Setup[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Setup.zip
Size

17.6MB
MD5

049b51e28d78341df6fe89558a37236b
SHA1

ab6972d019205b40dbe8bcee66a39ff04376bf50
SHA256

f61ffc514c9a2370de852611755e1194772b348b6be2c30fe9ab63f3bfcf192f
SHA512

487e63e4002359c8503063a41d8107a76505499a16f5f17900575c2600a184d86eb034236d79fa38520eb1d8b528d8bfa748db8340f3e22923eef124df197f7d
SSDEEP

393216:/Fhfrie4SXnpiu83CE1CtMlx4ZoUefXAIX/gHrvY9qHxkfW:/FpX4SXpiu8hlOeUefXAHLvOyke

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Setup/IA2Marshal.dll
unpack001/Setup/Setup.exe
unpack001/Setup/libGLESv2.dll
unpack001/Setup/php5ts.dll

Files

Setup.zip
.zip

Password: 2023
Setup/Accessible.tlb
Setup/Data/Debug/Addition.dll
Setup/Data/Debug/Autoupdater.ini
Setup/Data/Debug/Cracker.dll
Setup/Data/Debug/DebugPPF.tmp
Setup/Data/Debug/DebugPPT.tmp
Setup/Data/Debug/Helper.dll
Setup/Data/Debug/Management.log
Setup/Data/Debug/Resource.dll
Setup/Data/Debug/main.ini
Setup/Data/Language.pimx
Setup/Data/Main.ini
Setup/Data/Packaged/Main.ini
.xml
Setup/Data/Packaged/Resource.dll
.zip

Password: 2023
placeholder.txt
Setup/Data/Packaged/Utils.dll
.xml
Setup/Debug/AAM/IPC/IPC.pima
.zip

Password: 2023
AdobeIPCBroker.exe
.exe windows x86

Password: 2023

b78757e60c78fbd8d0549e7a1e0d29a1

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/10/2018, 00:00

Not After

03/11/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43
Signer

Actual PE Digest

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

04/12/2018, 12:01
Valid: true

Chain 1

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

htonl
getsockopt
ioctlsocket
connect
closesocket
listen
getsockname
bind
WSAGetLastError
WSASetLastError
WSAStartup
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
send
select
recv
ntohs
inet_ntoa
inet_addr
htons
__WSAFDIsSet

kernel32

GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetLastError
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
FindFirstFileW
FindNextFileW
InitializeCriticalSectionEx
FindClose
RaiseException
DecodePointer
ReleaseMutex
CreateMutexA
Sleep
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
CreateMutexW
FreeLibrary
CreateProcessW
GetProcAddress
CloseHandle
LoadLibraryA
MultiByteToWideChar
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
InitializeCriticalSection
GetThreadPriority
HeapSize
HeapFree
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
FindNextFileA
SwitchToThread
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentVariableW
GetCurrentProcessId
ReadFile
WriteFile
ConnectNamedPipe
GetOverlappedResult
OpenProcess
QueryFullProcessImageNameW
GetNamedPipeServerProcessId
GetLocalTime
GetCurrentThread
GetTickCount
GetEnvironmentStringsW
SetStdHandle
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
SetEndOfFile
SetFilePointerEx
UnlockFile
GetTempPathW
DuplicateHandle
PeekNamedPipe
CreateNamedPipeW
SetEvent
ResetEvent
CreateEventW
GetCurrentProcess
SetThreadPriority
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleHandleExW
LoadLibraryExW
WaitForMultipleObjects
GetNamedPipeInfo
LocalAlloc
LocalReAlloc
LocalFree
FormatMessageW
LCMapStringW
SetFilePointer
RtlCaptureStackBackTrace
TerminateProcess
GlobalAlloc
GlobalFree
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
QueryPerformanceCounter
IsDebuggerPresent
GetStartupInfoW
WideCharToMultiByte
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CompareStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedPushEntrySList
GetDriveTypeW
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetFullPathNameA
HeapAlloc
FindFirstFileExA

user32

SetWindowLongW
RegisterClassW
CreateWindowExW
SetTimer
KillTimer
TranslateMessage
DispatchMessageW
PostMessageW
PostQuitMessage
DestroyWindow
MsgWaitForMultipleObjectsEx
GetWindowLongW
GetShellWindow
EnumWindows
GetWindowThreadProcessId
DefWindowProcW
PeekMessageW

advapi32

GetUserNameW
RegCloseKey
CreateProcessWithTokenW
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
OleRun
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

shell32

ShellExecuteExW
SHCreateDirectoryExW
CommandLineToArgvW

Sections

.text
Size: 748KB - Virtual size: 747KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/AdobeIPCBrokerCustomHook.exe
.exe windows x86

Password: 2023

85aa1a3ec9a324deb93be1db280c6b57

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/10/2018, 00:00

Not After

03/11/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54
Signer

Actual PE Digest

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

04/12/2018, 12:01
Valid: true

Chain 1

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathAppendW

kernel32

RaiseException
HeapSize
TerminateProcess
GetTempPathW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CloseHandle
CreateFileW
ReadConsoleW
WriteConsoleW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
SetEndOfFile
GetLastError
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
SetFilePointerEx
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle

user32

FindWindowExW
PostMessageW

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/Debug/AAM/IPC/IPC.pimx
Setup/Debug/AAM/IPC/IPC.sig
.xml
Setup/Debug/resources/AdobePIM.dll
.dll windows x86

Password: 2023

dd6ba004004c70f4eb3bbd4c9ec97b28

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

54:9e:86:75:de:ec:b8:47:4c:ba:a5:7d:83:53:a2:3b:25:dc:dd:a5:31:88:42:96:16:ee:64:6e:89:81:6a:d4
Signer

Actual PE Digest

54:9e:86:75:de:ec:b8:47:4c:ba:a5:7d:83:53:a2:3b:25:dc:dd:a5:31:88:42:96:16:ee:64:6e:89:81:6a:d4

Digest Algorithm

sha256

PE Digest Matches

true

Signature Validations

Trusted

true

Verification

Signing Certificate

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

20/06/2020, 13:52
Valid: true

Chain 1

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msi

ord147
ord74
ord145

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

psapi

GetModuleFileNameExW
GetProcessImageFileNameW
EnumProcessModules

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

shlwapi

PathIsFileSpecW
PathAddExtensionW
PathRemoveFileSpecA
PathIsDirectoryA
PathIsDirectoryEmptyW
PathIsSystemFolderW
PathIsRootW
PathRenameExtensionW
PathIsDirectoryW
PathAppendW
PathRemoveBackslashW
PathStripPathW
PathAppendA
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
PathRemoveExtensionW

shell32

ShellExecuteExW
SHCreateDirectoryExW
SHGetFolderLocation
SHGetSpecialFolderPathW
SHGetKnownFolderPath
SHGetPathFromIDListW
SHGetFolderPathW
ord680
CommandLineToArgvW
ord51
SHCreateItemFromParsingName

winhttp

WinHttpOpen
WinHttpReceiveResponse
WinHttpSetTimeouts
WinHttpQueryHeaders
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetCredentials
WinHttpSendRequest
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpConnect
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpSetOption

kernel32

TlsFree
TlsSetValue
TlsGetValue
CompareStringW
SwitchToThread
InitializeCriticalSectionAndSpinCount
GetStringTypeW
EncodePointer
TlsAlloc
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
GetTimeZoneInformation
ExitProcess
GetStdHandle
GetFileType
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
GetConsoleCP
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionEx
GetLastError
RaiseException
DecodePointer
DeleteCriticalSection
ReleaseSemaphore
CreateMutexW
WaitForSingleObject
LocalAlloc
ReleaseMutex
Sleep
OpenSemaphoreW
CloseHandle
LocalFree
GetCurrentProcessId
CreateSemaphoreW
CreateDirectoryW
GetTempPathW
MultiByteToWideChar
SetEvent
ResetEvent
GetCommandLineW
CreateProcessW
GetLocalTime
GetTimeFormatW
GetDateFormatW
OpenProcess
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
FindFirstFileW
FindNextFileW
TerminateProcess
RemoveDirectoryW
FindClose
SetEnvironmentVariableW
SetFileAttributesW
CreateEventW
GetDiskFreeSpaceExW
CreateThread
CopyFileW
lstrcmpiW
lstrcmpW
GetExitCodeProcess
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
GetCurrentProcess
GetFileSizeEx
lstrlenW
GetACP
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
FindResourceW
MoveFileExW
GlobalAlloc
GlobalFree
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetLastError
DuplicateHandle
ProcessIdToSessionId
TerminateThread
FindResourceExW
lstrcpyW
QueryFullProcessImageNameW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
GetFileTime
FileTimeToSystemTime
OpenMutexW
GetUserDefaultLCID
LCMapStringW
GetUserDefaultLangID
GetUserDefaultUILanguage
SetFilePointerEx
ResumeThread
SetStdHandle
WriteConsoleW
QueryPerformanceFrequency
GetVersionExW
CreateFileMappingW

