Oracle_VM_VirtualBox_Extension_Pack-7[.]0[.]8[.]vbox-extpack

Sharing

Copy URL

Twitter E-mail

General

Target

Oracle_VM_VirtualBox_Extension_Pack-7.0.8.vbox-extpack
Size

17.8MB
MD5

1f57a7f2e58592f9a6c9d9006379d1a0
SHA1

07ddfddb8a837fdcb4f19c20a22239a77195ccf3
SHA256

452320f3b1da42b30c32ea5ab5887983b575638ceb4e3beacfefbbb3b0510a48
SHA512

a128ebb9e318a7bfb0ff54902bc4e93cbdfbe4469921db30e45631ffc5c35c5f489a88efa1c1eb9fcc44abcbfc46bd0746b2f4a0c61f344a49b34890834d6e31
SSDEEP

393216:daU4caFJs2BxeRZ6NiNgNpcvoC6zpzs2w3iM4noxqi7vlBmtjbHaoJ/fDPd:dIFu2BxY4Ndkr6zpjDMXxNl8jb7/fp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack002/win.amd64/VBoxNvmeR0.r0

Files

Oracle_VM_VirtualBox_Extension_Pack-7.0.8.vbox-extpack
.gz
sample
.tar
ExtPack-license.html
.html
ExtPack-license.rtf
.rtf
ExtPack-license.txt
ExtPack.manifest
ExtPack.signature
ExtPack.xml
.xml
PXE-Intel.rom
darwin.amd64/VBoxHostWebcam.dylib
.macho macos
darwin.amd64/VBoxNvmeR0.r0
.macho macos
darwin.amd64/VBoxNvmeR3.dylib
.macho macos
darwin.amd64/VBoxPuelCrypto.dylib
.macho macos
darwin.amd64/VBoxPuelMain.dylib
.macho macos
darwin.amd64/VBoxPuelMainVM.dylib
.macho macos
darwin.amd64/VBoxUsbCardReaderR3.dylib
.macho macos
darwin.amd64/VBoxUsbWebcamR3.dylib
.macho macos
darwin.amd64/VBoxVRDP.dylib
.macho macos
darwin.amd64/VDPluginCrypt.dylib
.macho macos
darwin.arm64/VBoxNvmeR3.dylib
.macho macos
darwin.arm64/VBoxPuelCrypto.dylib
.macho macos
darwin.arm64/VBoxPuelMain.dylib
.macho macos
darwin.arm64/VBoxPuelMainVM.dylib
.macho macos
darwin.arm64/VBoxUsbCardReaderR3.dylib
.macho macos
darwin.arm64/VBoxUsbWebcamR3.dylib
.macho macos
darwin.arm64/VBoxVRDP.dylib
.macho macos
darwin.arm64/VDPluginCrypt.dylib
.macho macos
linux.amd64/VBoxHostWebcam.so
.elf linux x64
linux.amd64/VBoxNvmeR0.r0
.elf linux x64
linux.amd64/VBoxNvmeR3.so
.elf linux x64
linux.amd64/VBoxPuelCrypto.so
.elf linux x64
linux.amd64/VBoxPuelMain.so
.elf linux x64
linux.amd64/VBoxPuelMainVM.so
.elf linux x64
linux.amd64/VBoxUsbCardReaderR3.so
.elf linux x64
linux.amd64/VBoxUsbWebcamR3.so
.elf linux x64
linux.amd64/VBoxVRDP.so
.elf linux x64
linux.amd64/VDPluginCrypt.so
.elf linux x64
solaris.amd64/VBoxHostWebcam.so
.elf linux x64
solaris.amd64/VBoxNvmeR0.r0
.elf linux x64
solaris.amd64/VBoxNvmeR3.so
.elf linux x64
solaris.amd64/VBoxPuelCrypto.so
.elf linux x64
solaris.amd64/VBoxPuelMain.so
.elf linux x64
solaris.amd64/VBoxPuelMainVM.so
.elf linux x64
solaris.amd64/VBoxUsbCardReaderR3.so
.elf linux x64
solaris.amd64/VBoxUsbWebcamR3.so
.elf linux x64
solaris.amd64/VBoxVRDP.so
.elf linux x64
solaris.amd64/VDPluginCrypt.so
.elf linux x64
win.amd64/VBoxExtPackPuel.inf
win.amd64/VBoxHostWebcam.dll
.dll windows x64

270bd663ee39ee9234e754958d09abac

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:56:b0:1e:6f:9c:07:a3:6a:c0:52:7e:a4:a1:49:a8:44:57:d2:26:b7:d1:4a:c5:12:ca:86:d8:ca:4e:55:e4
Signer

Actual PE Digest

d3:56:b0:1e:6f:9c:07:a3:6a:c0:52:7e:a4:a1:49:a8:44:57:d2:26:b7:d1:4a:c5:12:ca:86:d8:ca:4e:55:e4

Digest Algorithm

sha256

PE Digest Matches

true

59:8e:1c:2e:15:7f:9c:b3:c6:f8:eb:15:cc:2a:34:70:c6:bb:6f:01
Signer

Actual PE Digest

59:8e:1c:2e:15:7f:9c:b3:c6:f8:eb:15:cc:2a:34:70:c6:bb:6f:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

__C_specific_handler
__std_exception_copy
__std_exception_destroy
__intrinsic_setjmp
_CxxThrowException
__std_type_info_destroy_list
memcmp
strchr
__std_terminate
memset
memcpy
longjmp

vcruntime140_1

__CxxFrameHandler4

vboxrt

RTStrToUtf16Tag
RTStrFree
RTStrAPrintfVTag
RTStrCopy
RTUuidCompare2Strs
RTStrToUInt16Full
RTMemFree
RTLogLoggerEx
RTLogRelGetDefaultInstanceEx
RTStrToUInt32Ex
RTUtf16ToUtf8Tag
RTUtf16ICmp
RTUtf16Len
RTUtf16Free
RTMemAllocTag
RTCrc64
RTStrPrintf
RTMemReallocTag
RTMemAllocZTag

api-ms-win-crt-string-l1-1-0

_wcsicmp

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

exit
_cexit
_execute_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsprintf
__stdio_common_vsscanf

api-ms-win-crt-environment-l1-1-0

getenv_s

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW

user32

TranslateMessage
DispatchMessageW
RegisterDeviceNotificationW
UnregisterDeviceNotification
DefWindowProcW
RegisterClassW
UnregisterClassW
CreateWindowExW
DestroyWindow
PostMessageW
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageW

ole32

CoCreateInstance
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
SysStringByteLen
VariantInit
VariantClear

Exports

Exports

VBoxDriversRegister
VBoxHostWebcamList

Sections

.text
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VBoxNvmeR0.r0
.exe windows x64

