brimcap-v1[.]5[.]2[.]windows-amd64[.]zip

Sharing

Copy URL Twitter E-mail

Reason

XML syntax error on line 19: expected attribute name in element

General

Target

brimcap-v1.5.2.windows-amd64.zip
Size

68.9MB
MD5

dc73778040902bd40a00e5f065d839e3
SHA1

5b422889a3f488bb355f7fc9c5fce3dc79637ef7
SHA256

9d813348eedddbd3d1cec32f025cc0479473881f647474fdee3493ba895afaf0
SHA512

a98c39fe61bc49981ef0419dfdb40b078487c22728022d95df6a7851581798b56c10b14ad4bf8eeee4209802cea88efb27d63e026bd83dbd5ae71820f918705f
SSDEEP

1572864:L34EloAzBPvoJu5gNI4UMChrxTuE34a8U0UJLN4FWLlUcqwzjkzP+M:L34q79vfaFUTn41UUFclUvwzjyP+M

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/brimcap/suricata/bin/suricata-update.exe	pyinstaller

Unsigned PE 20 IoCs

Checks for missing Authenticode signature.

resource
unpack001/brimcap/brimcap.exe
unpack001/brimcap/suricata/bin/suricata-update.exe
unpack001/brimcap/suricata/bin/suricata.exe
unpack001/brimcap/suricata/dlls/freebl3.dll
unpack001/brimcap/suricata/dlls/libnspr4.dll
unpack001/brimcap/suricata/dlls/libplc4.dll
unpack001/brimcap/suricata/dlls/libplds4.dll
unpack001/brimcap/suricata/dlls/libsqlite3-0.dll
unpack001/brimcap/suricata/dlls/libssp-0.dll
unpack001/brimcap/suricata/dlls/libwinpthread-1.dll
unpack001/brimcap/suricata/dlls/nss3.dll
unpack001/brimcap/suricata/dlls/nssutil3.dll
unpack001/brimcap/suricata/dlls/pcap.dll
unpack001/brimcap/suricata/dlls/softokn3.dll
unpack001/brimcap/suricata/dlls/zlib1.dll
unpack001/brimcap/suricata/suricatarunner.exe
unpack001/brimcap/suricata/suricataupdater.exe
unpack001/brimcap/zeek/bin/zeek.exe
unpack001/brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/lib/Corelight-CommunityID.windows-x86_64.dll
unpack001/brimcap/zeek/zeekrunner.exe

Files

brimcap-v1.5.2.windows-amd64.zip
.zip
brimcap/brimcap.exe
.exe windows:6 windows x64

65892a964106b5e0c6c363fdf21975eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetThreadPriority
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
PostQueuedCompletionStatus
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateWaitableTimerA
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 16.9MB - Virtual size: 16.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17.4MB - Virtual size: 17.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 8.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 369KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/bin/suricata-update.exe
.exe windows:5 windows x64

2cdcfb3a828433ba76b5b41f45519bd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
FreeLibrary
LoadLibraryExW
CloseHandle
GetCurrentProcess
LoadLibraryA
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
SetEndOfFile
GetProcAddress
GetModuleFileNameW
SetDllDirectoryW
GetStartupInfoW
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RaiseException
GetCommandLineA
ReadFile
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
SetStdHandle
SetConsoleCtrlHandler
DeleteFileW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
GetFileAttributesExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
GetProcessHeap
GetTimeZoneInformation
HeapSize
HeapReAlloc
WriteConsoleW

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/bin/suricata.exe
.exe windows:4 windows x64

07edde336fd52fbeee0f45e977449c35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

ChangeServiceConfigA
CloseServiceHandle
CreateServiceA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeleteService
OpenProcessToken
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegisterServiceCtrlHandlerExA
SetServiceStatus
StartServiceCtrlDispatcherA

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

iphlpapi

GetAdaptersAddresses

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
CancelIo
CloseHandle
CompareStringOrdinal
CopyFileExW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
CreateHardLinkW
CreateMutexA
CreateNamedPipeW
CreateProcessW
CreateSymbolicLinkW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileType
GetFinalPathNameByHandleW
GetFullPathNameW
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessId
GetStdHandle
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTempPathW
GetTimeZoneInformation
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
InitOnceBeginInitialize
InitOnceComplete
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadFileEx
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
RemoveDirectoryW
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEnvironmentVariableW
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetThreadAffinityMask
SetThreadPriority
SetThreadStackGuarantee
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TzSpecificLocalTimeToSystemTime
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFileEx

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__argv
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_access
_amsg_exit
_assert
_atoi64
_cexit
_chmod
_commode
_close
_difftime64
_errno
_fileno
_findclose
_findfirst64
_findnext64
_fmode
_fullpath
_get_osfhandle
_getcwd
_getpid
_gmtime64
_initterm
_isctype
_localtime64
_lock
_mkdir
_onexit
_open
_putenv
_snprintf
_sopen
_stat64
_strdup
_stricmp
_strnicmp
_strtoi64
_strtoi64
_strtoui64
_strtoui64
_time64
_tzname
_ui64tow
_tzset
_umask
_unlink
_unlock
_utime
_vsnprintf
_vsnwprintf
_write
abort
atoi
atol
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fgetwc
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
getc
getenv
isalnum
isalpha
islower
isprint
isspace
isupper
isxdigit
localeconv
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
qsort
rand
realloc
remove
rename
setlocale
signal
strchr
strcmp
strcpy
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strrchr
strstr
strtol
strtoul
tolower
toupper
ungetc
vfprintf
wcslen
wcstombs

libnspr4

PR_Cleanup
PR_Init

nss3

HASH_Begin
HASH_Create
HASH_Destroy
HASH_End
HASH_HashBuf
HASH_Update
NSS_IsInitialized
NSS_NoDB_Init
NSS_Shutdown

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

pcap

pcap_activate
pcap_breakloop
pcap_close
pcap_compile
pcap_create
pcap_datalink
pcap_dispatch
pcap_dump
pcap_dump_close
pcap_dump_flush
pcap_dump_hopen
pcap_dump_open
pcap_findalldevs
pcap_freealldevs
pcap_freecode
pcap_geterr
pcap_next_ex
pcap_open_dead
pcap_open_offline
pcap_set_buffer_size
pcap_set_promisc
pcap_set_snaplen
pcap_set_timeout
pcap_setfilter
pcap_stats

libwinpthread-1

pthread_attr_init
pthread_attr_setdetachstate
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_create
pthread_equal
pthread_exit
pthread_getspecific
pthread_join
pthread_key_create
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_once
pthread_self
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
sched_yield

userenv

GetUserProfileDirectoryW

ws2_32

WSACleanup
WSADuplicateSocketW
WSAGetLastError
WSARecv
WSASend
WSASocketW
WSAStartup
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getpeername
getprotobyname
getsockname
getsockopt
htonl
htons
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown

zlib1

crc32
inflate
inflateEnd
inflateInit2_
inflateInit_

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 111KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/35
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/47
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/86
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/108
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 1008KB - Virtual size: 1007KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/138
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/154
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/170
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/bin/suricatactl
brimcap/suricata/bin/suricatasc
.sh linux
brimcap/suricata/brim-conf-run.yaml
brimcap/suricata/brim-conf.yaml
brimcap/suricata/dlls/freebl3.dll
.dll windows:4 windows x64

8932c5109e6d950cf558d974b9a5f511

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

nssutil3

NSS_SecureMemcmp
NSS_SecureMemcmpZero
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_SetError_Util
PORT_ZAllocAlignedOffset_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_FreeItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_ZfreeItem_Util
SECOID_FindOIDTag_Util

advapi32

SystemFunction036

kernel32

DeleteCriticalSection
EnterCriticalSection
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetLastError
GetLogicalDrives
GetTickCount
GetVolumeInformationA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_strdup
_time64
_unlock
abort
calloc
free
fwrite
islower
isupper
malloc
memcmp
memcpy
memset
rand
realloc
strcmp
strlen
strncmp
tolower
toupper
vfprintf

libnspr4

PR_CallOnce
PR_Close
PR_DestroyCondVar
PR_DestroyLock
PR_Free
PR_GetEnvSecure
PR_GetLibraryFilePathname
PR_Lock
PR_NewCondVar
PR_NewLock
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Open
PR_Read
PR_Seek
PR_Unlock
PR_WaitCondVar

Exports

Exports

AESKeyWrap_AllocateContext
AESKeyWrap_CreateContext
AESKeyWrap_Decrypt
AESKeyWrap_DecryptKWP
AESKeyWrap_DestroyContext
AESKeyWrap_Encrypt
AESKeyWrap_EncryptKWP
AESKeyWrap_InitContext
AESKeyWrap_W
AESKeyWrap_Winv
AES_AEAD
AES_AllocateContext
AES_CreateContext
AES_Decrypt
AES_DestroyContext
AES_Encrypt
AES_InitContext
BLAKE2B_Begin
BLAKE2B_Clone
BLAKE2B_DestroyContext
BLAKE2B_End
BLAKE2B_Flatten
BLAKE2B_FlattenSize
BLAKE2B_Hash
BLAKE2B_HashBuf
BLAKE2B_MAC_Begin
BLAKE2B_MAC_HashBuf
BLAKE2B_NewContext
BLAKE2B_Resurrect
BLAKE2B_Update
BLAPI_SHVerify
BLAPI_SHVerifyFile
BLAPI_VerifySelf
BL_Cleanup
BL_FIPSEntryOK
BL_Init
BL_POSTRan
BL_SetForkState
CMAC_Begin
CMAC_Create
CMAC_Destroy
CMAC_Finish
CMAC_Init
CMAC_Update
CTR_CreateContext
CTR_DestroyContext
CTR_InitContext
CTR_Update
CTS_CreateContext
CTS_DecryptUpdate
CTS_DestroyContext
CTS_EncryptUpdate
Camellia_AllocateContext
Camellia_CreateContext
Camellia_Decrypt
Camellia_DestroyContext
Camellia_Encrypt
Camellia_InitContext
ChaCha20Poly1305_CreateContext
ChaCha20Poly1305_Decrypt
ChaCha20Poly1305_DestroyContext
ChaCha20Poly1305_Encrypt
ChaCha20Poly1305_InitContext
ChaCha20Poly1305_Open
ChaCha20Poly1305_Seal
ChaCha20Xor
ChaCha20_CreateContext
ChaCha20_DestroyContext
ChaCha20_InitContext
ChaCha20_Xor
CheckX86CPUSupport
DES_AllocateContext
DES_CreateContext
DES_Decrypt
DES_DestroyContext
DES_Do1Block
DES_Encrypt
DES_InitContext
DES_MakeSchedule
DH_Derive
DH_GenParam
DH_NewKey
DSA_NewKey
DSA_NewKeyFromSeed
DSA_NewRandom
DSA_SignDigest
DSA_SignDigestWithSeed
DSA_VerifyDigest
ECDH_Derive
ECDSA_SignDigest
ECDSA_SignDigestWithSeed
ECDSA_VerifyDigest
ECGroup_consGFp
ECGroup_consGFp_mont
ECGroup_free
ECGroup_fromName
ECGroup_new
ECPoint_mul
ECPoint_validate
ECPoints_mul
EC_CopyParams
EC_DecodeParams
EC_FillParams
EC_GetPointSize
EC_NewKey
EC_NewKeyFromSeed
EC_ValidatePublicKey
FIPS186Change_GenerateX
FIPS186Change_ReduceModQForDSA
FREEBL_Deprecated
FREEBL_GetVector
GCM_CreateContext
GCM_DecryptAEAD
GCM_DecryptUpdate
GCM_DestroyContext
GCM_EncryptAEAD
GCM_EncryptUpdate
GFMethod_consGFp
GFMethod_consGFp_mont
GFMethod_free
GFMethod_new
HASH_GetRawHashObject
HMAC_Begin
HMAC_Clone
HMAC_ConstantTime
HMAC_Create
HMAC_Destroy
HMAC_Finish
HMAC_Init
HMAC_ReInit
HMAC_Update
Hacl_Chacha20Poly1305_128_aead_decrypt
Hacl_Chacha20Poly1305_128_aead_encrypt
Hacl_Chacha20Poly1305_256_aead_decrypt
Hacl_Chacha20Poly1305_256_aead_encrypt
Hacl_Chacha20Poly1305_32_aead_decrypt
Hacl_Chacha20Poly1305_32_aead_encrypt
Hacl_Chacha20_Vec128_chacha20_decrypt_128
Hacl_Chacha20_Vec128_chacha20_encrypt_128
Hacl_Chacha20_Vec256_chacha20_decrypt_256
Hacl_Chacha20_Vec256_chacha20_encrypt_256
Hacl_Chacha20_chacha20_decrypt
Hacl_Chacha20_chacha20_encrypt
Hacl_Curve25519_51_ecdh
Hacl_Curve25519_51_scalarmult
Hacl_Curve25519_51_secret_to_public
Hacl_Impl_Chacha20_Vec_chacha20_constants
Hacl_Impl_Poly1305_Field32xN_128_fmul_r2_normalize
Hacl_Impl_Poly1305_Field32xN_128_load_acc2
Hacl_Impl_Poly1305_Field32xN_256_fmul_r4_normalize
Hacl_Impl_Poly1305_Field32xN_256_load_acc4
Hacl_Poly1305_128_blocklen
Hacl_Poly1305_128_poly1305_finish
Hacl_Poly1305_128_poly1305_init
Hacl_Poly1305_128_poly1305_mac
Hacl_Poly1305_128_poly1305_update
Hacl_Poly1305_128_poly1305_update1
Hacl_Poly1305_256_blocklen
Hacl_Poly1305_256_poly1305_finish
Hacl_Poly1305_256_poly1305_init
Hacl_Poly1305_256_poly1305_mac
Hacl_Poly1305_256_poly1305_update
Hacl_Poly1305_256_poly1305_update1
Hacl_Poly1305_32_blocklen
Hacl_Poly1305_32_poly1305_finish
Hacl_Poly1305_32_poly1305_init
Hacl_Poly1305_32_poly1305_mac
Hacl_Poly1305_32_poly1305_update
Hacl_Poly1305_32_poly1305_update1
JPAKE_Final
JPAKE_Round2
JPAKE_Sign
JPAKE_Verify
KEA_Derive
KEA_PrimeCheck
KEA_Verify
MD2_Begin
MD2_Clone
MD2_DestroyContext
MD2_End
MD2_Flatten
MD2_FlattenSize
MD2_Hash
MD2_NewContext
MD2_Resurrect
MD2_Update
MD5_Begin
MD5_Clone
MD5_DestroyContext
MD5_End
MD5_EndRaw
MD5_Flatten
MD5_FlattenSize
MD5_Hash
MD5_HashBuf
MD5_NewContext
MD5_Resurrect
MD5_TraceState
MD5_Update
PQG_Check
PQG_DestroyParams
PQG_DestroyVerify
PQG_GetHashType
PQG_GetLength
PQG_ParamGen
PQG_ParamGenSeedLen
PQG_ParamGenV2
PQG_VerifyParams
PRNGTEST_Generate
PRNGTEST_Instantiate
PRNGTEST_Instantiate_Kat
PRNGTEST_Reseed
PRNGTEST_RunHealthTests
PRNGTEST_Uninstantiate
RC2_AllocateContext
RC2_CreateContext
RC2_Decrypt
RC2_DestroyContext
RC2_Encrypt
RC2_InitContext
RC4_AllocateContext
RC4_CreateContext
RC4_Decrypt
RC4_DestroyContext
RC4_Encrypt
RC4_InitContext
RC5_CreateContext
RC5_Decrypt
RC5_DestroyContext
RC5_Encrypt
RNG_GenerateGlobalRandomBytes
RNG_GetNoise
RNG_RNGInit
RNG_RNGShutdown
RNG_RandomUpdate
RNG_SystemInfoForRNG
RNG_SystemRNG
RSA_CheckSign
RSA_CheckSignPSS
RSA_CheckSignRaw
RSA_CheckSignRecover
RSA_CheckSignRecoverRaw
RSA_Cleanup
RSA_DecryptBlock
RSA_DecryptOAEP
RSA_DecryptRaw
RSA_EncryptBlock
RSA_EncryptOAEP
RSA_EncryptRaw
RSA_Init
RSA_NewKey
RSA_PopulatePrivateKey
RSA_PrivateKeyCheck
RSA_PrivateKeyOp
RSA_PrivateKeyOpDoubleChecked
RSA_PublicKeyOp
RSA_Sign
RSA_SignPSS
RSA_SignRaw
SECRawHashObjects
SEED_AllocateContext
SEED_CreateContext
SEED_Decrypt
SEED_DestroyContext
SEED_Encrypt
SEED_InitContext
SEED_cbc_encrypt
SEED_decrypt
SEED_ecb_encrypt
SEED_encrypt
SEED_set_key
SHA1_Begin
SHA1_Clone
SHA1_Compress_Native
SHA1_DestroyContext
SHA1_End
SHA1_EndRaw
SHA1_Flatten
SHA1_FlattenSize
SHA1_Hash
SHA1_HashBuf
SHA1_NewContext
SHA1_Resurrect
SHA1_TraceState
SHA1_Update
SHA1_Update_Native
SHA224_Begin
SHA224_Clone
SHA224_DestroyContext
SHA224_End
SHA224_EndRaw
SHA224_Flatten
SHA224_FlattenSize
SHA224_Hash
SHA224_HashBuf
SHA224_NewContext
SHA224_Resurrect
SHA224_TraceState
SHA224_Update
SHA256_Begin
SHA256_Clone
SHA256_Compress_Native
SHA256_DestroyContext
SHA256_End
SHA256_EndRaw
SHA256_Flatten
SHA256_FlattenSize
SHA256_Hash
SHA256_HashBuf
SHA256_NewContext
SHA256_Resurrect
SHA256_TraceState
SHA256_Update
SHA256_Update_Native
SHA384_Begin
SHA384_Clone
SHA384_DestroyContext
SHA384_End
SHA384_EndRaw
SHA384_Flatten
SHA384_FlattenSize
SHA384_Hash
SHA384_HashBuf
SHA384_NewContext
SHA384_Resurrect
SHA384_TraceState
SHA384_Update
SHA512_Begin
SHA512_Clone
SHA512_DestroyContext
SHA512_End
SHA512_EndRaw
SHA512_Flatten
SHA512_FlattenSize
SHA512_Hash
SHA512_HashBuf
SHA512_NewContext
SHA512_Resurrect
SHA512_TraceState
SHA512_Update
SSLv3_MAC_ConstantTime
TLS_PRF
TLS_P_hash
__nss_freebl_version
aesni_support
arm_aes_support
arm_neon_support
arm_pmull_support
arm_sha1_support
arm_sha2_support
avx2_support
avx_support
bl_parentForkedAfterC_Initialize
blake2b_Compress
blake2b_HashBuf
blake2b_IncrementCounter
bmul32
camellia_decrypt128
camellia_decrypt256
camellia_decryptCBC
camellia_decryptECB
camellia_encrypt128
camellia_encrypt256
camellia_encryptCBC
camellia_encryptECB
camellia_key_expansion
camellia_setup128
camellia_setup192
camellia_setup256
clmul_support
construct_ecgroup
ec_Curve25519_mul
ec_Curve25519_pt_mul
ec_Curve25519_pt_validate
ec_GF2m_add
ec_GF2m_div
ec_GF2m_mod
ec_GF2m_mul
ec_GF2m_neg
ec_GF2m_sqr
ec_GFp_add
ec_GFp_add_3
ec_GFp_add_4
ec_GFp_add_5
ec_GFp_add_6
ec_GFp_dec_mont
ec_GFp_div
ec_GFp_div_mont
ec_GFp_enc_mont
ec_GFp_extra_free_mont
ec_GFp_mod
ec_GFp_mul
ec_GFp_mul_mont
ec_GFp_neg
ec_GFp_pt_add_aff
ec_GFp_pt_add_jac_aff
ec_GFp_pt_aff2jac
ec_GFp_pt_dbl_aff
ec_GFp_pt_dbl_jac
ec_GFp_pt_is_inf_aff
ec_GFp_pt_is_inf_jac
ec_GFp_pt_jac2aff
ec_GFp_pt_mul_jm_wNAF
ec_GFp_pt_set_inf_aff
ec_GFp_pt_set_inf_jac
ec_GFp_pt_sub_aff
ec_GFp_pts_mul_jac
ec_GFp_sqr
ec_GFp_sqr_mont
ec_GFp_sub
ec_GFp_sub_3
ec_GFp_sub_4
ec_GFp_sub_5
ec_GFp_sub_6
ec_GFp_validate_point
ec_GetNamedCurveParams
ec_NewKey
ec_compute_wNAF
ec_group_set_gfp256
ec_group_set_gfp256_32
ec_group_set_gfp384
ec_group_set_gfp521
ec_group_set_secp384r1
ec_group_set_secp521r1
ec_point_at_infinity
ec_points_mul
ec_pts_mul_basic
ec_pts_mul_simul_w2
ec_twoTo
ecgroup_fromName
freebl_cpuid
freebl_fips_TLS_PowerUpSelfTest
gcmHash_Final
gcmHash_InitContext
gcmHash_Reset
gcmHash_Update
gcm_GenerateIV
gcm_HashInit_hw
gcm_HashMult_hw
gcm_HashMult_sftw32
gcm_HashWrite_hw
gcm_HashZeroX_hw
gcm_InitCounter
gcm_InitIVContext
generate_prime
get64
mp_2expt
mp_abs
mp_add
mp_add_d
mp_addmod
mp_badd
mp_barr2poly
mp_bdivmod
mp_bmod
mp_bmul
mp_bmulmod
mp_bpoly2arr
mp_bsqrmod
mp_clear
mp_cmp
mp_cmp_d
mp_cmp_mag
mp_cmp_z
mp_copy
mp_cswap
mp_div
mp_div_2
mp_div_2d
mp_div_d
mp_exch
mp_expt
mp_expt_d
mp_exptmod
mp_exptmod_d
mp_exptmod_i
mp_exptmod_safe_i
mp_gcd
mp_get_prec
mp_gf2m_sqr_tb
mp_init
mp_init_copy
mp_init_size
mp_invmod
mp_invmod_xgcd
mp_iseven
mp_isodd
mp_lcm
mp_mod
mp_mod_d
mp_mul
mp_mul_2
mp_mul_d
mp_mulmod
mp_neg
mp_radix_size
mp_raw_size
mp_read_radix
mp_read_raw
mp_read_unsigned_octets