user32

wsprintfW
EnumWindows
GetWindowThreadProcessId
GetShellWindow

advapi32

InitializeSecurityDescriptor
SetEntriesInAclW
AllocateAndInitializeSid
SetSecurityDescriptorDacl
RegQueryValueExW
FreeSid
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyExW
RegCloseKey
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupAccountSidW
CreateWellKnownSid
EqualSid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW

ole32

CoUninitialize
CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoInitialize
CoCreateGuid
StringFromGUID2
CLSIDFromProgID
OleRun
CLSIDFromString

oleaut32

SysStringLen
VariantChangeType
VariantInit
SysFreeString
SysAllocString
VariantClear
VariantCopy
GetErrorInfo

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperGetProvCertFromChain
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain

Exports

Exports

AAMIU_Uninstall
AAMIU_getDeploymentValidationStatus
AAMIU_preInstallPropertySet
pim_createLibraryRef
pim_freeLibraryRef
pim_freeLiraryRef
pim_freeString
pim_getAppletAndPackageInfo
pim_getAppletRegistrationInfo
pim_getAppletRelationshipInfo
pim_getCurrentCCVersion
pim_getCurrentPackagesVersion
pim_getInstallStatus
pim_getInstalledPackagesInfo
pim_launchACCCUninstallerExecutableAsAdmin
pim_selfUpdateCheck
pim_selfUpdateCheckWithData
pim_startWorkflow
pim_startWorkflowWithData
pim_syncFromPathToACF
pim_syncFromPathToPath
pim_syncUSFToACF
pim_uninstallAAMFromAAMCleanerTool
pim_uninstallAAMUsingAAMCleanerTool
pim_uninstallACCC64FromACCCCleanerTool
pim_uninstallACCCFromACCCCleanerTool
pim_uninstallADC64UsingADCCleanerTool
pim_uninstallADCUsingADCCleanerTool

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 356KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/Debug/resources/Config.xml
.xml
Setup/IA2Marshal.dll
.dll regsvr32 windows x64

Password: 2023

89556f266a5e711ccfbd9bae475375d1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

rpcrt4

CStdStubBuffer_AddRef
CStdStubBuffer_Connect
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_QueryInterface
IUnknown_AddRef_Proxy
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllRegisterProxy
NdrDllUnregisterProxy
NdrOleAllocate
NdrOleFree
NdrStubCall2
NdrStubForwardingFunction

ole32

HWND_UserFree
HWND_UserMarshal
HWND_UserSize
HWND_UserUnmarshal

oleaut32

BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BSTR_UserUnmarshal
VARIANT_UserFree
VARIANT_UserMarshal
VARIANT_UserSize
VARIANT_UserUnmarshal

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_execute_onexit_table
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
abort

api-ms-win-crt-private-l1-1-0

memcpy

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
fwrite

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron

api-ms-win-crt-heap-l1-1-0

_set_new_mode

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_tzset

mozglue

calloc
free

api-ms-win-crt-string-l1-1-0

strlen
strncmp

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 139B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/Setup.exe
.exe windows x86

Password: 2023

0b87e45f0dd8f7cb4f37bb51b2ee3075

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
GetModuleHandleW
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
CreateFileW
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetProcessHeap
HeapSize
WriteConsoleW

Sections

.text
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 173KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.Rain
Size: 793KB - Virtual size: 792KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Setup/libGLESv2.dll
.dll windows x64

Password: 2023

94c7fb29a0a5d69da0d7bfab13142024

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

mozglue

_aligned_free
_aligned_malloc
_strdup
calloc
free
malloc
moz_xmalloc
realloc

dxgi

CreateDXGIFactory
CreateDXGIFactory1

d3d9

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_SetMarker
Direct3DCreate9

kernel32

AcquireSRWLockExclusive
CloseHandle
DeleteCriticalSection
EnterCriticalSection
FlsAlloc
FlsGetValue
FlsSetValue
FreeLibrary
GetCurrentDirectoryA
GetCurrentThreadId
GetEnvironmentVariableA
GetFileAttributesExA
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadId
InitOnceExecuteOnce
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSRWLockExclusive
RtlLookupFunctionEntry
RtlRestoreContext
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetEnvironmentVariableA
Sleep
SleepConditionVariableSRW
SwitchToThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte

user32

CreateWindowExW
DestroyWindow
GetClientRect
InvalidateRect
IsIconic
IsWindow
WindowFromDC

api-ms-win-crt-convert-l1-1-0

_strtod_l
_strtoi64_l
_strtoui64_l
atoi
mbrtowc
mbsrtowcs
strtod
strtol
strtoul
wcrtomb
wcrtomb_s
wcstod
wcstol
wcstombs
wcstoul

api-ms-win-crt-math-l1-1-0

__setusermatherr
cosh
sinh
tan
tanh

api-ms-win-crt-private-l1-1-0

memchr
memcmp
memcpy
memmove
strrchr
strstr

api-ms-win-crt-runtime-l1-1-0

__p___argc
__p___argv
__p___wargv
__sys_nerr
_assert
_beginthreadex
_configure_narrow_argv
_configure_wide_argv
_crt_atexit
_errno
_execute_onexit_table
_exit
_initialize_narrow_environment
_initialize_onexit_table
_initialize_wide_environment
_initterm
_register_onexit_function
_register_thread_local_exe_atexit_callback
abort
exit
strerror
strerror_s

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfwprintf
__stdio_common_vsprintf
__stdio_common_vsprintf_s
__stdio_common_vsscanf
__stdio_common_vswprintf
_close
_lseek
_open
_read
_wopen
_write
fclose
fflush
fopen
fputc
fputs
fread
fseek
ftell
fwrite
getc
ungetc

api-ms-win-crt-string-l1-1-0

_isctype_l
_iswalpha_l
_iswcntrl_l
_iswdigit_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_strcoll_l
_strnicmp
_strxfrm_l
_tolower_l
_toupper_l
_towlower_l
_towupper_l
_wcscoll_l
_wcsxfrm_l
islower
isspace
isupper
iswctype
isxdigit
mbrlen
memset
strcmp
strlen
strncmp
tolower
toupper
wcslen

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
___mb_cur_max_func
__pctype_func
_configthreadlocale
_create_locale
_free_locale
localeconv
setlocale

