Factura-Digital[.]7z

Sharing

Copy URL

Twitter E-mail

General

Target

Factura-Digital.7z
Size

7.1MB
MD5

551db99ee591cc96a7eb9cb2d90ce3e5
SHA1

625b7ed0d937fc5fc4a03433104ed326facc7074
SHA256

630bc7e23cc99472759d6c778c0ff57f07f5b5e0af4806c0e4fced953166eb60
SHA512

f1afe7c69e5344b60339556f9d4062494828125cc7a1e5b87cb6df6f9cf779ab2df59c5d3f9214a8321a7c953376e42b458a3b2b652a0e93943d2f1a1982a3f6
SSDEEP

196608:Ny6qg/nmMEduyQPanOZamIkVDlKQt9ajUYhen8:HjgduyyaWF1YGBae8

Score

1^/10

Malware Config

Signatures

Files

Factura-Digital.7z
.7z

Password: 2040
Factura-Electronica.exe
.exe windows x64

Password: 2040

4cea7ae85c87ddc7295d39ff9cda31d1

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-01-2021 00:00

Not After

06-01-2031 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:1f:3a:05:7a:1d:ce:4b:f7:d7:6d:0c:7a:df:83:7e
Certificate

Issuer

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-11-2019 00:00

Not After

04-02-2023 12:00

Subject

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07-01-2016 12:00

Not After

07-01-2031 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11-02-2011 12:00

Not After

10-02-2026 12:00

Subject

CN=DigiCert Assured ID Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:83:09:ba:16:54:68:50:e6:05:e7:5d:77:3e:56:de
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-11-2019 00:00

Not After

04-02-2023 12:00

Subject

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

28-01-2021 11:08

Not After

01-03-2032 11:08

Subject

CN=Globalsign TSA for CodeSign1 - R6,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

af:52:23:f5:92:97:ac:71:c8:a9:02:06:e5:de:39:9b:c4:8c:73:fe:fc:31:c3:ac:dd:32:80:99:1e:2e:72:5a
Signer

Actual PE Digest

af:52:23:f5:92:97:ac:71:c8:a9:02:06:e5:de:39:9b:c4:8c:73:fe:fc:31:c3:ac:dd:32:80:99:1e:2e:72:5a

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

09-12-2021 06:59
Valid: true

Chain 1

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

a8:bd:4d:f4:7d:9b:ef:65:db:37:a5:2e:9c:91:b2:2e:be:9b:8a:f3
Signer

Actual PE Digest

a8:bd:4d:f4:7d:9b:ef:65:db:37:a5:2e:9c:91:b2:2e:be:9b:8a:f3

Digest Algorithm

sha1

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Beijing Qihu Technology Co.\, Ltd.,O=Beijing Qihu Technology Co.\, Ltd.,ST=Beijing,C=CN

09-12-2021 06:58
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

GetTokenInformation
RegDeleteValueA
RegOpenKeyExA
RegQueryInfoKeyA
FreeSid
OpenProcessToken
RegSetValueExA
RegCreateKeyExA
LookupPrivilegeValueA
AllocateAndInitializeSid
RegQueryValueExA
EqualSid
RegCloseKey
AdjustTokenPrivileges

kernel32

_lopen
_llseek
CompareStringA
GetLastError
GetFileAttributesA
GetSystemDirectoryA
LoadLibraryA
DeleteFileA
GlobalAlloc
GlobalFree
CloseHandle
WritePrivateProfileStringA
IsDBCSLeadByte
GetWindowsDirectoryA
SetFileAttributesA
GetProcAddress
GlobalLock
LocalFree
RemoveDirectoryA
FreeLibrary
_lclose
CreateDirectoryA
GetPrivateProfileIntA
GetPrivateProfileStringA
GlobalUnlock
ReadFile
SizeofResource
WriteFile
GetDriveTypeA
LoadLibraryExA
SetFileTime
SetFilePointer
FindResourceA
CreateMutexA
GetVolumeInformationA
WaitForSingleObject
GetCurrentDirectoryA
FreeResource
GetVersion
SetCurrentDirectoryA
GetTempPathA
LocalFileTimeToFileTime
CreateFileA
SetEvent
TerminateThread
GetVersionExA
LockResource
GetSystemInfo
CreateThread
ResetEvent
LoadResource
ExitProcess
GetModuleHandleW
CreateProcessA
FormatMessageA
GetTempFileNameA
DosDateTimeToFileTime
CreateEventA
GetExitCodeProcess
ExpandEnvironmentStringsA
LocalAlloc
lstrcmpA
FindNextFileA
GetCurrentProcess
FindFirstFileA
GetModuleFileNameA
GetShortPathNameA
Sleep
GetStartupInfoW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
EnumResourceLanguagesA
GetDiskFreeSpaceA
MulDiv
FindClose

gdi32

GetDeviceCaps

user32

ShowWindow
MsgWaitForMultipleObjects
SetWindowPos
GetDC
GetWindowRect
DispatchMessageA
GetSystemMetrics
CallWindowProcA
SetWindowTextA
MessageBoxA
SendDlgItemMessageA
SendMessageA
GetDlgItem
DialogBoxIndirectParamA
GetWindowLongPtrA
SetWindowLongPtrA
SetForegroundWindow
ReleaseDC
EnableWindow
CharNextA
LoadStringA
CharPrevA
EndDialog
MessageBeep
ExitWindowsEx
SetDlgItemTextA
CharUpperA
GetDesktopWindow
PeekMessageA
GetDlgItemTextA

msvcrt

?terminate@@YAXXZ
_commode
_fmode
_acmdln
__C_specific_handler
memset
__setusermatherr
_ismbblead
_cexit
_exit
exit
__set_app_type
__getmainargs
_amsg_exit
_XcptFilter
memcpy_s
_vsnprintf
_initterm
memcpy

comctl32

ord17

cabinet

ord20
ord21
ord23
ord22

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/ist/stand/aut/FaceBootstrapAdapter.dll
.dll windows x64

Password: 2040

b86b775ded6e4965bc085ca37be2cd29

Code Sign

33:00:00:03:80:e4:bb:91:f3:18:fd:8e:9a:00:00:00:00:03:80
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10-03-2022 19:24

Not After

08-03-2023 19:24

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b5:17:8b:e9:76:24:2e:50:7e:df:0d:b2:a6:e7:c1:9c:97:80:b0:b3:e8:c6:10:93:b4:a7:71:8d:45:c9:cd:98
Signer

Actual PE Digest

b5:17:8b:e9:76:24:2e:50:7e:df:0d:b2:a6:e7:c1:9c:97:80:b0:b3:e8:c6:10:93:b4:a7:71:8d:45:c9:cd:98

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 13:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-crt-locale-l1-1-0

_lock_locales
_unlock_locales

api-ms-win-crt-string-l1-1-0

__strncnt
wcsnlen
strcspn
memset

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__free_base
_o__fseeki64
_o__Getdays
_o__Getmonths
_o__Gettnames
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__lock_file
_o__malloc_base
_o__purecall
_o__realloc_base
_o__register_onexit_function
_o__seh_filter_dll
_o__Strftime
_o__unlock_file
_o__W_Getdays
_o__W_Getmonths
_o__W_Gettnames
_o__wcsdup
_o__Wcsftime
_o__wfsopen
_o_abort
_o_calloc
_o_fclose
_o_fflush
_o_fgetc
_o_fgetpos
_o_fgetwc
_o_fputwc
_o_free
_o_frexp
_o_fsetpos
_o_fwrite
_o_islower
_o_isspace
_o_isupper
_o_ldexp
_o_localeconv
_o_malloc
_o_pow
_o_powf
_o_realloc
_o_setlocale
_o_setvbuf
_o_strtod
_o_strtof
_o_terminate
_o_tolower
_o_towupper
_o_ungetc
_o_ungetwc
_o_wcscpy_s
__uncaught_exception
__C_specific_handler
_CxxThrowException
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__calloc_base
_o__callnewh
_o__beginthreadex
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___pctype_func
_o____mb_cur_max_func
_o____lc_locale_name_func
_o____lc_collate_cp_func
_o____lc_codepage_func
__CxxFrameHandler3
memchr
memcmp
memcpy
memmove

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFileExistsW

ext-ms-win-rtcore-ntuser-cursor-l1-1-0

SetCursor
LoadCursorW

api-ms-win-rtcore-ntuser-window-l1-1-0

PeekMessageW
TranslateMessage
PostQuitMessage
DispatchMessageW

api-ms-win-rtcore-ntuser-synch-l1-1-0

MsgWaitForMultipleObjectsEx

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleFileNameA
GetModuleHandleExW
DisableThreadLibraryCalls
GetModuleHandleW

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
SetEvent
WaitForSingleObjectEx
ReleaseMutex
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CreateMutexExW
ReleaseSRWLockShared
ResetEvent
InitializeCriticalSection
AcquireSRWLockExclusive
ReleaseSemaphore
WaitForMultipleObjectsEx
InitializeCriticalSectionEx
CreateEventW
ReleaseSRWLockExclusive
CreateEventExW
LeaveCriticalSection
CreateSemaphoreExW
EnterCriticalSection
OpenSemaphoreW
AcquireSRWLockShared
InitializeSRWLock

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetLastError
SetUnhandledExceptionFilter
RaiseException

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW
GetPersistedFileLocationW

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetExitCodeThread

api-ms-win-core-localization-l1-2-0

GetCPInfo
LCMapStringEx
GetLocaleInfoEx
FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventActivityIdControl
EventWriteTransfer
EventSetInformation

api-ms-win-devices-config-l1-1-1

CM_MapCrToWin32Err
CM_Open_DevNode_Key
CM_Open_Device_Interface_KeyW
CM_Get_Device_Interface_PropertyW
CM_Get_Device_Interface_List_SizeW
CM_Locate_DevNodeW
CM_Get_Device_Interface_ListW

api-ms-win-core-com-l1-1-0

CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoUninitialize
StringFromGUID2
CoGetApartmentType
StringFromCLSID
CoTaskMemAlloc
CoWaitForMultipleHandles

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegSetValueExW
RegGetValueW
RegCreateKeyExW

api-ms-win-core-winrt-string-l1-1-0

WindowsCompareStringOrdinal
WindowsCreateStringReference
WindowsDeleteString
WindowsGetStringRawBuffer
WindowsCreateString
WindowsDuplicateString

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoUninitialize
RoInitialize

api-ms-win-core-file-l1-1-0

GetFileAttributesW

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemDirectoryW
GetSystemTimeAsFileTime

api-ms-win-core-path-l1-1-0

PathCchCombine

api-ms-win-core-string-l1-1-0

GetStringTypeW
WideCharToMultiByte
MultiByteToWideChar
CompareStringEx

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks

rpcrt4

UuidCreate

api-ms-win-core-winrt-error-l1-1-0

GetRestrictedErrorInfo
RoTransformError
SetRestrictedErrorInfo
RoOriginateError
RoOriginateErrorW

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
IsErrorPropagationEnabled
RoReportFailedDelegate

newdev

UpdateDriverForPlugAndPlayDevicesW
DiInstallDriverW

ole32

CoInitialize
CoGetObject

winbio

WinBioGetEnrolledFactors

Exports

Exports

WbioQueryEngineInterface
WbioQuerySensorInterface
WbioQueryStorageInterface

Sections

.text
Size: 404KB - Virtual size: 404KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/ist/stand/aut/FaceProcessor.dll
.dll windows x64

Password: 2040

564bd090b5791525232b1585607ad788

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-crt-math-l1-1-0

sqrtf
ceilf
expf
floorf
modff

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__malloc_base
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsdup
_o__wcsicmp
_o__wcsnicmp
_o_abort
_o_free
_o_islower
_o_isupper
_o_malloc
_o_realloc
_o_roundf
_o_setlocale
_o_terminate
_o_towlower
_o_towupper
_o_wcscpy_s
__C_specific_handler
_CxxThrowException
_o__free_base
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__calloc_base
_o__callnewh
_o__beginthreadex
_o__aligned_malloc
_o__aligned_free
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_name
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___pctype_func
_o____lc_locale_name_func
_o____lc_codepage_func
__CxxFrameHandler3
__uncaught_exception
memcmp
memcpy
memmove

api-ms-win-crt-string-l1-1-0

__strncnt
memset

faceprocessorcore

CreateFaceCache
CreateInfraredFaceProcessor

ext-ms-win-session-wtsapi32-l1-1-0

WTSEnumerateSessionsW
WTSFreeMemory
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
LockResource
GetModuleFileNameW
LoadLibraryExW
GetModuleHandleW
SizeofResource
GetProcAddress
FindResourceExW
LoadResource
GetModuleFileNameA
FreeLibrary
GetModuleHandleExW

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
ReleaseMutex
ResetEvent
InitializeCriticalSectionAndSpinCount
ReleaseSemaphore
InitializeSRWLock
CreateMutexExW
CreateEventExW
AcquireSRWLockExclusive
InitializeCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
SetEvent
InitializeCriticalSectionEx
DeleteCriticalSection
SetWaitableTimer
WaitForMultipleObjectsEx
EnterCriticalSection
CreateEventW
OpenSemaphoreW
LeaveCriticalSection
CreateSemaphoreExW
WaitForSingleObjectEx

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
RaiseException
UnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
ResumeThread
GetExitCodeThread
TerminateProcess
SuspendThread
GetCurrentThreadId
GetCurrentProcessId
CreateThread
TerminateThread

api-ms-win-core-localization-l1-2-0

LCMapStringEx
FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventSetInformation
EventWriteTransfer
EventActivityIdControl

api-ms-win-core-com-l1-1-0

CoWaitForMultipleHandles
CoGetApartmentType
StringFromCLSID
CoTaskMemFree
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoCreateInstance

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoOriginateErrorW
GetRestrictedErrorInfo
SetRestrictedErrorInfo
RoTransformError

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsDuplicateString
WindowsCreateStringReference
WindowsCompareStringOrdinal
WindowsGetStringRawBuffer
WindowsDeleteString

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoGetActivationFactory
RoInitialize
RoUninitialize

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetSystemDirectoryW
GetTickCount64

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW
GetPersistedFileLocationW

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce
Sleep

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegGetValueW
RegEnumKeyExW
RegOpenKeyExW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
GetThreadContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime

api-ms-win-core-path-l1-1-0

PathCchCombine

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFileExistsW

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate
IsErrorPropagationEnabled

api-ms-win-core-synch-l1-2-1

CreateWaitableTimerW

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-file-l1-1-0

GetFileAttributesW

api-ms-win-devices-config-l1-1-1

CM_Locate_DevNodeW
CM_Get_Device_Interface_List_SizeW
CM_Open_DevNode_Key
CM_Get_Device_Interface_ListW
CM_Get_Device_Interface_PropertyW
CM_Open_Device_Interface_KeyW
CM_MapCrToWin32Err

ntdll

NtQueryWnfStateData
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlSubscribeWnfStateChangeNotification

dsreg

DsrFreeJoinInfo
DsrGetJoinInfo

ext-ms-win-rtcore-ntuser-cursor-l1-1-0

SetCursor
LoadCursorW

api-ms-win-rtcore-ntuser-window-l1-1-0

PeekMessageW
GetClassInfoW
RegisterClassW
DefWindowProcW
CreateWindowExW
TranslateMessage
PostQuitMessage
GetWindowLongPtrW
DestroyWindow
SetWindowLongPtrW
UnregisterClassW
DispatchMessageW

api-ms-win-rtcore-ntuser-synch-l1-1-0

MsgWaitForMultipleObjectsEx

d2d1

ord1

api-ms-win-crt-locale-l1-1-0

_lock_locales
_unlock_locales

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-memory-l1-1-0

VirtualQuery

wer

WerReportSetParameter
WerReportCreate
WerReportSubmit
WerReportCloseHandle

Exports

Exports

CreateColorFaceProcessor
CreateFacePreprocessorOutput
FileInputManager_InitializeRuntime
FileInputManager_ReadSourceColorFrameData
FileInputManager_ReadSourceDeviceMetadata
FileInputManager_ReadSourceInfraredFrameData
FileInputManager_Reset
FileInputManager_SendColorFrameData
FileInputManager_SendInfraredFrameData

Sections

.text
Size: 826KB - Virtual size: 825KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 426KB - Virtual size: 426KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/ist/stand/aut/libgcc_s_seh-1.dll
.dll windows x64

Password: 2040

dba1138574ae4813ca81835aae76e6cd

Code Sign

31:83:0c:37:0a:d7:e4:97:63:3b:6e:b3:a0:2d:69:e6
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

18-02-2022 00:00

Not After

17-02-2025 23:59

Subject

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01-01-2004 00:00

Not After

31-12-2028 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:cb:34:fd:3d:ff:12:11:33:9f:f0:7c:4b:21:57:c7
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

30-08-2022 00:00

Not After

29-08-2023 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

8e:10:a6:12:01:65:a3:86:52:e0:ed:90:3d:98:36:60:5f:9a:dc:6b:89:e2:be:9f:1d:00:71:e7:c7:2d:3a:5f
Signer

Actual PE Digest

8e:10:a6:12:01:65:a3:86:52:e0:ed:90:3d:98:36:60:5f:9a:dc:6b:89:e2:be:9f:1d:00:71:e7:c7:2d:3a:5f

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

19-09-2022 09:20
Valid: true

Chain 1

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

CloseHandle
CreateSemaphoreW
DeleteCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetLastError
InitializeCriticalSection
LeaveCriticalSection
RaiseException
ReleaseSemaphore
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
malloc
memcpy
memset
realloc
strlen
strncmp
vfprintf

Exports

Exports

_GCC_specific_handler
_Unwind_Backtrace
_Unwind_DeleteException
_Unwind_FindEnclosingFunction
_Unwind_ForcedUnwind
_Unwind_GetCFA
_Unwind_GetDataRelBase
_Unwind_GetGR
_Unwind_GetIP
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__absvdi2
__absvsi2
__absvti2
__addtf3
__addvdi3
__addvsi3
__addvti3
__ashlti3
__ashrti3
__bswapdi2
__bswapsi2
__clear_cache
__clrsbdi2
__clrsbti2
__clzdi2
__clzti2
__cmpti2
__ctzdi2
__ctzti2
__divdc3
__divmodti4
__divsc3
__divtc3
__divtf3
__divti3
__divxc3
__emutls_get_address
__emutls_register_common
__enable_execute_stack
__eqtf2
__extenddftf2
__extendsftf2
__extendxftf2
__ffsdi2
__ffsti2
__fixdfti
__fixsfti
__fixtfdi
__fixtfsi
__fixtfti
__fixunsdfdi
__fixunsdfti
__fixunssfdi
__fixunssfti
__fixunstfdi
__fixunstfsi
__fixunstfti
__fixunsxfdi
__fixunsxfti
__fixxfti
__floatditf
__floatsitf
__floattidf
__floattisf
__floattitf
__floattixf
__floatunditf
__floatunsitf
__floatuntidf
__floatuntisf
__floatuntitf
__floatuntixf
__gcc_personality_seh0
__getf2
__gttf2
__letf2
__lshrti3
__lttf2
__modti3
__muldc3
__mulsc3
__multc3
__multf3
__multi3
__mulvdi3
__mulvsi3
__mulvti3
__mulxc3
__negtf2
__negti2
__negvdi2
__negvsi2
__negvti2
__netf2
__paritydi2
__parityti2
__popcountdi2
__popcountti2
__powidf2
__powisf2
__powitf2
__powixf2
__subtf3
__subvdi3
__subvsi3
__subvti3
__trunctfdf2
__trunctfsf2
__trunctfxf2
__ucmpti2
__udivmodti4
__udivti3
__umodti3
__unordtf2

Sections

.text
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 304B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/ist/stand/aut/libgnutls-30.dll
.dll windows x64

Password: 2040

291bf80a623dd34eb1c465735dd3467f

Code Sign

31:83:0c:37:0a:d7:e4:97:63:3b:6e:b3:a0:2d:69:e6
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

18-02-2022 00:00

Not After

17-02-2025 23:59

Subject

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01-01-2004 00:00

Not After

31-12-2028 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:cb:34:fd:3d:ff:12:11:33:9f:f0:7c:4b:21:57:c7
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

30-08-2022 00:00

Not After

29-08-2023 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

51:4d:d8:01:b2:24:df:30:35:bb:5d:dd:61:b6:28:2a:dc:1a:30:5b:05:87:bd:ab:76:dc:44:b0:5d:e9:8f:09
Signer

Actual PE Digest

51:4d:d8:01:b2:24:df:30:35:bb:5d:dd:61:b6:28:2a:dc:1a:30:5b:05:87:bd:ab:76:dc:44:b0:5d:e9:8f:09

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

19-09-2022 09:20
Valid: true

Chain 1

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

libgmp-10

__gmp_get_memory_functions
__gmp_set_memory_functions
__gmpn_cnd_add_n
__gmpn_copyi
__gmpn_rshift
__gmpn_sub_n
__gmpn_zero
__gmpz_add
__gmpz_add_ui
__gmpz_cdiv_q
__gmpz_clear
__gmpz_cmp
__gmpz_cmp_ui
__gmpz_export
__gmpz_fdiv_q
__gmpz_fdiv_q_2exp
__gmpz_fdiv_r
__gmpz_fdiv_r_2exp
__gmpz_gcd
__gmpz_import
__gmpz_init
__gmpz_init_set_str
__gmpz_invert
__gmpz_lcm
__gmpz_limbs_finish
__gmpz_limbs_read
__gmpz_limbs_write
__gmpz_mod
__gmpz_mul
__gmpz_mul_2exp
__gmpz_mul_ui
__gmpz_powm
__gmpz_probab_prime_p
__gmpz_set
__gmpz_set_ui
__gmpz_sizeinbase
__gmpz_sqrt
__gmpz_sub
__gmpz_sub_ui
__gmpz_tdiv_q_2exp
__gmpz_tdiv_r_2exp
__gmpz_tstbit

libhogweed-6

nettle_curve25519_mul
nettle_curve25519_mul_g
nettle_curve448_mul
nettle_curve448_mul_g
nettle_dsa_generate_params
nettle_dsa_params_clear
nettle_dsa_params_init
nettle_dsa_sign
nettle_dsa_signature_clear
nettle_dsa_signature_init
nettle_dsa_verify
nettle_ecc_bit_size
nettle_ecc_point_clear
nettle_ecc_point_get
nettle_ecc_point_init
nettle_ecc_point_mul
nettle_ecc_point_mul_g
nettle_ecc_point_set
nettle_ecc_scalar_clear
nettle_ecc_scalar_get
nettle_ecc_scalar_init
nettle_ecc_scalar_set
nettle_ecc_size
nettle_ecc_size_a
nettle_ecdsa_generate_keypair
nettle_ecdsa_sign
nettle_ecdsa_verify
nettle_ed25519_sha512_public_key
nettle_ed25519_sha512_sign
nettle_ed25519_sha512_verify
nettle_ed448_shake256_public_key
nettle_ed448_shake256_sign
nettle_ed448_shake256_verify
nettle_get_gost_gc256b
nettle_get_gost_gc512a
nettle_get_secp_192r1
nettle_get_secp_224r1
nettle_get_secp_256r1
nettle_get_secp_384r1
nettle_get_secp_521r1
nettle_gostdsa_sign
nettle_gostdsa_verify
nettle_gostdsa_vko
nettle_mpz_get_str_256
nettle_mpz_random
nettle_mpz_random_size
nettle_mpz_set_str_256_s
nettle_mpz_set_str_256_u
nettle_mpz_sizeinbase_256_s
nettle_mpz_sizeinbase_256_u
nettle_pkcs1_rsa_digest_encode
nettle_pss_encode_mgf1
nettle_rsa_decrypt_tr
nettle_rsa_encrypt
nettle_rsa_generate_keypair
nettle_rsa_pkcs1_sign_tr
nettle_rsa_pkcs1_verify
nettle_rsa_private_key_clear
nettle_rsa_private_key_init
nettle_rsa_private_key_prepare
nettle_rsa_pss_sha256_sign_digest_tr
nettle_rsa_pss_sha256_verify_digest
nettle_rsa_pss_sha384_sign_digest_tr
nettle_rsa_pss_sha384_verify_digest
nettle_rsa_pss_sha512_sign_digest_tr
nettle_rsa_pss_sha512_verify_digest
nettle_rsa_public_key_clear
nettle_rsa_public_key_init
nettle_rsa_public_key_prepare
nettle_rsa_sec_decrypt

libnettle-8

nettle_aes128_decrypt
nettle_aes128_encrypt
nettle_aes128_set_decrypt_key
nettle_aes128_set_encrypt_key
nettle_aes192_decrypt
nettle_aes192_encrypt
nettle_aes192_set_decrypt_key
nettle_aes192_set_encrypt_key
nettle_aes256_decrypt
nettle_aes256_encrypt
nettle_aes256_set_decrypt_key
nettle_aes256_set_encrypt_key
nettle_arcfour128_set_key
nettle_arcfour_crypt
nettle_arcfour_set_key
nettle_arctwo40_set_key
nettle_arctwo_decrypt
nettle_arctwo_encrypt
nettle_base64_decode_final
nettle_base64_decode_init
nettle_base64_decode_update
nettle_base64_encode_raw
nettle_camellia128_crypt
nettle_camellia128_set_encrypt_key
nettle_camellia192_set_decrypt_key
nettle_camellia192_set_encrypt_key
nettle_camellia256_crypt
nettle_camellia256_set_decrypt_key
nettle_camellia256_set_encrypt_key
nettle_camellia_set_decrypt_key
nettle_cbc_decrypt
nettle_cbc_encrypt
nettle_ccm_decrypt_message
nettle_ccm_encrypt_message
nettle_cfb8_decrypt
nettle_cfb8_encrypt
nettle_cfb_decrypt
nettle_cfb_encrypt
nettle_chacha_crypt
nettle_chacha_crypt32
nettle_chacha_poly1305_decrypt
nettle_chacha_poly1305_digest
nettle_chacha_poly1305_encrypt
nettle_chacha_poly1305_set_key
nettle_chacha_poly1305_set_nonce
nettle_chacha_poly1305_update
nettle_chacha_set_counter
nettle_chacha_set_counter32
nettle_chacha_set_key
nettle_chacha_set_nonce
nettle_chacha_set_nonce96
nettle_cmac128_digest
nettle_cmac128_init
nettle_cmac128_set_key
nettle_cmac128_update
nettle_cmac64_digest
nettle_cmac64_init
nettle_cmac64_set_key
nettle_cmac64_update
nettle_cmac_aes128_digest
nettle_cmac_aes128_set_key
nettle_cmac_aes128_update
nettle_cmac_aes256_digest
nettle_cmac_aes256_set_key
nettle_cmac_aes256_update
nettle_ctr_crypt
nettle_des3_decrypt
nettle_des3_encrypt
nettle_des3_set_key
nettle_des_decrypt
nettle_des_encrypt
nettle_des_set_key
nettle_gcm_aes128_digest
nettle_gcm_aes128_set_iv
nettle_gcm_aes128_set_key
nettle_gcm_aes128_update
nettle_gcm_aes192_digest
nettle_gcm_aes192_set_iv
nettle_gcm_aes192_set_key
nettle_gcm_aes192_update
nettle_gcm_aes256_digest
nettle_gcm_aes256_set_iv
nettle_gcm_aes256_set_key
nettle_gcm_aes256_update
nettle_gcm_camellia128_digest
nettle_gcm_camellia128_set_iv
nettle_gcm_camellia128_set_key
nettle_gcm_camellia128_update
nettle_gcm_camellia256_digest
nettle_gcm_camellia256_set_iv
nettle_gcm_camellia256_set_key
nettle_gcm_camellia256_update
nettle_gcm_decrypt
nettle_gcm_digest
nettle_gcm_encrypt
nettle_gcm_set_iv
nettle_gcm_set_key
nettle_gcm_update
nettle_gosthash94_init
nettle_gosthash94cp_digest
nettle_gosthash94cp_update
nettle_hkdf_expand
nettle_hkdf_extract
nettle_hmac_digest
nettle_hmac_gosthash94cp_digest
nettle_hmac_gosthash94cp_set_key
nettle_hmac_gosthash94cp_update
nettle_hmac_md5_digest
nettle_hmac_md5_set_key
nettle_hmac_md5_update
nettle_hmac_set_key
nettle_hmac_sha1_digest
nettle_hmac_sha1_set_key
nettle_hmac_sha1_update
nettle_hmac_sha224_digest
nettle_hmac_sha224_set_key
nettle_hmac_sha256_digest
nettle_hmac_sha256_set_key
nettle_hmac_sha256_update
nettle_hmac_sha384_digest
nettle_hmac_sha384_set_key
nettle_hmac_sha512_digest
nettle_hmac_sha512_set_key
nettle_hmac_sha512_update
nettle_hmac_streebog256_digest
nettle_hmac_streebog256_set_key
nettle_hmac_streebog512_digest
nettle_hmac_streebog512_set_key
nettle_hmac_streebog512_update
nettle_md2_digest
nettle_md2_init
nettle_md2_update
nettle_md5_digest
nettle_md5_init
nettle_md5_update
nettle_memeql_sec
nettle_memxor
nettle_memxor3
nettle_pbkdf2
nettle_salsa20_256_set_key
nettle_salsa20_crypt
nettle_salsa20r12_crypt
nettle_sha1_digest
nettle_sha1_init
nettle_sha1_update
nettle_sha224_digest
nettle_sha224_init
nettle_sha256
nettle_sha256_digest
nettle_sha256_init
nettle_sha256_update
nettle_sha384
nettle_sha384_digest
nettle_sha384_init
nettle_sha3_224_digest
nettle_sha3_224_init
nettle_sha3_224_update
nettle_sha3_256_digest
nettle_sha3_256_init
nettle_sha3_256_update
nettle_sha3_384_digest
nettle_sha3_384_init
nettle_sha3_384_update
nettle_sha3_512_digest
nettle_sha3_512_init
nettle_sha3_512_update
nettle_sha512
nettle_sha512_digest
nettle_sha512_init
nettle_sha512_update
nettle_siv_cmac_aes128_decrypt_message
nettle_siv_cmac_aes128_encrypt_message
nettle_siv_cmac_aes128_set_key
nettle_siv_cmac_aes256_decrypt_message
nettle_siv_cmac_aes256_encrypt_message
nettle_siv_cmac_aes256_set_key
nettle_streebog256_digest
nettle_streebog256_init
nettle_streebog512_digest
nettle_streebog512_init
nettle_streebog512_update
nettle_umac128_digest
nettle_umac128_set_key
nettle_umac128_set_nonce
nettle_umac128_update
nettle_umac96_digest
nettle_umac96_set_key
nettle_umac96_set_nonce
nettle_umac96_update
nettle_xts_aes128_decrypt_message
nettle_xts_aes128_encrypt_message
nettle_xts_aes128_set_decrypt_key
nettle_xts_aes128_set_encrypt_key
nettle_xts_aes256_decrypt_message
nettle_xts_aes256_encrypt_message
nettle_xts_aes256_set_decrypt_key
nettle_xts_aes256_set_encrypt_key

zlib1

compress
compressBound
uncompress

advapi32

CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDestroyHash
CryptGetHashParam
CryptGetProvParam
CryptReleaseContext
CryptSetHashParam
CryptSetProvParam
CryptSignHashA

crypt32

CertCloseStore
CertDeleteCertificateFromStore
CertEnumCRLsInStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
PFXImportCertStore

kernel32

CloseHandle
CreateEventA
CreateFileA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileA
FreeLibrary
GetCurrentProcess
GetCurrentThreadId
GetFileAttributesW
GetFileInformationByHandle
GetFileType
GetFinalPathNameByHandleA
GetHandleInformation
GetLastError
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
PeekNamedPipe
RtlVirtualUnwind
SetEvent
Sleep
TlsGetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_dup2
_errno
_fdopen
_fileno
_findclose
_get_osfhandle
_getmaxstdio
_gmtime64
_initterm
_localtime64
_lock
_lseeki64
_mkdir
_open
_open_osfhandle
_read
_setmaxstdio
_setmode
_stricmp
_time64
_unlock
_wassert
_wfindfirst64
_wfindnext64
_wfullpath
abort
atoi
atol
calloc
exit
fclose
ferror
fflush
fgetpos
fgets
fopen
fputc
fread
free
fseek
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
qsort
realloc
setvbuf
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strstr
strtol
strtoul
vfprintf
wcscat
wcscpy
wcslen

ncrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider
NCryptDecrypt
NCryptDeleteKey
NCryptFreeObject
NCryptGetProperty
NCryptOpenKey
NCryptOpenStorageProvider
NCryptSignHash

libwinpthread-1

pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_init
pthread_mutexattr_settype
pthread_once
pthread_rwlock_rdlock
pthread_rwlock_unlock
pthread_rwlock_wrlock

ws2_32

WSAGetLastError
WSASend
WSASetLastError
connect
inet_ntop
inet_pton
recv
select
send
setsockopt

