Extracted

• ab879f147981ac15cff29f9c8f803babd24fcbe0af35ff41506cac63568af683

  .dll windows x64

  ab2255744670de1f29bbc0c2a953fc9f

  
  

  Headers

  DLL Characteristics

  IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

  IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

  IMAGE_DLLCHARACTERISTICS_NX_COMPAT

  File Characteristics

  IMAGE_FILE_EXECUTABLE_IMAGE

  IMAGE_FILE_LARGE_ADDRESS_AWARE

  IMAGE_FILE_DLL

  Imports

  kernel32

  VirtualAlloc

  CreateThread

  VirtualFree

  WaitForSingleObject

  CloseHandle

  IsDebuggerPresent

  InitializeSListHead

  DisableThreadLibraryCalls

  GetSystemTimeAsFileTime

  GetCurrentThreadId

  GetCurrentProcessId

  QueryPerformanceCounter

  IsProcessorFeaturePresent

  TerminateProcess

  GetCurrentProcess

  SetUnhandledExceptionFilter

  UnhandledExceptionFilter

  RtlVirtualUnwind

  RtlLookupFunctionEntry

  RtlCaptureContext

  vcruntime140

  __std_type_info_destroy_list

  memset

  __C_specific_handler

  api-ms-win-crt-stdio-l1-1-0

  __stdio_common_vfprintf

  __acrt_iob_func

  api-ms-win-crt-runtime-l1-1-0

  _initialize_onexit_table

  _configure_narrow_argv

  _seh_filter_dll

  _initterm_e

  _initterm

  _cexit

  _initialize_narrow_environment

  _execute_onexit_table

  Exports

  Exports

  MpAddDynamicSignatureFile

  MpAllocMemory

  MpCleanOpen

  MpCleanStart

  MpClientUtilExportFunctions

  MpConfigClose

  MpConfigDelValue

  MpConfigGetValue

  MpConfigGetValueAlloc

  MpConfigInitialize

  MpConfigIteratorClose

  MpConfigIteratorEnum

  MpConfigIteratorOpen

  MpConfigOpen

  MpConfigSetValue

  MpConfigUninitialize

  MpConveySampleSubmissionResult

  MpDynamicSignatureEnumerate

  MpDynamicSignatureOpen

  MpFreeMemory

  MpGetDeviceControlSecurityPolicies

  MpGetSampleChunk

  MpGetTDTFeatureStatus

  MpGetTDTFeatureStatusEx

  MpGetTPStateInfo

  MpGetTSModeInfo

  MpGetTaskSchedulerStrings

  MpHandleClose

  MpManagerEnable

  MpManagerOpen

  MpManagerStatusQuery

  MpManagerStatusQueryEx

  MpManagerVersionQuery

  MpNetworkCapture

  MpQuarantineRequest

  MpQueryEngineConfigDword

  MpRemoveDynamicSignatureFile

  MpRollbackPlatform

  MpSampleQuery

  MpSampleSubmit

  MpScanControl

  MpScanResult

  MpScanStartEx

  MpSetTPState

  MpThreatEnumerate

  MpThreatOpen

  MpUnblockEngine

  MpUnblockPlatform

  MpUnblockSignatures

  MpUpdatePlatform

  MpUpdateStart

  MpUpdateStartEx

  MpUtilsExportFunctions

  MpWDEnable

  Sections

  .text

  Size: 4KB - Virtual size: 3KB

  IMAGE_SCN_CNT_CODE

  IMAGE_SCN_MEM_EXECUTE

  IMAGE_SCN_MEM_READ

  .rdata

  Size: 5KB - Virtual size: 4KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .data

  Size: 1024B - Virtual size: 2KB

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  IMAGE_SCN_MEM_WRITE

  .pdata

  Size: 512B - Virtual size: 480B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .rsrc

  Size: 512B - Virtual size: 248B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_READ

  .reloc

  Size: 512B - Virtual size: 40B

  IMAGE_SCN_CNT_INITIALIZED_DATA

  IMAGE_SCN_MEM_DISCARDABLE

  IMAGE_SCN_MEM_READ