6a756423db02f0014d7ac747a93259b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vmmr0.r0

PDMR0DeviceRegisterModule
PDMR0DeviceDeregisterModule
RTLogRelGetDefaultInstanceEx
RTLogLoggerEx
ASMAtomicXchgU8

Exports

Exports

ModuleInit
ModuleInitSecurityCookie
ModuleTerm

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 131B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 512B - Virtual size: 326B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VBoxNvmeR3.dll
.dll windows x64

068dd613766dbaf64e0a91026aca1866

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1d:50:f6:f6:ff:39:dc:a7:ab:fd:e0:57:af:dc:01:25:85:65:3d:36:37:4d:68:ad:93:78:57:c5:a1:c9:b7:da
Signer

Actual PE Digest

1d:50:f6:f6:ff:39:dc:a7:ab:fd:e0:57:af:dc:01:25:85:65:3d:36:37:4d:68:ad:93:78:57:c5:a1:c9:b7:da

Digest Algorithm

sha256

PE Digest Matches

true

99:d5:02:6f:ec:55:b8:eb:cc:81:b8:b9:06:d1:a0:19:65:c0:3a:f9
Signer

Actual PE Digest

99:d5:02:6f:ec:55:b8:eb:cc:81:b8:b9:06:d1:a0:19:65:c0:3a:f9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

__std_type_info_destroy_list
memset
memcpy
strstr
__C_specific_handler

vboxrt

RTLogLoggerEx
RTUuidClear
RTUuidCompare2Strs
RTSemFastMutexCreate
RTSemFastMutexDestroy
RTSgBufGetNextSegment
RTSemFastMutexRelease
RTMemAllocZTag
RTMemFree
RTReqQueueCreate
RTReqQueueDestroy
RTReqQueueProcess
RTReqQueueCallEx
RTReqRelease
RTReqWait
RTSgBufInit
RTCritSectDelete
RTCritSectLeave
RTCritSectEnter
RTLogRelGetDefaultInstanceEx
RTCritSectInit
RTThreadSelf
ASMAtomicXchgU8
RTStrAPrintfVTag
RTStrPrintf
RTAssertShouldPanic
RTAssertMsg2Weak
RTAssertMsg1Weak
RTSemFastMutexRequest

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initterm
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initialize_onexit_table

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
QueryPerformanceCounter

Exports

Exports

VBoxDevicesRegister

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 204B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VBoxPuelCrypto.dll
.dll windows x64

72e5c3ccbc08eee605dc7a04d423ecfe

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e4:56:f4:ec:e5:4e:23:56:24:87:ad:6b:3f:f3:fa:84:d6:04:d5:0c:b9:f0:ce:a8:62:9e:30:d2:ea:05:00:08
Signer

Actual PE Digest

e4:56:f4:ec:e5:4e:23:56:24:87:ad:6b:3f:f3:fa:84:d6:04:d5:0c:b9:f0:ce:a8:62:9e:30:d2:ea:05:00:08

Digest Algorithm

sha256

PE Digest Matches

true

99:5c:43:a4:18:8f:1b:34:98:84:68:78:3c:ae:d3:f5:42:61:da:02
Signer

Actual PE Digest

99:5c:43:a4:18:8f:1b:34:98:84:68:78:3c:ae:d3:f5:42:61:da:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

memcmp
memset
memcpy
__std_type_info_destroy_list
__C_specific_handler

vboxrt

RTTimeMilliTS
RTCrCipherOpenByType
RTCrCipherRelease
RTCrCipherCtxFree
RTCrCipherCtxEncryptInit
RTCrCipherCtxEncryptProcess
RTCrCipherCtxEncryptFinish
RTCrCipherCtxDecryptInit
RTCrCipherCtxDecryptProcess
RTCrCipherCtxDecryptFinish
RTCrCipherEncrypt
RTCrCipherDecrypt
RTCrCipherEncryptEx
RTCrCipherDecryptEx
RTCrDigestCreateByType
RTCrDigestRelease
RTCrDigestUpdate
RTCrDigestFinal
RTStrCopy
RTCrDigestTypeToHashSize
RTCrRandBytes
RTCrPkcs5Pbkdf2Hmac
RTMemPageAllocZTag
RTMemPageFree
RTVfsIoStrmRetain
RTVfsIoStrmRelease
RTVfsIoStrmToFile
RTVfsIoStrmQueryInfo
RTVfsIoStrmRead
RTVfsIoStrmReadAt
RTVfsIoStrmWrite
RTStrDupNTag
RTVfsIoStrmFlush
RTVfsFileToIoStream
RTVfsFileRetain
RTVfsFileRelease
RTVfsFileRead
RTVfsFileSeek
RTVfsFileQuerySize
RTVfsFileQueryMaxSize
RTVfsNewIoStream
RTVfsNewFile
RTStrDupTag
RTStrFree
RTMemSaferFree
RTStrCmp
RTMemSaferAllocZExTag
RTMemFree
RTMemAllocZTag
RTMemTmpFree
RTMemTmpAllocZTag
RTBase64Encode
RTBase64EncodedLength
RTBase64Decode
RTCrDigestGetHashSize
RTVfsIoStrmWriteAt

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
RtlCaptureContext
QueryPerformanceCounter

Exports

Exports

VBoxCryptoEntry

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VBoxPuelMain.dll
.dll windows x64

35e6bb0a296b01c465d887a92f1f24d9

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:0a:7f:59:de:22:e6:c1:09:38:8b:6d:87:c7:ec:4b:b1:4d:13:33:c2:33:0e:cd:23:dd:82:df:ed:fa:86:d8
Signer

Actual PE Digest

7b:0a:7f:59:de:22:e6:c1:09:38:8b:6d:87:c7:ec:4b:b1:4d:13:33:c2:33:0e:cd:23:dd:82:df:ed:fa:86:d8