api-ms-win-crt-time-l1-1-0

__daylight
__timezone
__tzname
_strftime_l
_tzset

api-ms-win-crt-multibyte-l1-1-0

_mbtowc_l

api-ms-win-crt-environment-l1-1-0

__p__environ
__p__wenviron
getenv

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Exports

Exports

ANGLEGetDisplayPlatform
ANGLEResetDisplayPlatform
EGL_BindAPI
EGL_BindTexImage
EGL_ChooseConfig
EGL_ClientWaitSync
EGL_ClientWaitSyncKHR
EGL_CopyBuffers
EGL_CreateContext
EGL_CreateDeviceANGLE
EGL_CreateImage
EGL_CreateImageKHR
EGL_CreateNativeClientBufferANDROID
EGL_CreatePbufferFromClientBuffer
EGL_CreatePbufferSurface
EGL_CreatePixmapSurface
EGL_CreatePlatformPixmapSurface
EGL_CreatePlatformPixmapSurfaceEXT
EGL_CreatePlatformWindowSurface
EGL_CreatePlatformWindowSurfaceEXT
EGL_CreateStreamKHR
EGL_CreateStreamProducerD3DTextureANGLE
EGL_CreateSync
EGL_CreateSyncKHR
EGL_CreateWindowSurface
EGL_DebugMessageControlKHR
EGL_DestroyContext
EGL_DestroyImage
EGL_DestroyImageKHR
EGL_DestroyStreamKHR
EGL_DestroySurface
EGL_DestroySync
EGL_DestroySyncKHR
EGL_DupNativeFenceFDANDROID
EGL_GetCompositorTimingANDROID
EGL_GetCompositorTimingSupportedANDROID
EGL_GetConfigAttrib
EGL_GetConfigs
EGL_GetCurrentContext
EGL_GetCurrentDisplay
EGL_GetCurrentSurface
EGL_GetDisplay
EGL_GetError
EGL_GetFrameTimestampSupportedANDROID
EGL_GetFrameTimestampsANDROID
EGL_GetMscRateANGLE
EGL_GetNativeClientBufferANDROID
EGL_GetNextFrameIdANDROID
EGL_GetPlatformDisplay
EGL_GetPlatformDisplayEXT
EGL_GetProcAddress
EGL_GetSyncAttrib
EGL_GetSyncAttribKHR
EGL_GetSyncValuesCHROMIUM
EGL_HandleGPUSwitchANGLE
EGL_Initialize
EGL_LabelObjectKHR
EGL_MakeCurrent
EGL_PostSubBufferNV
EGL_PresentationTimeANDROID
EGL_ProgramCacheGetAttribANGLE
EGL_ProgramCachePopulateANGLE
EGL_ProgramCacheQueryANGLE
EGL_ProgramCacheResizeANGLE
EGL_QueryAPI
EGL_QueryContext
EGL_QueryDebugKHR
EGL_QueryDeviceAttribEXT
EGL_QueryDeviceStringEXT
EGL_QueryDisplayAttribANGLE
EGL_QueryDisplayAttribEXT
EGL_QueryStreamKHR
EGL_QueryStreamu64KHR
EGL_QueryString
EGL_QueryStringiANGLE
EGL_QuerySurface
EGL_QuerySurfacePointerANGLE
EGL_ReacquireHighPowerGPUANGLE
EGL_ReleaseDeviceANGLE
EGL_ReleaseHighPowerGPUANGLE
EGL_ReleaseTexImage
EGL_ReleaseThread
EGL_SetBlobCacheFuncsANDROID
EGL_SignalSyncKHR
EGL_StreamAttribKHR
EGL_StreamConsumerAcquireKHR
EGL_StreamConsumerGLTextureExternalAttribsNV
EGL_StreamConsumerGLTextureExternalKHR
EGL_StreamConsumerReleaseKHR
EGL_StreamPostD3DTextureANGLE
EGL_SurfaceAttrib
EGL_SwapBuffers
EGL_SwapBuffersWithDamageKHR
EGL_SwapBuffersWithFrameTokenANGLE
EGL_SwapInterval
EGL_Terminate
EGL_WaitClient
EGL_WaitGL
EGL_WaitNative
EGL_WaitSync
EGL_WaitSyncKHR
_ZN2gl10AlphaFuncxEji
_ZN2gl10BeginQueryEjj
_ZN2gl10BindBufferEjj
_ZN2gl10BlendColorEffff
_ZN2gl10BlendFunciEjjj
_ZN2gl10BufferDataEjxPKvj
_ZN2gl10ClearColorEffff
_ZN2gl10ClipPlanefEjPKf
_ZN2gl10ClipPlanexEjPKi
_ZN2gl10ColorMaskiEjhhhh
_ZN2gl10DeleteSyncEP8__GLsync
_ZN2gl10DrawArraysEjii
_ZN2gl10EnableiEXTEjj
_ZN2gl10EnableiOESEjj
_ZN2gl10GenBuffersEiPj
_ZN2gl10GenQueriesEiPj
_ZN2gl10GetLightfvEjjPf
_ZN2gl10GetLightxvEjjPi
_ZN2gl10GetQueryivEjjPi
_ZN2gl10GetStringiEjj
_ZN2gl10IsEnablediEjj
_ZN2gl10IsQueryEXTEj
_ZN2gl10LineWidthxEi
_ZN2gl10MaterialfvEjjPKf
_ZN2gl10MaterialxvEjjPKi
_ZN2gl10MatrixModeEj
_ZN2gl10PointSizexEi
_ZN2gl10PushMatrixEv
_ZN2gl10ReadBufferEj
_ZN2gl10ReadPixelsEiiiijjPv
_ZN2gl10SetFenceNVEjj
_ZN2gl10ShadeModelEj
_ZN2gl10TexGenfOESEjjf
_ZN2gl10TexGeniOESEjji
_ZN2gl10TexGenxOESEjji
_ZN2gl10TexImage2DEjiiiiijjPKv
_ZN2gl10TexImage3DEjiiiiiijjPKv
_ZN2gl10TranslatefEfff
_ZN2gl10TranslatexEiii
_ZN2gl10Uniform1fvEiiPKf
_ZN2gl10Uniform1ivEiiPKi
_ZN2gl10Uniform1uiEij
_ZN2gl10Uniform2fvEiiPKf
_ZN2gl10Uniform2ivEiiPKi
_ZN2gl10Uniform2uiEijj
_ZN2gl10Uniform3fvEiiPKf
_ZN2gl10Uniform3ivEiiPKi
_ZN2gl10Uniform3uiEijjj
_ZN2gl10Uniform4fvEiiPKf
_ZN2gl10Uniform4ivEiiPKi
_ZN2gl10Uniform4uiEijjjj
_ZN2gl10UseProgramEj
_ZN2gl11BindSamplerEjj
_ZN2gl11BindTextureEjj
_ZN2gl11ClearColorxEiiii
_ZN2gl11ClearDepthfEf
_ZN2gl11ClearDepthxEi
_ZN2gl11DepthRangefEff
_ZN2gl11DepthRangexEii
_ZN2gl11DisableiEXTEjj
_ZN2gl11DisableiOESEjj
_ZN2gl11DrawBuffersEiPKj
_ZN2gl11DrawTexfOESEfffff
_ZN2gl11DrawTexiOESEiiiii
_ZN2gl11DrawTexsOESEsssss
_ZN2gl11DrawTexxOESEiiiii
_ZN2gl11EndQueryEXTEj
_ZN2gl11GenFencesNVEiPj
_ZN2gl11GenSamplersEiPj
_ZN2gl11GenTexturesEiPj
_ZN2gl11GetBooleanvEjPh
_ZN2gl11GetIntegervEjPi
_ZN2gl11GetPointervEjPPv
_ZN2gl11GetShaderivEjjPi
_ZN2gl11GetTexEnvfvEjjPf
_ZN2gl11GetTexEnvivEjjPi
_ZN2gl11GetTexEnvxvEjjPi
_ZN2gl11LightModelfEjf
_ZN2gl11LightModelxEji
_ZN2gl11LinkProgramEj
_ZN2gl11LoadMatrixfEPKf
_ZN2gl11LoadMatrixxEPKi
_ZN2gl11MultMatrixfEPKf
_ZN2gl11MultMatrixxEPKi
_ZN2gl11ObjectLabelEjjiPKc
_ZN2gl11PixelStoreiEji
_ZN2gl11ReadnPixelsEiiiijjiPv
