28-01-2020 20:49
Valid: true

.text
Size: 749KB - Virtual size: 749KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 13KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 12B

4a:53:8c:28
Certificate

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

49:1c:e9:d0:8c:03:db:03:c7:e1:1c:28:32:5d:27:35:be:34:e3:18:49:b1:76:9c:db:fd:0b:80:b7:87:64:71
Signer

18-11-2021 05:49
Valid: true

.text
Size: 16KB - Virtual size: 16KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 696B

.pdata
Size: 1KB - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 106B

.rsrc
Size: 1024B - Virtual size: 840B

.reloc
Size: 512B - Virtual size: 140B

4a:53:8c:28
Certificate

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

03:0b:e2:4f:18:06:ed:df:81:c9:91:91:5b:cc:ef:1d:27:90:86:de:8d:dc:89:02:eb:e7:2a:14:08:a3:d7:ff
Signer

17-11-2021 14:04
Valid: true

.text
Size: 15KB - Virtual size: 15KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.qtmetad
Size: 512B - Virtual size: 115B

.rsrc
Size: 1024B - Virtual size: 832B

.reloc
Size: 512B - Virtual size: 148B

4a:53:8c:28
Certificate

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

38:63:de:f8
Certificate