Digest Algorithm

sha256

PE Digest Matches

true

86:50:bc:31:2c:10:95:bd:98:24:85:24:74:ea:6e:02:3b:63:66:4b
Signer

Actual PE Digest

86:50:bc:31:2c:10:95:bd:98:24:85:24:74:ea:6e:02:3b:63:66:4b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

memmove
__std_exception_copy
__std_exception_destroy
memset
_CxxThrowException
_purecall
__RTtypeid
__C_specific_handler
__std_type_info_destroy_list
memcmp
__std_type_info_name
__std_terminate
memcpy

vcruntime140_1

__CxxFrameHandler4

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vboxrt

?appendPrintfVNoThrow@RTCString@@QEAAHPEBDPEAD@Z
?erase@RTCString@@QEAAAEAV1@_K0@Z
?isEmpty@RTCString@@QEBA_NXZ
?isNotEmpty@RTCString@@QEBA_NXZ
?isNull@RTCRestObjectBase@@QEBA_NXZ
??0RTCRestString@@QEAA@XZ
??1RTCRestString@@UEAA@XZ
??0RTCRestString@@QEAA@AEBVRTCString@@@Z
??0RTCRestString@@QEAA@PEBD@Z
?deserializeInstanceFromJson@RTCRestString@@SAHAEBURTCRestJsonCursor@@PEAPEAVRTCRestObjectBase@@@Z
??0RTCRestStringMapBase@@QEAA@XZ
??1RTCRestStringMapBase@@UEAA@XZ
?putCopyWorker@RTCRestStringMapBase@@IEAAHPEBDAEBVRTCRestObjectBase@@_N_K@Z
?getContentLength@RTCRestBinaryParameter@@QEBA_KXZ
?setServerUrl@RTCRestClientApiBase@@QEAAHPEBD@Z
?setServerScheme@RTCRestClientApiBase@@QEAAHPEBD@Z
?setServerAuthority@RTCRestClientApiBase@@QEAAHPEBD@Z
?setCAFile@RTCRestClientApiBase@@QEAAHAEBVRTCString@@@Z
??0RTCRestArrayBase@@QEAA@XZ
??1RTCRestArrayBase@@UEAA@XZ
?copyArrayWorkerMayThrow@RTCRestArrayBase@@IEAAXAEBV1@@Z
?baseClone@RTCRestArrayBase@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestString@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestStringMapBase@@UEBAPEAVRTCRestObjectBase@@XZ
?deserializeFromJson@RTCRestArrayBase@@UEAAHAEBURTCRestJsonCursor@@@Z
?deserializeFromJson@RTCRestString@@UEAAHAEBURTCRestJsonCursor@@@Z
?deserializeFromJson@RTCRestStringMapBase@@UEAAHAEBURTCRestJsonCursor@@@Z
?fromString@RTCRestArrayBase@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?fromString@RTCRestObjectBase@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?fromString@RTCRestString@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?resetToDefault@RTCRestArrayBase@@UEAAHXZ
?resetToDefault@RTCRestString@@UEAAHXZ
?resetToDefault@RTCRestStringMapBase@@UEAAHXZ
?serializeAsJson@RTCRestArrayBase@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?serializeAsJson@RTCRestString@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?serializeAsJson@RTCRestStringMapBase@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?setNotNull@RTCRestObjectBase@@UEAAXXZ
?setNull@RTCRestObjectBase@@UEAAHXZ
?setNull@RTCRestString@@UEAAHXZ
?toString@RTCRestArrayBase@@UEBAHPEAVRTCString@@I@Z
?toString@RTCRestObjectBase@@UEBAHPEAVRTCString@@I@Z
?toString@RTCRestString@@UEBAHPEAVRTCString@@I@Z
?typeClass@RTCRestArrayBase@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeClass@RTCRestString@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeClass@RTCRestStringMapBase@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeName@RTCRestArrayBase@@UEBAPEBDXZ
?typeName@RTCRestString@@UEBAPEBDXZ
?typeName@RTCRestStringMapBase@@UEBAPEBDXZ
?compare@RTCString@@QEBAHAEBV1@W4CaseSensitivity@1@@Z
??H@YA?BVRTCString@@AEBV0@PEBD@Z
??0RTCRestBinaryParameter@@QEAA@XZ
?getCallbackData@RTCRestBinaryParameter@@QEBAPEAXXZ
?setProducerCallback@RTCRestBinaryParameter@@QEAAXP6AHPEAV1@PEAX_K2PEA_K@_E12@Z
??1RTCRestBinaryParameter@@UEAA@XZ
?getCallbackData@RTCRestBinaryResponse@@QEBAPEAXXZ
?setConsumerCallback@RTCRestBinaryResponse@@QEAAXP6AHPEAV1@PEBX_KI22@_EPEAX@Z
??1RTCRestBinaryResponse@@UEAA@XZ
?size@RTCRestArrayBase@@QEBA_KXZ
RTVfsFileRead
RTVfsFileWrite
?assignCopy@RTCRestBinaryParameter@@UEAAHAEBV1@@Z
?assignCopy@RTCRestBinaryParameter@@UEAAHAEBVRTCRestBinary@@@Z
?assignCopy@RTCRestBinaryParameter@@UEAAHPEBX_K@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHAEBV1@@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHAEBVRTCRestBinary@@@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHPEBX_K@Z
?assignReadOnly@RTCRestBinaryParameter@@UEAAHPEBX_K@Z
?assignReadOnly@RTCRestBinaryResponse@@UEAAHPEBX_K@Z
?assignWriteable@RTCRestBinaryParameter@@UEAAHPEAX_K@Z
?assignWriteable@RTCRestBinaryResponse@@UEAAHPEAX_K@Z
?baseClone@RTCRestBinaryParameter@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBinaryResponse@@UEBAPEAVRTCRestObjectBase@@XZ
?deserializeFromJson@RTCRestBinary@@UEAAHAEBURTCRestJsonCursor@@@Z
?freeData@RTCRestBinary@@UEAAXXZ
?fromString@RTCRestBinary@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?receiveComplete@RTCRestBinaryResponse@@UEAAXPEAURTHTTPINTERNAL@@@Z
?receivePrepare@RTCRestBinaryResponse@@UEAAHPEAURTHTTPINTERNAL@@I@Z
?resetToDefault@RTCRestBinaryParameter@@UEAAHXZ
?resetToDefault@RTCRestBinaryResponse@@UEAAHXZ
?serializeAsJson@RTCRestBinary@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?setNull@RTCRestBinary@@UEAAHXZ
?toString@RTCRestBinary@@UEBAHPEAVRTCString@@I@Z
?typeClass@RTCRestBinary@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeName@RTCRestBinaryParameter@@UEBAPEBDXZ
?typeName@RTCRestBinaryResponse@@UEBAPEBDXZ
?xmitComplete@RTCRestBinaryParameter@@UEBAXPEAURTHTTPINTERNAL@@@Z
?xmitPrepare@RTCRestBinaryParameter@@UEBAHPEAURTHTTPINTERNAL@@@Z
RTThreadSleep
RTMemAllocTag
RTMemFree
RTStrFormatU64
RTStrNLen
RTStrToUInt64Full
?reserve@RTCString@@QEAAX_K@Z
?assign@RTCString@@QEAAAEAV1@PEBD@Z
?assignNoThrow@RTCString@@QEAAHPEBD@Z
?assign@RTCString@@QEAAAEAV1@PEBD_K@Z
?append@RTCString@@QEAAAEAV1@AEBV1@@Z
?append@RTCString@@QEAAAEAV1@PEBD@Z
?toUpper@RTCString@@QEAAAEAV1@XZ