_ZN2gl11SampleMaskiEjj
_ZN2gl11StencilFuncEjij
_ZN2gl11StencilMaskEj
_ZN2gl11TestFenceNVEj
_ZN2gl11TexGenfvOESEjjPKf
_ZN2gl11TexGenivOESEjjPKi
_ZN2gl11TexGenxvOESEjjPKi
_ZN2gl11Uniform1uivEiiPKj
_ZN2gl11Uniform2uivEiiPKj
_ZN2gl11Uniform3uivEiiPKj
_ZN2gl11Uniform4uivEiiPKj
_ZN2gl11UnmapBufferEj
_ZN2gl12AttachShaderEjj
_ZN2gl12BlendBarrierEv
_ZN2gl12ClearStencilEi
_ZN2gl12ColorPointerEijiPKv
_ZN2gl12CreateShaderEj
_ZN2gl12DeleteShaderEj
_ZN2gl12DetachShaderEjj
_ZN2gl12DrawElementsEjijPKv
_ZN2gl12DrawTexfvOESEPKf
_ZN2gl12DrawTexivOESEPKi
_ZN2gl12DrawTexsvOESEPKs
_ZN2gl12DrawTexxvOESEPKi
_ZN2gl12GetFenceivNVEjjPi
_ZN2gl12GetProgramivEjjPi
_ZN2gl12GetUniformfvEjiPf
_ZN2gl12GetUniformivEjiPi
_ZN2gl12LightModelfvEjPKf
_ZN2gl12LightModelxvEjPKi
_ZN2gl12LoadIdentityEv
_ZN2gl12MapBufferOESEjj
_ZN2gl12ShaderBinaryEiPKjjPKvi
_ZN2gl12ShaderSourceEjiPKPKcPKi
_ZN2gl12TexBufferEXTEjjj
_ZN2gl12TexBufferOESEjjj
_ZN2gl12TexStorage2DEjijii
_ZN2gl12TexStorage3DEjijiii
_ZN2gl13ActiveTextureEj
_ZN2gl13BeginQueryEXTEjj
_ZN2gl13BlendEquationEj
_ZN2gl13BlendFunciEXTEjjj
_ZN2gl13BlendFunciOESEjjj
_ZN2gl13BufferSubDataEjxxPKv
_ZN2gl13ClearBufferfiEjifi
_ZN2gl13ClearBufferfvEjiPKf
_ZN2gl13ClearBufferivEjiPKi
_ZN2gl13ColorMaskiEXTEjhhhh
_ZN2gl13ColorMaskiOESEjhhhh
_ZN2gl13CompileShaderEj
_ZN2gl13CreateProgramEv
_ZN2gl13DeleteBuffersEiPKj
_ZN2gl13DeleteProgramEj
_ZN2gl13DeleteQueriesEiPKj
_ZN2gl13FinishFenceNVEj
_ZN2gl13GenQueriesEXTEiPj
_ZN2gl13GetBooleani_vEjjPh
_ZN2gl13GetClipPlanefEjPf
_ZN2gl13GetClipPlanexEjPi
_ZN2gl13GetInteger64vEjPx
_ZN2gl13GetIntegeri_vEjjPi
_ZN2gl13GetMaterialfvEjjPf
_ZN2gl13GetMaterialxvEjjPi
_ZN2gl13GetQueryivEXTEjjPi
_ZN2gl13GetUniformuivEjiPj
_ZN2gl13GetnUniformfvEjiiPf
_ZN2gl13GetnUniformivEjiiPi
_ZN2gl13IsEnablediEXTEjj
_ZN2gl13IsEnablediOESEjj
_ZN2gl13IsFramebufferEj
_ZN2gl13IsVertexArrayEj
_ZN2gl13MemoryBarrierEj
_ZN2gl13NormalPointerEjiPKv
_ZN2gl13PolygonOffsetEff
_ZN2gl13PopDebugGroupEv
_ZN2gl13ProgramBinaryEjjPKvi
_ZN2gl13TexImage3DOESEjijiiiijjPKv
_ZN2gl13TexParameterfEjjf
_ZN2gl13TexParameteriEjji
_ZN2gl13TexParameterxEjji
_ZN2gl13TexSubImage2DEjiiiiijjPKv
_ZN2gl13TexSubImage3DEjiiiiiiijjPKv
_ZN2gl13VertexPointerEijiPKv
_ZN2gl14BindBufferBaseEjjj
_ZN2gl14BlendEquationiEjj
_ZN2gl14ClearBufferuivEjiPKj
_ZN2gl14ClientWaitSyncEP8__GLsyncjy
_ZN2gl14CopyTexImage2DEjijiiiii
_ZN2gl14DeleteFencesNVEiPKj
_ZN2gl14DeleteSamplersEiPKj
_ZN2gl14DeleteTexturesEiPKj
_ZN2gl14DrawBuffersEXTEiPKj
_ZN2gl14GenerateMipmapEj
_ZN2gl14GetObjectLabelEjjiPiPc
_ZN2gl14GetPointervKHREjPPv
_ZN2gl14GetTexGenfvOESEjjPf
_ZN2gl14GetTexGenivOESEjjPi
_ZN2gl14GetTexGenxvOESEjjPi
_ZN2gl14GetnUniformuivEjiiPj
_ZN2gl14IsRenderbufferEj
_ZN2gl14IsSemaphoreEXTEj
_ZN2gl14MapBufferRangeEjxxj
_ZN2gl14ObjectLabelKHREjjiPKc
_ZN2gl14ObjectPtrLabelEPKviPKc
_ZN2gl14PolygonOffsetxEii
_ZN2gl14PushDebugGroupEjjiPKc
_ZN2gl14ReadnPixelsEXTEiiiijjiPv
_ZN2gl14SampleCoverageEfh
_ZN2gl14TexBufferRangeEjjjxx
_ZN2gl14TexParameterfvEjjPKf
_ZN2gl14TexParameterivEjjPKi
_ZN2gl14TexParameterxvEjjPKi
_ZN2gl14UnmapBufferOESEj
_ZN2gl14VertexAttrib1fEjf
_ZN2gl14VertexAttrib2fEjff
_ZN2gl14VertexAttrib3fEjfff
_ZN2gl14VertexAttrib4fEjffff
_ZN2gl15BindBufferRangeEjjjxx
_ZN2gl15BindFramebufferEjj
_ZN2gl15BindVertexArrayEj
_ZN2gl15BlitFramebufferEiiiiiiiijj
_ZN2gl15DispatchComputeEjjj
_ZN2gl15GenFramebuffersEiPj
_ZN2gl15GenVertexArraysEiPj
_ZN2gl15GetActiveAttribEjjiPiS0_PjPc
_ZN2gl15GetInteger64i_vEjjPx
_ZN2gl15GetShaderSourceEjiPiPc
_ZN2gl15MultiTexCoord4fEjffff
_ZN2gl15MultiTexCoord4xEjiiii
_ZN2gl15PatchParameteriEji
_ZN2gl15PointParameterfEjf
_ZN2gl15PointParameterxEji
_ZN2gl15QueryCounterEXTEjj
_ZN2gl15QueryMatrixxOESEPiS0_
_ZN2gl15SampleCoveragexEih
_ZN2gl15TexCoordPointerEijiPKv
_ZN2gl15TexParameterIivEjjPKi
_ZN2gl15TexStorage1DEXTEjiji
_ZN2gl15TexStorage2DEXTEjijii
_ZN2gl15TexStorage3DEXTEjijiii
_ZN2gl15ValidateProgramEj
_ZN2gl15VertexAttrib1fvEjPKf
_ZN2gl15VertexAttrib2fvEjPKf
_ZN2gl15VertexAttrib3fvEjPKf
_ZN2gl15VertexAttrib4fvEjPKf
_ZN2gl15VertexAttribI4iEjiiii
_ZN2gl16BindImageTextureEjjihijj
_ZN2gl16BindRenderbufferEjj
_ZN2gl16BindVertexBufferEjjxi
_ZN2gl16BufferStorageEXTEjxPKvj
_ZN2gl16CopyImageSubDataEjjiiiijjiiiiiii
_ZN2gl16DeleteQueriesEXTEiPKj
_ZN2gl16FogfContextANGLEEPvjf
_ZN2gl16FogxContextANGLEEPvji
_ZN2gl16GenRenderbuffersEiPj
_ZN2gl16GenSemaphoresEXTEiPj
_ZN2gl16GetActiveUniformEjjiPiS0_PjPc
_ZN2gl16GetInteger64vEXTEjPx
_ZN2gl16GetMultisamplefvEjjPf
_ZN2gl16GetProgramBinaryEjiPiPjPv
_ZN2gl16GetShaderInfoLogEjiPiPc
_ZN2gl16GetTexImageANGLEEjijjPv
_ZN2gl16GetnUniformfvEXTEjiiPf
_ZN2gl16GetnUniformivEXTEjiiPi
_ZN2gl16HintContextANGLEEPvjj
_ZN2gl16IsFramebufferOESEj
_ZN2gl16IsVertexArrayOESEj
_ZN2gl16MinSampleShadingEf
_ZN2gl16PointParameterfvEjPKf
_ZN2gl16PointParameterxvEjPKi
_ZN2gl16PopDebugGroupKHREv
_ZN2gl16ProgramBinaryOESEjjPKvi
_ZN2gl16ProgramUniform1fEjif
_ZN2gl16ProgramUniform1iEjii
_ZN2gl16ProgramUniform2fEjiff
_ZN2gl16ProgramUniform2iEjiii
_ZN2gl16ProgramUniform3fEjifff
_ZN2gl16ProgramUniform3iEjiiii
_ZN2gl16ProgramUniform4fEjiffff
_ZN2gl16ProgramUniform4iEjiiiii
_ZN2gl16SampleMaskiANGLEEjj
_ZN2gl16TexParameterIuivEjjPKj
_ZN2gl16TexSubImage3DOESEjiiiiiiijjPKv
_ZN2gl16UniformMatrix2fvEiihPKf
_ZN2gl16UniformMatrix3fvEiihPKf
_ZN2gl16UniformMatrix4fvEiihPKf
_ZN2gl16UseProgramStagesEjjj
_ZN2gl16VertexAttribI4ivEjPKi
_ZN2gl16VertexAttribI4uiEjjjjj
_ZN2gl16WaitSemaphoreEXTEjjPKjjS1_S1_
_ZN2gl16WeightPointerOESEijiPKv
_ZN2gl17BlendEquationiEXTEjj
_ZN2gl17BlendEquationiOESEjj
_ZN2gl17BlendFuncSeparateEjjjj
_ZN2gl17ClearContextANGLEEPvj
_ZN2gl17CopyBufferSubDataEjjxxx
_ZN2gl17CopyTexSubImage2DEjiiiiiii
_ZN2gl17CopyTexSubImage3DEjiiiiiiii
_ZN2gl17DrawRangeElementsEjjjijPKv
_ZN2gl17EnableClientStateEj
_ZN2gl17FlushContextANGLEEPv
_ZN2gl17FogfvContextANGLEEPvjPKf
_ZN2gl17FogxvContextANGLEEPvjPKi
_ZN2gl17GenerateMipmapOESEj
_ZN2gl17GetAttribLocationEjPKc
_ZN2gl17GetBufferPointervEjjPPv
_ZN2gl17GetObjectLabelKHREjjiPiPc
_ZN2gl17GetObjectPtrLabelEPKviPiPc
_ZN2gl17GetProgramInfoLogEjiPiPc
_ZN2gl17GetQueryObjectuivEjjPj
_ZN2gl17GetTexParameterfvEjjPf
_ZN2gl17GetTexParameterivEjjPi
_ZN2gl17GetTexParameterxvEjjPi
_ZN2gl17GetUniformIndicesEjiPKPKcPj
_ZN2gl17GetVertexAttribfvEjjPf
_ZN2gl17GetVertexAttribivEjjPi
_ZN2gl17ImportMemoryFdEXTEjyji
_ZN2gl17IsMemoryObjectEXTEj
_ZN2gl17IsProgramPipelineEj
_ZN2gl17IsRenderbufferOESEj
_ZN2gl17MapBufferRangeEXTEjxxj
_ZN2gl17ObjectPtrLabelKHREPKviPKc
_ZN2gl17PopGroupMarkerEXTEv
_ZN2gl17ProgramParameteriEjji
_ZN2gl17ProgramUniform1fvEjiiPKf
_ZN2gl17ProgramUniform1ivEjiiPKi
_ZN2gl17ProgramUniform1uiEjij
_ZN2gl17ProgramUniform2fvEjiiPKf
_ZN2gl17ProgramUniform2ivEjiiPKi
_ZN2gl17ProgramUniform2uiEjijj
_ZN2gl17ProgramUniform3fvEjiiPKf
_ZN2gl17ProgramUniform3ivEjiiPKi
_ZN2gl17ProgramUniform3uiEjijjj
_ZN2gl17ProgramUniform4fvEjiiPKf
_ZN2gl17ProgramUniform4ivEjiiPKi
_ZN2gl17ProgramUniform4uiEjijjjj
_ZN2gl17PushDebugGroupKHREjjiPKc
_ZN2gl17SamplerParameterfEjjf
_ZN2gl17SamplerParameteriEjji
_ZN2gl17StencilOpSeparateEjjjj
_ZN2gl17TexBufferRangeEXTEjjjxx
_ZN2gl17TexBufferRangeOESEjjjxx
_ZN2gl17VertexAttribI4uivEjPKj
_ZN2gl18BindAttribLocationEjjPKc
_ZN2gl18BindFramebufferOESEjj
_ZN2gl18BindVertexArrayOESEj
_ZN2gl18BlendFuncSeparateiEjjjjj
_ZN2gl18CopyTexture3DANGLEEjijjiijhhh
_ZN2gl18DebugMessageInsertEjjjjiPKc
_ZN2gl18DeleteFramebuffersEiPKj
_ZN2gl18DeleteVertexArraysEiPKj
_ZN2gl18DisableClientStateEj
_ZN2gl18DrawArraysIndirectEjPKv
_ZN2gl18EnableContextANGLEEPvj
_ZN2gl18FinishContextANGLEEPv
_ZN2gl18FramebufferTextureEjjji
_ZN2gl18GenFramebuffersOESEiPj
_ZN2gl18GenVertexArraysOESEiPj
_ZN2gl18GetAttachedShadersEjiPiPj
_ZN2gl18GetDebugMessageLogEjiPjS0_S0_S0_PiPc
_ZN2gl18GetTexParameterIivEjjPi
_ZN2gl18GetUniformLocationEjPKc
_ZN2gl18GetVertexAttribIivEjjPi
_ZN2gl18IsSyncContextANGLEEPvP8__GLsync
_ZN2gl18LightfContextANGLEEPvjjf
_ZN2gl18LightxContextANGLEEPvjji
_ZN2gl18OrthofContextANGLEEPvffffff
_ZN2gl18OrthoxContextANGLEEPviiiiii
_ZN2gl18ProgramUniform1uivEjiiPKj
_ZN2gl18ProgramUniform2uivEjiiPKj
_ZN2gl18ProgramUniform3uivEjiiPKj
_ZN2gl18ProgramUniform4uivEjiiPKj
_ZN2gl18PushGroupMarkerEXTEiPKc
_ZN2gl18SamplerParameterfvEjjPKf
_ZN2gl18SamplerParameterivEjjPKi
_ZN2gl18ScalefContextANGLEEPvfff
_ZN2gl18ScalexContextANGLEEPviii
_ZN2gl18SignalSemaphoreEXTEjjPKjjS1_S1_
_ZN2gl18TexParameterIivOESEjjPKi
_ZN2gl18TexStorageMem2DEXTEjijiijy
_ZN2gl18TexStorageMem3DEXTEjijiiijy
_ZN2gl18UniformMatrix2x3fvEiihPKf
_ZN2gl18UniformMatrix2x4fvEiihPKf
_ZN2gl18UniformMatrix3x2fvEiihPKf
_ZN2gl18UniformMatrix3x4fvEiihPKf
_ZN2gl18UniformMatrix4x2fvEiihPKf
_ZN2gl18UniformMatrix4x3fvEiihPKf
_ZN2gl18VertexAttribFormatEjijhj
_ZN2gl19ActiveShaderProgramEjj
_ZN2gl19BindProgramPipelineEj
_ZN2gl19BindRenderbufferOESEjj
_ZN2gl19BufferStorageMemEXTEjxjy
_ZN2gl19ClientActiveTextureEj
_ZN2gl19Color4fContextANGLEEPvffff
_ZN2gl19Color4xContextANGLEEPviiii
_ZN2gl19CopyImageSubDataEXTEjjiiiijjiiiiiii
_ZN2gl19CopyImageSubDataOESEjjiiiijjiiiiiii
_ZN2gl19CopyTextureCHROMIUMEjijjiijhhh
_ZN2gl19DebugMessageControlEjjjiPKjh
_ZN2gl19DeleteRenderbuffersEiPKj
_ZN2gl19DeleteSemaphoresEXTEiPKj
_ZN2gl19DisableContextANGLEEPvj
_ZN2gl19DrawArraysInstancedEjiii
_ZN2gl19EnableiContextANGLEEPvjj
_ZN2gl19GenProgramPipelinesEiPj
_ZN2gl19GenRenderbuffersOESEiPj
_ZN2gl19GetActiveUniformsivEjiPKjjPi
_ZN2gl19GetFragDataIndexEXTEjPKc
_ZN2gl19GetFragDataLocationEjPKc
_ZN2gl19GetInternalformativEjjjiPi
_ZN2gl19GetProgramBinaryOESEjiPiPjPv
_ZN2gl19GetQueryObjectivEXTEjjPi

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/main.dvs
Setup/php5ts.dll
.dll windows x86

aaf1492926158df000e59c70092d88e8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

GetActiveObject
SysFreeString
VariantClear
VariantInit
SysAllocString
SafeArrayGetDim
SafeArrayPutElement
VariantChangeType
SafeArrayGetVartype
LHashValOfNameSys
VarCmp
VariantCopy
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopyInd
SafeArrayGetElement
LoadTypeLi
LoadRegTypeLi
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreate
SysAllocStringByteLen
VarXor
VarPow
VarOr
VarMod
VarImp
VarIdiv
VarEqv
VarDiv
VarAnd
VarMul
VarSu
VarCat
VarAdd
VarNot
VarNeg
VarInt
VarFix
VarAbs
VarRound
VariantTimeToSystemTime
SystemTimeToVariantTime

user32

DefWindowProcA
SetTimer
PostQuitMessage
KillTimer
UnregisterClassA
DestroyWindow
SendMessageA
GetMessageA
CreateWindowExA
RegisterClassA
PostThreadMessageA
GetSystemMetrics
GetDesktopWindow
IsWindow
GetDC
GetClientRect
GetWindowRect
ReleaseDC
PeekMessageA
DispatchMessageA
TranslateMessage
MsgWaitForMultipleObjects
MessageBoxA

gdi32

CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
SelectObject
GetPixel
DeleteObject
DeleteDC

advapi32

RegCloseKey
RegOpenKeyExA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
RegEnumKeyA
RegQueryValueA
DuplicateTokenEx
CreateProcessAsUserA
OpenThreadToken
OpenProcessToken
EqualSid
DuplicateToken
GetFileSecurityA
MapGenericMask
AccessCheck
GetTokenInformation
CopySid
GetLengthSid
ConvertSidToStringSidA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegQueryValueExA
RegNotifyChangeKeyValue
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
GetUserNameA

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
freeaddrinfo
getaddrinfo
closesocket
socket
htons
ntohs
inet_ntoa
getpeername
getsockname
htonl
ioctlsocket
__WSAFDIsSet
select
WSASetLastError
getsockopt
connect
bind
setsockopt
accept
WSAStringToAddressA
WSAAddressToStringA
inet_addr
listen
send
recv
shutdown
sendto
recvfrom
gethostbyname
gethostname
getprotobyname
ntohl
getservbyname
getservbyport
getprotobynumber
gethostbyaddr

kernel32

WideCharToMultiByte
GetProcessHeap
GetFileAttributesExA
GetCurrentDirectoryA
DeviceIoControl
CreateFileA
FileTimeToSystemTime
TlsFree
TlsAlloc
LeaveCriticalSection
CreateProcessA
SetFileTime
InitializeCriticalSection
TlsGetValue
TlsSetValue
CreateWaitableTimerA
SetWaitableTimer
QueryPerformanceFrequency
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
FindClose
FindNextFileA
SystemTimeToFileTime
GetSystemTime
MoveFileExA
GetCurrentProcess
GetCurrentThread
DuplicateHandle
GetBinaryTypeA
DeleteCriticalSection
GetStdHandle
CreatePipe
GetExitCodeProcess
MapViewOfFileEx
OpenFileMappingA
GetFullPathNameA
MultiByteToWideChar
InterlockedDecrement
GetLocalTime
GetCurrentProcessId
SetEnvironmentVariableA
SleepEx
GetDiskFreeSpaceA
LockFileEx
UnlockFileEx
GetModuleHandleA
InterlockedExchange
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetComputerNameA
GetFileAttributesA
CreateHardLinkA
TerminateProcess
SetErrorMode
SetFilePointer
GetACP
CreateMutexA
ReleaseMutex
InterlockedCompareExchange
Sleep
GetSystemDirectoryA
EnterCriticalSection
FindFirstFileA
CreateFileMappingA
GetFileSize
GetSystemInfo
MapViewOfFile
UnmapViewOfFile
GetFileType
GetTempPathA
GetTempFileNameA
SetLastError
GetEnvironmentVariableA
GetModuleFileNameA
GetWindowsDirectoryA
GetSystemWindowsDirectoryA
LocalFree
GetVersion
GetVersionExA
GetLastError
OutputDebugStringA
FormatMessageA
LoadLibraryA
GetProcAddress
GetTimeZoneInformation
InterlockedIncrement
GetCurrentThreadId
CloseHandle
CreateEventA
WaitForSingleObject
SetEvent
IsDBCSLeadByte
HeapReAlloc
HeapFree
HeapAlloc
HeapCreate
HeapDestroy
FreeLibrary

ole32

CoUninitialize
CoInitialize
CoCreateInstance
CoCreateInstanceEx
MkParseDisplayName
CreateBindCtx
CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoDisconnectObject
CoTaskMemAlloc
OleLoadFromStream
CLSIDFromProgID

dnsapi

DnsQuery_A
DnsRecordListFree

msvcr90

sscanf
putchar
_open_osfhandle
_fdopen
_mktime32
fgets
floor
strftime
_CIatan2
_CIsqrt
_CIsin
_CIcos
_CIacos
_atoi64
strtod
isupper
abort
strtoul
putc
getc
_CItan
_access
atof
iscntrl
ispunct
isprint
isgraph
isxdigit
strcspn
mblen
_CIlog10
ceil
_CIlog
_CIexp
_CIasin
_CIatan
_CIsinh
_CIcosh
_CItanh
_hypot
_CIfmod
strcat_s
strncpy_s
_close
strspn
_setmode
_fileno
remove
_creat
_mktemp
ferror
strcmp
clearerr
ungetc
fgetc
memcmp
strlen
strcat
fabs
pow
_vsnprintf
_wfopen
_stat64i32
_wstat64i32
vfprintf
strcpy_s
sprintf_s
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_dup
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_stricmp
_strnicmp
_isatty
_write
_unlink
_lseek
_read
_chsize
_open
_chmod
_mkdir
_rmdir
_getcwd
_strdup
_set_errno
_memicmp
_stat32
_getpid
_tzset
__timezone
__daylight
strtok
setvbuf
fseek
feof
_get_osfhandle
rewind
strnlen
_putenv
_umask
strpbrk
atoi
_snprintf
fopen
memset
calloc
malloc
free
strncat
realloc
_setjmp3
sprintf
longjmp
exit
strtol
memcpy
fprintf
__iob_func
fflush
getenv
memchr
strchr
memmove
isalpha
strrchr
_beginthreadex
_controlfp_s
ftell
_errno
printf
toupper
_CIpow
strcoll
tolower
_finite
_fstat32
fread
fclose
_HUGE
isspace
_time32
_configthreadlocale
strstr
strncmp
strncpy
isalnum
strerror
_set_invalid_parameter_handler
setlocale
fwrite
qsort
vsprintf
_environ
_ctime32
_gmtime32
_localtime32
asctime
atol
localeconv
_fpclass
_isnan
isdigit
islower

Exports

Exports

GetSMErrorText
OnUpdateBaseDir
OnUpdateBool
OnUpdateLong
OnUpdateLongGEZero
OnUpdateReal
OnUpdateString
OnUpdateStringUnempty
PHP_3HAVAL128Init
PHP_3HAVAL160Init
PHP_3HAVAL192Init
PHP_3HAVAL224Init
PHP_3HAVAL256Init
PHP_3TIGERInit
PHP_4HAVAL128Init
PHP_4HAVAL160Init
PHP_4HAVAL192Init
PHP_4HAVAL224Init
PHP_4HAVAL256Init
PHP_4TIGERInit
PHP_5HAVAL128Init
PHP_5HAVAL160Init
PHP_5HAVAL192Init
PHP_5HAVAL224Init
PHP_5HAVAL256Init
PHP_ADLER32Copy
PHP_ADLER32Final
PHP_ADLER32Init
PHP_ADLER32Update
PHP_CRC32BFinal
PHP_CRC32BUpdate
PHP_CRC32Copy
PHP_CRC32Final
PHP_CRC32Init
PHP_CRC32Update
PHP_GOSTFinal
PHP_GOSTInit
PHP_GOSTUpdate
PHP_HAVAL128Final
PHP_HAVAL160Final
PHP_HAVAL192Final
PHP_HAVAL224Final
PHP_HAVAL256Final
PHP_HAVALUpdate
PHP_MD2Final
PHP_MD2Init
PHP_MD2Update
PHP_MD4Final
PHP_MD4Init
PHP_MD4Update
PHP_MD5Final
PHP_MD5Init
PHP_MD5Update
PHP_RIPEMD128Final
PHP_RIPEMD128Init
PHP_RIPEMD128Update
PHP_RIPEMD160Final
PHP_RIPEMD160Init
PHP_RIPEMD160Update
PHP_RIPEMD256Final
PHP_RIPEMD256Init
PHP_RIPEMD256Update
PHP_RIPEMD320Final
PHP_RIPEMD320Init
PHP_RIPEMD320Update
PHP_SALSA10Init
PHP_SALSA20Init
PHP_SALSAFinal
PHP_SALSAUpdate
PHP_SHA1Final
PHP_SHA1Init
PHP_SHA1Update
PHP_SHA224Final
PHP_SHA224Init
PHP_SHA224Update
PHP_SHA256Final
PHP_SHA256Init
PHP_SHA256Update
PHP_SHA384Final
PHP_SHA384Init
PHP_SHA384Update
PHP_SHA512Final
PHP_SHA512Init
PHP_SHA512Update
PHP_SNEFRUFinal
PHP_SNEFRUInit
PHP_SNEFRUUpdate
PHP_TIGER128Final
PHP_TIGER160Final
PHP_TIGER192Final
PHP_TIGERUpdate
PHP_WHIRLPOOLFinal
PHP_WHIRLPOOLInit
PHP_WHIRLPOOLUpdate
TSMClose
TSendMail
ValidateFormat
XML_GetUserData
_DllMain@12
_array_init
_convert_to_string
_ecalloc
_efree
_emalloc
_erealloc
_estrdup
_estrndup
_mysqlnd_calloc
_mysqlnd_debug
_mysqlnd_ecalloc
_mysqlnd_efree
_mysqlnd_emalloc
_mysqlnd_erealloc
_mysqlnd_fetch_lengths
_mysqlnd_free
_mysqlnd_get_client_stats
_mysqlnd_init
_mysqlnd_malloc
_mysqlnd_pecalloc
_mysqlnd_pefree
_mysqlnd_pemalloc
_mysqlnd_perealloc
_mysqlnd_pestrdup
_mysqlnd_pestrndup
_mysqlnd_plugin_get_plugin_connection_data
_mysqlnd_plugin_get_plugin_net_data
_mysqlnd_plugin_get_plugin_protocol_data
_mysqlnd_plugin_get_plugin_result_data
_mysqlnd_plugin_get_plugin_result_metadata_data
_mysqlnd_plugin_get_plugin_stmt_data
_mysqlnd_poll
_mysqlnd_realloc
_object_and_properties_init
_object_init
_object_init_ex
_php_emit_fd_setsize_warning
_php_error_log
_php_error_log_ex
_php_find_ps_module
_php_find_ps_serializer
_php_get_stream_filters_hash
_php_glob_stream_get_count
_php_glob_stream_get_path
_php_glob_stream_get_pattern
_php_math_basetolong
_php_math_basetozval
_php_math_longtobase
_php_math_number_format
_php_math_round
_php_math_zvaltobase
_php_regcomp@12
_php_regerror@16
_php_regexec@20
_php_regfree@4
_php_stream_alloc
_php_stream_cast
_php_stream_copy_to_mem
_php_stream_copy_to_stream
_php_stream_copy_to_stream_ex
_php_stream_eof
_php_stream_filter_alloc
_php_stream_filter_append
_php_stream_filter_flush
_php_stream_filter_prepend
_php_stream_flush
_php_stream_fopen
_php_stream_fopen_from_fd
_php_stream_fopen_from_file
_php_stream_fopen_from_pipe
_php_stream_fopen_temporary_file
_php_stream_fopen_tmpfile
_php_stream_fopen_with_path
_php_stream_free
_php_stream_get_line
_php_stream_get_url_stream_wrappers_hash
_php_stream_getc
_php_stream_make_seekable
_php_stream_memory_create
_php_stream_memory_get_buffer
_php_stream_memory_open
_php_stream_mkdir
_php_stream_mmap_range
_php_stream_mmap_unmap
_php_stream_mmap_unmap_ex
_php_stream_open_wrapper_as_file
_php_stream_open_wrapper_ex
_php_stream_opendir
_php_stream_passthru
_php_stream_printf
_php_stream_putc
_php_stream_puts
_php_stream_read
_php_stream_readdir
_php_stream_rmdir
_php_stream_scandir
_php_stream_seek
_php_stream_set_option
_php_stream_sock_open_from_socket
_php_stream_sock_open_host
_php_stream_stat
_php_stream_stat_path
_php_stream_tell
_php_stream_temp_create
_php_stream_temp_open
_php_stream_truncate_set_size
_php_stream_write
_php_stream_xport_create
_safe_emalloc
_safe_erealloc
_safe_malloc
_safe_realloc
_xml_zval_strdup
_zend_bailout
_zend_get_parameters_array
_zend_get_parameters_array_ex
_zend_hash_add_or_update
_zend_hash_index_update_or_next_insert
_zend_hash_init
_zend_hash_init_ex
_zend_hash_merge
_zend_hash_quick_add_or_update
_zend_list_addref
_zend_list_delete
_zend_list_find
_zend_mem_block_size
_zend_mm_alloc
_zend_mm_block_size
_zend_mm_free
_zend_mm_realloc
_zend_ts_hash_add_or_update
_zend_ts_hash_index_update_or_next_insert
_zend_ts_hash_init
_zend_ts_hash_init_ex
_zend_ts_hash_quick_add_or_update
_zval_copy_ctor_func
_zval_dtor_func
_zval_dtor_wrapper
_zval_internal_dtor
_zval_internal_ptr_dtor
_zval_ptr_dtor
add_assoc_bool_ex
add_assoc_double_ex
add_assoc_function
add_assoc_long_ex
add_assoc_null_ex
add_assoc_resource_ex
add_assoc_string_ex
add_assoc_stringl_ex
add_assoc_zval_ex
add_char_to_string
add_function
add_get_assoc_string_ex
add_get_assoc_stringl_ex
add_get_index_double
add_get_index_long
add_get_index_string
add_get_index_stringl
add_index_bool
add_index_double
add_index_long
add_index_null
add_index_resource
add_index_string
add_index_stringl
add_index_zval
add_next_index_bool
add_next_index_double
add_next_index_long
add_next_index_null
add_next_index_resource
add_next_index_string
add_next_index_stringl
add_next_index_zval
add_property_bool_ex
add_property_double_ex
add_property_long_ex
add_property_null_ex
add_property_resource_ex
add_property_string_ex
add_property_stringl_ex
add_property_zval_ex
add_string_to_string
ap_php_asprintf
ap_php_slprintf
ap_php_snprintf
ap_php_vasprintf
ap_php_vslprintf
ap_php_vsnprintf
arcfour_LTX__is_block_algorithm
arcfour_LTX__mcrypt_algorithm_version
arcfour_LTX__mcrypt_decrypt
arcfour_LTX__mcrypt_encrypt
arcfour_LTX__mcrypt_get_algo_iv_size
arcfour_LTX__mcrypt_get_algorithms_name
arcfour_LTX__mcrypt_get_block_size
arcfour_LTX__mcrypt_get_key_size
arcfour_LTX__mcrypt_get_size
arcfour_LTX__mcrypt_get_supported_key_sizes
arcfour_LTX__mcrypt_self_test
arcfour_LTX__mcrypt_set_key
basic_globals_id
bcompiler_zend_shutdown
bcompiler_zend_startup
bitwise_and_function
bitwise_not_function
bitwise_or_function
bitwise_xor_function
blowfish_LTX__is_block_algorithm
blowfish_LTX__mcrypt_algorithm_version
blowfish_LTX__mcrypt_decrypt
blowfish_LTX__mcrypt_encrypt
blowfish_LTX__mcrypt_get_algorithms_name
blowfish_LTX__mcrypt_get_block_size
blowfish_LTX__mcrypt_get_key_size
blowfish_LTX__mcrypt_get_size
blowfish_LTX__mcrypt_get_supported_key_sizes
blowfish_LTX__mcrypt_self_test
blowfish_LTX__mcrypt_set_key
blowfish_compat_LTX__is_block_algorithm
blowfish_compat_LTX__mcrypt_algorithm_version
blowfish_compat_LTX__mcrypt_decrypt
blowfish_compat_LTX__mcrypt_encrypt
blowfish_compat_LTX__mcrypt_get_algorithms_name
blowfish_compat_LTX__mcrypt_get_block_size
blowfish_compat_LTX__mcrypt_get_key_size
blowfish_compat_LTX__mcrypt_get_size
blowfish_compat_LTX__mcrypt_get_supported_key_sizes
blowfish_compat_LTX__mcrypt_self_test
blowfish_compat_LTX__mcrypt_set_key
boolean_not_function
boolean_xor_function
call_user_function
call_user_function_ex
cast_128_LTX__is_block_algorithm
cast_128_LTX__mcrypt_algorithm_version
cast_128_LTX__mcrypt_decrypt
cast_128_LTX__mcrypt_encrypt
cast_128_LTX__mcrypt_get_algorithms_name
cast_128_LTX__mcrypt_get_block_size
cast_128_LTX__mcrypt_get_key_size
cast_128_LTX__mcrypt_get_size
cast_128_LTX__mcrypt_get_supported_key_sizes
cast_128_LTX__mcrypt_self_test
cast_128_LTX__mcrypt_set_key
cast_256_LTX__is_block_algorithm
cast_256_LTX__mcrypt_algorithm_version
cast_256_LTX__mcrypt_decrypt
cast_256_LTX__mcrypt_encrypt
cast_256_LTX__mcrypt_get_algorithms_name
cast_256_LTX__mcrypt_get_block_size
cast_256_LTX__mcrypt_get_key_size
cast_256_LTX__mcrypt_get_size
cast_256_LTX__mcrypt_get_supported_key_sizes
cast_256_LTX__mcrypt_self_test
cast_256_LTX__mcrypt_set_key
cfg_get_double
cfg_get_entry
cfg_get_long
cfg_get_string
compare_function
compile_file
compile_filename
compile_string
compiler_globals_id
concat_function
config_zval_dtor
convert_scalar_to_number
convert_to_array
convert_to_boolean
convert_to_double
convert_to_long
convert_to_long_base
convert_to_null
convert_to_object
core_globals_id
decrement_function
des_LTX__is_block_algorithm
des_LTX__mcrypt_algorithm_version
des_LTX__mcrypt_decrypt
des_LTX__mcrypt_encrypt
des_LTX__mcrypt_get_algorithms_name
des_LTX__mcrypt_get_block_size
des_LTX__mcrypt_get_key_size
des_LTX__mcrypt_get_size
des_LTX__mcrypt_get_supported_key_sizes
des_LTX__mcrypt_self_test
des_LTX__mcrypt_set_key
destroy_op_array
destroy_zend_class
destroy_zend_function
display_ini_entries
display_link_numbers
div_function
do_bind_class
do_bind_function
do_bind_inherited_class
dom_node_class_entry
dom_object_get_node
dummy_indent
empty_fcall_info
empty_fcall_info_cache
end_mcrypt
enigma_LTX__is_block_algorithm
enigma_LTX__mcrypt_algorithm_version
enigma_LTX__mcrypt_decrypt
enigma_LTX__mcrypt_encrypt
enigma_LTX__mcrypt_get_algo_iv_size
enigma_LTX__mcrypt_get_algorithms_name
enigma_LTX__mcrypt_get_block_size
enigma_LTX__mcrypt_get_key_size
enigma_LTX__mcrypt_get_size
enigma_LTX__mcrypt_get_supported_key_sizes
enigma_LTX__mcrypt_self_test
enigma_LTX__mcrypt_set_key
execute
execute_internal
executor_globals_id
expand_filepath
expand_filepath_ex
extension_version_info
file_globals_id
file_handle_dtor
flock
fnmatch
free_estring
function_add_ref
gc_collect_cycles
gc_globals_ctor
gc_globals_dtor
gc_globals_id
gc_init
gc_remove_zval_from_buffer
gc_reset
gc_zobj_possible_root
gc_zval_possible_root
get_active_class_name
get_active_function_name
get_binary_op
get_timezone_info
get_unary_op
get_zend_version
gettimeofday
glob
globfree
gost_LTX__is_block_algorithm
gost_LTX__mcrypt_algorithm_version
gost_LTX__mcrypt_decrypt
gost_LTX__mcrypt_encrypt
gost_LTX__mcrypt_get_algorithms_name
gost_LTX__mcrypt_get_block_size
gost_LTX__mcrypt_get_key_size
gost_LTX__mcrypt_get_size
gost_LTX__mcrypt_get_supported_key_sizes
gost_LTX__mcrypt_self_test
gost_LTX__mcrypt_set_key
highlight_file
highlight_string
igbinary_serialize
igbinary_unserialize
increment_function
inet_aton
inet_ntop
inet_pton
ini_scanner_globals_id
init_mcrypt
init_op_array
instanceof_function
instanceof_function_ex
is_equal_function
is_identical_function
is_not_equal_function
is_not_identical_function
is_smaller_function
is_smaller_or_equal_function
is_zend_mm
language_scanner_globals_id
le_index_ptr
lex_scan
localeconv_r
loki97_LTX__is_block_algorithm
loki97_LTX__mcrypt_algorithm_version
loki97_LTX__mcrypt_decrypt
loki97_LTX__mcrypt_encrypt
loki97_LTX__mcrypt_get_algorithms_name
loki97_LTX__mcrypt_get_block_size
loki97_LTX__mcrypt_get_key_size
loki97_LTX__mcrypt_get_size
loki97_LTX__mcrypt_get_supported_key_sizes
loki97_LTX__mcrypt_self_test
loki97_LTX__mcrypt_set_key
make_digest
make_digest_ex
make_sha1_digest
mcrypt
mcrypt_algorithm_module_ok
mcrypt_dlopen
mcrypt_enc_get_algorithms_name
mcrypt_enc_get_block_size
mcrypt_enc_get_iv_size
mcrypt_enc_get_key_size

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup/update-settings.ini
Setup/updater.ini

Sharing

General

Malware Config

Signatures

Files

Password: 2023

Password: 2023

Password: 2023

Password: 2023

b78757e60c78fbd8d0549e7a1e0d29a1

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43Signer

Signature Validations

Verification

04/12/2018, 12:01 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

shell32

Sections

.text Size: 748KB - Virtual size: 747KB

.rdata Size: 197KB - Virtual size: 196KB

.data Size: 17KB - Virtual size: 33KB

.gfids Size: 1024B - Virtual size: 596B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 44KB - Virtual size: 44KB

Password: 2023

85aa1a3ec9a324deb93be1db280c6b57

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54Signer

Signature Validations

Verification

04/12/2018, 12:01 Valid: true

Chain 1

Headers

DLL Characteristics

File Characteristics

Imports

shlwapi

kernel32

user32

Sections

.text Size: 118KB - Virtual size: 118KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 4KB - Virtual size: 7KB

.gfids Size: 512B - Virtual size: 512B

.tls Size: 512B - Virtual size: 9B

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43
Signer

04/12/2018, 12:01
Valid: true

.text
Size: 748KB - Virtual size: 747KB

.rdata
Size: 197KB - Virtual size: 196KB

.data
Size: 17KB - Virtual size: 33KB

.gfids
Size: 1024B - Virtual size: 596B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 44KB - Virtual size: 44KB

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54
Signer

04/12/2018, 12:01
Valid: true

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 4KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 512B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

54:9e:86:75:de:ec:b8:47:4c:ba:a5:7d:83:53:a2:3b:25:dc:dd:a5:31:88:42:96:16:ee:64:6e:89:81:6a:d4
Signer

20/06/2020, 13:52
Valid: true

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 356KB - Virtual size: 356KB

.data
Size: 20KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 66KB - Virtual size: 66KB

.text
Size: 8KB - Virtual size: 8KB