libgcc_s_seh-1

__emutls_get_address

Exports

Exports

_dsa_generate_dss_g
_dsa_generate_dss_pq
_dsa_validate_dss_g
_dsa_validate_dss_pq
_gnutls13_psk_ext_iter_next_binder
_gnutls13_psk_ext_iter_next_identity
_gnutls13_psk_ext_parser_init
_gnutls_anti_replay_check
_gnutls_bin2hex
_gnutls_buffer_append_str
_gnutls_buffer_clear
_gnutls_buffer_init
_gnutls_buffer_pop_datum
_gnutls_buffer_to_datum
_gnutls_buffer_unescape
_gnutls_cidr_to_string
_gnutls_cipher_get_iv
_gnutls_cipher_to_entry
_gnutls_crypto_register_cipher
_gnutls_decode_ber_rs_raw
_gnutls_default_priority_string
_gnutls_digest_exists
_gnutls_ecc_curve_is_supported
_gnutls_encode_ber_rs_raw
_gnutls_global_set_gettime_function
_gnutls_global_version
_gnutls_hello_set_default_version
_gnutls_iov_iter_init
_gnutls_iov_iter_next
_gnutls_iov_iter_sync
_gnutls_ip_to_string
_gnutls_lib_force_operational
_gnutls_lib_simulate_error
_gnutls_log
_gnutls_log_level
_gnutls_mac_to_entry
_gnutls_mpi_log
_gnutls_mpi_ops
_gnutls_pkcs12_string_to_key
_gnutls_prf_raw
_gnutls_record_overhead
_gnutls_record_set_default_version
_gnutls_resolve_priorities
_gnutls_rsa_pms_set_version
_gnutls_server_name_set_raw
_gnutls_set_session_ticket_key_rotation_callback
_gnutls_supplemental_deinit
_gnutls_ucs2_to_utf8
_gnutls_utcTime2gtime
_gnutls_utf8_to_ucs2
_gnutls_version_to_entry
_gnutls_x509_generalTime2gtime
_gnutls_x509_name_constraints_merge
_rsa_generate_fips186_4_keypair
dsa_generate_dss_keypair
gnutls_aead_cipher_decrypt
gnutls_aead_cipher_decryptv2
gnutls_aead_cipher_deinit
gnutls_aead_cipher_encrypt
gnutls_aead_cipher_encryptv
gnutls_aead_cipher_encryptv2
gnutls_aead_cipher_init
gnutls_aead_cipher_set_key
gnutls_alert_get
gnutls_alert_get_name
gnutls_alert_get_strname
gnutls_alert_send
gnutls_alert_send_appropriate
gnutls_alert_set_read_function
gnutls_alpn_get_selected_protocol
gnutls_alpn_set_protocols
gnutls_anti_replay_deinit
gnutls_anti_replay_enable
gnutls_anti_replay_init
gnutls_anti_replay_set_add_function
gnutls_anti_replay_set_ptr
gnutls_anti_replay_set_window
gnutls_auth_client_get_type
gnutls_auth_get_type
gnutls_auth_server_get_type
gnutls_base64_decode2
gnutls_base64_encode2
gnutls_buffer_append_data
gnutls_bye
gnutls_calloc
gnutls_certificate_activation_time_peers
gnutls_certificate_allocate_credentials
gnutls_certificate_client_get_request_status
gnutls_certificate_expiration_time_peers
gnutls_certificate_free_ca_names
gnutls_certificate_free_cas
gnutls_certificate_free_credentials
gnutls_certificate_free_crls
gnutls_certificate_free_keys
gnutls_certificate_get_crt_raw
gnutls_certificate_get_issuer
gnutls_certificate_get_ocsp_expiration
gnutls_certificate_get_openpgp_crt
gnutls_certificate_get_openpgp_key
gnutls_certificate_get_ours
gnutls_certificate_get_peers
gnutls_certificate_get_peers_subkey_id
gnutls_certificate_get_trust_list
gnutls_certificate_get_verify_flags
gnutls_certificate_get_x509_crt
gnutls_certificate_get_x509_key
gnutls_certificate_send_x509_rdn_sequence
gnutls_certificate_server_set_request
gnutls_certificate_set_dh_params
gnutls_certificate_set_flags
gnutls_certificate_set_key
gnutls_certificate_set_known_dh_params
gnutls_certificate_set_ocsp_status_request_file
gnutls_certificate_set_ocsp_status_request_file2
gnutls_certificate_set_ocsp_status_request_function
gnutls_certificate_set_ocsp_status_request_function2
gnutls_certificate_set_ocsp_status_request_mem
gnutls_certificate_set_openpgp_key
gnutls_certificate_set_openpgp_key_file
gnutls_certificate_set_openpgp_key_file2
gnutls_certificate_set_openpgp_key_mem
gnutls_certificate_set_openpgp_key_mem2
gnutls_certificate_set_openpgp_keyring_file
gnutls_certificate_set_openpgp_keyring_mem
gnutls_certificate_set_params_function
gnutls_certificate_set_pin_function
gnutls_certificate_set_rawpk_key_file
gnutls_certificate_set_rawpk_key_mem
gnutls_certificate_set_retrieve_function
gnutls_certificate_set_retrieve_function2
gnutls_certificate_set_retrieve_function3
gnutls_certificate_set_trust_list
gnutls_certificate_set_verify_flags
gnutls_certificate_set_verify_function
gnutls_certificate_set_verify_limits
gnutls_certificate_set_x509_crl
gnutls_certificate_set_x509_crl_file
gnutls_certificate_set_x509_crl_mem
gnutls_certificate_set_x509_key
gnutls_certificate_set_x509_key_file
gnutls_certificate_set_x509_key_file2
gnutls_certificate_set_x509_key_mem
gnutls_certificate_set_x509_key_mem2
gnutls_certificate_set_x509_simple_pkcs12_file
gnutls_certificate_set_x509_simple_pkcs12_mem
gnutls_certificate_set_x509_system_trust
gnutls_certificate_set_x509_trust
gnutls_certificate_set_x509_trust_dir
gnutls_certificate_set_x509_trust_file
gnutls_certificate_set_x509_trust_mem
gnutls_certificate_type_get
gnutls_certificate_type_get2
gnutls_certificate_type_get_id
gnutls_certificate_type_get_name
gnutls_certificate_type_list
gnutls_certificate_verification_profile_get_id
gnutls_certificate_verification_profile_get_name
gnutls_certificate_verification_status_print
gnutls_certificate_verify_peers
gnutls_certificate_verify_peers2
gnutls_certificate_verify_peers3
gnutls_check_version
gnutls_cipher_add_auth
gnutls_cipher_decrypt
gnutls_cipher_decrypt2
gnutls_cipher_decrypt3
gnutls_cipher_deinit
gnutls_cipher_encrypt
gnutls_cipher_encrypt2
gnutls_cipher_encrypt3
gnutls_cipher_get
gnutls_cipher_get_block_size
gnutls_cipher_get_id
gnutls_cipher_get_iv_size
gnutls_cipher_get_key_size
gnutls_cipher_get_name
gnutls_cipher_get_tag_size
gnutls_cipher_init
gnutls_cipher_list
gnutls_cipher_self_test
gnutls_cipher_set_iv
gnutls_cipher_suite_get_name
gnutls_cipher_suite_info
gnutls_cipher_tag
gnutls_ciphersuite_get
gnutls_compress_certificate_get_selected_method
gnutls_compress_certificate_set_methods
gnutls_compression_get
gnutls_compression_get_id
gnutls_compression_get_name
gnutls_compression_list
gnutls_credentials_clear
gnutls_credentials_get
gnutls_credentials_set
gnutls_crypto_register_aead_cipher
gnutls_crypto_register_cipher
gnutls_crypto_register_digest
gnutls_crypto_register_mac
gnutls_db_check_entry
gnutls_db_check_entry_expire_time
gnutls_db_check_entry_time
gnutls_db_get_default_cache_expiration
gnutls_db_get_ptr
gnutls_db_remove_session
gnutls_db_set_cache_expiration
gnutls_db_set_ptr
gnutls_db_set_remove_function
gnutls_db_set_retrieve_function
gnutls_db_set_store_function
gnutls_decode_ber_digest_info
gnutls_decode_gost_rs_value
gnutls_decode_rs_value
gnutls_deinit
gnutls_dh_get_group
gnutls_dh_get_peers_public_bits
gnutls_dh_get_prime_bits
gnutls_dh_get_pubkey
gnutls_dh_get_secret_bits
gnutls_dh_params_cpy
gnutls_dh_params_deinit
gnutls_dh_params_export2_pkcs3
gnutls_dh_params_export_pkcs3
gnutls_dh_params_export_raw
gnutls_dh_params_generate2
gnutls_dh_params_import_dsa
gnutls_dh_params_import_pkcs3
gnutls_dh_params_import_raw
gnutls_dh_params_import_raw2
gnutls_dh_params_import_raw3
gnutls_dh_params_init
gnutls_dh_set_prime_bits
gnutls_digest_get_id
gnutls_digest_get_name
gnutls_digest_get_oid
gnutls_digest_list
gnutls_digest_self_test
gnutls_digest_set_secure
gnutls_dtls_cookie_send
gnutls_dtls_cookie_verify
gnutls_dtls_get_data_mtu
gnutls_dtls_get_mtu
gnutls_dtls_get_timeout
gnutls_dtls_prestate_set
gnutls_dtls_set_data_mtu
gnutls_dtls_set_mtu
gnutls_dtls_set_timeouts
gnutls_early_cipher_get
gnutls_early_prf_hash_get
gnutls_ecc_curve_get
gnutls_ecc_curve_get_id
gnutls_ecc_curve_get_name
gnutls_ecc_curve_get_oid
gnutls_ecc_curve_get_pk
gnutls_ecc_curve_get_size
gnutls_ecc_curve_list
gnutls_ecc_curve_set_enabled
gnutls_encode_ber_digest_info
gnutls_encode_gost_rs_value
gnutls_encode_rs_value
gnutls_error_is_fatal
gnutls_error_to_alert
gnutls_est_record_overhead_size
gnutls_ext_get_current_msg
gnutls_ext_get_data
gnutls_ext_get_name
gnutls_ext_get_name2
gnutls_ext_raw_parse
gnutls_ext_register
gnutls_ext_set_data
gnutls_ffdhe_2048_group_generator
gnutls_ffdhe_2048_group_prime
gnutls_ffdhe_2048_group_q
gnutls_ffdhe_2048_key_bits
gnutls_ffdhe_3072_group_generator
gnutls_ffdhe_3072_group_prime
gnutls_ffdhe_3072_group_q
gnutls_ffdhe_3072_key_bits
gnutls_ffdhe_4096_group_generator
gnutls_ffdhe_4096_group_prime
gnutls_ffdhe_4096_group_q
gnutls_ffdhe_4096_key_bits
gnutls_ffdhe_6144_group_generator
gnutls_ffdhe_6144_group_prime
gnutls_ffdhe_6144_group_q
gnutls_ffdhe_6144_key_bits
gnutls_ffdhe_8192_group_generator
gnutls_ffdhe_8192_group_prime
gnutls_ffdhe_8192_group_q
gnutls_ffdhe_8192_key_bits
gnutls_fingerprint
gnutls_fips140_context_deinit
gnutls_fips140_context_init
gnutls_fips140_get_operation_state
gnutls_fips140_mode_enabled
gnutls_fips140_pop_context
gnutls_fips140_push_context
gnutls_fips140_run_self_tests
gnutls_fips140_set_mode
gnutls_free
gnutls_get_library_config
gnutls_get_system_config_file
gnutls_global_deinit
gnutls_global_init
gnutls_global_set_audit_log_function
gnutls_global_set_log_function
gnutls_global_set_log_level
gnutls_global_set_mem_functions
gnutls_global_set_mutex
gnutls_global_set_time_function
gnutls_gost_paramset_get_name
gnutls_gost_paramset_get_oid
gnutls_group_get
gnutls_group_get_id
gnutls_group_get_name
gnutls_group_list
gnutls_handshake
gnutls_handshake_description_get_name
gnutls_handshake_get_last_in
gnutls_handshake_get_last_out
gnutls_handshake_set_hook_function
gnutls_handshake_set_max_packet_length
gnutls_handshake_set_post_client_hello_function
gnutls_handshake_set_private_extensions
gnutls_handshake_set_random
gnutls_handshake_set_read_function
gnutls_handshake_set_secret_function
gnutls_handshake_set_timeout
gnutls_handshake_write
gnutls_hash
gnutls_hash_copy
gnutls_hash_deinit
gnutls_hash_fast
gnutls_hash_get_len
gnutls_hash_init
gnutls_hash_output
gnutls_heartbeat_allowed
gnutls_heartbeat_enable
gnutls_heartbeat_get_timeout
gnutls_heartbeat_ping
gnutls_heartbeat_pong
gnutls_heartbeat_set_timeouts
gnutls_hex2bin
gnutls_hex_decode
gnutls_hex_decode2
gnutls_hex_encode
gnutls_hex_encode2
gnutls_hkdf_expand
gnutls_hkdf_extract
gnutls_hkdf_self_test
gnutls_hmac
gnutls_hmac_copy
gnutls_hmac_deinit
gnutls_hmac_fast
gnutls_hmac_get_key_size
gnutls_hmac_get_len
gnutls_hmac_init
gnutls_hmac_output
gnutls_hmac_set_nonce
gnutls_idna_map
gnutls_idna_reverse_map
gnutls_init
gnutls_key_generate
gnutls_kx_get
gnutls_kx_get_id
gnutls_kx_get_name
gnutls_kx_list
gnutls_load_file
gnutls_mac_get
gnutls_mac_get_id
gnutls_mac_get_key_size
gnutls_mac_get_name
gnutls_mac_get_nonce_size
gnutls_mac_list
gnutls_mac_self_test
gnutls_malloc
gnutls_memcmp
gnutls_memset
gnutls_ocsp_req_add_cert
gnutls_ocsp_req_add_cert_id
gnutls_ocsp_req_deinit
gnutls_ocsp_req_export
gnutls_ocsp_req_get_cert_id
gnutls_ocsp_req_get_extension
gnutls_ocsp_req_get_nonce
gnutls_ocsp_req_get_version
gnutls_ocsp_req_import
gnutls_ocsp_req_init
gnutls_ocsp_req_print
gnutls_ocsp_req_randomize_nonce
gnutls_ocsp_req_set_extension
gnutls_ocsp_req_set_nonce
gnutls_ocsp_resp_check_crt
gnutls_ocsp_resp_deinit
gnutls_ocsp_resp_export
gnutls_ocsp_resp_export2
gnutls_ocsp_resp_get_certs
gnutls_ocsp_resp_get_extension
gnutls_ocsp_resp_get_nonce
gnutls_ocsp_resp_get_produced
gnutls_ocsp_resp_get_responder
gnutls_ocsp_resp_get_responder2
gnutls_ocsp_resp_get_responder_raw_id
gnutls_ocsp_resp_get_response
gnutls_ocsp_resp_get_signature
gnutls_ocsp_resp_get_signature_algorithm
gnutls_ocsp_resp_get_single
gnutls_ocsp_resp_get_status
gnutls_ocsp_resp_get_version
gnutls_ocsp_resp_import
gnutls_ocsp_resp_import2
gnutls_ocsp_resp_init
gnutls_ocsp_resp_list_import2
gnutls_ocsp_resp_print
gnutls_ocsp_resp_verify
gnutls_ocsp_resp_verify_direct
gnutls_ocsp_status_request_enable_client
gnutls_ocsp_status_request_get
gnutls_ocsp_status_request_get2
gnutls_ocsp_status_request_is_checked
gnutls_oid_to_digest
gnutls_oid_to_ecc_curve
gnutls_oid_to_gost_paramset
gnutls_oid_to_mac
gnutls_oid_to_pk
gnutls_oid_to_sign
gnutls_openpgp_crt_check_email
gnutls_openpgp_crt_check_hostname
gnutls_openpgp_crt_check_hostname2
gnutls_openpgp_crt_deinit
gnutls_openpgp_crt_export
gnutls_openpgp_crt_export2
gnutls_openpgp_crt_get_auth_subkey
gnutls_openpgp_crt_get_creation_time
gnutls_openpgp_crt_get_expiration_time
gnutls_openpgp_crt_get_fingerprint
gnutls_openpgp_crt_get_key_id
gnutls_openpgp_crt_get_key_usage
gnutls_openpgp_crt_get_name
gnutls_openpgp_crt_get_pk_algorithm
gnutls_openpgp_crt_get_pk_dsa_raw
gnutls_openpgp_crt_get_pk_rsa_raw
gnutls_openpgp_crt_get_preferred_key_id
gnutls_openpgp_crt_get_revoked_status
gnutls_openpgp_crt_get_subkey_count
gnutls_openpgp_crt_get_subkey_creation_time
gnutls_openpgp_crt_get_subkey_expiration_time
gnutls_openpgp_crt_get_subkey_fingerprint
gnutls_openpgp_crt_get_subkey_id
gnutls_openpgp_crt_get_subkey_idx
gnutls_openpgp_crt_get_subkey_pk_algorithm
gnutls_openpgp_crt_get_subkey_pk_dsa_raw
gnutls_openpgp_crt_get_subkey_pk_rsa_raw
gnutls_openpgp_crt_get_subkey_revoked_status
gnutls_openpgp_crt_get_subkey_usage
gnutls_openpgp_crt_get_version
gnutls_openpgp_crt_import
gnutls_openpgp_crt_init
gnutls_openpgp_crt_print
gnutls_openpgp_crt_set_preferred_key_id
gnutls_openpgp_crt_verify_ring
gnutls_openpgp_crt_verify_self
gnutls_openpgp_keyring_check_id
gnutls_openpgp_keyring_deinit
gnutls_openpgp_keyring_get_crt
gnutls_openpgp_keyring_get_crt_count
gnutls_openpgp_keyring_import
gnutls_openpgp_keyring_init
gnutls_openpgp_privkey_deinit
gnutls_openpgp_privkey_export
gnutls_openpgp_privkey_export2
gnutls_openpgp_privkey_export_dsa_raw
gnutls_openpgp_privkey_export_rsa_raw
gnutls_openpgp_privkey_export_subkey_dsa_raw
gnutls_openpgp_privkey_export_subkey_rsa_raw
gnutls_openpgp_privkey_get_fingerprint
gnutls_openpgp_privkey_get_key_id
gnutls_openpgp_privkey_get_pk_algorithm
gnutls_openpgp_privkey_get_preferred_key_id
gnutls_openpgp_privkey_get_revoked_status
gnutls_openpgp_privkey_get_subkey_count
gnutls_openpgp_privkey_get_subkey_creation_time
gnutls_openpgp_privkey_get_subkey_expiration_time
gnutls_openpgp_privkey_get_subkey_fingerprint
gnutls_openpgp_privkey_get_subkey_id
gnutls_openpgp_privkey_get_subkey_idx
gnutls_openpgp_privkey_get_subkey_pk_algorithm
gnutls_openpgp_privkey_get_subkey_revoked_status
gnutls_openpgp_privkey_import
gnutls_openpgp_privkey_init
gnutls_openpgp_privkey_sec_param
gnutls_openpgp_privkey_set_preferred_key_id
gnutls_openpgp_privkey_sign_hash
gnutls_openpgp_send_cert
gnutls_openpgp_set_recv_key_function
gnutls_packet_deinit
gnutls_packet_get
gnutls_pbkdf2
gnutls_pbkdf2_self_test
gnutls_pcert_deinit
gnutls_pcert_export_openpgp

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 687KB - Virtual size: 686KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/ist/stand/libght/FaceRecognitionEngineAdapter.dll
.dll windows x64

Password: 2040

6df7be395727f04d5ae1f47c53d5495c

Code Sign

33:00:00:03:80:e4:bb:91:f3:18:fd:8e:9a:00:00:00:00:03:80
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10-03-2022 19:24

Not After

08-03-2023 19:24

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bf:94:a0:77:6d:0a:9e:65:99:af:44:6a:f5:99:27:3e:e3:35:f1:70:0d:21:51:63:40:bc:a1:8a:fd:ea:32:f2
Signer

Actual PE Digest

bf:94:a0:77:6d:0a:9e:65:99:af:44:6a:f5:99:27:3e:e3:35:f1:70:0d:21:51:63:40:bc:a1:8a:fd:ea:32:f2

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 13:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-crt-locale-l1-1-0

_lock_locales
_unlock_locales

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__free_base
_o__fseeki64
_o__get_stream_buffer_pointers
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__lock_file
_o__malloc_base
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__unlock_file
_o__wcsdup
_o__wfsopen
_o_abort
_o_calloc
_o_fclose
_o_fflush
_o_fgetc
_o_fgetpos
_o_fputc
_o_fread
_o_free
_o_fsetpos
_o_fwrite
_o_islower
_o_isspace
_o_isupper
_o_ldexp
_o_localeconv
_o_malloc
_o_pow
_o_powf
_o_rand
_o_setlocale
_o_setvbuf
_o_sqrt
_o_strtod
_o_strtof
_o_system
_o_terminate
_o_tolower
_o_ungetc
_o_wcscpy_s
__current_exception
__AdjustPointer
__processing_throw
__C_specific_handler
_CxxThrowException
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__calloc_base
_o__callnewh
_o__beginthreadex
_o__aligned_realloc
_o__aligned_malloc
_o__aligned_free
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___pctype_func
__std_type_info_compare
__uncaught_exception
_o___acrt_iob_func
_o____mb_cur_max_func
_o____lc_locale_name_func
_o____lc_codepage_func
__CxxFrameHandler3
__RTDynamicCast
memchr
memcmp
memcpy
memmove

api-ms-win-crt-string-l1-1-0

memset
__strncnt
wcsnlen

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
GetModuleFileNameA
GetModuleHandleW
FreeLibrary
GetModuleFileNameW
GetProcAddress
LockResource
SizeofResource
LoadResource
FindResourceExW
LoadLibraryExW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetCurrentProcessId
GetExitCodeThread
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

LCMapStringEx
FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
SetLastError
RaiseException
UnhandledExceptionFilter

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-1-0

WaitForSingleObjectEx
ReleaseMutex
OpenSemaphoreW
TryAcquireSRWLockExclusive
InitializeSRWLock
InitializeCriticalSectionAndSpinCount
CreateEventW
ReleaseSemaphore
CreateMutexExW
ResetEvent
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InitializeCriticalSectionEx
EnterCriticalSection
WaitForSingleObject
CreateSemaphoreExW
SetEvent
ReleaseSRWLockShared
AcquireSRWLockShared
ReleaseSRWLockExclusive
AcquireSRWLockExclusive

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventUnregister
EventRegister
EventSetInformation
EventActivityIdControl

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
SubmitThreadpoolWork
CloseThreadpoolTimer
CreateThreadpoolTimer
CloseThreadpoolWork
CreateThreadpoolWork
SetThreadpoolTimer
FreeLibraryWhenCallbackReturns

api-ms-win-core-synch-l1-2-0

InitializeConditionVariable
WakeConditionVariable
InitOnceExecuteOnce
WakeAllConditionVariable
SleepConditionVariableSRW

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime

api-ms-win-core-string-l1-1-0

GetStringTypeW
WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedFileLocationW
GetPersistedRegistryLocationW

api-ms-win-core-registry-l1-1-0

RegCloseKey

rpcrt4

UuidCreate

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-memory-l1-1-0

VirtualQuery

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-crt-math-l1-1-0

ceilf
cosf
expf
floorf
logf
sinf
sqrtf
tanhf
atan2f

Exports

Exports

WbioQueryEngineInterface

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/ist/stand/libght/FaceTrackerInternal.dll
.dll windows x64

Password: 2040

47e80c5ce159d30e288fb9dea6aede71

Code Sign

33:00:00:03:7f:c0:e0:39:ce:f3:f0:06:bb:00:00:00:00:03:7f
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10-03-2022 19:24

Not After

08-03-2023 19:24

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:5c:8d:1c:65:fb:85:43:1b:b9:c5:fd:12:03:2e:37:0b:30:ce:19:3c:9c:93:5a:43:2f:70:5f:b8:cb:2c:47
Signer

Actual PE Digest

33:5c:8d:1c:65:fb:85:43:1b:b9:c5:fd:12:03:2e:37:0b:30:ce:19:3c:9c:93:5a:43:2f:70:5f:b8:cb:2c:47

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 13:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__errno
_o__execute_onexit_table
_o__free_base
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__malloc_base
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o__wcsdup
_o_abort
_o_exp
_o_free
_o_islower
_o_isupper
_o_malloc
_o_powf
_o_setlocale
_o_sqrt
_o_terminate
__C_specific_handler
_o__crt_atexit
__uncaught_exception
_o__configure_narrow_argv
_o__cexit
_o__calloc_base
_o__callnewh
_o____lc_locale_name_func
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o____lc_codepage_func
_o___pctype_func
memcpy
__CxxFrameHandler3
_CxxThrowException

api-ms-win-crt-string-l1-1-0

memset
__strncnt

api-ms-win-downlevel-advapi32-l1-1-0

EventWriteTransfer
EventActivityIdControl
EventRegister
EventUnregister

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFileExistsW

api-ms-win-eventing-provider-l1-1-0

EventSetInformation

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
SizeofResource
FreeResource
DisableThreadLibraryCalls
FindResourceExW
LoadResource
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
LockResource
GetProcAddress

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
TerminateProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo
GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpool
CreateThreadpoolCleanupGroup
SetThreadpoolThreadMaximum
CloseThreadpoolCleanupGroupMembers
SetThreadpoolThreadMinimum
CreateThreadpool

api-ms-win-core-synch-l1-1-0

CreateSemaphoreExW
EnterCriticalSection
SetEvent
ReleaseSemaphore
LeaveCriticalSection
ResetEvent
InitializeCriticalSectionEx
DeleteCriticalSection
WaitForSingleObjectEx
WaitForSingleObject
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
CreateEventW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-path-l1-1-0

PathCchCombine

api-ms-win-core-memory-l1-1-0

VirtualQuery

api-ms-win-crt-locale-l1-1-0

_unlock_locales
_lock_locales

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce

api-ms-win-core-localization-l1-2-0

LCMapStringEx

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-crt-math-l1-1-0

atan2f
sinf
sqrtf
cosf

Exports

Exports

CreateFaceTrackerInternal

Sections

.text
Size: 698KB - Virtual size: 698KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/ist/stand/libght/libgmp-10.dll
.dll windows x64

Password: 2040

50d3e0798b0b3d30fc332b48dda65861

Code Sign

31:83:0c:37:0a:d7:e4:97:63:3b:6e:b3:a0:2d:69:e6
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

18-02-2022 00:00

Not After

17-02-2025 23:59

Subject

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01-01-2004 00:00

Not After

31-12-2028 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:cb:34:fd:3d:ff:12:11:33:9f:f0:7c:4b:21:57:c7
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

30-08-2022 00:00

Not After

29-08-2023 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

93:8f:a8:f6:fa:33:15:d7:f9:f4:a9:a5:53:fd:8a:d8:79:97:c5:95:85:5d:35:a5:28:92:5a:81:2e:1a:19:15
Signer

Actual PE Digest

93:8f:a8:f6:fa:33:15:d7:f9:f4:a9:a5:53:fd:8a:d8:79:97:c5:95:85:5d:35:a5:28:92:5a:81:2e:1a:19:15

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

19-09-2022 09:20
Valid: true

Chain 1

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_unlock
abort
calloc
ferror
fgetc
fputc
fread
free
fwrite
getc
islower
isspace
isupper
isxdigit
localeconv
malloc
memcpy
memmove
memset
putc
raise
realloc
strchr
strerror
strlen
strncmp
strstr
strtol
strtoul
tolower
ungetc
vfprintf
wcslen

Exports

Exports

__gmp_0
__gmp_allocate_func
__gmp_asprintf
__gmp_asprintf_final
__gmp_asprintf_funs
__gmp_asprintf_memory
__gmp_asprintf_reps
__gmp_assert_fail
__gmp_assert_header
__gmp_binvert_limb_table
__gmp_bits_per_limb
__gmp_default_allocate
__gmp_default_fp_limb_precision
__gmp_default_free
__gmp_default_reallocate
__gmp_digit_value_tab
__gmp_divide_by_zero
__gmp_doprnt
__gmp_doprnt_integer
__gmp_doprnt_mpf2
__gmp_doscan
__gmp_errno
__gmp_exception
__gmp_extract_double
__gmp_fac2cnt_table
__gmp_fib_table
__gmp_fprintf
__gmp_fprintf_funs
__gmp_free_func
__gmp_fscanf
__gmp_fscanf_funs
__gmp_get_memory_functions
__gmp_init_primesieve
__gmp_invalid_operation
__gmp_jacobi_table
__gmp_junk
__gmp_limbroots_table
__gmp_mt_recalc_buffer
__gmp_nextprime
__gmp_odd2fac_table
__gmp_oddfac_table
__gmp_primesieve
__gmp_printf
__gmp_randclear
__gmp_randclear_mt
__gmp_randget_mt
__gmp_randinit
__gmp_randinit_default
__gmp_randinit_lc_2exp
__gmp_randinit_lc_2exp_size
__gmp_randinit_mt
__gmp_randinit_mt_noseed
__gmp_randinit_set
__gmp_randiset_mt
__gmp_rands
__gmp_rands_initialized
__gmp_randseed
__gmp_randseed_ui
__gmp_reallocate_func
__gmp_scanf
__gmp_set_memory_functions
__gmp_snprintf
__gmp_snprintf_funs
__gmp_sprintf
__gmp_sprintf_funs
__gmp_sqrt_of_negative
__gmp_sscanf
__gmp_sscanf_funs
__gmp_tmp_reentrant_alloc
__gmp_tmp_reentrant_free
__gmp_urandomb_ui
__gmp_urandomm_ui
__gmp_vasprintf
__gmp_version
__gmp_vfprintf
__gmp_vfscanf
__gmp_vprintf
__gmp_vscanf
__gmp_vsnprintf
__gmp_vsprintf
__gmp_vsscanf
__gmpf_abs
__gmpf_add
__gmpf_add_ui
__gmpf_ceil
__gmpf_clear
__gmpf_clears
__gmpf_cmp
__gmpf_cmp_d
__gmpf_cmp_si
__gmpf_cmp_ui
__gmpf_cmp_z
__gmpf_div
__gmpf_div_2exp
__gmpf_div_ui
__gmpf_dump
__gmpf_eq
__gmpf_fits_sint_p
__gmpf_fits_slong_p
__gmpf_fits_sshort_p
__gmpf_fits_uint_p
__gmpf_fits_ulong_p
__gmpf_fits_ushort_p
__gmpf_floor
__gmpf_get_d
__gmpf_get_d_2exp
__gmpf_get_default_prec
__gmpf_get_prec
__gmpf_get_si
__gmpf_get_str
__gmpf_get_ui
__gmpf_init
__gmpf_init2
__gmpf_init_set
__gmpf_init_set_d
__gmpf_init_set_si
__gmpf_init_set_str
__gmpf_init_set_ui
__gmpf_inits
__gmpf_inp_str
__gmpf_integer_p
__gmpf_mul
__gmpf_mul_2exp
__gmpf_mul_ui
__gmpf_neg
__gmpf_out_str
__gmpf_pow_ui
__gmpf_random2
__gmpf_reldiff
__gmpf_set
__gmpf_set_d
__gmpf_set_default_prec
__gmpf_set_prec
__gmpf_set_prec_raw
__gmpf_set_q
__gmpf_set_si
__gmpf_set_str
__gmpf_set_ui
__gmpf_set_z
__gmpf_size
__gmpf_sqrt
__gmpf_sqrt_ui
__gmpf_sub
__gmpf_sub_ui
__gmpf_swap
__gmpf_trunc
__gmpf_ui_div
__gmpf_ui_sub
__gmpf_urandomb
__gmpn_add
__gmpn_add_1
__gmpn_add_err1_n
__gmpn_add_err2_n
__gmpn_add_err3_n
__gmpn_add_n
__gmpn_add_n_atom
__gmpn_add_n_bd1
__gmpn_add_n_bt1
__gmpn_add_n_core2
__gmpn_add_n_coreihwl
__gmpn_add_n_coreisbr
__gmpn_add_n_goldmont
__gmpn_add_n_init
__gmpn_add_n_pentium4
__gmpn_add_n_silvermont
__gmpn_add_n_sub_n
__gmpn_add_n_x86_64
__gmpn_add_nc_atom
__gmpn_add_nc_bd1
__gmpn_add_nc_bt1
__gmpn_add_nc_core2
__gmpn_add_nc_coreihwl
__gmpn_add_nc_coreisbr
__gmpn_add_nc_goldmont
__gmpn_add_nc_pentium4
__gmpn_add_nc_silvermont
__gmpn_add_nc_x86_64
__gmpn_addlsh1_n
__gmpn_addlsh1_n_atom
__gmpn_addlsh1_n_bd1
__gmpn_addlsh1_n_core2
__gmpn_addlsh1_n_coreisbr
__gmpn_addlsh1_n_init
__gmpn_addlsh1_n_pentium4
__gmpn_addlsh1_n_silvermont
__gmpn_addlsh1_n_x86_64
__gmpn_addlsh1_n_zen
__gmpn_addlsh1_nc_atom
__gmpn_addlsh1_nc_bd1
__gmpn_addlsh1_nc_coreisbr
__gmpn_addlsh1_nc_zen
__gmpn_addlsh2_n
__gmpn_addlsh2_n_atom
__gmpn_addlsh2_n_core2
__gmpn_addlsh2_n_coreisbr
__gmpn_addlsh2_n_init
__gmpn_addlsh2_n_pentium4
__gmpn_addlsh2_n_silvermont
__gmpn_addlsh2_n_x86_64
__gmpn_addlsh2_nc_coreisbr
__gmpn_addlsh_n
__gmpn_addmul_1
__gmpn_addmul_1_atom
__gmpn_addmul_1_bd1
__gmpn_addmul_1_bt1
__gmpn_addmul_1_core2
__gmpn_addmul_1_coreibwl
__gmpn_addmul_1_coreihwl
__gmpn_addmul_1_coreinhm
__gmpn_addmul_1_coreisbr
__gmpn_addmul_1_goldmont
__gmpn_addmul_1_init
__gmpn_addmul_1_pentium4
__gmpn_addmul_1_silvermont
__gmpn_addmul_1_x86_64
__gmpn_addmul_1_zen
__gmpn_addmul_1c_core2
__gmpn_addmul_1c_silvermont
__gmpn_addmul_2
__gmpn_addmul_2_atom
__gmpn_addmul_2_bd1
__gmpn_addmul_2_coreihwl
__gmpn_addmul_2_coreisbr
__gmpn_addmul_2_fat
__gmpn_addmul_2_init
__gmpn_addmul_2_k8
__gmpn_addmul_2_pentium4
__gmpn_and_n
__gmpn_andn_n
__gmpn_bases
__gmpn_bc_mulmod_bnm1
__gmpn_bc_set_str
__gmpn_bdiv_dbm1c
__gmpn_bdiv_dbm1c_init
__gmpn_bdiv_dbm1c_x86_64
__gmpn_bdiv_q
__gmpn_bdiv_q_1
__gmpn_bdiv_q_itch
__gmpn_bdiv_qr
__gmpn_bdiv_qr_itch
__gmpn_binvert
__gmpn_binvert_itch
__gmpn_broot
__gmpn_broot_invm1
__gmpn_brootinv
__gmpn_bsqrt
__gmpn_bsqrtinv
__gmpn_cmp
__gmpn_cnd_add_n
__gmpn_cnd_add_n_atom
__gmpn_cnd_add_n_coreisbr
__gmpn_cnd_add_n_init
__gmpn_cnd_add_n_x86_64
__gmpn_cnd_sub_n
__gmpn_cnd_sub_n_atom
__gmpn_cnd_sub_n_coreisbr
__gmpn_cnd_sub_n_init
__gmpn_cnd_sub_n_x86_64
__gmpn_cnd_swap
__gmpn_com
__gmpn_com_atom
__gmpn_com_bd1
__gmpn_com_bt2
__gmpn_com_core2
__gmpn_com_init
__gmpn_com_x86_64
__gmpn_com_zen
__gmpn_compute_powtab
__gmpn_copyd
__gmpn_copyd_atom
__gmpn_copyd_bd1
__gmpn_copyd_bt1
__gmpn_copyd_bt2
__gmpn_copyd_core2
__gmpn_copyd_init
__gmpn_copyd_nano
__gmpn_copyd_x86_64
__gmpn_copyd_zen
__gmpn_copyi
__gmpn_copyi_atom
__gmpn_copyi_bd1
__gmpn_copyi_bt1
__gmpn_copyi_bt2
__gmpn_copyi_core2
__gmpn_copyi_init
__gmpn_copyi_nano
__gmpn_copyi_x86_64
__gmpn_copyi_zen
__gmpn_cpuid
__gmpn_cpuvec
__gmpn_cpuvec_init
__gmpn_cpuvec_initialized
__gmpn_dc_set_str
__gmpn_dcpi1_bdiv_q
__gmpn_dcpi1_bdiv_qr
__gmpn_dcpi1_bdiv_qr_n
__gmpn_dcpi1_bdiv_qr_n_itch
__gmpn_dcpi1_div_q
__gmpn_dcpi1_div_qr
__gmpn_dcpi1_div_qr_n
__gmpn_dcpi1_divappr_q
__gmpn_div_q
__gmpn_div_qr_1
__gmpn_div_qr_1n_pi1
__gmpn_div_qr_2
__gmpn_div_qr_2n_pi1
__gmpn_div_qr_2u_pi1
__gmpn_divexact
__gmpn_divexact_1
__gmpn_divexact_1_atom
__gmpn_divexact_1_init
__gmpn_divexact_1_nano
__gmpn_divexact_1_x86_64
__gmpn_divexact_by3
__gmpn_divexact_by3c
__gmpn_divisible_p
__gmpn_divmod_1
__gmpn_divrem
__gmpn_divrem_1
__gmpn_divrem_1_core2
__gmpn_divrem_1_coreisbr
__gmpn_divrem_1_init
__gmpn_divrem_1_x86_64
__gmpn_divrem_2
__gmpn_dump
__gmpn_fft_best_k
__gmpn_fft_next_size
__gmpn_fib2_ui
__gmpn_fib2m
__gmpn_gcd
__gmpn_gcd_1
__gmpn_gcd_11
__gmpn_gcd_11_bd1
__gmpn_gcd_11_bt1
__gmpn_gcd_11_bt2
__gmpn_gcd_11_core2
__gmpn_gcd_11_coreisbr
__gmpn_gcd_11_init
__gmpn_gcd_11_k10
__gmpn_gcd_11_nano
__gmpn_gcd_11_x86_64
__gmpn_gcd_11_zen
__gmpn_gcd_22
__gmpn_gcd_subdiv_step
__gmpn_gcdext
__gmpn_gcdext_1
__gmpn_gcdext_hook
__gmpn_gcdext_lehmer_n
__gmpn_get_d
__gmpn_get_str
__gmpn_hamdist
__gmpn_hgcd
__gmpn_hgcd2
__gmpn_hgcd2_jacobi
__gmpn_hgcd_appr
__gmpn_hgcd_appr_itch
__gmpn_hgcd_itch
__gmpn_hgcd_jacobi
__gmpn_hgcd_matrix_adjust
__gmpn_hgcd_matrix_init
__gmpn_hgcd_matrix_mul
__gmpn_hgcd_matrix_mul_1
__gmpn_hgcd_matrix_update_q
__gmpn_hgcd_mul_matrix1_vector
__gmpn_hgcd_reduce
__gmpn_hgcd_reduce_itch
__gmpn_hgcd_step
__gmpn_invert
__gmpn_invert_limb
__gmpn_invert_limb_table
__gmpn_invertappr
__gmpn_ior_n
__gmpn_iorn_n
__gmpn_jacobi_2
__gmpn_jacobi_base
__gmpn_jacobi_n
__gmpn_lshift
__gmpn_lshift_atom
__gmpn_lshift_core2
__gmpn_lshift_coreisbr
__gmpn_lshift_init
__gmpn_lshift_k10
__gmpn_lshift_pentium4
__gmpn_lshift_silvermont
__gmpn_lshift_x86_64
__gmpn_lshift_zen
__gmpn_lshiftc
__gmpn_lshiftc_atom
__gmpn_lshiftc_core2
__gmpn_lshiftc_coreisbr
__gmpn_lshiftc_init
__gmpn_lshiftc_k10
__gmpn_lshiftc_pentium4
__gmpn_lshiftc_silvermont
__gmpn_lshiftc_x86_64
__gmpn_lshiftc_zen
__gmpn_matrix22_mul
__gmpn_matrix22_mul1_inverse_vector
__gmpn_matrix22_mul_itch
__gmpn_mod_1
__gmpn_mod_1_1p
__gmpn_mod_1_1p_cps
__gmpn_mod_1_1p_cps_init
__gmpn_mod_1_1p_cps_x86_64
__gmpn_mod_1_1p_init
__gmpn_mod_1_1p_x86_64
__gmpn_mod_1_fat
__gmpn_mod_1_init
__gmpn_mod_1s_2p
__gmpn_mod_1s_2p_cps
__gmpn_mod_1s_2p_cps_init
__gmpn_mod_1s_2p_cps_x86_64
__gmpn_mod_1s_2p_init
__gmpn_mod_1s_2p_x86_64
__gmpn_mod_1s_3p
__gmpn_mod_1s_3p_cps
__gmpn_mod_1s_4p
__gmpn_mod_1s_4p_cps
__gmpn_mod_1s_4p_cps_init
__gmpn_mod_1s_4p_cps_x86_64
__gmpn_mod_1s_4p_init
__gmpn_mod_1s_4p_x86_64
__gmpn_mod_34lsub1
__gmpn_mod_34lsub1_init
__gmpn_mod_34lsub1_pentium4
__gmpn_mod_34lsub1_x86_64
__gmpn_modexact_1_odd_x86_64
__gmpn_modexact_1c_odd
__gmpn_modexact_1c_odd_init
__gmpn_modexact_1c_odd_x86_64
__gmpn_mu_bdiv_q
__gmpn_mu_bdiv_q_itch
__gmpn_mu_bdiv_qr
__gmpn_mu_bdiv_qr_itch
__gmpn_mu_div_q
__gmpn_mu_div_q_itch
__gmpn_mu_div_qr
__gmpn_mu_div_qr_itch
__gmpn_mu_divappr_q
__gmpn_mu_divappr_q_itch
__gmpn_mul
__gmpn_mul_1
__gmpn_mul_1_atom
__gmpn_mul_1_bd1
__gmpn_mul_1_bt1
__gmpn_mul_1_coreihwl
__gmpn_mul_1_coreisbr
__gmpn_mul_1_goldmont
__gmpn_mul_1_init
__gmpn_mul_1_pentium4
__gmpn_mul_1_silvermont
__gmpn_mul_1_x86_64
__gmpn_mul_1_zen
__gmpn_mul_1c_atom
__gmpn_mul_1c_bd1
__gmpn_mul_1c_bt1
__gmpn_mul_1c_coreisbr
__gmpn_mul_1c_goldmont
__gmpn_mul_1c_pentium4
__gmpn_mul_1c_silvermont
__gmpn_mul_1c_x86_64
__gmpn_mul_1c_zen
__gmpn_mul_2
__gmpn_mul_basecase
__gmpn_mul_basecase_bd1
__gmpn_mul_basecase_bt1
__gmpn_mul_basecase_core2
__gmpn_mul_basecase_coreibwl
__gmpn_mul_basecase_coreihwl
__gmpn_mul_basecase_coreisbr
__gmpn_mul_basecase_fat
__gmpn_mul_basecase_init
__gmpn_mul_basecase_k8
__gmpn_mul_basecase_pentium4
__gmpn_mul_basecase_silvermont
__gmpn_mul_basecase_zen
__gmpn_mul_fft
__gmpn_mul_n
__gmpn_mullo_basecase
__gmpn_mullo_basecase_core2
__gmpn_mullo_basecase_coreibwl
__gmpn_mullo_basecase_coreihwl
__gmpn_mullo_basecase_coreisbr
__gmpn_mullo_basecase_fat
__gmpn_mullo_basecase_init
__gmpn_mullo_basecase_k8
__gmpn_mullo_basecase_pentium4
__gmpn_mullo_basecase_silvermont
__gmpn_mullo_basecase_zen
__gmpn_mullo_n
__gmpn_mulmid
__gmpn_mulmid_basecase
__gmpn_mulmid_n
__gmpn_mulmod_bnm1
__gmpn_mulmod_bnm1_next_size
__gmpn_nand_n
__gmpn_neg
__gmpn_ni_invertappr
__gmpn_nior_n
__gmpn_nussbaumer_mul