?mutableRaw@RTCString@@QEAAPEADXZ
?jolt@RTCString@@QEAAXXZ
?compare@RTCString@@QEBAHPEBDW4CaseSensitivity@1@@Z
??MRTCString@@QEBA_NAEBV0@@Z
??8RTCString@@QEBA_NPEBD@Z
?contains@RTCString@@QEBA_NPEBDW4CaseSensitivity@1@@Z
?toUInt32@RTCString@@QEBAIXZ
?split@RTCString@@QEBA?AV?$RTCList@VRTCString@@PEAV1@@@AEBV1@W4SplitMode@1@@Z
?cleanup@RTCString@@IEAAXXZ
RTTimeNow
RTTimeMilliTS
?toString@RTCRestObjectBase@@QEBA?AVRTCString@@XZ
??0RTCRestDate@@QEAA@AEBV0@@Z
??1RTCRestDate@@UEAA@XZ
?getString@RTCRestDate@@QEBAAEBVRTCString@@XZ
??0RTCRestStringEnumBase@@QEAA@XZ
??1RTCRestStringEnumBase@@UEAA@XZ
?setByString@RTCRestStringEnumBase@@QEAAHAEBVRTCString@@@Z
?getString@RTCRestStringEnumBase@@QEBAPEBDXZ
?setWorker@RTCRestStringEnumBase@@IEAA_NH@Z
?cloneWorker@RTCRestStringEnumBase@@IEBAPEAVRTCRestObjectBase@@PEAV1@@Z
?isEmpty@RTCRestStringMapBase@@QEBA_NXZ
?begin@RTCRestStringMapBase@@QEBA?AVConstIterator@1@XZ
?last@RTCRestStringMapBase@@QEBA?AVConstIterator@1@XZ
?end@RTCRestStringMapBase@@QEBA?AVConstIterator@1@XZ
?copyMapWorkerMayThrow@RTCRestStringMapBase@@IEAAXAEBV1@@Z
??0RTCRestBinaryResponse@@QEAA@XZ
?isEmpty@RTCRestArrayBase@@QEBA_NXZ
RTNetIsIPv4AddrStr
RTFileExists
RTFileDelete
RTFileRename
RTFileReadAll
RTFileReadAllFree
RTIniFileCreateFromVfsFile
RTIniFileRelease
RTIniFileQueryValue
RTPathSkipRootSpec
RTPathPurgeFilename
RTPathStartsWithRoot
RTPathCompare
RTPathAppend
RTPathUserHome
RTPathTemp
RTRandU64Ex
RTStrmOpen
RTStrmClose
RTStrmPutCh
RTStrmPutStr
RTStrmGetLine
RTStrmPrintf
RTVfsFileOpenNormal
RTVfsFileRelease
RTBase64EncodedLengthEx
RTBase64EncodeEx
RTUriParse
?deserializeFromJson@RTCRestStringEnumBase@@UEAAHAEBURTCRestJsonCursor@@@Z
?fromString@RTCRestStringEnumBase@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?resetToDefault@RTCRestStringEnumBase@@UEAAHXZ
?serializeAsJson@RTCRestStringEnumBase@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?toString@RTCRestStringEnumBase@@UEBAHPEAVRTCString@@I@Z
?typeClass@RTCRestStringEnumBase@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
RTVfsFileTell
RTVfsFileSeek
RTVfsMemFileCreate
RTUuidClear
RTStrToInt32Full
RTUtf16Cmp
?strip@RTCString@@QEAAAEAV1@XZ
?substr@RTCString@@QEBA?AV1@_K0@Z
?endsWith@RTCString@@QEBA_NAEBV1@W4CaseSensitivity@1@@Z
??0RTCString@@QEAA@PEBD_K@Z
??0RTCString@@QEAA@PEBDPEAD@Z
?printfNoThrow@RTCString@@QEAAHPEBDZZ
??9RTCString@@QEBA_NAEBV0@@Z
RTUuidToStr
RTStrStripL
?stripRight@RTCString@@QEAAAEAV1@XZ
?startsWith@RTCString@@QEBA_NAEBV1@W4CaseSensitivity@1@@Z
?toInt@RTCString@@QEBAHAEA_K@Z
??0RTCRestString@@QEAA@AEBV0@@Z
?containsKey@RTCRestStringMapBase@@QEBA_NPEBD@Z
?getWorker@RTCRestStringMapBase@@IEBAPEBVRTCRestObjectBase@@PEBD@Z
RTUuidCreate
RTUuidIsNull
RTUuidFromStr
RTFileCopy
RTStrVersionCompare
?find@RTCString@@QEBA_KPEBD_K@Z
RTThreadCreate
RTMemReallocTag
?append@RTCString@@QEAAAEAV1@D@Z
RTStrToUInt64Ex
RTSemEventCreate
RTSemEventDestroy
RTSemEventSignal
RTSemEventWait
?assign@RTCString@@QEAAAEAV1@AEBV1@@Z
RTSemEventMultiDestroy
RTSemEventMultiSignal
RTSemEventMultiWait
RTThreadSelf
RTTlsGet
RTTlsSet
RTUuidToUtf16
RTUuidFromUtf16
RTStrValidateEncodingEx
?reserveNoThrow@RTCString@@QEAAH_K@Z
?find@RTCString@@QEBA_KPEBV1@_K@Z
RTFileOpen
RTFileClose
RTFileWrite
RTDirExists
RTVfsFileReadAt
RTStrCopy
RTOnceSlow
RTCritSectRwInit
RTCritSectRwEnterShared
RTCritSectRwLeaveShared
RTCritSectRwEnterExcl
RTCritSectRwLeaveExcl
RTStrCmp
RTStrHash1
??0RTCRestBool@@QEAA@AEBV0@@Z
??0RTCRestBool@@QEAA@_N@Z
??1RTCRestBool@@UEAA@XZ
??4RTCRestBool@@QEAAAEAV0@AEBV0@@Z
?assignValue@RTCRestBool@@QEAAX_N@Z
?assignCopy@RTCRestString@@QEAAHAEBV1@@Z
?assignNoThrow@RTCRestString@@QEAAHAEBVRTCString@@@Z
?assignNoThrow@RTCRestString@@QEAAHPEBD@Z
??4RTCRestString@@QEAAAEAV0@AEBV0@@Z
??0RTCRestDate@@QEAA@XZ
??4RTCRestDate@@QEAAAEAV0@AEBV0@@Z
?assignCopy@RTCRestDate@@QEAAHAEBV1@@Z
??0RTCRestStringEnumBase@@QEAA@AEBV0@@Z
??4RTCRestStringEnumBase@@QEAAAEAV0@AEBV0@@Z
?assignCopy@RTCRestStringEnumBase@@QEAAHAEBV1@@Z
?setByString@RTCRestStringEnumBase@@QEAAHPEBD_K@Z
??0RTCRestDataObject@@QEAA@XZ
??0RTCRestDataObject@@QEAA@AEBV0@@Z
??1RTCRestDataObject@@UEAA@XZ
?resetToDefault@RTCRestDataObject@@UEAAHXZ
?serializeMembersAsJson@RTCRestDataObject@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?deserializeMemberFromJson@RTCRestDataObject@@UEAAHAEBURTCRestJsonCursor@@_K@Z
??4RTCRestDataObject@@IEAAAEAV0@AEBV0@@Z
?assignCopy@RTCRestDataObject@@MEAAHAEBV1@@Z
?deserializeFromJson@RTCRestDataObject@@UEAAHAEBURTCRestJsonCursor@@@Z
?serializeAsJson@RTCRestDataObject@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?typeClass@RTCRestDataObject@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?assignNoThrow@RTCRestString@@QEAAHPEBD_K@Z
?copyMapWorkerNoThrow@RTCRestStringMapBase@@IEAAHAEBV1@@Z
?putWorker@RTCRestStringMapBase@@IEAAHPEBDPEAVRTCRestObjectBase@@_N_K@Z
??0RTCRestAnyObject@@QEAA@XZ
??1RTCRestAnyObject@@UEAA@XZ
?deserializeInstanceFromJson@RTCRestAnyObject@@SAHAEBURTCRestJsonCursor@@PEAPEAVRTCRestObjectBase@@@Z
?baseClone@RTCRestAnyObject@@UEBAPEAVRTCRestObjectBase@@XZ
?deserializeFromJson@RTCRestAnyObject@@UEAAHAEBURTCRestJsonCursor@@@Z
?fromString@RTCRestAnyObject@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?resetToDefault@RTCRestAnyObject@@UEAAHXZ
?serializeAsJson@RTCRestAnyObject@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?setNull@RTCRestAnyObject@@UEAAHXZ
?toString@RTCRestAnyObject@@UEBAHPEAVRTCString@@I@Z
?typeClass@RTCRestAnyObject@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeName@RTCRestAnyObject@@UEBAPEBDXZ
?nullValue@RTCRestOutputBase@@QEAAXXZ
