DirectX64[.]rar

Resubmissions

24/03/2023, 12:51

230324-p3gbmaed47 9

24/03/2023, 12:46

230324-pz1k4aed36 9

Sharing

Copy URL Twitter E-mail

General

Target

DirectX64.rar
Size

5.6MB
MD5

1d4fb6c319d08cbe85ed922b6d215696
SHA1

09a3d43d36f413ad462227f04692fe7eac39133e
SHA256

9daa4afad6ae8837874d941290617abfe8ab24fdc778813f854de954eff68794
SHA512

305a61b61b0b8912f219c1264d38615be6b785b5fb7109d84c8e6f963d5a6a41dc8328bc79264182f5582f01a781a6e04987a2f978ba378172d1b8ad3b949348
SSDEEP

98304:DWsqe8BSCWcHOfrQYv0kzTPO0r7SEJhJNE3/OgOeawjZ3cCv6LhB8:DCLNHOf8Yv0kPjr7ZOIwNsCCLhB8

Score

1^/10

Malware Config

Signatures

Files

DirectX64.rar
.rar

Password: 2022
DirectX.dll
.dll windows x64

Password: 2022

585861b958c9f1fe9cc0324e1020a230

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreateNativeClientBufferANDROID
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurface
eglCreatePlatformWindowSurfaceEXT
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateSyncKHR
eglCreateWindowSurface
eglDebugMessageControlKHR
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglDestroySyncKHR
eglDupNativeFenceFDANDROID
eglGetCompositorTimingANDROID
eglGetCompositorTimingSupportedANDROID
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetFrameTimestampSupportedANDROID
eglGetFrameTimestampsANDROID
eglGetMscRateANGLE
eglGetNativeClientBufferANDROID
eglGetNextFrameIdANDROID
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncAttribKHR
eglGetSyncValuesCHROMIUM
eglHandleGPUSwitchANGLE
eglInitialize
eglLabelObjectKHR
eglMakeCurrent
eglPostSubBufferNV
eglPresentationTimeANDROID
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDebugKHR
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribANGLE
eglQueryDisplayAttribEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQueryStringiANGLE
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReacquireHighPowerGPUANGLE
eglReleaseDeviceANGLE
eglReleaseHighPowerGPUANGLE
eglReleaseTexImage
eglReleaseThread
eglSetBlobCacheFuncsANDROID
eglSignalSyncKHR
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageKHR
eglSwapBuffersWithFrameTokenANGLE
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync
eglWaitSyncKHR

Sections

.text
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
DirectX64.exe
.exe windows x64

Password: 2022

79b3362178937bf9559741c46bb9e035

Code Sign

3f:dc:7a:3e:7e:96:5e:b6:4e:3a:1a:ce:c7:32:b0:e3
Certificate

Issuer

CN=Logitech ZC-9015 USA State of Washington

Not Before

24/12/2022, 20:59

Not After

25/12/2032, 20:59

Subject

CN=Logitech ZC-9015 USA State of Washington

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

11/05/2022, 00:00

Not After

10/08/2033, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:ba:57:21:6b:a4:c9:50:df:3b:12:40:10:7e:77:4a:a3:ea:43:7b:c0:a7:17:78:87:01:db:66:8f:78:ec:14
Signer

Actual PE Digest

27:ba:57:21:6b:a4:c9:50:df:3b:12:40:10:7e:77:4a:a3:ea:43:7b:c0:a7:17:78:87:01:db:66:8f:78:ec:14

Digest Algorithm

sha256

PE Digest Matches

false

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Logitech ZC-9015 USA State of Washington

23/03/2023, 16:09
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

Sections

.MPRESS1
Size: 3.5MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
specsb/CIEXYZ.pf
specsb/MXF_SDK_GenericContainer_AES3_4.5.16_vs10.dll
.dll windows x64

Password: 2022

e913d4b2d76cf2dee22ce88ba9b8bf29

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mxf_sdk_4.5.16_vs10

?EDIT_RATE_PAL_FRAME@Essence@SDK@MXF@@3V?$Rational@H@Templates@23@B
?EDIT_RATE_PAL_FIELD@Essence@SDK@MXF@@3V?$Rational@H@Templates@23@B
?EDIT_RATE_24@Essence@SDK@MXF@@3V?$Rational@H@Templates@23@B
?EDIT_RATE_30@Essence@SDK@MXF@@3V?$Rational@H@Templates@23@B
?read@SliceReader@DataIO@SDK@MXF@@QEAAX_KAEAVChain@234@@Z
?isComplete@ChannelStatusLoader@AES3@Essence@SDK@MXF@@QEAA_NXZ
?makeSlice@Chain@DataIO@SDK@MXF@@QEBA?AV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@_K0@Z
?push@ChannelStatusLoader@AES3@Essence@SDK@MXF@@QEAAX_N0@Z
?professionalUse@ChannelStatus@AES3@Essence@SDK@MXF@@QEBA_NXZ
?samplingFrequency@ChannelStatus@AES3@Essence@SDK@MXF@@QEBA?AV?$Rational@H@Templates@45@XZ
?sourceWordLength@ChannelStatus@AES3@Essence@SDK@MXF@@QEBAEXZ
?lockIndication@ChannelStatus@AES3@Essence@SDK@MXF@@QEBA_NXZ
??0UniversalLabel@Types@SDK@MXF@@QEAA@AEBV0123@@Z
??1SoundAnalyzer@GenericContainer@SDK@MXF@@UEAA@XZ
??0BaseException@Exceptions@SDK@MXF@@QEAA@AEBV0123@@Z
?what@BaseException@Exceptions@SDK@MXF@@UEBAPEBGXZ
?message@BaseException@Exceptions@SDK@MXF@@UEBAPEBGXZ
??1BaseException@Exceptions@SDK@MXF@@UEAA@XZ
??0BaseException@Exceptions@SDK@MXF@@QEAA@PEBD0H@Z
??0SoundAnalyzer@GenericContainer@SDK@MXF@@QEAA@XZ
?essenceAnalyzerType@SoundAnalyzer@GenericContainer@SDK@MXF@@UEAA?AW4EssenceAnalyzerType@EssenceAnalyzer@234@XZ
?proposeKey@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEAA?AVKey@KLV@34@AEBV5634@@Z
?EDIT_RATE_NTSC_FIELD@Essence@SDK@MXF@@3V?$Rational@H@Templates@23@B
??0MetadataBuilder@GenericContainer@SDK@MXF@@QEAA@AEAVPartitionMetadata@Metadata@23@PEAVSourcePackage@Structural@523@PEAVMultipleDescriptor@7523@IIAEBV?$Rational@H@Templates@23@3@Z
??1MetadataBuilder@GenericContainer@SDK@MXF@@UEAA@XZ
?createEssenceTrack@MetadataBuilder@GenericContainer@SDK@MXF@@IEAAPEAVTimelineTrack@Structural@Metadata@34@AEBVUniversalLabel@Types@34@I@Z
?audio@DataDefinitionULs@Structural@Metadata@SDK@MXF@@YAAEBVUniversalLabel@Types@45@XZ
?genericSoundEssenceDescriptor@StructuralMetadataKeys@Structural@Metadata@SDK@MXF@@YAAEBVKey@KLV@45@XZ
??0Rational@Types@SDK@MXF@@QEAA@AEBV?$Rational@H@Templates@23@@Z
??1Rational@Types@SDK@MXF@@UEAA@XZ
?audioSamplingRate@GenericSoundEssenceDescriptor@Structural@Metadata@SDK@MXF@@QEAAXPEBVRational@Types@45@@Z
?sampleRate@FileDescriptor@Structural@Metadata@SDK@MXF@@QEAAXPEBVRational@Types@45@@Z
?essenceContainer@FileDescriptor@Structural@Metadata@SDK@MXF@@QEAAXPEBVUniversalLabel@Types@45@@Z
?linkedTrack@FileDescriptor@Structural@Metadata@SDK@MXF@@QEAAXPEBVTrack@2345@@Z
??0Boolean@Types@SDK@MXF@@QEAA@_N@Z
??1Boolean@Types@SDK@MXF@@UEAA@XZ
?lockedUnlocked@GenericSoundEssenceDescriptor@Structural@Metadata@SDK@MXF@@QEAAXPEBVBoolean@Types@45@@Z
??0UInt32@Types@SDK@MXF@@QEAA@I@Z
??1UInt32@Types@SDK@MXF@@UEAA@XZ
?channelCount@GenericSoundEssenceDescriptor@Structural@Metadata@SDK@MXF@@QEAAXPEBVUInt32@Types@45@@Z
?quantizationBits@GenericSoundEssenceDescriptor@Structural@Metadata@SDK@MXF@@QEAAXPEBVUInt32@Types@45@@Z
?setDescriptorToPackage@MetadataBuilder@GenericContainer@SDK@MXF@@QEAAXPEAVFileDescriptor@Structural@Metadata@34@@Z
?finish@MetadataBuilder@GenericContainer@SDK@MXF@@UEAAXXZ
?createMetadataSet@PartitionMetadata@Metadata@SDK@MXF@@QEAAPEAVMetadataSet@234@AEBVKey@KLV@34@@Z
?EDIT_RATE_NTSC_FRAME@Essence@SDK@MXF@@3V?$Rational@H@Templates@23@B
?AES3_SAMPLE_RATE@Essence@SDK@MXF@@3V?$Rational@H@Templates@23@B
?readAligned@SliceReader@DataIO@SDK@MXF@@QEAA?AV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@_K@Z
??4UniversalLabel@Types@SDK@MXF@@QEAAAEBV0123@AEBV0123@@Z
??1UniversalLabel@Types@SDK@MXF@@UEAA@XZ
??0UniversalLabel@Types@SDK@MXF@@QEAA@PEBE@Z
??0ChannelStatusLoader@AES3@Essence@SDK@MXF@@QEAA@AEAVChannelStatus@1234@@Z
??1ChannelStatus@AES3@Essence@SDK@MXF@@QEAA@XZ
??0ChannelStatus@AES3@Essence@SDK@MXF@@QEAA@XZ
??1SliceReader@DataIO@SDK@MXF@@UEAA@XZ
??8?$Rational@H@Templates@SDK@MXF@@QEBA_NH@Z
?push_back@Chain@DataIO@SDK@MXF@@QEAAXV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@@Z
?data_size@Chain@DataIO@SDK@MXF@@QEBA_KXZ
?push_back@Chain@DataIO@SDK@MXF@@QEAAXAEAV1234@@Z
??4TimeCode@Utils@SDK@MXF@@QEAAAEBV0123@AEBV0123@@Z
?begin@Chain@DataIO@SDK@MXF@@QEAA?AU?$SliceIterator@PEAVSlice@DataIO@SDK@MXF@@AEAPEAV1234@PEAPEAV1234@@234@XZ
?descriptor@SourcePackage@Structural@Metadata@SDK@MXF@@QEBAPEAVGenericDescriptor@2345@XZ
?customizeDescriptor@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEAAXAEAVFileDescriptor@Structural@Metadata@34@@Z
??2SliceReader@DataIO@SDK@MXF@@SAPEAX_K@Z
??3SliceReader@DataIO@SDK@MXF@@SAXPEAX_K@Z
??0SliceReader@DataIO@SDK@MXF@@QEAA@V?$SharedPtr@VSliceSource@DataIO@SDK@MXF@@VLockedCounter@Templates@34@@Templates@23@@Z
?interlockedIncrement@Synchronization@Platform@SDK@MXF@@YAHAEAH@Z
?read@SliceReader@DataIO@SDK@MXF@@UEAA?AV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@_K@Z
?absoluteOffset@SliceReader@DataIO@SDK@MXF@@UEBA_KXZ
?endOfStream@SliceReader@DataIO@SDK@MXF@@UEBA_NXZ
?skip@SliceReader@DataIO@SDK@MXF@@UEAA_K_K@Z
??0Chain@DataIO@SDK@MXF@@QEAA@XZ
??0TimeCode@Utils@SDK@MXF@@QEAA@XZ
??1Slice@DataIO@SDK@MXF@@QEAA@XZ
??3Slice@DataIO@SDK@MXF@@SAXPEAX_K@Z
?clear@Chain@DataIO@SDK@MXF@@QEAAXXZ
??1Chain@DataIO@SDK@MXF@@QEAA@XZ
??1TimeCode@Utils@SDK@MXF@@UEAA@XZ
?interlockedDecrement@Synchronization@Platform@SDK@MXF@@YAHAEAH@Z
?deallocate@malloc_alloc@Platform@SDK@MXF@@SAXPEAX_K@Z
?allocate@malloc_alloc@Platform@SDK@MXF@@SAPEAX_K@Z
?essenceElementCount@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEAAEE@Z
??0?$Rational@H@Templates@SDK@MXF@@QEAA@HH@Z

msvcr100

_CxxThrowException
__CxxFrameHandler3
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
__C_specific_handler
?terminate@@YAXXZ
memmove
??2@YAPEAX_K@Z
_purecall
??3@YAXPEAX@Z
__RTDynamicCast

kernel32

RtlLookupFunctionEntry
DecodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
EncodePointer
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep

Exports

Exports

??0AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@QEAA@V?$SharedPtr@VSliceSource@DataIO@SDK@MXF@@VLockedCounter@Templates@34@@Templates@34@W4S356MConstraints@01234@_N@Z
??1AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAA@XZ
??2AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@SAPEAX_K@Z
??2AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@SAPEAX_KPEAX@Z
??3AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@SAXPEAX0@Z
??3AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@SAXPEAX_K@Z
??_7AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@6B@
??_UAES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@SAPEAX_K@Z
??_UAES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@SAPEAX_KPEAX@Z
??_VAES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@SAXPEAX0@Z
??_VAES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@SAXPEAX_K@Z
?audioSamplingRate@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA?AV?$Rational@H@Templates@45@XZ
?boundedEditUnitSize@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAAXH@Z
?boundedEditUnitSize@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBAIXZ
?containsTemporalDependencies@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA_NXZ
?currentTimeCode@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA?AVTimeCode@Utils@45@XZ
?done@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAA_NXZ
?editRate@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAAXAEBV?$Rational@H@Templates@45@@Z
?editRate@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA?AV?$Rational@H@Templates@45@XZ
?essenceElementType@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBAEXZ
?finalize@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAA_NXZ
?getDuration@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA?AV?$Rational@H@Templates@45@XZ
?getPreChargeDuration@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA?AV?$Rational@H@Templates@45@XZ
?groupEditUnits@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAAXI@Z
?isCBE@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA_NXZ
?itemTypeIdentifier@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBAEXZ
?maximumToSkip@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAAX_K@Z
?maximumToSkip@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA_KXZ
?nextEditUnit@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAA_NAEAUEditUnit@345@@Z
?preload@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAA_NXZ
?requiredKAGSize@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBAIXZ
?setDuration@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAAXAEBV?$Rational@H@Templates@45@@Z
?setMetadata@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAA_NAEAVPartitionMetadata@Metadata@45@PEAVSourcePackage@Structural@745@II@Z
?setPreChargeDuration@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEAAXAEBV?$Rational@H@Templates@45@@Z
?universalLabel@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@UEBA?AVUniversalLabel@Types@45@XZ
?wrappingScheme@AES3EssenceAnalyzer@AES3@GenericContainer@SDK@MXF@@QEAAXE@Z

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 396B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/MXF_SDK_GenericContainer_AVI_4.5.16_vs10.dll
.dll windows x64

Password: 2022

655486c6f4b4686a1316be4acbb66a59

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mxf_sdk_4.5.16_vs10

??1ItemOutput@GenericContainer@SDK@MXF@@UEAA@XZ
??0ItemOutput@GenericContainer@SDK@MXF@@QEAA@V?$SharedPtr@UDemultiplexer_impl@GenericContainer@SDK@MXF@@VLockedCounter@Templates@34@@Templates@23@IAEAVMutex@Synchronization@Platform@23@@Z
??0?$SharedPtr@UDemultiplexer_impl@GenericContainer@SDK@MXF@@VLockedCounter@Templates@34@@Templates@SDK@MXF@@QEAA@AEBV0123@@Z
?read@ItemOutput@GenericContainer@SDK@MXF@@UEAA?AV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@_K@Z
?absoluteOffset@ItemOutput@GenericContainer@SDK@MXF@@UEBA_KXZ
?endOfStream@ItemOutput@GenericContainer@SDK@MXF@@UEBA_NXZ
?skip@ItemOutput@GenericContainer@SDK@MXF@@UEAA_K_K@Z
?currentCachedSize@ItemOutput@GenericContainer@SDK@MXF@@UEAA_KXZ
?signalEOS@ItemOutput@GenericContainer@SDK@MXF@@UEAAXXZ
??1?$SharedPtr@UDemultiplexer_impl@GenericContainer@SDK@MXF@@VLockedCounter@Templates@34@@Templates@SDK@MXF@@QEAA@XZ
?rotateStreamNumberMask@AVIReader@AVI@Essence@SDK@MXF@@QEBA_NXZ
?rotateStreamNumberMask@AVIReader@AVI@Essence@SDK@MXF@@QEAAX_N@Z
?push_data@ItemOutput@GenericContainer@SDK@MXF@@UEAAXAEAVChain@DataIO@34@@Z
?data_size@Chain@DataIO@SDK@MXF@@QEBA_KXZ
?read@AVIReader@AVI@Essence@SDK@MXF@@QEAA_NAEAIAEAVChain@DataIO@45@@Z
??1Chain@DataIO@SDK@MXF@@QEAA@XZ
??0Chain@DataIO@SDK@MXF@@QEAA@XZ
?info@AVIReader@AVI@Essence@SDK@MXF@@QEAA?AUSTREAMInfo@2345@I@Z
?initialize@AVIReader@AVI@Essence@SDK@MXF@@QEAAPEBUMainHeader@2345@XZ
??1AVIReader@AVI@Essence@SDK@MXF@@QEAA@XZ
??0AVIReader@AVI@Essence@SDK@MXF@@QEAA@AEAVSliceReader@DataIO@34@@Z
??0SliceReader@DataIO@SDK@MXF@@QEAA@V?$SharedPtr@VSliceSource@DataIO@SDK@MXF@@VLockedCounter@Templates@34@@Templates@23@@Z
?interlockedIncrement@Synchronization@Platform@SDK@MXF@@YAHAEAH@Z
??1SliceReader@DataIO@SDK@MXF@@UEAA@XZ
??0Mutex@Synchronization@Platform@SDK@MXF@@QEAA@XZ
??1Mutex@Synchronization@Platform@SDK@MXF@@QEAA@XZ
?interlockedDecrement@Synchronization@Platform@SDK@MXF@@YAHAEAH@Z
?deallocate@malloc_alloc@Platform@SDK@MXF@@SAXPEAX_K@Z
?allocate@malloc_alloc@Platform@SDK@MXF@@SAPEAX_K@Z

msvcr100

_malloc_crt
__CxxFrameHandler3
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__CppXcptFilter
_amsg_exit
??3@YAXPEAX@Z
_purecall
??2@YAPEAX_K@Z
?terminate@@YAXXZ
__C_specific_handler
_CxxThrowException
_initterm
_initterm_e
free
_encoded_null

kernel32

RtlLookupFunctionEntry
DecodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
EncodePointer
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep

Exports

Exports

??0Demultiplexer@AVI@GenericContainer@SDK@MXF@@QEAA@V?$SharedPtr@VSliceSource@DataIO@SDK@MXF@@VLockedCounter@Templates@34@@Templates@34@@Z
??1Demultiplexer@AVI@GenericContainer@SDK@MXF@@UEAA@XZ
??2Demultiplexer@AVI@GenericContainer@SDK@MXF@@SAPEAX_K@Z
??2Demultiplexer@AVI@GenericContainer@SDK@MXF@@SAPEAX_KPEAX@Z
??3Demultiplexer@AVI@GenericContainer@SDK@MXF@@SAXPEAX0@Z
??3Demultiplexer@AVI@GenericContainer@SDK@MXF@@SAXPEAX_K@Z
??_7Demultiplexer@AVI@GenericContainer@SDK@MXF@@6B@
??_UDemultiplexer@AVI@GenericContainer@SDK@MXF@@SAPEAX_K@Z
??_UDemultiplexer@AVI@GenericContainer@SDK@MXF@@SAPEAX_KPEAX@Z
??_VDemultiplexer@AVI@GenericContainer@SDK@MXF@@SAXPEAX0@Z
??_VDemultiplexer@AVI@GenericContainer@SDK@MXF@@SAXPEAX_K@Z
?enableSliceSource@Demultiplexer@AVI@GenericContainer@SDK@MXF@@UEAA?AV?$SharedPtr@VSliceSource@DataIO@SDK@MXF@@VLockedCounter@Templates@34@@Templates@45@I@Z
?info@Demultiplexer@AVI@GenericContainer@SDK@MXF@@QEAA?AUSTREAMInfo@2Essence@45@I@Z
?initialize@Demultiplexer@AVI@GenericContainer@SDK@MXF@@QEAAPEBUMainHeader@2Essence@45@XZ
?rotateStreamNumberMask@Demultiplexer@AVI@GenericContainer@SDK@MXF@@QEAAX_N@Z
?rotateStreamNumberMask@Demultiplexer@AVI@GenericContainer@SDK@MXF@@QEBA_NXZ

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/MXF_SDK_GenericContainer_SystemScheme1_4.5.16_vs10.dll
.dll windows x64

Password: 2022

a7561c032f63a79b9bae062cdc49c9bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mxf_sdk_4.5.16_vs10

?instance@MemoryBlockFactory@Memory@DataIO@SDK@MXF@@SAAEAV12345@XZ
??1BlockHolder@DataIO@SDK@MXF@@QEAA@XZ
??2Slice@DataIO@SDK@MXF@@SAPEAX_K@Z
??0Slice@DataIO@SDK@MXF@@QEAA@PEAVBlock@123@_K1@Z
?splice@Slice@DataIO@SDK@MXF@@QEAA?AV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@PEBE@Z
?push_back@Chain@DataIO@SDK@MXF@@QEAAXV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@@Z
??0TimeCodeExtended@Utils@SDK@MXF@@QEAA@XZ
??0SystemAnalyzer@GenericContainer@SDK@MXF@@QEAA@XZ
??1SystemAnalyzer@GenericContainer@SDK@MXF@@UEAA@XZ
??0UniversalLabel@Types@SDK@MXF@@QEAA@AEBV0123@@Z
?interlockedIncrement@Synchronization@Platform@SDK@MXF@@YAHAEAH@Z
?writeTimecode12M@GenericContainer@SDK@MXF@@YAXAEAUTimecode12M@123@AEBVTimeCode@Utils@23@@Z
??ETimeCode@Utils@SDK@MXF@@QEAAAEBV0123@XZ
?interlockedDecrement@Synchronization@Platform@SDK@MXF@@YAHAEAH@Z
??2TimeCode@Utils@SDK@MXF@@SAPEAX_KPEAX@Z
??3TimeCode@Utils@SDK@MXF@@SAXPEAX0@Z
?data_size@Chain@DataIO@SDK@MXF@@QEBA_KXZ
??3TimeCodeExtended@Utils@SDK@MXF@@SAXPEAX0@Z
??3TimeCode@Utils@SDK@MXF@@SAXPEAX_K@Z
??3TimeCodeExtended@Utils@SDK@MXF@@SAXPEAX_K@Z
?essenceAnalyzerType@SystemAnalyzer@GenericContainer@SDK@MXF@@UEAA?AW4EssenceAnalyzerType@EssenceAnalyzer@234@XZ
??0?$Rational@H@Templates@SDK@MXF@@QEAA@HH@Z
?essenceElementCount@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEAAEE@Z
?getPreChargeDuration@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEBA?AV?$Rational@H@Templates@34@XZ
?setPreChargeDuration@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEAAXAEBV?$Rational@H@Templates@34@@Z
?getDuration@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEBA?AV?$Rational@H@Templates@34@XZ
?setDuration@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEAAXAEBV?$Rational@H@Templates@34@@Z
?customizeDescriptor@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEAAXAEAVFileDescriptor@Structural@Metadata@34@@Z
?proposeKey@EssenceAnalyzer@GenericContainer@SDK@MXF@@UEAA?AVKey@KLV@34@AEBV5634@@Z
?makeSlice@Chain@DataIO@SDK@MXF@@QEBA?AV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@_K0@Z
?rawBuffer@UInt32@Types@SDK@MXF@@UEBAPEBEXZ
?serializedSize@UInt32@Types@SDK@MXF@@UEBAGXZ
??1UInt32@Types@SDK@MXF@@UEAA@XZ
??0UInt32@Types@SDK@MXF@@QEAA@I@Z
?rawBuffer@UInt16@Types@SDK@MXF@@UEBAPEBEXZ
??1UInt16@Types@SDK@MXF@@UEAA@XZ
??0UInt16@Types@SDK@MXF@@QEAA@G@Z
??1LocalTag@Types@SDK@MXF@@UEAA@XZ
??0LocalTag@Types@SDK@MXF@@QEAA@PEBGW4StringRepresentationEncodingType@123@@Z
?size@LocalTag@Types@SDK@MXF@@UEBAGXZ
?codeBER@ByteCoders@SDK@MXF@@YAX_KEPEAE@Z
?rawBuffer@Key@KLV@SDK@MXF@@QEBAPEBEXZ
?size@Key@KLV@SDK@MXF@@QEBAGXZ
??0BaseException@Exceptions@SDK@MXF@@QEAA@AEBV0123@@Z
??0BaseException@Exceptions@SDK@MXF@@QEAA@PEBD0H@Z
??1BaseException@Exceptions@SDK@MXF@@UEAA@XZ
?message@BaseException@Exceptions@SDK@MXF@@UEBAPEBGXZ
?what@BaseException@Exceptions@SDK@MXF@@UEBAPEBGXZ
?frameRate@TimeCode@Utils@SDK@MXF@@QEBAEXZ
?toFrameCounter@TimeCode@Utils@SDK@MXF@@QEBA_JXZ
?dropFrame@TimeCode@Utils@SDK@MXF@@QEBA_NXZ
??0TimeCodeExtended@Utils@SDK@MXF@@QEAA@E_J_NUBinaryGroups@0123@11@Z
??0TimeCodeExtended@Utils@SDK@MXF@@QEAA@AEBV0123@@Z
??1TimeCodeExtended@Utils@SDK@MXF@@UEAA@XZ
??4TimeCodeExtended@Utils@SDK@MXF@@QEAAAEBV0123@AEBV0123@@Z
??0TimeCode@Utils@SDK@MXF@@QEAA@AEBV0123@@Z
??0Key@KLV@SDK@MXF@@QEAA@PEBGW4StringRepresentationEncodingType@Types@23@@Z
??1UniversalLabel@Types@SDK@MXF@@UEAA@XZ
??0UniversalLabel@Types@SDK@MXF@@QEAA@PEBGW4StringRepresentationEncodingType@123@@Z
?deallocate@malloc_alloc@Platform@SDK@MXF@@SAXPEAX_K@Z
?allocate@malloc_alloc@Platform@SDK@MXF@@SAPEAX_K@Z
??1Key@KLV@SDK@MXF@@QEAA@XZ
??4TimeCode@Utils@SDK@MXF@@QEAAAEBV0123@AEBV0123@@Z
??1TimeCode@Utils@SDK@MXF@@UEAA@XZ
??0TimeCode@Utils@SDK@MXF@@QEAA@XZ
??3Slice@DataIO@SDK@MXF@@SAXPEAX_K@Z
??1Chain@DataIO@SDK@MXF@@QEAA@XZ
??1Slice@DataIO@SDK@MXF@@QEAA@XZ
??2TimeCodeExtended@Utils@SDK@MXF@@SAPEAX_KPEAX@Z
??0Chain@DataIO@SDK@MXF@@QEAA@XZ

msvcr100

__RTDynamicCast
memcpy
__CxxFrameHandler3
__clean_type_info_names_internal
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
?terminate@@YAXXZ
_purecall
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
_CxxThrowException

kernel32

RtlCaptureContext
DecodePointer
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
EncodePointer
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess

Exports

Exports

??0SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@QEAA@V?$SharedPtr@VTimeCodeProvider@GenericContainer@SDK@MXF@@VLockedCounter@Templates@34@@Templates@34@V?$SharedPtr@VSystemItemMetadataProvider@GenericContainer@SDK@MXF@@VLockedCounter@Templates@34@@634@@Z
??0SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@QEAA@VTimeCode@Utils@34@V?$SharedPtr@VSystemItemMetadataProvider@GenericContainer@SDK@MXF@@VLockedCounter@Templates@34@@Templates@34@@Z
??1SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAA@XZ
??2SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@SAPEAX_K@Z
??2SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@SAPEAX_KPEAX@Z
??3SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@SAXPEAX0@Z
??3SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@SAXPEAX_K@Z
??_7SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@6B@
??_USystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@SAPEAX_K@Z
??_USystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@SAPEAX_KPEAX@Z
??_VSystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@SAXPEAX0@Z
??_VSystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@SAXPEAX_K@Z
?boundedEditUnitSize@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAAXH@Z
?boundedEditUnitSize@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBAIXZ
?containsTemporalDependencies@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBA_NXZ
?currentTimeCode@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAAXAEBVTimeCode@Utils@45@@Z
?currentTimeCode@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBA?AVTimeCode@Utils@45@XZ
?done@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAA_NXZ
?editRate@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAAXAEBV?$Rational@H@Templates@45@@Z
?editRate@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBA?AV?$Rational@H@Templates@45@XZ
?essenceElementType@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBAEXZ
?finalize@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAA_NXZ
?frameCount@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@QEAAXI@Z
?isCBE@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBA_NXZ
?itemTypeIdentifier@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBAEXZ
?maximumToSkip@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAAX_K@Z
?maximumToSkip@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBA_KXZ
?nextEditUnit@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAA_NAEAUEditUnit@345@@Z
?preload@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAA_NXZ
?requiredKAGSize@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBAIXZ
?setMetadata@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEAA_NAEAVPartitionMetadata@Metadata@45@PEAVSourcePackage@Structural@745@II@Z
?universalLabel@SystemScheme1Generator@SystemScheme1@GenericContainer@SDK@MXF@@UEBA?AVUniversalLabel@Types@45@XZ

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/MXF_SDK_Modules_DataIO_1.4.22_vs10.dll
.dll windows x64

Password: 2022

5c273080385be28ae9ab1e21044d2cff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mxf_sdk_4.5.16_vs10

??_7SliceSource@DataIO@SDK@MXF@@6B@
??1SliceSource@DataIO@SDK@MXF@@UEAA@XZ
??1Slice@DataIO@SDK@MXF@@QEAA@XZ
??3Slice@DataIO@SDK@MXF@@SAXPEAX_K@Z
?remaining@FileSliceSource@File@DataIO@SDK@MXF@@UEBA_KXZ
?skip@FileSliceSource@File@DataIO@SDK@MXF@@UEAA_K_K@Z
?endOfStream@FileSliceSource@File@DataIO@SDK@MXF@@UEBA_NXZ
?absoluteOffset@FileSliceSource@File@DataIO@SDK@MXF@@UEBA_KXZ
?read@FileSliceSource@File@DataIO@SDK@MXF@@UEAA?AV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@45@_K@Z
?interlockedDecrement@Synchronization@Platform@SDK@MXF@@YAHAEAH@Z
?interlockedIncrement@Synchronization@Platform@SDK@MXF@@YAHAEAH@Z
??1FileSliceSource@File@DataIO@SDK@MXF@@UEAA@XZ
??0FileSliceSource@File@DataIO@SDK@MXF@@QEAA@PEBGV?$SharedPtr@VBlockFactory@DataIO@SDK@MXF@@VLockedCounter@Templates@34@@Templates@34@_K2@Z
??3FileSliceSource@File@DataIO@SDK@MXF@@SAXPEAX_K@Z
??2FileSliceSource@File@DataIO@SDK@MXF@@SAPEAX_K@Z
?instance@MemoryBlockFactory@Memory@DataIO@SDK@MXF@@SAAEAV12345@XZ
?deallocate@malloc_alloc@Platform@SDK@MXF@@SAXPEAX_K@Z
?allocate@malloc_alloc@Platform@SDK@MXF@@SAPEAX_K@Z

msvcr100

free
__CxxFrameHandler3
_onexit
??3@YAXPEAX@Z
??_V@YAXPEAX@Z
swprintf_s
memmove
_purecall
?terminate@@YAXXZ
__C_specific_handler
_malloc_crt
_initterm
_initterm_e
_CxxThrowException
_encoded_null
_amsg_exit
__CppXcptFilter
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__clean_type_info_names_internal
_unlock
__dllonexit
_lock

kernel32

RtlLookupFunctionEntry
DecodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
EncodePointer
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep

Exports

Exports

??0FileSwitcherEventListener@File@DataIO@SDK@MXF@@QEAA@AEBV01234@@Z
??0FileSwitcherEventListener@File@DataIO@SDK@MXF@@QEAA@XZ
??0MultipleFileSwitcher@File@DataIO@SDK@MXF@@QEAA@PEBGH_K1PEAVFileSwitcherEventListener@1234@@Z
??0MultipleSliceSource@DataIO@SDK@MXF@@QEAA@V?$auto_ptr@VSliceSourceSwitcher@DataIO@SDK@MXF@@@Templates@23@_K@Z
??0SliceSourceSwitcher@DataIO@SDK@MXF@@IEAA@XZ
??1FileSwitcherEventListener@File@DataIO@SDK@MXF@@UEAA@XZ
??1MultipleFileSwitcher@File@DataIO@SDK@MXF@@UEAA@XZ
??1MultipleSliceSource@DataIO@SDK@MXF@@UEAA@XZ
??1SliceSourceSwitcher@DataIO@SDK@MXF@@UEAA@XZ
??2MultipleFileSwitcher@File@DataIO@SDK@MXF@@SAPEAX_K@Z
??2MultipleFileSwitcher@File@DataIO@SDK@MXF@@SAPEAX_KPEAX@Z
??2MultipleSliceSource@DataIO@SDK@MXF@@SAPEAX_K@Z
??2MultipleSliceSource@DataIO@SDK@MXF@@SAPEAX_KPEAX@Z
??3MultipleFileSwitcher@File@DataIO@SDK@MXF@@SAXPEAX0@Z
??3MultipleFileSwitcher@File@DataIO@SDK@MXF@@SAXPEAX_K@Z
??3MultipleSliceSource@DataIO@SDK@MXF@@SAXPEAX0@Z
??3MultipleSliceSource@DataIO@SDK@MXF@@SAXPEAX_K@Z
??4FileSwitcherEventListener@File@DataIO@SDK@MXF@@QEAAAEAV01234@AEBV01234@@Z
??_7FileSwitcherEventListener@File@DataIO@SDK@MXF@@6B@
??_7MultipleFileSwitcher@File@DataIO@SDK@MXF@@6B@
??_7MultipleSliceSource@DataIO@SDK@MXF@@6B@
??_7SliceSourceSwitcher@DataIO@SDK@MXF@@6B@
??_UMultipleFileSwitcher@File@DataIO@SDK@MXF@@SAPEAX_K@Z
??_UMultipleFileSwitcher@File@DataIO@SDK@MXF@@SAPEAX_KPEAX@Z
??_UMultipleSliceSource@DataIO@SDK@MXF@@SAPEAX_K@Z
??_UMultipleSliceSource@DataIO@SDK@MXF@@SAPEAX_KPEAX@Z
??_VMultipleFileSwitcher@File@DataIO@SDK@MXF@@SAXPEAX0@Z
??_VMultipleFileSwitcher@File@DataIO@SDK@MXF@@SAXPEAX_K@Z
??_VMultipleSliceSource@DataIO@SDK@MXF@@SAXPEAX0@Z
??_VMultipleSliceSource@DataIO@SDK@MXF@@SAXPEAX_K@Z
?absoluteOffset@MultipleSliceSource@DataIO@SDK@MXF@@UEBA_KXZ
?endOfStream@MultipleSliceSource@DataIO@SDK@MXF@@UEBA_NXZ
?read@MultipleSliceSource@DataIO@SDK@MXF@@UEAA?AV?$auto_ptr@VSlice@DataIO@SDK@MXF@@@Templates@34@_K@Z
?remaining@MultipleSliceSource@DataIO@SDK@MXF@@UEBA_KXZ
?skip@MultipleSliceSource@DataIO@SDK@MXF@@UEAA_K_K@Z
?timeToSwitch@MultipleFileSwitcher@File@DataIO@SDK@MXF@@UEAA?AV?$SharedPtr@VSliceSource@DataIO@SDK@MXF@@VLockedCounter@Templates@34@@Templates@45@_KV6745@@Z

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/PRM.dll
.dll windows x64

Password: 2022

1d97ce3442bee18924748f011949828c

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6e:a6:10:36:bc:17:2e:7a:f6:30:74:ac:2c:dc:27:00
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/11/2015, 00:00

Not After

28/10/2017, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

c4:80:a9:7a:ae:a3:23:ec:77:a4:1e:23:3c:b0:f6:40:42:6d:fb:12
Signer

Actual PE Digest

c4:80:a9:7a:ae:a3:23:ec:77:a4:1e:23:3c:b0:f6:40:42:6d:fb:12

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

11/04/2017, 12:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

dvacore

?GetSuiteClientVersion_NumberOnly@config@dvacore@@YA?AV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@XZ
??_DiUTF16StringStream@dvacore@@QEAAXXZ
??0iUTF16StringStream@dvacore@@QEAA@AEBV?$basic_string@GU?$char_traits@G@std@@V?$STLAllocator@G@SmallBlockAllocator@utility@dvacore@@@std@@@Z
?Dispose@SmallBlockAllocator@utility@dvacore@@YAXPEAX_K@Z

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@AEAH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ

vcruntime140

memcmp
__C_specific_handler
__std_type_info_destroy_list
__std_exception_destroy
memset
memcpy
__std_exception_copy
memmove
_CxxThrowException
__CxxFrameHandler3
__std_terminate

api-ms-win-crt-runtime-l1-1-0

terminate
_initterm_e
_initterm
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
_cexit

api-ms-win-crt-string-l1-1-0

strcmp

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcess
GetModuleHandleW
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
TerminateProcess
GetCurrentProcessId

Exports

Exports

?Audio16@Feature@PRM@@YA_NXZ
?Audio51@Feature@PRM@@YA_NXZ
?GetApplicationBuild@PRM@@YAPEBDXZ
?GetApplicationName@PRM@@YAPEBDXZ
?GetApplicationType@PRM@@YA?AW4ApplicationType@1@XZ
?GetApplicationVersion@PRM@@YAPEBDXZ
?GetExactApplicationVersion@PRM@@YAPEBDXZ
?GetIsHeadless@PRM@@YA_NXZ
?GetIsTryNDie@Feature@PRM@@YA_NXZ
?GetIsWatermarkingEnabled@Feature@PRM@@YA_NXZ
?GetMediaCoreName@PRM@@YAPEBDXZ
?GetMediaCoreVersion@PRM@@YAHXZ
?GetMediaCoreVersionName@PRM@@YAPEBDXZ
?Initialize@PRM@@YAXW4ApplicationType@1@PEBD111_N@Z
?Initialize@PRM@@YAXW4ApplicationType@1@PEBD11_N@Z
?IsRunningRush@PRM@@YA_NXZ
?MultipleSequences@Feature@PRM@@YA_NXZ
?SetIsTryNDie@Feature@PRM@@YAX_N@Z
?SetIsWatermarkingEnabled@Feature@PRM@@YAX_N@Z
?ToolPalette@Feature@PRM@@YA_NXZ

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/PdfPreviewHandler.dll
.dll windows x64

Password: 2022

307df52a6088540089ea77f024be9281

Code Sign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

29:a1:ca:b3:97:6c:fa:d3:3f:4c:3c:14:b5:9f:ef:47:0d:da:ce:69:a9:fb:34:c0:a4:27:5e:01:67:90:85:06
Signer

Actual PE Digest

29:a1:ca:b3:97:6c:fa:d3:3f:4c:3c:14:b5:9f:ef:47:0d:da:ce:69:a9:fb:34:c0:a4:27:5e:01:67:90:85:06

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

23/03/2023, 16:09
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
CreateEventW
CreateFileW
DecodePointer
DeleteCriticalSection
DisableThreadLibraryCalls
EncodePointer
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetFileAttributesW
GetLastError
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError

user32

BeginPaint
CreateWindowExW
DefWindowProcW
DestroyWindow
EndPaint
GetClientRect
GetFocus
GetWindowLongPtrW
LoadCursorW
PostMessageW
PostQuitMessage
RegisterClassExW
SetFocus
SetParent
SetWindowLongPtrW
SetWindowPos
ShowWindow
UpdateWindow

shell32

SHGetKnownFolderPath

api-ms-win-core-path-l1-1-0

PathCchAppendEx

advapi32

EventRegister
EventSetInformation
EventUnregister
EventWriteTransfer
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
RegCloseKey
RegGetValueW
RegOpenKeyExW
RegQueryValueExW

ole32

CoTaskMemAlloc
CoTaskMemFree

vcruntime140

_CxxThrowException
__C_specific_handler
__CxxFrameHandler3
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_destroy_list
__uncaught_exceptions
_purecall
memcpy
memmove
memset
wcsrchr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-locale-l1-1-0

___mb_cur_max_l_func
__pctype_func
_configthreadlocale
_create_locale
_free_locale
setlocale

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsscanf
fflush
fwrite
getc
ungetc

api-ms-win-crt-runtime-l1-1-0

__sys_nerr
_cexit
_configure_narrow_argv
_crt_atexit
_errno
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initterm
_initterm_e
_register_onexit_function
_seh_filter_dll
abort
strerror_s

api-ms-win-crt-string-l1-1-0

_isctype_l
_iswlower_l
_strdup
_wcsicmp
mbrlen
strcmp
strlen
tolower
toupper
wcslen
wcsncpy_s
wcsnlen

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc
realloc

api-ms-win-crt-multibyte-l1-1-0

_mbtowc_l

api-ms-win-crt-time-l1-1-0

_strftime_l

api-ms-win-crt-convert-l1-1-0

_strtod_l
_strtof_l
_strtoi64_l
_strtold_l
_strtoui64_l
_ultow_s
mbrtowc
mbsrtowcs
wcrtomb
wcrtomb_s
wcstol

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 15B

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/PlugPlugExternalObject.dll
.dll windows x64

4f47fde5027d483ac592cce23d32d675

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6e:a6:10:36:bc:17:2e:7a:f6:30:74:ac:2c:dc:27:00
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/11/2015, 00:00

Not After

28/10/2017, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

52:c3:94:84:af:34:4e:7d:a6:ab:c9:a8:58:47:47:5b:7a:35:ab:dc
Signer

Actual PE Digest

52:c3:94:84:af:34:4e:7d:a6:ab:c9:a8:58:47:47:5b:7a:35:ab:dc

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

11/04/2017, 12:30
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext

msvcp140

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Xlength_error@std@@YAXPEBD@Z
?_BADOFF@std@@3_JB
?_Xout_of_range@std@@YAXPEBD@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Xbad_alloc@std@@YAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z

vcruntime140

__CxxFrameHandler3
memcpy
memset
__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__C_specific_handler
__telemetry_main_return_trigger
__telemetry_main_invoke_trigger
wcsrchr
memmove
__std_exception_copy

api-ms-win-crt-runtime-l1-1-0

_cexit
_seh_filter_dll
_errno
_crt_atexit
_execute_onexit_table
_initterm_e
_initterm
_configure_narrow_argv
_register_onexit_function
_initialize_onexit_table
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_invalid_parameter_noinfo

api-ms-win-crt-string-l1-1-0

wcsncpy_s
wcscat_s
strcmp

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

Exports

Exports

ESClientInterface
ESFreeMem
ESGetVersion
ESInitialize
ESMallocMem
ESTerminate

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/access-bridge-32.jar
.jar
specsb/access-bridge.jar
.jar
specsb/adbeape.dll
.dll windows x64

018a53f9b1004e704e086f20e4bd62cc

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6e:a6:10:36:bc:17:2e:7a:f6:30:74:ac:2c:dc:27:00
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/11/2015, 00:00

Not After

28/10/2017, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

63:db:67:3c:68:c3:e1:94:40:f3:9a:b5:f8:70:44:a0:3b:52:23:57
Signer

Actual PE Digest

63:db:67:3c:68:c3:e1:94:40:f3:9a:b5:f8:70:44:a0:3b:52:23:57

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

11/04/2017, 12:29
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetProcAddress
LoadLibraryW
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
GetSystemTimeAsFileTime

shell32

SHGetFolderPathW

msvcr90

strlen
__clean_type_info_names_internal
__crt_debugger_hook
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
?terminate@@YAXXZ
__CppXcptFilter
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
_decode_pointer
_onexit
_lock
_encode_pointer
__dllonexit
_unlock
__C_specific_handler
??2@YAPEAX_K@Z
memset
??0exception@std@@QEAA@AEBV01@@Z
_CxxThrowException
memmove_s
??0exception@std@@QEAA@XZ
__CxxFrameHandler3
??3@YAXPEAX@Z
??1exception@std@@UEAA@XZ
?what@exception@std@@UEBAPEBDXZ
??0exception@std@@QEAA@AEBQEBDH@Z

msvcp90

??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@AEBV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QEAA@PEBD@Z

Exports

Exports

APEAtomCoerce
APEAtomFromBool
APEAtomFromDouble
APEAtomFromHostObject
APEAtomFromInt32
APEAtomFromUTF16
APEAtomFromUTF8
APEAtomGetCanonical
APEAtomGetKind
APEAtomIsNull
APEAtomToBool
APEAtomToDouble
APEAtomToHostObject
APEAtomToInt32
APEAtomToUTF16
APEAtomToUTF8
APEAtomWatch
APEByteArrayCreate
APEByteArrayGetBuffer
APEChangeLogLevel
APEGetBuildBranch
APEGetBuildDate
APEGetBuildVersion
APEGetLogLevel
APEGetVersion
APEInitialize
APEObjectAddEventListener
APEObjectCreate
APEObjectDeleteProperty
APEObjectDisconnect
APEObjectEnumerate
APEObjectGetClassName
APEObjectGetClassObject
APEObjectGetProperty
APEObjectGetPropertyFlags
APEObjectGetRoot
APEObjectInvokeMethod
APEObjectLock
APEObjectPutProperty
APEObjectRemoveEventListener
APEPlayerAddPluginObjectModel
APEPlayerCallExternalInterface
APEPlayerChangeAttributes
APEPlayerDisconnectObjectModelExtension
APEPlayerExtendObjectModel
APEPlayerFromStageHWND
APEPlayerGetAttributes
APEPlayerInstallComponent
APEPlayerLoadComponent
APEPlayerLoadContent
APEPlayerLoadSWF
APEPlayerRetrieveException
APEPlayerSetException
APEPlayerSetStandardException
APEPlayerSuspendResumeAtomCacheFlushing
APERegisterMemoryStatusCallback
APEStreamClose
APEStreamWrite
APETerminate
APEUnregisterMemoryStatusCallback
APEYieldToRuntime

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 434B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/blacklisted.certs
specsb/boost_date_time.dll
.dll windows x64

cd64773a69783ef808ffdbec4d0358f6

Code Sign

0f:9b:76:16:5d:55:3f:b5:ae:2e:9b:e0:e7:32:4a:24
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

12/09/2017, 00:00

Not After

04/09/2019, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

1d:72:5e:38:6a:12:c6:8a:65:bc:1f:20:f4:88:9f:7c:f0:b4:ab:56:ab:12:14:ab:a8:de:4c:91:01:87:46:62
Signer

Actual PE Digest

1d:72:5e:38:6a:12:c6:8a:65:bc:1f:20:f4:88:9f:7c:f0:b4:ab:56:ab:12:14:ab:a8:de:4c:91:01:87:46:62

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

02/10/2018, 07:35
Valid: true

Chain 1

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcp140

?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?classic@locale@std@@SAAEBV12@XZ
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
??0_Lockit@std@@QEAA@H@Z
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
_Mbrtowc
?_Xlength_error@std@@YAXPEBD@Z
?_Xbad_alloc@std@@YAXXZ
??1_Lockit@std@@QEAA@XZ
?id@?$ctype@D@std@@2V0locale@2@A

vcruntime140

__std_exception_copy
__std_type_info_destroy_list
__std_exception_destroy
__std_terminate
_purecall
memmove
_CxxThrowException
__CxxFrameHandler3
memcmp
memcpy
__C_specific_handler
__vcrt_InitializeCriticalSectionEx
memset

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_invalid_parameter_noinfo_noreturn
terminate
_initterm_e
_initterm
_cexit
_seh_filter_dll

api-ms-win-crt-heap-l1-1-0

calloc
free
_callnewh
malloc

kernel32

GetSystemTimeAsFileTime
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
DisableThreadLibraryCalls
CloseHandle

Exports

Exports

??0?$constrained_value@V?$simple_exception_policy@G$00$0M@Ubad_month@gregorian@boost@@@CV@boost@@@CV@boost@@QEAA@G@Z
??0?$constrained_value@V?$simple_exception_policy@G$0A@$05Ubad_weekday@gregorian@boost@@@CV@boost@@@CV@boost@@QEAA@G@Z
??0greg_month@gregorian@boost@@QEAA@G@Z
??0greg_month@gregorian@boost@@QEAA@W4months_of_year@date_time@2@@Z
??0greg_weekday@gregorian@boost@@QEAA@G@Z
??4?$constrained_value@V?$simple_exception_policy@G$00$0M@Ubad_month@gregorian@boost@@@CV@boost@@@CV@boost@@QEAAAEAV012@$$QEAV012@@Z
??4?$constrained_value@V?$simple_exception_policy@G$00$0M@Ubad_month@gregorian@boost@@@CV@boost@@@CV@boost@@QEAAAEAV012@AEBV012@@Z
??4?$constrained_value@V?$simple_exception_policy@G$00$0M@Ubad_month@gregorian@boost@@@CV@boost@@@CV@boost@@QEAAAEAV012@G@Z
??4?$constrained_value@V?$simple_exception_policy@G$0A@$05Ubad_weekday@gregorian@boost@@@CV@boost@@@CV@boost@@QEAAAEAV012@$$QEAV012@@Z
??4?$constrained_value@V?$simple_exception_policy@G$0A@$05Ubad_weekday@gregorian@boost@@@CV@boost@@@CV@boost@@QEAAAEAV012@AEBV012@@Z
??4?$constrained_value@V?$simple_exception_policy@G$0A@$05Ubad_weekday@gregorian@boost@@@CV@boost@@@CV@boost@@QEAAAEAV012@G@Z
??4greg_month@gregorian@boost@@QEAAAEAV012@$$QEAV012@@Z
??4greg_month@gregorian@boost@@QEAAAEAV012@AEBV012@@Z
??4greg_weekday@gregorian@boost@@QEAAAEAV012@$$QEAV012@@Z
??4greg_weekday@gregorian@boost@@QEAAAEAV012@AEBV012@@Z
??B?$constrained_value@V?$simple_exception_policy@G$00$0M@Ubad_month@gregorian@boost@@@CV@boost@@@CV@boost@@QEBAGXZ
??B?$constrained_value@V?$simple_exception_policy@G$0A@$05Ubad_weekday@gregorian@boost@@@CV@boost@@@CV@boost@@QEBAGXZ
??Bgreg_month@gregorian@boost@@QEBAGXZ
?as_enum@greg_month@gregorian@boost@@QEBA?AW4months_of_year@date_time@3@XZ
?as_enum@greg_weekday@gregorian@boost@@QEBA?AW4weekdays@date_time@3@XZ
?as_long_string@greg_month@gregorian@boost@@QEBAPEBDD@Z
?as_long_string@greg_month@gregorian@boost@@QEBAPEBDXZ
?as_long_string@greg_month@gregorian@boost@@QEBAPEB_W_W@Z
?as_long_string@greg_weekday@gregorian@boost@@QEBAPEBDXZ
?as_long_wstring@greg_month@gregorian@boost@@QEBAPEB_WXZ
?as_long_wstring@greg_weekday@gregorian@boost@@QEBAPEB_WXZ
?as_number@greg_month@gregorian@boost@@QEBAGXZ
?as_number@greg_weekday@gregorian@boost@@QEBAGXZ
?as_short_string@greg_month@gregorian@boost@@QEBAPEBDD@Z
?as_short_string@greg_month@gregorian@boost@@QEBAPEBDXZ
?as_short_string@greg_month@gregorian@boost@@QEBAPEB_W_W@Z
?as_short_string@greg_weekday@gregorian@boost@@QEBAPEBDXZ
?as_short_wstring@greg_month@gregorian@boost@@QEBAPEB_WXZ
?as_short_wstring@greg_weekday@gregorian@boost@@QEBAPEB_WXZ
?assign@?$constrained_value@V?$simple_exception_policy@G$00$0M@Ubad_month@gregorian@boost@@@CV@boost@@@CV@boost@@AEAAXG@Z
?assign@?$constrained_value@V?$simple_exception_policy@G$0A@$05Ubad_weekday@gregorian@boost@@@CV@boost@@@CV@boost@@AEAAXG@Z
?create_facet_def@gregorian@boost@@YAPEAV?$all_date_names_put@Ugreg_facet_config@gregorian@boost@@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@date_time@2@D@Z
?create_facet_def@gregorian@boost@@YAPEAV?$all_date_names_put@Ugreg_facet_config@gregorian@boost@@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@date_time@2@_W@Z
?generate_locale@gregorian@boost@@YA?AVlocale@std@@AEAV34@D@Z
?generate_locale@gregorian@boost@@YA?AVlocale@std@@AEAV34@_W@Z
?get_month_map_ptr@greg_month@gregorian@boost@@SA?AV?$shared_ptr@V?$map@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@GU?$less@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@V?$allocator@U?$pair@$$CBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@G@std@@@2@@std@@@3@XZ
?max@?$constrained_value@V?$simple_exception_policy@G$00$0M@Ubad_month@gregorian@boost@@@CV@boost@@@CV@boost@@SAGXZ
?max@?$constrained_value@V?$simple_exception_policy@G$0A@$05Ubad_weekday@gregorian@boost@@@CV@boost@@@CV@boost@@SAGXZ
?min@?$constrained_value@V?$simple_exception_policy@G$00$0M@Ubad_month@gregorian@boost@@@CV@boost@@@CV@boost@@SAGXZ
?min@?$constrained_value@V?$simple_exception_policy@G$0A@$05Ubad_weekday@gregorian@boost@@@CV@boost@@@CV@boost@@SAGXZ
?nth_as_str@date_time@boost@@YAPEBDH@Z
?special_value_from_string@gregorian@boost@@YA?AW4special_values@date_time@2@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/boost_system.dll
.dll windows x64

b683aeff7c9e562916113ae5ad2d0843

Code Sign

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

04/03/2014, 00:00

Not After

03/03/2024, 23:59

Subject

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6e:a6:10:36:bc:17:2e:7a:f6:30:74:ac:2c:dc:27:00
Certificate

Issuer

CN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

06/11/2015, 00:00

Not After

28/10/2017, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:c8:d3:87:84:a1:b7:21:a1:82:4f:d1:82:f3:c7:9a:5c:d6:0c:c4
Signer

Actual PE Digest

0d:c8:d3:87:84:a1:b7:21:a1:82:4f:d1:82:f3:c7:9a:5c:d6:0c:c4

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

11/04/2017, 12:29
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

LocalFree
FormatMessageA
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
InitializeSListHead

msvcp140

?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
__C_specific_handler
__vcrt_InitializeCriticalSectionEx
__std_exception_copy
__std_exception_destroy
memset
__std_type_info_destroy_list
_purecall

api-ms-win-crt-runtime-l1-1-0

_initterm
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
terminate
_initterm_e
_invalid_parameter_noinfo_noreturn
_crt_at_quick_exit
_crt_atexit
strerror
_execute_onexit_table
_cexit

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

Exports

Exports

?generic_category@system@boost@@YAAEBVerror_category@12@XZ
?system_category@system@boost@@YAAEBVerror_category@12@XZ

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/calendars.properties
specsb/content-types.properties
specsb/currency.data
specsb/default.jfc
.xml
specsb/dnsns.jar
.jar
specsb/flavormap.properties
specsb/fontconfig.bfc
specsb/fontconfig.properties.src
specsb/hijrah-config-umalqura.properties
specsb/ie_to_edge_bho.dll
.dll regsvr32 windows x86

1e648166868d4b07af38bb2103e966ba

Code Sign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:fc:e7:42:d9:6d:94:f6:8c:8a:d3:30:21:45:cd:2d:de:ce:36:6b:85:0f:35:2c:ff:66:e0:4f:02:ba:4a:8e
Signer

Actual PE Digest

00:fc:e7:42:d9:6d:94:f6:8c:8a:d3:30:21:45:cd:2d:de:ce:36:6b:85:0f:35:2c:ff:66:e0:4f:02:ba:4a:8e

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

23/03/2023, 16:09
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareFileTime
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileW
CreateMutexW
CreateProcessW
CreateThread
DebugBreak
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FindResourceExW
FlushFileBuffers
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileSizeEx
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadResource
LocalFree
LockResource
MultiByteToWideChar
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
ReleaseSRWLockExclusive
ResetEvent
RtlUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

urlmon

CreateUri
URLDownloadToCacheFileW

user32

CallWindowProcW
CharLowerBuffW
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetAncestor
GetClassInfoExW
GetWindowLongW
KillTimer
LoadCursorW
MsgWaitForMultipleObjects
PeekMessageW
RegisterClassExW
SetTimer
SetWindowLongW
TranslateMessage
UnregisterClassW

oleaut32

DispCallFunc
LoadRegTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
VariantClear
VariantInit

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTokenInformation
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegGetValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SystemFunction036

shlwapi

ord437
PathCombineW
PathFileExistsW
ord12
StrChrW
ord154
StrStrW
UrlUnescapeW

shell32

SHGetKnownFolderPath
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize

wininet

CommitUrlCacheEntryBinaryBlob
DeleteUrlCacheContainerW
DeleteUrlCacheEntryW
GetUrlCacheEntryBinaryBlob
UrlCacheCreateContainer
UrlCacheFindFirstEntry
UrlCacheFindNextEntry
UrlCacheFreeEntryInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 180B

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/ie_to_edge_bho_64.dll
.dll regsvr32 windows x64

07e6a660cba9f444248d4cd8a15c7cac

Code Sign

33:00:00:02:cf:a0:25:90:e3:13:04:ef:15:00:00:00:00:02:cf
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fb:1a:4f:00:57:7f:a3:06:d4:4a:ae:f9:15:ec:8e:13:bf:d6:4a:7e:20:12:93:7c:65:4c:f4:3c:ad:ba:88:92
Signer

Actual PE Digest

fb:1a:4f:00:57:7f:a3:06:d4:4a:ae:f9:15:ec:8e:13:bf:d6:4a:7e:20:12:93:7c:65:4c:f4:3c:ad:ba:88:92

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

23/03/2023, 16:09
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareFileTime
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileW
CreateMutexW
CreateProcessW
CreateThread
DebugBreak
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FindResourceExW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetExitCodeProcess
GetFileSizeEx
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadResource
LocalFree
LockResource
MultiByteToWideChar
OpenProcess
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

urlmon

CreateUri
URLDownloadToCacheFileW

user32

CallWindowProcW
CharLowerBuffW
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetAncestor
GetClassInfoExW
GetWindowLongPtrW
KillTimer
LoadCursorW
MsgWaitForMultipleObjects
PeekMessageW
RegisterClassExW
SetTimer
SetWindowLongPtrW
TranslateMessage
UnregisterClassW

oleaut32

DispCallFunc
LoadRegTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
VariantClear
VariantInit

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
GetTokenInformation
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegGetValueW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
SystemFunction036

shlwapi

ord437
PathCombineW
PathFileExistsW
ord12
StrChrW
ord154
StrStrW
UrlUnescapeW

shell32

SHGetKnownFolderPath
SHGetSpecialFolderPathW
ShellExecuteW

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize

wininet

CommitUrlCacheEntryBinaryBlob
DeleteUrlCacheContainerW
DeleteUrlCacheEntryW
GetUrlCacheEntryBinaryBlob
UrlCacheCreateContainer
UrlCacheFindFirstEntry
UrlCacheFindNextEntry
UrlCacheFreeEntryInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 410KB - Virtual size: 409KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 108B

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 64B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/jaccess.jar
.jar
specsb/java.policy
specsb/java.security
specsb/jmxremote.access
specsb/jmxremote.password.template
specsb/jvm.hprof.txt
specsb/libimalloc.dll
.dll windows x64

Code Sign

0f:9b:76:16:5d:55:3f:b5:ae:2e:9b:e0:e7:32:4a:24
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

12/09/2017, 00:00

Not After

04/09/2019, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

7b:d4:e5:af:ba:cc:07:3f:a1:01:23:04:22:41:4d:12
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

23/12/2017, 00:00

Not After

22/03/2029, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G3,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

d7:b3:06:ca:6a:47:81:a4:35:12:3d:88:97:7d:e6:aa:94:3d:3b:79:4a:90:56:77:9f:2c:ff:2f:81:78:e4:21
Signer

Actual PE Digest

d7:b3:06:ca:6a:47:81:a4:35:12:3d:88:97:7d:e6:aa:94:3d:3b:79:4a:90:56:77:9f:2c:ff:2f:81:78:e4:21

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

02/10/2018, 07:36
Valid: true

Chain 1

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Premiere Pro\, AME\, After Effects\, Speedgrade,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

i_calloc_dll
i_free_dll
i_malloc_dll
i_realloc_dll

Sections

.rdata
Size: 512B - Virtual size: 146B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
specsb/logging.properties
specsb/management.properties
specsb/mc_config_avc.dll
.dll windows x64

985667f203366b340bb7e21d578196c1

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:a4:13:b6:8a:c7:22:0d:6b:ed:12:eb:5f:d6:90:a3
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11/04/2018, 00:00

Not After

16/04/2019, 12:00

Subject

CN=MainConcept GmbH.,O=MainConcept GmbH.,L=Aachen,ST=Nordrhein-Westfalen,C=DE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:8e:40:46:0a:33:7d:e7:93:41:cd:70:b6:a7:d8:f3:3d:b4:54:0b
Signer

Actual PE Digest

03:8e:40:46:0a:33:7d:e7:93:41:cd:70:b6:a7:d8:f3:3d:b4:54:0b

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

CN=MainConcept GmbH.,O=MainConcept GmbH.,L=Aachen,ST=Nordrhein-Westfalen,C=DE

01/09/2018, 09:06
Valid: true

Chain 1

CN=MainConcept GmbH.,O=MainConcept GmbH.,L=Aachen,ST=Nordrhein-Westfalen,C=DE

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

isalpha
malloc
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
strtok
__CppXcptFilter
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
fprintf
fseek
feof
sscanf
strchr
getc
_strtoi64
tolower
strtol
atof
free
sprintf
calloc
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
memset
fopen
fclose
strrchr
_stricmp
__C_specific_handler
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
LoadLibraryW
GetProcAddress
GetLastError
FormatMessageA
FreeLibrary
GetSystemTimeAsFileTime

Exports

Exports

AVCConfigGetAPIExt

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_config_mp2m.dll
.dll windows x64

10b5a52388f9c0551656694ca6322acb

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c3:c3:c4:fb:ad:97:be:8f:81:b4:25:f2:d6:c4:60:47:44:d2:ff:5f
Signer

Actual PE Digest

c3:c3:c4:fb:ad:97:be:8f:81:b4:25:f2:d6:c4:60:47:44:d2:ff:5f

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

strtok
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
__C_specific_handler
fprintf
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
fopen
fseek
feof
sscanf
strchr
fclose
getc
_strtoi64
tolower
strtol
atof
free
sprintf
calloc
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
strrchr
_stricmp
memset
__CppXcptFilter
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
LoadLibraryW
GetProcAddress
GetLastError
FormatMessageA
FreeLibrary
GetSystemTimeAsFileTime

Exports

Exports

MP2MConfigGetAPIExt

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_config_mp2v.dll
.dll windows x64

1f9976e884cf559a3ce9746a7e5ba608

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e8:a2:d5:8b:20:7f:b3:9b:13:2f:e1:1a:32:8a:fe:29:db:49:e6:3d
Signer

Actual PE Digest

e8:a2:d5:8b:20:7f:b3:9b:13:2f:e1:1a:32:8a:fe:29:db:49:e6:3d

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

fseek
fopen
fprintf
strtok
_malloc_crt
_initterm
_initterm_e
_encoded_null
feof
__C_specific_handler
__CppXcptFilter
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
sscanf
strchr
fclose
getc
_strtoi64
strtol
atof
sprintf
calloc
malloc
free
isalpha
tolower
ceil
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
memset
strrchr
_stricmp
_amsg_exit
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
LoadLibraryW
GetProcAddress
GetLastError
FormatMessageA
FreeLibrary
GetSystemTimeAsFileTime

Exports

Exports

MP2VConfigGetAPIExt

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_config_mp4v.dll
.dll windows x64

1ed2a081ed82bbf723dd4f777aabd4c3

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

93:5d:d3:8b:4b:d4:99:59:23:c6:cf:97:fb:f2:0c:b6:93:d5:cd:77
Signer

Actual PE Digest

93:5d:d3:8b:4b:d4:99:59:23:c6:cf:97:fb:f2:0c:b6:93:d5:cd:77

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

strtok
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
__C_specific_handler
fprintf
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
fopen
fseek
feof
sscanf
strchr
fclose
getc
_strtoi64
tolower
strtol
atof
_stricmp
free
sprintf
calloc
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
memset
strrchr
__CppXcptFilter
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
LoadLibraryW
GetProcAddress
GetLastError
FormatMessageA
FreeLibrary
GetSystemTimeAsFileTime

Exports

Exports

MP4VConfigGetAPIExt

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_config_mpa.dll
.dll windows x64

2138c03315f38fe62d9d3f12dc851c4d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0f:30:0f:75:f5:f5:32:0d:d7:e9:1f:8d:8f:0a:2f:bf:3c:4d:d5:41
Signer

Actual PE Digest

0f:30:0f:75:f5:f5:32:0d:d7:e9:1f:8d:8f:0a:2f:bf:3c:4d:d5:41

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

strtok
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
__C_specific_handler
fprintf
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
fopen
fseek
feof
sscanf
strchr
fclose
getc
_strtoi64
tolower
strtol
atof
free
sprintf
calloc
??2@YAPEAX_K@Z
??3@YAXPEAX@Z
memset
strrchr
_stricmp
__CppXcptFilter
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
LoadLibraryW
GetProcAddress
GetLastError
FormatMessageA
FreeLibrary
GetSystemTimeAsFileTime

Exports

Exports

MPAConfigGetAPIExt

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_config_pcm.dll
.dll windows x64

3c8a12a04b6617b530cdbfa075597dbd

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

90:4c:c8:9c:ee:11:65:89:cd:3e:16:a5:64:92:64:23:1e:19:f8:71
Signer

Actual PE Digest

90:4c:c8:9c:ee:11:65:89:cd:3e:16:a5:64:92:64:23:1e:19:f8:71

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

strtok
_malloc_crt
_initterm
_initterm_e
_encoded_null
_amsg_exit
__C_specific_handler
fprintf
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
fopen
fseek
feof
sscanf
strchr
fclose
getc
_strtoi64
tolower
strtol
atof
free
sprintf
calloc
??2@YAPEAX_K@Z
memset
??3@YAXPEAX@Z
strrchr
_stricmp
__CppXcptFilter
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
LoadLibraryW
GetProcAddress
GetLastError
FormatMessageA
FreeLibrary
GetSystemTimeAsFileTime

Exports

Exports

PCMConfigGetAPIExt

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_dec_spic.dll
.dll windows x64

1b3ddf9042fa4230fdaae4834c205fb9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

30:3a:ca:1e:f5:84:c2:f0:02:ec:68:be:8f:39:1f:0c:b4:b9:94:40
Signer

Actual PE Digest

30:3a:ca:1e:f5:84:c2:f0:02:ec:68:be:8f:39:1f:0c:b4:b9:94:40

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__crt_debugger_hook
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
memset
malloc
free
memcpy

kernel32

EncodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer

Exports

Exports

open_MPEGin_Subpic_stream

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_demux_dv.dll
.dll windows x64

941ec5c9ec16f4304b31688933456e96

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

31:1e:78:43:73:da:57:f7:30:db:11:a6:25:9e:6d:d8:91:09:4c:08
Signer

Actual PE Digest

31:1e:78:43:73:da:57:f7:30:db:11:a6:25:9e:6d:d8:91:09:4c:08

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:34
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__crt_debugger_hook
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
memcpy
memset

kernel32

EncodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer

Exports

Exports

dv_demuxGetAPIExt
dv_demuxaudio
dv_getaudioinfo

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_enc_mp2sr.dll
.dll windows x64

95b16a9a7a3f9dfe536c43a2c7e11095

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d9:27:84:37:7b:c0:a4:e6:c4:de:ab:09:55:b9:b9:cd:54:89:01:9a
Signer

Actual PE Digest

d9:27:84:37:7b:c0:a4:e6:c4:de:ab:09:55:b9:b9:cd:54:89:01:9a

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:35
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__crt_debugger_hook
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
vsprintf
printf
malloc
free
memset
memcpy
??2@YAPEAX_K@Z
wprintf
??3@YAXPEAX@Z

kernel32

FreeLibrary
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
LoadLibraryW
GetProcAddress
GetLastError
FormatMessageA

Exports

Exports

srWrapperAudioChkSettings
srWrapperAudioDefaults
srWrapperAudioInit
srWrapperAudioNew
srWrapperAudioPutBytes
srWrapperDone
srWrapperFree
srWrapperGetAPIExt
srWrapperInputAttach
srWrapperInputCheck
srWrapperInputDetach
srWrapperVideoChkSettings
srWrapperVideoDefaults
srWrapperVideoGetMaxBitrate
srWrapperVideoInit
srWrapperVideoNew
srWrapperVideoPerformance
srWrapperVideoPut
srWrapperVideoPutFrame
srWrapperVideoPutFrameV

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_enc_pcm.dll
.dll windows x64

31025bf51db4b48b60efe6658e177a92

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

de:ad:02:43:21:9a:3e:c8:7e:b0:dd:66:32:76:a1:52:e7:65:2d:2d
Signer

Actual PE Digest

de:ad:02:43:21:9a:3e:c8:7e:b0:dd:66:32:76:a1:52:e7:65:2d:2d

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:35
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__crt_debugger_hook
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
free
malloc
memset
memcpy

kernel32

EncodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer

Exports

Exports

pcmOutAudioCheckFirst
pcmOutAudioCheckNext
pcmOutAudioCheckSettings
pcmOutAudioChkSettings
pcmOutAudioDefaults
pcmOutAudioDone
pcmOutAudioFree
pcmOutAudioGetAPIExt
pcmOutAudioGetLastErrString
pcmOutAudioInit
pcmOutAudioNew
pcmOutAudioPutBytes
pcmOutAudioPutBytesEx

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_mux_dv.dll
.dll windows x64

941ec5c9ec16f4304b31688933456e96

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d0:81:c6:1d:2d:ec:43:e8:e5:cb:90:5d:9c:0e:07:59:38:8c:b9:c5
Signer

Actual PE Digest

d0:81:c6:1d:2d:ec:43:e8:e5:cb:90:5d:9c:0e:07:59:38:8c:b9:c5

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:35
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__crt_debugger_hook
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
free
_initterm_e
_initterm
_malloc_crt
memcpy
memset

kernel32

EncodePointer
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer

Exports

Exports

dv_muxGetAPIExt
dv_muxaudio

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_trans_audio_converter.dll
.dll windows x64

ff43da37b0e56a4856f37f090af7d387

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3f:f6:3c:b4:2f:be:85:4b:d6:44:e8:78:41:d3:f2:b5:e3:5b:3c:e6
Signer

Actual PE Digest

3f:f6:3c:b4:2f:be:85:4b:d6:44:e8:78:41:d3:f2:b5:e3:5b:3c:e6

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:35
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

_unlock
__clean_type_info_names_internal
_lock
_onexit
__crt_debugger_hook
__CppXcptFilter
__C_specific_handler
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
sin
sqrt
malloc
free
vsprintf
printf
memset
__dllonexit
memcpy

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

Exports

Exports

audioConverterBytesToSamples
audioConverterCheckSettings
audioConverterDone
audioConverterFree
audioConverterGetAPIExt
audioConverterInit
audioConverterInitChannel
audioConverterNew
audioConverterNoMoreDataInChannel
audioConverterPutBytes
audioConverterPutBytesOneChannel
audioConverterSamplesToBytes

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/mc_trans_video_framerate.dll
.dll windows x64

50a5f7fc10d903c481915e517ca41633

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

17:4a:bf:68:da:6c:3d:45:78:ac:ee:8f:d0:af:1d:66
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

08/02/2017, 00:00

Not After

09/04/2018, 23:59

Subject

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:e3:5a:01:e4:03:00:8a:43:e6:de:a2:6b:09:88:f4:76:f0:98:dc
Signer

Actual PE Digest

29:e3:5a:01:e4:03:00:8a:43:e6:de:a2:6b:09:88:f4:76:f0:98:dc

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=NeuLion\, Inc.,O=NeuLion\, Inc.,L=Plainview,ST=New York,C=US

22/03/2017, 10:35
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcr100

?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
__CppXcptFilter
_unlock
__dllonexit
_lock
_onexit
__C_specific_handler
_amsg_exit
_encoded_null
_initterm_e
_initterm
_malloc_crt
memset
vsprintf
printf
__CxxFrameHandler3
_purecall
memcpy
realloc
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
free
__clean_type_info_names_internal
malloc

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
Sleep
DecodePointer
EncodePointer
GetSystemTimeAsFileTime

Exports

Exports

FRCOutVideoDone
FRCOutVideoFree
FRCOutVideoInit
FRCOutVideoNew
FRCOutVideoPutFrame
FRCOutVideoUpdateSettings

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 134B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
specsb/messages_de.properties
specsb/messages_es.properties
specsb/messages_fr.properties
specsb/messages_ja.properties
specsb/messages_ko.properties
specsb/messages_zh_CN.properties
specsb/messages_zh_HK.properties
specsb/messages_zh_TW.properties
specsb/meta-index
specsb/mfc100chs.dll
.dll windows x86

Code Sign

33:00:00:00:cc:cb:b8:13:eb:5d:72:2d:45:00:00:00:00:00:cc
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:148C-C4B9-2066,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4b:0c:7c:16:d0:22:05:2a:86:cb:68:07:24:8b:4a:16:ec:43:c9:cd
Signer

Actual PE Digest

4b:0c:7c:16:d0:22:05:2a:86:cb:68:07:24:8b:4a:16:ec:43:c9:cd

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

25/10/2016, 17:32
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
specsb/mfc100cht.dll
.dll windows x86

Code Sign

33:00:00:00:c8:47:22:9d:a3:0d:ca:c0:58:00:00:00:00:00:c8
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:98FD-C61E-E641,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

12:d2:c0:c3:6a:55:48:a4:1b:0b:eb:ca:b3:f8:f9:7a:03:fe:51:cb
Signer

Actual PE Digest

12:d2:c0:c3:6a:55:48:a4:1b:0b:eb:ca:b3:f8:f9:7a:03:fe:51:cb

Digest Algorithm

sha1

PE Digest Matches

true

Signature Validations

Trusted

false

Verification

Signing Certificate

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

25/10/2016, 17:32
Valid: false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
specsb/net.properties
specsb/profile.jfc
.xml
specsb/psfont.properties.ja
specsb/psfontj2d.properties
specsb/snmp.acl.template
specsb/sound.properties
specsb/sunec.jar
.jar
specsb/sunjce_provider.jar
.jar
specsb/sunmscapi.jar
.jar
specsb/sunpkcs11.jar
.jar
specsb/zipfs.jar
.jar

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: 2022

Password: 2022

585861b958c9f1fe9cc0324e1020a230

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 300KB - Virtual size: 299KB

.rdata Size: 98KB - Virtual size: 97KB

.data Size: 8KB - Virtual size: 19KB

.pdata Size: 15KB - Virtual size: 15KB

.00cfg Size: 512B - Virtual size: 40B

.tls Size: 512B - Virtual size: 289B

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

Password: 2022

79b3362178937bf9559741c46bb9e035

Code Sign

3f:dc:7a:3e:7e:96:5e:b6:4e:3a:1a:ce:c7:32:b0:e3Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

27:ba:57:21:6b:a4:c9:50:df:3b:12:40:10:7e:77:4a:a3:ea:43:7b:c0:a7:17:78:87:01:db:66:8f:78:ec:14Signer

Signature Validations

Verification

23/03/2023, 16:09 Valid: false

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.MPRESS1 Size: 3.5MB - Virtual size: 9.6MB

.MPRESS2 Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

Password: 2022

e913d4b2d76cf2dee22ce88ba9b8bf29

Headers

DLL Characteristics

File Characteristics

Imports

mxf_sdk_4.5.16_vs10

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 19KB - Virtual size: 18KB

.data Size: 1KB - Virtual size: 2KB

.pdata Size: 1KB - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 396B

Password: 2022

655486c6f4b4686a1316be4acbb66a59

Headers

DLL Characteristics

File Characteristics

Imports

mxf_sdk_4.5.16_vs10

msvcr100

kernel32

Exports

Exports

Sections

.text Size: 11KB - Virtual size: 10KB

.text
Size: 300KB - Virtual size: 299KB

.rdata
Size: 98KB - Virtual size: 97KB

.data
Size: 8KB - Virtual size: 19KB

.pdata
Size: 15KB - Virtual size: 15KB

.00cfg
Size: 512B - Virtual size: 40B

.tls
Size: 512B - Virtual size: 289B

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

3f:dc:7a:3e:7e:96:5e:b6:4e:3a:1a:ce:c7:32:b0:e3
Certificate

90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

27:ba:57:21:6b:a4:c9:50:df:3b:12:40:10:7e:77:4a:a3:ea:43:7b:c0:a7:17:78:87:01:db:66:8f:78:ec:14
Signer

23/03/2023, 16:09
Valid: false

.MPRESS1
Size: 3.5MB - Virtual size: 9.6MB

.MPRESS2
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 19KB - Virtual size: 18KB

.data
Size: 1KB - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 396B

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 9KB - Virtual size: 9KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 1024B - Virtual size: 876B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 148B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 1KB - Virtual size: 2KB

.pdata
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 340B

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 792B

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 164B

19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49
Certificate

6e:a6:10:36:bc:17:2e:7a:f6:30:74:ac:2c:dc:27:00
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

c4:80:a9:7a:ae:a3:23:ec:77:a4:1e:23:3c:b0:f6:40:42:6d:fb:12
Signer

11/04/2017, 12:30
Valid: false