Sections

.text
Size: 501KB - Virtual size: 501KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/libr/short/ProvProvider.dll
.dll regsvr32 windows x64

91712e8ec3be030741115542b96aa566

Code Sign

33:00:00:02:ed:2c:45:e4:c1:45:cf:48:44:00:00:00:00:02:ed
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-12-2020 21:29

Not After

02-12-2021 21:29

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c3:46:2f:48:ba:bf:db:dd:92:74:0d:b0:38:04:52:3c:c9:9f:ca:37:e5:8b:e8:27:2d:c9:db:29:a7:d6:aa:70
Signer

Actual PE Digest

c3:46:2f:48:ba:bf:db:dd:92:74:0d:b0:38:04:52:3c:c9:9f:ca:37:e5:8b:e8:27:2d:c9:db:29:a7:d6:aa:70

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 13:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

msvcrt

_vsnwprintf
_wcsicmp
memcmp
memcpy
wcschr
_wcsnicmp
strcpy_s
qsort
_wcsrev
_wcslwr
_strnicmp
wcsncmp
iswalpha
strncpy_s
_wcstoi64
_wtoi
towupper
_vsnprintf_s
iswspace
towlower
swscanf_s
__RTDynamicCast
memmove
_errno
_onexit
__dllonexit
_unlock
_lock
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
_callnewh
??0exception@@QEAA@AEBQEBDH@Z
wcsstr
_wcslwr_s
malloc
wcsncpy_s
wcscat_s
wcscpy_s
_purecall
vswprintf_s
_vscwprintf
??0exception@@QEAA@XZ
memmove_s
??0exception@@QEAA@AEBQEBD@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
memcpy_s
??0exception@@QEAA@AEBV0@@Z
free
__C_specific_handler
_vsnwprintf_s
wcstoul
wcstok_s
wcsrchr
__CxxFrameHandler3
memset

advapi32

LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorControl
GetSecurityDescriptorLength
GetAclInformation
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegCreateKeyExW
RegGetValueW
RegSetValueExW
GetSecurityInfo
OpenEncryptedFileRawW
WriteEncryptedFileRaw
CloseEncryptedFileRaw
RevertToSelf
ReadEncryptedFileRaw

kernel32

CopyFileW
SizeofResource
LockResource
LoadResource
FindResourceExW
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy
GetEnvironmentVariableW
WideCharToMultiByte
RaiseException
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
OutputDebugStringW
MapViewOfFile
CreateFileMappingW
UnmapViewOfFile
GetVersionExW
SearchPathW
SetThreadLocale
GetThreadLocale
DisableThreadLibraryCalls
InitializeCriticalSection
GetModuleFileNameW
GetCurrentProcessId
GetCurrentThreadId
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
GetSystemInfo
GetHandleInformation
SetFilePointerEx
SetEndOfFile
GetOverlappedResult
SetFilePointer
SetThreadIdealProcessor
GetVolumeInformationW
InitializeCriticalSectionAndSpinCount
SetThreadUILanguage
GetModuleHandleW
LoadLibraryExW
GetProcAddress
CompareStringW
OutputDebugStringA
GetLastError
LockFileEx
UnlockFileEx
OpenProcess
GetPrivateProfileSectionW
WaitForMultipleObjects
GetVolumeInformationByHandleW
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForMultipleObjectsEx
DosDateTimeToFileTime
LocalFileTimeToFileTime
SetFileTime
LoadLibraryW
GetVolumePathNamesForVolumeNameW
GetFileInformationByHandleEx
FindFirstFileW
SetLastError
FindNextFileW
DeviceIoControl
GetTempPathW
FindClose
CreateFileW
GetFileAttributesW
SetFileAttributesW
GetFileInformationByHandle
SetFileInformationByHandle
DeleteFileW
CloseHandle
CopyFileExW
FlushFileBuffers
GetFileSizeEx
WaitForSingleObject
GetCurrentDirectoryW
FreeLibrary
CreateDirectoryW
GetFullPathNameW
GetLongPathNameW
GetFinalPathNameByHandleW
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
ExpandEnvironmentStringsW
FormatMessageW
SetEvent
CreateThread
ResetEvent
LocalFree
GetModuleFileNameA
CreateSemaphoreExW
ReleaseSemaphore
GetModuleHandleExW
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
DebugBreak
IsDebuggerPresent
ReadFile
WriteFile
RemoveDirectoryW
LocalAlloc
GetCurrentThread
DuplicateHandle
CreateEventW

ole32

CoCreateGuid
CoCreateInstance
StringFromGUID2

user32

CharLowerBuffW
CharUpperW
CharNextW

oleaut32

VarBstrCmp
SysAllocStringLen
UnRegisterTypeLi
SysFreeString
SysStringByteLen
SysAllocStringByteLen
RegisterTypeLi
VariantClear
SysAllocString
SysStringLen
LoadRegTypeLi
LoadTypeLi

profapi

ord104

ntdll

RtlFindAceByType
NtSetSecurityObject
RtlDosPathNameToNtPathName_U
NtOpenFile
NtQueryDirectoryFile
NtClose
NtQueryInformationFile
NtQueryInformationProcess
NtQueryEaFile
NtCreateFile
NtSetEaFile
RtlImpersonateSelf
RtlAdjustPrivilege
RtlInitializeResource
RtlAcquireResourceExclusive
RtlSetControlSecurityDescriptor
RtlReleaseResource
RtlDeleteResource
RtlReAllocateHeap
RtlRaiseStatus
NtYieldExecution
DbgPrintEx
RtlAcquireResourceShared
RtlFreeHeap
RtlAllocateHeap
RtlNtStatusToDosError
NtSetInformationFile

xmllite

CreateXmlWriter
CreateXmlReader

bcrypt

BCryptCloseAlgorithmProvider
BCryptDestroyHash
BCryptCreateHash
BCryptHashData
BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptFinishHash

cabinet

ord22
ord23
ord20

rpcrt4

RpcStringFreeW
UuidToStringW
UuidCreate

Exports

Exports

DLLGetDISMProviderCLSID
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 554KB - Virtual size: 553KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/libr/short/W32UIRes.dll
.dll windows x64

Code Sign

33:00:00:03:3c:89:c6:6a:7b:45:bb:1f:bd:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-09-2021 18:23

Not After

01-09-2022 18:23

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9a:83:3d:98:29:fc:d3:16:31:7d:ff:47:d8:79:a7:cc:d0:1e:41:05:3b:90:1e:06:71:f1:14:2f:f3:ec:1b:b3
Signer

Actual PE Digest

9a:83:3d:98:29:fc:d3:16:31:7d:ff:47:d8:79:a7:cc:d0:1e:41:05:3b:90:1e:06:71:f1:14:2f:f3:ec:1b:b3

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 13:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Sections

.rdata
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
tran/libr/short/mispace.dll
.dll regsvr32 windows x64

159c5b4436f252ca1d5d0f980b1fa8b9

Code Sign

33:00:00:03:3c:89:c6:6a:7b:45:bb:1f:bd:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-09-2021 18:23

Not After

01-09-2022 18:23

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

46:a0:3b:31:31:2b:64:bd:35:d2:2e:c0:8c:3b:71:97:8a:6c:33:e5:f3:a0:af:f2:5a:12:67:42:87:f0:4c:67
Signer

Actual PE Digest

46:a0:3b:31:31:2b:64:bd:35:d2:2e:c0:8c:3b:71:97:8a:6c:33:e5:f3:a0:af:f2:5a:12:67:42:87:f0:4c:67

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 13:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_onexit
_CxxThrowException
_unlock
_lock
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
isspace
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_callnewh
memmove_s
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
memset
_wcsicmp
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
_purecall
memcpy_s
_vsnwprintf
__CxxFrameHandler3
wcstok_s
_ui64tow_s
_wcsnicmp
wcsnlen
_itow_s
_wtoi
memcmp
towupper
wcschr
wcsncmp
wcsncat_s
swscanf_s
iswalpha
_wtoi64
iswspace
mbtowc
localeconv
wcsstr
_vscwprintf
memcpy
memmove
toupper
malloc
free
swprintf_s
__dllonexit
wcscmp

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventActivityIdControl
EventWriteTransfer
EventUnregister
EventRegister

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetWindowsDirectoryW
GetComputerNameExW
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetSystemTime

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
SetLastError
UnhandledExceptionFilter

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
GetModuleFileNameW
LoadStringW
GetModuleHandleW
FreeLibrary
GetModuleHandleExW
LoadLibraryExW
GetProcAddress
GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

CreateEventW
InitializeCriticalSection
WaitForMultipleObjectsEx
SetEvent
CreateSemaphoreExW
EnterCriticalSection
ReleaseSemaphore
LeaveCriticalSection
InitializeCriticalSectionEx
WaitForSingleObject
InitializeSRWLock
ReleaseMutex
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObjectEx
OpenSemaphoreW
ReleaseSRWLockShared
CreateMutexExW
AcquireSRWLockShared
DeleteCriticalSection
ResetEvent

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolTimer
CloseThreadpoolWork
SetThreadpoolTimer
CloseThreadpool
CreateThreadpool
CreateThreadpoolWork
SetThreadpoolThreadMinimum
SubmitThreadpoolWork
CloseThreadpoolTimer
SetThreadpoolThreadMaximum
WaitForThreadpoolWorkCallbacks
WaitForThreadpoolTimerCallbacks

api-ms-win-core-processthreads-l1-1-0

OpenThreadToken
ResumeThread
CreateThread
GetCurrentProcessId
TerminateProcess
SetThreadToken
TlsGetValue
GetCurrentThreadId
OpenProcessToken
GetCurrentProcess
GetCurrentThread

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-handle-l1-1-0

CloseHandle

rpcrt4

RpcServerListen
RpcRevertToSelf
RpcImpersonateClient
RpcMgmtStopServerListening
RpcServerUnregisterIf
UuidCreate
RpcServerUseProtseqEpW
I_RpcServerDisableExceptionFilter
NdrServerCall2
NdrServerCallAll
RpcServerRegisterIfEx

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlCompareMemory
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureStackBackTrace

sxshared

SxTracerDebuggerBreak
SxTracerShouldTrackFailure
SxTracerGetThreadContextRetail

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegGetValueW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegDeleteKeyExW

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-security-base-l1-1-0

GetLengthSid
IsValidSid
AdjustTokenPrivileges
CopySid
FreeSid
CheckTokenMembership
AllocateAndInitializeSid
ImpersonateLoggedOnUser
DuplicateTokenEx
RevertToSelf
GetTokenInformation

api-ms-win-core-com-l1-1-0

CoTaskMemFree
CoCreateGuid
CLSIDFromString
CoTaskMemAlloc
CoDisconnectObject
CoSetProxyBlanket
CoUninitialize
CoCreateInstance

api-ms-win-core-io-l1-1-0

DeviceIoControl
GetOverlappedResult

api-ms-win-core-file-l1-1-0

GetVolumePathNameW
FindNextFileW
GetDiskFreeSpaceExW
CreateDirectoryW
RemoveDirectoryW
GetLongPathNameW
DefineDosDeviceW
FlushFileBuffers
CreateFileW
GetDriveTypeW
DeleteVolumeMountPointW
SetFilePointerEx
WriteFile
SetFilePointer
FindFirstFileW
FindNextVolumeW
GetVolumeInformationW
GetFinalPathNameByHandleW
ReadFile
FindClose
GetFileAttributesW
DeleteFileW
GetFileSizeEx
GetDiskFreeSpaceW
FindVolumeClose
CompareFileTime
FindFirstVolumeW
QueryDosDeviceW

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
FileTimeToSystemTime

sspicli

LogonUserExExW

api-ms-win-eventing-controller-l1-1-0

ControlTraceW
StartTraceW
EnableTraceEx2

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-file-l2-1-0

MoveFileWithProgressW

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSecurityDescriptorToStringSecurityDescriptorW

api-ms-win-core-string-l1-1-0

CompareStringOrdinal
MultiByteToWideChar
CompareStringW

api-ms-win-core-file-l1-2-0

GetVolumePathNamesForVolumeNameW
GetVolumeNameForVolumeMountPointW

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedPushEntrySList
InterlockedPopEntrySList

api-ms-win-core-wow64-l1-1-0

IsWow64Process

api-ms-win-devices-config-l1-1-1

CM_Get_Parent

srvcli

NetShareAdd
NetShareEnum
NetShareDel

netutils

NetApiBufferFree

api-ms-win-core-perfcounters-l1-1-0

PerfSetULongCounterValue
PerfCreateInstance
PerfStopProvider
PerfDeleteInstance
PerfStartProviderEx
PerfIncrementULongCounterValue
PerfSetCounterSetInfo

wmiclnt

WmiCloseBlock
WmiQueryAllDataW
WmiOpenBlock

devobj

DevObjEnumDeviceInfo
DevObjGetDeviceInstanceId
DevObjDeleteDevice
DevObjOpenDeviceInterface
DevObjCreateDeviceInfoList
DevObjEnumDeviceInterfaces
DevObjGetDeviceRegistryProperty
DevObjDestroyDeviceInfoList
DevObjGetDeviceInterfaceDetail
DevObjGetClassDevs

ntdll

RtlGetLastNtStatus
RtlSetThreadErrorMode
NtQueryVolumeInformationFile
NtPowerInformation
NtQuerySystemInformation
RtlFreeHeap
RtlAllocateHeap
NtSystemDebugControl
RtlNtStatusToDosError
NtCompareTokens
RtlEnumerateGenericTableAvl
RtlEnumerateGenericTableWithoutSplayingAvl
RtlInsertElementGenericTableAvl
RtlLookupElementGenericTableAvl
RtlDeleteElementGenericTableAvl
RtlInitializeGenericTableAvl
EtwTraceMessage
RtlDeleteElementGenericTableAvlEx
RtlAnsiStringToUnicodeString
RtlxAnsiStringToUnicodeSize
RtlInitAnsiString

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW
SetVolumeMountPointW

wevtapi

EvtArchiveExportedLog
EvtExportLog

mi

MI_Application_InitializeV1

virtdisk

GetStorageDependencyInformation

resutils

ResUtilFindSzProperty

bcrypt

BCryptGenRandom

cfgmgr32

CM_Unregister_Notification
CM_Reenumerate_DevNode
CM_MapCrToWin32Err
CM_Register_Notification
CM_Reenumerate_DevNode_Ex

bcd

BcdOpenSystemStore
BcdCloseObject
BcdOpenObject
BcdDeleteObject
BcdCloseStore
BcdEnumerateObjects
BcdEnumerateElementTypes
BcdGetElementDataWithFlags
BcdSetElementData
BcdDeleteElement
BcdGetElementData

api-ms-win-core-version-l1-1-0

VerQueryValueW
GetFileVersionInfoSizeExW
GetFileVersionInfoExW

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-io-l1-1-1

CancelIo

api-ms-win-core-memory-l1-1-0

VirtualFree
VirtualAlloc

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
GetProviderClassID
MI_Main
PreShutdown
SetShutdownCallback
SmpUnload
WspCheckMinimumSubsystemVersion
WspCompleteMethod
WspCreateJob
WspEnumerateRemoteInstances
WspFreeString
WspGetClassName
WspGetRemoteInstance
WspGetSubsystemFilter
WspGuidToString
WspInvokeRemoteMethod
WspIsAutomaticClusteringEnabled
WspIsRemoteInstance
WspIsRemoteRequest
WspPackObjectId
WspPostAssociation
WspPostSubsystemAssociationReferenceObject
WspProviderEnter
WspProviderExit
WspReferencesOfRemoteInstance
WspRunMethodAsJob
WspSendIndication
WspUnpackObjectId
WspUpdateMethod

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1005KB - Virtual size: 1005KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/libr/tehnical/wbemcore.dll
.dll regsvr32 windows x64

71b0cdb1ea967550680a6969c9714a3d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

sscanf_s
wcscmp
memcmp
_vsnprintf
atol
memset
?terminate@@YAXXZ
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_initterm
_amsg_exit
_XcptFilter
_unlock
_lock
memmove
memcpy
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_wcslwr_s
wcsstr
iswxdigit
iswspace
memmove_s
_ui64tow_s
_vsnprintf_s
swprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
malloc
isdigit
free
wcschr
_wcsicmp
_vsnwprintf
_wcsnicmp
wcstok
_purecall
__C_specific_handler
__CxxFrameHandler3

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
TlsSetValue
GetCurrentThread
TlsFree
TlsGetValue
OpenThreadToken
GetCurrentProcess
TerminateProcess
SetThreadToken
TlsAlloc
GetCurrentThreadId
CreateThread
GetProcessTimes

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
DeleteCriticalSection
ReleaseMutex
OpenEventW
SetEvent
ReleaseSRWLockExclusive
LeaveCriticalSection
CreateEventW
InitializeCriticalSectionEx
WaitForSingleObject
WaitForMultipleObjectsEx
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
ResetEvent
AcquireSRWLockShared
CreateMutexExW
AcquireSRWLockExclusive
WaitForSingleObjectEx
ReleaseSRWLockShared
OpenSemaphoreW
CreateSemaphoreExW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GlobalMemoryStatusEx
GetVersionExW
GetSystemDirectoryW
GetSystemTime
GetVersion
GetComputerNameExW
GetSystemInfo
GetTickCount64
GetLocalTime
GetTickCount

api-ms-win-core-registry-l1-1-0

RegNotifyChangeKeyValue
RegCreateKeyExW
RegOpenKeyExW
RegDeleteValueW
RegDeleteKeyExW
RegQueryValueExW
RegSetValueExW
RegCloseKey

api-ms-win-core-localization-l1-2-0

LCMapStringW
FormatMessageW

api-ms-win-core-threadpool-legacy-l1-1-0

CreateTimerQueueTimer
DeleteTimerQueueTimer
QueueUserWorkItem

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError

api-ms-win-security-base-l1-1-0

GetSecurityDescriptorDacl
GetLengthSid
RevertToSelf
GetTokenInformation
GetSecurityDescriptorControl
FreeSid
IsValidSecurityDescriptor
GetSidSubAuthority
GetSidSubAuthorityCount
PrivilegeCheck
AccessCheck
GetSecurityDescriptorSacl
AllocateAndInitializeSid

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetProcAddress
FreeLibrary
GetModuleHandleExW
GetModuleHandleW
LoadLibraryExW

api-ms-win-core-string-obsolete-l1-1-0

lstrlenW

api-ms-win-core-file-l1-1-0

WriteFile
GetFileInformationByHandle
GetFileAttributesExW
CreateFileW
GetFileAttributesW

api-ms-win-core-timezone-l1-1-0

SystemTimeToFileTime
FileTimeToSystemTime

api-ms-win-eventing-provider-l1-1-0

EventActivityIdControl

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-string-l1-1-0

GetStringTypeExW
WideCharToMultiByte
CompareStringW

api-ms-win-core-version-l1-1-0

GetFileVersionInfoExW
GetFileVersionInfoSizeExW
VerQueryValueW

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-kernel32-legacy-l1-1-0

MoveFileW

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

ntdll

WinSqmIsOptedIn
WinSqmAddToStream

wbemcomn

??BWString@@QEBAPEBGXZ
?MakeInternalCopyOfThread@CWbemCallSecurity@@SAPEAV1@XZ
?WbemMemReAlloc@CWin32DefaultArena@@SAPEAXPEAX_K@Z
?IsValid@CNtSid@@QEAAHXZ
?IsValid@CNtAcl@@QEAAHXZ
?GetStatus@CNtSecurityDescriptor@@QEAAKXZ
?GetPtr@CNtSecurityDescriptor@@QEAAPEAXXZ
IsInAdminGroup
?GetSid@CNtAce@@QEAAPEAVCNtSid@@XZ
??0CNtAcl@@QEAA@PEAU_ACL@@@Z
?ContainsSid@CNtAcl@@QEAAHAEAVCNtSid@@AEAE@Z
?DeleteAce@CNtAcl@@QEAAHH@Z
?OrderAces@CNtAcl@@QEAAPEAV1@XZ
??4CNtSecurityDescriptor@@QEAAAEAV0@AEAV0@@Z
?GetDacl@CNtSecurityDescriptor@@QEAAJPEAPEAVCNtAcl@@@Z
?GetSacl@CNtSecurityDescriptor@@QEAAJPEAPEAVCNtAcl@@@Z
?SetSacl@CNtSecurityDescriptor@@QEAAHPEAVCNtAcl@@@Z
?DeleteSacl@CNtSecurityDescriptor@@QEAAJXZ
?GetOwner@CNtSecurityDescriptor@@QEAAPEAVCNtSid@@XZ
?SetOwner@CNtSecurityDescriptor@@QEAAHPEAVCNtSid@@@Z
?SetGroup@CNtSecurityDescriptor@@QEAAHPEAVCNtSid@@@Z
?GetSize@CNtSecurityDescriptor@@QEAAKXZ
GetSecurityDescriptorFromParameters
BuildSecurityDescriptorParameter
??0CVar@@QEAA@E@Z
??0CVar@@QEAA@J@Z
??0CVar@@QEAA@FH@Z
??0CVar@@QEAA@PEAVCVarVector@@H@Z
?SetVarVector@CVar@@QEAAXPEAVCVarVector@@H@Z
??0CVarVector@@QEAA@HHH@Z
??1CVarVector@@QEAA@XZ
?Add@CVarVector@@QEAAHAEAVCVar@@@Z
??0CVar@@QEAA@PEAUtagVARIANT@@@Z
?GetEmbeddedObject@CVar@@QEAAPEAUIUnknown@@XZ
?Length@WString2@@QEBAHXZ
?EqualNoCase@WString2@@QEBAHPEBG@Z
??0CPropertyName@@QEAA@XZ
??1CPropertyName@@QEAA@XZ
?GetNumElements@CPropertyName@@QEBAJXZ
??0CWbemTime@@QEAA@XZ
?Get100nss@CWbemTime@@QEBA_JXZ
?CountQuery@CWQLScanner@@QEAAHXZ
?IsValidDateTime@CDateTimeParser@@QEAAHXZ
?GetStringAt@CPropertyName@@QEBAPEBGJ@Z
?AddElement@CPropertyName@@QEAAXPEBG@Z
?Empty@CVar@@QEAAXXZ
?ChangeTypeTo@CVar@@QEAAHG@Z
??0QL_LEVEL_1_TOKEN@@QEAA@AEBU0@@Z
??1QL_LEVEL_1_TOKEN@@QEAA@XZ
??0CLike@@QEAA@PEBGG@Z
??1CLike@@QEAA@XZ
?Match@CLike@@QEAA_NPEBG@Z
ReadI64
?GetReferencedTables@CWQLScanner@@QEAAHAEAVCWStringArray@@@Z
??0CDateTimeParser@@QEAA@PEBG@Z
??1CDateTimeParser@@QEAA@XZ
?FillDMTF@CDateTimeParser@@QEAAHPEAG_K@Z
ReadUI64
??4WString@@QEAAAEAV0@AEBV0@@Z
?SetDMTF@CWbemTime@@QEAAHPEBG@Z
??0QL1_Parser@@QEAA@PEAVCGenLexSource@@@Z
??1QL1_Parser@@UEAA@XZ
?Parse@QL1_Parser@@QEAAHPEAPEAUQL_LEVEL_1_RPN_EXPRESSION@@@Z
?UnbindPtr@WString2@@QEAAPEAGXZ
??1QL_LEVEL_1_RPN_EXPRESSION@@QEAA@XZ
?AddRef@QL_LEVEL_1_RPN_EXPRESSION@@QEAAXXZ
?Release@QL_LEVEL_1_RPN_EXPRESSION@@QEAAXXZ
?AddProperty@QL_LEVEL_1_RPN_EXPRESSION@@UEAAXAEBVCPropertyName@@@Z
?GetText@QL_LEVEL_1_RPN_EXPRESSION@@QEAAPEAGXZ
?PublishTemporaryEssStarted@CPublishWMIOperationEvent@@SAJPEAG00K00@Z
?ValidateMemSize@CWin32DefaultArena@@SAHH@Z
?_GetSystemDefaultLocale@CMUILocale@@SAJPEAPEAGK@Z
??0CEnterWbemCriticalSection@@QEAA@PEAVCWbemCriticalSection@@K@Z
??1CEnterWbemCriticalSection@@QEAA@XZ
Set_WPP_INIT_TRACING_Call_State
?SetLogingEnabled@CMemoryLog@@QEAAX_N@Z
RegisterDLL
UnRegisterDLL
?RegisterCMIFlushRepositoryCacheHook@CWbemInstallObject@@SAXP6AJH@Z@Z
?UnregisterCMIFlushRepositoryCacheHook@CWbemInstallObject@@SAXXZ
WMIControlClientOpsCallback
??0CWbemCriticalSection@@QEAA@XZ
??1CWbemCriticalSection@@QEAA@XZ
?Enter@CWbemCriticalSection@@QEAAHK@Z
?Leave@CWbemCriticalSection@@QEAAXXZ
?Init@CPublishWMIOperationEvent@@SAJXZ
??0CVar@@QEAA@HVauto_bstr@@@Z
??0CHex@@QEAA@J@Z
?DeleteValue@Registry@@QEAAHPEBG@Z
?GetPersistentCfgValue@CPersistentConfig@@QEAAHKAEAK@Z
TestDirExistAndCreateWithSDIfNotThere
??0CInsertionString@@QEAA@VCHex@@@Z
??0CEventLog@@QEAA@PEBGAEBU_GUID@@K@Z
??1CEventLog@@QEAA@XZ
?Close@CEventLog@@QEAAHXZ
?Open@CEventLog@@QEAAHXZ
ComposeName
?GetBinaryPath@CWbemInstallObject@@SAPEBGXZ
?GetRepositoryFolder@CWbemInstallObject@@SAPEBGXZ
?anyFailure@CStaticCritSec@@SAHXZ
??0WString@@QEAA@AEBV0@@Z
?EqualNoCase@WString@@QEBAHPEBG@Z
?SetAt@CFlexArray@@QEAAXHPEAX@Z
??0CVar@@QEAA@AEBV0@@Z
?Empty@WString@@QEAAXXZ
?Size@CSafeArray@@QEAAHXZ
?GetVarVector@CVar@@QEAAPEAVCVarVector@@XZ
?GetStatus@CNtSid@@QEAAKXZ
?SetFlags@CNtAce@@UEAAXJ@Z
?GetStatus@CNtAce@@UEAAKXZ
_IsValidElementName
?Empty@CWStringArray@@QEAAXXZ
?FindStr@CWStringArray@@QEAAHPEBGH@Z
?IsUserInGroup@CNtSecurity@@SAHPEAXAEAVCNtSid@@PEAH@Z
?IsDataNull@CVar@@QEAAHXZ
?GetBSTR@CVar@@QEAAPEAGXZ
isunialphanum
?Size@CVarVector@@QEAAHXZ
?GetAt@CVarVector@@QEAAAEAVCVar@@H@Z
??0CNtAce@@QEAA@KKKAEAVCNtSid@@@Z
??1CNtAce@@UEAA@XZ
?GetType@CNtAce@@UEAAHXZ
?GetFlags@CNtAce@@UEAAHXZ
?GetAccessMask@CNtAce@@UEAAKXZ
?GetSerializedSize@CNtAce@@UEAAKXZ
?Serialize@CNtAce@@UEAA_NPEAE_K@Z
?Deserialize@CNtAce@@UEAA_NPEAE@Z
IsAdmin
??0CNtAcl@@QEAA@K@Z
??1CNtAcl@@QEAA@XZ
?GetNumAces@CNtAcl@@QEAAHXZ
?GetAce@CNtAcl@@QEAAPEAVCNtAce@@H@Z
?AddAce@CNtAcl@@QEAAHPEAVCNtAce@@@Z
BuildOperationInfo
??0CNtSecurityDescriptor@@QEAA@PEAX@Z
??0CNtSecurityDescriptor@@QEAA@XZ
??1CNtSecurityDescriptor@@QEAA@XZ
?GetDacl@CNtSecurityDescriptor@@QEAAPEAVCNtAcl@@XZ
?SetDacl@CNtSecurityDescriptor@@QEAAHPEAVCNtAcl@@@Z
?GetSacl@CNtSecurityDescriptor@@QEAAPEAVCNtAcl@@XZ
?CoGetClassObject@CWbemInstallObject@@SAJAEBU_GUID@@KPEAU_COSERVERINFO@@0PEAPEAX@Z
GetAccessToken
GetGlobalClientOps
??0CMUILocaleList@@QEAA@XZ
??1CMUILocaleList@@QEAA@XZ
?Initialize@CMUILocaleList@@QEAAJPEAG_N@Z
?GetFirst_ms_XXX_Locale@CMUILocaleList@@QEAAJPEAPEAG@Z
?GetCultures@CMUILocaleList@@QEAAPEBGXZ
?GetLocales@CMUILocaleList@@QEAAPEBGXZ
?AddChild@CClientOpsNode@@QEAAXPEAV1@@Z
??0CNtSid@@QEAA@PEAX@Z
??1CNtSid@@QEAA@XZ
?ms_XXX_Locale_To_LCID@CMUILocale@@SAJPEBGPEAK@Z
?CheckLangNeutral@CMUILocale@@SAJPEBGPEA_N@Z
?LocaleName_To_LCID@CMUILocale@@SAJPEBGPEA_NPEAK@Z
?LCID_To_ms_XXX_Format@CMUILocale@@SAJKPEAG_K@Z
??0CSafeArray@@QEAA@PEAUtagSAFEARRAY@@HHH@Z
?GetBSTRAt@CSafeArray@@QEAAPEAGH@Z
?Publish@CPublishWMIOperationEvent@@SAJPEAGKK0000K_K0H@Z
?PublishMethodExec@CPublishWMIOperationEvent@@SAJPEAGKK000000K_K0H@Z
?PublishWin32ProcessCreation@CPublishWMIOperationEvent@@SAJPEAGKK0K_K000K1H@Z
?PublishRepDelete@CPublishWMIOperationEvent@@SAJKPEAGPEAUIWbemContext@@K0_KH@Z
?PublishRepUpdate@CPublishWMIOperationEvent@@SAJKPEAGKPEAUIWbemContext@@K0_KH@Z
?CreateInst@CWbemCallSecurity@@SAPEAVIWbemCallSecurity@@XZ
?GetArray@CSafeArray@@QEAAPEAUtagSAFEARRAY@@XZ
?GetDWORD@CVar@@QEAAKXZ
?SetBool@CVar@@QEAAXF@Z
?GetBool@CVar@@QEAAFXZ
?SetBSTR@CVar@@QEAAHPEAG@Z
?SetBSTR@CVar@@QEAAHVauto_bstr@@@Z
??0Registry@@QEAA@PEAUHKEY__@@KKPEBG@Z
?GetDWORDStr@Registry@@QEAAHPEBGPEAK@Z
?GetMultiStr@Registry@@QEAAPEAGPEBGAEAK@Z
?SetDWORD@Registry@@QEAAHPEBGK@Z
?SetDWORDStr@Registry@@QEAAHPEBGK@Z
?SetStr@Registry@@QEAAHPEBG0@Z
??0CSafeArray@@QEAA@HHHH@Z
??1CSafeArray@@QEAA@XZ
?SetBSTRAt@CSafeArray@@QEAAHHPEAG@Z
?Trim@CSafeArray@@QEAAHXZ
?GetAt@CWStringArray@@QEBAPEAGH@Z
??0CVar@@QEAA@HPEAG@Z
?SetAsNull@CVar@@QEAAXXZ
?SetEmbeddedObject@CVar@@QEAAXPEAUIUnknown@@@Z
?GetSelectedColumns@CWQLScanner@@QEAAPEBVCFlexArray@@XZ
??0CFlexArray@@QEAA@AEAV0@@Z
?AliasToTable@CWQLScanner@@QEAAQEAGPEAG@Z
?GetReferencedAliases@CWQLScanner@@QEAAHAEAVCWStringArray@@@Z
??0CWQLScanner@@QEAA@PEAVCGenLexSource@@@Z
??1CWQLScanner@@QEAA@XZ
?Parse@CWQLScanner@@QEAAHXZ
?GetArrayPtr@CFlexArray@@QEAAPEAPEAXXZ
?IsNull@CVar@@QEAAHXZ
??BCVar@@QEAAPEAGXZ
?Compress@CFlexArray@@QEAAXXZ
?Bind@CFlexArray@@QEAAXAEAV1@@Z
??4CWStringArray@@QEAAAEAV0@AEAV0@@Z
?RemoveAt@CWStringArray@@QEAAHH@Z
?Union@CWStringArray@@SAXAEAV1@00@Z
??0WString2@@QEAA@PEAGH@Z
??YWString2@@QEAAAEAV0@AEBV0@@Z
?EscapeQuotes@WString2@@QEBA?AV1@XZ
?SetLong@CVar@@QEAAXJ@Z
?_Free@CMUILocale@@SAHPEAX@Z
??0Registry@@QEAA@PEBGK@Z
?GetStr@Registry@@QEAAHPEBGPEAPEAG@Z
IsNtSetupRunning
?Enter@CCheckedInCritSec@@QEAAXXZ
??1WString@@QEAA@XZ
?Length@WString@@QEBAHXZ
?GetStringPointerByRef@WString@@QEBAAEBQEBGXZ
??BWString@@QEAAPEAGXZ
?BindPtr@WString@@QEAAXPEAG@Z
?GetLastError@Registry@@QEAAJXZ
?GetQueueSize@CFlexQueue@@QEBAHXZ
??0CInsertionString@@QEAA@PEBG@Z
??0CClientOpsNode@@QEAA@XZ
?SetInfo@CClientOpsNode@@QEAAXPEAX@Z
BreakOnDbgAndRenterLoop
_ThrowMemoryException_
??0Registry@@QEAA@PEAUHKEY__@@KPEBG@Z
??1Registry@@QEAA@XZ
?GetDWORD@Registry@@QEAAHPEBGPEAK@Z
??0CIdentitySecurity@@QEAA@_N@Z
??1CIdentitySecurity@@QEAA@XZ
?AccessCheck@CIdentitySecurity@@QEAAHXZ
IsLocalConnection
??0WString@@QEAA@XZ
??4WString@@QEAAAEAV0@PEBG@Z
??YWString@@QEAAAEAV0@PEBG@Z
??1CClientOpsNode@@QEAA@XZ
?RemoveSelf@CClientOpsNode@@QEAAXXZ
?Peek@CFlexQueue@@QEAAPEAXXZ
?PublishStop@CPublishWMIOperationEvent@@SAJKJPEAG@Z
?PublishClientRequestFailure@CPublishWMIOperationEvent@@SAJPEBGPEAG1K10J0@Z
??0CVar@@QEAA@XZ
?GetType@CVar@@QEAAHXZ
?GetLPWSTR@CVar@@QEAAPEAGXZ
??1CVar@@QEAA@XZ
?WbemMemAlloc@CWin32DefaultArena@@SAPEAX_K@Z
?WbemMemFree@CWin32DefaultArena@@SAHPEAX@Z
??ACWStringArray@@QEBAPEAGH@Z
?Size@CWStringArray@@QEBAHXZ
??BWString2@@QEAAPEAGXZ
??0CInsertionString@@QEAA@XZ
??1CInsertionString@@QEAA@XZ
?GetAt@CFlexArray@@QEBAPEAXH@Z
??0CWStringArray@@QEAA@HH@Z
??1CWStringArray@@QEAA@XZ
?Add@CWStringArray@@QEAAHPEBG@Z
?Report@CEventLog@@QEAAHGAEBU_EVENT_DESCRIPTOR@@VCInsertionString@@111111111@Z
?IsOffline@CWbemInstallObject@@SA_NXZ
?GetRegistryPathCIMOM@CWbemInstallObject@@SAPEBGXZ
?CoCreateInstance@CWbemInstallObject@@SAJAEBU_GUID@@PEAUIUnknown@@K0PEAPEAX@Z
??0CFlexQueue@@QEAA@H@Z
??1CFlexQueue@@QEAA@XZ
?Enqueue@CFlexQueue@@QEAA_NPEAX@Z
?Dequeue@CFlexQueue@@QEAAPEAXXZ
??0WString2@@QEAA@XZ
??0WString2@@QEAA@PEBG@Z
??4WString2@@QEAAAEAV0@PEBG@Z
??1WString2@@QEAA@XZ
??YWString2@@QEAAAEAV0@PEBG@Z
?Empty@WString2@@QEAAXXZ
??0CCheckedInCritSec@@QEAA@PEAVCCritSec@@@Z
??1CCheckedInCritSec@@QEAA@XZ
?Leave@CCheckedInCritSec@@QEAAXXZ
?InsertAt@CFlexArray@@QEAAHHPEAX@Z
?Empty@CFlexArray@@QEAAXXZ
??0CStaticCritSec@@QEAA@XZ
??1CStaticCritSec@@QEAA@XZ
??0CCritSec@@QEAA@XZ
??1CCritSec@@QEAA@XZ
?Enter@CCritSec@@QEAAXXZ
?Leave@CCritSec@@QEAAXXZ
??0CInCritSec@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??1CInCritSec@@QEAA@XZ
?Add@CFlexArray@@QEAAHPEAX@Z
?Size@CFlexArray@@QEBAHXZ
??0CFlexArray@@QEAA@HH@Z
??1CFlexArray@@QEAA@XZ
??ACFlexArray@@QEAAAEAPEAXH@Z
?RemoveAt@CFlexArray@@QEAAHH@Z
GetMemLogObject
?Write@CMemoryLog@@QEAAXJ@Z
?SetFailure@CStaticCritSec@@SAXXZ
??0WString@@QEAA@PEBG@Z
??0WString@@QEAA@PEAGH@Z

fastprox

?ValidateRange@CWbemObject@@QEAAHPEAPEAG@Z
?SetDecoration@CWbemObject@@UEAAJPEBG0@Z
?RemoveDecoration@CWbemObject@@UEAAJXZ
?CompareClassParts@CWbemObject@@UEAAJPEAUIWbemClassObject@@J@Z
?GetKeyString@CWbemObject@@UEAAJJPEAPEAG@Z
?GetNormalizedPath@CWbemObject@@UEAAJJPEAPEAG@Z
?BeginEnumerationEx@CWbemObject@@UEAAJJJ@Z
?CIMTYPEToVARTYPE@CWbemObject@@UEAAJJPEAG@Z
?ValidateObject@CWbemObject@@UEAAJJ@Z
?GetParentClassFromBlob@CWbemObject@@UEAAJJKPEAXPEAPEAG@Z
?IsDynamic@CWbemClass@@QEAAHXZ
?IsAbstract@CWbemClass@@QEAAHXZ
?IsAmendment@CWbemClass@@QEAAHXZ
?SetObjectMemory@CWbemObject@@UEAAJPEAXK@Z
?QueryPartInfo@CWbemObject@@UEAAJPEAK@Z
?_GetCoreInfo@CWbemObject@@UEAAJJPEAPEAX@Z
?MergeAmended@CWbemObject@@UEAAJJPEAU_IWmiObject@@@Z
?QueryPropertyFlags@CWbemObject@@UEAAJJPEBG_KPEA_K@Z
?SetObjectFlags@CWbemObject@@UEAAJJ_K0@Z
?QueryObjectFlags@CWbemObject@@UEAAJJ_KPEA_K@Z
?SetMethodQual@CWbemObject@@UEAAJPEBG0JKKJKPEAX@Z
?GetMethodQual@CWbemObject@@UEAAJPEBG0JKPEAJPEAK2PEAX@Z
?SetPropQual@CWbemObject@@UEAAJPEBG0JKKJKPEAX@Z
?GetPropQual@CWbemObject@@UEAAJPEBG0JKPEAJPEAK2PEAX@Z
?SetObjQual@CWbemObject@@UEAAJPEBGJKKJKPEAX@Z
?GetObjQual@CWbemObject@@UEAAJPEBGJKPEAJPEAK2PEAX@Z
?WriteProp@CWbemObject@@UEAAJPEBGJKKJPEAX@Z
?ReadProp@CWbemObject@@UEAAJPEBGJKPEAJ1PEAHPEAKPEAX@Z
?AppendArrayPropRangeByHandle@CWbemObject@@UEAAJJJKKPEAX@Z
?RemoveArrayPropRangeByHandle@CWbemObject@@UEAAJJJKK@Z
?SetArrayPropRangeByHandle@CWbemObject@@UEAAJJJKKKPEAX@Z
?GetArrayPropRangeByHandle@CWbemObject@@UEAAJJJKKKPEAK0PEAX@Z
?RemoveArrayPropElementByHandle@CWbemObject@@UEAAJJJK@Z
?SetArrayPropElementByHandle@CWbemObject@@UEAAJJJKKPEAX@Z
?GetArrayPropElementByHandle@CWbemObject@@UEAAJJJKPEAK0PEAPEAX@Z
?GetArrayPropAddrByHandle@CWbemObject@@UEAAJJJPEAKPEAPEAX@Z
?GetArrayPropInfoByHandle@CWbemObject@@UEAAJJJPEAPEAGPEAJPEAK@Z
?GetPropAddrByHandle@CWbemObject@@UEAAJJJPEAKPEAPEAX@Z
?SetPropByHandle@CWbemObject@@UEAAJJJKPEAX@Z
?GetPropertyHandleEx@CWbemObject@@UEAAJPEBGJPEAJ1@Z
?Unlock@CWbemObject@@UEAAJJ@Z
?Lock@CWbemObject@@UEAAJJ@Z
?GetPropertyInfoByHandle@CWbemObject@@UEAAJJPEAPEAGPEAJ@Z
?WriteQWORD@CWbemObject@@UEAAJJ_K@Z
?ReadQWORD@CWbemObject@@UEAAJJPEA_K@Z
?WriteDWORD@CWbemObject@@UEAAJJK@Z
?ReadDWORD@CWbemObject@@UEAAJJPEAK@Z
?ReadPropertyValue@CWbemObject@@UEAAJJJPEAJPEAE@Z
?WritePropertyValue@CWbemObject@@UEAAJJJPEBE@Z
?GetPropertyHandle@CWbemObject@@UEAAJPEBGPEAJ1@Z
?SetServerNamespace@CWbemObject@@UEAAJPEBG0@Z
?GetSource@CWbemObject@@UEAAJPEAPEAG@Z
?GetHelpFile@CWbemObject@@UEAAJPEAPEAG@Z
?GetHelpContext@CWbemObject@@UEAAJPEAK@Z
?GetGUID@CWbemObject@@UEAAJPEAU_GUID@@@Z
?GetDescription@CWbemObject@@UEAAJPEAPEAG@Z
?DisconnectObject@CWbemObject@@UEAAJK@Z
?ReleaseMarshalData@CWbemObject@@UEAAJPEAUIStream@@@Z
?UnmarshalInterface@CWbemObject@@UEAAJPEAUIStream@@AEBU_GUID@@PEAPEAX@Z
?MarshalInterface@CWbemObject@@UEAAJPEAUIStream@@AEBU_GUID@@PEAXK2K@Z
?GetMarshalSizeMax@CWbemObject@@UEAAJAEBU_GUID@@PEAXK1KPEAK@Z
?GetUnmarshalClass@CWbemObject@@UEAAJAEBU_GUID@@PEAXK1KPEAU2@@Z
?GetPropertyValue@CWbemObject@@UEAAJPEAU_tag_WbemPropertyName@@JPEAPEAGPEAUtagVARIANT@@@Z
?InheritsFrom@CWbemObject@@UEAAJPEBG@Z
?GetPropertyOrigin@CWbemObject@@UEAAJPEBGPEAPEAG@Z
?CompareTo@CWbemObject@@UEAAJJPEAUIWbemClassObject@@@Z
?EndEnumeration@CWbemObject@@UEAAJXZ
?Next@CWbemObject@@UEAAJJPEAPEAGPEAUtagVARIANT@@PEAJ2@Z
?BeginEnumeration@CWbemObject@@UEAAJJ@Z
?GetNames@CWbemObject@@UEAAJPEBGJPEAUtagVARIANT@@PEAPEAUtagSAFEARRAY@@@Z
?Get@CWbemObject@@UEAAJPEBGJPEAUtagVARIANT@@PEAJ2@Z
?Release@CWbemObject@@UEAAKXZ
?AddRef@CWbemObject@@UEAAKXZ
?QueryInterface@CWbemObject@@UEAAJAEBU_GUID@@PEAPEAX@Z
?GetKeyOrigin@CWbemObject@@UEAAJJKPEAKPEAG@Z
?GetDerivation@CWbemObject@@UEAAJJKPEAK0PEAG@Z
?FindMethod@CWbemObject@@UEAAJPEBG@Z
?Unmerge@CWbemObject@@UEAAJJKPEAKPEAX@Z
?GetMaxMarshalStreamSize@CWbemObject@@UEAAJPEAK@Z
?WriteToStream@CWbemObject@@UEAAJPEAUIStream@@@Z
?MergeAndDecorate@CWbemClass@@UEAAJJKPEAXPEAG1PEAPEAU_IWmiObject@@@Z
?CloneAndDecorate@CWbemClass@@UEAAJJPEAG0PEAPEAUIWbemClassObject@@@Z
?GetParentClassFromBlob@CWbemClass@@UEAAJJKPEAXPEAPEAG@Z
?SpawnKeyedInstance@CWbemClass@@UEAAJJPEBGPEAPEAU_IWmiObject@@@Z
?Upgrade@CWbemClass@@UEAAJPEAU_IWmiObject@@JPEAPEAU2@@Z
?MakeSubsetInst@CWbemClass@@UEAAJPEAU_IWmiObject@@PEAPEAU2@@Z
?GetClassSubset@CWbemClass@@UEAAJKPEAPEBGPEAPEAU_IWmiObject@@@Z
?CompareDerivedMostClass@CWbemClass@@UEAAJJPEAU_IWmiObject@@@Z
?IsParentClass@CWbemClass@@UEAAJJPEAU_IWmiObject@@@Z
?CopyInstanceData@CWbemClass@@UEAAJJPEAU_IWmiObject@@@Z
?CloneEx@CWbemClass@@UEAAJJPEAU_IWmiObject@@@Z
?SetMethodOrigin@CWbemClass@@UEAAJPEBGJ@Z
?SetPropertyOrigin@CWbemClass@@UEAAJPEBGJ@Z
?SetInheritanceChain@CWbemClass@@UEAAJJPEAPEAG@Z
?GetMethodOrigin@CWbemClass@@UEAAJPEBGPEAPEAG@Z
?GetMethodQualifierSet@CWbemClass@@UEAAJPEBGPEAPEAUIWbemQualifierSet@@@Z
?EndMethodEnumeration@CWbemClass@@UEAAJXZ
?NextMethod@CWbemClass@@UEAAJJPEAPEAGPEAPEAUIWbemClassObject@@1@Z
?BeginMethodEnumeration@CWbemClass@@UEAAJJ@Z
?DeleteMethod@CWbemClass@@UEAAJPEBG@Z
?PutMethod@CWbemClass@@UEAAJPEBGJPEAUIWbemClassObject@@1@Z
?GetMethod@CWbemClass@@UEAAJPEBGJPEAPEAUIWbemClassObject@@1@Z
?CompareTo@CWbemClass@@UEAAJJPEAUIWbemClassObject@@@Z
?SpawnInstance@CWbemClass@@UEAAJJPEAPEAUIWbemClassObject@@@Z
?SpawnDerivedClass@CWbemClass@@UEAAJJPEAPEAUIWbemClassObject@@@Z
?GetObjectText@CWbemClass@@UEAAJJPEAPEAG@Z
?Clone@CWbemClass@@UEAAJPEAPEAUIWbemClassObject@@@Z
?GetPropertyQualifierSet@CWbemClass@@UEAAJPEBGPEAPEAUIWbemQualifierSet@@@Z
?Delete@CWbemClass@@UEAAJPEBG@Z
?Put@CWbemClass@@UEAAJPEBGJPEAUtagVARIANT@@J@Z
?GetQualifierSet@CWbemClass@@UEAAJPEAPEAUIWbemQualifierSet@@@Z
?GetDynasty@CWbemClass@@UEAAJPEAVCVar@@@Z
?ReconcileWith@CWbemClass@@UEAAJJPEAU_IWmiObject@@@Z
?Update@CWbemClass@@UEAAJPEAU_IWmiObject@@JPEAPEAU2@@Z
?Merge@CWbemClass@@UEAAJJKPEAXPEAPEAU_IWmiObject@@@Z
?Unmerge@CWbemClass@@UEAAJPEAEHPEAK@Z
?EstimateUnmergeSpace@CWbemClass@@UEAAKXZ
?CopyBlobOf@CWbemClass@@UEAAJPEAVCWbemObject@@@Z
?CompactAll@CWbemClass@@UEAAXXZ
?IsValidObj@CWbemClass@@UEAAJXZ
?GetRelPath@CWbemClass@@UEAAPEAGH@Z
?Undecorate@CWbemClass@@UEAAXXZ
?Decorate@CWbemClass@@UEAAJPEBG0@Z
?SetLocalized@CWbemClass@@UEAAXH@Z
?IsLocalized@CWbemClass@@UEAAHXZ
?SetPropQualifier@CWbemClass@@UEAAJPEBG0JPEAVCVar@@@Z
?SetPropQualifier@CWbemClass@@UEAAJPEBG0JPEAVCTypedValue@@@Z
?GetPropertyType@CWbemClass@@UEAAJPEBGPEAJ1@Z
?GetPropertyType@CWbemClass@@UEAAJPEAVCPropertyInformation@@PEAJ1@Z
?FindMethod@CWbemClass@@UEAAJPEBG@Z
?SetMethodQualifier@CWbemClass@@UEAAJPEBG0JPEAVCVar@@@Z
?SetMethodQualifier@CWbemClass@@UEAAJPEBG0JPEAVCTypedValue@@@Z
?GetMethodQualifier@CWbemClass@@UEAAJPEBG0PEAVCVar@@PEAJ2@Z
?GetMethodQualifier@CWbemClass@@UEAAJPEBG0PEAJPEAVCTypedValue@@PEAPEAVCFastHeap@@H@Z
?GetPropQualifier@CWbemClass@@UEAAJPEBG0PEAVCVar@@PEAJ2@Z
?GetPropQualifier@CWbemClass@@UEAAJPEAVCPropertyInformation@@PEBGPEAVCVar@@PEAJ3@Z
?GetPropQualifier@CWbemClass@@UEAAJPEBG0PEAJPEAVCTypedValue@@PEAPEAVCFastHeap@@H@Z
?GetPropQualifier@CWbemClass@@UEAAJPEAVCPropertyInformation@@PEBGPEAJPEAVCTypedValue@@PEAPEAVCFastHeap@@H@Z
?SetQualifier@CWbemClass@@UEAAJPEBGPEAVCVar@@J@Z
?SetQualifier@CWbemClass@@UEAAJPEBGJPEAVCTypedValue@@@Z
?GetQualifier@CWbemClass@@UEAAJPEBGPEAVCVar@@PEAJ2@Z
?GetQualifier@CWbemClass@@UEAAJPEBGPEAJPEAVCTypedValue@@PEAPEAVCFastHeap@@H@Z
?SetPropValue@CWbemClass@@UEAAJPEBGPEAVCVar@@J@Z
?GetProperty@CWbemClass@@UEAAJPEBGPEAVCVar@@@Z
?SetData@CWbemClass@@UEAAXPEAEH@Z
??1CWbemClass@@UEAA@XZ
?MergeAndDecorate@CWbemInstance@@UEAAJJKPEAXPEAG1PEAPEAU_IWmiObject@@@Z
?CloneAndDecorate@CWbemInstance@@UEAAJJPEAG0PEAPEAUIWbemClassObject@@@Z
?SpawnKeyedInstance@CWbemInstance@@UEAAJJPEBGPEAPEAU_IWmiObject@@@Z
?Update@CWbemInstance@@UEAAJPEAU_IWmiObject@@JPEAPEAU2@@Z
?Upgrade@CWbemInstance@@UEAAJPEAU_IWmiObject@@JPEAPEAU2@@Z
?ReconcileWith@CWbemInstance@@UEAAJJPEAU_IWmiObject@@@Z
?Merge@CWbemInstance@@UEAAJJKPEAXPEAPEAU_IWmiObject@@@Z
?MakeSubsetInst@CWbemInstance@@UEAAJPEAU_IWmiObject@@PEAPEAU2@@Z
?GetClassSubset@CWbemInstance@@UEAAJKPEAPEBGPEAPEAU_IWmiObject@@@Z
?CompareDerivedMostClass@CWbemInstance@@UEAAJJPEAU_IWmiObject@@@Z
?IsParentClass@CWbemInstance@@UEAAJJPEAU_IWmiObject@@@Z
?CopyInstanceData@CWbemInstance@@UEAAJJPEAU_IWmiObject@@@Z
?CloneEx@CWbemInstance@@UEAAJJPEAU_IWmiObject@@@Z
?ClearWriteOnlyProperties@CWbemInstance@@UEAAJXZ
?MergeClassPart@CWbemInstance@@UEAAJPEAUIWbemClassObject@@@Z
?SetClassPart@CWbemInstance@@UEAAJPEAXK@Z
?StripClassPart@CWbemInstance@@UEAAJXZ
?GetObjectParts@CWbemInstance@@UEAAJPEAXKKPEAK@Z
?SetObjectParts@CWbemInstance@@UEAAJPEAXKK@Z
?SpawnInstance@CWbemInstance@@UEAAJJPEAPEAUIWbemClassObject@@@Z
?SpawnDerivedClass@CWbemInstance@@UEAAJJPEAPEAUIWbemClassObject@@@Z
?GetObjectText@CWbemInstance@@UEAAJJPEAPEAG@Z
?Clone@CWbemInstance@@UEAAJPEAPEAUIWbemClassObject@@@Z
?GetPropertyQualifierSet@CWbemInstance@@UEAAJPEBGPEAPEAUIWbemQualifierSet@@@Z
?Delete@CWbemInstance@@UEAAJPEBG@Z
?Put@CWbemInstance@@UEAAJPEBGJPEAUtagVARIANT@@J@Z
?GetQualifierSet@CWbemInstance@@UEAAJPEAPEAUIWbemQualifierSet@@@Z
?ExtendInstancePartSpace@CWbemInstance@@UEAAHPEAVCInstancePart@@K@Z
?GetDynasty@CWbemInstance@@UEAAJPEAVCVar@@@Z
?Unmerge@CWbemInstance@@UEAAJPEAEHPEAK@Z
?CopyBlobOf@CWbemInstance@@UEAAJPEAVCWbemObject@@@Z
?IsValidObj@CWbemInstance@@UEAAJXZ
?GetRelPath@CWbemInstance@@UEAAPEAGH@Z
?Undecorate@CWbemInstance@@UEAAXXZ
?Decorate@CWbemInstance@@UEAAJPEBG0@Z
?SetLocalized@CWbemInstance@@UEAAXH@Z
?IsLocalized@CWbemInstance@@UEAAHXZ
?SetMethodQualifier@CWbemInstance@@UEAAJPEBG0JPEAVCVar@@@Z
?SetMethodQualifier@CWbemInstance@@UEAAJPEBG0JPEAVCTypedValue@@@Z
?GetMethodQualifier@CWbemInstance@@UEAAJPEBG0PEAVCVar@@PEAJ2@Z
?GetMethodQualifier@CWbemInstance@@UEAAJPEBG0PEAJPEAVCTypedValue@@PEAPEAVCFastHeap@@H@Z
?SetPropQualifier@CWbemInstance@@UEAAJPEBG0JPEAVCVar@@@Z
?SetPropQualifier@CWbemInstance@@UEAAJPEBG0JPEAVCTypedValue@@@Z
?GetPropQualifier@CWbemInstance@@UEAAJPEAVCPropertyInformation@@PEBGPEAVCVar@@PEAJ3@Z
?GetPropQualifier@CWbemInstance@@UEAAJPEAVCPropertyInformation@@PEBGPEAJPEAVCTypedValue@@PEAPEAVCFastHeap@@H@Z
?SetPropValue@CWbemInstance@@UEAAJPEBGPEAVCVar@@J@Z
?GetPropertyType@CWbemInstance@@UEAAJPEBGPEAJ1@Z
?GetPropertyType@CWbemInstance@@UEAAJPEAVCPropertyInformation@@PEAJ1@Z
?GetClassPart@CWbemInstance@@UEAAJPEAXKPEAK@Z
?GetMaxMarshalStreamSize@CWbemInstance@@UEAAJPEAK@Z
?WriteToStream@CWbemInstance@@UEAAJPEAUIStream@@@Z
?SetData@CWbemInstance@@UEAAXPEAEH@Z
??1CWbemInstance@@UEAA@XZ
??0CWbemInstance@@QEAA@XZ
?SetMethodOrigin@CWbemInstance@@UEAAJPEBGJ@Z
?SetPropertyOrigin@CWbemInstance@@UEAAJPEBGJ@Z
?SetInheritanceChain@CWbemInstance@@UEAAJJPEAPEAG@Z
?GetMethodOrigin@CWbemInstance@@UEAAJPEBGPEAPEAG@Z
?GetMethodQualifierSet@CWbemInstance@@UEAAJPEBGPEAPEAUIWbemQualifierSet@@@Z
?EndMethodEnumeration@CWbemInstance@@UEAAJXZ
?NextMethod@CWbemInstance@@UEAAJJPEAPEAGPEAPEAUIWbemClassObject@@1@Z
?BeginMethodEnumeration@CWbemInstance@@UEAAJJ@Z
?DeleteMethod@CWbemInstance@@UEAAJPEBG@Z
?PutMethod@CWbemInstance@@UEAAJPEBGJPEAUIWbemClassObject@@1@Z
?GetMethod@CWbemInstance@@UEAAJPEBGJPEAPEAUIWbemClassObject@@1@Z
?ClearCachedKeyValue@CWbemInstance@@UEAAXXZ
?GetInstanceObjectUnknown@CWbemInstance@@UEAAPEAUIUnknown@@XZ
?GetWbemObjectUnknown@CWbemInstance@@UEAAPEAUIUnknown@@XZ
?ReduceInstancePartSpace@CWbemInstance@@UEAAXPEAVCInstancePart@@K@Z
?ReduceClassPartSpace@CWbemInstance@@UEAAXPEAVCClassPart@@K@Z
?ExtendClassPartSpace@CWbemInstance@@UEAAHPEAVCClassPart@@K@Z
?GetKeyOrigin@CWbemInstance@@UEAAJAEAVWString@@@Z
?GetKeyProps@CWbemInstance@@UEAAHAEAVCWStringArray@@@Z
?GetIndexedProps@CWbemInstance@@UEAAHAEAVCWStringArray@@@Z
?GetGenus@CWbemInstance@@UEAAJPEAVCVar@@@Z
?GetPropertyCount@CWbemInstance@@UEAAJPEAVCVar@@@Z
?GetSuperclassName@CWbemInstance@@UEAAJPEAVCVar@@@Z
?GetClassNameW@CWbemInstance@@UEAAJPEAVCVar@@@Z
?EstimateUnmergeSpace@CWbemInstance@@UEAAKXZ
?CompactAll@CWbemInstance@@UEAAXXZ
?IsKeyed@CWbemInstance@@UEAAHXZ
?GetPropName@CWbemInstance@@UEAAJHPEAVCVar@@@Z
?GetNumProperties@CWbemInstance@@UEAAHXZ
?GetPropQualifier@CWbemInstance@@UEAAJPEBG0PEAJPEAVCTypedValue@@PEAPEAVCFastHeap@@H@Z
?GetPropQualifier@CWbemInstance@@UEAAJPEBG0PEAVCVar@@PEAJ2@Z
?SetQualifier@CWbemInstance@@UEAAJPEBGJPEAVCTypedValue@@@Z
?SetQualifier@CWbemInstance@@UEAAJPEBGPEAVCVar@@J@Z
?GetQualifier@CWbemInstance@@UEAAJPEBGPEAJPEAVCTypedValue@@PEAPEAVCFastHeap@@H@Z
?GetQualifier@CWbemInstance@@UEAAJPEBGPEAVCVar@@PEAJ2@Z
?GetProperty@CWbemInstance@@UEAAJPEBGPEAVCVar@@@Z
?GetClassPart@CWbemInstance@@MEAAPEAVCClassPart@@XZ
?GetProperty@CWbemInstance@@MEAAJPEAVCPropertyInformation@@PEAVCVar@@@Z
?GetBlockLength@CWbemInstance@@MEAAKXZ
?ClearWriteOnlyProperties@CWbemClass@@UEAAJXZ
?MergeClassPart@CWbemClass@@UEAAJPEAUIWbemClassObject@@@Z
?SetClassPart@CWbemClass@@UEAAJPEAXK@Z
?GetClassPart@CWbemClass@@UEAAJPEAXKPEAK@Z
?StripClassPart@CWbemClass@@UEAAJXZ
?GetObjectParts@CWbemClass@@UEAAJPEAXKKPEAK@Z
?SetObjectParts@CWbemClass@@UEAAJPEAXKK@Z
?GetKeyOrigin@CWbemClass@@UEAAJAEAVWString@@@Z
?GetKeyProps@CWbemClass@@UEAAHAEAVCWStringArray@@@Z
?GetIndexedProps@CWbemClass@@UEAAHAEAVCWStringArray@@@Z
?GetGenus@CWbemClass@@UEAAJPEAVCVar@@@Z
?GetPropertyCount@CWbemClass@@UEAAJPEAVCVar@@@Z
?InitNew@CWbemInstance@@QEAAJPEAVCWbemClass@@HPEAVCDecorationPart@@@Z
?CreateDerivedClass@CWbemClass@@QEAAJPEAV1@HPEAVCDecorationPart@@@Z
WbemStringCopy
?GetVARTYPE@CType@@SAGK@Z
?CompactClass@CWbemInstance@@QEAAXXZ
?GetLimitedVersion@CWbemInstance@@QEAAJPEAVCLimitationMapping@@PEAPEAV1@@Z
?DeleteProperty@CWbemInstance@@QEAAJH@Z
WbemStringFree
?AsymmetricMerge@CWbemInstance@@SAJPEAV1@0@Z
?GetSystemPropertyByName@CWbemObject@@QEAAJPEBGPEAVCVar@@@Z
?IsLimited@CWbemObject@@QEAAHXZ
?IsClientOnly@CWbemObject@@QEAAHXZ
?GetNonsystemPropertyValue@CWbemInstance@@QEAAJPEBGPEAVCVar@@@Z
?PlugKeyHoles@CWbemInstance@@QEAAJXZ
?IsInstanceOf@CWbemInstance@@QEAAHPEAVCWbemClass@@@Z
?ConvertToClass@CWbemInstance@@QEAAJPEAVCWbemClass@@PEAPEAV1@@Z
?InitEmpty@CWbemClass@@QEAAJHH@Z
?GetDerivation@CWbemObject@@QEAAJPEAVCVar@@@Z
?GetObjectMemory@CWbemObject@@UEAAJPEAXKPEAK@Z
?IsIllegalDerivedClass@CSystemProperties@@SAHPEBG@Z
??0CLimitationMapping@@QEAA@XZ
??1CLimitationMapping@@QEAA@XZ
?MapLimitation@CWbemClass@@QEAAHJPEAVCWStringArray@@PEAVCLimitationMapping@@@Z
?FindLimitationError@CWbemClass@@QEAA?AVWString@@JPEAVCWStringArray@@@Z
?GetLimitedVersion@CWbemClass@@QEAAJPEAVCLimitationMapping@@PEAPEAV1@@Z
?IsInstance@CWbemObject@@QEAAHXZ
?IsObjectInstance@CWbemObject@@UEAAJXZ
??0CWbemClass@@QEAA@XZ
?GetProperty@CWbemClass@@MEAAJPEAVCPropertyInformation@@PEAVCVar@@@Z
?GetBlockLength@CWbemClass@@MEAAKXZ
?GetClassPart@CWbemClass@@MEAAPEAVCClassPart@@XZ
?GetNumProperties@CWbemClass@@UEAAHXZ
?GetPropName@CWbemClass@@UEAAJHPEAVCVar@@@Z
?IsKeyed@CWbemClass@@UEAAHXZ
?GetClassNameW@CWbemClass@@UEAAJPEAVCVar@@@Z
?GetSuperclassName@CWbemClass@@UEAAJPEAVCVar@@@Z

esscli

??1CStandardMetaData@@UEAA@XZ
??0CStandardMetaData@@QEAA@PEAUIWbemServices@@@Z
?GetNecessaryQueryForClass@CQueryAnalyser@@SAJPEAUQL_LEVEL_1_RPN_EXPRESSION@@PEAUIWbemClassObject@@AEAVCWStringArray@@AEAPEAU2@@Z
??1CContextMetaData@@QEAA@XZ
??0CContextMetaData@@QEAA@PEAVCMetaData@@PEAUIWbemContext@@@Z
?SimplifyQueryForChild@CQueryAnalyser@@SAJPEAUQL_LEVEL_1_RPN_EXPRESSION@@PEBGPEAUIWbemClassObject@@PEAVCContextMetaData@@AEAPEAU2@@Z