??0RTCRestInt64@@QEAA@AEBV0@@Z
??0RTCRestInt64@@QEAA@_J@Z
??1RTCRestInt64@@UEAA@XZ
??4RTCRestInt64@@QEAAAEAV0@AEBV0@@Z
?assignValue@RTCRestInt64@@QEAAX_J@Z
??0RTCRestInt32@@QEAA@AEBV0@@Z
??0RTCRestInt32@@QEAA@H@Z
??1RTCRestInt32@@UEAA@XZ
??4RTCRestInt32@@QEAAAEAV0@AEBV0@@Z
?assignValue@RTCRestInt32@@QEAAXH@Z
??0RTCRestDouble@@QEAA@AEBV0@@Z
??0RTCRestDouble@@QEAA@N@Z
??1RTCRestDouble@@UEAA@XZ
??4RTCRestDouble@@QEAAAEAV0@AEBV0@@Z
?assignValue@RTCRestDouble@@QEAAXN@Z
RTHttpAddHeader
?assignNoThrow@RTCString@@QEAAHPEBD_K@Z
??0RTCRestBool@@QEAA@XZ
??0RTCRestInt32@@QEAA@XZ
?assignCopy@RTCRestString@@QEAAHPEBD@Z
??0RTCRestClientRequestBase@@QEAA@XZ
??1RTCRestClientRequestBase@@UEAA@XZ
?doPathParameters@RTCRestClientRequestBase@@IEBAHPEAVRTCString@@PEBD_KPEBUPATHPARAMDESC@1@PEAUPATHPARAMSTATE@1@2@Z
?doQueryParameters@RTCRestClientRequestBase@@IEBAHPEAVRTCString@@PEBUQUERYPARAMDESC@1@PEAPEBVRTCRestObjectBase@@_K@Z
?doHeaderParameters@RTCRestClientRequestBase@@IEBAHPEAURTHTTPINTERNAL@@PEBUHEADERPARAMDESC@1@PEAPEBVRTCRestObjectBase@@_K@Z
??0RTCRestOutputToString@@QEAA@PEAVRTCString@@_N@Z
??1RTCRestOutputToString@@UEAA@XZ
?finalize@RTCRestOutputToString@@UEAAPEAVRTCString@@XZ
RTStrNICmpAscii
??0RTCRestClientResponseBase@@QEAA@XZ
??1RTCRestClientResponseBase@@UEAA@XZ
?reset@RTCRestClientResponseBase@@UEAAXXZ
?receivePrepare@RTCRestClientResponseBase@@UEAAHPEAURTHTTPINTERNAL@@@Z
?receiveComplete@RTCRestClientResponseBase@@UEAAXHPEAURTHTTPINTERNAL@@@Z
?addError@RTCRestClientResponseBase@@IEAAHHPEBDZZ
?deserializeHeader@RTCRestClientResponseBase@@IEAAHPEAVRTCRestObjectBase@@PEBD_KI1@Z
?deserializeBody@RTCRestClientResponseBase@@IEAAXPEBD_K0@Z
?consumeHeader@RTCRestClientResponseBase@@MEAAHIPEBD_K01@Z
?baseClone@RTCRestInt32@@UEBAPEAVRTCRestObjectBase@@XZ
?deserializeFromJson@RTCRestInt32@@UEAAHAEBURTCRestJsonCursor@@@Z
?fromString@RTCRestInt32@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?receiveFinal@RTCRestClientResponseBase@@UEAAXXZ
?resetToDefault@RTCRestInt32@@UEAAHXZ
?serializeAsJson@RTCRestInt32@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?toString@RTCRestInt32@@UEBAHPEAVRTCString@@I@Z
?typeClass@RTCRestInt32@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeName@RTCRestInt32@@UEBAPEBDXZ
??0RTCRestClientApiBase@@QEAA@XZ
??1RTCRestClientApiBase@@UEAA@XZ
?ociSignRequest@RTCRestClientApiBase@@IEAAHPEAURTHTTPINTERNAL@@AEBVRTCString@@W4RTHTTPMETHOD@@1IPEAURTCRKEYINT@@1@Z
?doCall@RTCRestClientApiBase@@MEAAHAEBVRTCRestClientRequestBase@@W4RTHTTPMETHOD@@PEAVRTCRestClientResponseBase@@PEBDI@Z
?reinitHttpInstance@RTCRestClientApiBase@@MEAAHXZ
?copyArrayWorkerNoThrow@RTCRestArrayBase@@IEAAHAEBV1@@Z
?insertCopyWorker@RTCRestArrayBase@@IEAAH_KAEBVRTCRestObjectBase@@_N@Z
RTStrFree
RTJsonValueGetType
RTJsonValueQueryStringByName
??0RTCRestPolyDataObject@@QEAA@XZ
??1RTCRestPolyDataObject@@UEAA@XZ
?resetToDefault@RTCRestPolyDataObject@@UEAAHXZ
?isChild@RTCRestPolyDataObject@@UEBA_NXZ
?deserializeInstanceFromJson@RTCRestInt32@@SAHAEBURTCRestJsonCursor@@PEAPEAVRTCRestObjectBase@@@Z
?assignCopy@RTCRestInt32@@QEAAHAEBV1@@Z
??0RTCRestInt64@@QEAA@XZ
??4RTCRestString@@QEAAAEAV0@PEBD@Z
?deserializeHeaderIntoMap@RTCRestClientResponseBase@@IEAAHPEAVRTCRestStringMapBase@@PEBD_K12I1@Z
?baseClone@RTCRestBool@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestDate@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestInt64@@UEBAPEAVRTCRestObjectBase@@XZ
?deserializeFromJson@RTCRestBool@@UEAAHAEBURTCRestJsonCursor@@@Z
?deserializeFromJson@RTCRestDate@@UEAAHAEBURTCRestJsonCursor@@@Z
?deserializeFromJson@RTCRestInt64@@UEAAHAEBURTCRestJsonCursor@@@Z
?fromString@RTCRestBool@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?fromString@RTCRestDate@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?fromString@RTCRestInt64@@UEAAHAEBVRTCString@@PEBDPEAURTERRINFO@@I@Z
?resetToDefault@RTCRestBool@@UEAAHXZ
?resetToDefault@RTCRestDate@@UEAAHXZ
?resetToDefault@RTCRestInt64@@UEAAHXZ
?serializeAsJson@RTCRestBool@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?serializeAsJson@RTCRestDate@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?serializeAsJson@RTCRestInt64@@UEBAAEAVRTCRestOutputBase@@AEAV2@@Z
?toString@RTCRestBool@@UEBAHPEAVRTCString@@I@Z
?toString@RTCRestDate@@UEBAHPEAVRTCString@@I@Z
?toString@RTCRestInt64@@UEBAHPEAVRTCString@@I@Z
?typeClass@RTCRestBool@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeClass@RTCRestDate@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeClass@RTCRestInt64@@UEBA?AW4kTypeClass@RTCRestObjectBase@@XZ
?typeName@RTCRestBool@@UEBAPEBDXZ
?typeName@RTCRestDate@@UEBAPEBDXZ
?typeName@RTCRestInt64@@UEBAPEBDXZ
RTUtf16Len
RTStrFormatV
RTStrToUtf16ExTag
RTStrCalcUtf16LenEx
RTCritSectRwGetWriteRecursion
RTCritSectRwIsReadOwner
RTCritSectRwIsWriteOwner
RTCritSectRwDelete
RTCritSectRwInitEx
?printfV@RTCString@@QEAAAEAV1@PEBDPEAD@Z
??0RTCString@@QEAA@PEBD@Z
RTCrKeyRelease
RTCrKeyRetain
RTCrKeyCreateFromFile
?npos@RTCString@@2_KB
?substrCP@RTCString@@QEBA?AV1@_K0@Z
??8RTCString@@QEBA_NAEBV0@@Z
?equals@RTCString@@QEBA_NAEBV1@@Z
?c_str@RTCString@@QEBAPEBDXZ
?printf@RTCString@@QEAAAEAV1@PEBDZZ
??4RTCString@@QEAAAEAV0@AEBV0@@Z
??4RTCString@@QEAAAEAV0@PEBD@Z
?setNull@RTCString@@QEAAXXZ
??1RTCString@@UEAA@XZ
??0RTCString@@QEAA@AEBV0@@Z
??0RTCString@@QEAA@XZ
RTStrUniLen
RTLogLoggerEx
RTLogRelGetDefaultInstanceEx
RTCritSectDelete
RTCritSectLeave
RTCritSectEnter
RTCritSectInit
RTUuidCompare
RTErrInfoSetF
RTUtf16ToUtf8ExTag
RTEnvGetEx
RTDirCreateFullPath
RTPathAbs
RTSemEventMultiCreate
RTVfsFileQuerySize