Sections

.text
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libnspr4.dll
.dll windows:4 windows x64

1b629d32101116b31364e1d98dd7087c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
CopySid
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

kernel32

CancelIo
CloseHandle
ConvertThreadToFiber
CreateDirectoryA
CreateEventA
CreateFiber
CreateFileA
CreateFileMappingA
CreateIoCompletionPort
CreatePipe
CreateProcessA
CreateSemaphoreA
DebugBreak
DeleteCriticalSection
DeleteFiber
DeleteFileA
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetCurrentProcess
GetCurrentThread
GetDriveTypeA
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesExA
GetFileInformationByHandle
GetHandleInformation
GetLastError
GetLogicalDriveStringsA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatus
GetStdHandle
GetSystemInfo
GetSystemTime
GetTickCount
GetVersionExA
GetVolumeInformationA
GlobalMemoryStatusEx
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryExW
LockFileEx
MapViewOfFile
MoveFileA
MultiByteToWideChar
OpenFileMappingA
OpenSemaphoreA
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
ReadFile
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
ResumeThread
SetErrorMode
SetFilePointer
SetHandleInformation
SetLastError
SetThreadAffinityMask
SetThreadPriority
Sleep
SuspendThread
SwitchToFiber
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnlockFileEx
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrlenA

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_access
_amsg_exit
_beginthreadex
_endthreadex
_environ
_errno
_exit
_initterm
_localtime64
_lock
_mbsdec
_mbsinc
_mktime64
_putenv
_stat64
_strcmpi
_stricmp
_strdup
_stricmp
_time64
_unlock
abort
atoi
calloc
exit
fclose
fflush
fopen
fputc
free
fwrite
getc
getenv
isalpha
islower
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcpy
memmove
memset
qsort
realloc
setvbuf
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncmp
strpbrk
strrchr
strstr
strtol
strtoul
tolower
ungetc
vfprintf
wcslen

mswsock

AcceptEx
GetAcceptExSockaddrs
TransmitFile

winmm

timeGetTime

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
gethostname
getpeername
getprotobyname
getprotobynumber
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

FlipSlashes
GetExecutionEnvironment
GetMyFiberID
IsFileLocal
IsFileLocalInit
LL_MaxInt
LL_MaxUint
LL_MinInt
LL_Zero
MS_VC_EXCEPTION
NT_HashRemoveInternal
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddToCounter
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AssertCurrentThreadInMonitor
PR_AssertCurrentThreadOwnsLock
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_BlockInterrupt
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CSetOnMonitorRecycle
PR_CWait
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_CancelJob
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateAlarm
PR_CreateCounter
PR_CreateFileMap
PR_CreateIOLayer
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateOrderedLock
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateThreadPool
PR_CreateTrace
PR_CreateWaitGroup
PR_DecrementCounter
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyCounter
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyOrderedLock
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyTrace
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_DuplicateEnvironment
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindFunctionSymbolAndLibrary
PR_FindNextCounterQname
PR_FindNextCounterRname
PR_FindNextTraceQname
PR_FindNextTraceRname
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetConnectStatus
PR_GetCounter
PR_GetCounterHandleFromName
PR_GetCounterNameFromHandle
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetEnvSecure
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMemMapAlignment
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPathSeparator
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetPipeMethods
PR_GetPrefLoopbackAddrInfo
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetRandomNoise
PR_GetSP
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSysfdTableMax
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadName
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetTraceEntries
PR_GetTraceHandleFromName
PR_GetTraceNameFromHandle
PR_GetTraceOption
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_GetVersion
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportPipe
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_IncrementCounter
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinJob
PR_JoinThread
PR_JoinThreadPool
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LockOrderedLock
PR_LogFlush
PR_LogPrint
PR_MakeDir
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NTFast_Accept
PR_NTFast_AcceptRead
PR_NTFast_AcceptRead_WithTimeoutCallback
PR_NTFast_UpdateAcceptContext
PR_NT_CancelIo
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenFile
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_ParseTimeStringToExplodedTime
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_QueueJob
PR_QueueJob_Accept
PR_QueueJob_Connect
PR_QueueJob_Read
PR_QueueJob_Timer
PR_QueueJob_Write
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_RecordTraceEntries
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetCounter
PR_SetCurrentThreadName
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetSysfdTableSize
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_SetTraceOption
PR_ShowStatus
PR_Shutdown
PR_ShutdownThreadPool
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SubtractFromCounter
PR_SuspendAll
PR_Sync
PR_SyncMemMap
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_Trace
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnblockInterrupt
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_UnlockOrderedLock
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
PT_FPrintStats
SetExecutionEnvironment
_MD_AttachSharedMemory
_MD_CURRENT_THREAD
_MD_CloseFileMap
_MD_CloseSharedMemory
_MD_CreateFileMap
_MD_DeleteSharedMemory
_MD_DetachSharedMemory
_MD_GetMemMapAlignment
_MD_HomeGCRegisters
_MD_MemMap
_MD_MemUnmap
_MD_OpenSharedMemory
_MD_SyncMemMap
_MD_WindowsGetHostName
_MD_WindowsGetReleaseName
_MD_WindowsGetSysInfo
_MD_unix_readdir_error
_MD_win32_map_accept_error
_MD_win32_map_acceptex_error
_MD_win32_map_access_error
_MD_win32_map_bind_error
_MD_win32_map_close_error
_MD_win32_map_closedir_error
_MD_win32_map_connect_error
_MD_win32_map_default_error
_MD_win32_map_delete_error
_MD_win32_map_fstat_error
_MD_win32_map_fsync_error
_MD_win32_map_gethostname_error
_MD_win32_map_getpeername_error
_MD_win32_map_getsockname_error
_MD_win32_map_getsockopt_error
_MD_win32_map_listen_error
_MD_win32_map_lockf_error
_MD_win32_map_lseek_error
_MD_win32_map_mkdir_error
_MD_win32_map_open_error
_MD_win32_map_opendir_error
_MD_win32_map_read_error
_MD_win32_map_recv_error
_MD_win32_map_recvfrom_error
_MD_win32_map_rename_error
_MD_win32_map_rmdir_error
_MD_win32_map_select_error
_MD_win32_map_send_error
_MD_win32_map_sendto_error
_MD_win32_map_setsockopt_error
_MD_win32_map_shutdown_error
_MD_win32_map_socket_error
_MD_win32_map_stat_error
_MD_win32_map_transmitfile_error
_MD_win32_map_write_error
_PRI_AttachThread
_PRI_DetachThread
_PR_AddSleepQ
_PR_AddThreadToRunQ
_PR_CleanupCMon
_PR_CleanupCPUs
_PR_CleanupCallOnce
_PR_CleanupDtoa
_PR_CleanupEnv
_PR_CleanupFdCache
_PR_CleanupIO
_PR_CleanupLayerCache
_PR_CleanupMW
_PR_CleanupNet
_PR_CleanupStacks
_PR_CleanupTPD
_PR_CleanupThread
_PR_CleanupThreads
_PR_CleanupTime
_PR_ClockInterrupt
_PR_CondVarToString
_PR_CreateThread
_PR_CreateWindowsProcess
_PR_DelSleepQ
_PR_DestroySegment
_PR_DestroyThreadPrivate
_PR_DetachWindowsProcess
_PR_DumpPrintf
_PR_DumpThread
_PR_DumpThreads
_PR_FileTimeToPRTime
_PR_FreeCondVar
_PR_FreeLock
_PR_FreeStack
_PR_GetPrimordialCPU
_PR_Getfd

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libplc4.dll
.dll windows:4 windows x64

096743c5f40a7f854cbe5aba0b6a1a1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libnspr4

PR_Assert
PR_Calloc
PR_ErrorToName
PR_Free
PR_GetError
PR_GetOSError
PR_GetSpecialFD
PR_Malloc
PR_SetError
PR_fprintf

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
malloc
memcpy
realloc
strcat
strchr
strcmp
strcpy
strlen
strncmp
strpbrk
strrchr
strstr
vfprintf

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint
prVersionDescription_libplc4

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 304B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libplds4.dll
.dll windows:4 windows x64

fd8146261b7e92ff27c9a94e93351f4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libnspr4

PR_CeilingLog2
PR_Free
PR_Malloc

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
memcpy
memset
realloc
strcmp
strlen
strncmp
vfprintf

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
PL_SizeOfArenaPoolExcludingPool
libVersionPoint
prVersionDescription_libplds4

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libsqlite3-0.dll
.dll windows:4 windows x64

9b5934c71c7f12d289562963993bbcbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexW
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetProcAddress
GetProcessHeap
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetVersionExA
GetVersionExW
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetFilePointer
Sleep
SystemTimeToFileTime
TlsGetValue
TryEnterCriticalSection
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile

msvcrt

__iob_func
__setusermatherr
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_localtime64
_lock
_msize
_unlock
abort
acos
asin
atan
calloc
cosh
free
fwrite
log10
malloc
memcmp
memcpy
memmove
memset
qsort
realloc
sinh
strcmp
strcspn
strlen
strncmp
strrchr
tan
tanh
vfprintf

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_autovacuum_pages
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_pointer
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_changes64
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_filename
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_create_window_function
sqlite3_data_count
sqlite3_data_directory
sqlite3_database_file_object
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_name
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_deserialize
sqlite3_drop_modules
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_error_offset
sqlite3_errstr
sqlite3_exec
sqlite3_expanded_sql
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_filename_database
sqlite3_filename_journal
sqlite3_filename_wal
sqlite3_finalize
sqlite3_free
sqlite3_free_filename
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_hard_heap_limit64
sqlite3_initialize
sqlite3_interrupt
sqlite3_is_interrupted
sqlite3_keyword_check
sqlite3_keyword_count
sqlite3_keyword_name
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare16_v3
sqlite3_prepare_v2
sqlite3_prepare_v3
sqlite3_preupdate_blobwrite
sqlite3_preupdate_count
sqlite3_preupdate_depth
sqlite3_preupdate_hook
sqlite3_preupdate_new
sqlite3_preupdate_old
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_pointer
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_rtree_geometry_callback
sqlite3_rtree_query_callback
sqlite3_serialize
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_set_last_insert_rowid
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_isexplain
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_str_append
sqlite3_str_appendall
sqlite3_str_appendchar
sqlite3_str_appendf
sqlite3_str_errcode
sqlite3_str_finish
sqlite3_str_length
sqlite3_str_new
sqlite3_str_reset
sqlite3_str_value
sqlite3_str_vappendf
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_temp_directory
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_total_changes64
sqlite3_trace
sqlite3_trace_v2
sqlite3_transfer_bindings
sqlite3_txn_state
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_key
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_encoding
sqlite3_value_free
sqlite3_value_frombind
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_nochange
sqlite3_value_numeric_type
sqlite3_value_pointer
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_collation
sqlite3_vtab_config
sqlite3_vtab_distinct
sqlite3_vtab_in
sqlite3_vtab_in_first
sqlite3_vtab_in_next
sqlite3_vtab_nochange
sqlite3_vtab_on_conflict
sqlite3_vtab_rhs_value
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_mbcs_to_utf8_v2
sqlite3_win32_set_directory
sqlite3_win32_set_directory16
sqlite3_win32_set_directory8
sqlite3_win32_sleep
sqlite3_win32_unicode_to_utf8
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_utf8_to_mbcs_v2
sqlite3_win32_utf8_to_unicode
sqlite3_win32_write_debug
sqlite3changegroup_add
sqlite3changegroup_add_strm
sqlite3changegroup_delete
sqlite3changegroup_new
sqlite3changegroup_output
sqlite3changegroup_output_strm
sqlite3changeset_apply
sqlite3changeset_apply_strm
sqlite3changeset_apply_v2
sqlite3changeset_apply_v2_strm
sqlite3changeset_concat
sqlite3changeset_concat_strm
sqlite3changeset_conflict
sqlite3changeset_finalize
sqlite3changeset_fk_conflicts
sqlite3changeset_invert
sqlite3changeset_invert_strm
sqlite3changeset_new
sqlite3changeset_next
sqlite3changeset_old
sqlite3changeset_op
sqlite3changeset_pk
sqlite3changeset_start
sqlite3changeset_start_strm
sqlite3changeset_start_v2
sqlite3changeset_start_v2_strm
sqlite3rebaser_configure
sqlite3rebaser_create
sqlite3rebaser_delete
sqlite3rebaser_rebase
sqlite3rebaser_rebase_strm
sqlite3session_attach
sqlite3session_changeset
sqlite3session_changeset_size
sqlite3session_changeset_strm
sqlite3session_config
sqlite3session_create
sqlite3session_delete
sqlite3session_diff
sqlite3session_enable
sqlite3session_indirect
sqlite3session_isempty
sqlite3session_memory_used
sqlite3session_object_config
sqlite3session_patchset
sqlite3session_patchset_strm
sqlite3session_table_filter

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libssp-0.dll
.dll windows:4 windows x64

46e38788cff3098080a6d3ba34a59900

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_exit
_initterm
_lock
_open
_unlock
_write
abort
calloc
fgets
fputc
free
fwrite
gets
localeconv
malloc
memcpy
memmove
memset
realloc
strerror
strlen
strncmp
strncpy
vfprintf
wcslen

Exports

Exports

__chk_fail
__gets_chk
__memcpy_chk
__memmove_chk
__mempcpy_chk
__memset_chk
__snprintf_chk
__sprintf_chk
__stack_chk_fail
__stack_chk_fail_local
__stack_chk_guard
__stpcpy_chk
__strcat_chk
__strcpy_chk
__strncat_chk
__strncpy_chk
__vsnprintf_chk
__vsprintf_chk

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libwinpthread-1.dll
.dll windows:4 windows x64

fdac11066db813aade99ccb6d516fc10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount64
InitializeCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__C_specific_handler
__iob_func
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_lock
_setjmp
_strdup
_ultoa
_unlock
_write
abort
calloc
exit
fprintf
free
fwrite
longjmp
malloc
memmove
memset
printf
realloc
signal
strlen
strncmp
vfprintf

Exports

Exports

__pth_gpointer_locked
__pthread_clock_nanosleep
_pthread_cleanup_dest
_pthread_get_state
_pthread_invoke_cancel
_pthread_key_dest
_pthread_rel_time_in_ms
_pthread_set_state
_pthread_time_in_ms
_pthread_time_in_ms_from_timespec
_pthread_tryjoin
clock_getres
clock_gettime
clock_nanosleep
clock_settime
nanosleep
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstack
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstack
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_timedwait_relative_np
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getclock
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setclock
pthread_condattr_setpshared
pthread_create
pthread_create_wrapper
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_get_concurrency
pthread_getclean
pthread_getconcurrency
pthread_getevent
pthread_gethandle
pthread_getname_np
pthread_getschedparam
pthread_getspecific
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getprioceiling
pthread_mutexattr_getprotocol
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setprioceiling
pthread_mutexattr_setprotocol
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_set_concurrency
pthread_set_num_processors_np
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setname_np
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_tls_init
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 432B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/nss3.dll
.dll windows:4 windows x64

d04ca413b7aee303f5024cb52da08480

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

nssutil3

ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
CERT_GenTime2FormattedAscii_Util
DER_AsciiToTime_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedDayToAscii_Util
DER_GeneralizedTimeToTime_Util
DER_GetInteger_Util
DER_GetUInteger
DER_LengthLength
DER_Lengths_Util
DER_SetUInteger
DER_StoreHeader
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToUTCTime_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
NSSBase64Decoder_Create_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_Destroy_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_New_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSSUTIL_AddNSSFlagToModuleSpec
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgParseCipherFlags
NSSUTIL_ArgParseModuleSpecEx
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgReadLong
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoubleEscape
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_MkModuleSpec
NSSUTIL_MkNSSString
NSSUTIL_MkSlotString
NSS_GetAlgorithmPolicy
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_SkipTemplate
NSS_Get_SEC_T61StringTemplate
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_InitializePRErrorTable
NSS_IsPolicyLocked
NSS_LockPolicy
NSS_PutEnv_Util
NSS_SetAlgorithmPolicy
PK11URI_CreateURI
PK11URI_DestroyURI
PK11URI_FormatURI
PK11URI_GetPathAttribute
PK11URI_GetPathAttributeItem
PK11URI_ParseURI
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaZAlloc_Util
PORT_DestroyCheapArena
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_ISO88591_UTF8Conversion
PORT_InitCheapArena
PORT_LoadLibraryFromOrigin
PORT_NewArena_Util
PORT_Realloc_Util
PORT_RegExpCaseSearch
PORT_RegExpValid
PORT_SetError_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_Strdup_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_UCS4_UTF8Conversion
PORT_ZAllocAlignedOffset_Util
PORT_ZAllocAligned_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECITEM_FreeItem_Util
SECITEM_Hash
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_MakeItem
SECITEM_ZfreeItem_Util
SECOID_AddEntry_Util
SECOID_CompareAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDByTag_Util
SECOID_FindOIDTagDescription_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_KnownCertExtenOID
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeInteger_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1LengthLength_Util
SEC_QuickDERDecodeItem_Util
SEC_StringToOID
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CreateDigestInfo_Util
SGN_DecodeDigestInfo
SGN_DestroyDigestInfo_Util
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_unlock
abort
atoi
calloc
fclose
fflush
fopen
fputc
free
fwrite
isspace
isupper
isxdigit
localeconv
malloc
memcmp
memcpy
memmove
memset
qsort
realloc
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtol
tolower
vfprintf
wcslen

libnspr4

PR_Accept
PR_Bind
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_Close
PR_CloseDir
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_DestroyCondVar
PR_DestroyLock
PR_DestroyMonitor
PR_DestroyRWLock
PR_EnterMonitor
PR_EnumerateHostEnt
PR_ErrorToString
PR_ExitMonitor
PR_FindFunctionSymbol
PR_FindSymbol
PR_Free
PR_GetCurrentThread
PR_GetEnvSecure
PR_GetError
PR_GetHostByName
PR_GetOpenFileInfo
PR_GetThreadPrivate
PR_InitializeNetAddr
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_Lock
PR_LogPrint
PR_Malloc
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewRWLock
PR_NewTCPSocket
PR_NewThreadPrivateIndex
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenDir
PR_Poll
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_Recv
PR_SecondsToInterval
PR_Send
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetThreadPrivate
PR_Shutdown
PR_Sleep
PR_StringToNetAddr
PR_TicksPerSecond
PR_UnloadLibrary
PR_Unlock
PR_WaitCondVar
PR_Write
PR_htonl
PR_htonll
PR_htons
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append

libplc4

PL_Base64Encode
PL_strcasecmp
PL_strcat
PL_strcatn
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncpyz
PL_strnstr
PL_strrstr
PL_strstr

libplds4

PL_ArenaAllocate
PL_ArenaRelease
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable

Exports

Exports

ATOB_AsciiToData
ATOB_ConvertAsciiToItem
AcquireDPCache
BTOA_ConvertItemToAscii
BTOA_DataToAscii
CERTAltNameTemplate
CERTAuthInfoAccessItemTemplate
CERTAuthInfoAccessTemplate
CERTAuthKeyIDTemplate
CERTCRLDistributionPointsTemplate
CERTSignedDataTemplate
CERT_AddAVA
CERT_AddCertToListHead
CERT_AddCertToListHeadWithData
CERT_AddCertToListSorted
CERT_AddCertToListTail
CERT_AddCertToListTailWithData
CERT_AddExtension
CERT_AddExtensionByOID
CERT_AddNameConstraint
CERT_AddNameConstraintByGeneralName
CERT_AddOCSPAcceptableResponses
CERT_AddOKDomainName
CERT_AddRDN
CERT_AddTempCertToPerm
CERT_AllocCERTRevocationFlags
CERT_AsciiToName
CERT_AttributeTemplate
CERT_CRLCacheRefreshIssuer
CERT_CacheCRL
CERT_CacheOCSPResponseFromSideChannel
CERT_CertChainFromCert
CERT_CertExtensionTemplate
CERT_CertKeyTemplate
CERT_CertListFromCert
CERT_CertTimesValid
CERT_CertificatePoliciesTemplate
CERT_CertificateRequestTemplate
CERT_CertificateTemplate
CERT_ChangeCertTrust
CERT_CheckCRL
CERT_CheckCertUsage
CERT_CheckCertValidTimes
CERT_CheckKeyUsage
CERT_CheckNameSpace
CERT_CheckOCSPStatus
CERT_ClearOCSPCache
CERT_CompareAVA
CERT_CompareCerts
CERT_CompareCertsForRedirection
CERT_CompareDERPrintableStrings
CERT_CompareName
CERT_CompareNameSpace
CERT_CompareRDN
CERT_CompareValidityTimes
CERT_CompleteCRLDecodeEntries
CERT_CopyAVA
CERT_CopyGeneralName
CERT_CopyName
CERT_CopyNameConstraint
CERT_CopyRDN
CERT_CopyValidity
CERT_CreateAVA
CERT_CreateAVAFromRaw
CERT_CreateAVAFromSECItem
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateEncodedOCSPErrorResponse
CERT_CreateEncodedOCSPSuccessResponse
CERT_CreateGeneralNameList
CERT_CreateName
CERT_CreateOCSPCertID
CERT_CreateOCSPRequest
CERT_CreateOCSPSingleResponseGood
CERT_CreateOCSPSingleResponseRevoked
CERT_CreateOCSPSingleResponseUnknown
CERT_CreateRDN
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_CrlTemplate
CERT_CrlTemplateEntriesOnly
CERT_CrlTemplateNoEntries
CERT_DecodeAVAValue
CERT_DecodeAltNameExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeAuthKeyID
CERT_DecodeBasicConstraintValue
CERT_DecodeCRLDistributionPoints
CERT_DecodeCertificatePoliciesExtension
CERT_DecodeDERCertificate
CERT_DecodeDERCrl
CERT_DecodeDERCrlWithFlags
CERT_DecodeGeneralName
CERT_DecodeInhibitAnyExtension
CERT_DecodeNameConstraintsExtension
CERT_DecodeOCSPRequest
CERT_DecodeOCSPResponse
CERT_DecodeOidSequence
CERT_DecodePolicyConstraintsExtension
CERT_DecodePolicyMappingsExtension
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DecodeTrustString
CERT_DecodeUserNotice
CERT_DerNameToAscii
CERT_DestroyCERTRevocationFlags
CERT_DestroyCertArray
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificatePoliciesExtension
CERT_DestroyCertificateRequest
CERT_DestroyCrl
CERT_DestroyGeneralName
CERT_DestroyGeneralNameList
CERT_DestroyName
CERT_DestroyOCSPCertID
CERT_DestroyOCSPRequest
CERT_DestroyOCSPResponse
CERT_DestroyOidSequence
CERT_DestroyPolicyMappingsExtension
CERT_DestroyUserNotice
CERT_DestroyValidity
CERT_DisableOCSPChecking
CERT_DisableOCSPDefaultResponder
CERT_DisplayTextTypeTemplate
CERT_DistNamesFromCertList
CERT_DistNamesFromNicknames
CERT_DupCertList
CERT_DupCertificate
CERT_DupDistNames
CERT_DupGeneralNameList
CERT_EnableOCSPChecking
CERT_EnableOCSPDefaultResponder
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_EncodeAndAddExtension
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeCRLDistributionPoints
CERT_EncodeCertPoliciesExtension
CERT_EncodeGeneralName
CERT_EncodeIA5TypeExtension
CERT_EncodeInfoAccessExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodeNameConstraintsExtension
CERT_EncodeNoticeReference
CERT_EncodeOCSPRequest
CERT_EncodePolicyConstraintsExtension
CERT_EncodePolicyMappingExtension
CERT_EncodePrivateKeyUsagePeriod
CERT_EncodeSubjectKeyID
CERT_EncodeTrustString
CERT_EncodeUserNotice
CERT_ExtractNicknameString
CERT_ExtractPublicKey
CERT_FilterCertListByCANames
CERT_FilterCertListByCertList
CERT_FilterCertListByNickname
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindAuthKeyIDExten
CERT_FindBasicConstraintExten
CERT_FindBitStringExtension
CERT_FindCRLDistributionPoints
CERT_FindCRLEntryReasonExten
CERT_FindCRLExtension
CERT_FindCRLExtensionByOID
CERT_FindCRLNumberExten
CERT_FindCertByDERCert
CERT_FindCertByIssuerAndSN
CERT_FindCertByIssuerAndSNCX
CERT_FindCertByKeyID
CERT_FindCertByName
CERT_FindCertByNameString
CERT_FindCertByNickname
CERT_FindCertByNicknameOrEmailAddr
CERT_FindCertByNicknameOrEmailAddrCX
CERT_FindCertByNicknameOrEmailAddrForUsage
CERT_FindCertByNicknameOrEmailAddrForUsageCX
CERT_FindCertBySubjectKeyID
CERT_FindCertExtension
CERT_FindCertExtensionByOID
CERT_FindCertIssuer
CERT_FindInvalidDateExten
CERT_FindKeyUsageExtension
CERT_FindMatchingCert
CERT_FindNSCertTypeExtension
CERT_FindNSStringExtension
CERT_FindNameConstraintsExten
CERT_FindSMimeProfile
CERT_FindSubjectKeyIDExtension
CERT_FindUserCertByUsage
CERT_FindUserCertsByUsage
CERT_FinishCertificateRequestAttributes
CERT_FinishExtensions
CERT_FixupEmailAddr
CERT_ForcePostMethodForOCSP
CERT_FormatName
CERT_FreeDistNames
CERT_FreeNicknames
CERT_GenTime2FormattedAscii
CERT_GeneralNamesTemplate
CERT_GetAVATag
CERT_GetCertChainFromCert
CERT_GetCertCommentString
CERT_GetCertEmailAddress
CERT_GetCertIsPerm
CERT_GetCertIsTemp
CERT_GetCertIssuerAndSN
CERT_GetCertKeyType
CERT_GetCertNicknameWithValidity
CERT_GetCertNicknames
CERT_GetCertTimes
CERT_GetCertTrust
CERT_GetCertUid
CERT_GetCertificateDer
CERT_GetCertificateEmailAddress
CERT_GetCertificateNames
CERT_GetCertificateRequestExtensions
CERT_GetClassicOCSPDisabledPolicy
CERT_GetClassicOCSPEnabledHardFailurePolicy
CERT_GetClassicOCSPEnabledSoftFailurePolicy
CERT_GetCommonName
CERT_GetConstrainedCertificateNames
CERT_GetCountryName
CERT_GetDBContentVersion
CERT_GetDefaultCertDB
CERT_GetDnQualifier
CERT_GetDomainComponentName
CERT_GetEncodedOCSPResponse
CERT_GetEncodedOCSPResponseByMethod
CERT_GetExtenCriticality
CERT_GetFirstEmailAddress
CERT_GetGeneralNameByType
CERT_GetGeneralNameTypeFromString
CERT_GetImposedNameConstraints
CERT_GetLocalityName
CERT_GetNameConstraintByType
CERT_GetNamesLength
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
CERT_GetOCSPAuthorityInfoAccessLocation
CERT_GetOCSPResponseStatus
CERT_GetOCSPStatusForCertID
CERT_GetOidString
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_GetPKIXVerifyNistRevocationPolicy
CERT_GetPrevGeneralName
CERT_GetPrevNameConstraint
CERT_GetSSLCACerts
CERT_GetSlopTime
CERT_GetStateName
CERT_GetStatusConfig
CERT_GetSubjectNameDigest
CERT_GetSubjectPublicKeyDigest
CERT_GetUsePKIXForValidation
CERT_GetValidDNSPatternsFromCert
CERT_GovtApprovedBitSet
CERT_Hexify
CERT_ImportCAChain
CERT_ImportCAChainTrusted
CERT_ImportCRL
CERT_ImportCerts
CERT_InhibitAnyTemplate
CERT_IsCACert
CERT_IsCADERCert
CERT_IsInList
CERT_IsNewer
CERT_IsRootDERCert
CERT_IsUserCert
CERT_IssuerAndSNTemplate
CERT_IssuerNameFromDERCert
CERT_KeyFromDERCert
CERT_KeyFromDERCrl
CERT_KeyFromIssuerAndSN
CERT_KeyUsageAndTypeForCertUsage
CERT_LockCertRefCount
CERT_LockCertTempPerm
CERT_LockCertTrust
CERT_MakeCANickname
CERT_MapStanError
CERT_MatchNickname
CERT_MatchUserCert
CERT_MaybeLockCertTempPerm
CERT_MaybeUnlockCertTempPerm
CERT_MergeExtensions
CERT_NameConstraintSubtreeSubTemplate
CERT_NameFromDERCert
CERT_NameTemplate
CERT_NameToAscii
CERT_NameToAsciiInvertible
CERT_NewCertList
CERT_NewGeneralName
CERT_NewTempCertificate
CERT_NicknameStringsFromCertList
CERT_NoticeReferenceTemplate
CERT_OCSPCacheSettings
CERT_OidSeqTemplate
CERT_OpenCertDBFilename
CERT_PKIXVerifyCert
CERT_ParseURL
CERT_PolicyConstraintsTemplate
CERT_PolicyInfoTemplate
CERT_PolicyMapTemplate
CERT_PolicyMappingsTemplate
CERT_PolicyQualifierTemplate
CERT_PostOCSPRequest
CERT_PublicKeyAndChallengeTemplate
CERT_RDNTemplate
CERT_RFC1485_EscapeAndQuote
CERT_RegisterAlternateOCSPAIAInfoCallBack
CERT_RemoveCertListNode
CERT_SaveSMimeProfile
CERT_SequenceOfCertExtensionTemplate
CERT_SerialNumberFromDERCert
CERT_SetCAPolicyStringCallback
CERT_SetDefaultCertDB
CERT_SetOCSPDefaultResponder
CERT_SetOCSPFailureMode
CERT_SetOCSPTimeout
CERT_SetOfAttributeTemplate
CERT_SetOfSignedCrlTemplate
CERT_SetSlopTime
CERT_SetStatusConfig
CERT_SetUsePKIXForValidation
CERT_SignedCrlTemplate
CERT_SignedDataTemplate
CERT_SortCBValidity
CERT_StartCRLEntryExtensions
CERT_StartCRLExtensions
CERT_StartCertExtensions
CERT_StartCertificateRequestAttributes
CERT_SubjectPublicKeyInfoTemplate
CERT_TimeChoiceTemplate
CERT_TrustFlagsForCACertUsage
CERT_UncacheCRL
CERT_UnlockCertRefCount
CERT_UnlockCertTempPerm
CERT_UnlockCertTrust
CERT_UserNoticeTemplate
CERT_ValidityTemplate
CERT_VerifyCACertForUsage
CERT_VerifyCert
CERT_VerifyCertChain
CERT_VerifyCertName
CERT_VerifyCertNow
CERT_VerifyCertificate
CERT_VerifyCertificateNow
CERT_VerifyOCSPResponseSignature
CERT_VerifySignedData
CERT_VerifySignedDataWithPublicKey
CERT_VerifySignedDataWithPublicKeyInfo
CRLCache_Empty_TokenFetch_Interval
CRLCache_ExistenceCheck_Interval
CRLCache_TokenRefetch_Interval
DER_AsciiToTime
DER_DecodeTimeChoice
DER_Encode
DER_EncodeTimeChoice
DER_GeneralizedDayToAscii
DER_GeneralizedTimeToTime
DER_GetInteger
DER_Lengths
DER_TimeChoiceDayToAscii
DER_TimeToGeneralizedTime
DER_TimeToGeneralizedTimeArena
DER_TimeToUTCTime
DER_UTCDayToAscii
DER_UTCTimeToAscii
DER_UTCTimeToTime
DPCache_Lookup
DSAU_ConvertSignedToFixedUnsigned
DSAU_ConvertUnsignedToSigned
DSAU_DecodeDerSig
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSig
DSAU_EncodeDerSigWithLen
DSA_SignatureTemplate
FindCertsEmailCallback
HASH_Begin
HASH_Clone
HASH_Create
HASH_Destroy
HASH_End
HASH_GetHMACOidTagByHashOidTag
HASH_GetHashObject
HASH_GetHashObjectByOidTag
HASH_GetHashOidTagByHMACOidTag
HASH_GetHashOidTagByHashType
HASH_GetHashTypeByOidTag
HASH_GetType
HASH_HashBuf
HASH_ResultLen
HASH_ResultLenByOidTag
HASH_ResultLenContext
HASH_Update
InitCRLCache
IssuerCache_Destroy
KEAPQGCompare
LDAPFilterTemplate
NSSAlgorithmAndParameters_CreateMD5Digest
NSSAlgorithmAndParameters_CreateSHA1Digest
NSSArena_Create
NSSArena_Destroy
NSSBase64Decoder_Create
NSSBase64Decoder_Destroy
NSSBase64Decoder_Update
NSSBase64Encoder_Create
NSSBase64Encoder_Destroy
NSSBase64Encoder_Update
NSSBase64_DecodeBuffer
NSSBase64_EncodeItem
NSSCertificateArray_Destroy
NSSCertificate_BuildChain
NSSCertificate_CreateCryptoContext
NSSCertificate_DeleteStoredObject
NSSCertificate_Destroy
NSSCertificate_Encode
NSSCertificate_Encrypt
NSSCertificate_FindPrivateKey
NSSCertificate_GetModule
NSSCertificate_GetPublicKey
NSSCertificate_GetSlot
NSSCertificate_GetToken
NSSCertificate_GetTrustDomain
NSSCertificate_IsPrivateKeyAvailable
NSSCertificate_Validate
NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
NSSCertificate_ValidateCompletely
NSSCertificate_Verify
NSSCertificate_VerifyRecover
NSSCertificate_WrapSymmetricKey
NSSCryptoContext_BeginDecrypt
NSSCryptoContext_BeginDigest
NSSCryptoContext_BeginEncrypt
NSSCryptoContext_BeginSign
NSSCryptoContext_BeginSignRecover
NSSCryptoContext_BeginVerify
NSSCryptoContext_BeginVerifyRecover
NSSCryptoContext_Clone
NSSCryptoContext_ContinueDecrypt
NSSCryptoContext_ContinueDigest
NSSCryptoContext_ContinueEncrypt
NSSCryptoContext_ContinueSign
NSSCryptoContext_ContinueSignRecover
NSSCryptoContext_ContinueVerify
NSSCryptoContext_ContinueVerifyRecover
NSSCryptoContext_Decrypt
NSSCryptoContext_DeriveSymmetricKey
NSSCryptoContext_Destroy
NSSCryptoContext_Digest
NSSCryptoContext_Encrypt
NSSCryptoContext_FindBestCertificateByEmail
NSSCryptoContext_FindBestCertificateByNameComponents
NSSCryptoContext_FindBestCertificateByNickname
NSSCryptoContext_FindBestCertificateBySubject
NSSCryptoContext_FindBestUserCertificate
NSSCryptoContext_FindBestUserCertificateForEmailSigning
NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
NSSCryptoContext_FindCertificateByEncodedCertificate
NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
NSSCryptoContext_FindCertificateByOCSPHash
NSSCryptoContext_FindCertificatesByEmail
NSSCryptoContext_FindCertificatesByNameComponents
NSSCryptoContext_FindCertificatesByNickname
NSSCryptoContext_FindCertificatesBySubject
NSSCryptoContext_FindOrImportCertificate
NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
NSSCryptoContext_FindUserCertificates
NSSCryptoContext_FindUserCertificatesForEmailSigning
NSSCryptoContext_FindUserCertificatesForSSLClientAuth
NSSCryptoContext_FinishDecrypt
NSSCryptoContext_FinishDigest
NSSCryptoContext_FinishEncrypt
NSSCryptoContext_FinishSign
NSSCryptoContext_FinishSignRecover
NSSCryptoContext_FinishVerify
NSSCryptoContext_FinishVerifyRecover
NSSCryptoContext_GenerateKeyPair
NSSCryptoContext_GenerateSymmetricKey
NSSCryptoContext_GenerateSymmetricKeyFromPassword
NSSCryptoContext_GetDefaultCallback
NSSCryptoContext_GetTrustDomain
NSSCryptoContext_ImportEncodedCertificate
NSSCryptoContext_ImportEncodedPKIXCertificateChain
NSSCryptoContext_ImportPKIXCertificate
NSSCryptoContext_SetDefaultCallback
NSSCryptoContext_Sign
NSSCryptoContext_SignRecover
NSSCryptoContext_UnwrapSymmetricKey
NSSCryptoContext_Verify
NSSCryptoContext_VerifyRecover
NSSCryptoContext_WrapSymmetricKey
NSSDBGC_CancelFunction
NSSDBGC_CloseAllSessions
NSSDBGC_CloseSession
NSSDBGC_CopyObject
NSSDBGC_CreateObject

Sections

.text
Size: 984KB - Virtual size: 983KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/nssutil3.dll
.dll windows:4 windows x64

6a52ba72f2bcf6bce1284a389d23b158

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
DeleteFileW
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MoveFileW
MultiByteToWideChar
SetEnvironmentVariableA
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_fdopen
_initterm
_lock
_unlock
_waccess
_wfopen
_wopen
_wstat64
abort
atoi
calloc
fclose
feof
fgets
fputc
fputs
free
fwrite
isalnum
isalpha
isspace
localeconv
malloc
memcmp
memcpy
memmove
memset
realloc
strcat
strchr
strcmp
strcpy
strerror
strlen
strncat
strncmp
strncpy
strrchr
strstr
tolower
toupper
vfprintf
wcslen

libnspr4

PR_CallOnce
PR_Calloc
PR_DestroyCondVar
PR_DestroyLock
PR_ErrorInstallTable
PR_ExplodeTime
PR_FormatTime
PR_Free
PR_GMTParameters
PR_GetCurrentThread
PR_GetDirectorySeparator
PR_GetEnvSecure
PR_GetError
PR_GetLibraryFilePathname
PR_ImplodeTime
PR_LoadLibraryWithFlags
PR_LocalTimeParameters
PR_Lock
PR_Malloc
PR_NewCondVar
PR_NewLock
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Realloc
PR_SetError
PR_Unlock
PR_WaitCondVar
PR_smprintf
PR_smprintf_free
PR_snprintf

libplc4

PL_strcasecmp
PL_strlen
PL_strncasecmp
PL_strpbrk

libplds4

PL_ArenaAllocate
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableLookup
PL_HashTableLookupConst
PL_InitArenaPool
PL_NewHashTable

Exports

Exports

ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
CERT_GenTime2FormattedAscii_Util
CERT_UTCTime2FormattedAscii
DER_AsciiToTime_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedDayToAscii_Util
DER_GeneralizedTimeToTime_Util
DER_GetInteger_Util
DER_GetUInteger
DER_LengthLength
DER_Lengths_Util
DER_SetInteger
DER_SetUInteger
DER_StoreHeader
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToUTCTimeArena
DER_TimeToUTCTime_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
NSSBase64Decoder_Create_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_Destroy_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_New_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSSUTIL_AddNSSFlagToModuleSpec
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgFindEnd
NSSUTIL_ArgGetLabel
NSSUTIL_ArgGetPair
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgIsEscape
NSSUTIL_ArgIsQuote
NSSUTIL_ArgNextFlag
NSSUTIL_ArgParseCipherFlags
NSSUTIL_ArgParseModuleSpec
NSSUTIL_ArgParseModuleSpecEx
NSSUTIL_ArgParseSlotFlags
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgReadLong
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSSUTIL_DoubleEscape
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_GetVersion
NSSUTIL_MkModuleSpec
NSSUTIL_MkModuleSpecEx
NSSUTIL_MkNSSString
NSSUTIL_MkSlotString
NSSUTIL_Quote
NSSUTIL_QuoteSize
NSS_GetAlgorithmPolicy
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_BooleanTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PointerToOctetStringTemplate_Util
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_SetOfAnyTemplate_Util
NSS_Get_SEC_SkipTemplate
NSS_Get_SEC_T61StringTemplate
NSS_Get_SEC_UTCTimeTemplate_Util
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_Get_sgn_DigestInfoTemplate_Util
NSS_InitializePRErrorTable
NSS_IsPolicyLocked
NSS_LockPolicy
NSS_PutEnv_Util
NSS_SecureMemcmp
NSS_SecureMemcmpZero
NSS_SetAlgorithmPolicy
PK11URI_CreateURI
PK11URI_DestroyURI
PK11URI_FormatURI
PK11URI_GetPathAttribute
PK11URI_GetPathAttributeItem
PK11URI_GetQueryAttribute
PK11URI_GetQueryAttributeItem
PK11URI_ParseURI
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaZAlloc_Util
PORT_ArenaZRelease
PORT_DestroyCheapArena
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_ISO88591_UTF8Conversion
PORT_InitCheapArena
PORT_LoadLibraryFromOrigin
PORT_NewArena_Util
PORT_Realloc_Util
PORT_RegExpCaseSearch
PORT_RegExpSearch
PORT_RegExpValid
PORT_SetError_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_Strdup_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_UCS4_UTF8Conversion
PORT_ZAllocAlignedOffset_Util
PORT_ZAllocAligned_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocArray
SECITEM_AllocItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupArray
SECITEM_DupItem_Util
SECITEM_FreeArray
SECITEM_FreeItem_Util
SECITEM_Hash
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_MakeItem
SECITEM_ReallocItem
SECITEM_ReallocItemV2
SECITEM_ZfreeArray
SECITEM_ZfreeItem_Util
SECOID_AddEntry_Util
SECOID_AlgorithmIDTemplate_Util
SECOID_CompareAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDByTag_Util
SECOID_FindOIDTagDescription_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_KnownCertExtenOID
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeInteger_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderSetMaximumElementSize
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeLength
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1GetSubtemplate
SEC_ASN1IsTemplateSimple
SEC_ASN1LengthLength_Util
SEC_AnyTemplate_Util
SEC_BMPStringTemplate_Util
SEC_BitStringTemplate_Util
SEC_BooleanTemplate_Util
SEC_EnumeratedTemplate
SEC_GeneralizedTimeTemplate_Util
SEC_IA5StringTemplate_Util
SEC_IntegerTemplate_Util
SEC_NullTemplate_Util
SEC_ObjectIDTemplate_Util
SEC_OctetStringTemplate_Util
SEC_PointerToAnyTemplate_Util
SEC_PointerToEnumeratedTemplate
SEC_PointerToGeneralizedTimeTemplate
SEC_PointerToOctetStringTemplate_Util
SEC_PrintableStringTemplate
SEC_QuickDERDecodeItem_Util
SEC_SequenceOfAnyTemplate
SEC_SequenceOfObjectIDTemplate
SEC_SetOfAnyTemplate_Util
SEC_SetOfEnumeratedTemplate
SEC_SkipTemplate
SEC_StringToOID
SEC_T61StringTemplate
SEC_UTCTimeTemplate_Util
SEC_UTF8StringTemplate_Util
SEC_UniversalStringTemplate
SEC_VisibleStringTemplate
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CreateDigestInfo_Util
SGN_DecodeDigestInfo
SGN_DestroyDigestInfo_Util
SGN_EncodeDigestInfo
UTIL_SetForkState
_NSSUTIL_Access
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_GetSecmodName
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo
__nss_util_version
lfopen
sec_asn1d_uinteger
sec_port_iso88591_utf8_conversion_function
sec_port_ucs2_utf8_conversion_function
sec_port_ucs4_utf8_conversion_function
sgn_DigestInfoTemplate_Util
ucs2AsciiConvertFunc
ucs2Utf8ConvertFunc
ucs4Utf8ConvertFunc

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/pcap.dll
.dll windows:4 windows x64

666032bacd8bd8b1cecac16502732e2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetLastError
GetModuleHandleW
GetProcAddress
GetSystemDirectoryA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_fileno
_fdopen
_initterm
_lock
_open_osfhandle
_setjmp
_setmode
_strdup
_strtoi64
_strtoui64
_unlock
_vscprintf
_vsnprintf
_vsnprintf_s
abort
atoi
calloc
clearerr
exit
fclose
feof
ferror
fflush
fopen
fputc
fread
free
fseek
ftell
fwrite
getc
islower
isspace
isxdigit
localeconv
longjmp
malloc
memcpy
memset
puts
realloc
rewind
setvbuf
sprintf
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strncpy_s
strtol
strtoul
tolower
ungetc
vfprintf
wcslen

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
freeaddrinfo
gethostbyaddr
gethostbyname
getprotobyname
getservbyname
getservbyport
htonl
htons
inet_addr
inet_ntoa
ntohl
ntohs

Exports

Exports

bpf_dump
bpf_filter
bpf_image
bpf_validate
eproto_db
pcap_activate
pcap_breakloop
pcap_bufsize
pcap_can_set_rfmon
pcap_close
pcap_compile
pcap_compile_nopcap
pcap_create
pcap_datalink
pcap_datalink_ext
pcap_datalink_name_to_val
pcap_datalink_val_to_description
pcap_datalink_val_to_description_or_dlt
pcap_datalink_val_to_name
pcap_dispatch
pcap_dump
pcap_dump_close
pcap_dump_file
pcap_dump_flush
pcap_dump_ftell
pcap_dump_ftell64
pcap_dump_hopen
pcap_dump_open
pcap_dump_open_append
pcap_ether_aton
pcap_ether_hostton
pcap_file
pcap_fileno
pcap_findalldevs
pcap_free_datalinks
pcap_free_tstamp_types
pcap_freealldevs
pcap_freecode
pcap_get_airpcap_handle
pcap_get_tstamp_precision
pcap_geterr
pcap_getevent
pcap_getnonblock
pcap_hopen_offline
pcap_hopen_offline_with_tstamp_precision
pcap_inject
pcap_is_swapped
pcap_lib_version
pcap_list_datalinks
pcap_list_tstamp_types
pcap_live_dump
pcap_live_dump_ended
pcap_lookupdev
pcap_lookupnet
pcap_loop
pcap_major_version
pcap_minor_version
pcap_nametoaddr
pcap_nametoaddrinfo
pcap_nametoeproto
pcap_nametollc
pcap_nametonetaddr
pcap_nametoport
pcap_nametoportrange
pcap_nametoproto
pcap_next
pcap_next_etherent
pcap_next_ex
pcap_offline_filter
pcap_oid_get_request
pcap_oid_set_request
pcap_open_dead
pcap_open_dead_with_tstamp_precision
pcap_open_live
pcap_open_offline
pcap_open_offline_with_tstamp_precision
pcap_perror
pcap_sendpacket
pcap_sendqueue_alloc
pcap_sendqueue_destroy
pcap_sendqueue_queue
pcap_sendqueue_transmit
pcap_set_buffer_size
pcap_set_datalink
pcap_set_immediate_mode
pcap_set_promisc
pcap_set_rfmon
pcap_set_snaplen
pcap_set_timeout
pcap_set_tstamp_precision
pcap_set_tstamp_type
pcap_setbuff
pcap_setdirection
pcap_setfilter
pcap_setmintocopy
pcap_setmode
pcap_setnonblock
pcap_setuserbuffer
pcap_snapshot
pcap_stats
pcap_stats_ex
pcap_statustostr
pcap_strerror
pcap_tstamp_type_name_to_val
pcap_tstamp_type_val_to_description
pcap_tstamp_type_val_to_name
pcap_version
pcap_wsockinit

Sections

.text
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/softokn3.dll
.dll windows:4 windows x64

fb6659173402713109cbbc71bd7e29b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

nssutil3

DER_Encode_Util
DER_GetInteger_Util
DER_SetUInteger
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_SecureMemcmp
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_Realloc_Util
PORT_SetError_Util
PORT_Strdup_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECITEM_FreeItem_Util
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_ZfreeItem_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeItem_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_QuickDERDecodeItem_Util
SGN_CreateDigestInfo_Util
SGN_DestroyDigestInfo_Util
UTIL_SetForkState
_NSSUTIL_Access
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetTempPathA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_unlock
_wchmod
abort
atoi
calloc
fputc
free
fwrite
getenv
islower
isupper
localeconv
malloc
memcmp
memcpy
memset
qsort
realloc
strcmp
strcpy
strerror
strlen
strncmp
strrchr
strtoul
vfprintf
wcslen

libnspr4

PR_Access
PR_CallOnce
PR_DestroyLock
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_FindFunctionSymbol
PR_Free
PR_GetCurrentThread
PR_GetDirectorySeparator
PR_GetEnv
PR_GetEnvSecure
PR_GetLibraryFilePathname
PR_IntervalNow
PR_LoadLibraryWithFlags
PR_Lock
PR_MillisecondsToInterval
PR_NewLock
PR_NewMonitor
PR_Now
PR_SecondsToInterval
PR_Sleep
PR_UnloadLibrary
PR_Unlock
PR_smprintf
PR_smprintf_free
PR_snprintf

libplc4

PL_strcasecmp
PL_strncasecmp

libplds4

PL_CompareValues
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRemove
PL_NewHashTable

libsqlite3-0

sqlite3_bind_blob
sqlite3_bind_int
sqlite3_bind_text
sqlite3_busy_timeout
sqlite3_close
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_int
sqlite3_column_text
sqlite3_exec
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_mprintf
sqlite3_open_v2
sqlite3_prepare_v2
sqlite3_reset
sqlite3_step

Exports

Exports

AESKeyWrap_AllocateContext
AESKeyWrap_CreateContext
AESKeyWrap_Decrypt
AESKeyWrap_DecryptKWP
AESKeyWrap_DestroyContext
AESKeyWrap_Encrypt
AESKeyWrap_EncryptKWP
AESKeyWrap_InitContext
AES_AEAD
AES_AllocateContext
AES_CreateContext
AES_Decrypt
AES_DestroyContext
AES_Encrypt
AES_InitContext
AddToList
BLAKE2B_Begin
BLAKE2B_DestroyContext
BLAKE2B_End
BLAKE2B_Flatten
BLAKE2B_FlattenSize
BLAKE2B_Hash
BLAKE2B_HashBuf
BLAKE2B_MAC_Begin
BLAKE2B_MAC_HashBuf
BLAKE2B_NewContext
BLAKE2B_Resurrect
BLAKE2B_Update
BLAPI_SHVerify
BLAPI_SHVerifyFile
BLAPI_VerifySelf
BL_Cleanup
BL_Init
BL_SetForkState
BL_Unload
CBC_PadBuffer
CMAC_Begin
CMAC_Create
CMAC_Destroy
CMAC_Finish
CMAC_Init
CMAC_Update
C_GetFunctionList
C_GetInterface
C_GetInterfaceList
Camellia_AllocateContext
Camellia_CreateContext
Camellia_Decrypt
Camellia_DestroyContext
Camellia_Encrypt
Camellia_InitContext
ChaCha20Poly1305_CreateContext
ChaCha20Poly1305_Decrypt
ChaCha20Poly1305_DestroyContext
ChaCha20Poly1305_Encrypt
ChaCha20Poly1305_InitContext
ChaCha20Poly1305_Open
ChaCha20Poly1305_Seal
ChaCha20_CreateContext
ChaCha20_DestroyContext
ChaCha20_InitContext
ChaCha20_Xor
DES_AllocateContext
DES_CreateContext
DES_Decrypt
DES_DestroyContext
DES_Encrypt
DES_InitContext
DH_Derive
DH_GenParam
DH_NewKey
DSA_NewKey
DSA_NewKeyFromSeed
DSA_NewRandom
DSA_SignDigest
DSA_SignDigestWithSeed
DSA_VerifyDigest
ECDH_Derive
ECDSA_SignDigest
ECDSA_SignDigestWithSeed
ECDSA_VerifyDigest
EC_CopyParams
EC_DecodeParams
EC_FillParams
EC_GetPointSize
EC_NewKey
EC_NewKeyFromSeed
EC_ValidatePublicKey
FC_CancelFunction
FC_CloseAllSessions
FC_CloseSession
FC_CopyObject
FC_CreateObject
FC_Decrypt
FC_DecryptDigestUpdate
FC_DecryptFinal
FC_DecryptInit
FC_DecryptMessage
FC_DecryptMessageBegin
FC_DecryptMessageNext
FC_DecryptUpdate
FC_DecryptVerifyUpdate
FC_DeriveKey
FC_DestroyObject
FC_Digest
FC_DigestEncryptUpdate
FC_DigestFinal
FC_DigestInit
FC_DigestKey
FC_DigestUpdate
FC_Encrypt
FC_EncryptFinal
FC_EncryptInit
FC_EncryptMessage
FC_EncryptMessageBegin
FC_EncryptMessageNext
FC_EncryptUpdate
FC_Finalize
FC_FindObjects
FC_FindObjectsFinal
FC_FindObjectsInit
FC_GenerateKey
FC_GenerateKeyPair
FC_GenerateRandom
FC_GetAttributeValue
FC_GetFunctionList
FC_GetFunctionStatus
FC_GetInfo
FC_GetInfoV2
FC_GetInterface
FC_GetInterfaceList
FC_GetMechanismInfo
FC_GetMechanismInfoV2
FC_GetMechanismList
FC_GetObjectSize
FC_GetOperationState
FC_GetSessionInfo
FC_GetSlotInfo
FC_GetSlotList
FC_GetTokenInfo
FC_InitPIN
FC_InitToken
FC_Initialize
FC_Login
FC_LoginUser
FC_Logout
FC_MessageDecryptFinal
FC_MessageDecryptInit
FC_MessageEncryptFinal
FC_MessageEncryptInit
FC_MessageSignFinal
FC_MessageSignInit
FC_MessageVerifyFinal
FC_MessageVerifyInit
FC_OpenSession
FC_SeedRandom
FC_SessionCancel
FC_SetAttributeValue
FC_SetOperationState
FC_SetPIN
FC_Sign
FC_SignEncryptUpdate
FC_SignFinal
FC_SignInit
FC_SignMessage
FC_SignMessageBegin
FC_SignMessageNext
FC_SignRecover
FC_SignRecoverInit
FC_SignUpdate
FC_UnwrapKey
FC_Verify
FC_VerifyFinal
FC_VerifyInit
FC_VerifyMessage
FC_VerifyMessageBegin
FC_VerifyMessageNext
FC_VerifyRecover
FC_VerifyRecoverInit
FC_VerifyUpdate
FC_WaitForSlotEvent
FC_WrapKey
FIPS186Change_GenerateX
FIPS186Change_ReduceModQForDSA
HASH_FromHMACOid
HASH_GetRawHashObject
HASH_HMACOidFromHash
HMAC_Begin
HMAC_Clone
HMAC_ConstantTime
HMAC_Create
HMAC_Destroy
HMAC_Finish
HMAC_Init
HMAC_Update
JPAKE_Final
JPAKE_Round2
JPAKE_Sign
JPAKE_Verify
KEA_Derive
KEA_PrimeCheck
KEA_Verify
MD2_Begin
MD2_Clone
MD2_DestroyContext
MD2_End
MD2_Flatten
MD2_FlattenSize
MD2_Hash
MD2_NewContext
MD2_Resurrect
MD2_Update
MD5_Begin
MD5_Clone
MD5_DestroyContext
MD5_End
MD5_Flatten
MD5_FlattenSize
MD5_Hash
MD5_HashBuf
MD5_NewContext
MD5_Resurrect
MD5_TraceState
MD5_Update
NSC_CancelFunction
NSC_CloseAllSessions
NSC_CloseSession
NSC_CopyObject
NSC_CreateObject
NSC_Decrypt
NSC_DecryptDigestUpdate
NSC_DecryptFinal
NSC_DecryptInit
NSC_DecryptMessage
NSC_DecryptMessageBegin
NSC_DecryptMessageNext
NSC_DecryptUpdate
NSC_DecryptVerifyUpdate
NSC_DeriveKey
NSC_DestroyObject
NSC_Digest
NSC_DigestEncryptUpdate
NSC_DigestFinal
NSC_DigestInit
NSC_DigestKey
NSC_DigestUpdate
NSC_Encrypt
NSC_EncryptFinal
NSC_EncryptInit
NSC_EncryptMessage
NSC_EncryptMessageBegin
NSC_EncryptMessageNext
NSC_EncryptUpdate
NSC_Finalize
NSC_FindObjects
NSC_FindObjectsFinal
NSC_FindObjectsInit
NSC_GenerateKey
NSC_GenerateKeyPair
NSC_GenerateRandom
NSC_GetAttributeValue
NSC_GetFunctionList
NSC_GetFunctionStatus
NSC_GetInfo
NSC_GetInfoV2
NSC_GetInterface
NSC_GetInterfaceList
NSC_GetMechanismInfo
NSC_GetMechanismInfoV2
NSC_GetMechanismList
NSC_GetObjectSize
NSC_GetOperationState
NSC_GetSessionInfo
NSC_GetSlotInfo
NSC_GetSlotList
NSC_GetTokenInfo
NSC_InitPIN
NSC_InitToken
NSC_Initialize
NSC_Login
NSC_LoginUser
NSC_Logout
NSC_MessageDecryptFinal
NSC_MessageDecryptInit
NSC_MessageEncryptFinal
NSC_MessageEncryptInit
NSC_MessageSignFinal
NSC_MessageSignInit
NSC_MessageVerifyFinal
NSC_MessageVerifyInit
NSC_ModuleDBFunc
NSC_OpenSession
NSC_SeedRandom
NSC_SessionCancel
NSC_SetAttributeValue
NSC_SetOperationState
NSC_SetPIN
NSC_Sign
NSC_SignEncryptUpdate
NSC_SignFinal
NSC_SignInit
NSC_SignMessage
NSC_SignMessageBegin
NSC_SignMessageNext
NSC_SignRecover
NSC_SignRecoverInit
NSC_SignUpdate
NSC_UnwrapKey
NSC_Verify
NSC_VerifyFinal
NSC_VerifyInit
NSC_VerifyMessage
NSC_VerifyMessageBegin
NSC_VerifyMessageNext
NSC_VerifyRecover
NSC_VerifyRecoverInit
NSC_VerifyUpdate
NSC_WaitForSlotEvent
NSC_WrapKey
PQG_DestroyParams
PQG_DestroyVerify
PQG_ParamGen
PQG_ParamGenSeedLen
PQG_ParamGenV2
PQG_VerifyParams
PRNGTEST_Generate
PRNGTEST_Instantiate
PRNGTEST_Reseed
PRNGTEST_RunHealthTests
PRNGTEST_Uninstantiate
RC2_AllocateContext
RC2_CreateContext
RC2_Decrypt
RC2_DestroyContext
RC2_Encrypt
RC2_InitContext
RC4_AllocateContext
RC4_CreateContext
RC4_Decrypt
RC4_DestroyContext
RC4_Encrypt
RC4_InitContext
RC5_CreateContext
RC5_Decrypt
RC5_DestroyContext
RC5_Encrypt
RNG_GenerateGlobalRandomBytes
RNG_RNGInit
RNG_RNGShutdown
RNG_RandomUpdate
RNG_SystemInfoForRNG
RSA_CheckSign
RSA_CheckSignPSS
RSA_CheckSignRaw
RSA_CheckSignRecover
RSA_CheckSignRecoverRaw
RSA_DecryptBlock
RSA_DecryptOAEP
RSA_DecryptRaw
RSA_EncryptBlock
RSA_EncryptOAEP
RSA_EncryptRaw
RSA_HashCheckSign
RSA_HashSign
RSA_NewKey
RSA_PopulatePrivateKey
RSA_PrivateKeyCheck
RSA_PrivateKeyOp
RSA_PrivateKeyOpDoubleChecked
RSA_PublicKeyOp
RSA_Sign
RSA_SignPSS
RSA_SignRaw
SEED_CreateContext
SEED_Decrypt
SEED_DestroyContext
SEED_Encrypt
SEED_InitContext
SFTK_ClearTokenKeyHashTable
SFTK_DestroySlotData
SFTK_ShutdownSlot
SFTK_SlotInit
SFTK_SlotReInit
SHA1_Begin
SHA1_Clone
SHA1_DestroyContext
SHA1_End
SHA1_Flatten
SHA1_FlattenSize
SHA1_Hash
SHA1_HashBuf
SHA1_NewContext
SHA1_Resurrect
SHA1_TraceState
SHA1_Update
SHA224_Begin
SHA224_Clone
SHA224_DestroyContext
SHA224_End
SHA224_Flatten
SHA224_FlattenSize
SHA224_Hash
SHA224_HashBuf
SHA224_NewContext
SHA224_Resurrect
SHA224_TraceState
SHA224_Update
SHA256_Begin
SHA256_Clone
SHA256_DestroyContext
SHA256_End
SHA256_Flatten
SHA256_FlattenSize
SHA256_Hash
SHA256_HashBuf
SHA256_NewContext
SHA256_Resurrect
SHA256_TraceState
SHA256_Update
SHA384_Begin
SHA384_Clone
SHA384_DestroyContext
SHA384_End
SHA384_Flatten
SHA384_FlattenSize
SHA384_Hash
SHA384_HashBuf
SHA384_NewContext
SHA384_Resurrect
SHA384_TraceState
SHA384_Update
SHA512_Begin
SHA512_Clone
SHA512_DestroyContext
SHA512_End
SHA512_Flatten
SHA512_FlattenSize
SHA512_Hash
SHA512_HashBuf
SHA512_NewContext
SHA512_Resurrect
SHA512_TraceState
SHA512_Update
SQLITE_EXPLICIT_NULL
SSLv3_MAC_ConstantTime
TLS_PRF
TLS_P_hash
__nss_softokn_version
fc_getAttribute
fc_log_init_error
jpake_Final
jpake_Round1
jpake_Round2
kbkdf_CreateKey
kbkdf_Dispatch
kbkdf_FinalizeKey
kbkdf_GetDerivedKeySize
kbkdf_IncrementBuffer
kbkdf_SaveKey
kbkdf_SaveKeys
nsc_CommonFinalize
nsc_CommonGetSlotList
nsc_CommonInitialize
nsc_SetupHMACKeyGen
nsc_init
nsf_init
nsslowkey_AttributeTemplate
nsslowkey_ConvertToPublicKey
nsslowkey_CopyPrivateKey
nsslowkey_DHPrivateKeyTemplate
nsslowkey_DSAPrivateKeyExportTemplate
nsslowkey_DSAPrivateKeyTemplate
nsslowkey_DestroyPrivateKey
nsslowkey_DestroyPublicKey
nsslowkey_ECPrivateKeyTemplate
nsslowkey_PQGParamsTemplate
nsslowkey_PrivateKeyInfoTemplate
nsslowkey_PrivateModulusLen
nsslowkey_PublicModulusLen
nsslowkey_RSAPrivateKeyTemplate
nsslowkey_RSAPublicKeyTemplate
nsslowkey_SetOfAttributeTemplate
nsslowkey_SubjectPublicKeyInfoTemplate
nsspkcs5_AlgidToParam
nsspkcs5_CipherData
nsspkcs5_ComputeKeyAndIV
nsspkcs5_CreateAlgorithmID
nsspkcs5_DestroyPBEParameter
nsspkcs5_HashBuf
nsspkcs5_NewParam
parentForkedAfterC_Initialize
prepare_low_dh_priv_key_for_asn1
prepare_low_dsa_priv_key_export_for_asn1
prepare_low_dsa_priv_key_for_asn1
prepare_low_ec_priv_key_for_asn1
prepare_low_ecparams_for_asn1
prepare_low_pqg_params_for_asn1
prepare_low_rsa_priv_key_for_asn1
prepare_low_rsa_pub_key_for_asn1
s_open

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/zlib1.dll
.dll windows:4 windows x64

0362b276bf74944aaf0d04f3240210cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_initterm
_lock
_lseeki64
_open
_read
_unlock
_wopen
_write
abort
calloc
fputc
free
fwrite
localeconv
malloc
memchr
memcpy
memmove
memset
realloc
strerror
strlen
strncmp
vfprintf
wcslen
wcstombs

Exports

Exports

_dist_code
_length_code
_tr_align
_tr_flush_bits
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
adler32_combine64
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
crc32_combine_gen
crc32_combine_gen64
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
get_crc_table
gz_error
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
inflate_copyright
inflate_fast
inflate_table
uncompress
uncompress2
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/etc/suricata/classification.config
brimcap/suricata/etc/suricata/reference.config
brimcap/suricata/etc/suricata/suricata.yaml
brimcap/suricata/etc/suricata/threshold.config
brimcap/suricata/share/suricata/classification.config
brimcap/suricata/share/suricata/reference.config
brimcap/suricata/share/suricata/rules/app-layer-events.rules
brimcap/suricata/share/suricata/rules/decoder-events.rules
brimcap/suricata/share/suricata/rules/dhcp-events.rules
brimcap/suricata/share/suricata/rules/dnp3-events.rules
brimcap/suricata/share/suricata/rules/dns-events.rules
brimcap/suricata/share/suricata/rules/files.rules
brimcap/suricata/share/suricata/rules/http-events.rules
brimcap/suricata/share/suricata/rules/ipsec-events.rules
brimcap/suricata/share/suricata/rules/kerberos-events.rules
brimcap/suricata/share/suricata/rules/modbus-events.rules
brimcap/suricata/share/suricata/rules/nfs-events.rules
brimcap/suricata/share/suricata/rules/ntp-events.rules
brimcap/suricata/share/suricata/rules/smb-events.rules
brimcap/suricata/share/suricata/rules/smtp-events.rules
brimcap/suricata/share/suricata/rules/stream-events.rules
brimcap/suricata/share/suricata/rules/tls-events.rules
brimcap/suricata/suricatarunner.exe
.exe windows:6 windows x64

960ef4de68dcace43ad03634f7e490cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
QueryFullProcessImageNameA
ProcessIdToSessionId
PostQueuedCompletionStatus
OpenProcess
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatus
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 781KB - Virtual size: 781KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 932KB - Virtual size: 931KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 281B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 70B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/suricataupdater.exe
.exe windows:6 windows x64

960ef4de68dcace43ad03634f7e490cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
QueryFullProcessImageNameA
ProcessIdToSessionId
PostQueuedCompletionStatus
OpenProcess
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatus
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 775KB - Virtual size: 775KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 925KB - Virtual size: 925KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 281B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 70B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/var/lib/suricata/rules/suricata.rules
brimcap/suricata/var/lib/suricata/update/cache/70d9eddbf429eafe2b741e615a00a74a-emerging.rules.tar.gz
.gz
brimcap/zeek/bin/zeek.exe
.exe windows:4 windows x64

b7b2d607e38ca32a1fb3f7f946d69801

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
RegisterEventSourceW
ReportEventW

iphlpapi

GetAdaptersAddresses

kernel32

AddVectoredExceptionHandler
AreFileApisANSI
CancelWaitableTimer
CloseHandle
ConvertFiberToThread
ConvertThreadToFiber
CreateEventA
CreateFiber
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateHardLinkA
CreateHardLinkW
CreateIoCompletionPort
CreateMutexW
CreateSemaphoreA
CreateWaitableTimerA
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeleteFileW
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
FindClose
FindFirstFileW
FindFirstVolumeW
FindNextFileW
FindNextVolumeW
FindVolumeClose
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeLibrary
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetEnvironmentVariableW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileType
GetFullPathNameA
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleFileNameA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessTimes
GetQueuedCompletionStatus
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTime
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
GetTickCount64
GetTimeZoneInformation
GetVersion
GetVersionExA
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointA
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleA
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetConsoleMode
SetConsoleTextAttribute
SetEndOfFile
SetEvent
SetFilePointer
SetLastError
SetPriorityClass
SetProcessAffinityMask
SetSystemTime
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
SwitchToFiber
SystemTimeToFileTime
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnlockFile
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__argv
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_access
_acmdln
_amsg_exit
_assert
_beginthreadex
_cexit
_close
_close
_commode
_chdir
_difftime64
_dup
_dup2
_endthreadex
_errno
_execv
_execl
_exit
_fdopen
_fdopen
_filelengthi64
_fileno
_findclose
_fileno
_findfirst64
_findnext64
_fmode
_fstat64
_fullpath
_get_osfhandle
_getcwd
_getpid
_gmtime64
_initterm
_isatty
_isatty
_localtime64
_lock
_lseeki64
_lseek
_mkdir
_mkgmtime64
_mktime64
_onexit
_open
_open_osfhandle
_pclose
_popen
_putenv_s
_read
_rmdir
_setjmp
_setmode
_snprintf
_sopen
_stat64
_strdup
_strdup
_stricmp
_strnicmp
_telli64
_time64
_ultoa
_unlink
_unlock
_umask
_vscprintf
_vsnprintf
_vsnwprintf
_wchdir
_wchmod
_wfindfirst64
_wfindnext64
_wfopen
_wfullpath
_wgetcwd
_wmkdir
_wopen
_wrename
_write
_wstat64
_wutime64
abort
asin
atof
atoi
atol
calloc
clearerr
div
exit
fclose
feof
ferror
fflush
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
fsetpos
ftell
fwrite
getc
getenv
getwc
isalnum
isalpha
iscntrl
isgraph
islower
isprint
ispunct
isspace
isupper
iswctype
isxdigit
ldiv
localeconv
log10
longjmp
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
perror
printf
putc
putwc
qsort
raise
rand
realloc
rename
rewind
setlocale
setvbuf
signal
sprintf
srand
strcat
strchr
strcmp
strcoll
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strncpy_s
strpbrk
strrchr
strspn
strstr
strtol
strtoul
strxfrm
system
tolower
toupper
towlower
towupper
ungetc
ungetwc
vfprintf
wcscat
wcscmp
wcscoll
wcscpy
wcsftime
wcslen
wcsstr
wcstombs
wcsxfrm

psapi

GetProcessMemoryInfo

shlwapi

PathMatchSpecA

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW

ws2_32

WSACleanup
WSACloseEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAIoctl
WSAPoll
WSASetLastError
WSASocketA
WSASocketW
WSAStartup
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyaddr
gethostbyname
gethostname
getnameinfo
getpeername
getprotobyname
getservbyname
getservbyport
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_cbc_encrypt
AES_decrypt
AES_encrypt
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_new
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_sockaddr
BIO_ADDRINFO_sockaddr_size
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_make
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_ADDR_sockaddr
BIO_ADDR_sockaddr_noconst
BIO_ADDR_sockaddr_size
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_pending
BIO_ctrl_wpending
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_zlib
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_shutdown
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_number_read
BIO_number_written
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BIO_write_ex
BLAKE2b_Final
BLAKE2b_Init
BLAKE2b_Update
BLAKE2s_Final
BLAKE2s_Init
BLAKE2s_Update
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_is_current_thread
BN_BLINDING_lock
BN_BLINDING_new
BN_BLINDING_set_current_thread
BN_BLINDING_set_flags
BN_BLINDING_unlock
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_new
BN_CTX_secure_new
BN_CTX_start
BN_GENCB_call
BN_GENCB_free
BN_GENCB_get_arg
BN_GENCB_new
BN_GENCB_set
BN_GENCB_set_old
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_abs_is_word
BN_add
BN_add_word
BN_asc2bn
BN_bin2bn
BN_bn2bin
BN_bn2binpad
BN_bn2dec
BN_bn2hex
BN_bn2lebinpad
BN_bntest_rand
BN_clear

Sections

.text
Size: 11.8MB - Virtual size: 11.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 503KB - Virtual size: 502KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 908KB - Virtual size: 908KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 119KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/COPYING
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/README
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/VERSION
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/__bro_plugin__
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/lib/Corelight-CommunityID.windows-x86_64.dll
.dll windows:4 windows x64

ede6635667bd794851dd7f40f08481f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount64
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_beginthreadex
_close
_endthreadex
_errno
_initterm
_lock
_read
_setjmp
_strdup
_ultoa
_unlock
_write
abort
calloc
exit
fprintf
fputc
fputs
free
fwrite
localeconv
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
realloc
signal
strcmp
strerror
strlen
strncmp
vfprintf
wcslen

ws2_32

htons
ntohs

zeek.exe

_Unwind_Resume
_Z10hash_finalP13evp_md_ctx_stPh
_Z11hash_updateP13evp_md_ctx_stPKvm
_Z13builtin_errorPKc
_Z13builtin_errorPKcPN4zeek3ObjE
_Z9hash_init13HashAlgorithm
_ZN12BifReturnValC1EDn
_ZN12BifReturnValC1EPN4zeek3ValE
_ZN15Base64Converter6EncodeEiPKhPiPPc
_ZN15Base64ConverterC1EP10ConnectionRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN15Base64ConverterD1Ev
_ZN4zeek3Val11AsRecordValEv
_ZN4zeek6detail11BuiltinFuncC1EPF12BifReturnValPNS0_5FrameEPKSt6vectorINS_12IntrusivePtrINS_3ValEEESaIS8_EEEPKcb
_ZN4zeek6detail12global_scopeEv
_ZN4zeek6plugin6Plugin10AddBifItemERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEENS0_7BifItem4TypeE
_ZN4zeek6plugin6Plugin11HookLogInitERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_bbRKN7logging13WriterBackend10WriterInfoEiPKPKN9threading5FieldE
_ZN4zeek6plugin6Plugin11MetaHookPreENS0_8HookTypeERKNSt7__cxx114listINS0_12HookArgumentESaIS5_EEE
_ZN4zeek6plugin6Plugin12HookLoadFileENS1_8LoadTypeERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESA_
_ZN4zeek6plugin6Plugin12HookLogWriteERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_RKN7logging13WriterBackend10WriterInfoEiPKPKN9threading5FieldEPPNSF_5ValueE
_ZN4zeek6plugin6Plugin12HookReporterERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE15EventHandlerPtrPK10ConnectionPKNS_4ListIPNS_3ValELNS_9ListOrderE0EEEbPKNS_6detail8LocationESO_bS9_
_ZN4zeek6plugin6Plugin12MetaHookPostENS0_8HookTypeERKNSt7__cxx114listINS0_12HookArgumentESaIS5_EEES5_
_ZN4zeek6plugin6Plugin13InitPreScriptEv
_ZN4zeek6plugin6Plugin14HookBroObjDtorEPv
_ZN4zeek6plugin6Plugin14HookQueueEventEP5Event
_ZN4zeek6plugin6Plugin14InitPostScriptEv
_ZN4zeek6plugin6Plugin15HookDrainEventsEv
_ZN4zeek6plugin6Plugin16HookCallFunctionEPKNS_4FuncEPNS_6detail5FrameEPNS_4ListIPNS_3ValELNS_9ListOrderE0EEE
_ZN4zeek6plugin6Plugin16HookFunctionCallEPKNS_4FuncEPNS_6detail5FrameEPSt6vectorINS_12IntrusivePtrINS_3ValEEESaISB_EE
_ZN4zeek6plugin6Plugin21HookSetupAnalyzerTreeEP10Connection
_ZN4zeek6plugin6Plugin21HookUpdateNetworkTimeEd
_ZN4zeek6plugin6Plugin4DoneEv
_ZN4zeek6plugin6PluginC2Ev
_ZN4zeek6plugin6PluginD2Ev
_ZN4zeek6plugin7Manager15RegisterBifFileEPKcPFvPNS0_6PluginEE
_ZN4zeek7bad_refEi
_ZN4zeek9StringVal5BytesEv
_ZN4zeek9StringValC1EPKc
_ZN4zeek9StringValC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN4zeek9type_nameENS_7TypeTagE
_ZN6IPAddr16v4_mapped_prefixE
_ZN8Reporter5ErrorEPKcz
_ZN8analyzer4icmp17ICMP4_counterpartEiiRb
_ZN8analyzer4icmp17ICMP6_counterpartEiiRb
_ZNK4zeek3Obj6BadTagEPKcS2_S2_
_ZNK4zeek6detail5Scope4FindESt17basic_string_viewIcSt11char_traitsIcEE
bro_version_3_2_1_plugin_7
reporter

Exports

Exports

_GCC_specific_handler
_Unwind_Backtrace
_Unwind_DeleteException
_Unwind_FindEnclosingFunction
_Unwind_ForcedUnwind
_Unwind_GetCFA
_Unwind_GetDataRelBase
_Unwind_GetGR
_Unwind_GetIP
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
_ZGVN4zeek3Val3nilE
_ZGVN4zeek4Func10unique_idsE
_ZGVN4zeek4Func3nilE
_ZGVN4zeek4Type3nilE
_ZGVN4zeek6detail2ID3nilE
_ZGVN4zeek6detail4Attr3nilE
_ZGVN4zeek8FuncType3nilE
_ZN4zeek3Val3nilE
_ZN4zeek4Func10unique_idsE
_ZN4zeek4Func3nilE
_ZN4zeek4Type3nilE
_ZN4zeek6detail2ID3nilE
_ZN4zeek6detail4Attr3nilE
_ZN4zeek7BifFunc11CommunityID13hash_conn_bifEPNS_6detail5FrameEPKSt6vectorINS_12IntrusivePtrINS_3ValEEESaIS8_EE
_ZN4zeek8FuncType3nilE
_ZN6plugin21Corelight_CommunityID22__bif_communityid_initEPN4zeek6plugin6PluginE
_ZN6plugin21Corelight_CommunityID49__register_bifs_Corelight_CommunityID_communityidE
_ZN6plugin21Corelight_CommunityID6Plugin9ConfigureEv
_ZN6plugin21Corelight_CommunityID6PluginD0Ev
_ZN6plugin21Corelight_CommunityID6PluginD1Ev
_ZN6plugin21Corelight_CommunityID6pluginE
_ZTIN4zeek6plugin6PluginE
_ZTIN6plugin21Corelight_CommunityID6PluginE
_ZTSN4zeek6plugin6PluginE
_ZTSN6plugin21Corelight_CommunityID6PluginE
_ZTVN6plugin21Corelight_CommunityID6PluginE
_ZZ12digest_printPKhyE3buf
__emutls_get_address
__emutls_register_common
__pth_gpointer_locked
__pthread_clock_nanosleep
__pthread_shallcancel
__xl_f
_pthread_cleanup_dest
_pthread_get_state
_pthread_invoke_cancel
_pthread_key_dest
_pthread_rel_time_in_ms
_pthread_set_state
_pthread_setnobreak
_pthread_time_in_ms
_pthread_time_in_ms_from_timespec
_pthread_tryjoin
_pthread_wait_for_multiple_objects
_pthread_wait_for_single_object
cond_print
cond_print_set
do_sema_b_wait_intern
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstack
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstack
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_timedwait_relative_np
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getclock
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setclock
pthread_condattr_setpshared
pthread_create
pthread_create_wrapper
pthread_delay_np
pthread_delay_np_ms
pthread_detach
pthread_equal
pthread_exit
pthread_get_concurrency
pthread_getclean
pthread_getconcurrency
pthread_getevent
pthread_gethandle
pthread_getname_np
pthread_getschedparam
pthread_getspecific
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getprioceiling
pthread_mutexattr_getprotocol
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setprioceiling
pthread_mutexattr_setprotocol
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_set_concurrency
pthread_set_num_processors_np
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setname_np
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_tls_init
rwl_print
rwl_print_set
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
thread_print
thread_print_set

Sections

.text
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 743KB - Virtual size: 742KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/lib/bif/__load__.zeek
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/lib/bif/communityid.bif.zeek
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/scripts/Corelight/CommunityID/__load__.zeek
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/scripts/Corelight/CommunityID/main.zeek
brimcap/zeek/lib/zeek/plugins/Corelight_CommunityID/scripts/__load__.zeek
brimcap/zeek/share/zeek/base/bif/__load__.zeek
brimcap/zeek/share/zeek/base/bif/analyzer.bif.zeek
brimcap/zeek/share/zeek/base/bif/bloom-filter.bif.zeek
brimcap/zeek/share/zeek/base/bif/cardinality-counter.bif.zeek
brimcap/zeek/share/zeek/base/bif/comm.bif.zeek
brimcap/zeek/share/zeek/base/bif/const.bif.zeek
brimcap/zeek/share/zeek/base/bif/data.bif.zeek
brimcap/zeek/share/zeek/base/bif/event.bif.zeek
brimcap/zeek/share/zeek/base/bif/file_analysis.bif.zeek
brimcap/zeek/share/zeek/base/bif/input.bif.zeek
brimcap/zeek/share/zeek/base/bif/logging.bif.zeek
brimcap/zeek/share/zeek/base/bif/messaging.bif.zeek
brimcap/zeek/share/zeek/base/bif/option.bif.zeek
brimcap/zeek/share/zeek/base/bif/pcap.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ARP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_AsciiReader.ascii.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_AsciiWriter.ascii.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_BenchmarkReader.benchmark.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_BinaryReader.binary.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_BitTorrent.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ConfigReader.config.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ConnSize.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ConnSize.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DCE_RPC.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DCE_RPC.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DCE_RPC.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DHCP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DHCP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DNP3.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DNS.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FTP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FTP.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_File.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FileEntropy.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FileExtract.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FileExtract.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FileHash.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Finger.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_GSSAPI.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_GTPv1.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Gnutella.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_HTTP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_HTTP.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ICMP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_IMAP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_IRC.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Ident.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_KRB.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_KRB.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Login.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Login.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MIME.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MQTT.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MQTT.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Modbus.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MySQL.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NCP.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NCP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NTLM.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NTLM.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NTP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NTP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NetBIOS.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NetBIOS.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NoneWriter.none.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_PE.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_POP3.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RADIUS.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RDP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RDP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RFB.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RPC.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RawReader.raw.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SIP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_check_directory.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_close.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_create_directory.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_echo.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_logoff_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_negotiate.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_nt_cancel.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_nt_create_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_query_information.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_read_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_session_setup_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_transaction.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_transaction2.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_transaction2_secondary.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_transaction_secondary.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_tree_connect_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_tree_disconnect.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_write_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_close.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_create.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_negotiate.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_read.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_session_setup.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_set_info.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_transform_header.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_tree_connect.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_tree_disconnect.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_write.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMTP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMTP.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SNMP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SNMP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SOCKS.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SQLiteReader.sqlite.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SQLiteWriter.sqlite.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSH.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSH.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSL.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSL.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSL.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSL.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SteppingStone.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Syslog.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_TCP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_TCP.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_TCP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Teredo.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_UDP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Unified2.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Unified2.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_VXLAN.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_X509.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_X509.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_X509.ocsp_events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_X509.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_XMPP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/__load__.zeek
brimcap/zeek/share/zeek/base/bif/reporter.bif.zeek
brimcap/zeek/share/zeek/base/bif/stats.bif.zeek
brimcap/zeek/share/zeek/base/bif/store.bif.zeek
brimcap/zeek/share/zeek/base/bif/strings.bif.zeek
brimcap/zeek/share/zeek/base/bif/supervisor.bif.zeek
brimcap/zeek/share/zeek/base/bif/top-k.bif.zeek
brimcap/zeek/share/zeek/base/bif/types.bif.zeek
brimcap/zeek/share/zeek/base/bif/zeek.bif.zeek
brimcap/zeek/share/zeek/base/bif/zeekygen.bif.zeek
brimcap/zeek/share/zeek/base/files/extract/__load__.zeek
brimcap/zeek/share/zeek/base/files/extract/main.zeek
brimcap/zeek/share/zeek/base/files/hash/__load__.zeek
brimcap/zeek/share/zeek/base/files/hash/main.zeek
brimcap/zeek/share/zeek/base/files/pe/__load__.zeek
brimcap/zeek/share/zeek/base/files/pe/consts.zeek
.js
brimcap/zeek/share/zeek/base/files/pe/main.zeek
brimcap/zeek/share/zeek/base/files/x509/__load__.zeek
brimcap/zeek/share/zeek/base/files/x509/main.zeek
brimcap/zeek/share/zeek/base/frameworks/analyzer/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/analyzer/main.zeek
brimcap/zeek/share/zeek/base/frameworks/broker/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/broker/log.zeek
brimcap/zeek/share/zeek/base/frameworks/broker/main.zeek
brimcap/zeek/share/zeek/base/frameworks/broker/store.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/broker-stores.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/cluster/main.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/cluster/nodes/logger.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/nodes/manager.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/nodes/proxy.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/nodes/worker.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/pools.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/cluster/setup-connections.zeek
brimcap/zeek/share/zeek/base/frameworks/config/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/config/input.zeek
brimcap/zeek/share/zeek/base/frameworks/config/main.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/config/weird.zeek
brimcap/zeek/share/zeek/base/frameworks/control/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/control/main.zeek
brimcap/zeek/share/zeek/base/frameworks/dpd/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/dpd/main.zeek
brimcap/zeek/share/zeek/base/frameworks/files/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/files/magic/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/files/magic/archive.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/audio.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/executable.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/font.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/general.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/image.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/java.sig
.jnlp
brimcap/zeek/share/zeek/base/frameworks/files/magic/libmagic.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/office.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/programming.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/video.sig
brimcap/zeek/share/zeek/base/frameworks/files/main.zeek
.js
brimcap/zeek/share/zeek/base/frameworks/input/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/input/main.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/ascii.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/benchmark.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/binary.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/config.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/raw.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/sqlite.zeek
brimcap/zeek/share/zeek/base/frameworks/intel/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/intel/cluster.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/intel/files.zeek
brimcap/zeek/share/zeek/base/frameworks/intel/input.zeek
brimcap/zeek/share/zeek/base/frameworks/intel/main.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/main.zeek
.js
brimcap/zeek/share/zeek/base/frameworks/logging/postprocessors/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/postprocessors/scp.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/postprocessors/sftp.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/writers/ascii.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/writers/none.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/writers/sqlite.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/drop.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/main.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/netcontrol/non-cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugin.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/acld.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/broker.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/debug.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/openflow.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/packetfilter.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/shunt.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/types.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/actions/add-geodata.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/actions/email_admin.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/actions/page.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/actions/pp-alarms.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/main.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/weird.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/consts.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/main.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/non-cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/plugins/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/plugins/broker.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/plugins/log.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/plugins/ryu.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/types.zeek
brimcap/zeek/share/zeek/base/frameworks/packet-filter/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/packet-filter/cluster.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/packet-filter/main.zeek
brimcap/zeek/share/zeek/base/frameworks/packet-filter/netstats.zeek
brimcap/zeek/share/zeek/base/frameworks/packet-filter/utils.zeek
brimcap/zeek/share/zeek/base/frameworks/reporter/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/reporter/main.zeek
brimcap/zeek/share/zeek/base/frameworks/signatures/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/signatures/main.zeek
brimcap/zeek/share/zeek/base/frameworks/software/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/software/main.zeek
.js
brimcap/zeek/share/zeek/base/frameworks/sumstats/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/cluster.zeek
.js
brimcap/zeek/share/zeek/base/frameworks/sumstats/main.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/non-cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/average.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/hll_unique.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/last.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/max.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/min.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/sample.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/std-dev.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/sum.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/topk.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/unique.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/variance.zeek
brimcap/zeek/share/zeek/base/frameworks/supervisor/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/supervisor/api.zeek
brimcap/zeek/share/zeek/base/frameworks/supervisor/control.zeek
brimcap/zeek/share/zeek/base/frameworks/supervisor/main.zeek
brimcap/zeek/share/zeek/base/frameworks/tunnels/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/tunnels/main.zeek
brimcap/zeek/share/zeek/base/init-bare.zeek
brimcap/zeek/share/zeek/base/init-default.zeek
brimcap/zeek/share/zeek/base/init-frameworks-and-bifs.zeek
brimcap/zeek/share/zeek/base/misc/find-checksum-offloading.zeek
brimcap/zeek/share/zeek/base/misc/find-filtered-trace.zeek
brimcap/zeek/share/zeek/base/misc/version.zeek
brimcap/zeek/share/zeek/base/protocols/conn/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/conn/contents.zeek
brimcap/zeek/share/zeek/base/protocols/conn/inactivity.zeek
brimcap/zeek/share/zeek/base/protocols/conn/main.zeek
brimcap/zeek/share/zeek/base/protocols/conn/polling.zeek
brimcap/zeek/share/zeek/base/protocols/conn/thresholds.zeek
brimcap/zeek/share/zeek/base/protocols/dce-rpc/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/dce-rpc/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/dce-rpc/dpd.sig
brimcap/zeek/share/zeek/base/protocols/dce-rpc/main.zeek
brimcap/zeek/share/zeek/base/protocols/dhcp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/dhcp/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/dhcp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/dhcp/main.zeek
brimcap/zeek/share/zeek/base/protocols/dnp3/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/dnp3/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/dnp3/dpd.sig
brimcap/zeek/share/zeek/base/protocols/dnp3/main.zeek
brimcap/zeek/share/zeek/base/protocols/dns/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/dns/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/dns/main.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/ftp/files.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/gridftp.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/info.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/main.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/utils-commands.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/utils.zeek
brimcap/zeek/share/zeek/base/protocols/http/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/http/dpd.sig
brimcap/zeek/share/zeek/base/protocols/http/entities.zeek
brimcap/zeek/share/zeek/base/protocols/http/files.zeek
brimcap/zeek/share/zeek/base/protocols/http/main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/http/utils.zeek
brimcap/zeek/share/zeek/base/protocols/imap/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/imap/main.zeek
brimcap/zeek/share/zeek/base/protocols/irc/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/irc/dcc-send.zeek
brimcap/zeek/share/zeek/base/protocols/irc/dpd.sig
brimcap/zeek/share/zeek/base/protocols/irc/files.zeek
brimcap/zeek/share/zeek/base/protocols/irc/main.zeek
brimcap/zeek/share/zeek/base/protocols/krb/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/krb/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/krb/dpd.sig
brimcap/zeek/share/zeek/base/protocols/krb/files.zeek
brimcap/zeek/share/zeek/base/protocols/krb/main.zeek
brimcap/zeek/share/zeek/base/protocols/modbus/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/modbus/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/modbus/main.zeek
brimcap/zeek/share/zeek/base/protocols/mqtt/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/mqtt/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/mysql/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/mysql/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/mysql/main.zeek
brimcap/zeek/share/zeek/base/protocols/ntlm/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ntlm/main.zeek
brimcap/zeek/share/zeek/base/protocols/ntp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ntp/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/ntp/main.zeek
brimcap/zeek/share/zeek/base/protocols/pop3/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/pop3/dpd.sig
brimcap/zeek/share/zeek/base/protocols/radius/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/radius/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/radius/main.zeek
brimcap/zeek/share/zeek/base/protocols/rdp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/rdp/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/rdp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/rdp/main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/rfb/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/rfb/dpd.sig
brimcap/zeek/share/zeek/base/protocols/rfb/main.zeek
brimcap/zeek/share/zeek/base/protocols/sip/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/sip/dpd.sig
brimcap/zeek/share/zeek/base/protocols/sip/main.zeek
brimcap/zeek/share/zeek/base/protocols/smb/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/smb/const-dos-error.zeek
brimcap/zeek/share/zeek/base/protocols/smb/const-nt-status.zeek
brimcap/zeek/share/zeek/base/protocols/smb/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/smb/dpd.sig
brimcap/zeek/share/zeek/base/protocols/smb/files.zeek
brimcap/zeek/share/zeek/base/protocols/smb/main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/smb/smb1-main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/smb/smb2-main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/smtp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/smtp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/smtp/entities.zeek
brimcap/zeek/share/zeek/base/protocols/smtp/files.zeek
brimcap/zeek/share/zeek/base/protocols/smtp/main.zeek
brimcap/zeek/share/zeek/base/protocols/snmp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/snmp/main.zeek
brimcap/zeek/share/zeek/base/protocols/socks/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/socks/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/socks/dpd.sig
brimcap/zeek/share/zeek/base/protocols/socks/main.zeek
brimcap/zeek/share/zeek/base/protocols/ssh/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ssh/dpd.sig
brimcap/zeek/share/zeek/base/protocols/ssh/main.zeek
brimcap/zeek/share/zeek/base/protocols/ssl/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ssl/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/ssl/ct-list.zeek
brimcap/zeek/share/zeek/base/protocols/ssl/dpd.sig
brimcap/zeek/share/zeek/base/protocols/ssl/files.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/ssl/main.zeek
brimcap/zeek/share/zeek/base/protocols/ssl/mozilla-ca-list.zeek
brimcap/zeek/share/zeek/base/protocols/syslog/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/syslog/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/syslog/main.zeek
brimcap/zeek/share/zeek/base/protocols/tunnels/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/tunnels/dpd.sig
brimcap/zeek/share/zeek/base/protocols/xmpp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/xmpp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/xmpp/main.zeek
brimcap/zeek/share/zeek/base/utils/active-http.zeek
brimcap/zeek/share/zeek/base/utils/addrs.zeek
brimcap/zeek/share/zeek/base/utils/backtrace.zeek
brimcap/zeek/share/zeek/base/utils/conn-ids.zeek
brimcap/zeek/share/zeek/base/utils/dir.zeek
brimcap/zeek/share/zeek/base/utils/directions-and-hosts.zeek
brimcap/zeek/share/zeek/base/utils/email.zeek
brimcap/zeek/share/zeek/base/utils/exec.zeek
.ps1
brimcap/zeek/share/zeek/base/utils/files.zeek
brimcap/zeek/share/zeek/base/utils/geoip-distance.zeek
brimcap/zeek/share/zeek/base/utils/hash_hrw.zeek
brimcap/zeek/share/zeek/base/utils/numbers.zeek
brimcap/zeek/share/zeek/base/utils/paths.zeek
brimcap/zeek/share/zeek/base/utils/patterns.zeek
brimcap/zeek/share/zeek/base/utils/queue.zeek
brimcap/zeek/share/zeek/base/utils/site.zeek
brimcap/zeek/share/zeek/base/utils/strings.zeek
brimcap/zeek/share/zeek/base/utils/thresholds.zeek
brimcap/zeek/share/zeek/base/utils/time.zeek
brimcap/zeek/share/zeek/base/utils/urls.zeek
brimcap/zeek/share/zeek/policy/files/unified2/__load__.zeek
brimcap/zeek/share/zeek/policy/files/unified2/main.zeek
.js
brimcap/zeek/share/zeek/policy/files/x509/log-ocsp.zeek
brimcap/zeek/share/zeek/policy/frameworks/control/controllee.zeek
brimcap/zeek/share/zeek/policy/frameworks/control/controller.zeek
brimcap/zeek/share/zeek/policy/frameworks/dpd/detect-protocols.zeek
brimcap/zeek/share/zeek/policy/frameworks/dpd/packet-segment-logging.zeek
brimcap/zeek/share/zeek/policy/frameworks/files/detect-MHR.zeek
brimcap/zeek/share/zeek/policy/frameworks/files/entropy-test-all-files.zeek
brimcap/zeek/share/zeek/policy/frameworks/files/extract-all-files.zeek
brimcap/zeek/share/zeek/policy/frameworks/files/hash-all-files.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/do_expire.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/do_notice.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/removal.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/conn-established.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/dns.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/file-hashes.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/file-names.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/http-headers.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/http-url.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/pubkey-hashes.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/smb-filenames.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/smtp-url-extraction.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/smtp.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/ssl.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/where-locations.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/x509.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/whitelist.zeek
brimcap/zeek/share/zeek/policy/frameworks/netcontrol/catch-and-release.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/notice/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/notice/actions/drop.zeek
brimcap/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/packet-filter/shunt.zeek
brimcap/zeek/share/zeek/policy/frameworks/signatures/detect-windows-shells.sig
brimcap/zeek/share/zeek/policy/frameworks/software/version-changes.zeek
brimcap/zeek/share/zeek/policy/frameworks/software/vulnerable.zeek
brimcap/zeek/share/zeek/policy/frameworks/software/windows-version-detection.zeek
brimcap/zeek/share/zeek/policy/integration/barnyard2/__load__.zeek
brimcap/zeek/share/zeek/policy/integration/barnyard2/main.zeek
brimcap/zeek/share/zeek/policy/integration/barnyard2/types.zeek
brimcap/zeek/share/zeek/policy/integration/collective-intel/__load__.zeek
brimcap/zeek/share/zeek/policy/integration/collective-intel/main.zeek
brimcap/zeek/share/zeek/policy/misc/capture-loss.zeek
brimcap/zeek/share/zeek/policy/misc/detect-traceroute/__load__.zeek
brimcap/zeek/share/zeek/policy/misc/detect-traceroute/detect-low-ttls.sig
brimcap/zeek/share/zeek/policy/misc/detect-traceroute/main.zeek
brimcap/zeek/share/zeek/policy/misc/dump-events.zeek
brimcap/zeek/share/zeek/policy/misc/load-balancing.zeek
brimcap/zeek/share/zeek/policy/misc/loaded-scripts.zeek
brimcap/zeek/share/zeek/policy/misc/profiling.zeek
brimcap/zeek/share/zeek/policy/misc/scan.zeek
brimcap/zeek/share/zeek/policy/misc/stats.zeek
brimcap/zeek/share/zeek/policy/misc/trim-trace-file.zeek
brimcap/zeek/share/zeek/policy/misc/weird-stats.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/known-hosts.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/known-services.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/mac-logging.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/speculative-service.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/vlan-logging.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/weirds.zeek
brimcap/zeek/share/zeek/policy/protocols/dhcp/msg-orig.zeek
brimcap/zeek/share/zeek/policy/protocols/dhcp/software.zeek
brimcap/zeek/share/zeek/policy/protocols/dhcp/sub-opts.zeek
brimcap/zeek/share/zeek/policy/protocols/dns/auth-addl.zeek
brimcap/zeek/share/zeek/policy/protocols/dns/detect-external-names.zeek
brimcap/zeek/share/zeek/policy/protocols/dns/log-original-query-case.zeek
brimcap/zeek/share/zeek/policy/protocols/ftp/detect-bruteforcing.zeek
brimcap/zeek/share/zeek/policy/protocols/ftp/detect.zeek
brimcap/zeek/share/zeek/policy/protocols/ftp/software.zeek
brimcap/zeek/share/zeek/policy/protocols/http/detect-sqli.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/http/detect-webapps.sig
brimcap/zeek/share/zeek/policy/protocols/http/detect-webapps.zeek
brimcap/zeek/share/zeek/policy/protocols/http/header-names.zeek
brimcap/zeek/share/zeek/policy/protocols/http/software-browser-plugins.zeek
brimcap/zeek/share/zeek/policy/protocols/http/software.zeek
brimcap/zeek/share/zeek/policy/protocols/http/var-extraction-cookies.zeek
brimcap/zeek/share/zeek/policy/protocols/http/var-extraction-uri.zeek
brimcap/zeek/share/zeek/policy/protocols/krb/ticket-logging.zeek
brimcap/zeek/share/zeek/policy/protocols/modbus/known-masters-slaves.zeek
brimcap/zeek/share/zeek/policy/protocols/modbus/track-memmap.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/mqtt/__load__.zeek
brimcap/zeek/share/zeek/policy/protocols/mqtt/dpd.sig
brimcap/zeek/share/zeek/policy/protocols/mqtt/main.zeek
brimcap/zeek/share/zeek/policy/protocols/mysql/software.zeek
brimcap/zeek/share/zeek/policy/protocols/rdp/indicate_ssl.zeek
brimcap/zeek/share/zeek/policy/protocols/smb/log-cmds.zeek
brimcap/zeek/share/zeek/policy/protocols/smtp/blocklists.zeek
brimcap/zeek/share/zeek/policy/protocols/smtp/detect-suspicious-orig.zeek
brimcap/zeek/share/zeek/policy/protocols/smtp/entities-excerpt.zeek
brimcap/zeek/share/zeek/policy/protocols/smtp/software.zeek
brimcap/zeek/share/zeek/policy/protocols/ssh/detect-bruteforcing.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssh/geo-data.zeek
brimcap/zeek/share/zeek/policy/protocols/ssh/interesting-hostnames.zeek
brimcap/zeek/share/zeek/policy/protocols/ssh/software.zeek
brimcap/zeek/share/zeek/policy/protocols/ssl/expiring-certs.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/extract-certs-pem.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/heartbleed.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/known-certs.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/log-hostcerts-only.zeek
brimcap/zeek/share/zeek/policy/protocols/ssl/notary.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/validate-certs.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/validate-ocsp.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/validate-sct.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/weak-keys.zeek
.ps1
brimcap/zeek/share/zeek/policy/tuning/__load__.zeek
brimcap/zeek/share/zeek/policy/tuning/defaults/__load__.zeek
brimcap/zeek/share/zeek/policy/tuning/defaults/extracted_file_limits.zeek
brimcap/zeek/share/zeek/policy/tuning/defaults/packet-fragments.zeek
brimcap/zeek/share/zeek/policy/tuning/defaults/warnings.zeek
brimcap/zeek/share/zeek/policy/tuning/json-logs.zeek
brimcap/zeek/share/zeek/policy/tuning/track-all-assets.zeek
brimcap/zeek/share/zeek/site/geoip-conn/GeoLite2-City.mmdb
brimcap/zeek/share/zeek/site/geoip-conn/__load__.zeek
brimcap/zeek/share/zeek/site/geoip-conn/geoip-conn.zeek
brimcap/zeek/share/zeek/site/hassh/README.md
brimcap/zeek/share/zeek/site/hassh/__load__.zeek
brimcap/zeek/share/zeek/site/hassh/hassh.zeek
brimcap/zeek/share/zeek/site/ja3/README.md
brimcap/zeek/share/zeek/site/ja3/__load__.zeek
brimcap/zeek/share/zeek/site/ja3/intel_ja3.zeek
brimcap/zeek/share/zeek/site/ja3/ja3.zeek
brimcap/zeek/share/zeek/site/ja3/ja3s.zeek
brimcap/zeek/share/zeek/site/local.zeek
brimcap/zeek/share/zeek/site/zeek-community-id/__load__.zeek
brimcap/zeek/share/zeek/site/zeek-community-id/main.zeek
brimcap/zeek/zeekrunner.exe
.exe windows:6 windows x64

