mod menu[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

mod menu.rar
Size

13.3MB
MD5

ce5d0b68d7e831a3007c0edaba80f6b2
SHA1

317eb9a5f8edff21cb12b30e0194aea8ecdccb7a
SHA256

251c9e8d18cf03dd26ad5e6bf1dc673fb49031faaa237e0487235a9c2840b264
SHA512

ccf3cf9c6fe7144650c55b7018f09990e4e7c7ed35427f4be6ad5a6bc6a6f97ae88dfaa20a9710f4b39f3e14e92e90961eba56d80fce2731655297521befb5e1
SSDEEP

393216:MNcszhPOH5WoGJVcw+7CY+gpakuILB4IkQl1ToQbPKt6oBc:M5zylGkw+7CJKuIFxToQb3P

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/mod menu/App/chrome_elf.dll
unpack001/mod menu/App/swiftshader/libEGL.dll
unpack001/mod menu/App/swiftshader/libGLESv2.dll
unpack001/mod menu/inject.exe

Files

mod menu.rar
.rar

Password: 2023
mod menu/App/am.pak
mod menu/App/ar.pak
mod menu/App/bg.pak
mod menu/App/bn.pak
mod menu/App/ca.pak
mod menu/App/cef.pak
mod menu/App/cef_100_percent.pak
mod menu/App/cef_200_percent.pak
mod menu/App/cef_extensions.pak
mod menu/App/chrome_elf.dll
.dll windows x86

Password: 2023

4d0ed3f3db74367b9a740697ddaddf89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProcessTimes
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseMutex
ReleaseSRWLockExclusive
RemoveDirectoryW
ResetEvent
RtlCaptureStackBackTrace
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcmpiA

Exports

Exports

ClearReportsBetween_ExportThunk
CrashForException_ExportThunk
DisableHook
DrainLog
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
GetApplyHookResult
GetBlockedModulesCount
GetCrashReports_ExportThunk
GetCrashpadDatabasePath_ExportThunk
GetHandleVerifier
GetInstallDetailsPayload
GetUniqueBlockedModulesCount
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsCrashReportingEnabledImpl
IsThirdPartyInitialized
RegisterLogNotification
RequestSingleCrashUpload_ExportThunk
SetCrashKeyValueImpl
SetMetricsClientId
SetUploadConsent_ExportThunk
SignalChromeElf
SignalInitializeCrashReporting

Sections

.text
Size: 607KB - Virtual size: 607KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crthunk
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 145B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 246B

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/App/cs.pak
mod menu/App/d3dcompiler_47.dll
.dll windows x86

Password: 2023

131726669bc1e34b495edb4198d0aca3

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:29

Not After

03/03/2021, 18:29

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9d:6e:b3:7f:16:6d:b5:27:89:b4:d6:e4:65:fa:7d:25:22:3c:ad:f0:45:d0:d5:cf:cc:73:e8:b8:19:f8:46:46
Signer

Actual PE Digest

9d:6e:b3:7f:16:6d:b5:27:89:b4:d6:e4:65:fa:7d:25:22:3c:ad:f0:45:d0:d5:cf:cc:73:e8:b8:19:f8:46:46

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

api-ms-win-crt-string-l1-1-0

wcsncmp
strnlen
__isascii
strncmp
memset

api-ms-win-crt-math-l1-1-0

_finite
_isnan

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_controlfp
_clearfp

api-ms-win-crt-private-l1-1-0

_o__atoi64
_o__callnewh
_o__cexit
_o__chsize_s
_o__CIacos
_o__CIasin
_o__CIatan
_o__CIatan2
_o__CIcos
_o__CIcosh
_o__CIexp
_o__CIfmod
_o__CIlog
_o__CIpow
_o__CIsin
_o__CIsinh
_o__CIsqrt
_o__CItan
_o__CItanh
_o__close
_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__filelengthi64
_o__fpclass
_o__get_osfhandle
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__lseeki64
_o__mbscmp
_o__mbstrlen
_o__memicmp
_o__open_osfhandle
_o__purecall
_o__read
_o__register_onexit_function
_o__seh_filter_dll
_o__strdup
_o__stricmp
_o__strnicmp
_o__strtoui64
_o__wcsdup
_o__wcsicmp
_o__wcsnicmp
_o__wfsopen
_o__wfullpath
_o__wgetenv
_o__wmakepath_s
_o__write
_o__wsopen_s
_o__wsplitpath_s
_o__wtoi
_o_atof
_o_atoi
_o_bsearch
_o_calloc
_o_ceil
_o_fclose
_o_floor
_o_fread
_o_free
_o_fseek
_o_ftell
_o_getenv
_o_isalnum
_o_isalpha
_o_isdigit
_o_isspace
_o_isxdigit
_o_malloc
_o_modf
_o_qsort
_o_setlocale
_o_strcat_s
_o_strcpy_s
_o_strncpy_s
_o_strtod
_o_strtoul
_o_terminate
_o_tolower
_o_toupper
_o_towlower
_o_wcscat_s
_o_wcscpy_s
_o_wcsncat_s
_o_wcsncpy_s
_o_wcstoul
strrchr
strchr
_except_handler4_common
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsscanf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
memcpy
_CxxThrowException
memmove
strstr
__unDName
wcschr
wcsrchr
__CxxFrameHandler3

kernel32

FlushViewOfFile
MapViewOfFileEx
SetFilePointer
CreateFileA
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
DeviceIoControl
SetFilePointerEx
SetEndOfFile
GetFileType
DeleteFileW
SetFileAttributesW
GetFileAttributesW
LCMapStringW
SetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
SetEvent
GetModuleFileNameA
ResetEvent
WaitForSingleObjectEx
CreateEventW
LocalFree
LocalAlloc
LoadLibraryExW
lstrcmpiA
GetModuleHandleW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetFullPathNameA
GetFullPathNameW
TlsFree
TlsGetValue
HeapDestroy
TlsSetValue
TlsAlloc
Sleep
FreeLibrary
CloseHandle
ReadFile
GetFileSizeEx
GetLastError
CreateFileW
GetSystemInfo
VirtualAlloc
VirtualFree
WriteFile
HeapFree
GetProcessHeap
HeapAlloc
OutputDebugStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
DisableThreadLibraryCalls
HeapCreate
GetProcAddress
GetEnvironmentVariableA

advapi32

CryptDestroyHash
RegEnumKeyExA
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
RegQueryValueExA
CryptAcquireContextW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegOpenKeyExA

api-ms-win-crt-time-l1-1-0

_time32

rpcrt4

UuidCreate

Exports

Exports

D3DAssemble
D3DCompile
D3DCompile2
D3DCompileFromFile
D3DCompressShaders
D3DCreateBlob
D3DCreateFunctionLinkingGraph
D3DCreateLinker
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DDisassemble11Trace
D3DDisassembleRegion
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DGetTraceInstructionOffsets
D3DLoadModule
D3DPreprocess
D3DReadFileToBlob
D3DReflect
D3DReflectLibrary
D3DReturnFailure1
D3DSetBlobPart
D3DStripShader
D3DWriteBlobToFile
DebugSetMute