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_cexit
_initialize_onexit_table
_register_onexit_function
_initterm
_initterm_e
_invalid_parameter_noinfo_noreturn
_crt_atexit
_execute_onexit_table

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

kernel32

RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlCaptureContext
IsProcessorFeaturePresent
InitializeSListHead
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentThreadId
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

ole32

StringFromIID
CoTaskMemFree
CoCreateFreeThreadedMarshaler

oleaut32

SysReAllocStringLen
SysAllocStringLen
SafeArrayGetVartype
GetErrorInfo
LoadRegTypeLi
SysAllocString
SafeArrayCreate
SafeArrayDestroy
SafeArrayRedim
SafeArrayAccessData
SafeArrayUnaccessData
SetErrorInfo
SysFreeString
SysStringLen
SysAllocStringByteLen
SafeArrayCreateEx

Exports

Exports

VBoxExtPackRegister

Sections

.text
Size: 752KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 22KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VBoxPuelMainVM.dll
.dll windows x64

b1151b4fb8e2fdc32b411bd96391eb59

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:38:30:d6:cd:c2:e1:78:33:46:07:13:75:80:d3:2e:b8:dc:da:12:55:9d:fe:92:77:83:c7:39:9d:61:0e:59
Signer

Actual PE Digest

11:38:30:d6:cd:c2:e1:78:33:46:07:13:75:80:d3:2e:b8:dc:da:12:55:9d:fe:92:77:83:c7:39:9d:61:0e:59

Digest Algorithm

sha256

PE Digest Matches

true

72:40:4a:30:ab:5f:26:3a:74:15:15:20:4c:8c:e2:e6:fa:f5:84:0f
Signer

Actual PE Digest

72:40:4a:30:ab:5f:26:3a:74:15:15:20:4c:8c:e2:e6:fa:f5:84:0f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vboxrt

RTLdrIsLoadable
RTLogLoggerEx
RTLogRelGetDefaultInstanceEx
RTErrInfoSetF
RTStrPrintf
RTPathStripFilename

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_execute_onexit_table
_cexit
_configure_narrow_argv

kernel32

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
UnhandledExceptionFilter

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset

Exports

Exports

VBoxExtPackVMRegister

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VBoxUsbCardReaderR3.dll
.dll windows x64

bd1e4a4f38e882d6b69ffcf3ae02c386

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

76:62:d4:be:f6:2d:63:9d:fe:f2:a6:3a:13:8a:e4:06:cc:4e:77:12:d9:cd:fe:53:86:b0:98:88:cc:41:a4:a4
Signer