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
Reinitialize
Shutdown

Sections

.text
Size: 971KB - Virtual size: 970KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 875KB - Virtual size: 875KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/libr/tehnical/wbemess.dll
.dll regsvr32 windows x64

a3991ce7a466ed742d17cdb3fd06e0de

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_amsg_exit
_XcptFilter
free
_onexit
_unlock
_lock
memmove
memcpy
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
__C_specific_handler
swscanf
wcschr
wcsstr
_vsnwprintf
qsort
rand
__dllonexit
_initterm
malloc
wcsncmp
_purecall
__CxxFrameHandler3
sscanf_s
atol
_vsnprintf
iswspace
memcmp

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetComputerNameExW
GetSystemTimeAsFileTime
GetSystemInfo

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
SwitchToThread
TerminateProcess
CreateThread
OpenThreadToken
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetCurrentThread
TlsGetValue
TlsFree
GetCurrentProcess

api-ms-win-core-localization-l1-2-0

LCMapStringW

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ResetEvent
CreateEventW
SetEvent
InitializeCriticalSectionEx
WaitForSingleObject

api-ms-win-core-com-l1-1-0

CoWaitForMultipleHandles
CoInitializeEx
StringFromGUID2
CoGetClassObject
CoRevertToSelf
CoImpersonateClient
CoCreateInstance
CLSIDFromString
CoDisconnectObject
CoGetCallContext
CoSwitchCallContext

api-ms-win-security-base-l1-1-0

FreeSid
AllocateAndInitializeSid
GetSecurityDescriptorLength
IsValidSid
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
EqualSid
GetSecurityDescriptorSacl
SetSecurityDescriptorDacl
RevertToSelf
GetSecurityDescriptorDacl
AccessCheck
InitializeSecurityDescriptor
CopySid
GetLengthSid
GetTokenInformation
IsValidSecurityDescriptor
SetSecurityDescriptorSacl
ImpersonateSelf

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetLastError
SetUnhandledExceptionFilter

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueTimer
CreateTimerQueueTimer

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegDeleteKeyExW
RegEnumKeyExW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-debug-l1-1-0

DebugBreak

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
GetModuleFileNameW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

ntdll

EtwGetTraceEnableFlags
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
EtwGetTraceEnableLevel
EtwTraceMessage
EtwGetTraceLoggerHandle

esscli

?CompareRequestedToProvided@CQueryAnalyser@@SAHAEAVCClassInfoArray@@0@Z
?Free@CTempMemoryManager@@QEAAXPEAX_K@Z
?DecorateObject@CTimeKeeper@@QEAA_NPEAU_IWmiObject@@@Z
??1CTimeKeeper@@QEAA@XZ
??0CClassInformation@@QEAA@XZ
??0CTimeKeeper@@QEAA@XZ
??1CClassInformation@@QEAA@XZ
?Allocate@CTempMemoryManager@@QEAAPEAX_K@Z
?GetDefiniteInstanceClasses@CQueryAnalyser@@SAJPEAUQL_LEVEL_1_RPN_EXPRESSION@@AEAPEAVCClassInfoArray@@@Z
?IsLimited@CClassInfoArray@@QEAAHXZ
?GetNumClasses@CClassInfoArray@@QEAAHXZ
?GetClass@CClassInfoArray@@QEAAPEAUCClassInformation@@H@Z
??0CTempMemoryManager@@QEAA@XZ
??1CTempMemoryManager@@QEAA@XZ
?GetClass@CContextMetaData@@QEAAJPEBGPEAPEAU_IWmiObject@@@Z
??0CContextMetaData@@QEAA@PEAVCMetaData@@PEAUIWbemContext@@@Z
??1CContextMetaData@@QEAA@XZ
??0CEvalTree@@QEAA@XZ
?CreateFromQuery@CEvalTree@@QEAAJPEAVCContextMetaData@@PEAUQL_LEVEL_1_RPN_EXPRESSION@@JJ@Z
??1CEvalTree@@QEAA@XZ
?Evaluate@CEvalTree@@QEAAJPEAUIWbemObjectAccess@@AEAVCSortedArray@@@Z
?QueryInterface@CMetaData@@UEAAJAEBU_GUID@@PEAPEAX@Z
?AddRef@CMetaData@@UEAAKXZ
?Release@CMetaData@@UEAAKXZ
?GetClass@CMetaData@@UEAAJPEBGPEAUIWbemContext@@PEAPEAUIWbemClassObject@@@Z
??1CSortedArray@@QEAA@XZ
?Size@CSortedArray@@QEBAHXZ
??0CSortedArray@@QEAA@HH@Z
??1CMetaData@@UEAA@XZ
??0CMetaData@@QEAA@XZ
?GetPossibleInstanceClasses@CQueryAnalyser@@SAJPEAUQL_LEVEL_1_RPN_EXPRESSION@@AEAPEAVCClassInfoArray@@@Z
??0CClassInfoArray@@QEAA@XZ
??1CClassInfoArray@@QEAA@XZ
IsUserAdministrator
?GetLimitingQueryForInstanceClass@CQueryAnalyser@@SAJPEAUQL_LEVEL_1_RPN_EXPRESSION@@AEAUCClassInformation@@AEAPEAG@Z
?AddClass@CClassInfoArray@@QEAA_NPEAUCClassInformation@@@Z
?Clear@CClassInfoArray@@QEAAXXZ
?SetLimited@CClassInfoArray@@QEAAXH@Z

fastprox

?IsEmpty@CInternalString@@QEAA_NXZ
?ComputeNecessarySpace@CCompressedString@@SAHPEBG@Z
??0CWbemClassCache@@QEAA@K@Z
??1CWbemClassCache@@QEAA@XZ
??0CWbemMtgtDeliverEventPacket@@QEAA@PEAEK_N@Z
??1CWbemMtgtDeliverEventPacket@@QEAA@XZ
?UnmarshalPacket@CWbemMtgtDeliverEventPacket@@QEAAJAEAJAEAPEAPEAUIWbemClassObject@@AEAVCWbemClassCache@@@Z
?CreateWStringCopy@CCompressedString@@QEBA?AVWString@@XZ
?CreateBSTRCopy@CCompressedString@@QEBAPEAGXZ
?GetLength@CCompressedString@@QEBAHXZ
?CompareNoCase@CCompressedString@@QEBAHPEBD@Z
??4CInternalString@@QEAAHPEAVCCompressedString@@@Z
??0CInternalString@@QEAA@XZ
??1CInternalString@@QEAA@XZ
?SetFromUnicode@CCompressedString@@QEAAXPEBG@Z
?CreateLPWSTRCopy@CInternalString@@QEBAPEAGXZ

ncobjapi

WmiSetAndCommitObject
WmiIsObjectActive
WmiEventSourceConnect
WmiCreateObjectWithFormat
WmiDestroyObject
WmiEventSourceDisconnect

wbemcomn

??1CFlexQueue@@QEAA@XZ
?Enqueue@CFlexQueue@@QEAA_NPEAX@Z
??0CUnk@@QEAA@PEAVCLifeControl@@PEAUIUnknown@@@Z
??0CFlexArray@@QEAA@HH@Z
??0CBuffer@@QEAA@PEAEKH@Z
?Initialize@CUnk@@UEAAHXZ
IsNT
?CreateInst@CWbemCallSecurity@@SAPEAVIWbemCallSecurity@@XZ
?Requeue@CFlexQueue@@QEAA_NPEAX@Z
?Dequeue@CFlexQueue@@QEAAPEAXXZ
?GetQueueSize@CFlexQueue@@QEBAHXZ
?GetArrayPtr@CFlexArray@@QEAAPEAPEAXXZ
?Leave@CCritSec@@QEAAXXZ
?Enter@CCritSec@@QEAAXXZ
_ThrowMemoryException_
??0WString@@QEAA@PEAGH@Z
??0WString@@QEAA@PEBG@Z
??BWString@@QEBAPEBGXZ
??1WString@@QEAA@XZ
??0WString@@QEAA@AEBV0@@Z
?SetAt@CSmallArrayBlob@@QEAAPEAV1@HPEAXPEAPEAX@Z
?RemoveAt@CSmallArrayBlob@@QEAAPEAV1@HPEAPEAX@Z
?InsertAt@CSmallArrayBlob@@QEAAPEAV1@HPEAX@Z
?CreateBlob@CSmallArrayBlob@@SAPEAV1@H@Z
?CloneData@CSmallArrayBlob@@QEAAPEAPEAXXZ
??0WString@@QEAA@XZ
??0CBasicUnloadInstruction@@QEAA@VCWbemInterval@@@Z
?staticRead@CBasicUnloadInstruction@@SA?AVCWbemInterval@@PEAUIWbemServices@@PEAUIWbemContext@@PEBG@Z
?Terminate@CBasicUnloadInstruction@@QEAAXXZ
?Set@CTimerGenerator@@QEAAJPEAVCTimerInstruction@@VCWbemTime@@@Z
?ScheduleFreeUnusedLibraries@CTimerGenerator@@QEAAXXZ
?GetNextFiringTime@CBasicUnloadInstruction@@UEBA?AVCWbemTime@@V2@PEAJ@Z
?GetFirstFiringTime@CBasicUnloadInstruction@@UEBA?AVCWbemTime@@XZ
?GetInstructionType@CBasicUnloadInstruction@@UEAAHXZ
?Release@CBasicUnloadInstruction@@UEAAXXZ
?AddRef@CBasicUnloadInstruction@@UEAAXXZ
??1CBasicUnloadInstruction@@UEAA@XZ
?MarkForRemoval@CTimerInstruction@@UEAAJXZ
?GetZero@CWbemTime@@SA?AV1@XZ
??0CWbemInterval@@QEAA@XZ
??BWString@@QEAAPEAGXZ
?GetStringPointerByRef@WString@@QEBAAEBQEBGXZ
?Size@CSmallArrayBlob@@QEBAHXZ
?GetAt@CSmallArrayBlob@@QEBAPEAXH@Z
??0CWStringArray@@QEAA@HH@Z
??1CWStringArray@@QEAA@XZ
??1QL_LEVEL_1_RPN_EXPRESSION@@QEAA@XZ
?GetText@QL_LEVEL_1_RPN_EXPRESSION@@QEAAPEAGXZ
?Add@CWStringArray@@QEAAHPEBG@Z
?GetNumElements@CPropertyName@@QEBAJXZ
?GetArrayPtr@CWStringArray@@QEAAPEAPEBGXZ
?Size@CWStringArray@@QEBAHXZ
?SetVariant@CVar@@QEAAHPEAUtagVARIANT@@H@Z
??4CPropertyName@@QEAAXAEBV0@@Z
?GetTickCount@CWbemTime@@SA?AV1@XZ
?GetStringAt@CPropertyName@@QEBAPEBGJ@Z
??0QL_LEVEL_1_RPN_EXPRESSION@@QEAA@XZ
?SetClassName@QL_LEVEL_1_RPN_EXPRESSION@@UEAAXPEBG@Z
?AddToken@QL_LEVEL_1_RPN_EXPRESSION@@QEAAXAEBUQL_LEVEL_1_TOKEN@@@Z
??0CVarVector@@QEAA@XZ
??1CVarVector@@QEAA@XZ
?Add@CVarVector@@QEAAHPEAVCVar@@@Z
??1CVar@@QEAA@XZ
?Remove@CTimerGenerator@@QEAAJPEAVCInstructionTest@@@Z
?CompareTo@CVarVector@@QEAAHAEAV1@H@Z
??HCWbemTime@@QEBA?AV0@AEBVCWbemInterval@@@Z
?RemoveAt@CFlexArray@@QEAAHH@Z
??1CPropertyName@@QEAA@XZ
??0CPropertyName@@QEAA@XZ
??0CInstructionTest@@QEAA@XZ
??1CTimerInstruction@@UEAA@XZ
??0CTimerInstruction@@QEAA@XZ
?GetInfinity@CWbemTime@@SA?AV1@XZ
?SetMilliseconds@CWbemInterval@@QEAAXK@Z
??0CVar@@QEAA@XZ
?MakeInternalCopyOfThread@CWbemCallSecurity@@SAPEAV1@XZ
??MCWbemTime@@QEBAHAEBV0@@Z
??0CWbemTime@@QEAA@AEBV0@@Z
??DCWbemInterval@@QEBA?AV0@N@Z
?GetMilliseconds@CWbemInterval@@QEBAKXZ
?Empty@CWStringArray@@QEAAXXZ
??0QL1_Parser@@QEAA@PEAVCGenLexSource@@@Z
??1QL1_Parser@@UEAA@XZ
?Parse@QL1_Parser@@QEAAHPEAPEAUQL_LEVEL_1_RPN_EXPRESSION@@@Z
??0CEventLog@@QEAA@PEBGAEBU_GUID@@K@Z
??1CEventLog@@QEAA@XZ
?Open@CEventLog@@QEAAHXZ
?Report@CEventLog@@QEAAHGAEBU_EVENT_DESCRIPTOR@@VCInsertionString@@111111111@Z
?PublishEssStarted@CPublishWMIOperationEvent@@SAJPEAG00K0K0@Z
??1CInsertionString@@QEAA@XZ
??0CInsertionString@@QEAA@PEBG@Z
??0CInsertionString@@QEAA@XZ
??GCWbemTime@@QEBA?AVCWbemInterval@@AEBV0@@Z
??4CWbemTime@@QEAAXAEBV0@@Z
??OCWbemInterval@@QEAAHV0@@Z
??ACWStringArray@@QEBAPEAGH@Z
??4WString@@QEAAAEAV0@PEBG@Z
?GetCallerIdentity@CWbemCallSecurity@@QEAAPEBGXZ
??YWString@@QEAAAEAV0@AEBV0@@Z
??YWString@@QEAAAEAV0@PEBG@Z
?PublishESSDrop@CPublishWMIOperationEvent@@SAJPEAG0@Z
?CalcSitOutPenalty@CExecQueue@@MEAAKJ@Z
??1CExecQueue@@QEAA@XZ
??0CExecRequest@@QEAA@XZ
??1CExecRequest@@UEAA@XZ
??0CExecQueue@@QEAA@XZ
?SetThreadLimits@CExecQueue@@QEAAXJJJ@Z
?InitializeThread@CExecQueue@@MEAAJXZ
?UninitializeThread@CExecQueue@@MEAAXXZ
?ThreadMain@CExecQueue@@MEAAXPEAVCThreadRecord@1@@Z
??0CCritSec@@QEAA@XZ
?LogError@CExecQueue@@MEAAXPEAVCExecRequest@@H@Z
?CreateNewThread@CExecQueue@@MEAAHXZ
?ShutdownThread@CExecQueue@@MEAAXPEAVCThreadRecord@1@@Z
?IsSuitableThread@CExecQueue@@MEAAHPEAVCThreadRecord@1@PEAVCExecRequest@@@Z
?DoesNeedNewThread@CExecQueue@@MEAAHPEAVCExecRequest@@@Z
?IsIdleTooLong@CExecQueue@@MEAAHPEAVCThreadRecord@1@K@Z
?GetIdleTimeout@CExecQueue@@MEAAKPEAVCThreadRecord@1@@Z
?IsAppropriateThread@CExecQueue@@MEAAHXZ
?WaitForSingleObjectWhileBusy@CExecQueue@@MEAAKPEAXKPEAVCThreadRecord@1@@Z
?UnblockedWaitForSingleObject@CExecQueue@@MEAAKPEAXKPEAVCThreadRecord@1@@Z
?Execute@CExecQueue@@MEAAHPEAVCThreadRecord@1@@Z
?SearchForSuitableRequest@CExecQueue@@MEAAPEAVCExecRequest@@PEAVCThreadRecord@1@@Z
?SitOutPenalty@CExecQueue@@MEAAXJ@Z
?DumpError@CExecRequest@@UEAAXXZ
?GetType@CExecQueue@@UEAAPEBGXZ
?AdjustPriorityForPassing@CExecQueue@@MEAAXPEAVCExecRequest@@@Z
?AdjustInitialPriority@CExecQueue@@MEAAXPEAVCExecRequest@@@Z
?IsSTA@CExecQueue@@MEAAHXZ
?PublishEssToConsumer@CPublishWMIOperationEvent@@SAJPEAG0@Z
??YWString@@QEAAAEAV0@G@Z
??4WString@@QEAAAEAV0@AEBV0@@Z
?UnbindPtr@WString@@QEAAPEAGXZ
?BindPtr@WString@@QEAAXPEAG@Z
WbemSetDynamicCloaking
?EscapeQuotes@WString@@QEBA?AV1@XZ
??0CWbemTime@@QEAA@XZ
?Length@WString@@QEBAHXZ
??0CStaticCritSec@@QEAA@XZ
??1CStaticCritSec@@QEAA@XZ
?SetDMTF@CWbemTime@@QEAAHPEBG@Z
??0CTimerGenerator@@QEAA@XZ
??1CTimerGenerator@@UEAA@XZ
?Shutdown@CTimerGenerator@@UEAAJXZ
?Dequeue@CInstructionQueue@@QEAAJAEAPEAVCTimerInstruction@@AEAVCWbemTime@@@Z
?NotifyStoppingThread@CTimerGenerator@@MEAAXXZ
?NotifyStartingThread@CTimerGenerator@@MEAAXXZ
?IsZero@CWbemTime@@QEBAHXZ
?Set100nss@CWbemTime@@QEAAX_J@Z
?Get100nss@CWbemTime@@QEBA_JXZ
?IsZero@CWbemInterval@@QEBAHXZ
?SetFailure@CStaticCritSec@@SAXXZ
?Enter@CWbemCriticalSection@@QEAAHK@Z
?Leave@CWbemCriticalSection@@QEAAXXZ
??4CNtSid@@QEAAAEAV0@AEBV0@@Z
??0CNtSid@@QEAA@PEAX@Z
??1CNtSid@@QEAA@XZ
??0CWbemCriticalSection@@QEAA@XZ
??1CWbemCriticalSection@@QEAA@XZ
LoggingLevelEnabled
RetrieveSidFromCall
?GetTextSid@CNtSid@@QEAAJPEAPEAG@Z
?GetSize@CNtSid@@QEAAKXZ
?IsUserInGroup@CNtSecurity@@SAHPEAXAEAVCNtSid@@PEAH@Z
?IsEventEnabled@CPublishWMIOperationEvent@@SAJAEBU_EVENT_DESCRIPTOR@@@Z
??0WString2@@QEAA@PEBG@Z
??1WString2@@QEAA@XZ
??YWString2@@QEAAAEAV0@PEBG@Z
?PublishEssToConsumerBinding@CPublishWMIOperationEvent@@SAJPEAG000@Z
??0CInsertionString@@QEAA@VCHex@@@Z
??0WString2@@QEAA@XZ
??4WString2@@QEAAAEAV0@PEBG@Z
??0CHex@@QEAA@J@Z
?IsValid@CNtSid@@QEAAHXZ
?GetPtr@CNtSid@@QEAAPEAXXZ
??0CNtSid@@QEAA@XZ
??BWString2@@QEAAPEAGXZ
??1CNtAce@@UEAA@XZ
?Reread@CRegistryMinMaxLimitControl@@QEAAJXZ
?SetPersistentCfgValue@CPersistentConfig@@QEAAHKK@Z
?Close@CEventLog@@QEAAHXZ
?Shutdown@CExecQueue@@QEAAXXZ
??0Registry@@QEAA@PEBGK@Z
??1Registry@@QEAA@XZ
?SetBinary@Registry@@QEAAHPEBGPEAEK@Z
??0CNtSecurityDescriptor@@QEAA@XZ
??1CNtSecurityDescriptor@@QEAA@XZ
??0CNtAce@@QEAA@KKKAEAVCNtSid@@@Z
??0CNtAcl@@QEAA@K@Z
??1CNtAcl@@QEAA@XZ
?AddAce@CNtAcl@@QEAAHPEAVCNtAce@@@Z
?SetDacl@CNtSecurityDescriptor@@QEAAHPEAVCNtAcl@@@Z
??1CRegistryMinMaxLimitControl@@UEAA@XZ
??0CRegistryMinMaxLimitControl@@QEAA@HPEBG0000@Z
?SetSleepAtMax@CMinMaxLimitControl@@QEAAXK@Z
?SetMax@CMinMaxLimitControl@@QEAAXK@Z
?SetMin@CMinMaxLimitControl@@QEAAXK@Z
?GetPtr@CNtSecurityDescriptor@@QEAAPEAXXZ
?GetUnknown@CUnk@@QEAAPEAUIUnknown@@XZ
?InternalAddRef@CUnkInternal@@QEAAKXZ
?Release@CUnkInternal@@UEAAKXZ
?AddRef@CUnkInternal@@UEAAKXZ
?QueryInterface@CUnkInternal@@UEAAJAEBU_GUID@@PEAPEAX@Z
?GetUnknown@CUnkInternal@@QEAAPEAUIUnknown@@XZ
??1CUnkInternal@@UEAA@XZ
??0CUnkInternal@@QEAA@PEAVCLifeControl@@@Z
?GetInnerUnknown@CUnk@@QEAAPEAUIUnknown@@XZ
?anyFailure@CStaticCritSec@@SAHXZ
?InternalRelease@CUnkInternal@@QEAAKXZ
??1CCritSec@@QEAA@XZ
?Release@CUnk@@UEAAKXZ
?AddRef@CUnk@@UEAAKXZ
?QueryInterface@CUnk@@UEAAJAEBU_GUID@@PEAPEAX@Z
?SetAt@CFlexArray@@QEAAXHPEAX@Z
GetMemLogObject
?Write@CMemoryLog@@QEAAXJ@Z
?Empty@CFlexArray@@QEAAXXZ
?GetAt@CFlexArray@@QEBAPEAXH@Z
??1CFlexArray@@QEAA@XZ
??1CUnk@@UEAA@XZ
?WbemMemFree@CWin32DefaultArena@@SAHPEAX@Z
?WbemMemAlloc@CWin32DefaultArena@@SAPEAX_K@Z
??0CFlexQueue@@QEAA@H@Z
??0CInCritSec@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??1CInCritSec@@QEAA@XZ
?Add@CFlexArray@@QEAAHPEAX@Z
?Size@CFlexArray@@QEBAHXZ
?Enqueue@CExecQueue@@UEAAJPEAVCExecRequest@@PEAPEAX@Z
?OnInitialize@CUnk@@UEAAHXZ
??1CBuffer@@QEAA@XZ

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 340KB - Virtual size: 340KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/libr/tehnical/wmipdfs.dll
.dll regsvr32 windows x64

029ec6412c032d107363ea4d5a9d1a39

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

??3@YAXPEAX@Z
_CxxThrowException
_wcsicmp
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
__C_specific_handler
_initterm
free
_amsg_exit
_XcptFilter
memmove
memcpy
__CxxFrameHandler3
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_purecall
_callnewh
malloc
wcsncmp
??_V@YAXPEAX@Z
wcschr

kernel32

GetVersionExW
GetModuleFileNameW
GetCurrentThread
CloseHandle
GetComputerNameExW
SetLastError
DisableThreadLibraryCalls
SetUnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Sleep
LocalFree
GetLastError
GetFileAttributesW
GetCurrentProcess

netapi32

NetDfsSetInfo
NetDfsAdd
NetDfsAddStdRoot
NetDfsRemove
NetDfsRemoveStdRoot
NetApiBufferFree
NetDfsEnum

oleaut32

VariantInit
VariantChangeType
VariantClear

framedynos

?Left@CHString@@QEBA?AV1@H@Z
??YCHString@@QEAAAEBV0@G@Z
?Right@CHString@@QEBA?AV1@H@Z
?BeginRead@CThreadBase@@QEAAHK@Z
?GetSize@CHPtrArray@@QEBAHXZ
?GetAt@CHPtrArray@@QEBAPEAXH@Z
?AddRef@CInstance@@QEAAJXZ
?EndRead@CThreadBase@@QEAAXXZ
?PutInstance@Provider@@MEAAJAEBVCInstance@@J@Z
?DeleteInstance@Provider@@MEAAJAEBVCInstance@@J@Z
?GetValuesForProp@CFrameworkQuery@@QEAAJPEBGAEAVCHStringArray@@@Z
?GetMethodContext@CInstance@@QEBAPEAVMethodContext@@XZ
?FindOneOf@CHString@@QEBAHPEBG@Z
?LocalLogMessage@ProviderLog@@QEAAXPEBGHW4LogLevel@1@0ZZ
?captainsLog@@3VProviderLog@@A
?LocalLogMessage@ProviderLog@@QEAAXPEBG0HW4LogLevel@1@@Z
??0Provider@@QEAA@PEBG0@Z
??1Provider@@UEAA@XZ
??0CHString@@QEAA@XZ
??1CHString@@QEAA@XZ
??4CHString@@QEAAAEBV0@AEBV0@@Z
?s_strComputerName@Provider@@0VCHString@@A
?GetCHString@CInstance@@QEBA_NPEBGAEAVCHString@@@Z
?GetDWORD@CInstance@@QEBA_NPEBGAEAK@Z
?GetBuffer@CHString@@QEAAPEAGH@Z
?CreateNewInstance@Provider@@IEAAPEAVCInstance@@PEAVMethodContext@@@Z
?Commit@CInstance@@QEAAJXZ
?SetWCHARSplat@CInstance@@QEAA_NPEBG0@Z
?Setbool@CInstance@@QEAA_NPEBG_N@Z
?SetDWORD@CInstance@@QEAA_NPEBGK@Z
?IsPropertyRequired@CFrameworkQuery@@QEAA_NPEBG@Z
?GetLength@CHString@@QEBAHXZ
?Release@CInstance@@QEAAJXZ
?RemoveAll@CHPtrArray@@QEAAXXZ
?GetObject@Provider@@MEAAJPEAVCInstance@@J@Z
?ExecQuery@Provider@@MEAAJPEAVMethodContext@@AEAVCFrameworkQuery@@J@Z
?Flush@Provider@@MEAAXXZ
?ValidateEnumerationFlags@Provider@@MEAAJJ@Z
?ValidateGetObjFlags@Provider@@MEAAJJ@Z
?ValidateMethodFlags@Provider@@MEAAJJ@Z
?ValidateQueryFlags@Provider@@MEAAJJ@Z
?ValidateDeletionFlags@Provider@@MEAAJJ@Z
?ValidatePutInstanceFlags@Provider@@MEAAJJ@Z
?SetCHString@CInstance@@QEAA_NPEBG0@Z
?ExecMethod@Provider@@MEAAJAEBVCInstance@@QEAGPEAV2@2J@Z
?Empty@CHString@@QEAAXXZ
?GetLocalInstancePath@Provider@@IEAA_NPEBVCInstance@@AEAVCHString@@@Z
?SetCHString@CInstance@@QEAA_NPEBGAEBVCHString@@@Z
??H@YA?AVCHString@@AEBV0@0@Z
??H@YA?AVCHString@@AEBV0@G@Z
??H@YA?AVCHString@@PEBGAEBV0@@Z
?GetInstanceKeysByPath@CWbemProviderGlue@@SAJPEBGPEAPEAVCInstance@@PEAVMethodContext@@@Z
?IsDerivedFrom@CWbemProviderGlue@@SA_NPEBG0PEAVMethodContext@@0@Z
??0CThreadBase@@QEAA@W4THREAD_SAFETY_MECHANISM@0@@Z
??1CThreadBase@@UEAA@XZ
??0CHPtrArray@@QEAA@XZ
??1CHPtrArray@@QEAA@XZ
?BeginWrite@CThreadBase@@QEAAHK@Z
?Add@CHPtrArray@@QEAAHPEAX@Z
?EndWrite@CThreadBase@@QEAAXXZ
??ACHPtrArray@@QEAAAEAPEAXH@Z
?OnFinalRelease@CThreadBase@@MEAAXXZ
?RemoveAt@CHStringArray@@QEAAXHH@Z
?RemoveAll@CHStringArray@@QEAAXXZ
?Create@CWbemGlueFactory@@SAPEAV1@PEAJ@Z
?Destroy@CWbemGlueFactory@@QEAAXXZ
?FrameworkLogoffDLL@CWbemProviderGlue@@SAHPEBGPEAJ@Z
?FrameworkLoginDLL@CWbemProviderGlue@@SAHPEBGPEAJ@Z
?initFailed@Provider@@SAHXZ
??0CHString@@QEAA@PEBG@Z
??0CHString@@QEAA@AEBV0@@Z
??4CHString@@QEAAAEBV0@PEBG@Z
?GetVariant@CInstance@@QEBA_NPEBGAEAUtagVARIANT@@@Z
?Format@CHString@@QEAAXPEBGZZ
??ACHStringArray@@QEBA?AVCHString@@H@Z
??YCHString@@QEAAAEBV0@AEBV0@@Z
?SetAt@CHString@@QEAAXHG@Z
?GetInstancesByQueryAsynch@CWbemProviderGlue@@SAJPEBGPEAVProvider@@P6AJ1PEAVCInstance@@PEAVMethodContext@@PEAX@Z034@Z
?GetInstancesByQuery@CWbemProviderGlue@@SAJPEBGPEAV?$TRefPointerCollection@VCInstance@@@@PEAVMethodContext@@0@Z
??0CHStringArray@@QEAA@XZ
??1CHStringArray@@QEAA@XZ
?Add@CHStringArray@@QEAAHPEBG@Z
?GetInstancePropertiesByPath@CWbemProviderGlue@@SAJPEBGPEAPEAVCInstance@@PEAVMethodContext@@AEAVCHStringArray@@@Z
?Free@CObjectPathParser@@QEAAXPEAUParsedObjectPath@@@Z
??0CObjectPathParser@@QEAA@W4ObjectParserFlags@@@Z
??1CObjectPathParser@@QEAA@XZ
?Parse@CObjectPathParser@@QEAAHPEBGPEAPEAUParsedObjectPath@@@Z

advapi32

ImpersonateLoggedOnUser
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegSetValueExW
OpenThreadToken
RevertToSelf
RegDeleteKeyExW

ole32

StringFromGUID2

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/tran/app/drivers/AppManMigrationPlugin.dll
.dll regsvr32 windows x64

3426e31e2eb9a00393a44c4098df121d

Code Sign

33:00:00:03:8b:79:45:c1:8b:0e:b6:87:ec:00:00:00:00:03:8b
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

05-05-2022 19:23

Not After

04-05-2023 19:23

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19-10-2011 18:41

Not After

19-10-2026 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c5:8b:ac:8f:3f:a6:f2:e6:3e:b2:83:f0:c0:3d:a0:b0:f6:d2:87:c0:bd:a6:46:dc:6f:ae:bb:35:50:98:3e:fe
Signer

Actual PE Digest

c5:8b:ac:8f:3f:a6:f2:e6:3e:b2:83:f0:c0:3d:a0:b0:f6:d2:87:c0:bd:a6:46:dc:6f:ae:bb:35:50:98:3e:fe

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

09-03-2023 13:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

Imports

msvcrt

___lc_collate_cp_func
setlocale
__pctype_func
isupper
___lc_handle_func
___lc_codepage_func
memcmp
___mb_cur_max_func
_ismbblead
__uncaught_exception
islower
_wcsdup
??8type_info@@QEBAHAEBV0@@Z
__crtCompareStringW
__crtCompareStringA
__crtLCMapStringW
__crtLCMapStringA
_wsetlocale
isspace
tolower
memchr
abort
memset
isalnum
_Getdays
ungetc
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
__mb_cur_max
_Gettnames
_Strftime
strchr
_wcsicmp
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
??1bad_cast@@UEAA@XZ
strerror
ldexp
fseek
mbstowcs_s
?name@type_info@@QEBAPEBDXZ
_fseeki64
_wfsopen
fsetpos
setvbuf
fgetpos
fwrite
fgetc
fclose
fflush
fputc
sprintf_s
_stricmp
localeconv
strcspn
_wcsnicmp
time
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
realloc
_errno
_initterm
_amsg_exit
_XcptFilter
memmove
memcpy
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_callnewh
swprintf_s
ldiv
_Getmonths
isdigit
calloc
_wtoi
wcscat_s
wcsncpy_s
malloc
memmove_s
free
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
_purecall
wcscpy_s
memcpy_s
_vsnwprintf
??_V@YAXPEAX@Z
__C_specific_handler
__CxxFrameHandler3
??3@YAXPEAX@Z
wcscmp

ntdll

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

kernel32

SleepConditionVariableSRW
WakeAllConditionVariable
DecodePointer
EncodePointer
GetLocaleInfoW
GetStringTypeW
LocalAlloc
GetProcessMitigationPolicy
TlsFree
TlsGetValue
TlsAlloc
GetModuleFileNameA
SizeofResource
CreateSemaphoreExW
HeapFree
SetLastError
EnterCriticalSection
ReleaseSemaphore
GetModuleHandleExW
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
GetCurrentThreadId
ReleaseMutex
FormatMessageW
GetLastError
OutputDebugStringW
WaitForSingleObjectEx
LockResource
OpenSemaphoreW
CloseHandle
RaiseException
FindResourceExW
LoadResource
HeapAlloc
GetProcAddress
CreateMutexExW
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
GetModuleHandleW
DebugBreak
lstrcmpiW
LoadLibraryExW
FreeLibrary
MultiByteToWideChar
GetThreadLocale
SetThreadLocale
InitOnceBeginInitialize
InitOnceComplete
FindFirstFileW
FindNextFileW
FindClose
GetSystemDirectoryW
GetFileAttributesW
HeapSize
HeapReAlloc
HeapDestroy
WideCharToMultiByte
LocalFree
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
OutputDebugStringA
TlsSetValue
ResetEvent
OpenEventA
ProcessIdToSessionId
GetFileTime
GetFileSize
SetEvent
SetFileAttributesW
CreateFileW
ExpandEnvironmentStringsW
WriteFile
CreateEventA
ReadFile
GetComputerNameExW
lstrlenA
SystemTimeToFileTime
GetLocalTime
LocalUnlock
DeleteFileW
LocalLock
AcquireSRWLockShared
AreFileApisANSI
CreateDirectoryW
DeviceIoControl
GetCurrentDirectoryW
IsDebuggerPresent
CreateThreadpoolTimer
ReleaseSRWLockShared
SetThreadpoolTimer
AcquireSRWLockExclusive
CloseThreadpoolTimer
ReleaseSRWLockExclusive
WaitForThreadpoolTimerCallbacks
InitializeCriticalSectionEx
FormatMessageA

ole32

OleRun
CoCreateInstance
CLSIDFromString
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromCLSID
CLSIDFromProgID
CoUninitialize
CoInitializeEx
StringFromGUID2

oleaut32

SysAllocStringByteLen
VarUI4FromStr
SysStringLen
SysFreeString
LoadTypeLi
LoadRegTypeLi
UnRegisterTypeLi
SysAllocString
RegisterTypeLi
VariantInit
VariantClear
GetErrorInfo

user32

UnregisterClassA
CharNextW

advapi32

EventUnregister
EventWriteTransfer
EventRegister
RegGetValueW
RegDeleteValueW
RegQueryInfoKeyW
RegSetKeyValueW
EventSetInformation
RegQueryValueExW
RegDeleteKeyExW
RegEnumValueW
EqualSid
CreateWellKnownSid
GetNamedSecurityInfoW
OpenProcessToken
GetTokenInformation
RegDeleteTreeW
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegOpenKeyExW

shell32

SHGetFileInfoW
SHGetKnownFolderPath

activeds

ord3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 835KB - Virtual size: 834KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/tran/app/drivers/cimwin32.dll
.dll regsvr32 windows x64

3e0fc5fc148d8a2f4281bca9fa8a8166

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

_itow
mbstowcs
iswdigit
_wsplitpath_s
_wcslwr
toupper
_purecall
wcstok
_wcsupr
time
div
isspace
isdigit
memcpy_s
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
memmove_s
wcsspn
iswalpha
__C_specific_handler
_vsnprintf
wcstol
swscanf_s
_beginthreadex
malloc
_wmakepath_s
_wcsdup
_ltow
_wcsnicmp
wcstok_s
_vsnprintf_s
sscanf_s
wcsrchr
_waccess
_wtoi
_errno
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memmove
_lock
wcsncmp
_unlock
_XcptFilter
_amsg_exit
_i64tow_s
_initterm
_wtoi64
__dllonexit
_onexit
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
strcmp
memset
wcsstr
wcspbrk
free
_wtol
wcschr
wcstoul
_wcsicmp
_ultow
memcmp
_vsnwprintf
_ui64tow_s
__RTDynamicCast
_ultow_s
swscanf
__CxxFrameHandler3
wcscmp

ntdll

NtQueryValueKey
NtEnumerateValueKey
RtlFreeHeap
RtlAppendUnicodeToString
RtlAppendUnicodeStringToString
RtlAllocateHeap
RtlCreateUnicodeString
NtOpenKey
RtlFormatCurrentUserKeyPath
RtlMultiByteToUnicodeN
RtlMultiByteToUnicodeSize
RtlUnicodeToMultiByteN
RtlEqualString
RtlEqualUnicodeString
NtFreeVirtualMemory
NtEnumerateKey
NtWriteFile
RtlIsTextUnicode
NtReadFile
NtAllocateVirtualMemory
NtUnlockFile
NtLockFile
NtCreateFile
RtlInitAnsiString
RtlFreeAnsiString
RtlCharToInteger
RtlUnicodeStringToAnsiString
NtQueryVolumeInformationFile
RtlInitUnicodeString
NtQueryInformationProcess
RtlNtStatusToDosError
NtCreatePagingFile
NtSetInformationFile
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlValidRelativeSecurityDescriptor
RtlNumberOfSetBitsUlongPtr
NtPowerInformation
NtQuerySystemInformation
RtlIpv6StringToAddressW
RtlIpv4StringToAddressW
NtClose
NtFsControlFile
NtOpenFile
RtlFreeUnicodeString
RtlDosPathNameToNtPathName_U
NtQueryInformationFile
RtlIpv6AddressToStringW
RtlIpv4AddressToStringW
RtlWriteRegistryValue
RtlQueryRegistryValuesEx
RtlCheckPortableOperatingSystem

api-ms-win-core-sysinfo-l1-1-0

GetComputerNameExW
GetTickCount64
GetLocalTime
GetVersionExW
GetSystemTime
GetLogicalProcessorInformationEx
GetSystemTimeAsFileTime
GetTickCount
GetSystemInfo
GlobalMemoryStatusEx
GetWindowsDirectoryW
GetSystemDirectoryW

api-ms-win-core-registry-l1-1-0

RegDeleteKeyExW
RegQueryValueExW
RegOpenKeyExW
RegGetKeySecurity
RegCloseKey
RegQueryInfoKeyW
RegSetKeySecurity
RegEnumKeyExW
RegSetValueExW
RegUnLoadKeyW
RegLoadKeyW
RegCreateKeyExW
RegDisablePredefinedCacheEx
RegEnumValueW

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
OpenProcess

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
RaiseException
UnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
SetThreadPriority
GetExitCodeProcess
GetCurrentThreadId
GetExitCodeThread
OpenThreadToken
GetCurrentThread
OpenProcessToken
GetCurrentProcess
GetThreadPriority
GetCurrentProcessId
SetThreadToken
CreateThread
CreateProcessAsUserW
SetPriorityClass

api-ms-win-security-base-l1-1-0

AdjustTokenPrivileges
GetKernelObjectSecurity
ImpersonateLoggedOnUser
RevertToSelf
DuplicateTokenEx
MakeSelfRelativeSD
CreateWellKnownSid
GetSidSubAuthority
SetSecurityDescriptorSacl
SetSecurityDescriptorDacl
IsValidSid
GetSidSubAuthorityCount
CopySid
CheckTokenMembership
PrivilegeCheck
FreeSid
GetSidIdentifierAuthority
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
EqualSid
GetTokenInformation
GetSecurityDescriptorControl
AddAccessAllowedObjectAce
GetSecurityDescriptorLength
AddAccessDeniedObjectAce
AllocateAndInitializeSid
SetFileSecurityW
GetLengthSid
AddAuditAccessObjectAce
AddAce
GetAce
SetSecurityDescriptorControl
GetFileSecurityW
SetKernelObjectSecurity
InitializeAcl
SetSecurityDescriptorGroup
IsValidSecurityDescriptor
InitializeSecurityDescriptor
SetSecurityDescriptorOwner

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
LoadStringW
GetModuleFileNameW
LoadLibraryExW
GetModuleHandleExW
GetProcAddress
FreeLibrary
FindStringOrdinal
LoadLibraryExA
GetModuleHandleW
DisableThreadLibraryCalls

api-ms-win-core-memory-l1-1-0

VirtualQuery
VirtualProtect
VirtualQueryEx
ReadProcessMemory

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
CompareStringW
MultiByteToWideChar

api-ms-win-core-file-l1-1-0

GetFileAttributesW
GetDiskFreeSpaceExW
GetVolumeInformationW
GetDiskFreeSpaceW
FindFirstFileW
QueryDosDeviceW
CreateFileW
RemoveDirectoryW
ReadFile
GetVolumePathNameW
DeleteFileW
FindClose
SetFileAttributesW
GetDriveTypeW
FindNextFileW
GetFileSize
GetLogicalDriveStringsW
DefineDosDeviceW
GetFileType
GetFileAttributesExW
GetLogicalDrives

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW
lstrlenA
lstrlenW
lstrcmpiW

api-ms-win-core-file-l2-1-0

CopyFileExW
CreateDirectoryExW
MoveFileExW

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-kernel32-legacy-l1-1-0

GetMaximumProcessorGroupCount
GetTapeParameters
SetVolumeLabelW

api-ms-win-core-version-l1-1-0

GetFileVersionInfoSizeExW
VerQueryValueW
GetFileVersionInfoExW

api-ms-win-core-processtopology-obsolete-l1-1-0

GetActiveProcessorCount

api-ms-win-power-base-l1-1-0

PowerDeterminePlatformRoleEx

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
GetTimeZoneInformation
SetDynamicTimeZoneInformation
GetDynamicTimeZoneInformation

api-ms-win-core-sysinfo-l1-2-0

SetSystemTime
GetProductInfo
SetComputerNameExW

api-ms-win-core-processtopology-l1-1-0

SetThreadGroupAffinity

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-largeinteger-l1-1-0

MulDiv

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
InitializeCriticalSectionEx
EnterCriticalSection
OpenSemaphoreW
ReleaseMutex
ReleaseSemaphore
WaitForMultipleObjectsEx
CreateMutexExW
ResetEvent
LeaveCriticalSection
WaitForSingleObject
InitializeCriticalSection
CreateEventW
SetEvent
CreateSemaphoreExW
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx

api-ms-win-core-localization-l1-2-0

GetLocaleInfoW
IsDBCSLeadByte
GetUserDefaultLCID
FormatMessageW

api-ms-win-core-com-l1-1-0

StringFromGUID2
CLSIDFromString
CoGetCallContext
CoTaskMemFree
CoCreateInstance
StringFromCLSID
CoUninitialize
CoInitializeEx
CoTaskMemAlloc

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks

api-ms-win-core-psapi-l1-1-0

K32GetPerformanceInfo

api-ms-win-core-localization-obsolete-l1-2-0

EnumUILanguagesW

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-comm-l1-1-0

GetCommState
GetCommProperties

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

framedynos

?NormalizePath@@YAKPEBG00KAEAVCHString@@@Z
?GetAllDerivedInstances@CWbemProviderGlue@@SAJPEBGPEAV?$TRefPointerCollection@VCInstance@@@@PEAVMethodContext@@0@Z
?GetBufferSetLength@CHString@@QEAAPEAGH@Z
?AddRef@CThreadBase@@QEAAJXZ
?Release@CThreadBase@@QEAAJXZ
??0WBEMTime@@QEAA@AEBUtm@@@Z
?FindOneOf@CHString@@QEBAHPEBG@Z
?RemoveAt@CHStringArray@@QEAAXHH@Z
??4WBEMTime@@QEAAAEBV0@QEAG@Z
?AllocSysString@CHString@@QEBAPEAGXZ
?GetEmptyInstance@CWbemProviderGlue@@SAJPEAVMethodContext@@PEBGPEAPEAVCInstance@@1@Z
?SetDMTF@WBEMTime@@QEAAHQEAG@Z
?GetCurrentBinaryKeyValue@CRegistry@@QEAAKPEBGAEAVCHString@@@Z
?GetDMTF@WBEMTime@@QEBAPEAGH@Z
??4WBEMTime@@QEAAAEBV0@AEBU_SYSTEMTIME@@@Z
?GetAllDerivedInstancesAsynch@CWbemProviderGlue@@SAJPEBGPEAVProvider@@P6AJ1PEAVCInstance@@PEAVMethodContext@@PEAX@Z034@Z
??0CFrameworkQuery@@QEAA@XZ
?GetLongestValueData@CRegistry@@QEAAKXZ
?TrimRight@CHString@@QEAAXXZ
?FormatV@CHString@@QEAAXPEBGPEAD@Z
?TrimLeft@CHString@@QEAAXXZ
?IsDerivedFrom@CWbemProviderGlue@@SA_NPEBG0PEAVMethodContext@@0@Z
?SetStatusObject@MethodContext@@QEAA_NPEAUIWbemClassObject@@@Z
?initFailed@Provider@@SAHXZ
?SetEmbeddedObject@CInstance@@QEAA_NPEBGAEAV1@@Z
?FrameworkLoginDLL@CWbemProviderGlue@@SAHPEBGPEAJ@Z
?FrameworkLogoffDLL@CWbemProviderGlue@@SAHPEBGPEAJ@Z
?Destroy@CWbemGlueFactory@@QEAAXXZ
?UnRegisterMessage@CWinMsgEvent@@IEAA_NIH@Z
?RegisterForMessage@CWinMsgEvent@@IEAAXIH@Z
??1CWinMsgEvent@@QEAA@XZ
?Create@CWbemGlueFactory@@SAPEAV1@PEAJ@Z
??0CWinMsgEvent@@QEAA@XZ
?SetAt@CHString@@QEAAXHG@Z
?GetSYSTEMTIME@WBEMTime@@QEBAHPEAU_SYSTEMTIME@@@Z
?IsOk@WBEMTime@@QEBA_NXZ
?GetDateTime@CInstance@@QEBA_NPEBGAEAVWBEMTime@@@Z
??1CFrameworkQuery@@QEAA@XZ
??0WBEMTime@@QEAA@XZ
?GetLocalOffsetForDate@WBEMTime@@SAJPEBU_SYSTEMTIME@@@Z
?SetDOUBLE@CInstance@@QEAA_NPEBGN@Z
??0WBEMTime@@QEAA@AEBU_SYSTEMTIME@@@Z
?SetCurrentKeyValue@CRegistry@@QEAAKPEBGAEAVCHStringArray@@@Z
?GetCurrentKeyValue@CRegistry@@QEAAKPEBGAEAVCHStringArray@@@Z
?LocalLogMessage@ProviderLog@@QEAAXPEBGHW4LogLevel@1@0ZZ
?captainsLog@@3VProviderLog@@A
?LocalLogMessage@ProviderLog@@QEAAXPEBG0HW4LogLevel@1@@Z
??0Provider@@QEAA@PEBG0@Z
??1Provider@@UEAA@XZ
??0CHString@@QEAA@XZ
?GetAt@CHString@@QEBAGH@Z
?GetCHString@CInstance@@QEBA_NPEBGAEAVCHString@@@Z
?CompareNoCase@CHString@@QEBAHPEBG@Z
??BCHString@@QEBAPEBGXZ
?SetDWORD@CInstance@@QEAA_NPEBGK@Z
?SetCHString@CInstance@@QEAA_NPEBGAEBVCHString@@@Z
?Setbool@CInstance@@QEAA_NPEBG_N@Z
?CreateNewInstance@Provider@@IEAAPEAVCInstance@@PEAVMethodContext@@@Z
?Commit@CInstance@@QEAAJXZ
?GetBuffer@CHString@@QEAAPEAGH@Z
?ReleaseBuffer@CHString@@QEAAXH@Z
?Find@CHString@@QEBAHPEBG@Z
??4CHString@@QEAAAEBV0@AEBV0@@Z
?Mid@CHString@@QEBA?AV1@H@Z
?GetLength@CHString@@QEBAHXZ
?GetMethodContext@CInstance@@QEBAPEAVMethodContext@@XZ
?Format@CHString@@QEAAXPEBGZZ
?GetInstancesByQuery@CWbemProviderGlue@@SAJPEBGPEAV?$TRefPointerCollection@VCInstance@@@@PEAVMethodContext@@0@Z
?GetNamespace@Provider@@IEAAAEBVCHString@@XZ
??0CRegistry@@QEAA@XZ
??1CRegistry@@QEAA@XZ
?Open@CRegistry@@QEAAJPEAUHKEY__@@PEBGK@Z
?GetCurrentKeyValue@CRegistry@@QEAAKPEBGAEAK@Z
?IsPropertyRequired@CFrameworkQuery@@QEAA_NPEBG@Z
?Left@CHString@@QEBA?AV1@H@Z
?ReverseFind@CHString@@QEBAHG@Z
??0CHString@@QEAA@AEBV0@@Z
??YCHString@@QEAAAEBV0@PEBG@Z
?Release@CInstance@@QEAAJXZ
??0CThreadBase@@QEAA@W4THREAD_SAFETY_MECHANISM@0@@Z
??1CThreadBase@@UEAA@XZ
??0CHPtrArray@@QEAA@XZ
??1CHPtrArray@@QEAA@XZ
?BeginRead@CThreadBase@@QEAAHK@Z
?GetSize@CHPtrArray@@QEBAHXZ
?GetAt@CHPtrArray@@QEBAPEAXH@Z
?AddRef@CInstance@@QEAAJXZ
?EndRead@CThreadBase@@QEAAXXZ
?BeginWrite@CThreadBase@@QEAAHK@Z
??ACHPtrArray@@QEAAAEAPEAXH@Z
?RemoveAll@CHPtrArray@@QEAAXXZ
?EndWrite@CThreadBase@@QEAAXXZ
?OnFinalRelease@CThreadBase@@MEAAXXZ
?PutInstance@Provider@@MEAAJAEBVCInstance@@J@Z
?DeleteInstance@Provider@@MEAAJAEBVCInstance@@J@Z
?ExecMethod@Provider@@MEAAJAEBVCInstance@@QEAGPEAV2@2J@Z
?GetObject@Provider@@MEAAJPEAVCInstance@@J@Z
?Flush@Provider@@MEAAXXZ
?ValidateEnumerationFlags@Provider@@MEAAJJ@Z
?ValidateGetObjFlags@Provider@@MEAAJJ@Z
?ValidateMethodFlags@Provider@@MEAAJJ@Z
?ValidateQueryFlags@Provider@@MEAAJJ@Z
?ValidateDeletionFlags@Provider@@MEAAJJ@Z
?ValidatePutInstanceFlags@Provider@@MEAAJJ@Z
?SetCharSplat@CInstance@@QEAA_NPEBG0@Z
??0WBEMTime@@QEAA@AEB_J@Z
?SetDateTime@CInstance@@QEAA_NPEBGAEBVWBEMTime@@@Z
?IsNull@CInstance@@QEBA_NPEBG@Z
?GetDWORD@CInstance@@QEBA_NPEBGAEAK@Z
?GethKey@CRegistry@@QEAAPEAUHKEY__@@XZ
?GetObject@Provider@@MEAAJPEAVCInstance@@JAEAVCFrameworkQuery@@@Z
?ExecQuery@Provider@@MEAAJPEAVMethodContext@@AEAVCFrameworkQuery@@J@Z
?KeysOnly@CFrameworkQuery@@QEAA_NXZ
?SetWCHARSplat@CInstance@@QEAA_NPEBG0@Z
?SetCreationClassName@Provider@@IEAA_NPEAVCInstance@@@Z
?GetLocalComputerName@Provider@@IEAAAEBVCHString@@XZ
?SetWBEMINT64@CInstance@@QEAA_NPEBG_K@Z
??0WBEMTime@@QEAA@AEBU_FILETIME@@@Z
??0CHString@@QEAA@PEBG@Z
?IsEmpty@CHString@@QEBAHXZ
?Compare@CHString@@QEBAHPEBG@Z
??H@YA?AVCHString@@AEBV0@0@Z
?Close@CRegistry@@QEAAXXZ
?GetStatus@CInstance@@QEBA_NPEBGAEA_NAEAG@Z
?GetEmbeddedObject@CInstance@@QEBA_NPEBGPEAPEAV1@PEAVMethodContext@@@Z
?GetStringArray@CInstance@@QEBA_NPEBGAEAPEAUtagSAFEARRAY@@@Z
??H@YA?AVCHString@@AEBV0@PEBG@Z
??H@YA?AVCHString@@PEBGAEBV0@@Z
?GetInstanceByPath@CWbemProviderGlue@@SAJPEBGPEAPEAVCInstance@@PEAVMethodContext@@@Z
??4CHString@@QEAAAEBV0@PEBD@Z
??0CHStringArray@@QEAA@XZ
??1CHStringArray@@QEAA@XZ
?Add@CHStringArray@@QEAAHPEBG@Z
?GetSize@CHStringArray@@QEBAHXZ
?GetAt@CHStringArray@@QEBA?AVCHString@@H@Z
?GetValueCount@CRegistry@@QEAAKXZ
?EnumerateAndGetValues@CRegistry@@QEAAJAEAKAEAPEAGAEAPEAE@Z
??ACHStringArray@@QEAAAEAVCHString@@H@Z
??4CHString@@QEAAAEBV0@PEBG@Z
?SetStatusObject@CWbemProviderGlue@@SA_NPEAVMethodContext@@PEBG1JPEBUtagSAFEARRAY@@2@Z
?MakeUpper@CHString@@QEAAXXZ
?SetWBEMINT64@CInstance@@QEAA_NPEBG_J@Z
?SetCHString@CInstance@@QEAA_NPEBG0@Z
?MakeLower@CHString@@QEAAXXZ
?Getbool@CInstance@@QEBA_NPEBGAEA_N@Z
?GetWCHAR@CInstance@@QEBA_NPEBGPEAPEAG@Z
?SetSize@CHPtrArray@@QEAAXHH@Z
?GetPropertyBitMask@CFrameworkQueryEx@@QEAAXAEBVCHPtrArray@@PEAX@Z
?GetValuesForProp@CFrameworkQuery@@QEAAJPEBGAEAV?$vector@V_bstr_t@@V?$allocator@V_bstr_t@@@std@@@std@@@Z
?GetInstanceKeysByPath@CWbemProviderGlue@@SAJPEBGPEAPEAVCInstance@@PEAVMethodContext@@@Z
?GetValuesForProp@CFrameworkQuery@@QEAAJPEBGAEAVCHStringArray@@@Z
?SpanExcluding@CHString@@QEBA?AV1@PEBG@Z
?SetWBEMINT16@CInstance@@QEAA_NPEBGAEBF@Z
?SetVariant@CInstance@@QEAA_NPEBGAEBUtagVARIANT@@@Z
?GetLocalInstancePath@Provider@@IEAA_NPEBVCInstance@@AEAVCHString@@@Z
?Find@CHString@@QEBAHG@Z
?Mid@CHString@@QEBA?AV1@HH@Z
?GetCurrentKeyValue@CRegistry@@QEAAKPEBGAEAVCHString@@@Z
?SetStringArray@CInstance@@QEAA_NPEBGAEBUtagSAFEARRAY@@@Z
?Empty@CHString@@QEAAXXZ
?SetByte@CInstance@@QEAA_NPEBGE@Z
?GetWBEMINT64@CInstance@@QEBA_NPEBGAEA_K@Z
?OpenCurrentUser@CRegistry@@QEAAKPEBGK@Z
?GetByte@CInstance@@QEBA_NPEBGAEAE@Z
?Right@CHString@@QEBA?AV1@H@Z
?Add@CHPtrArray@@QEAAHPEAX@Z
??0CHString@@QEAA@PEBD@Z
?SetWBEMINT64@CInstance@@QEAA_NPEBGAEBVCHString@@@Z
?OpenAndEnumerateSubKeys@CRegistry@@QEAAJPEAUHKEY__@@PEBGK@Z
?GetCurrentSubKeyName@CRegistry@@QEAAKAEAVCHString@@@Z
?NextSubKey@CRegistry@@QEAAKXZ
??YCHString@@QEAAAEBV0@AEBV0@@Z
??YCHString@@QEAAAEBV0@G@Z
??0CObjectPathParser@@QEAA@W4ObjectParserFlags@@@Z
??1CObjectPathParser@@QEAA@XZ
?Parse@CObjectPathParser@@QEAAHPEBGPEAPEAUParsedObjectPath@@@Z
?IsInstance@ParsedObjectPath@@QEAAHXZ
?Free@CObjectPathParser@@QEAAXPEAUParsedObjectPath@@@Z
??0CHString@@QEAA@GH@Z
?CreateOpen@CRegistry@@QEAAJPEAUHKEY__@@PEBGPEAGKKPEAU_SECURITY_ATTRIBUTES@@PEAK@Z
?SetCurrentKeyValue@CRegistry@@QEAAKPEBGAEAK@Z
?OpenLocalMachineKeyAndReadValue@CRegistry@@QEAAJPEBG0AEAVCHString@@@Z
?GetWBEMINT16@CInstance@@QEBA_NPEBGAEAF@Z
?DeleteValue@CRegistry@@QEAAJPEBG@Z
?GetVariant@CInstance@@QEBA_NPEBGAEAUtagVARIANT@@@Z
?Is3TokenOR@CFrameworkQueryEx@@QEAAHPEBG0AEAUtagVARIANT@@1@Z
??ACHStringArray@@QEBA?AVCHString@@H@Z
?SetSize@CHStringArray@@QEAAXHH@Z
?GetCurrentSubKeyCount@CRegistry@@QEAAKXZ
?SetAt@CHStringArray@@QEAAXHPEBG@Z
?RemoveAll@CHStringArray@@QEAAXXZ
?GetCurrentBinaryKeyValue@CRegistry@@QEAAKPEBGPEAEPEAK@Z
?GetWBEMINT64@CInstance@@QEBA_NPEBGAEA_J@Z
?GetInstancePropertiesByPath@CWbemProviderGlue@@SAJPEBGPEAPEAVCInstance@@PEAVMethodContext@@AEAVCHStringArray@@@Z
??ACHString@@QEBAGH@Z
?SetCHString@CInstance@@QEAA_NPEBGPEBD@Z
?IsLoggingOn@ProviderLog@@QEAA?AW4LogLevel@1@PEAVCHString@@@Z
??0ParsedObjectPath@@QEAA@XZ
??1ParsedObjectPath@@QEAA@XZ
?SetClassName@ParsedObjectPath@@QEAAHPEBG@Z
?AddKeyRef@ParsedObjectPath@@QEAAHPEBGPEBUtagVARIANT@@@Z
?Unparse@CObjectPathParser@@SAHPEAUParsedObjectPath@@PEAPEAG@Z
??H@YA?AVCHString@@AEBV0@G@Z
?SetCurrentKeyValue@CRegistry@@QEAAKPEBGAEAVCHString@@@Z
?DeleteCurrentKeyValue@CRegistry@@QEAAKPEBG@Z
?EnumerateInstances@Provider@@MEAAJPEAVMethodContext@@J@Z
?GetValuesForProp@CFrameworkQueryEx@@QEAAJPEBGAEAV?$vector@V_variant_t@@V?$allocator@V_variant_t@@@std@@@std@@@Z
?MakeLocalPath@Provider@@IEAA?AVCHString@@AEBV2@@Z
?GetInstancesByQueryAsynch@CWbemProviderGlue@@SAJPEBGPEAVProvider@@P6AJ1PEAVCInstance@@PEAVMethodContext@@PEAX@Z034@Z
?IsNTokenAnd@CFrameworkQueryEx@@QEAAHAEAVCHStringArray@@AEAVCHPtrArray@@@Z
?GetDMTFNonNtfs@WBEMTime@@QEBAPEAGXZ
?GetProviderName@Provider@@IEAAAEBVCHString@@XZ
??YCHString@@QEAAAEBV0@D@Z
?SetAtGrow@CHStringArray@@QEAAXHPEBG@Z
?GetCurrentSubKeyPath@CRegistry@@QEAAKAEAVCHString@@@Z
?GetValuesForProp@CFrameworkQueryEx@@QEAAJPEBGAEAV?$vector@HV?$allocator@H@std@@@std@@@Z
?SetWORD@CInstance@@QEAA_NPEBGG@Z
?GetAllInstances@CWbemProviderGlue@@SAJPEBGPEAV?$TRefPointerCollection@VCInstance@@@@0PEAVMethodContext@@@Z
?GetClassObjectInterface@CInstance@@QEAAPEAUIWbemClassObject@@XZ
??0CInstance@@QEAA@PEAUIWbemClassObject@@PEAVMethodContext@@@Z
??1CInstance@@UEAA@XZ
?SetTimeSpan@CInstance@@QEAA_NPEBGAEBVWBEMTimeSpan@@@Z
??0WBEMTimeSpan@@QEAA@HHHHHHH@Z
?GetCurrentSubKeyValue@CRegistry@@QEAAKPEBGAEAVCHString@@@Z
?GetWORD@CInstance@@QEBA_NPEBGAEAG@Z
??1CHString@@QEAA@XZ

api-ms-win-security-lsapolicy-l1-1-0

LsaClose
LsaFreeMemory
LsaQueryInformationPolicy
LsaOpenPolicy

api-ms-win-core-shlwapi-legacy-l1-1-0

PathFileExistsW

Exports

Exports

??0CTcpMib@@QEAA@AEBV0@@Z
??0CTcpMib@@QEAA@XZ
??1CTcpMib@@UEAA@XZ
??4CTcpMib@@QEAAAEAV0@AEBV0@@Z
??_7CTcpMib@@6B@
?MySecurityDescriptor@@3VWin32SecurityDescriptor@@A
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetSDFromWin32SecurityDescriptor
SetWin32SecurityDescriptorFromSD

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 705KB - Virtual size: 704KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/tran/app/en/audit.exe.mui
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
tran/tran/app/en/libpng16-16.dll
.dll windows x64

dd1d0a44672e02644fe93d783f634e1e

Code Sign

31:83:0c:37:0a:d7:e4:97:63:3b:6e:b3:a0:2d:69:e6
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

18-02-2022 00:00

Not After

17-02-2025 23:59

Subject

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01-01-2004 00:00

Not After

31-12-2028 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:cb:34:fd:3d:ff:12:11:33:9f:f0:7c:4b:21:57:c7
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

30-08-2022 00:00

Not After

29-08-2023 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

36:6d:e5:0a:83:93:58:15:b9:16:3f:15:35:e1:3c:0b:d6:aa:1e:2c:07:01:ce:22:96:2b:d3:63:6e:04:c1:97
Signer

Actual PE Digest

36:6d:e5:0a:83:93:58:15:b9:16:3f:15:35:e1:3c:0b:d6:aa:1e:2c:07:01:ce:22:96:2b:d3:63:6e:04:c1:97

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

19-09-2022 09:20
Valid: true

Chain 1

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

zlib1

adler32
crc32
deflate
deflateEnd
deflateInit2_
deflateReset
inflate
inflateEnd
inflateInit2_
inflateReset
inflateReset2
inflateValidate

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_amsg_exit
_errno
_gmtime64
_initterm
_lock
_setjmp
_unlock
abort
atof
calloc
fclose
ferror
fflush
fopen
fputc
fread
free
frexp
fwrite
localeconv
malloc
memcmp
memcpy
memset
realloc
remove
strerror
strlen
strncmp
vfprintf
wcslen
longjmp

Exports

Exports

png_access_version_number
png_benign_error
png_build_grayscale_palette
png_calloc
png_chunk_benign_error
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_convert_to_rfc1123_buffer
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_XYZ
png_get_cHRM_XYZ_fixed
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_current_pass_number
png_get_current_row_number
png_get_eXIf
png_get_eXIf_1
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_chunk_type
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_mem_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pHYs_dpi
png_get_palette_max
png_get_pixel_aspect_ratio
png_get_pixel_aspect_ratio_fixed
png_get_pixels_per_inch
png_get_pixels_per_meter
png_get_progressive_ptr
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sCAL_fixed
png_get_sCAL_s
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_inches
png_get_x_offset_inches_fixed
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_inch
png_get_x_pixels_per_meter
png_get_y_offset_inches
png_get_y_offset_inches_fixed
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_inch
png_get_y_pixels_per_meter
png_handle_as_unknown
png_image_begin_read_from_file
png_image_begin_read_from_memory
png_image_begin_read_from_stdio
png_image_finish_read
png_image_free
png_image_write_to_file
png_image_write_to_memory
png_image_write_to_stdio
png_info_init_3
png_init_io
png_longjmp
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_process_data
png_process_data_pause
png_process_data_skip
png_progressive_combine_row
png_read_end
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_alpha_mode
png_set_alpha_mode_fixed
png_set_bKGD
png_set_background
png_set_background_fixed
png_set_benign_errors
png_set_bgr
png_set_cHRM
png_set_cHRM_XYZ
png_set_cHRM_XYZ_fixed
png_set_cHRM_fixed
png_set_check_for_invalid_index
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_eXIf
png_set_eXIf_1
png_set_error_fn
png_set_expand
png_set_expand_16
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_filter_heuristics_fixed
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gamma_fixed
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_mem_fn
png_set_oFFs
png_set_option
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_progressive_read_fn
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sCAL_fixed
png_set_sCAL_s
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_scale_16
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_text_compression_level
png_set_text_compression_mem_level
png_set_text_compression_method
png_set_text_compression_strategy
png_set_text_compression_window_bits
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_png
png_write_row
png_write_rows
png_write_sig

Sections

.text
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/tran/app/short/Xaml.Controls.Tabs.dll
.dll windows x64

76a198e9ad1a91c289dbfc5b737a0f17

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_APPCONTAINER
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetModuleFileNameA

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
WakeConditionVariable
InitializeConditionVariable
WakeAllConditionVariable
InitOnceComplete
InitOnceExecuteOnce
SleepConditionVariableSRW
Sleep

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
CreateSemaphoreExW
InitializeCriticalSection
EnterCriticalSection
ReleaseSemaphore
InitializeCriticalSectionEx
DeleteCriticalSection
AcquireSRWLockShared
ReleaseSRWLockExclusive
CreateMutexExW
CreateEventW
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
ReleaseMutex
InitializeSRWLock
ReleaseSRWLockShared
TryAcquireSRWLockExclusive
OpenSemaphoreW
WaitForSingleObjectEx
AcquireSRWLockExclusive
LeaveCriticalSection

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventUnregister
EventWriteTransfer
EventProviderEnabled
EventRegister

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
TerminateProcess
GetCurrentThreadId
GetCurrentProcess

api-ms-win-core-localization-l1-2-0

FormatMessageW
LCMapStringEx

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-rtcore-ntuser-window-l1-1-0

GetMessageTime

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoGetApartmentType
CoGetObjectContext
CoTaskMemFree
CoGetContextToken

wincorlib

?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z
?EventSourceGetTargetArrayEvent@Details@Platform@@YAPEAXPEAXIPEBXPEA_J@Z
?EventSourceGetTargetArraySize@Details@Platform@@YAIPEAX@Z
?EventSourceGetTargetArray@Details@Platform@@YAPEAXPEAXPEAUEventLock@12@@Z
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z
?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z
??0NullReferenceException@Platform@@QE$AAA@XZ
?Allocate@Heap@Details@Platform@@SAPEAX_K@Z
??0Delegate@Platform@@QE$AAA@XZ
?ResolveWeakReference@Details@Platform@@YAPE$AAVObject@2@AEBU_GUID@@PEAPEAU__abi_IUnknown@@@Z
??0ChangedStateException@Platform@@QE$AAA@XZ
??0OutOfBoundsException@Platform@@QE$AAA@XZ
??0FailureException@Platform@@QE$AAA@XZ
??0OutOfMemoryException@Platform@@QE$AAA@XZ
?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z
??BType@Platform@@SA?AVTypeName@Interop@Xaml@UI@Windows@@PE$AAV01@@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
??0NotImplementedException@Platform@@QE$AAA@XZ
?AllocateException@Heap@Details@Platform@@SAPEAX_K0@Z
?EventSourceUninitialize@Details@Platform@@YAXPEAPEAX@Z
?GetWeakReference@Details@Platform@@YAPEAU__abi_IUnknown@@QE$ADVObject@2@@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?EventSourceAdd@Details@Platform@@YA?AVEventRegistrationToken@Foundation@Windows@@PEAPEAXPEAUEventLock@12@PE$AAVDelegate@2@@Z
??0Object@Platform@@QE$AAA@XZ
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?get@FullName@Type@Platform@@QE$AAAPE$AAVString@3@XZ
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?CreateException@Exception@Platform@@SAPE$AAV12@HPE$AAVString@2@@Z
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
??0InvalidArgumentException@Platform@@QE$AAA@PE$AAVString@1@@Z
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
??0DisconnectedException@Platform@@QE$AAA@XZ
?EventSourceInitialize@Details@Platform@@YAXPEAPEAX@Z
?__abi_cast_Object_to_String@__abi_details@@YAPE$AAVString@Platform@@_NPE$AAVObject@3@@Z
??0GridLength@Xaml@UI@Windows@@QEAA@NW4GridUnitType@123@@Z
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?__abi_FailFast@@YAXXZ
?ReCreateFromException@Details@Platform@@YAJPE$AAVException@2@@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
??0InvalidArgumentException@Platform@@QE$AAA@XZ
?Equals@Object@Platform@@QE$AAA_NPE$AAV12@@Z
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
?GetActivationFactory@Details@Platform@@YAJPEAVModuleBase@1WRL@Microsoft@@PEAUHSTRING__@@PEAPEAUIActivationFactory@@@Z
?TerminateModule@Details@Platform@@YA_NPEAVModuleBase@1WRL@Microsoft@@@Z
?Free@Heap@Details@Platform@@SAXPEAX@Z
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?EventSourceRemove@Details@Platform@@YAXPEAPEAXPEAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z

api-ms-win-crt-string-l1-1-0

wcslen
wcsnlen
memset

api-ms-win-crt-locale-l1-1-0

_lock_locales
_unlock_locales

api-ms-win-crt-private-l1-1-0

_o___pctype_func
_o___std_exception_copy
_o___std_exception_destroy
_o___std_type_info_destroy_list
_o___stdio_common_vsnprintf_s
_o___stdio_common_vswprintf
_o__callnewh
_o__calloc_base
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__dtest
_o__errno
_o__execute_onexit_table
_o__free_base
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__malloc_base
_o__purecall
_o__register_onexit_function
_o__wcsdup
_o__wtof
_o__wtoi
_o_abort
_o_floor
_o_free
_o_malloc
_o_powf
_o_realloc
_o_setlocale
_o_terminate
_o_toupper
_o_wcstol
__CxxFrameHandler4
wcsstr
__std_terminate
wcsrchr
strchr
_CxxThrowException
__CxxFrameHandler3
__current_exception
__AdjustPointer
__processing_throw
__GetPlatformExceptionInfo
__C_specific_handler
_o____mb_cur_max_func
_o____lc_locale_name_func
_o____lc_collate_cp_func
_o____lc_codepage_func
_o__seh_filter_dll
memcmp
memcpy
memmove

api-ms-win-core-winrt-string-l1-1-0

WindowsIsStringEmpty
WindowsGetStringRawBuffer
WindowsGetStringLen
WindowsDuplicateString
WindowsDeleteString
WindowsCreateStringReference
WindowsCreateString
WindowsConcatString
WindowsCompareStringOrdinal

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo
RoFailFastWithErrorContext
RoOriginateError

api-ms-win-core-winrt-error-l1-1-1

RoReportUnhandledError

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-rtlsupport-l1-1-0

RtlPcToFileHeader
RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringEx
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-heap-l2-1-0

LocalAlloc

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 74KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tran/tran/app/short/wxmsw30u_core_gcc_custom.dll
.dll windows x64

2ee64642a31d3f6dd8e8ee571294a762

Code Sign

31:83:0c:37:0a:d7:e4:97:63:3b:6e:b3:a0:2d:69:e6
Certificate

Issuer

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Not Before

18-02-2022 00:00

Not After

17-02-2025 23:59

Subject

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

01-01-2004 00:00

Not After

31-12-2028 23:59

Subject

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

48:fc:93:b4:60:55:94:8d:36:a7:c9:8a:89:d6:94:16
Certificate

Issuer

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

25-05-2021 00:00

Not After

31-12-2028 23:59

Subject

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:1d:6d:0c:52:01:9e:3b:90:79:15:20:89:21:1c:0a
Certificate

Issuer

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

Not Before

22-03-2021 00:00

Not After

21-03-2036 23:59

Subject

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:cb:34:fd:3d:ff:12:11:33:9f:f0:7c:4b:21:57:c7
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

30-08-2022 00:00

Not After

29-08-2023 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

c3:fe:f0:2a:81:01:14:f0:12:0f:c2:d6:76:35:7c:48:7b:03:3a:b7:95:d8:b4:9a:14:e4:6f:0b:7e:a2:f2:da
Signer

Actual PE Digest

c3:fe:f0:2a:81:01:14:f0:12:0f:c2:d6:76:35:7c:48:7b:03:3a:b7:95:d8:b4:9a:14:e4:6f:0b:7e:a2:f2:da

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

19-09-2022 09:21
Valid: true

Chain 1

CN=Tim Kosse,O=Tim Kosse,ST=Nordrhein-Westfalen,C=DE

CN=Sectigo Public Code Signing CA R36,O=Sectigo Limited,C=GB

CN=Sectigo Public Code Signing Root R46,O=Sectigo Limited,C=GB

CN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GB

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

wxbase30u_gcc_custom

_Z10wxPathOnlyRK8wxString
_Z11wxDirExistsRK8wxString
_Z11wxGetLocalev
_Z12wxEntryStartRiPPw
_Z12wxExecuteDDERK8wxStringS1_S1_
_Z12wxFileExistsRK8wxString
_Z12wxRenameFileRK8wxStringS1_b
_Z12wxWakeUpIdlev
_Z13wxCRT_StrdupAPKc
_Z13wxGetFileKindP6_iobuf
_Z13wxGetUserHomeRK8wxString
_Z13wxLocaltime_rPKxP2tm
_Z13wxSetInstanceP11HINSTANCE__
_Z14wxEntryCleanupv
_Z14wxGetLocalTimev
_Z14wxGetOsVersionPiS_
_Z14wxNewEventTypev
_Z14wxSysErrorCodev
_Z15wxGetWinVersionv
_Z16wxIsAbsolutePathRK8wxString
_Z18wxFileNameFromPathPw
_Z18wxFileNameFromPathRK8wxString
_Z18wxLoadUserResourcePPKvPyRK8wxStringPKwP11HINSTANCE__
_Z18wxWakeUpMainThreadv
_Z19wxEncodingToCharset14wxFontEncoding
_Z19wxGet_wxConvLibcPtrv
_Z20wxGetLocalTimeMillisv
_Z20wxGet_wxConvLocalPtrv
_Z20wxIsWaitingForThreadv
_Z21wxSetWorkingDirectoryRK8wxString
_Z22wxGuiOwnedByMainThreadv
_Z22wxMutexGuiLeaveOrEnterv
_Z23wxEndsWithPathSeparatorRK8wxString
_Z26wxParseCommonDialogsFilterRK8wxStringR13wxArrayStringS3_
_Z7wxEntryRiPPw
_Z7wxMkdirRK8wxStringi
_Z7wxSplitRK8wxStringww
_Z8wxGetCwdv
_ZN10wxDateTime13TIME_T_FACTORE
_ZN10wxDateTime3SetERK2tm
_ZN10wxDateTime3SetEtNS_5MonthEitttt
_ZN10wxDateTime8GetTmNowEP2tm
_ZN10wxDateTime8TimeZoneC1ENS_2TZE
_ZN10wxFileName10FileExistsERK8wxString
_ZN10wxFileName5ClearEv
_ZN10wxFileName6AssignERK8wxString12wxPathFormat
_ZN10wxFileName6AssignERK8wxStringS2_12wxPathFormat
_ZN10wxFileName6AssignERKS_
_ZN10wxFileName7DirNameERK8wxString12wxPathFormat
_ZN10wxFileName9NormalizeEiRK8wxString12wxPathFormat
_ZN10wxFileName9SplitPathERK8wxStringPS0_S3_S3_12wxPathFormat
_ZN10wxFileTypeD1Ev
_ZN10wxLogChain11DoLogRecordEmRK8wxStringRK15wxLogRecordInfo
_ZN10wxLogChain5FlushEv
_ZN10wxLogChainD2Ev
_ZN11wxAppTraits21DoSimpleWaitForThreadEPv
_ZN11wxClassInfo8RegisterEv
_ZN11wxClassInfo8sm_firstE
_ZN11wxClassInfoD1Ev
_ZN11wxHashTable4NextEv
_ZN11wxIdleEvent11sm_idleModeE
_ZN11wxStopWatch5StartEl
_ZN11wxTimerImplC2EP7wxTimer
_ZN12wxEvtHandler10QueueEventEP7wxEvent
_ZN12wxEvtHandler12ProcessEventER7wxEvent
_ZN12wxEvtHandler12ms_classInfoE
_ZN12wxEvtHandler13sm_eventTableE
_ZN12wxEvtHandler15DoSetClientDataEPv
_ZN12wxEvtHandler16SearchEventTableER12wxEventTableR7wxEvent
_ZN12wxEvtHandler17DoSetClientObjectEP12wxClientData
_ZN12wxEvtHandler18SafelyProcessEventER7wxEvent
_ZN12wxEvtHandler19ProcessEventLocallyER7wxEvent
_ZN12wxEvtHandler6DoBindEiiiP14wxEventFunctorP8wxObject
_ZN12wxEvtHandler6UnlinkEv
_ZN12wxEvtHandler8DoUnbindEiiiRK14wxEventFunctorP8wxObject
_ZN12wxEvtHandler8TryAfterER7wxEvent
_ZN12wxEvtHandler9TryBeforeER7wxEvent
_ZN12wxEvtHandlerC2Ev
_ZN12wxEvtHandlerD2Ev
_ZN12wxFileSystem13URLToFileNameERK8wxString
_ZN12wxStringHash10stringHashEPKw
_ZN12wxTextBuffer11typeDefaultE
_ZN12wxTextBuffer6GetEOLE14wxTextFileType
_ZN12wxTextBuffer9TranslateERK8wxString14wxTextFileType
_ZN13wxArrayString4SortEPFiRK8wxStringS2_E
_ZN13wxInputStream4GetCEv
_ZN13wxInputStream5SeekIEx10wxSeekMode
_ZN13wxInputStream7ReadAllEPvy
_ZN14wxEventFunctorD2Ev
_ZN14wxFSVolumeBase10GetVolumesEii
_ZN14wxFSVolumeBaseC2ERK8wxString
_ZN14wxFormatString7AsWCharEv
_ZN14wxOutputStream8WriteAllEPKvy
_ZN14wxOutputStreamD2Ev
_ZN14wxPlatformInfo13GetPortIdNameE8wxPortIdb
_ZN14wxPlatformInfo3GetEv
_ZN14wxTranslations21GetUntranslatedStringERK8wxString
_ZN14wxTranslations3GetEv
_ZN15wxAppTraitsBase13MutexGuiEnterEv
_ZN15wxAppTraitsBase13MutexGuiLeaveEv
_ZN15wxAppTraitsBase16GetStandardPathsEv
_ZN15wxAppTraitsBase16ShowAssertDialogERK8wxString
_ZN15wxCmdLineParser19ConvertStringToArgsERK8wxString18wxCmdLineSplitType
_ZN15wxCmdLineParser7SetDescEPK18wxCmdLineEntryDesc
_ZN15wxEventLoopBase10WakeUpIdleEv
_ZN15wxEventLoopBase11ProcessIdleEv
_ZN15wxEventLoopBase13ms_activeLoopE
_ZN15wxEventLoopBase3RunEv
_ZN15wxEventLoopBase4ExitEi
_ZN15wxEventLoopBase5YieldEb
_ZN15wxEventLoopBase6OnExitEv
_ZN15wxEventLoopBase9SetActiveEPS_
_ZN15wxHashTableBase5ClearEv
_ZN15wxHashTableBase5DoPutERK8wxStringlPv
_ZN15wxHashTableBase5DoPutEllPv
_ZN15wxHashTableBase6CreateE9wxKeyTypey
_ZN15wxHashTableBase7DestroyEv
_ZN15wxHashTableBase7MakeKeyERK8wxString
_ZN15wxHashTableBase8DoDeleteERK8wxStringl
_ZN15wxHashTableBaseC2Ev
_ZN15wxLogInterposerC2Ev
_ZN15wxMessageOutput13DoPrintfWcharEPKwz
_ZN15wxSystemOptions12GetOptionIntERK8wxString
_ZN15wxSystemOptions9HasOptionERK8wxString
_ZN16wxAppConsoleBase10InitializeERiPPw
_ZN16wxAppConsoleBase10OnLaunchedEv
_ZN16wxAppConsoleBase10SetCLocaleEv
_ZN16wxAppConsoleBase10WakeUpIdleEv
_ZN16wxAppConsoleBase11FilterEventER7wxEvent
_ZN16wxAppConsoleBase11ProcessIdleEv
_ZN16wxAppConsoleBase12CreateTraitsEv
_ZN16wxAppConsoleBase12ExitMainLoopEv
_ZN16wxAppConsoleBase13OnCmdLineHelpER15wxCmdLineParser
_ZN16wxAppConsoleBase13OnInitCmdLineER15wxCmdLineParser
_ZN16wxAppConsoleBase14OnCmdLineErrorER15wxCmdLineParser
_ZN16wxAppConsoleBase14ms_appInstanceE
_ZN16wxAppConsoleBase15OnAssertFailureEPKwiS1_S1_S1_
_ZN16wxAppConsoleBase15OnCmdLineParsedER15wxCmdLineParser
_ZN16wxAppConsoleBase17CheckBuildOptionsEPKcS1_
_ZN16wxAppConsoleBase20DeletePendingObjectsEv
_ZN16wxAppConsoleBase20OnUnhandledExceptionEv
_ZN16wxAppConsoleBase20ProcessPendingEventsEv
_ZN16wxAppConsoleBase21OnExceptionInMainLoopEv
_ZN16wxAppConsoleBase4ExitEv
_ZN16wxAppConsoleBase5OnRunEv
_ZN16wxAppConsoleBase5YieldEb
_ZN16wxAppConsoleBase6OnExitEv
_ZN16wxAppConsoleBase6OnInitEv
_ZN16wxAppConsoleBase7CleanUpEv
_ZN16wxAppConsoleBase7PendingEv
_ZN16wxAppConsoleBase8DispatchEv
_ZN16wxAppConsoleBase8MainLoopEv
_ZN16wxAppConsoleBase8OnAssertEPKwiS1_S1_
_ZN16wxAppConsoleBase9GetTraitsEv
_ZN16wxAppConsoleBaseC2Ev
_ZN16wxAppConsoleBaseD2Ev
_ZN16wxDynamicLibrary12RawGetSymbolEP11HINSTANCE__RK8wxString
_ZN16wxDynamicLibrary22CanonicalizePluginNameERK8wxString16wxPluginCategory
_ZN16wxDynamicLibrary4LoadERK8wxStringi
_ZN16wxDynamicLibrary6UnloadEP11HINSTANCE__
_ZN16wxEventHashTableC1ERK12wxEventTable
_ZN16wxEventHashTableD1Ev
_ZN16wxFontMapperBase15GetEncodingNameE14wxFontEncoding
_ZN16wxFontMapperBase19GetEncodingFromNameERK8wxString
_ZN16wxFontMapperBase22GetEncodingDescriptionE14wxFontEncoding
_ZN16wxFontMapperBase31NonInteractiveCharsetToEncodingERK8wxString
_ZN16wxFontMapperBase3GetEv
_ZN16wxFontMapperBaseC2Ev
_ZN16wxFontMapperBaseD2Ev
_ZN17wxCriticalSection5EnterEv
_ZN17wxCriticalSection5LeaveEv
_ZN17wxCriticalSectionC1E21wxCriticalSectionType
_ZN17wxCriticalSectionD1Ev
_ZN17wxDataInputStream6Read32Ev
_ZN17wxEventLoopManual12ScheduleExitEi
_ZN17wxEventLoopManual5DoRunEv
_ZN17wxNumberFormatter10FromStringE8wxStringPd
_ZN17wxNumberFormatter10FromStringE8wxStringPx
_ZN17wxNumberFormatter19GetDecimalSeparatorEv
_ZN17wxNumberFormatter8ToStringEdii
_ZN17wxNumberFormatter8ToStringExi
_ZN17wxStringTokenizer12GetNextTokenEv
_ZN17wxStringTokenizer9SetStringERK8wxStringS2_21wxStringTokenizerMode
_ZN17wxStringTokenizerC1ERK8wxStringS2_21wxStringTokenizerMode
_ZN18wxDataOutputStream7Write32Ej
_ZN18wxFFileInputStreamC1ERK8wxStringS2_
_ZN18wxFFileInputStreamD1Ev
_ZN18wxMSWEventLoopBase14GetNextMessageEP6tagMSG
_ZN18wxMSWEventLoopBase21GetNextMessageTimeoutEP6tagMSGm
_ZN18wxMSWEventLoopBaseC2Ev
_ZN18wxMimeTypesManager23GetFileTypeFromMimeTypeERK8wxString
_ZN18wxMimeTypesManager24GetFileTypeFromExtensionERK8wxString
_ZN19wxEncodingConverter17GetAllEquivalentsE14wxFontEncoding
_ZN19wxFFileOutputStreamC1ERK8wxStringS2_
_ZN19wxFFileOutputStreamD1Ev
_ZN19wxMemoryInputStreamC1EPKvy
_ZN19wxMemoryInputStreamD1Ev
_ZN20wxMemoryOutputStreamC1EPvy
_ZN20wxMemoryOutputStreamD1Ev
_ZN21wxBufferedInputStreamC1ER13wxInputStreamP14wxStreamBuffer
_ZN21wxBufferedInputStreamD1Ev
_ZN21wxClientDataContainer15DoSetClientDataEPv
_ZN21wxClientDataContainer17DoSetClientObjectEP12wxClientData
_ZN21wxClientDataContainerC2Ev
_ZN21wxClientDataContainerD2Ev
_ZN21wxMemoryFSHandlerBase16CheckDoesntExistERK8wxString
_ZN21wxMemoryFSHandlerBase6m_HashE
_ZN21wxMemoryFSHandlerBase7CanOpenERK8wxString
_ZN21wxMemoryFSHandlerBase8FindNextEv
_ZN21wxMemoryFSHandlerBase8OpenFileER12wxFileSystemRK8wxString
_ZN21wxMemoryFSHandlerBase9FindFirstERK8wxStringi
_ZN21wxMemoryFSHandlerBaseD2Ev
_ZN22wxBufferedOutputStreamC1ER14wxOutputStreamP14wxStreamBuffer
_ZN22wxBufferedOutputStreamD1Ev
_ZN22wxCountingOutputStreamC1Ev
_ZN28_WX_LIST_HELPER_wxObjectList14DeleteFunctionEP8wxObject
_ZN28_WX_LIST_HELPER_wxObjectList9EmptyListB5cxx11E
_ZN5wxDir4OpenERK8wxString
_ZN5wxDir5CloseEv
_ZN5wxDirC1ERK8wxString
_ZN5wxLog11DoLogRecordEmRK8wxStringRK15wxLogRecordInfo
_ZN5wxLog11FlushActiveEv
_ZN5wxLog11ms_bVerboseE
_ZN5wxLog12ms_timestampE
_ZN5wxLog15ms_suspendCountE
_ZN5wxLog16DoLogTextAtLevelEmRK8wxString
_ZN5wxLog17GetComponentLevelE8wxString
_ZN5wxLog19EnableThreadLoggingEb
_ZN5wxLog21LogLastRepeatIfNeededEv
_ZN5wxLog22IsThreadLoggingEnabledEv
_ZN5wxLog5FlushEv
_ZN5wxLog5OnLogEmRK8wxStringRK15wxLogRecordInfo
_ZN5wxLog8ms_doLogE
_ZN5wxLog9DoLogTextERK8wxString
_ZN5wxLogD2Ev
_ZN5wxURIC1ERK8wxString
_ZN6wxFile4OpenERK8wxStringNS_8OpenModeEi
_ZN6wxFile5CloseEv
_ZN6wxFile5WriteEPKvy
_ZN6wxFile5WriteERK8wxStringRK8wxMBConv
_ZN6wxFile6CreateERK8wxStringbi
_ZN6wxFile6ExistsERK8wxString
_ZN6wxFileC1ERK8wxStringNS_8OpenModeE
_ZN7wxEvent12ms_classInfoE
_ZN7wxEventC2ERKS_
_ZN7wxEventC2Eii
_ZN7wxEventaSERKS_
_ZN7wxFFile5CloseEv
_ZN7wxFFile5WriteERK8wxStringRK8wxMBConv
_ZN7wxFFile7ReadAllEP8wxStringRK8wxMBConv
_ZN7wxFFileC1ERK8wxStringS2_
_ZN7wxTimer4InitEv
_ZN7wxTimer4StopEv
_ZN7wxTimer5StartEib
_ZN7wxTimer8SetOwnerEP12wxEvtHandleri
_ZN7wxTimerD1Ev
_ZN7wxTimerD2Ev
_ZN8wxLocale15GetLanguageInfoEi
_ZN8wxLocale17GetSystemLanguageEv
_ZN8wxMBConvD2Ev
_ZN8wxModule12ms_classInfoE
_ZN8wxObject12ms_classInfoE
_ZN8wxObject14AllocExclusiveEv
_ZN8wxObject3RefERKS_
_ZN8wxObject5UnRefEv
_ZN8wxRegKey4OpenENS_10AccessModeE
_ZN8wxRegKey7SetNameENS_6StdKeyERK8wxString
_ZN8wxRegKeyC1ENS_6StdKeyERK8wxStringNS_13WOW64ViewModeE
_ZN8wxRegKeyC1ERKS_RK8wxString
_ZN8wxRegKeyD1Ev
_ZN8wxString10ConvertStrEPKcyRK8wxMBConv
_ZN8wxString11FromCDoubleEdi
_ZN8wxString13DoFormatWcharEPKwz
_ZN8wxString13DoPrintfWcharEPKwz
_ZN8wxString4TrimEb
_ZN8wxString4nposE
_ZN8wxString7FormatVERKS_Pc
_ZN8wxString7ReplaceERKS_S1_b
_ZN8wxString8TruncateEy
_ZN8wxString9FromAsciiEPKc
_ZN8wxString9MakeLowerEv
_ZN8wxString9MakeUpperEv
_ZN8wxThread11TestDestroyEv
_ZN8wxThread12GetCurrentIdEv
_ZN8wxThread15ms_idMainThreadE
_ZN8wxThread3RunEv
_ZN8wxThread4WaitE12wxThreadWait
_ZN8wxThread6CreateEj
_ZN8wxThreadC2E12wxThreadKind
_ZN8wxThreadD2Ev
_ZN9wxPrivate18GetUntypedNullDataEv
_ZN9wxUniChar10FromHi8bitEc
_ZNK10wxDateTime6FormatERK8wxStringRKNS_8TimeZoneE
_ZNK10wxFileName10IsAbsoluteE12wxPathFormat
_ZNK10wxFileName11GetFullNameEv
_ZNK10wxFileName11GetFullPathE12wxPathFormat
_ZNK10wxFileName6SameAsERKS_12wxPathFormat
_ZNK10wxFileName7GetPathEi12wxPathFormat
_ZNK10wxFileType7GetIconEP14wxIconLocation
_ZNK11wxStopWatch11TimeInMicroEv
_ZNK12wxEvtHandler12GetClassInfoEv
_ZNK12wxEvtHandler13GetEventTableEv
_ZNK12wxEvtHandler15DoGetClientDataEv
_ZNK12wxEvtHandler17DoGetClientObjectEv
_ZNK12wxEvtHandler17GetEventHashTableEv
_ZNK12wxStreamBase7GetSizeEv
_ZNK13wxArrayString5IndexERK8wxStringbb
_ZNK13wxInputStream5TellIEv
_ZNK14wxFSVolumeBase7GetKindEv
_ZNK14wxFormatString15GetArgumentTypeEj
_ZNK14wxTranslations19GetTranslatedStringERK8wxStringS2_
_ZNK14wxTranslations19GetTranslatedStringERK8wxStringjS2_
_ZNK15wxHashTableBase5DoGetERK8wxStringl
_ZNK15wxHashTableBase5DoGetEll
_ZNK16wxAppConsoleBase11HandleEventEP12wxEvtHandlerMS0_FvR7wxEventES3_
_ZNK16wxAppConsoleBase13UsesEventLoopEv
_ZNK16wxAppConsoleBase16CallEventHandlerEP12wxEvtHandlerR14wxEventFunctorR7wxEvent
_ZNK16wxAppConsoleBase17GetAppDisplayNameEv
_ZNK16wxDynamicLibrary9GetSymbolERK8wxStringPb
_ZNK16wxLongLongNative8ToStringEv
_ZNK17wxStringTokenizer13HasMoreTokensEv
_ZNK18wxFFileInputStream4IsOkEv
_ZNK18wxMSWEventLoopBase7PendingEv
_ZNK19wxFFileOutputStream4IsOkEv
_ZNK19wxFileSystemHandler12GetClassInfoEv
_ZNK20wxArgNormalizerWcharIRK10wxCStrDataE3getEv
_ZNK20wxArgNormalizerWcharIRK8wxStringE3getEv
_ZNK20wxMemoryOutputStream6CopyToEPvy
_ZNK21wxClientDataContainer15DoGetClientDataEv
_ZNK21wxClientDataContainer17DoGetClientObjectEv
_ZNK5wxDir10HasSubDirsERK8wxString
_ZNK5wxDir7GetNextEP8wxString
_ZNK5wxDir8GetFirstEP8wxStringRKS0_i
_ZNK5wxDir8HasFilesERK8wxString
_ZNK5wxDir8IsOpenedEv
_ZNK7wxTimer9IsRunningEv
_ZNK8wxMBConv6cMB2WCEPKc
_ZNK8wxObject12CloneRefDataEPK12wxRefCounter
_ZNK8wxObject12GetClassInfoEv
_ZNK8wxObject13CreateRefDataEv
_ZNK8wxObject8IsKindOfEPK11wxClassInfo
_ZNK8wxRegKey10QueryValueERK8wxStringR14wxMemoryBuffer
_ZNK8wxRegKey17QueryDefaultValueEv
_ZNK8wxRegKey6ExistsEv
_ZNK8wxRegKey8HasValueERK8wxString
_ZNK8wxString10AfterFirstE9wxUniChar
_ZNK8wxString10BeforeLastE9wxUniCharPS_
_ZNK8wxString10StartsWithERKS_PS_
_ZNK8wxString11BeforeFirstE9wxUniCharPS_
_ZNK8wxString3MidEyy
_ZNK8wxString4FindE9wxUniCharb
_ZNK8wxString4LeftEy
_ZNK8wxString5RightEy
_ZNK8wxString5StripENS_9stripTypeE
_ZNK8wxString6AsCharERK8wxMBConv
_ZNK8wxString6ToLongEPli
_ZNK8wxString7IsAsciiEv
_ZNK8wxString7ToAsciiEv
_ZNK8wxString7ToULongEPmi
_ZNK8wxString7compareEPKw
_ZNK8wxString7compareERKS_
_ZNK8wxString7compareEyyPKcy
_ZNK8wxString8EndsWithERKS_PS_
_ZNK8wxString8IsSameAsE9wxUniCharb
_ZNK8wxString8ToDoubleEPd
_ZNK8wxString9AfterLastE9wxUniChar
_ZNK8wxString9CmpNoCaseERKS_
_ZNK8wxString9ToCDoubleEPd
_ZTV10wxConvAuto
_ZTV11wxHashTable
_ZTV11wxIdleEvent
_ZTV12wxMBConvUTF8
_ZTV12wxPowerEvent
_ZTV14wxLogFormatter
_ZTV14wxMSWTimerImpl
_ZTV15wxLogInterposer
_ZTV17wxStringTokenizer
_ZTV18wxMBConvStrictUTF8
_ZTV18wxStringClientData
_ZTV19wxMessageOutputBest
_ZTV20wxObjectEventFunctor
_ZTV22wxCountingOutputStream
_ZTV5wxLog
_ZTV5wxURI
_ZTV7wxTimer
_ZTV8wxModule
_ZTV8wxObject
_ZThn120_N16wxAppConsoleBase11FilterEventER7wxEvent
_Zpl9wxUniCharRK8wxString
_ZplPKcRK8wxString
_ZplPKwRK8wxString
_ZplRK8wxString9wxUniChar
_ZplRK8wxStringPKw
_ZplRK8wxStringS1_
wxConvCurrent
wxConvLibcPtr
wxConvLocalPtr
wxCreateHiddenWindow
wxDefaultDateTime
wxEVT_IDLE
wxEVT_NULL
wxEVT_POWER_RESUME
wxEVT_POWER_SUSPENDED
wxEVT_POWER_SUSPENDING
wxEVT_POWER_SUSPEND_CANCEL
wxEVT_TIMER
wxEmptyString
wxGetInstance
wxPendingDelete
wxTheMimeTypesManager

libpng16-16

png_create_info_struct
png_create_read_struct
png_create_write_struct
png_destroy_read_struct
png_destroy_write_struct
png_get_IHDR
png_get_PLTE
png_get_header_version
png_get_io_ptr
png_get_pHYs
png_get_valid
png_read_end
png_read_image
png_read_info
png_set_IHDR
png_set_PLTE
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_strategy
png_set_expand
png_set_filler
png_set_filter
png_set_pHYs
png_set_packing
png_set_read_fn
png_set_sBIT
png_set_shift
png_set_strip_16
png_set_tRNS
png_set_write_fn
png_write_end
png_write_info
png_write_rows

comctl32

CreateUpDownControl
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_Draw
ImageList_EndDrag
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_Remove
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetDragCursorImage
InitCommonControls

comdlg32

ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

gdi32

Arc
BitBlt
CloseEnhMetaFile
CombineRgn
CopyEnhMetaFileW
CreateBitmap
CreateBitmapIndirect
CreateCompatibleBitmap
CreateCompatibleDC
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateHatchBrush
CreateICW
CreatePalette
CreatePatternBrush
CreatePen
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
Ellipse
EnumFontFamiliesExW
EqualRgn
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtFloodFill
ExtSelectClipRgn
ExtTextOutW
GdiFlush
GetBkColor
GetCharABCWidthsW
GetClipBox
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetEnhMetaFileHeader
GetEnhMetaFileW
GetMetaFileBitsEx
GetNearestPaletteIndex
GetObjectType
GetObjectW
GetOutlineTextMetricsW
GetPaletteEntries
GetPixel
GetRegionData
GetRgnBox
GetStockObject
GetSystemPaletteEntries
GetTextExtentExPointW
GetTextExtentPoint32W
GetTextMetricsW
GetWinMetaFileBits
LineTo
MaskBlt
MoveToEx
OffsetRgn
Pie
PlayEnhMetaFile
PolyPolygon
Polygon
Polyline
PtInRegion
RealizePalette
RectInRegion
Rectangle
RoundRect
SelectClipRgn
SelectObject
SelectPalette
SetBkColor
SetBkMode
SetBrushOrgEx
SetLayout
SetMapMode
SetMetaFileBitsEx
SetPixel
SetPolyFillMode
SetROP2
SetStretchBltMode
SetTextColor
SetViewportExtEx
SetViewportOrgEx
SetWinMetaFileBits
SetWindowExtEx
SetWindowOrgEx
StretchBlt
StretchDIBits

kernel32

DeleteCriticalSection
EnterCriticalSection
FillConsoleOutputCharacterW
FreeConsole
FreeLibrary
GetCommandLineW
GetConsoleScreenBufferInfo
GetCurrentThreadId
GetFileAttributesW
GetLastError
GetProcessHeap
GetStdHandle
GetVersionExW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
HeapSize
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MulDiv
MultiByteToWideChar
ReadConsoleOutputCharacterA
SetConsoleCursorPosition
SetErrorMode
SetLastError
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleW

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_amsg_exit
_chdrive
_errno
_getdrive
_initterm
_lock
_setjmp
_time64
_unlock
_wstat64
abort
atoi
calloc
exit
fgetwc
fputc
free
fwrite
getc
islower
isspace
isupper
iswalnum
iswalpha
iswctype
iswdigit
iswprint
isxdigit
localeconv
malloc
memcmp
memcpy
memmove
memset
realloc
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strstr
strtol
strtoul
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
wcschr
wcscmp
wcscpy
wcsftime
wcslen
wcsncpy
wcstol
wcstoul
longjmp
_wcsdup

ole32

CoCreateInstance
CoLockObjectExternal
CoTaskMemAlloc
CoTaskMemFree
DoDragDrop
OleFlushClipboard
OleGetClipboard
OleInitialize
OleIsCurrentClipboard
OleSetClipboard
OleUninitialize
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop

oleaut32

SysAllocString
SysFreeString
SysReAllocString
SysStringLen

rpcrt4

RpcStringFreeW
UuidCreate
UuidFromStringW
UuidToStringW

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
DragQueryPoint
ExtractIconExW
ExtractIconW
SHBrowseForFolderW
SHGetFileInfoW
SHGetMalloc
SHGetPathFromIDListW
ShellExecuteExW

user32

AdjustWindowRectEx
AppendMenuW
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsW
CheckMenuItem
CheckMenuRadioItem
ChildWindowFromPoint
ChildWindowFromPointEx
ClientToScreen
CloseClipboard
CopyRect
CreateAcceleratorTableW
CreateCaret
CreateDialogIndirectParamW
CreateDialogParamW
CreateIconIndirect
CreateMenu
CreatePopupMenu
CreateWindowExW
DefWindowProcW
DeferWindowPos
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
DrawMenuBar
DrawStateW
DrawTextW
EmptyClipboard
EnableMenuItem
EnableScrollBar
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EnumClipboardFormats
EnumDisplaySettingsW
FillRect
FindWindowExW
FlashWindow
GetActiveWindow
GetAsyncKeyState
GetCapture
GetCaretBlinkTime
GetClassInfoW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardFormatNameW
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgItem
GetDoubleClickTime
GetFocus
GetIconInfo
GetKeyState
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoW
GetMenuState
GetMessagePos
GetMessageTime
GetMessageW
GetParent
GetScrollInfo
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetUpdateRgn
GetWindow
GetWindowDC
GetWindowLongPtrW
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
HideCaret
InflateRect
InsertMenuItemW
InsertMenuW
InvalidateRect
IsClipboardFormatAvailable
IsDialogMessageW
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
LoadAcceleratorsW
LoadBitmapW
LoadCursorFromFileW
LoadCursorW
LoadIconW
LoadImageW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxW
ModifyMenuW
MoveWindow
MsgWaitForMultipleObjects
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PtInRect
RedrawWindow
RegisterClassW
RegisterClipboardFormatW
RegisterHotKey
ReleaseCapture
ReleaseDC
RemoveMenu
ScreenToClient
ScrollWindow
SendMessageW
SetCapture
SetCaretBlinkTime
SetCaretPos
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetMenu
SetMenuItemInfoW
SetParent
SetRect
SetRectEmpty
SetScrollInfo
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCaret
ShowCursor
ShowWindow
SystemParametersInfoW
TrackPopupMenu
TranslateAcceleratorW
TranslateMessage
UnhookWindowsHookEx
UnionRect
UnregisterClassW
UnregisterHotKey
UpdateWindow
ValidateRect
ValidateRgn
VkKeyScanW
WindowFromPoint
keybd_event
mouse_event
wsprintfW

libgcc_s_seh-1

_Unwind_Resume

libstdc++-6

_ZNKSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE4findEPKwyy
_ZNKSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE4findEwy
_ZNKSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE5rfindEPKwyy
_ZNKSt8__detail20_Prime_rehash_policy11_M_next_bktEy
_ZNKSt8__detail20_Prime_rehash_policy14_M_need_rehashEyyy
_ZNSt15basic_streambufIcSt11char_traitsIcEE4syncEv
_ZNSt15basic_streambufIcSt11char_traitsIcEE5imbueERKSt6locale
_ZNSt15basic_streambufIcSt11char_traitsIcEE5uflowEv
_ZNSt15basic_streambufIcSt11char_traitsIcEE6setbufEPcx
_ZNSt15basic_streambufIcSt11char_traitsIcEE6xsgetnEPcx
_ZNSt15basic_streambufIcSt11char_traitsIcEE6xsputnEPKcx
_ZNSt15basic_streambufIcSt11char_traitsIcEE7seekoffExSt12_Ios_SeekdirSt13_Ios_Openmode
_ZNSt15basic_streambufIcSt11char_traitsIcEE7seekposESt4fposIiESt13_Ios_Openmode
_ZNSt15basic_streambufIcSt11char_traitsIcEE9pbackfailEi
_ZNSt15basic_streambufIcSt11char_traitsIcEE9showmanycEv
_ZNSt15basic_streambufIcSt11char_traitsIcEE9underflowEv
_ZNSt6localeC1Ev
_ZNSt6localeD1Ev
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE10_M_disposeEv
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE10_M_replaceEyyPKwy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE14_M_replace_auxEyyyw
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE4swapERS4_
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE7reserveEy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE8_M_eraseEyy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_appendEPKwy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_createERyy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9_M_mutateEyyPKwy
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE9push_backEw
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEC1ERKS4_
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEaSEOS4_
_ZNSt8__detail15_List_node_base7_M_hookEPS0_
_ZNSt8__detail15_List_node_base9_M_unhookEv
_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
_ZSt17__throw_bad_allocv
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt9terminatev
_ZTISt15basic_streambufIcSt11char_traitsIcEE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZdaPv
_ZdaPvy
_ZdlPvy
_Znay
_Znwy
__cxa_begin_catch
__cxa_end_catch
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_pure_virtual
__cxa_rethrow
__cxa_throw_bad_array_new_length
__gxx_personality_seh0