960ef4de68dcace43ad03634f7e490cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
QueryFullProcessImageNameA
ProcessIdToSessionId
PostQueuedCompletionStatus
OpenProcess
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatus
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 767KB - Virtual size: 766KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 919KB - Virtual size: 918KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 281B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 70B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 135KB - Virtual size: 134KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Signatures

Files

65892a964106b5e0c6c363fdf21975eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 16.9MB - Virtual size: 16.9MB

.rdata Size: 17.4MB - Virtual size: 17.4MB

.data Size: 1.1MB - Virtual size: 8.7MB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 369KB - Virtual size: 368KB

.symtab Size: 512B - Virtual size: 4B

2cdcfb3a828433ba76b5b41f45519bd9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 3KB - Virtual size: 64KB

.pdata Size: 8KB - Virtual size: 7KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 60KB - Virtual size: 60KB

.reloc Size: 2KB - Virtual size: 1KB

07edde336fd52fbeee0f45e977449c35

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

bcrypt

iphlpapi

kernel32

msvcrt

libnspr4

nss3

ole32

oleaut32

pcap

libwinpthread-1

userenv

ws2_32

zlib1

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.data Size: 23KB - Virtual size: 23KB

.rdata Size: 728KB - Virtual size: 727KB

.pdata Size: 132KB - Virtual size: 131KB

.xdata Size: 175KB - Virtual size: 174KB

.bss Size: - Virtual size: 111KB

.idata Size: 14KB - Virtual size: 14KB

.CRT Size: 512B - Virtual size: 120B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 14KB - Virtual size: 14KB

/4 Size: 13KB - Virtual size: 12KB

/19 Size: 1.1MB - Virtual size: 1.1MB

/35 Size: 4.5MB - Virtual size: 4.5MB

/47 Size: 152KB - Virtual size: 152KB

/61 Size: 799KB - Virtual size: 798KB

/73 Size: 53KB - Virtual size: 52KB

/86 Size: 3.6MB - Virtual size: 3.6MB

/97 Size: 2.6MB - Virtual size: 2.6MB

/108 Size: 1.1MB - Virtual size: 1.1MB

/124 Size: 1008KB - Virtual size: 1007KB

/138 Size: 33KB - Virtual size: 33KB

/154 Size: 178KB - Virtual size: 178KB

/170 Size: 9KB - Virtual size: 9KB

8932c5109e6d950cf558d974b9a5f511

Headers

.text
Size: 16.9MB - Virtual size: 16.9MB

.rdata
Size: 17.4MB - Virtual size: 17.4MB

.data
Size: 1.1MB - Virtual size: 8.7MB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 369KB - Virtual size: 368KB

.symtab
Size: 512B - Virtual size: 4B

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 3KB - Virtual size: 64KB

.pdata
Size: 8KB - Virtual size: 7KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 60KB - Virtual size: 60KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.data
Size: 23KB - Virtual size: 23KB

.rdata
Size: 728KB - Virtual size: 727KB

.pdata
Size: 132KB - Virtual size: 131KB

.xdata
Size: 175KB - Virtual size: 174KB

.bss
Size: - Virtual size: 111KB

.idata
Size: 14KB - Virtual size: 14KB

.CRT
Size: 512B - Virtual size: 120B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 14KB - Virtual size: 14KB

/4
Size: 13KB - Virtual size: 12KB

/19
Size: 1.1MB - Virtual size: 1.1MB

/35
Size: 4.5MB - Virtual size: 4.5MB

/47
Size: 152KB - Virtual size: 152KB

/61
Size: 799KB - Virtual size: 798KB

/73
Size: 53KB - Virtual size: 52KB

/86
Size: 3.6MB - Virtual size: 3.6MB

/97
Size: 2.6MB - Virtual size: 2.6MB

/108
Size: 1.1MB - Virtual size: 1.1MB

/124
Size: 1008KB - Virtual size: 1007KB

/138
Size: 33KB - Virtual size: 33KB

/154
Size: 178KB - Virtual size: 178KB

/170
Size: 9KB - Virtual size: 9KB

.text
Size: 458KB - Virtual size: 458KB

.data
Size: 1024B - Virtual size: 592B

.rdata
Size: 162KB - Virtual size: 161KB

.pdata
Size: 10KB - Virtual size: 9KB

.xdata
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 16KB

.edata
Size: 16KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 792B

.reloc
Size: 1024B - Virtual size: 972B

.text
Size: 217KB - Virtual size: 216KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 27KB - Virtual size: 27KB

.pdata
Size: 11KB - Virtual size: 11KB

.xdata
Size: 10KB - Virtual size: 10KB

.bss
Size: - Virtual size: 11KB

.edata
Size: 21KB - Virtual size: 20KB

.idata
Size: 7KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 744B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 224B

.rdata
Size: 3KB - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 948B

.xdata
Size: 1024B - Virtual size: 704B

.bss
Size: - Virtual size: 304B

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B