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/App/da.pak
mod menu/App/de.pak
mod menu/App/devtools_resources.pak
mod menu/App/el.pak
mod menu/App/en-GB.pak
mod menu/App/en-US.pak
mod menu/App/es.pak
mod menu/App/libEGL.dll
.dll windows x64

Password: 2023

592e6e55d4fe33d1bd84e3b3016fe3b2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/07/2021, 00:00

Not After

10/07/2024, 23:59

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:ac:8e:a3:4f:aa:cf:53:ac:ea:d2:34:9d:5d:41:d6:9d:5a:7a:e4:a7:78:d9:e7:c3:bb:93:7f:04:4f:8b:be
Signer

Actual PE Digest

e9:ac:8e:a3:4f:aa:cf:53:ac:ea:d2:34:9d:5d:41:d6:9d:5a:7a:e4:a7:78:d9:e7:c3:bb:93:7f:04:4f:8b:be

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreateNativeClientBufferANDROID
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurface
eglCreatePlatformWindowSurfaceEXT
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateSyncKHR
eglCreateWindowSurface
eglDebugMessageControlKHR
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglDestroySyncKHR
eglDupNativeFenceFDANDROID
eglExportVkImageANGLE
eglForceGPUSwitchANGLE
eglGetCompositorTimingANDROID
eglGetCompositorTimingSupportedANDROID
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetFrameTimestampSupportedANDROID
eglGetFrameTimestampsANDROID
eglGetMscRateANGLE
eglGetNativeClientBufferANDROID
eglGetNextFrameIdANDROID
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncAttribKHR
eglGetSyncValuesCHROMIUM
eglHandleGPUSwitchANGLE
eglInitialize
eglLabelObjectKHR
eglLockSurfaceKHR
eglMakeCurrent
eglPostSubBufferNV
eglPrepareSwapBuffersANGLE
eglPresentationTimeANDROID
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDebugKHR
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribANGLE
eglQueryDisplayAttribEXT
eglQueryDmaBufFormatsEXT
eglQueryDmaBufModifiersEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQueryStringiANGLE
eglQuerySurface
eglQuerySurface64KHR
eglQuerySurfacePointerANGLE
eglReacquireHighPowerGPUANGLE
eglReleaseDeviceANGLE
eglReleaseHighPowerGPUANGLE
eglReleaseTexImage
eglReleaseThread
eglSetBlobCacheFuncsANDROID
eglSetDamageRegionKHR
eglSignalSyncKHR
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageKHR
eglSwapBuffersWithFrameTokenANGLE
eglSwapInterval
eglTerminate
eglUnlockSurfaceKHR
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync
eglWaitSyncKHR

Sections

.text
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 289B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 56B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/App/preloaded_data.pb
mod menu/App/swiftshader/libEGL.dll
.dll windows x86

Password: 2023

7466b86b241e6faa3c539091b280b3a3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlUnwind
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

GetClientRect
GetDC
IsWindow
ReleaseDC

gdi32

GetDeviceCaps

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurfaceEXT
eglCreateSyncKHR
eglCreateWindowSurface
eglDestroyContext
eglDestroyImageKHR
eglDestroySurface
eglDestroySyncKHR
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttribKHR
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
libEGL_swiftshader

Sections

.text
Size: 248KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 232B

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/App/swiftshader/libGLESv2.dll
.dll windows x86

Password: 2023

b85270df2817667c40fde4ad43f6b7a8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventA
CreateEventW
CreateFileW
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FlushInstructionCache
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
RemoveDirectoryW
ResetEvent
RtlUnwind
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

ChangeDisplaySettingsA
ClientToScreen
GetClientRect
GetDC
GetSystemMetrics
GetWindowLongA
GetWindowRect
ReleaseDC
SetRect
SetWindowLongA
SetWindowPos

gdi32

CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceGammaRamp
SelectObject
SetDeviceGammaRamp
StretchBlt

ws2_32

WSACleanup
WSAStartup
accept
bind
closesocket
getaddrinfo
listen
recv
select
send
socket