Actual PE Digest

76:62:d4:be:f6:2d:63:9d:fe:f2:a6:3a:13:8a:e4:06:cc:4e:77:12:d9:cd:fe:53:86:b0:98:88:cc:41:a4:a4

Digest Algorithm

sha256

PE Digest Matches

true

4d:ba:3a:bb:6d:83:bd:2d:21:5a:67:c2:30:8e:13:1a:df:c5:9a:01
Signer

Actual PE Digest

4d:ba:3a:bb:6d:83:bd:2d:21:5a:67:c2:30:8e:13:1a:df:c5:9a:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memcpy
memcmp
memset

vboxrt

RTSemEventDestroy
RTSemEventSignal
RTMemFree
RTStrDupTag
RTUuidCompare2Strs
RTStrFormat
RTStrFormatTypeRegister
RTMemReallocTag
RTMemAllocZTag
RTMemAllocTag
RTLogLoggerEx
RTSemEventCreate
RTLogRelGetDefaultInstanceEx
RTTimeMilliTS
RTCritSectDelete
RTCritSectLeave
RTCritSectEnter
RTCritSectInit
RTThreadSleep
RTSemEventWait

api-ms-win-crt-string-l1-1-0

strcmp

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

kernel32

DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlLookupFunctionEntry
IsProcessorFeaturePresent
RtlCaptureContext
InitializeSListHead
QueryPerformanceCounter
GetCurrentProcessId
RtlVirtualUnwind

Exports

Exports

VBoxUsbRegister

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VBoxUsbWebcamR3.dll
.dll windows x64

7147c881398313aa6abe0166f7a1d481

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:e0:99:de:36:4d:1e:be:78:08:55:89:da:82:84:b6:76:c1:aa:ba:93:29:02:cc:42:9d:fd:70:e3:3e:9e:53
Signer

Actual PE Digest

bb:e0:99:de:36:4d:1e:be:78:08:55:89:da:82:84:b6:76:c1:aa:ba:93:29:02:cc:42:9d:fd:70:e3:3e:9e:53

Digest Algorithm

sha256

PE Digest Matches

true

4f:c4:e4:e5:0c:a5:2c:79:a3:ce:1e:1c:37:63:8e:87:85:19:21:e5
Signer

Actual PE Digest

4f:c4:e4:e5:0c:a5:2c:79:a3:ce:1e:1c:37:63:8e:87:85:19:21:e5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
__C_specific_handler
memmove
memset
memcpy
_purecall

vboxrt

RTReqQueueCallEx
RTReqRelease
RTSemEventCreate
RTSemEventDestroy
RTSemEventSignal
RTSemEventWait
RTTimerLRCreateEx
RTTimerLRDestroy
RTReqQueueCall
RTTimerLRStop
RTUuidCompare2Strs
RTUuidFromStr
RTCritSectInit
RTCritSectEnter
RTCritSectLeave
RTCritSectDelete
RTLogRelGetDefaultInstanceEx
RTLogLoggerEx
RTMemAllocZTag
RTMemReallocTag
RTStrCopy
RTStrCat
RTReqQueueProcess
RTReqQueueDestroy
RTReqQueueCreate
RTMemFree
RTMemDupTag
RTMemAllocTag
RTFileQuerySize
RTReqQueueCallVoid
RTFileRead
RTFileClose
RTFileOpen
RTTimeMilliTS
RTTimerLRStart

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_cexit
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_onexit_table

kernel32

TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
InitializeSListHead
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
RtlCaptureContext
RtlLookupFunctionEntry
DisableThreadLibraryCalls

Exports

Exports

VBoxUsbRegister

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VBoxVRDP.dll
.dll windows x64

6353985de95d7b18ff9e1ecdd5cbb3e9

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:5e:1a:c8:99:74:b5:b0:20:2e:fa:d6:58:03:87:40:82:19:3f:78:4c:de:01:b8:22:7d:34:b4:c9:1a:b8:4d
Signer

Actual PE Digest

1f:5e:1a:c8:99:74:b5:b0:20:2e:fa:d6:58:03:87:40:82:19:3f:78:4c:de:01:b8:22:7d:34:b4:c9:1a:b8:4d

Digest Algorithm

sha256

PE Digest Matches

true

83:c6:ed:2d:39:aa:f2:f1:3d:17:61:fc:20:69:79:0b:ec:c7:4d:ac
Signer

Actual PE Digest

83:c6:ed:2d:39:aa:f2:f1:3d:17:61:fc:20:69:79:0b:ec:c7:4d:ac

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

__std_exception_destroy
__std_exception_copy
__C_specific_handler
memcpy
_CxxThrowException
__std_type_info_destroy_list
longjmp
memmove
__std_terminate
memset
memcmp
_purecall
__intrinsic_setjmp

vcruntime140_1

__CxxFrameHandler4

vboxrt

RTStrCopy
RTStrICmp
RTLogRelGetDefaultInstanceEx
RTLogLoggerEx
RTSemEventCreate
RTSemEventDestroy
RTSemEventSignal
RTSemEventMultiCreate
RTSemEventMultiDestroy
RTSemEventMultiSignal
RTStrFree
RTStrPrintf
RTStrToUInt32Full
RTTimeNanoTS
RTPathJoinA
RTBigNumInit
RTBigNumInitZero
RTBigNumDestroy
RTBigNumToBytesBigEndian
RTBigNumModExp
RTMd5
RTMd5Init
RTMd5Update
RTMd5Final
RTSha1Init
RTSha1Update
RTSha1Final
RTAsn1ObjId_CompareWithString
RTAsn1EncodePrepare
RTAsn1EncodeToBuffer
RTCrX509Certificate_Delete
RTCrX509Certificate_ReadFromFile
RTCrKeyCreateFromFile
RTCrKeyCreateNewRsa
RTCrKeyRelease
RTCrKeyGetType
RTCrKeyQueryRsaModulus
RTCrKeyQueryRsaPrivateExponent
RTCrRandBytes
RTCrRc4SetKey
RTCrRc4
RTThreadUserSignal
RTAssertMsg1Weak
RTAssertShouldPanic
RTStrCmp
RTUtf16Len
RTUtf16ToUtf8Tag
RTUtf16ToUtf8ExTag
RTThreadSleep
RTCritSectInitEx
RTCritSectEnter
RTCritSectLeave
RTCritSectDelete
RTEnvExist
RTTimeNow
RTTimeMilliTS
RTMemReallocTag
RTCrc64Start
RTCrc64Process
RTCrc64Finish
RTHeapSimpleInit
RTHeapSimpleAlloc
RTHeapSimpleFree
ASMBitFirstClear
RTSemEventMultiReset
RTSemEventMultiWait
RTCrSslCreate
RTCrSslRelease
RTCrSslSetCertificateFile
RTCrSslSetPrivateKeyFile
RTCrSslLoadTrustedRootCerts
RTCrSslSetNoPeerVerify
RTCrSslCreateSessionForNativeSocket
RTCrSslSessionRelease
RTCrSslSessionAccept
RTCrSslSessionGetVersion
RTThreadWait
RTCrSslSessionPending
RTCrSslSessionRead
RTCrSslSessionWrite
ASMAtomicXchgU8
RTSemEventWaitNoResume
RTUuidCreate
RTUuidToStr
RTThreadUserWaitNoResume
RTThreadUserReset
RTStrCalcUtf16LenEx
RTStrToUtf16ExTag
RTUtf16CalcUtf8LenEx
RTMemDupTag
RTCrc64
RTStrToInt64Full
RTUuidClear
RTThreadCreate
RTThreadSelf
RTMemAllocZTag
RTMemFree
RTMemAllocTag
RTThreadUserWait
g_RTAsn1DefaultAllocator
RTCrSslSessionGetCertIssuerNameAsString