Exports

Exports

_Z10wxDrawLineP5HDC__iiii
_Z10wxToStringRK10wxFontBase
_Z10wxToStringRK12wxColourBase
_Z11wxIsStockIDi
_Z11wxSafeYieldP8wxWindowb
_Z11wxSetCursorRK8wxCursor
_Z12wxEntryStartP11HINSTANCE__S0_Pci
_Z12wxFromStringRK8wxStringP10wxFontBase
_Z12wxFromStringRK8wxStringP12wxColourBase
_Z12wxMessageBoxRK8wxStringS1_lP8wxWindowii
_Z13IsIidFromListRK5_GUIDPPS0_y
_Z13wxDirSelectorRK8wxStringS1_lRK7wxPointP8wxWindow
_Z13wxDisplaySizePiS_
_Z13wxFillLogFontP11tagLOGFONTWPK6wxFont
_Z13wxFindMaxSizeP6HWND__P7tagRECT
_Z13wxGetCharSizeP6HWND__PiS1_RK6wxFont
_Z13wxGetKeyState9wxKeyCode
_Z13wxGetWindowIdP6HWND__
_Z14wxDisplayDepthv
_Z14wxFileSelectorRK8wxStringS1_S1_S1_S1_iP8wxWindowii
_Z14wxGetHiconSizeP7HICON__
_Z14wxIsStockLabeliRK8wxString
_Z15wxColourDisplayv
_Z15wxDisplaySizeMMPiS_
_Z15wxEndBusyCursorv
_Z15wxGetDisplayPPIv
_Z15wxGetMouseStatev
_Z15wxGetStockLabelil
_Z15wxGetWindowTextP6HWND__
_Z15wxOpenClipboardv
_Z15wxYieldIfNeededv
_Z16wxCloseClipboardv
_Z16wxEmptyClipboardv
_Z16wxFileSelectorExRK8wxStringS1_S1_PiS1_iP8wxWindowii
_Z16wxFindMenuItemIdP7wxFrameRK8wxStringS3_
_Z16wxGetDisplaySizev
_Z16wxGetWindowClassP6HWND__
_Z16wxInfoMessageBoxP8wxWindow
_Z16wxIsDragResultOk12wxDragResult
_Z16wxStripMenuCodesRK8wxStringi
_Z17wxBeginBusyCursorPK8wxCursor
_Z17wxGetActiveWindowv
_Z17wxGetCursorPosMSWP8tagPOINT
_Z17wxGetFontFromUserP8wxWindowRK6wxFontRK8wxString
_Z17wxGetTextFromUserRK8wxStringS1_S1_P8wxWindowiib
_Z17wxSetFocusToChildP8wxWindowPS0_
_Z18wxDeleteStockListsv
_Z18wxFindWindowByNameRK8wxStringP8wxWindow
_Z18wxGetClipboardData12wxDataFormatPl
_Z18wxGetDisplaySizeMMv
_Z18wxGetMousePositionPiS_
_Z18wxGetMousePositionv
_Z18wxLoadFileSelectorRK8wxStringS1_S1_P8wxWindow
_Z18wxSaveFileSelectorRK8wxStringS1_S1_P8wxWindow
_Z18wxSetClipboardData12wxDataFormatPKvii
_Z18wxTestFontEncodingRK20wxNativeEncodingInfo
_Z19wxCheckForInterruptP8wxWindow
_Z19wxClientDisplayRectPiS_S_S_
_Z19wxFindWinFromHandleP6HWND__
_Z19wxFindWindowAtPointRK7wxPoint
_Z19wxFindWindowByLabelRK8wxStringP8wxWindow
_Z19wxGetTopLevelParentP8wxWindow
_Z19wxGetWindowFromHWNDP6HWND__
_Z19wxIsClipboardOpenedv
_Z20wxCheckWindowWndProcP6HWND__PFivE
_Z20wxConvertStringToOleRK8wxString
_Z20wxGetStockHelpStringi23wxStockHelpStringClient
_Z21wxFindFocusDescendantP8wxWindow
_Z21wxFindWindowAtPointerR7wxPoint
_Z21wxGetPasswordFromUserRK8wxStringS1_S1_P8wxWindowiib
_Z21wxGetStockAcceleratori
_Z21wxMSWGetColumnClickedP8tagNMHDRP8tagPOINT
_Z22wxConvertStringFromOlePw
_Z22wxEnumClipboardFormats12wxDataFormat
_Z22wxGetClientDisplayRectv
_Z22wxInitAllImageHandlersv
_Z22wxInitializeStockListsv
_Z22wxLaunchDefaultBrowserRK8wxStringi
_Z23wxCreateFontFromLogFontPK11tagLOGFONTW
_Z23wxEnableTopLevelWindowsb
_Z23wxGetFontEncFromCharSeti
_Z23wxGetLibraryVersionInfov
_Z23wxGetNativeFontEncoding14wxFontEncodingP20wxNativeEncodingInfo
_Z24wxGetClipboardFormatName12wxDataFormatPwi
_Z25wxRegisterClipboardFormatPw
_Z25wxSetDetectableAutoRepeatb
_Z26wxGenericFindWindowAtPointRK7wxPoint
_Z26wxLaunchDefaultApplicationRK8wxStringi
_Z28wxIsClipboardFormatAvailable12wxDataFormat
_Z31wxMSWDisableSettingHighDPIAwarev
_Z6wxBellv
_Z7wxEntryP11HINSTANCE__S0_Pci
_Z7wxYieldv
_Z8wxIsBusyv
_Z9wxWndProcP6HWND__jyx
_ZN10wxBoxSizer11RecalcSizesEv
_ZN10wxBoxSizer12ms_classInfoE
_ZN10wxBoxSizer7CalcMinEv
_ZN10wxBoxSizer9AddSpacerEi
_ZN10wxBusyInfoC1ERK8wxStringP8wxWindow
_ZN10wxBusyInfoC2ERK8wxStringP8wxWindow
_ZN10wxBusyInfoD0Ev
_ZN10wxBusyInfoD1Ev
_ZN10wxBusyInfoD2Ev
_ZN10wxCheckBox10MSWCommandEjt
_ZN10wxCheckBox11OnMouseLeftER12wxMouseEvent
_ZN10wxCheckBox12ms_classInfoE
_ZN10wxCheckBox14wxCreateObjectEv
_ZN10wxCheckBox16DoSet3StateValueE15wxCheckBoxState
_ZN10wxCheckBox17MSWMakeOwnerDrawnEb
_ZN10wxCheckBox19OnMouseEnterOrLeaveER12wxMouseEvent
_ZN10wxCheckBox19SetForegroundColourERK8wxColour
_ZN10wxCheckBox4InitEv
_ZN10wxCheckBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizelRK11wxValidatorS4_
_ZN10wxCheckBox7CommandER14wxCommandEvent
_ZN10wxCheckBox7OnFocusER12wxFocusEvent
_ZN10wxCheckBox8SetLabelERK8wxString
_ZN10wxCheckBox8SetValueEb
_ZN10wxCheckBox9MSWOnDrawEPPv
_ZN10wxClientDC12ms_classInfoE
_ZN10wxClientDCC1EP8wxWindow
_ZN10wxClientDCC2EP8wxWindow
_ZN10wxComboBox10MSWCommandEjt
_ZN10wxComboBox11OnSelectAllER14wxCommandEvent
_ZN10wxComboBox11OnUpdateCutER15wxUpdateUIEvent
_ZN10wxComboBox12DoSetToolTipEP9wxToolTip
_ZN10wxComboBox12OnUpdateCopyER15wxUpdateUIEvent
_ZN10wxComboBox12OnUpdateRedoER15wxUpdateUIEvent
_ZN10wxComboBox12OnUpdateUndoER15wxUpdateUIEvent
_ZN10wxComboBox12ms_classInfoE
_ZN10wxComboBox13MSWWindowProcEjyx
_ZN10wxComboBox13OnUpdatePasteER15wxUpdateUIEvent
_ZN10wxComboBox13sm_eventTableE
_ZN10wxComboBox14OnUpdateDeleteER15wxUpdateUIEvent
_ZN10wxComboBox14wxCreateObjectEv
_ZN10wxComboBox17GetEditableWindowEv
_ZN10wxComboBox17MSWProcessEditMsgEjyx
_ZN10wxComboBox17OnUpdateSelectAllER15wxUpdateUIEvent
_ZN10wxComboBox17sm_eventHashTableE
_ZN10wxComboBox20sm_eventTableEntriesE
_ZN10wxComboBox26MSWShouldPreProcessMessageEP6tagMSG
_ZN10wxComboBox5ClearEv
_ZN10wxComboBox5OnCutER14wxCommandEvent
_ZN10wxComboBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeRK13wxArrayStringlRK11wxValidatorS4_
_ZN10wxComboBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeiPS3_lRK11wxValidatorS4_
_ZN10wxComboBox6OnCopyER14wxCommandEvent
_ZN10wxComboBox6OnRedoER14wxCommandEvent
_ZN10wxComboBox6OnUndoER14wxCommandEvent
_ZN10wxComboBox7OnPasteER14wxCommandEvent
_ZN10wxComboBox7SetHintERK8wxString
_ZN10wxComboBox8OnDeleteER14wxCommandEvent
_ZN10wxComboBox8SetValueERK8wxString
_ZN10wxFSVolume9InitIconsEv
_ZN10wxFileData10SetNewNameERK8wxStringS2_
_ZN10wxFileData4CopyERKS_
_ZN10wxFileData4InitEv
_ZN10wxFileData8MakeItemER10wxListItem
_ZN10wxFileData8ReadDataEv
_ZN10wxFileDataC1ERK8wxStringS2_NS_8fileTypeEi
_ZN10wxFileDataC2ERK8wxStringS2_NS_8fileTypeEi
_ZN10wxFontBase11SetFaceNameERK8wxString
_ZN10wxFontBase12SetPixelSizeERK6wxSize
_ZN10wxFontBase15SetSymbolicSizeE18wxFontSymbolicSize
_ZN10wxFontBase17SetNativeFontInfoERK8wxString
_ZN10wxFontBase18SetDefaultEncodingE14wxFontEncoding
_ZN10wxFontBase18ms_encodingDefaultE
_ZN10wxFontBase19DoSetNativeFontInfoERK16wxNativeFontInfo
_ZN10wxFontBase20AdjustToSymbolicSizeE18wxFontSymbolicSizei
_ZN10wxFontBase25SetNativeFontInfoUserDescERK8wxString
_ZN10wxFontBase3NewERK16wxNativeFontInfo
_ZN10wxFontBase3NewERK6wxSize12wxFontFamily11wxFontStyle12wxFontWeightbRK8wxString14wxFontEncoding
_ZN10wxFontBase3NewERK6wxSize12wxFontFamilyiRK8wxString14wxFontEncoding
_ZN10wxFontBase3NewERK8wxString
_ZN10wxFontBase3NewEi12wxFontFamily11wxFontStyle12wxFontWeightbRK8wxString14wxFontEncoding
_ZN10wxFontBase3NewEi12wxFontFamilyiRK8wxString14wxFontEncoding
_ZN10wxFontBaseD0Ev
_ZN10wxFontBaseD1Ev
_ZN10wxFontBaseD2Ev
_ZN10wxFontData12ms_classInfoE
_ZN10wxFontData14wxCreateObjectEv
_ZN10wxFontDataC1ERKS_
_ZN10wxFontDataC1Ev
_ZN10wxFontDataC2ERKS_
_ZN10wxFontDataC2Ev
_ZN10wxFontDataD0Ev
_ZN10wxFontDataD1Ev
_ZN10wxFontDataD2Ev
_ZN10wxFontDataaSERKS_
_ZN10wxFontList16FindOrCreateFontEi12wxFontFamily11wxFontStyle12wxFontWeightbRK8wxString14wxFontEncoding
_ZN10wxGCDCImpl10DoDrawIconERK6wxIconii
_ZN10wxGCDCImpl10DoDrawLineEiiii
_ZN10wxGCDCImpl10DoDrawTextERK8wxStringii
_ZN10wxGCDCImpl10SetPaletteERK9wxPalette
_ZN10wxGCDCImpl11DoCrossHairEii
_ZN10wxGCDCImpl11DoDrawLinesEiPK7wxPointii
_ZN10wxGCDCImpl11DoDrawPointEii
_ZN10wxGCDCImpl11DoFloodFillEiiRK8wxColour16wxFloodFillStyle
_ZN10wxGCDCImpl12DoDrawBitmapERK8wxBitmapiib
_ZN10wxGCDCImpl12ms_classInfoE
_ZN10wxGCDCImpl13DoDrawEllipseEiiii
_ZN10wxGCDCImpl13DoDrawPolygonEiPK7wxPointii17wxPolygonFillMode
_ZN10wxGCDCImpl13DoStretchBlitEiiiiP4wxDCiiii21wxRasterOperationModebii
_ZN10wxGCDCImpl13SetBackgroundERK7wxBrush
_ZN10wxGCDCImpl15DoDrawCheckMarkEiiii
_ZN10wxGCDCImpl15DoDrawRectangleEiiii
_ZN10wxGCDCImpl17DoDrawEllipticArcEiiiidd
_ZN10wxGCDCImpl17DoDrawPolyPolygonEiPKiPK7wxPointii17wxPolygonFillMode
_ZN10wxGCDCImpl17DoDrawRotatedTextERK8wxStringiid
_ZN10wxGCDCImpl17SetBackgroundModeEi
_ZN10wxGCDCImpl17SetTextBackgroundERK8wxColour
_ZN10wxGCDCImpl17SetTextForegroundERK8wxColour
_ZN10wxGCDCImpl18SetGraphicsContextEP17wxGraphicsContext
_ZN10wxGCDCImpl18SetLogicalFunctionE21wxRasterOperationMode
_ZN10wxGCDCImpl19DoSetClippingRegionEiiii
_ZN10wxGCDCImpl20DoGradientFillLinearERK6wxRectRK8wxColourS5_11wxDirection
_ZN10wxGCDCImpl21ComputeScaleAndOriginEv
_ZN10wxGCDCImpl21DestroyClippingRegionEv
_ZN10wxGCDCImpl22DoDrawRoundedRectangleEiiiid
_ZN10wxGCDCImpl24DoGradientFillConcentricERK6wxRectRK8wxColourS5_RK7wxPoint
_ZN10wxGCDCImpl25DoSetDeviceClippingRegionERK8wxRegion
_ZN10wxGCDCImpl4InitEP17wxGraphicsContext
_ZN10wxGCDCImpl5ClearEv
_ZN10wxGCDCImpl5FlushEv
_ZN10wxGCDCImpl6DoBlitEiiiiP4wxDCii21wxRasterOperationModebii
_ZN10wxGCDCImpl6EndDocEv
_ZN10wxGCDCImpl6SetPenERK5wxPen
_ZN10wxGCDCImpl7EndPageEv
_ZN10wxGCDCImpl7SetFontERK6wxFont
_ZN10wxGCDCImpl8SetBrushERK7wxBrush
_ZN10wxGCDCImpl8StartDocERK8wxString
_ZN10wxGCDCImpl9DoDrawArcEiiiiii
_ZN10wxGCDCImpl9StartPageEv
_ZN10wxGCDCImplC1EP4wxDC
_ZN10wxGCDCImplC1EP4wxDCRK10wxMemoryDC
_ZN10wxGCDCImplC1EP4wxDCRK10wxWindowDC
_ZN10wxGCDCImplC1EP4wxDCRK15wxEnhMetaFileDC
_ZN10wxGCDCImplC1EP4wxDCi
_ZN10wxGCDCImplC2EP4wxDC
_ZN10wxGCDCImplC2EP4wxDCRK10wxMemoryDC
_ZN10wxGCDCImplC2EP4wxDCRK10wxWindowDC
_ZN10wxGCDCImplC2EP4wxDCRK15wxEnhMetaFileDC
_ZN10wxGCDCImplC2EP4wxDCi
_ZN10wxGCDCImplD0Ev
_ZN10wxGCDCImplD1Ev
_ZN10wxGCDCImplD2Ev
_ZN10wxGDIImage10AddHandlerEP17wxGDIImageHandler
_ZN10wxGDIImage11FindHandlerERK8wxString
_ZN10wxGDIImage11FindHandlerERK8wxStringl
_ZN10wxGDIImage11FindHandlerEl
_ZN10wxGDIImage11ms_handlersE
_ZN10wxGDIImage12FreeResourceEb
_ZN10wxGDIImage13InsertHandlerEP17wxGDIImageHandler
_ZN10wxGDIImage13RemoveHandlerERK8wxString
_ZN10wxGDIImage15CleanUpHandlersEv
_ZN10wxGDIImage20InitStandardHandlersEv
_ZN10wxKeyEvent12ms_classInfoE
_ZN10wxKeyEvent14wxCreateObjectEv
_ZN10wxKeyEventC1ERKS_
_ZN10wxKeyEventC1Ei
_ZN10wxKeyEventC1EiRKS_
_ZN10wxKeyEventC2ERKS_
_ZN10wxKeyEventC2Ei
_ZN10wxKeyEventC2EiRKS_
_ZN10wxListCtrl10DeleteItemEl
_ZN10wxListCtrl10InsertItemERK10wxListItem
_ZN10wxListCtrl10InsertItemElRK8wxString
_ZN10wxListCtrl10InsertItemElRK8wxStringi
_ZN10wxListCtrl10InsertItemEli
_ZN10wxListCtrl10MSWCommandEjt
_ZN10wxListCtrl10OnCharHookER10wxKeyEvent
_ZN10wxListCtrl10ScrollListEii
_ZN10wxListCtrl11MSWOnNotifyEixPx
_ZN10wxListCtrl11RefreshItemEl
_ZN10wxListCtrl11SetItemFontElRK6wxFont
_ZN10wxListCtrl11SetItemTextElRK8wxString
_ZN10wxListCtrl11UpdateStyleEv
_ZN10wxListCtrl12DeleteColumnEi
_ZN10wxListCtrl12EndEditLabelEb
_ZN10wxListCtrl12OnCustomDrawEx
_ZN10wxListCtrl12RefreshItemsEll
_ZN10wxListCtrl12SetImageListEP11wxImageListi
_ZN10wxListCtrl12SetItemCountEl
_ZN10wxListCtrl12SetItemImageElii
_ZN10wxListCtrl12SetItemStateElll
_ZN10wxListCtrl12ms_classInfoE
_ZN10wxListCtrl13EnsureVisibleEl
_ZN10wxListCtrl13MSWWindowProcEjyx
_ZN10wxListCtrl13SetTextColourERK8wxColour
_ZN10wxListCtrl13sm_eventTableE
_ZN10wxListCtrl14DeleteAllItemsEv
_ZN10wxListCtrl14DoInsertColumnElRK10wxListItem
_ZN10wxListCtrl14SetColumnWidthEii
_ZN10wxListCtrl14SetItemPtrDataEly
_ZN10wxListCtrl14SetSingleStyleElb
_ZN10wxListCtrl14wxCreateObjectEv
_ZN10wxListCtrl15AssignImageListEP11wxImageListi
_ZN10wxListCtrl15InitEditControlEP6HWND__
_ZN10wxListCtrl15SetColumnsOrderERK10wxArrayInt
_ZN10wxListCtrl15SetItemPositionElRK7wxPoint
_ZN10wxListCtrl16DeleteAllColumnsEv
_ZN10wxListCtrl17DeleteEditControlEv
_ZN10wxListCtrl17SetItemTextColourElRK8wxColour
_ZN10wxListCtrl17sm_eventHashTableE
_ZN10wxListCtrl18MSWSetExListStylesEv
_ZN10wxListCtrl18SetItemColumnImageElli
_ZN10wxListCtrl18SetWindowStyleFlagEl
_ZN10wxListCtrl19FreeAllInternalDataEv
_ZN10wxListCtrl19SetBackgroundColourERK8wxColour
_ZN10wxListCtrl19SetForegroundColourERK8wxColour
_ZN10wxListCtrl20sm_eventTableEntriesE
_ZN10wxListCtrl23SetItemBackgroundColourElRK8wxColour
_ZN10wxListCtrl25GetClassDefaultAttributesE15wxWindowVariant
_ZN10wxListCtrl26MSWShouldPreProcessMessageEP6tagMSG
_ZN10wxListCtrl4InitEv
_ZN10wxListCtrl6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK11wxValidatorRK8wxString
_ZN10wxListCtrl7ArrangeEi
_ZN10wxListCtrl7OnPaintER12wxPaintEvent
_ZN10wxListCtrl7SetItemER10wxListItem
_ZN10wxListCtrl7SetItemEliRK8wxStringi
_ZN10wxListCtrl8ClearAllEv
_ZN10wxListCtrl8FindItemElRK7wxPointi
_ZN10wxListCtrl8FindItemElRK8wxStringb
_ZN10wxListCtrl8FindItemEly
_ZN10wxListCtrl9EditLabelElP11wxClassInfo
_ZN10wxListCtrl9SetColumnEiRK10wxListItem
_ZN10wxListCtrl9SortItemsEPFixxxEx
_ZN10wxListCtrlD0Ev
_ZN10wxListCtrlD1Ev
_ZN10wxListCtrlD2Ev
_ZN10wxListItem12ms_classInfoE
_ZN10wxListItem14wxCreateObjectEv
_ZN10wxListView12ms_classInfoE
_ZN10wxListView14wxCreateObjectEv
_ZN10wxListbook10InsertPageEyP8wxWindowRK8wxStringbi
_ZN10wxListbook10UpdateSizeEv
_ZN10wxListbook11SetPageTextEyRK8wxString
_ZN10wxListbook12DoRemovePageEy
_ZN10wxListbook12SetImageListEP11wxImageList
_ZN10wxListbook12SetPageImageEyi
_ZN10wxListbook12ms_classInfoE
_ZN10wxListbook13sm_eventTableE
_ZN10wxListbook14DeleteAllPagesEv
_ZN10wxListbook14OnListSelectedER11wxListEvent
_ZN10wxListbook14wxCreateObjectEv
_ZN10wxListbook16MakeChangedEventER15wxBookCtrlEvent
_ZN10wxListbook17sm_eventHashTableE
_ZN10wxListbook18UpdateSelectedPageEy
_ZN10wxListbook20sm_eventTableEntriesE
_ZN10wxListbook6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN10wxListbook6OnSizeER11wxSizeEvent
_ZN10wxMSGArray3AddERK6tagMSGy
_ZN10wxMSGArray6DoCopyERKS_
_ZN10wxMSGArray6InsertERK6tagMSGyy
_ZN10wxMSGArray7DoEmptyEv
_ZN10wxMSGArray8RemoveAtEyy
_ZN10wxMSGArrayC1ERKS_
_ZN10wxMSGArrayC2ERKS_
_ZN10wxMSGArrayD1Ev
_ZN10wxMSGArrayD2Ev
_ZN10wxMSGArrayaSERKS_
_ZN10wxMaskBase6CreateERK8wxBitmap
_ZN10wxMaskBase6CreateERK8wxBitmapRK8wxColour
_ZN10wxMaskBase6CreateERK8wxBitmapi
_ZN10wxMemoryDC12SelectObjectER8wxBitmap
_ZN10wxMemoryDC12ms_classInfoE
_ZN10wxMemoryDC14wxCreateObjectEv
_ZN10wxMemoryDC17GetSelectedBitmapEv
_ZN10wxMemoryDC20SelectObjectAsSourceERK8wxBitmap
_ZN10wxMemoryDCC1EP4wxDC
_ZN10wxMemoryDCC1ER8wxBitmap
_ZN10wxMemoryDCC1Ev
_ZN10wxMemoryDCC2EP4wxDC
_ZN10wxMemoryDCC2ER8wxBitmap
_ZN10wxMemoryDCC2Ev
_ZN10wxMenuBase10AddSubMenuEP6wxMenu
_ZN10wxMenuBase13SetHelpStringEiRK8wxString
_ZN10wxMenuBase17SetInvokingWindowEP8wxWindow
_ZN10wxMenuBase4InitEl
_ZN10wxMenuBase5CheckEib
_ZN10wxMenuBase6AttachEP13wxMenuBarBase
_ZN10wxMenuBase6DeleteEP10wxMenuItem
_ZN10wxMenuBase6DetachEv
_ZN10wxMenuBase6EnableEib
_ZN10wxMenuBase6InsertEyP10wxMenuItem
_ZN10wxMenuBase6RemoveEP10wxMenuItem
_ZN10wxMenuBase7DestroyEP10wxMenuItem
_ZN10wxMenuBase8DoAppendEP10wxMenuItem
_ZN10wxMenuBase8DoDeleteEP10wxMenuItem
_ZN10wxMenuBase8DoInsertEyP10wxMenuItem
_ZN10wxMenuBase8DoRemoveEP10wxMenuItem
_ZN10wxMenuBase8SetLabelEiRK8wxString
_ZN10wxMenuBase8UpdateUIEP12wxEvtHandler
_ZN10wxMenuBase9DoDestroyEP10wxMenuItem
_ZN10wxMenuBase9SendEventEii
_ZN10wxMenuBase9ms_lockedE
_ZN10wxMenuBaseD0Ev
_ZN10wxMenuBaseD1Ev
_ZN10wxMenuBaseD2Ev
_ZN10wxMenuItem10OnDrawItemER4wxDCRK6wxRectN16wxOwnerDrawnBase10wxODActionENS5_10wxODStatusE
_ZN10wxMenuItem12SetItemLabelERK8wxString
_ZN10wxMenuItem12ms_classInfoE
_ZN10wxMenuItem13OnMeasureItemEPyS0_
_ZN10wxMenuItem14wxCreateObjectEv
_ZN10wxMenuItem16DrawStdCheckMarkEP5HDC__PK7tagRECTN16wxOwnerDrawnBase10wxODStatusE
_ZN10wxMenuItem4InitEv
_ZN10wxMenuItem5CheckEb
_ZN10wxMenuItem6EnableEb
_ZN10wxMenuItemC1EP6wxMenuiRK8wxStringS4_10wxItemKindS1_
_ZN10wxMenuItemC2EP6wxMenuiRK8wxStringS4_10wxItemKindS1_
_ZN10wxMenuItemD0Ev
_ZN10wxMenuItemD1Ev
_ZN10wxMenuItemD2Ev
_ZN10wxNotebook10InsertPageEyP8wxWindowRK8wxStringbi
_ZN10wxNotebook10SetPaddingERK6wxSize
_ZN10wxNotebook10SetTabSizeERK6wxSize
_ZN10wxNotebook11MSWOnNotifyEixPx
_ZN10wxNotebook11MSWOnScrollEittP6HWND__
_ZN10wxNotebook11SetPageSizeERK6wxSize
_ZN10wxNotebook11SetPageTextEyRK8wxString
_ZN10wxNotebook12DoRemovePageEy
_ZN10wxNotebook12SetImageListEP11wxImageList
_ZN10wxNotebook12SetPageImageEyi
_ZN10wxNotebook12SetSelectionEy
_ZN10wxNotebook12ms_classInfoE
_ZN10wxNotebook13MSWPrintChildEP5HDC__P8wxWindow
_ZN10wxNotebook13QueryBgBitmapEv
_ZN10wxNotebook13UpdateBgBrushEv
_ZN10wxNotebook13sm_eventTableE
_ZN10wxNotebook14AdjustPageSizeEP8wxWindow
_ZN10wxNotebook14DeleteAllPagesEv
_ZN10wxNotebook14wxCreateObjectEv
_ZN10wxNotebook15ChangeSelectionEy
_ZN10wxNotebook15OnNavigationKeyER20wxNavigationKeyEvent
_ZN10wxNotebook15UpdateSelectionEi
_ZN10wxNotebook16DoDrawBackgroundEP5HDC__P8wxWindow
_ZN10wxNotebook17OnEraseBackgroundER12wxEraseEvent
_ZN10wxNotebook17sm_eventHashTableE
_ZN10wxNotebook20sm_eventTableEntriesE
_ZN10wxNotebook4InitEv
_ZN10wxNotebook6CreateEP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN10wxNotebook6OnSizeER11wxSizeEvent
_ZN10wxNotebook7OnPaintER12wxPaintEvent
_ZN10wxNotebookC1EP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN10wxNotebookC1Ev
_ZN10wxNotebookC2EP8wxWindowiRK7wxPointRK6wxSizelRK8wxString
_ZN10wxNotebookC2Ev
_ZN10wxNotebookD0Ev
_ZN10wxNotebookD1Ev
_ZN10wxNotebookD2Ev
_ZN10wxQuantize10DoQuantizeEjjPPhS1_S0_i
_ZN10wxQuantize12ms_classInfoE
_ZN10wxQuantize14wxCreateObjectEv
_ZN10wxQuantize8QuantizeERK7wxImageRS0_PP9wxPaletteiPPhi
_ZN10wxQuantize8QuantizeERK7wxImageRS0_iPPhi
_ZN10wxRadioBox10MSWCommandEjt
_ZN10wxRadioBox12DoMoveWindowEiiii
_ZN10wxRadioBox12SetSelectionEi
_ZN10wxRadioBox12ms_classInfoE
_ZN10wxRadioBox14wxCreateObjectEv
_ZN10wxRadioBox16DoSetItemToolTipEjP9wxToolTip
_ZN10wxRadioBox18PositionAllButtonsEiiii
_ZN10wxRadioBox19SubclassRadioButtonEP6HWND__
_ZN10wxRadioBox21SendNotificationEventEv
_ZN10wxRadioBox22GetFromRadioButtonHWNDEP6HWND__
_ZN10wxRadioBox27MSWGetRegionWithoutChildrenEv
_ZN10wxRadioBox4InitEv
_ZN10wxRadioBox4ShowEb
_ZN10wxRadioBox4ShowEjb
_ZN10wxRadioBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeRK13wxArrayStringilRK11wxValidatorS4_
_ZN10wxRadioBox6CreateEP8wxWindowiRK8wxStringRK7wxPointRK6wxSizeiPS3_ilRK11wxValidatorS4_
_ZN10wxRadioBox6EnableEb
_ZN10wxRadioBox6EnableEjb
_ZN10wxRadioBox7CommandER14wxCommandEvent
_ZN10wxRadioBox7SetFontERK6wxFont
_ZN10wxRadioBox8ReparentEP12wxWindowBase
_ZN10wxRadioBox8SetFocusEv
_ZN10wxRadioBox9DoSetSizeEiiiii
_ZN10wxRadioBox9SetStringEjRK8wxString
_ZN10wxRadioBoxD0Ev
_ZN10wxRadioBoxD1Ev
_ZN10wxRadioBoxD2Ev
_ZN10wxScreenDC12ms_classInfoE
_ZN10wxScreenDC14wxCreateObjectEv
_ZN10wxScreenDCC1Ev
_ZN10wxScreenDCC2Ev
_ZN10wxSpinCtrl10OnSetFocusER12wxFocusEvent
_ZN10wxSpinCtrl11MSWOnNotifyEixPx
_ZN10wxSpinCtrl11MSWOnScrollEittP6HWND__
_ZN10wxSpinCtrl11OnKillFocusER12wxFocusEvent
_ZN10wxSpinCtrl12DoMoveWindowEiiii
_ZN10wxSpinCtrl12DoSetToolTipEP9wxToolTip
_ZN10wxSpinCtrl12SetSelectionEll
_ZN10wxSpinCtrl12ms_classInfoE
_ZN10wxSpinCtrl13sm_eventTableE
_ZN10wxSpinCtrl14NormalizeValueEv
_ZN10wxSpinCtrl14SendSpinUpdateEi
_ZN10wxSpinCtrl14wxCreateObjectEv
_ZN10wxSpinCtrl16UpdateBuddyStyleEv
_ZN10wxSpinCtrl17sm_eventHashTableE
_ZN10wxSpinCtrl18GetSpinForTextCtrlEP6HWND__

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 207KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 573KB - Virtual size: 573KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 194KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 318KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2040

Password: 2040

4cea7ae85c87ddc7295d39ff9cda31d1

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:1f:3a:05:7a:1d:ce:4b:f7:d7:6d:0c:7a:df:83:7eCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bdCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

0c:83:09:ba:16:54:68:50:e6:05:e7:5d:77:3e:56:deCertificate

Extended Key Usages

Key Usages

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

af:52:23:f5:92:97:ac:71:c8:a9:02:06:e5:de:39:9b:c4:8c:73:fe:fc:31:c3:ac:dd:32:80:99:1e:2e:72:5aSigner

Signature Validations

Verification

09-12-2021 06:59 Valid: true

Chain 1

a8:bd:4d:f4:7d:9b:ef:65:db:37:a5:2e:9c:91:b2:2e:be:9b:8a:f3Signer

Signature Validations

Verification

09-12-2021 06:58 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

gdi32

user32

msvcrt

comctl32

cabinet

version

Sections

.text Size: 31KB - Virtual size: 30KB

.rdata Size: 9KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 7KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1.3MB - Virtual size: 1.3MB

.reloc Size: 512B - Virtual size: 32B

Password: 2040

b86b775ded6e4965bc085ca37be2cd29

Code Sign

33:00:00:03:80:e4:bb:91:f3:18:fd:8e:9a:00:00:00:00:03:80Certificate

Extended Key Usages

61:07:76:56:00:00:00:00:00:08Certificate

Key Usages

b5:17:8b:e9:76:24:2e:50:7e:df:0d:b2:a6:e7:c1:9c:97:80:b0:b3:e8:c6:10:93:b4:a7:71:8d:45:c9:cd:98Signer

Signature Validations

Verification

09-03-2023 13:30 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:1f:3a:05:7a:1d:ce:4b:f7:d7:6d:0c:7a:df:83:7e
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

0f:a8:49:06:15:d7:00:a0:be:21:76:fd:c5:ec:6d:bd
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

0c:83:09:ba:16:54:68:50:e6:05:e7:5d:77:3e:56:de
Certificate

01:a8:f7:25:76:dc:7b:14:7a:18:63:9e:8d:4d:eb:37
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

af:52:23:f5:92:97:ac:71:c8:a9:02:06:e5:de:39:9b:c4:8c:73:fe:fc:31:c3:ac:dd:32:80:99:1e:2e:72:5a
Signer

09-12-2021 06:59
Valid: true

a8:bd:4d:f4:7d:9b:ef:65:db:37:a5:2e:9c:91:b2:2e:be:9b:8a:f3
Signer

09-12-2021 06:58
Valid: false

.text
Size: 31KB - Virtual size: 30KB

.rdata
Size: 9KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 7KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

.reloc
Size: 512B - Virtual size: 32B

33:00:00:03:80:e4:bb:91:f3:18:fd:8e:9a:00:00:00:00:03:80
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

b5:17:8b:e9:76:24:2e:50:7e:df:0d:b2:a6:e7:c1:9c:97:80:b0:b3:e8:c6:10:93:b4:a7:71:8d:45:c9:cd:98
Signer

09-03-2023 13:30
Valid: false

.text
Size: 404KB - Virtual size: 404KB

.rdata
Size: 160KB - Virtual size: 160KB

.data
Size: 5KB - Virtual size: 55KB

.pdata
Size: 13KB - Virtual size: 12KB

.reloc
Size: 3KB - Virtual size: 2KB