Exports

Exports

glActiveTexture
glAttachShader
glBeginQuery
glBeginQueryEXT
glBeginTransformFeedback
glBindAttribLocation
glBindBuffer
glBindBufferBase
glBindBufferRange
glBindFramebuffer
glBindFramebufferOES
glBindRenderbuffer
glBindRenderbufferOES
glBindSampler
glBindTexture
glBindTransformFeedback
glBindVertexArray
glBindVertexArrayOES
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebuffer
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glCheckFramebufferStatusOES
glClear
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearDepthf
glClearStencil
glClientWaitSync
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexImage3D
glCompressedTexSubImage2D
glCompressedTexSubImage3D
glCopyBufferSubData
glCopyTexImage2D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteFramebuffersOES
glDeleteProgram
glDeleteQueries
glDeleteQueriesEXT
glDeleteRenderbuffers
glDeleteRenderbuffersOES
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDeleteVertexArraysOES
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawArraysInstanced
glDrawBuffers
glDrawBuffersEXT
glDrawElements
glDrawElementsInstanced
glDrawRangeElements
glEGLImageTargetRenderbufferStorageOES
glEGLImageTargetTexture2DOES
glEnable
glEnableVertexAttribArray
glEndQuery
glEndQueryEXT
glEndTransformFeedback
glFenceSync
glFinish
glFinishFenceNV
glFlush
glFlushMappedBufferRange
glFramebufferRenderbuffer
glFramebufferRenderbufferOES
glFramebufferTexture2D
glFramebufferTexture2DOES
glFramebufferTextureLayer
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenFramebuffersOES
glGenQueries
glGenQueriesEXT
glGenRenderbuffers
glGenRenderbuffersOES
glGenSamplers
glGenTextures
glGenTransformFeedbacks
glGenVertexArrays
glGenVertexArraysOES
glGenerateMipmap
glGenerateMipmapOES
glGetActiveAttrib
glGetActiveUniform
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformsiv
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferPointerv
glGetError
glGetFenceivNV
glGetFloatv
glGetFragDataLocation
glGetFramebufferAttachmentParameteriv
glGetFramebufferAttachmentParameterivOES
glGetGraphicsResetStatusEXT
glGetInteger64i_v
glGetInteger64v
glGetIntegeri_v
glGetIntegerv
glGetInternalformativ
glGetProgramBinary
glGetProgramInfoLog
glGetProgramiv
glGetQueryObjectuiv
glGetQueryObjectuivEXT
glGetQueryiv
glGetQueryivEXT
glGetRenderbufferParameteriv
glGetRenderbufferParameterivOES
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexParameterfv
glGetTexParameteriv
glGetTransformFeedbackVarying
glGetUniformBlockIndex
glGetUniformIndices
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetUniformuiv
glGetVertexAttribIiv
glGetVertexAttribIuiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glInvalidateFramebuffer
glInvalidateSubFramebuffer
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsFramebufferOES
glIsProgram
glIsQuery
glIsQueryEXT
glIsRenderbuffer
glIsRenderbufferOES
glIsSampler
glIsShader
glIsSync
glIsTexture
glIsTransformFeedback
glIsVertexArray
glIsVertexArrayOES
glLineWidth
glLinkProgram
glMapBufferRange
glPauseTransformFeedback
glPixelStorei
glPolygonOffset
glProgramBinary
glProgramParameteri
glReadBuffer
glReadPixels
glReadnPixelsEXT
glReleaseShaderCompiler
glRenderbufferStorage
glRenderbufferStorageMultisample
glRenderbufferStorageMultisampleANGLE
glRenderbufferStorageOES
glResumeTransformFeedback
glSampleCoverage
glSamplerParameterf
glSamplerParameterfv
glSamplerParameteri
glSamplerParameteriv
glScissor
glSetFenceNV
glShaderBinary
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTestFenceNV
glTexImage2D
glTexImage3D
glTexImage3DOES
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexStorage2D
glTexStorage3D
glTexSubImage2D
glTexSubImage3D
glTransformFeedbackVaryings
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform1ui
glUniform1uiv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform2ui
glUniform2uiv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform3ui
glUniform3uiv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniform4ui
glUniform4uiv
glUniformBlockBinding
glUniformMatrix2fv
glUniformMatrix2x3fv
glUniformMatrix2x4fv
glUniformMatrix3fv
glUniformMatrix3x2fv
glUniformMatrix3x4fv
glUniformMatrix4fv
glUniformMatrix4x2fv
glUniformMatrix4x3fv
glUnmapBuffer
glUseProgram
glValidateProgram
glVertexAttrib1f
glVertexAttrib1fv
glVertexAttrib2f
glVertexAttrib2fv
glVertexAttrib3f
glVertexAttrib3fv
glVertexAttrib4f
glVertexAttrib4fv
glVertexAttribDivisor
glVertexAttribI4i
glVertexAttribI4iv
glVertexAttribI4ui
glVertexAttribI4uiv
glVertexAttribIPointer
glVertexAttribPointer
glViewport
glWaitSync
libGLESv2_swiftshader

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 247KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 333B

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/Data/audio/qtaudio_windows.dll
.dll windows x64

Password: 2023

1c5ff8da39b1af9d7b7a3c16edd04032

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07/07/2009, 17:25

Not After

07/12/2030, 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10/06/2015, 13:42

Not After

10/11/2030, 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01/12/2020, 12:42

Not After

01/12/2021, 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22/07/2020, 15:33

Not After

29/12/2030, 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:60:61:ca:41:00:d5:9b:28:03:5b:06:fa:be:32:70:16:c1:5e:1f:eb:60:2b:3d:5c:22:63:07:ff:4e:c5:89
Signer

Actual PE Digest

02:60:61:ca:41:00:d5:9b:28:03:5b:06:fa:be:32:70:16:c1:5e:1f:eb:60:2b:3d:5c:22:63:07:ff:4e:c5:89

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ole32

CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

VariantInit
VariantClear

winmm

mixerGetControlDetailsW
mixerGetLineControlsW
mixerGetID
mixerGetLineInfoW
waveInReset
waveInStart
waveOutClose
waveInUnprepareHeader
waveInPrepareHeader
waveInClose
waveInOpen
waveInGetDevCapsW
waveInGetNumDevs
waveOutOpen
waveOutGetDevCapsW
waveOutGetNumDevs
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutPause
waveOutReset
mixerSetControlDetails
waveInAddBuffer
waveOutRestart

qt5multimedia

??0QAudioSystemPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QAbstractAudioDeviceInfo@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QAbstractAudioDeviceInfo@@UEAAPEAXPEBD@Z
?staticMetaObject@QAbstractAudioDeviceInfo@@2UQMetaObject@@B
?qt_metacall@QAudioSystemPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QAudioSystemPlugin@@UEAAPEAXPEBD@Z
?staticMetaObject@QAudioSystemPlugin@@2UQMetaObject@@B
?sampleType@QAudioFormat@@QEBA?AW4SampleType@1@XZ
?codec@QAudioFormat@@QEBA?AVQString@@XZ
?isValid@QAudioFormat@@QEBA_NXZ
?setCategory@QAbstractAudioOutput@@UEAAXAEBVQString@@@Z
?category@QAbstractAudioOutput@@UEBA?AVQString@@XZ
?qMultiplySamples@QAudioHelperInternal@@YAXNAEBVQAudioFormat@@PEBXPEAXH@Z
??0QAbstractAudioOutput@@QEAA@XZ
?notify@QAbstractAudioOutput@@QEAAXXZ
?stateChanged@QAbstractAudioOutput@@QEAAXW4State@QAudio@@@Z
?qt_metacall@QAbstractAudioOutput@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QAbstractAudioOutput@@UEAAPEAXPEBD@Z
?byteOrder@QAudioFormat@@QEBA?AW4Endian@1@XZ
?staticMetaObject@QAbstractAudioOutput@@2UQMetaObject@@B
??0QAbstractAudioInput@@QEAA@XZ
?notify@QAbstractAudioInput@@QEAAXXZ
?stateChanged@QAbstractAudioInput@@QEAAXW4State@QAudio@@@Z
?qt_metacall@QAbstractAudioInput@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QAbstractAudioInput@@UEAAPEAXPEBD@Z
?sampleSize@QAudioFormat@@QEBAHXZ
?channelCount@QAudioFormat@@QEBAHXZ
?sampleRate@QAudioFormat@@QEBAHXZ
?staticMetaObject@QAbstractAudioInput@@2UQMetaObject@@B
??0QAbstractAudioDeviceInfo@@QEAA@XZ
?setSampleType@QAudioFormat@@QEAAXW4SampleType@1@@Z
?setByteOrder@QAudioFormat@@QEAAXW4Endian@1@@Z
?setCodec@QAudioFormat@@QEAAXAEBVQString@@@Z
?setSampleSize@QAudioFormat@@QEAAXH@Z
?setChannelCount@QAudioFormat@@QEAAXH@Z
?setSampleRate@QAudioFormat@@QEAAXH@Z
??4QAudioFormat@@QEAAAEAV0@AEBV0@@Z
??1QAudioFormat@@QEAA@XZ
??0QAudioFormat@@QEAA@AEBV0@@Z
??0QAudioFormat@@QEAA@XZ
??1QAudioSystemPlugin@@UEAA@XZ
??0QAudioSystemPluginExtension@@QEAA@XZ
??1QAudioSystemPluginExtension@@UEAA@XZ

qt5core

?staticMetaObject@QIODevice@@2UQMetaObject@@B
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
??8@YA_NAEBVQString@@0@Z
?read@QIODevice@@QEAA_JPEAD_J@Z
?data@QByteArray@@QEAAPEADXZ
?resize@QByteArray@@QEAAXH@Z
?qEnvironmentVariableIntValue@@YAHPEBDPEA_N@Z
?waitForReadyRead@QIODevice@@UEAA_NH@Z
?waitForBytesWritten@QIODevice@@UEAA_NH@Z
?size@QIODevice@@UEBA_JXZ
?seek@QIODevice@@UEAA_N_J@Z
?reset@QIODevice@@UEAA_NXZ
?readLineData@QIODevice@@MEAA_JPEAD_J@Z
?pos@QIODevice@@UEBA_JXZ
?open@QIODevice@@UEAA_NV?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?isSequential@QIODevice@@UEBA_NXZ
?close@QIODevice@@UEAAXXZ
?canReadLine@QIODevice@@UEBA_NXZ
?bytesToWrite@QIODevice@@UEBA_JXZ
?bytesAvailable@QIODevice@@UEBA_JXZ
?atEnd@QIODevice@@UEBA_NXZ
?singleShot@QTimer@@SAXHPEBVQObject@@PEBD@Z
?unlock@QMutexLocker@@QEAAXXZ
?unlock@QMutex@@QEAAXXZ
?lock@QMutex@@QEAAXXZ
??1QMutex@@QEAA@XZ
??0QMutex@@QEAA@XZ
?elapsed@QElapsedTimer@@QEBA_JXZ
?restart@QElapsedTimer@@QEAA_JXZ
?readyRead@QIODevice@@QEAAXXZ
?write@QIODevice@@QEAA_JPEBD_J@Z
??1QIODevice@@UEAA@XZ
??0QIODevice@@QEAA@XZ
?qt_metacall@QIODevice@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QIODevice@@UEAAPEAXPEBD@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
??4QByteArray@@QEAAAEAV0@AEBV0@@Z
?invokeMethod@QMetaObject@@SA_NPEAVQObject@@PEBDW4ConnectionType@Qt@@VQGenericReturnArgument@@VQGenericArgument@@444444444@Z
?activate@QMetaObject@@SAXPEAVQObject@@PEBU1@HPEAPEAX@Z
?cast@QMetaObject@@QEBAPEAVQObject@@PEAV2@@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
??0QByteArray@@QEAA@AEBV0@@Z
??1QByteArray@@QEAA@XZ
?dispose@QListData@@SAXPEAUData@1@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QByteArray@@QEAA@XZ
??0QString@@QEAA@XZ
??0QString@@QEAA@VQLatin1String@@@Z
??0QString@@QEAA@AEBV0@@Z
??1QString@@QEAA@XZ
?fromWCharArray@QString@@SA?AV1@PEB_WH@Z
??6@YAAEAVQDataStream@@AEAV0@AEBVQString@@@Z
??5@YAAEAVQDataStream@@AEAV0@AEAVQString@@@Z
?detach@QListData@@QEAAPEAUData@1@H@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?append@QListData@@QEAAPEAPEAXXZ
??1QObject@@UEAA@XZ
??0QDataStream@@QEAA@PEAVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??1QDataStream@@QEAA@XZ
??5QDataStream@@QEAAAEAV0@AEAH@Z
??6QDataStream@@QEAAAEAV0@H@Z
?shared_null@QListData@@2UData@1@B
??0QMessageLogger@@QEAA@PEBDH0@Z

kernel32

RtlVirtualUnwind
HeapFree
InitializeSListHead
DisableThreadLibraryCalls
GetProcessHeap
Sleep
CloseHandle
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection

vcruntime140

_CxxThrowException
__std_exception_copy
__C_specific_handler
__std_type_info_destroy_list
memcpy
memset
__std_exception_destroy

api-ms-win-crt-string-l1-1-0

strcmp

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_cexit
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 98B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/Data/en-US.pak
mod menu/Data/eventlog_provider.dll
.dll windows x64

Password: 2023

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

02/07/2021, 00:00

Not After

10/07/2024, 23:59

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

43:c2:aa:30:37:d5:86:2e:78:1f:df:54:36:38:e5:f8:c8:34:7d:85:f3:93:68:1d:5c:6a:32:8a:04:4a:48:3b
Signer

Actual PE Digest

43:c2:aa:30:37:d5:86:2e:78:1f:df:54:36:38:e5:f8:c8:34:7d:85:f3:93:68:1d:5c:6a:32:8a:04:4a:48:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Exports

Exports

?fn@@YA_NXZ

Sections

.text
Size: 512B - Virtual size: 86B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 92B

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/Data/imageformats/qjpeg.dll
.dll windows x64

Password: 2023

db6513dcea63cac15e8570974f85c721

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07/07/2009, 17:25

Not After

07/12/2030, 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10/06/2015, 13:42

Not After

10/11/2030, 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01/12/2020, 12:42

Not After

01/12/2021, 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22/07/2020, 15:33

Not After

29/12/2030, 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ea:7f:91:3d:b8:8a:0e:92:3a:a4:2a:dc:da:6e:75:45:f0:e8:c0:b3:f2:16:23:e2:e4:05:68:4d:38:5b:f5:b5
Signer

Actual PE Digest

ea:7f:91:3d:b8:8a:0e:92:3a:a4:2a:dc:da:6e:75:45:f0:e8:c0:b3:f2:16:23:e2:e4:05:68:4d:38:5b:f5:b5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5gui

??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?nextImageDelay@QImageIOHandler@@UEBAHXZ
?name@QImageIOHandler@@UEBA?AVQByteArray@@XZ
?loopCount@QImageIOHandler@@UEBAHXZ
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
?imageCount@QImageIOHandler@@UEBAHXZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
??1QImageIOPlugin@@UEAA@XZ
?qt_imageTransform@@YAXAEAVQImage@@V?$QFlags@W4Transformation@QImageIOHandler@@@@@Z
?qt_convert_rgb888_to_rgb32_ssse3@@YAXPEAIPEBEH@Z
?qt_convert_rgb888_to_rgb32@@YAXPEAIPEBEH@Z
?qt_getImageText@@YA?AV?$QMap@VQString@@V1@@@AEBVQImage@@AEBVQString@@@Z
?iccProfile@QColorSpace@@QEBA?AVQByteArray@@XZ
?fromIccProfile@QColorSpace@@SA?AV1@AEBVQByteArray@@@Z
??1QColorSpace@@QEAA@XZ
?convertToFormat_inplace@QImage@@IEAA_NW4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?convertToFormat_helper@QImage@@IEBA?AV1@W4Format@1@V?$QFlags@W4ImageConversionFlag@Qt@@@@@Z
?setText@QImage@@QEAAXAEBVQString@@0@Z
?setDotsPerMeterY@QImage@@QEAAXH@Z
?currentImageNumber@QImageIOHandler@@UEBAHXZ
?setDotsPerMeterX@QImage@@QEAAXH@Z
?dotsPerMeterY@QImage@@QEBAHXZ
?dotsPerMeterX@QImage@@QEBAHXZ
?setColorSpace@QImage@@QEAAXAEBVQColorSpace@@@Z
?colorSpace@QImage@@QEBA?AVQColorSpace@@XZ
?scaled@QImage@@QEBA?AV1@AEBVQSize@@W4AspectRatioMode@Qt@@W4TransformationMode@4@@Z
?colorTable@QImage@@QEBA?AV?$QVector@I@@XZ
?constScanLine@QImage@@QEBAPEBEH@Z
?scanLine@QImage@@QEAAPEAEH@Z
?colorCount@QImage@@QEBAHXZ
?size@QImage@@QEBA?AVQSize@@XZ
?height@QImage@@QEBAHXZ
?width@QImage@@QEBAHXZ
?format@QImage@@QEBA?AW4Format@1@XZ
?copy@QImage@@QEBA?AV1@AEBVQRect@@@Z
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??1QImage@@UEAA@XZ
??0QImage@@QEAA@$$QEAV0@@Z
??0QImage@@QEAA@AEBV0@@Z
??0QImage@@QEAA@AEBVQSize@@W4Format@0@@Z
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z

qt5core

?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?qt_cpu_features@@3PAV?$QBasicAtomicInteger@_K@@A
?staticMetaObject@QBuffer@@2UQMetaObject@@B
?shared_null@QListData@@2UData@1@B
?qDetectCpuFeatures@@YA_KXZ
?data@QBuffer@@QEBAAEBVQByteArray@@XZ
?readRawData@QDataStream@@QEAAHPEADH@Z
??5QDataStream@@QEAAAEAV0@AEAH@Z
??5QDataStream@@QEAAAEAV0@AEAF@Z
?setByteOrder@QDataStream@@QEAAXW4ByteOrder@1@@Z
?status@QDataStream@@QEBA?AW4Status@1@XZ
??1QDataStream@@QEAA@XZ
??0QDataStream@@QEAA@PEAVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??IQRect@@QEBA?AV0@AEBV0@@Z
?size@QRect@@QEBA?AVQSize@@XZ
?translate@QRect@@QEAAXAEBVQPoint@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?isOpen@QIODevice@@QEBA_NXZ
?isReadable@QIODevice@@QEBA_NXZ
?isWritable@QIODevice@@QEBA_NXZ
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?cast@QMetaObject@@QEBAPEAVQObject@@PEAV2@@Z
??0QChar@@QEAA@UQLatin1Char@@@Z
?deallocate@QArrayData@@SAXPEAU1@_K1@Z
??0QByteArray@@QEAA@XZ
??0QByteArray@@QEAA@PEBDH@Z
??0QByteArray@@QEAA@HD@Z
??0QByteArray@@QEAA@AEBV0@@Z
??1QByteArray@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
?mid@QByteArray@@QEBA?AV1@HH@Z
?truncate@QByteArray@@QEAAXH@Z
?append@QByteArray@@QEAAAEAV1@PEBD@Z
?append@QByteArray@@QEAAAEAV1@PEBDH@Z
?append@QByteArray@@QEAAAEAV1@AEBV1@@Z
??0QString@@QEAA@XZ
??0QString@@QEAA@VQLatin1String@@@Z
??0QString@@QEAA@AEBV0@@Z
??1QString@@QEAA@XZ
??4QString@@QEAAAEAV0@AEBV0@@Z
??4QString@@QEAAAEAV0@VQLatin1String@@@Z
??4QString@@QEAAAEAV0@$$QEAV0@@Z
?indexOf@QString@@QEBAHVQChar@@HW4CaseSensitivity@Qt@@@Z
?indexOf@QString@@QEBAHVQLatin1String@@HW4CaseSensitivity@Qt@@@Z
?left@QString@@QEBA?AV1@H@Z
?mid@QString@@QEBA?AV1@HH@Z
?simplified@QString@@QEGBA?AV1@XZ
?append@QString@@QEAAAEAV1@AEBV1@@Z
?append@QString@@QEAAAEAV1@VQLatin1String@@@Z
?toUtf8@QString@@QEGBA?AVQByteArray@@XZ
?fromUtf8@QString@@SA?AV1@PEBDH@Z
?detach_grow@QListData@@QEAAPEAUData@1@PEAHH@Z
?dispose@QListData@@SAXPEAUData@1@@Z
?append@QListData@@QEAAPEAPEAXXZ
?read@QIODevice@@QEAA_JPEAD_J@Z
?write@QIODevice@@QEAA_JPEBD_J@Z
?peek@QIODevice@@QEAA_JPEAD_J@Z
?nextNode@QMapNodeBase@@QEBAPEBU1@XZ
?freeTree@QMapDataBase@@QEAAXPEAUQMapNodeBase@@H@Z
?freeData@QMapDataBase@@SAXPEAU1@@Z
??0QVariant@@QEAA@XZ
??1QVariant@@QEAA@XZ
??0QVariant@@QEAA@AEBV0@@Z
??0QVariant@@QEAA@H@Z
??0QVariant@@QEAA@_N@Z
?toSize@QVariant@@QEBA?AVQSize@@XZ
??0QVariant@@QEAA@AEBVQSize@@@Z
??0QVariant@@QEAA@AEBVQRect@@@Z
??4QVariant@@QEAAAEAV0@$$QEAV0@@Z
?toInt@QVariant@@QEBAHPEA_N@Z
?toBool@QVariant@@QEBA_NXZ
?toString@QVariant@@QEBA?AVQString@@XZ
?toRect@QVariant@@QEBA?AVQRect@@XZ
??0QVariant@@QEAA@AEBVQString@@@Z

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle

vcruntime140

longjmp
memcpy
memset
__intrinsic_setjmp
__C_specific_handler
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list

api-ms-win-crt-math-l1-1-0

ceil

api-ms-win-crt-string-l1-1-0

strcmp

api-ms-win-crt-runtime-l1-1-0

exit
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vsprintf
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 216KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 133B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 428B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/Data/imageformats/qsvg.dll
.dll windows x64

5a6c9837d251f3aa373af33dc890a6ea

Code Sign

4a:53:8c:28
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

07/07/2009, 17:25

Not After

07/12/2030, 17:55

Subject

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

Issuer

CN=Entrust Root Certification Authority - G2,OU=See www.entrust.net/legal-terms+OU=(c) 2009 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

10/06/2015, 13:42

Not After

10/11/2030, 14:12

Subject

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

Issuer

CN=Entrust Extended Validation Code Signing CA - EVCS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

01/12/2020, 12:42

Not After

01/12/2021, 12:42

Subject

SERIALNUMBER=2637805-2,CN=The Qt Company Oy,O=The Qt Company Oy,L=Espoo,C=FI,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024649

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

38:63:de:f8
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

24/12/1999, 17:50

Not After

24/07/2029, 14:15

Subject

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

Issuer

CN=Entrust.net Certification Authority (2048),OU=www.entrust.net/CPS_2048 incorp. by ref. (limits liab.)+OU=(c) 1999 Entrust.net Limited,O=Entrust.net

Not Before

22/07/2015, 19:02

Not After

22/06/2029, 19:32

Subject

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate

Issuer

CN=Entrust Timestamping CA - TS1,OU=See www.entrust.net/legal-terms+OU=(c) 2015 Entrust\, Inc. - for authorized use only,O=Entrust\, Inc.,C=US

Not Before

22/07/2020, 15:33

Not After

29/12/2030, 16:29

Subject

CN=Entrust Timestamp Authority - TSA1,O=Entrust\, Inc.,L=Ottawa,ST=Ontario,C=CA

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

de:a8:3d:1b:8a:a6:bd:fb:01:ba:14:72:89:e0:10:bf:09:a8:b1:35:34:c4:f9:20:39:03:e0:cb:27:15:65:d6
Signer

Actual PE Digest

de:a8:3d:1b:8a:a6:bd:fb:01:ba:14:72:89:e0:10:bf:09:a8:b1:35:34:c4:f9:20:39:03:e0:cb:27:15:65:d6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

qt5svg

?load@QSvgRenderer@@QEAA_NPEAVQXmlStreamReader@@@Z
?load@QSvgRenderer@@QEAA_NAEBVQByteArray@@@Z
?defaultSize@QSvgRenderer@@QEBA?AVQSize@@XZ
??1QSvgRenderer@@UEAA@XZ
?render@QSvgRenderer@@QEAAXPEAVQPainter@@AEBVQRectF@@@Z
??0QSvgRenderer@@QEAA@PEAVQObject@@@Z

qt5gui

?nextImageDelay@QImageIOHandler@@UEBAHXZ
?staticMetaObject@QImageIOPlugin@@2UQMetaObject@@B
?name@QImageIOHandler@@UEBA?AVQByteArray@@XZ
?loopCount@QImageIOHandler@@UEBAHXZ
?jumpToNextImage@QImageIOHandler@@UEAA_NXZ
?jumpToImage@QImageIOHandler@@UEAA_NH@Z
?imageCount@QImageIOHandler@@UEBAHXZ
?currentImageRect@QImageIOHandler@@UEBA?AVQRect@@XZ
?write@QImageIOHandler@@UEAA_NAEBVQImage@@@Z
?end@QPainter@@QEAA_NXZ
??1QPainter@@QEAA@XZ
??0QPainter@@QEAA@PEAVQPaintDevice@@@Z
?fill@QImage@@QEAAXI@Z
?size@QImage@@QEBA?AVQSize@@XZ
?reinterpretAsFormat@QImage@@QEAA_NW4Format@1@@Z
?isNull@QImage@@QEBA_NXZ
??4QImage@@QEAAAEAV0@$$QEAV0@@Z
??1QImage@@UEAA@XZ
?currentImageNumber@QImageIOHandler@@UEBAHXZ
??0QImage@@QEAA@AEBVQSize@@W4Format@0@@Z
?mapRect@QTransform@@QEBA?AVQRectF@@AEBV2@@Z
?scale@QTransform@@QEAAAEAV1@NN@Z
?translate@QTransform@@QEAAAEAV1@NN@Z
??0QTransform@@QEAA@XZ
??BQColor@@QEBA?AVQVariant@@XZ
?rgba@QColor@@QEBAIXZ
??0QColor@@QEAA@W4GlobalColor@Qt@@@Z
??0QColor@@QEAA@XZ
?format@QImageIOHandler@@QEBA?AVQByteArray@@XZ
?setFormat@QImageIOHandler@@QEBAXAEBVQByteArray@@@Z
?device@QImageIOHandler@@QEBAPEAVQIODevice@@XZ
??1QImageIOHandler@@UEAA@XZ
??0QImageIOHandler@@QEAA@XZ
??1QImageIOPlugin@@UEAA@XZ
??0QImageIOPlugin@@QEAA@PEAVQObject@@@Z
?qt_metacall@QImageIOPlugin@@UEAAHW4Call@QMetaObject@@HPEAPEAX@Z
?qt_metacast@QImageIOPlugin@@UEAAPEAXPEBD@Z
?setFormat@QImageIOHandler@@QEAAXAEBVQByteArray@@@Z
?setDevice@QImageIOHandler@@QEAAXPEAVQIODevice@@@Z

qt5core

?staticMetaObject@QBuffer@@2UQMetaObject@@B
?data@QBuffer@@QEBAAEBVQByteArray@@XZ
?setDevice@QXmlStreamReader@@QEAAXPEAVQIODevice@@@Z
??1QXmlStreamReader@@QEAA@XZ
??0QXmlStreamReader@@QEAA@XZ
?read@QTextStream@@QEAA?AVQString@@_J@Z
??1QTextStream@@UEAA@XZ
??0QTextStream@@QEAA@AEBVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
?convert@QVariant@@QEBA_NHPEAX@Z
?constData@QVariant@@QEBAPEBXXZ
?toSize@QVariant@@QEBA?AVQSize@@XZ
?toRect@QVariant@@QEBA?AVQRect@@XZ
?userType@QVariant@@QEBAHXZ
??0QVariant@@QEAA@AEBVQRect@@@Z
??0QVariant@@QEAA@AEBVQSize@@@Z
??0QVariant@@QEAA@H@Z
?peek@QIODevice@@QEAA_JPEAD_J@Z
?readAll@QIODevice@@QEAA?AVQByteArray@@XZ
?toLatin1@QString@@QEHAA?AVQByteArray@@XZ
?qstrcmp@@YAHAEBVQByteArray@@PEBD@Z
?dynamicMetaObject@QObjectData@@QEBAPEAUQMetaObject@@XZ
?isReadable@QIODevice@@QEBA_NXZ
?getAndRef@ExternalRefCountData@QtSharedPointer@@SAPEAU12@PEBVQObject@@@Z
?childEvent@QObject@@MEAAXPEAVQChildEvent@@@Z
?connectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?customEvent@QObject@@MEAAXPEAVQEvent@@@Z
?disconnectNotify@QObject@@MEAAXAEBVQMetaMethod@@@Z
?event@QObject@@UEAA_NPEAVQEvent@@@Z
?eventFilter@QObject@@UEAA_NPEAV1@PEAVQEvent@@@Z
?timerEvent@QObject@@MEAAXPEAVQTimerEvent@@@Z
??0QMessageLogger@@QEAA@PEBDH0@Z
?warning@QMessageLogger@@QEBAXPEBDZZ
?cast@QMetaObject@@QEBAPEAVQObject@@PEAV2@@Z
??0QByteArray@@QEAA@PEBDH@Z
??1QByteArray@@QEAA@XZ
?constData@QByteArray@@QEBAPEBDXZ
?startsWith@QByteArray@@QEBA_NPEBD@Z
?fromRawData@QByteArray@@SA?AV1@PEBDH@Z
??1QString@@QEAA@XZ
?trimmed@QString@@QEHAA?AV1@XZ
??0QVariant@@QEAA@XZ

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
EnterCriticalSection
TerminateProcess
GetCurrentProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
CloseHandle

vcruntime140

__C_specific_handler
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memset
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_cexit
_initterm
_initterm_e
_seh_filter_dll

Exports

Exports

qt_plugin_instance
qt_plugin_query_metadata

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qtmetad
Size: 512B - Virtual size: 150B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mod menu/Data/translations/qtwebengine_locales/am.pak
mod menu/Data/translations/qtwebengine_locales/ar.pak
mod menu/Data/translations/qtwebengine_locales/bg.pak
mod menu/Data/translations/qtwebengine_locales/bn.pak
mod menu/Data/translations/qtwebengine_locales/ca.pak
mod menu/Data/translations/qtwebengine_locales/cs.pak
mod menu/Data/translations/qtwebengine_locales/da.pak
mod menu/Data/translations/qtwebengine_locales/de.pak
mod menu/Data/translations/qtwebengine_locales/el.pak
mod menu/Data/translations/qtwebengine_locales/en-GB.pak
mod menu/Data/translations/qtwebengine_locales/en-US.pak
mod menu/Data/translations/qtwebengine_locales/es-419.pak
mod menu/Data/translations/qtwebengine_locales/es.pak
mod menu/Data/translations/qtwebengine_locales/et.pak
mod menu/Data/translations/qtwebengine_locales/fa.pak
mod menu/Data/translations/qtwebengine_locales/fi.pak
mod menu/Data/translations/qtwebengine_locales/fil.pak
mod menu/Data/translations/qtwebengine_locales/fr.pak
mod menu/Data/translations/qtwebengine_locales/gu.pak
mod menu/Data/translations/qtwebengine_locales/he.pak
mod menu/Data/translations/qtwebengine_locales/hi.pak
mod menu/Data/translations/qtwebengine_locales/hr.pak
mod menu/Data/translations/qtwebengine_locales/hu.pak
mod menu/Data/translations/qtwebengine_locales/id.pak
mod menu/Data/translations/qtwebengine_locales/it.pak
mod menu/Data/translations/qtwebengine_locales/ja.pak
mod menu/Data/translations/qtwebengine_locales/kn.pak
mod menu/Data/translations/qtwebengine_locales/ko.pak
mod menu/Data/translations/qtwebengine_locales/lt.pak
mod menu/Data/translations/qtwebengine_locales/lv.pak
mod menu/Data/translations/qtwebengine_locales/ml.pak
mod menu/Data/translations/qtwebengine_locales/mr.pak
mod menu/Data/translations/qtwebengine_locales/ms.pak
mod menu/Data/translations/qtwebengine_locales/nb.pak
mod menu/Data/translations/qtwebengine_locales/nl.pak
mod menu/Data/translations/qtwebengine_locales/pl.pak
mod menu/Data/translations/qtwebengine_locales/pt-BR.pak
mod menu/Data/translations/qtwebengine_locales/pt-PT.pak
mod menu/Data/translations/qtwebengine_locales/ro.pak
mod menu/Data/translations/qtwebengine_locales/ru.pak
mod menu/Data/translations/qtwebengine_locales/sk.pak
mod menu/Data/translations/qtwebengine_locales/sl.pak
mod menu/Data/translations/qtwebengine_locales/sr.pak
mod menu/Data/translations/qtwebengine_locales/sv.pak
mod menu/Data/translations/qtwebengine_locales/sw.pak
mod menu/Data/translations/qtwebengine_locales/ta.pak
mod menu/Data/translations/qtwebengine_locales/te.pak
mod menu/Data/translations/qtwebengine_locales/th.pak
mod menu/Data/translations/qtwebengine_locales/tr.pak
mod menu/Data/translations/qtwebengine_locales/uk.pak
mod menu/Data/translations/qtwebengine_locales/vi.pak
mod menu/Data/translations/qtwebengine_locales/zh-CN.pak
mod menu/Data/translations/qtwebengine_locales/zh-TW.pak
mod menu/Data/widevinecdm.dll.sig
mod menu/inject.exe
.exe windows x86

cae5900a92ba6c4de6ecf85e5f8c7e5c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
FreeConsole
MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
CreateFileW
RaiseException
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
GetFileType
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
CloseHandle
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetProcessHeap
HeapSize
WriteConsoleW

Sections

.text
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.Gater
Size: 688KB - Virtual size: 687KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2023

Password: 2023

4d0ed3f3db74367b9a740697ddaddf89

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 607KB - Virtual size: 607KB

.rdata Size: 108KB - Virtual size: 108KB

.data Size: 107KB - Virtual size: 121KB

.00cfg Size: 512B - Virtual size: 4B

.crthunk Size: 512B - Virtual size: 64B

.tls Size: 512B - Virtual size: 145B

.voltbl Size: 512B - Virtual size: 246B

CPADinfo Size: 512B - Virtual size: 40B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 23KB - Virtual size: 23KB

Password: 2023

131726669bc1e34b495edb4198d0aca3

Code Sign

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26Certificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

9d:6e:b3:7f:16:6d:b5:27:89:b4:d6:e4:65:fa:7d:25:22:3c:ad:f0:45:d0:d5:cf:cc:73:e8:b8:19:f8:46:46Signer

Headers

DLL Characteristics

File Characteristics

Imports

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-private-l1-1-0

kernel32

advapi32

api-ms-win-crt-time-l1-1-0

rpcrt4

Exports

Exports

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.data Size: 25KB - Virtual size: 57KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 119KB - Virtual size: 118KB

Password: 2023

592e6e55d4fe33d1bd84e3b3016fe3b2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

e9:ac:8e:a3:4f:aa:cf:53:ac:ea:d2:34:9d:5d:41:d6:9d:5a:7a:e4:a7:78:d9:e7:c3:bb:93:7f:04:4f:8b:beSigner

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 318KB - Virtual size: 317KB

.rdata Size: 94KB - Virtual size: 94KB

.text
Size: 607KB - Virtual size: 607KB

.rdata
Size: 108KB - Virtual size: 108KB

.data
Size: 107KB - Virtual size: 121KB

.00cfg
Size: 512B - Virtual size: 4B

.crthunk
Size: 512B - Virtual size: 64B

.tls
Size: 512B - Virtual size: 145B

.voltbl
Size: 512B - Virtual size: 246B

CPADinfo
Size: 512B - Virtual size: 40B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 23KB - Virtual size: 23KB

33:00:00:03:26:ae:ce:ed:f9:bc:e4:7b:92:00:00:00:00:03:26
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

9d:6e:b3:7f:16:6d:b5:27:89:b4:d6:e4:65:fa:7d:25:22:3c:ad:f0:45:d0:d5:cf:cc:73:e8:b8:19:f8:46:46
Signer

.text
Size: 3.4MB - Virtual size: 3.4MB

.data
Size: 25KB - Virtual size: 57KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 119KB - Virtual size: 118KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0e:44:18:e2:de:de:36:dd:29:74:c3:44:3a:fb:5c:e5
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

e9:ac:8e:a3:4f:aa:cf:53:ac:ea:d2:34:9d:5d:41:d6:9d:5a:7a:e4:a7:78:d9:e7:c3:bb:93:7f:04:4f:8b:be
Signer

.text
Size: 318KB - Virtual size: 317KB

.rdata
Size: 94KB - Virtual size: 94KB

.data
Size: 8KB - Virtual size: 19KB

.pdata
Size: 16KB - Virtual size: 15KB

.00cfg
Size: 512B - Virtual size: 40B

.gxfg
Size: 9KB - Virtual size: 8KB

.retplne
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 289B

.voltbl
Size: 512B - Virtual size: 56B

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

.text
Size: 248KB - Virtual size: 248KB

.rdata
Size: 59KB - Virtual size: 58KB

.data
Size: 7KB - Virtual size: 13KB

.00cfg
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 9B

.voltbl
Size: 512B - Virtual size: 232B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 12KB - Virtual size: 12KB

.text
Size: 2.0MB - Virtual size: 2.0MB

.rdata
Size: 247KB - Virtual size: 246KB

.data
Size: 7KB - Virtual size: 310KB

.00cfg
Size: 512B - Virtual size: 4B

.tls
Size: 512B - Virtual size: 25B

.voltbl
Size: 512B - Virtual size: 333B

.rsrc
Size: 1024B - Virtual size: 944B

.reloc
Size: 65KB - Virtual size: 65KB

4a:53:8c:28
Certificate

87:82:52:60:00:00:00:00:51:d3:73:d9
Certificate

0b:93:16:ea:1b:22:3a:6d:52:c7:4b:f3:16:13:16:34
Certificate

38:63:de:f8
Certificate

58:da:13:ff:00:00:00:00:51:ce:0d:f7
Certificate

8d:ce:15:f3:a7:94:c5:87:00:00:00:00:55:92:33:f4
Certificate