api-ms-win-crt-stdio-l1-1-0

fclose
fwrite
fseek
fopen
__stdio_common_vfprintf
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vsprintf

api-ms-win-crt-math-l1-1-0

sqrt

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_initialize_narrow_environment
_execute_onexit_table
_cexit
exit
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

api-ms-win-crt-environment-l1-1-0

getenv_s

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId

ws2_32

freeaddrinfo
getaddrinfo
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
socket
shutdown
setsockopt
send
select
recv
listen
getsockopt
ioctlsocket
closesocket
bind
accept
__WSAFDIsSet

Exports

Exports

VRDECreateServer
VRDESupportedProperties

Sections

.text
Size: 455KB - Virtual size: 454KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 286KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/VDPluginCrypt.dll
.dll windows x64

ea57c0ce1f60ef1efa71b6ab696c280e

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23-12-2013 00:00

Not After

22-12-2016 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:19:93:e4:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

22-02-2011 19:25

Not After

22-02-2021 19:35

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01-01-2014 00:00

Not After

31-12-2014 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22-10-2013 12:00

Not After

22-10-2028 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:41

Not After

15-04-2021 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-02-2021 00:00

Not After

16-04-2024 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8b:36:d0:5d:3f:82:e1:3f:ff:d7:e9:01:fd:f6:80:99:d5:47:e9:11:06:f8:4a:1f:3a:07:9c:3a:e2:04:38:2e
Signer

Actual PE Digest

8b:36:d0:5d:3f:82:e1:3f:ff:d7:e9:01:fd:f6:80:99:d5:47:e9:11:06:f8:4a:1f:3a:07:9c:3a:e2:04:38:2e

Digest Algorithm

sha256

PE Digest Matches

true

c6:1e:4f:e5:24:97:c6:7f:00:27:b1:3f:67:f4:3e:2d:db:67:1f:dd
Signer

Actual PE Digest

c6:1e:4f:e5:24:97:c6:7f:00:27:b1:3f:67:f4:3e:2d:db:67:1f:dd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memcmp
memcpy

vboxrt

RTCrCipherEncrypt
RTCrCipherDecrypt
RTCrRandBytes
RTBase64Decode
RTCrCipherOpenByType
RTBase64Encode
RTStrDupNTag
RTStrCopy
RTMemTmpAllocZTag
RTMemTmpFree
RTTimeMilliTS
RTCrDigestTypeToHashSize
RTCrPkcs5Pbkdf2Hmac
RTMemSaferFree
RTMemSaferAllocZTag
RTMemSaferAllocZExTag
RTLogLoggerEx
RTCrCipherRelease
RTLogRelGetDefaultInstanceEx
RTMemWipeThoroughly
RTMemFree
RTMemAllocZTag
RTMemAllocTag
RTStrToUInt64Full
RTStrCmp
RTStrFree
RTBase64EncodedLength

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_cexit
_execute_onexit_table
_initterm_e
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
RtlCaptureContext
RtlLookupFunctionEntry
QueryPerformanceCounter

Exports

Exports

VDPluginLoad

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
win.amd64/vboxextpackpuel.cat

Sharing

General

Malware Config

Signatures

Files

270bd663ee39ee9234e754958d09abac

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3eCertificate

Extended Key Usages

Key Usages

61:19:93:e4:00:00:00:00:00:1cCertificate

Key Usages

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7Certificate

Extended Key Usages

Key Usages

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

d3:56:b0:1e:6f:9c:07:a3:6a:c0:52:7e:a4:a1:49:a8:44:57:d2:26:b7:d1:4a:c5:12:ca:86:d8:ca:4e:55:e4Signer

59:8e:1c:2e:15:7f:9c:b3:c6:f8:eb:15:cc:2a:34:70:c6:bb:6f:01Signer

Headers

DLL Characteristics

File Characteristics

Imports

vcruntime140

vcruntime140_1

vboxrt

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-environment-l1-1-0

kernel32

user32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 233KB - Virtual size: 232KB

.rdata Size: 253KB - Virtual size: 253KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 512B - Virtual size: 372B

6a756423db02f0014d7ac747a93259b6

Headers

DLL Characteristics

File Characteristics

Imports

vmmr0.r0

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 64B

.pdata Size: 512B - Virtual size: 192B

.edata Size: 512B - Virtual size: 131B

INIT Size: 512B - Virtual size: 326B

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 512B - Virtual size: 120B

068dd613766dbaf64e0a91026aca1866

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

d3:56:b0:1e:6f:9c:07:a3:6a:c0:52:7e:a4:a1:49:a8:44:57:d2:26:b7:d1:4a:c5:12:ca:86:d8:ca:4e:55:e4
Signer

59:8e:1c:2e:15:7f:9c:b3:c6:f8:eb:15:cc:2a:34:70:c6:bb:6f:01
Signer

.text
Size: 233KB - Virtual size: 232KB

.rdata
Size: 253KB - Virtual size: 253KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 512B - Virtual size: 372B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 64B

.pdata
Size: 512B - Virtual size: 192B

.edata
Size: 512B - Virtual size: 131B

INIT
Size: 512B - Virtual size: 326B

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 512B - Virtual size: 120B

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

1d:50:f6:f6:ff:39:dc:a7:ab:fd:e0:57:af:dc:01:25:85:65:3d:36:37:4d:68:ad:93:78:57:c5:a1:c9:b7:da
Signer

99:d5:02:6f:ec:55:b8:eb:cc:81:b8:b9:06:d1:a0:19:65:c0:3a:f9
Signer

.text
Size: 35KB - Virtual size: 34KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 512B - Virtual size: 204B

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

61:19:93:e4:00:00:00:00:00:1c
Certificate

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate