Audio-Win10_Win11-6[.]0[.]9456[.]1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Audio-Win10_Win11-6.0.9456.1.zip
Size

38.7MB
MD5

c44212654e1f09d5512ae078f0e43fe2
SHA1

b95cb664751426b4774202062df9950781a81940
SHA256

487043418ce8f4197e3fde347b9ecf598d3270b4a11aa4dfd4142fa0cfac7693
SHA512

f0884d1cc51671690348bb87d23bc567184d242ddc6644d6e67140f151a6ded8764fc69bd936b4ac8e70d404b251a93fc23e435bd0188621dc303633f1f0085f
SSDEEP

786432:V31Xl9+h9I2Q5xcxa3aAW6Y7zHwTBFgJ0IVdv6iNjgtSTP5QwNegVgofpXL8V5:VF1GzxH/zHwTLm0IVU/kycfpQ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Win64/RTKVHD64.sys
unpack001/Win64/Realtek/RealtekAPO_1062/RltkAPOU64.dll
unpack001/Win64/Realtek/RealtekService_588/RtkApi64U.dll
unpack001/Win64/Realtek/RealtekService_588/RtkAudUServiceConf64.dll
unpack001/Win64/Realtek/RealtekService_588/RtkAudUServiceRes64.dll
unpack001/Win64/Realtek/RealtekService_588/RtkCfg64.dll
unpack001/Win64/Realtek/RealtekService_588/SpeakerVerfDll.dll

Files

Audio-Win10_Win11-6.0.9456.1.zip
.zip
0x0403.ini
0x0404.ini
0x0405.ini
0x0406.ini
0x0407.ini
0x0408.ini
0x0409.ini
0x040a.ini
0x040b.ini
0x040c.ini
0x040e.ini
0x0410.ini
0x0411.ini
0x0412.ini
0x0413.ini
0x0414.ini
0x0415.ini
0x0416.ini
0x0419.ini
0x041a.ini
0x041b.ini
0x041d.ini
0x041e.ini
0x041f.ini
0x0421.ini
0x0424.ini
0x042d.ini
0x0804.ini
0x0816.ini
0x0c0c.ini
ChCfg.exe
.exe windows:4 windows x86

c062542419a816c407b09c909072a761

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

df:e6:b2:70:8f:5f:7d:08:dc:6f:4e:24:be:9b:19:6a:4e:46:0f:01:cc:84:d4:c1:22:55:a6:43:ea:f6:1a:7b
Signer

Actual PE Digest

df:e6:b2:70:8f:5f:7d:08:dc:6f:4e:24:be:9b:19:6a:4e:46:0f:01:cc:84:d4:c1:22:55:a6:43:ea:f6:1a:7b

Digest Algorithm

sha256

PE Digest Matches

true

e2:c2:9e:2d:f3:90:7f:30:d1:6d:11:03:98:25:05:18:f6:c3:fe:1f
Signer

Actual PE Digest

e2:c2:9e:2d:f3:90:7f:30:d1:6d:11:03:98:25:05:18:f6:c3:fe:1f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

dsound

ord2
ord1

setupapi

SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

kernel32

SetFilePointer
GetLastError
LocalFree
LocalAlloc
DeviceIoControl
WriteConsoleA
CreateFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CloseHandle
GetProcAddress
GetModuleHandleA
ExitProcess
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetStdHandle
GetModuleFileNameA
DeleteCriticalSection
LoadLibraryA
InitializeCriticalSection
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
Sleep
GetLocaleInfoA
RtlUnwind
HeapSize
VirtualAlloc

user32

SendMessageA
RegisterWindowMessageA
EnumWindows
GetWindowTextA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyA

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ISSetup.dll
.dll regsvr32 windows:6 windows x86

affd663658d87f17e7be2cfe73546714

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

79:5a:da:86:3f:02:d6:8c:63:ea:45:c3:cd:3e:24:68:67:9e:4f:46:71:62:bc:c3:b6:30:49:04:f0:6a:93:83
Signer

Actual PE Digest

79:5a:da:86:3f:02:d6:8c:63:ea:45:c3:cd:3e:24:68:67:9e:4f:46:71:62:bc:c3:b6:30:49:04:f0:6a:93:83

Digest Algorithm

sha256

PE Digest Matches

true

2f:84:9c:b4:45:7d:20:d9:93:aa:31:b3:b4:fa:e7:2d:44:17:14:10
Signer

Actual PE Digest

2f:84:9c:b4:45:7d:20:d9:93:aa:31:b3:b4:fa:e7:2d:44:17:14:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

rpcrt4

UuidCreate

gdiplus

GdipCreateBitmapFromResource

user32

LoadStringW

gdi32

SaveDC

advapi32

LookupPrivilegeValueW

shell32

SHGetMalloc

ole32

CLSIDFromString

oleaut32

GetErrorInfo

shlwapi

SHStrDupW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProductSKU
GetScriptEngine
InstallEngineTypelib
RemoveEngineTypelib
SuiteIsFeatureInstalled
SuiteStartupInstall

Sections

.text
Size: 642KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 131KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RtlExUpd.dll
.dll windows:4 windows x86

9f7ffb06514957b955f0e9a1ce93e4af

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

81:09:a7:59:21:08:54:3b:d6:ad:23:0a:be:b7:c5:56:54:3e:72:9d:f7:c0:18:be:a9:28:b2:bd:07:b2:bd:54
Signer

Actual PE Digest

81:09:a7:59:21:08:54:3b:d6:ad:23:0a:be:b7:c5:56:54:3e:72:9d:f7:c0:18:be:a9:28:b2:bd:07:b2:bd:54

Digest Algorithm

sha256

PE Digest Matches

true

6c:78:4f:a5:90:44:0e:de:04:34:0a:d6:63:a0:dd:cd:16:a4:30:27
Signer

Actual PE Digest

6c:78:4f:a5:90:44:0e:de:04:34:0a:d6:63:a0:dd:cd:16:a4:30:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiOpenDevRegKey
SetupOpenInfFileA
SetupCloseInfFile
SetupFindNextLine
SetupGetFieldCount
SetupGetStringFieldA
SetupFindFirstLineA
CM_Get_DevNode_Status_Ex
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList

kernel32

GlobalFlags
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
MoveFileA
GetThreadLocale
ReadFile
SetFilePointer
FlushFileBuffers
GetFullPathNameA
GetCPInfo
GetOEMCP
HeapAlloc
HeapFree
HeapReAlloc
VirtualAlloc
RtlUnwind
GetCurrentDirectoryA
GetProcessHeap
RaiseException
ExitProcess
HeapSize
GetACP
IsValidCodePage
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualFree
HeapDestroy
HeapCreate
GetStdHandle
LCMapStringA
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetDriveTypeA
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetEnvironmentVariableA
WritePrivateProfileStringA
InterlockedIncrement
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
GetCurrentProcessId
GlobalAddAtomA
GlobalDeleteAtom
GetCurrentThreadId
ConvertDefaultLocale
GetModuleFileNameA
EnumResourceLanguagesA
GetLocaleInfoA
lstrcmpA
InterlockedDecrement
GetModuleFileNameW
GlobalFree
GlobalLock
GlobalUnlock
FormatMessageA
GetModuleHandleA
GetProcAddress
GetSystemDefaultLangID
GetUserDefaultLangID
SetFileAttributesA
DeleteFileA
FindFirstFileA
FindNextFileA
FindClose
Sleep
SetLastError
GetCurrentThread
GetCurrentProcess
GlobalAlloc
GetWindowsDirectoryA
lstrcatA
LoadLibraryA
GetFileSize
WriteFile
FreeLibrary
lstrlenA
CompareStringW
CompareStringA
LocalFree
LocalAlloc
CreateFileA
DeviceIoControl
CloseHandle
GetVersionExA
GetVersion
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
MultiByteToWideChar
InterlockedExchange
GetCommandLineA

user32

ShowWindow
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
IsWindow
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
SetWindowLongA
SetWindowPos
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetDlgCtrlID
GetWindowRect
GetClassNameA
GetWindowTextA
SetWindowTextA
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
GetWindow
PtInRect
GetSystemMetrics
CharUpperA
wsprintfA
TabbedTextOutA
LoadCursorA
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnregisterClassA
GetWindowThreadProcessId
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SetCursor
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DestroyMenu
RealGetWindowClassA
GetDesktopWindow
PostMessageA
MessageBoxA
GetSubMenu
GetMenuItemCount
GetMenuItemID
GetMenuState
UnhookWindowsHookEx
PostQuitMessage
CheckMenuItem
EnableMenuItem
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
GetFocus
GetParent
SendMessageA
ModifyMenuA

gdi32

DeleteDC
GetStockObject
SetMapMode
SetTextColor
SetBkColor
RestoreDC
SaveDC
CreateBitmap
GetDeviceCaps
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegQueryValueExA
GetUserNameA
OpenThreadToken
OpenProcessToken
GetTokenInformation
LookupPrivilegeNameA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyA
RegOpenKeyA
RegEnumValueA
RegCloseKey
RegSetValueExA

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

ChkAPOSupportDolbyPCEE4_DAA
ChkAPOSupportDolbyPCEE4_DHT
ChkBroadComID
ChkDellAlienwareModel
ChkDellControlinStartMenu
ChkDolbyPCEE4_SelectorDemoOnly_Supported
ChkDolbyPCEE4_SelectorEditorOnly_Supported
ChkDolbyPCEE4_SelectorOnly_Supported
ChkDolbyPCEE4_SetupPCEE4Prog_NoDemo
ChkDolbyPCEE4_SetupPCEE4Prog_NoEditor
ChkDolbyPCEE4_SetupPCEE4Prog_NoSelector
ChkHDMISupported
ChkLoadDrvPrivilege
ChkRtkCPLSupported
ChkRtkNewGUISupported
ChkRtkRegKeyEmpty_x64_CU
ChkRtkRegKeyEmpty_x64_LM
ChkRtkRegKeyEmpty_x86_CU
ChkRtkRegKeyEmpty_x86_LM
ChkSupportAPODTSAPOUltraPCBoost
ChkSupportAPOSupportSonceFocus30
ChkSupportAPOSupportSonceFocus30_NoSonicFocusGUI
ChkSupportAPOSupportSonceFocus30_SonicFocusGUI
ChkSupportAPOSupportSonceFocus30_SonicMasterGUI
ChkSupportDolbySpruce
ChkSupportDolby_DS1_DAA
ChkSupportDolby_DS1_DHT
ChkSupportHP_AIO
ChkSupportHP_AIO_SonicFocusBeats
ChkSupportMaxxAudio30
ChkSupportMaxxVolumeSD
ChkSupportSoundRoom
Chk_AsusOnlySupportSonicRadar3
Chk_AudioMgrShortcutW81_Supported
Chk_DTSEntryLevelForSetupProgram
Chk_DolbyFlex3_UseDS1PCF
Chk_ExecuteDTSStudioSoundInstallers
Chk_GUISubType_RTGS_HP_BEATS_Supported
Chk_GUISubType_RTGS_HP_BEATS_TOWER_Supported
Chk_GUISubType_RTGS_HP_BanO_DTS_Supported
Chk_GUISubType_RTGS_HP_BanO_DTS_TOWER_Supported
Chk_GUISubType_RTGS_HP_BanO_Supported
Chk_GUISubType_RTGS_HP_BanO_TOWER_Supported
Chk_HP_AIO_Model_Customized01_Supported
Chk_HP_ShortcutFolderNameReq
Chk_MAXX_MA3TCelticUI_Supported
Chk_SRSAPO3Support
Chk_SRS_GUISubType_Supported
Chk_SRS_HPPremiumBlackSkin_RTGS_HPDTS_SOUND_Supported
Chk_SRS_HPPremiumBlackSkin_Supported
Chk_SSTEnableDTS
Chk_SSTEnableDolbyAX2
Chk_SetupDS1Prog_AddEditorShortcut
Chk_SupportDTSHPX
Chk_SupportDolbyDAX2
Chk_SupportNahimicAPO_Supported
Chk_SupportNahimicSonicRadar20_Supported
Chk_SupportSonicMapper2
Chk_SupportSonicMapper3
Chk_SupportYamahaAPO
Chk_SupportYamahaAPO2
Chk_VistaNoDoblyUI_Official_Supported
ConfirmRtkDrv
DelIncorrectUserFile
DrvInfVerCompare
ExtractBANG_OLUFSENIcon
ExtractBOPlayIcon
ExtractBeatsIcon
ExtractDTSIcon
ExtractHideWin
ExtractRtkIcon
ExtractSRSIcon
ExtractSetupService
GetAudioInterface
GetDrvPolicy
GetHDASubID
GetOSVersion
GetRtkHDAudioGlobalPolicy
GetRtkHDAudioGlobalPolicy_APODTSAPOUltraPCBoost_All
GetRtkHDAudioGlobalPolicy_APOSupportSonicFocus30
GetRtkHDAudioGlobalPolicy_APOSupportSonicFocus30_SF3GUIType
GetRtkHDAudioGlobalPolicy_APOUseMaxx30
GetRtkHDAudioGlobalPolicy_APOUseMaxxVolumeSD
GetRtkHDAudioGlobalPolicy_HPAIOModel
GetRtkHDAudioGlobalPolicy_SonicFocusBeats
GetRtkHDAudioGlobalPolicy_SoundRoom
GetRtkHDAudioGlobalPolicy_SupDSpruce
HideISWizardWin
IdentifyDrvSupport
IsMediaCenterOS
IsServerOS
SetCDfmt
SetDSHWAcceleration_BasicLv

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.5MB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
RtlUpd64.exe
.exe windows:4 windows x64

26bde1dc018b227552922334d20e0016

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7f:76:92:23:0b:8f:2b:49:07:87:da:3f:4c:b1:94:f3:a4:f7:38:be:bf:be:56:7e:cf:19:7d:fa:ec:19:37:31
Signer

Actual PE Digest

7f:76:92:23:0b:8f:2b:49:07:87:da:3f:4c:b1:94:f3:a4:f7:38:be:bf:be:56:7e:cf:19:7d:fa:ec:19:37:31

Digest Algorithm

sha256

PE Digest Matches

true

be:61:24:57:33:87:6d:0b:46:ea:d3:85:19:f5:d5:f8:de:55:a7:0e
Signer

Actual PE Digest

be:61:24:57:33:87:6d:0b:46:ea:d3:85:19:f5:d5:f8:de:55:a7:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

setupapi

CM_Get_DevNode_Status
SetupGetTargetPathW
CM_Get_Parent
CM_Get_Device_IDW
SetupCopyOEMInfW
SetupDiOpenDevRegKey
SetupFindNextMatchLineW
SetupOpenInfFileW
SetupFindNextLine
SetupCloseInfFile
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupGetFieldCount
SetupGetStringFieldW
SetupFindFirstLineW
SetupDiGetDeviceRegistryPropertyW
SetupDiSetClassInstallParamsW
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW
SetupDiGetDeviceInfoListDetailW
CM_Get_DevNode_Status_Ex
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdW
SetupDiDestroyDeviceInfoList

newdev

DiInstallDriverW
UpdateDriverForPlugAndPlayDevicesW

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

kernel32

GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GlobalGetAtomNameW
GetAtomNameW
lstrlenA
GetThreadLocale
SystemTimeToFileTime
GetPrivateProfileIntW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetCurrentDirectoryW
GlobalFlags
MoveFileW
GetStringTypeExW
lstrcmpiW
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetFileSize
DuplicateHandle
GetVolumeInformationW
GetFullPathNameW
GetShortPathNameW
SetErrorMode
GetVersionExW
LocalFileTimeToFileTime
SetFileTime
GetFileAttributesW
GetFileTime
GlobalReAlloc
RtlLookupFunctionEntry
RtlUnwindEx
ExitProcess
RaiseException
RtlPcToFileHeader
HeapReAlloc
ExitThread
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
SetHandleCount
GetFileType
GetStartupInfoA
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
IsDebuggerPresent
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
RtlVirtualUnwind
FatalAppExitA
SetConsoleCtrlHandler
GetTimeZoneInformation
GetStringTypeA
GetStringTypeW
GetDateFormatA
GetTimeFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
SetStdHandle
GetCurrentDirectoryA
SetCurrentDirectoryA
GetDriveTypeA
GetFullPathNameA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
TlsAlloc
TlsGetValue
GetModuleHandleA
GlobalFindAtomW
CompareStringW
LoadLibraryA
GetVersionExA
FreeResource
GetCurrentProcessId
GlobalAddAtomW
SuspendThread
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
GetVersion
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
lstrcmpW
GetModuleHandleW
FileTimeToLocalFileTime
FileTimeToSystemTime
WideCharToMultiByte
CopyFileW
GlobalSize
GlobalLock
GlobalUnlock
lstrlenW
MulDiv
SetLastError
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetCurrentProcess
lstrcpyW
SetFileAttributesW
GetSystemDefaultLangID
GetUserDefaultLangID
DeleteFileW
MoveFileExW
GetModuleFileNameW
FindFirstFileW
FindNextFileW
FindClose
GetCommandLineW
CreateProcessW
GetExitCodeProcess
GlobalAlloc
GlobalFree
GetTickCount
Sleep
GetProcessHeap
HeapAlloc
HeapFree
WriteFile
GetWindowsDirectoryW
lstrcatW
LoadLibraryW
GetProcAddress
FreeLibrary
GetLastError
LocalAlloc
FormatMessageW
LocalFree
CreateFileW
DeviceIoControl
CloseHandle
CreateEventW
ResetEvent
CreateThread
WaitForSingleObject
SetEvent
MultiByteToWideChar
FindResourceW
LoadResource
LockResource
SizeofResource
GetStartupInfoW

user32

TranslateAcceleratorW
SetMenu
BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemW
LoadAcceleratorsW
LoadMenuW
ReuseDDElParam
UnpackDDElParam
RegisterClipboardFormatW
GetSystemMenu
SetParent
UnionRect
PostThreadMessageW
SetTimer
KillTimer
GetDCEx
LockWindowUpdate
CharNextW
DestroyIcon
WaitMessage
ReleaseCapture
WindowFromPoint
SetCapture
DeleteMenu
GetSysColorBrush
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
ScrollWindowEx
ShowWindow
MoveWindow
SetWindowTextW
IsDialogMessageW
IsDlgButtonChecked
SetDlgItemTextW
SetDlgItemInt
GetDlgItemTextW
GetDlgItemInt
CheckRadioButton
CheckDlgButton
MapVirtualKeyW
GetKeyNameTextW
ReleaseDC
GetDC
RegisterWindowMessageW
SendDlgItemMessageA
SendDlgItemMessageW
WinHelpW
IsChild
GetCapture
GetClassNameW
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
IsWindow
SetFocus
GetDialogBaseUnits
GetWindowTextW
GetForegroundWindow
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetWindowLongPtrW
SetWindowLongPtrW
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
UpdateWindow
GetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
OffsetRect
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowRect
UnhookWindowsHookEx
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
GetWindowThreadProcessId
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetWindowsHookExW
CallNextHookEx
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
GetFocus
SystemParametersInfoW
DestroyMenu
GetMenuItemInfoW
InflateRect
UnregisterClassW
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
GetWindowTextLengthW
CopyAcceleratorTableW
GetParent
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
GetMenuState
GetMenuStringW
AppendMenuW
InsertMenuW
GetMenuItemID
GetMenuItemCount
GetSubMenu
RemoveMenu
EnableWindow
LoadIconW
GetClientRect
IsIconic
SendMessageW
DrawIcon
ExitWindowsEx
GetSystemMetrics
CharUpperW
wsprintfW
LoadCursorW
SetCursor
MessageBoxW
PostMessageW
SetScrollInfo
UnregisterClassA

gdi32

MoveToEx
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
SetArcDirection
SetColorAdjustment
DeleteObject
PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateSolidBrush
CreateHatchBrush
GetBkColor
GetTextColor
LineTo
CreateFontIndirectW
GetTextExtentPoint32W
SetRectRgn
CombineRgn
GetMapMode
DPtoLP
GetStockObject
GetTextMetricsW
CreateCompatibleBitmap
GetCharWidthW
CreateFontW
StretchDIBits
CreateCompatibleDC
CreatePatternBrush
CreateDIBPatternBrushPt
DeleteDC
ExtSelectClipRgn
PolyBezierTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateBitmap
CreateDCW
CopyMetaFileW
GetRgnBox
GetDeviceCaps
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
StartDocW
GetPixel
BitBlt
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SelectPalette

comdlg32

GetFileTitleW

winspool.drv

OpenPrinterW
ClosePrinter
DocumentPropertiesW

advapi32

RegQueryValueW
RegEnumKeyW
RegSetValueW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
DeleteService
OpenSCManagerW
StartServiceW
QueryServiceStatusEx
EnumDependentServicesW
OpenServiceW
ControlService
CloseServiceHandle
RegCreateKeyExW

shell32

ExtractIconW
SHGetFileInfoW
DragFinish
DragQueryFileW
ShellExecuteW

shlwapi

PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
SHDeleteKeyW
PathIsUNCW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
StringFromGUID2
CoCreateInstance
CoDisconnectObject
CLSIDFromString
CLSIDFromProgID
OleDuplicateData
CoTreatAsClass
StgCreateDocfileOnILockBytes
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
WriteClassStg
WriteFmtUserTypeStg
SetConvertStg
CoTaskMemFree
CreateILockBytesOnHGlobal
OleRun
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoRevokeClassObject
StringFromCLSID
CoRegisterClassObject

oleaut32

SysFreeString
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
VarDateFromStr
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayDestroy
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayCopy
SafeArrayAllocDescriptor
SafeArrayAllocData
VariantCopy
SafeArrayRedim
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElemsize
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayAccessData
SafeArrayUnaccessData
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysStringLen
VarBstrFromDec
VarDecFromStr
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
LoadTypeLi

Sections

.text
Size: 946KB - Virtual size: 946KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 3.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Setup.exe
.exe windows:5 windows x86

3bbc438a22f0da20c261c43ee78bc464

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:67:02:15:e8:f1:e2:22:f4:24:11:c4:56:b1:23:db:6c:35:7c:c4:ca:e9:64:6d:8a:29:4f:25:5e:7b:5c:0d
Signer

Actual PE Digest

d2:67:02:15:e8:f1:e2:22:f4:24:11:c4:56:b1:23:db:6c:35:7c:c4:ca:e9:64:6d:8a:29:4f:25:5e:7b:5c:0d

Digest Algorithm

sha256

PE Digest Matches

true

b7:7e:a8:be:8b:9d:97:86:5c:56:05:84:09:de:1e:f1:8e:06:9b:cd
Signer

Actual PE Digest

b7:7e:a8:be:8b:9d:97:86:5c:56:05:84:09:de:1e:f1:8e:06:9b:cd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

IsBadReadPtr
CompareStringW
CompareStringA
GetSystemDefaultLangID
GetUserDefaultLangID
ExpandEnvironmentStringsW
GetCurrentDirectoryW
FileTimeToLocalFileTime
GetFileTime
SetFileAttributesW
HeapAlloc
HeapFree
GetProcessHeap
CopyFileW
GetSystemDefaultUILanguage
CloseHandle
Sleep
CreateProcessW
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
lstrcpyW
lstrlenW
SetCurrentDirectoryW
DeleteFileW
RemoveDirectoryW
GetPrivateProfileIntW
GetLastError
SetLastError
WaitForSingleObject
GetCurrentProcess
ExitProcess
TerminateProcess
ResumeThread
GetThreadContext
SetThreadContext
FlushInstructionCache
GetSystemDirectoryW
VirtualProtectEx
WriteProcessMemory
LoadLibraryW
lstrcatW
lstrcpynW
lstrcmpiW
LoadLibraryExW
FreeLibrary
FindResourceExW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
VirtualQuery
GetSystemInfo
GetSystemTimeAsFileTime
CreateEventW
CreateMutexW
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
SetErrorMode
RaiseException
FreeResource
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcatA
lstrcmpiA
MulDiv
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
SetConsoleCtrlHandler
WriteFile
SetFilePointer
GetFileSize
GetFileAttributesW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
FindFirstFileW
FindClose
CreateDirectoryW
VerLanguageNameW
IsValidLocale
GetLocaleInfoW
WideCharToMultiByte
lstrcpyA
GetTickCount
ExitThread
CreateThread
GetExitCodeProcess
ReadFile
GetCommandLineW
FormatMessageW
LocalFree
DuplicateHandle
GetVersionExW
GetWindowsDirectoryW
InterlockedDecrement
InterlockedIncrement
GetTempPathW
CreateFileW
LoadLibraryA
GetSystemDirectoryA
FindResourceW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
SizeofResource
LockResource
LoadResource
MultiByteToWideChar
MoveFileExW
OutputDebugStringW
EnumSystemLocalesW
GetUserDefaultLCID
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetFileType
HeapReAlloc
GetStringTypeW
GetCurrentThreadId
GetCPInfo
GetOEMCP
IsValidCodePage
HeapSize
AreFileApisANSI
GetModuleHandleExW
GetStdHandle
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
ReadConsoleW
TlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FatalAppExitA
GetACP
IsProcessorFeaturePresent
IsDebuggerPresent
RtlUnwind
lstrcpynA
LocalAlloc
FindNextFileW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
lstrcmpW
GetShortPathNameW
GetCurrentThread
QueryPerformanceCounter
lstrcmpA
SystemTimeToFileTime
ResetEvent
SetEvent
Process32NextW
Process32FirstW
CreateToolhelp32Snapshot
GetDateFormatW
GetTimeFormatW
GetTempFileNameW
InterlockedExchange
LoadLibraryExA
EnterCriticalSection
LeaveCriticalSection
EncodePointer
DecodePointer
LCMapStringW
GetVersion
GetCurrentProcessId
GetLocalTime
lstrlenA
GetProcessTimes
OpenProcess
SetFileTime
CompareFileTime
GetEnvironmentVariableW

user32

wsprintfW
WaitForInputIdle
CharUpperBuffW
DialogBoxIndirectParamW
SendMessageW
GetDlgItem
SetDlgItemTextW
SetActiveWindow
SetForegroundWindow
SetWindowTextW
GetWindowRect
MessageBoxW
GetWindowLongW
SetWindowLongW
LoadIconW
TranslateMessage
MoveWindow
EndDialog
SystemParametersInfoW
GetWindow
FillRect
GetSysColor
MapWindowPoints
RemovePropW
GetPropW
SetPropW
EndPaint
BeginPaint
EnableMenuItem
GetSystemMetrics
SetFocus
ExitWindowsEx
CharUpperW
wsprintfA
CallWindowProcW
CreateWindowExW
DrawIcon
DrawTextW
UpdateWindow
GetWindowDC
InvalidateRect
DrawFocusRect
CopyRect
InflateRect
EnumChildWindows
GetClassNameW
MapDialogRect
RegisterClassExW
GetDlgItemTextW
IntersectRect
MonitorFromPoint
DefWindowProcW
GetMessageW
LoadStringW
LoadImageW
ReleaseDC
GetDC
CreateDialogParamW
GetParent
GetWindowTextW
CharNextW
GetDesktopWindow
GetClientRect
IsWindowEnabled
CreateDialogIndirectParamW
IsWindowVisible
IsDialogMessageW
FindWindowExW
ScreenToClient
EnableWindow
MsgWaitForMultipleObjects
SendDlgItemMessageW
SetWindowPos
ShowWindow
DestroyWindow
IsWindow
PostMessageW
PeekMessageW
DispatchMessageW

gdi32

SetTextColor
SetBkMode
SetBkColor
SaveDC
RestoreDC
CreateSolidBrush
UnrealizeObject
CreateHalftonePalette
GetDIBColorTable
SelectPalette
SelectObject
RealizePalette
GetSystemPaletteEntries
GetDeviceCaps
DeleteDC
CreatePalette
CreateCompatibleDC
BitBlt
GetObjectW
TranslateCharsetInfo
DeleteObject
CreateFontIndirectW
CreateCompatibleBitmap
CreateDCW
CreatePatternBrush
GetStockObject
GetTextExtentPoint32W
DeleteMetaFile
CreateDIBitmap
CreateBitmap
CreateRectRgn
PatBlt
PlayMetaFile
SelectClipRgn
SetMapMode
SetMetaFileBitsEx
SetPixel
StretchBlt
SetStretchBltMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
TextOutW

advapi32

RegCreateKeyExW
CryptVerifySignatureW
CryptSignHashW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptImportKey
CryptExportKey
CryptGetHashParam
CryptSetHashParam
CryptDestroyKey
CryptDeriveKey
CryptReleaseContext
CryptAcquireContextW
EqualSid
GetTokenInformation
OpenThreadToken
RegEnumKeyW
RegCreateKeyW
RegOverridePredefKey
LookupPrivilegeValueW
FreeSid
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
SetEntriesInAclW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
CreateWellKnownSid
RegSetValueExW
RegCloseKey

shell32

ShellExecuteExW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc

ole32

CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoInitializeSecurity
ProgIDFromCLSID
CreateStreamOnHGlobal
CoInitializeEx
CoUninitialize
GetRunningObjectTable
CreateItemMoniker
CoLoadLibrary
CoCreateGuid
StringFromGUID2

oleaut32

SysStringByteLen
VarBstrCmp
CreateErrorInfo
SetErrorInfo
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
SysFreeString
SysStringLen
SysAllocStringLen
SysReAllocStringLen
GetErrorInfo
SysAllocStringByteLen
VariantInit
VariantClear
VariantChangeType
VarUI4FromStr
VarBstrCat

rpcrt4

UuidCreate
UuidToStringW
UuidFromStringW
RpcStringFreeW

gdiplus

GdipAlloc
GdipDrawImageRectI
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromResource
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipGetImageWidth
GdipGetImageHeight

Sections

.text
Size: 683KB - Virtual size: 682KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 305KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
USetup.iss
Win64/HDXINTEL.inf
Win64/RTAIODAT.DAT
Win64/RTKVHD64.sys
.sys windows:10 windows x64

266b79dd1112151c2230187854469b99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

portcls.sys

PcNewPort
PcRegisterAdapterPowerManagement
PcAddAdapterDevice
PcDispatchIrp
PcInitializeAdapterDriver
PcRegisterPhysicalConnection
PcRegisterSubdevice
PcNewRegistryKey
PcForwardIrpSynchronous

ntoskrnl.exe

ExSystemTimeToLocalTime
IoBuildSynchronousFsdRequest
IofCallDriver
RtlWriteRegistryValue
KeSetEvent
KeInitializeTimerEx
KeCancelTimer
KeSetTimerEx
KeWaitForMultipleObjects
KeInitializeSemaphore
KeReleaseSemaphore
ObReferenceObjectByHandle
ObfDereferenceObject
ExEventObjectType
KeDelayExecutionThread
KeClearEvent
ExFreePoolWithTag
IoAllocateWorkItem
IoFreeWorkItem
IoQueueWorkItem
RtlIntegerToUnicodeString
RtlUnicodeStringToInteger
RtlInitUnicodeString
RtlCompareUnicodeString
RtlFreeUnicodeString
RtlStringFromGUID
IoGetDeviceObjectPointer
IoRegisterPlugPlayNotification
IoUnregisterPlugPlayNotification
KeInitializeEvent
RtlDeleteRegistryValue
KeSetPriorityThread
PsCreateSystemThread
PsTerminateSystemThread
ZwClose
ZwOpenKey
ZwEnumerateKey
ZwQueryValueKey
ZwSetValueKey
ZwCreateKey
ZwDeleteValueKey
RtlQueryRegistryValues
MmGetSystemRoutineAddress
DbgPrint
MmMapIoSpace
MmUnmapIoSpace
MmBuildMdlForNonPagedPool
MmMapLockedPagesSpecifyCache
MmUnmapLockedPages
IoAllocateMdl
IoFreeMdl
KeGetCurrentIrql
KeResetEvent
ExAcquireFastMutex
ExReleaseFastMutex
ExCreateCallback
ExRegisterCallback
ExUnregisterCallback
IoAllocateErrorLogEntry
RtlTimeToTimeFields
IoBuildDeviceIoControlRequest
IoCancelIrp
IoFreeIrp
IoGetAttachedDeviceReference
IoWriteErrorLogEntry
IoInvalidateDeviceRelations
IoGetDeviceInterfaces
PoRequestPowerIrp
ObfReferenceObject
RtlTimeFieldsToTime
ZwCreateFile
ZwQueryInformationFile
ZwReadFile
ZwWriteFile
KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
KeRemoveQueueDpc
ExAllocatePool
KeReadStateEvent
IoRegisterDeviceInterface
KeInitializeSpinLock
IofCompleteRequest
IoCreateDevice
IoCreateSymbolicLink
IoDeleteDevice
IoDeleteSymbolicLink
IoInitializeRemoveLockEx
IoCsqInitialize
IoCsqInsertIrp
IoCsqRemoveNextIrp
RtlInitString
RtlAnsiStringToUnicodeString
RtlUnicodeStringToAnsiString
RtlFreeAnsiString
KeAcquireSpinLockAtDpcLevel
KeReleaseSpinLockFromDpcLevel
KeQueryTimeIncrement
ZwQueryKey
RtlGUIDFromString
IoOpenDeviceInterfaceRegistryKey
RtlInitAnsiString
IoWMIRegistrationControl
IoSetDeviceInterfaceState
RtlCreateSecurityDescriptor
RtlSetDaclSecurityDescriptor
IoCreateSynchronizationEvent
IoWMIOpenBlock
IoWMIQueryAllData
ObReferenceObjectByPointer
RtlEqualUnicodeString
MmProbeAndLockPages
MmUnlockPages
ZwSetInformationFile
__C_specific_handler
RtlRaiseException
_purecall
ExFreePool
EtwWrite
PoRegisterPowerSettingCallback
PoUnregisterPowerSettingCallback
RtlCreateRegistryKey
PsGetCurrentProcessId
EtwRegister
EtwUnregister
KeInitializeGuardedMutex
KeAcquireGuardedMutex
KeReleaseGuardedMutex
RtlCheckRegistryKey
ZwOpenEvent
ZwCreateEvent
RtlMultiByteToUnicodeN
RtlAnsiCharToUnicodeChar
RtlUnicodeToMultiByteN
ExAllocatePoolWithTag
KeBugCheckEx
KeWaitForSingleObject
KeReleaseMutex
KeInitializeMutex
RtlCompareMemory
IoAllocateIrp

hal

KeStallExecutionProcessor
KeQueryPerformanceCounter

cng.sys

BCryptHashData
BCryptCreateHash
BCryptVerifySignature
BCryptDestroyKey
BCryptFinalizeKeyPair
BCryptImportKeyPair
BCryptGenRandom
BCryptGenerateKeyPair
BCryptGenerateSymmetricKey
BCryptCloseAlgorithmProvider
BCryptSetProperty
BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptDecrypt
BCryptExportKey
BCryptEncrypt

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

CODE
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 367KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/ExtRtk_9456.1/HDX_IntelExt_RTK_FORTE.inf
Win64/Realtek/ExtRtk_9456.1/hdxrtext.cat
Win64/Realtek/RealtekAPO_1062/RealtekAPO.inf
Win64/Realtek/RealtekAPO_1062/RltkAPOU64.dll
.dll regsvr32 windows:6 windows x64

1f49cc44a833c52d074b1cd22c187d24

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
FindResourceW
LoadLibraryW
LocalAlloc
lstrcmpiW
SetEndOfFile
MultiByteToWideChar
SetThreadPriority
CreateThread
GetCurrentProcess
WaitForMultipleObjects
CreateEventW
WaitForSingleObjectEx
WaitForSingleObject
SetEvent
SetStdHandle
GetStringTypeW
FlushFileBuffers
SetEnvironmentVariableW
FreeEnvironmentStringsW
DeleteCriticalSection
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerW
GetLocalTime
FindResourceExW
LockResource
FileTimeToSystemTime
SystemTimeToFileTime
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
EncodePointer
LocalFree
GetThreadLocale
SetThreadLocale
InitializeCriticalSectionEx
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LeaveCriticalSection
FindFirstFileExW
EnterCriticalSection
DeviceIoControl
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
DuplicateHandle
QueryPerformanceCounter
GetModuleHandleW
InitializeCriticalSection
ReleaseMutex
CreateMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
WideCharToMultiByte
HeapAlloc
HeapDestroy
FindClose
GetFileSizeEx
GetLastError
RaiseException
CloseHandle
ResetEvent
OpenMutexW
DecodePointer
GetSystemTime
OpenFileMappingW
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
GetConsoleCP
SetFilePointerEx
ReadConsoleW
VerSetConditionMask
VerifyVersionInfoW
GetConsoleMode
CreateEventExW
ReadFile
RtlUnwind
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
SetConsoleCtrlHandler
WriteFile
GetCurrentThread
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
WriteConsoleW
GetModuleHandleExW
GetFileType
GetStdHandle
FreeLibrary
GetPriorityClass
QueryPerformanceFrequency
GetThreadPriority
FlsFree
FlsSetValue
FlsGetValue
FindNextFileW
CreateFileW
Sleep
GetSystemInfo
LoadLibraryA
FlsAlloc
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
RtlUnwindEx
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
SetLastError

user32

CharNextW
UnregisterClassA

advapi32

RegGetValueW
RegEnumValueW
EventWrite
EventUnregister
EventRegister
RegQueryValueExW
RegNotifyChangeKeyValue
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDeleteKeyExW
RegSetKeySecurity
TraceMessage
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

PropVariantClear
CLSIDFromString
StringFromCLSID
PropVariantCopy
CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance

oleaut32

VarUI4FromStr
UnRegisterTypeLi
RegisterTypeLi
LoadTypeLi
SysFreeString
SysStringLen
SysAllocString

winmm

timeBeginPeriod
timeEndPeriod

api-ms-win-devices-config-l1-1-1

CM_Get_Device_Interface_List_SizeW
CM_Get_Device_ID_List_SizeW
CM_Get_Device_ID_ListW
CM_Get_DevNode_Registry_PropertyW
CM_Locate_DevNodeW
CM_Get_Device_Interface_ListW

propsys

InitPropVariantFromCLSID

shlwapi

StrCmpW

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoUninitialize
RoInitialize

audioeng

AERT_Free
AERT_Allocate

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics
AvSetMmThreadPriority

rtworkq

RtwqCreateAsyncResult
RtwqPutWorkItem

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_BSS
Size: - Virtual size: 8B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 345KB - Virtual size: 918KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_CONST
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

minATL
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 207KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekAPO_1062/realtekapo.cat
Win64/Realtek/RealtekHSA_288/RealtekHSA.inf
Win64/Realtek/RealtekHSA_288/realtekhsa.cat
Win64/Realtek/RealtekService_588/RealtekService.inf
Win64/Realtek/RealtekService_588/RtCOM64.dll
.dll regsvr32 windows:6 windows x64

8e946d8efa5ce7a7c40f694379f6b4f0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:10:1d:15:d8:f8:58:ee:53:27:dc:9b:f4:b5:e6:0b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

15/07/2021, 00:00

Not After

13/01/2022, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=HSINCHU,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5d:86:4a:69:af:d6:3d:eb:f1:aa:bd:ef:d9:73:57:47:7c:53:a2:0e:85:a6:9f:ab:8d:7e:47:23:ba:0b:15:6e
Signer

Actual PE Digest

5d:86:4a:69:af:d6:3d:eb:f1:aa:bd:ef:d9:73:57:47:7c:53:a2:0e:85:a6:9f:ab:8d:7e:47:23:ba:0b:15:6e

Digest Algorithm

sha256

PE Digest Matches

true

5d:86:4a:69:af:d6:3d:eb:f1:aa:bd:ef:d9:73:57:47:7c:53:a2:0e:85:a6:9f:ab:8d:7e:47:23:ba:0b:15:6e
Signer

Actual PE Digest

5d:86:4a:69:af:d6:3d:eb:f1:aa:bd:ef:d9:73:57:47:7c:53:a2:0e:85:a6:9f:ab:8d:7e:47:23:ba:0b:15:6e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-synch-l1-1-0

CreateEventA
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
SetEvent
CreateEventW
WaitForSingleObjectEx
ResetEvent
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx

oleaut32

SysFreeString
LoadTypeLi
LoadRegTypeLi
RegisterTypeLi
SysStringLen
SysAllocString
UnRegisterTypeLi
VarUI4FromStr

propsys

PropVariantToUInt32
InitPropVariantFromCLSID
PropVariantToString

api-ms-win-core-com-l1-1-0

CoUninitialize
CoFreeUnusedLibrariesEx
CoInitializeEx
CoTaskMemRealloc
CoCreateInstance
StringFromGUID2
CLSIDFromString
PropVariantClear
CoTaskMemFree
CoTaskMemAlloc

api-ms-win-core-heap-l1-1-0

HeapReAlloc
HeapAlloc
GetProcessHeap
HeapDestroy
HeapSize
HeapFree

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
GetStringTypeW
WideCharToMultiByte

api-ms-win-core-libraryloader-l1-2-0

LoadResource
SizeofResource
LoadLibraryExW
GetModuleHandleW
GetProcAddress
GetModuleHandleExW
FreeLibrary
FindResourceExW
GetModuleHandleA
GetModuleFileNameA
LoadLibraryExA
LockResource

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryA

api-ms-win-core-file-l1-1-0

FlushFileBuffers
FindFirstFileExA
CreateFileW
FindClose
SetFilePointerEx
WriteFile
FindNextFileA
CreateFileA
GetFileType

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-errorhandling-l1-1-0

SetLastError
RaiseException
SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-registry-l1-1-0

RegQueryInfoKeyW
RegCreateKeyExA
RegEnumKeyExA
RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiA

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemInfo

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentProcess
TerminateProcess
ExitProcess
TlsAlloc
TlsGetValue
GetCurrentThreadId
TlsFree
GetStartupInfoW
TlsSetValue
CreateThread

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
OutputDebugStringA
IsDebuggerPresent

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-stringansi-l1-1-0

CharUpperA
CharNextA

api-ms-win-mm-mme-l1-1-0

mixerGetLineInfoA
mixerSetControlDetails
mixerOpen
mixerGetDevCapsA
mixerGetNumDevs
mixerGetID
mixerGetControlDetailsA
mixerGetLineControlsA

api-ms-win-core-registry-l2-1-0

RegDeleteKeyA
RegOpenKeyA

api-ms-win-core-localization-l1-2-0

GetOEMCP
GetCPInfo
LCMapStringW
IsDBCSLeadByte
GetACP
IsValidCodePage
GetThreadLocale
SetThreadLocale

api-ms-win-core-kernel32-legacy-l1-1-0

FindResourceA

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
OpenProcess

api-ms-win-core-psapi-l1-1-0

K32EnumProcessModules

api-ms-win-core-psapi-ansi-l1-1-0

K32GetModuleBaseNameA

bcrypt

BCryptEncrypt
BCryptDestroyKey
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptImportKeyPair

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

setupapi

SetupDiEnumDeviceInterfaces
SetupDiGetDeviceRegistryPropertyA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA

kernel32

WinExec

user32

FindWindowExA
FindWindowA
RegisterWindowMessageA
PostMessageA

ole32

CoInitialize

api-ms-win-core-rtlsupport-l1-1-0

RtlPcToFileHeader
RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind
RtlUnwindEx

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedFlushSList

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualQuery
VirtualProtect

api-ms-win-core-processenvironment-l1-1-0

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStdHandle
SetStdHandle
GetCommandLineW
GetCommandLineA

api-ms-win-core-console-l1-1-0

GetConsoleCP
GetConsoleMode
WriteConsoleW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 367KB - Virtual size: 366KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 516KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_588/RtDataProc64.dll
.dll regsvr32 windows:6 windows x64

790e1c385c540748970ff5224af4b217

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:ea:b8:7b:37:17:35:53:ad:a0:99:07:25:3c:88:4b
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16/08/2021, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,1.3.6.1.4.1.311.60.2.1.3=#13025457,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

86:d2:aa:9a:40:03:dc:38:34:11:43:8b:06:ec:c8:c4:e7:6d:58:00:27:41:ef:4e:ef:84:09:9b:ce:39:91:7a
Signer

Actual PE Digest

86:d2:aa:9a:40:03:dc:38:34:11:43:8b:06:ec:c8:c4:e7:6d:58:00:27:41:ef:4e:ef:84:09:9b:ce:39:91:7a

Digest Algorithm

sha256

PE Digest Matches

true

86:d2:aa:9a:40:03:dc:38:34:11:43:8b:06:ec:c8:c4:e7:6d:58:00:27:41:ef:4e:ef:84:09:9b:ce:39:91:7a
Signer

Actual PE Digest

86:d2:aa:9a:40:03:dc:38:34:11:43:8b:06:ec:c8:c4:e7:6d:58:00:27:41:ef:4e:ef:84:09:9b:ce:39:91:7a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-synch-l1-1-0

ResetEvent
WaitForSingleObject
CreateEventW
DeleteCriticalSection
InitializeCriticalSectionEx
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
SetEvent

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-1-0

HeapReAlloc
GetProcessHeap
HeapDestroy
HeapAlloc
HeapFree
HeapSize

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
TlsAlloc
GetCurrentThreadId
TlsGetValue
GetCurrentProcessId
CreateThread
GetCurrentProcess
TlsSetValue
SetThreadPriority
TlsFree

api-ms-win-core-libraryloader-l1-2-0

LoadResource
FindResourceExW
LoadLibraryExW
GetProcAddress
SizeofResource
FreeLibrary
GetModuleHandleW
LockResource
GetModuleFileNameW

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-core-registry-l1-1-0

RegCreateKeyExW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW

api-ms-win-core-com-l1-1-0

StringFromCLSID
CoTaskMemFree
CoInitializeEx
CoCreateInstance
StringFromGUID2
PropVariantClear
CoTaskMemAlloc

api-ms-win-mm-time-l1-1-0

timeGetTime

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-string-l2-1-0

CharUpperW

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
RaiseException
GetLastError

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

setupapi

SetupDiEnumDeviceInfo
SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
abort
terminate
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_errno
_invalid_parameter_noinfo

api-ms-win-crt-string-l1-1-0

wcsnlen
memset
strnlen
wcsncmp
strcpy_s
_wcslwr_s
wmemcpy_s

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

api-ms-win-crt-heap-l1-1-0

calloc
_callnewh
free
malloc

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwindEx
RtlCaptureContext
RtlPcToFileHeader
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedFlushSList

api-ms-win-crt-math-l1-1-0

powf
sin
sqrt
sqrtf
expf

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 199KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RT_DATA
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RT_CONST
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_588/RtkApi64U.dll
.dll regsvr32 windows:6 windows x64

ad41f11ee3ea28e81ce4e23891847f3b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
GetModuleHandleW
GetProcAddress
LoadLibraryExW
LoadResource
SizeofResource
FindResourceW
lstrcmpiW
WriteConsoleW
MultiByteToWideChar
DeleteCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
SetEndOfFile
FlushFileBuffers
GetStringTypeW
SetStdHandle
LCMapStringW
HeapAlloc
HeapDestroy
FindResourceExW
LockResource
CreateFileW
CloseHandle
DeviceIoControl
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
DecodePointer
GetThreadLocale
SetThreadLocale
FreeEnvironmentStringsW
GetEnvironmentStringsW
ReleaseMutex
WaitForSingleObject
CreateMutexW
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
LocalFree
GetUserDefaultLCID
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetLastError
SetEvent
WaitForMultipleObjects
FreeLibrary
GetACP
LoadLibraryW
IsValidCodePage
FindNextFileW
RaiseException
FindFirstFileExW
FindClose
SetFilePointerEx
IsDebuggerPresent
OutputDebugStringW
__C_specific_handler
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
ReadFile
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP

user32

CharNextW

advapi32

RegEnumValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
RegSetValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

ole32

PropVariantCopy
CoTaskMemFree
PropVariantClear
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
StringFromGUID2
StringFromCLSID
CLSIDFromString

oleaut32

RegisterTypeLi
SafeArrayUnaccessData
GetRecordInfoFromTypeInfo
VarUI4FromStr
LoadTypeLi
UnRegisterTypeLi
SafeArrayAccessData
SysStringLen
SafeArrayCreateEx
SysAllocString
LoadRegTypeLi
SysFreeString

api-ms-win-devices-config-l1-1-1

CM_Locate_DevNodeW
CM_Get_Device_ID_List_SizeW
CM_Get_DevNode_Registry_PropertyW
CM_Get_Device_ID_ListW

propsys

InitPropVariantFromCLSID

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ParseAddWriteDS1PCDAT
ParseAddWritePCEE4DAT

Sections

.text
Size: 423KB - Virtual size: 423KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_588/RtkAudUService64.exe
.exe windows:6 windows x64

b593e9e84098c35deecfbee277944846

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

30/05/2022, 00:00

Not After

19/07/2024, 23:59

Subject

SERIALNUMBER=22671299,CN=Realtek Semiconductor Corp.,O=Realtek Semiconductor Corp.,L=Hsinchu City,C=TW,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13025457

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:dc:34:1a:52:0f:bb:cf:3d:8c:00:00:00:00:00:dc
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

10/03/2022, 19:58

Not After

08/03/2023, 19:58

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

72:5b:1b:66:da:73:b4:8a:3d:d7:9b:9b:8b:f7:42:62:dd:99:d5:cc:41:c6:fb:f3:1f:ff:d9:ce:76:23:4e:3c
Signer

Actual PE Digest

72:5b:1b:66:da:73:b4:8a:3d:d7:9b:9b:8b:f7:42:62:dd:99:d5:cc:41:c6:fb:f3:1f:ff:d9:ce:76:23:4e:3c

Digest Algorithm

sha256

PE Digest Matches

true

72:5b:1b:66:da:73:b4:8a:3d:d7:9b:9b:8b:f7:42:62:dd:99:d5:cc:41:c6:fb:f3:1f:ff:d9:ce:76:23:4e:3c
Signer

Actual PE Digest

72:5b:1b:66:da:73:b4:8a:3d:d7:9b:9b:8b:f7:42:62:dd:99:d5:cc:41:c6:fb:f3:1f:ff:d9:ce:76:23:4e:3c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

oleaut32

LPSAFEARRAY_UserSize64
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal64
BSTR_UserSize
BSTR_UserFree64
BSTR_UserSize64
BSTR_UserMarshal
BSTR_UserUnmarshal
LPSAFEARRAY_UserMarshal64
LoadTypeLibEx
SafeArrayCreate
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayPutElement
SafeArrayCreateVector
VariantClear
VariantInit
SysAllocString
LPSAFEARRAY_UserFree64
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
BSTR_UserUnmarshal64
LPSAFEARRAY_UserSize
SysFreeString
VariantCopy
BSTR_UserFree
BSTR_UserMarshal64

rpcrt4

RpcServerInqBindings
RpcEpRegisterW
RpcServerListen
NdrServerCall2
NdrCStdStubBuffer2_Release
NdrCStdStubBuffer_Release
CStdStubBuffer_Invoke
NdrStubForwardingFunction
RpcServerUnregisterIf
NdrServerCallAll
RpcEpUnregister
IUnknown_AddRef_Proxy
NdrClientCall3
RpcBindingVectorFree
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
NdrStubCall3
CStdStubBuffer_DebugServerRelease
IUnknown_QueryInterface_Proxy
NdrOleAllocate
NdrOleFree
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
RpcServerUseProtseqEpW
RpcServerRegisterIf3
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerQueryInterface

api-ms-win-core-com-l1-1-0

StringFromCLSID
CLSIDFromString
CoInitializeSecurity
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
CoUninitialize
CoInitializeEx
CoSetProxyBlanket
StringFromGUID2
CoTaskMemAlloc
PropVariantClear
CoFreeUnusedLibrariesEx
CoCreateInstance

propsys

PropVariantToString
InitPropVariantFromCLSID

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
HeapSize
HeapReAlloc
GetProcessHeap
HeapDestroy

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetModuleHandleW
FindResourceExW
GetProcAddress
GetModuleHandleA
LoadStringW
FreeResource
FreeLibrary
SizeofResource
LockResource
LoadResource
GetModuleFileNameW

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpA
lstrcmpW
lstrcpyW
lstrlenW

api-ms-win-core-file-l1-1-0

QueryDosDeviceW
GetFileAttributesW
WriteFile
DeleteFileW
CreateFileW
FileTimeToLocalFileTime
ReadFile
GetFileSize

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-synch-l1-1-0

CreateEventExW
InitializeCriticalSectionAndSpinCount
CreateEventW
DeleteCriticalSection
SetEvent
CreateMutexW
InitializeCriticalSection
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSectionEx
WaitForSingleObjectEx
SetWaitableTimer
CancelWaitableTimer
ResetEvent
LeaveCriticalSection

api-ms-win-core-sysinfo-l1-1-0

GetSystemTime
GetTickCount
GetSystemTimeAsFileTime
GetSystemDirectoryW
GetLocalTime

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-handle-l1-1-0

SetHandleInformation
CloseHandle

api-ms-win-core-processthreads-l1-1-0

OpenProcessToken
CreateProcessAsUserW
TerminateProcess
TlsFree
ProcessIdToSessionId
GetCurrentProcess
CreateProcessW
SwitchToThread
GetStartupInfoW
CreateThread
TlsAlloc
TlsGetValue
TlsSetValue
GetExitCodeProcess
GetCurrentProcessId
SetProcessShutdownParameters
GetCurrentThreadId

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoUninitialize
RoInitialize

api-ms-win-core-synch-l1-2-1

CreateWaitableTimerW
WaitForMultipleObjects

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsCreateStringReference
WindowsGetStringRawBuffer

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-registry-l1-1-0

RegEnumValueW
RegSetKeySecurity
RegQueryInfoKeyW
RegQueryValueExW
RegFlushKey
RegEnumKeyExW
RegNotifyChangeKeyValue
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegGetValueW
RegCloseKey
RegOpenKeyExW
RegGetKeySecurity

api-ms-win-core-registry-l2-1-0

RegCreateKeyW
RegDeleteKeyW

api-ms-win-core-debug-l1-1-0

OutputDebugStringA
OutputDebugStringW
IsDebuggerPresent

ext-ms-win-shell32-shellfolders-l1-1-0

SHGetSpecialFolderPathW
SHGetFolderPathW

api-ms-win-core-privateprofile-l1-1-0

GetProfileIntW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-namedpipe-l1-1-0

CreatePipe
CreateNamedPipeW
ConnectNamedPipe
DisconnectNamedPipe

api-ms-win-core-localization-l1-2-0

FormatMessageW
LCMapStringW

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-heap-obsolete-l1-1-0

LocalSize

api-ms-win-core-kernel32-legacy-l1-1-0

GetSystemPowerStatus
WTSGetActiveConsoleSessionId

api-ms-win-security-base-l1-1-0

DuplicateTokenEx
AdjustTokenPrivileges
SetSecurityDescriptorDacl
AllocateAndInitializeSid
GetAclInformation
SetTokenInformation
AddAce
InitializeSecurityDescriptor
GetLengthSid
GetAce
GetSecurityDescriptorDacl
DeleteAce
AddAccessAllowedAceEx
FreeSid
CreateWellKnownSid
InitializeAcl

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-security-base-l1-2-2

DeriveCapabilitySidsFromName

api-ms-win-security-provider-l1-1-0

SetEntriesInAclW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

bcrypt

BCryptOpenAlgorithmProvider
BCryptDestroyKey
BCryptEncrypt
BCryptCloseAlgorithmProvider
BCryptImportKeyPair

api-ms-win-core-memory-l1-1-0

OpenFileMappingW
MapViewOfFile
ReadProcessMemory
UnmapViewOfFile

mfplat

MFCreateAttributes

mf

MFEnumDeviceSources

api-ms-win-service-core-l1-1-0

StartServiceCtrlDispatcherW
RegisterServiceCtrlHandlerExW
SetServiceStatus

api-ms-win-service-management-l1-1-0

DeleteService
OpenSCManagerW
CloseServiceHandle
CreateServiceW
OpenServiceW

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus
ControlService

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-appmodel-runtime-l1-1-1

FindPackagesByPackageFamily

api-ms-win-mm-misc-l1-1-0

mmioCreateChunk
mmioWrite
mmioSetInfo
mmioRead
mmioClose
mmioDescend
mmioGetInfo
mmioAdvance
mmioOpenW
mmioAscend
mmioSeek

api-ms-win-core-toolhelp-l1-1-0

Process32NextW
CreateToolhelp32Snapshot
Process32FirstW

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW

userenv

CreateEnvironmentBlock

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

crypt32

CryptDecodeObject
CertCloseStore
CertFreeCertificateContext
CertGetNameStringW
CertFindCertificateInStore
CryptMsgClose
CryptMsgGetParam
CryptQueryObject

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWork
SubmitThreadpoolWork

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage
GetTraceLoggerHandle
RegisterTraceGuidsW
GetTraceEnableFlags
GetTraceEnableLevel

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDevicePropertyW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInstanceIdW

wtsapi32

WTSQueryUserToken
WTSRegisterSessionNotification

kernel32

WinExec
WriteProfileStringW

user32

KillTimer
LoadCursorW
LoadIconW
DefWindowProcW
FindWindowExW
RegisterClassW
SendInput
GetMessageW
SendMessageW
TranslateMessage
DispatchMessageW
SetWindowsHookExW
UnhookWindowsHookEx
CallNextHookEx
UnregisterDeviceNotification
RegisterDeviceNotificationW
RegisterPowerSettingNotification
SetTimer
ShowWindow
CreateWindowExW

advapi32

ReportEventW
DeregisterEventSource
RegisterEventSourceW
GetUserNameW

ole32

CoInitialize

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

ntdll

NtQueryInformationProcess

api-ms-win-crt-runtime-l1-1-0

_crt_atexit
_invalid_parameter_noinfo
_errno
_register_thread_local_exe_atexit_callback
_c_exit
_exit
abort
exit
_initterm_e
_initterm
_initialize_onexit_table
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_register_onexit_function
_set_app_type
_resetstkoflw
_seh_filter_exe
terminate
_cexit
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-string-l1-1-0

_wcsupr_s
wcscpy_s
strtok_s
strnlen
wcsncmp
towupper
strcspn
_wcsicmp
toupper
strncmp
islower
__strncnt
iswspace
strcpy_s
wmemcpy_s
wcsnlen
_wcsdup
isupper
wcscat_s
wcstok_s

api-ms-win-crt-stdio-l1-1-0

_fseeki64
_wfopen_s
fwrite
__stdio_common_vsscanf
__stdio_common_vsprintf_s
fread
__p__commode
setvbuf
__stdio_common_vswprintf
fputs
fflush
fputws
ftell
_get_stream_buffer_pointers
__stdio_common_vswprintf_s
fgetc
fgetpos
ungetc
fputc
_wfsopen
__acrt_iob_func
__stdio_common_vfwprintf
__stdio_common_vfprintf_s
ungetwc
_set_fmode
fgetwc
fseek
__stdio_common_vfprintf
_flushall
fgets
__stdio_common_vsprintf
fclose
fsetpos
fputwc

api-ms-win-crt-convert-l1-1-0

_wtoi
wcstol
wcstoul
_wtof

api-ms-win-crt-heap-l1-1-0

calloc
free
_set_new_mode
malloc
_recalloc
_callnewh
realloc

api-ms-win-crt-math-l1-1-0

logf
pow
asin
atan2
sqrt
log10
__setusermatherr
frexp

api-ms-win-crt-locale-l1-1-0

__pctype_func
_unlock_locales
_lock_locales
localeconv
___mb_cur_max_func
___lc_locale_name_func
___lc_codepage_func
_configthreadlocale
setlocale

shlwapi

PathFileExistsW

api-ms-win-core-rtlsupport-l1-1-0

RtlUnwind
RtlUnwindEx
RtlCaptureContext
RtlPcToFileHeader
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

Sections

.text
Size: 827KB - Virtual size: 826KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 537KB - Virtual size: 537KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_588/RtkAudUServiceConf64.dll
.dll windows:6 windows x64

17ec50d0038781602e14eef76472e718

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-fibers-l1-1-0

FlsGetValue
FlsSetValue
FlsFree
FlsAlloc

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionEx
DeleteCriticalSection

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_initterm_e
terminate
_configure_narrow_argv
_seh_filter_dll
_initialize_onexit_table
abort
_initterm
_cexit

api-ms-win-crt-heap-l1-1-0

free
calloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_588/RtkAudUServiceRes64.dll
.dll windows:6 windows x64

17ec50d0038781602e14eef76472e718

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-fibers-l1-1-0

FlsGetValue
FlsSetValue
FlsFree
FlsAlloc

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionEx
DeleteCriticalSection

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_narrow_environment
_initterm_e
terminate
_configure_narrow_argv
_seh_filter_dll
_initialize_onexit_table
abort
_initterm
_cexit

api-ms-win-crt-heap-l1-1-0

free
calloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_588/RtkCfg64.dll
.dll regsvr32 windows:6 windows x64

aedbf594d8a1e16419dd583000492c65

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

api-ms-win-core-errorhandling-l1-1-0

GetLastError
RaiseException
UnhandledExceptionFilter
SetLastError
SetUnhandledExceptionFilter

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
GetModuleHandleW
GetModuleFileNameW
GetModuleHandleExW
LoadLibraryExW
SizeofResource
GetProcAddress
GetModuleFileNameA
LoadResource

api-ms-win-core-libraryloader-l1-2-1

FindResourceW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-string-l1-1-0

GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2

oleaut32

VarUI4FromStr
LoadTypeLi
SysFreeString
RegisterTypeLi
UnRegisterTypeLi
SysAllocString
SysStringLen

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-localization-l1-2-0

LCMapStringW
SetThreadLocale
IsValidCodePage
GetCPInfo
GetThreadLocale
GetOEMCP
GetACP

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlUnwindEx
RtlPcToFileHeader
RtlCaptureContext

api-ms-win-core-processthreads-l1-1-0

TlsFree
ExitProcess
GetCurrentProcess
TerminateProcess
GetStartupInfoW
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedFlushSList
InitializeSListHead

api-ms-win-core-heap-l1-1-0

HeapSize
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree

api-ms-win-core-file-l1-1-0

FindClose
FindNextFileA
GetFileType
FlushFileBuffers
FindFirstFileExA
SetFilePointerEx
CreateFileW
WriteFile

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineW
GetEnvironmentStringsW
SetStdHandle
GetStdHandle
GetCommandLineA
FreeEnvironmentStringsW

api-ms-win-core-console-l1-1-0

GetConsoleCP
GetConsoleMode
WriteConsoleW

api-ms-win-core-handle-l1-1-0

CloseHandle

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_588/SpeakerVerfDll.dll
.dll windows:6 windows x64

8b9b3cb3e41a8eb19439f9748c1d61d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
InitializeCriticalSectionEx
HeapSize
GetLastError
OutputDebugStringW
HeapReAlloc
RaiseException
HeapAlloc
HeapDestroy
DeleteCriticalSection
GetProcessHeap
GetSystemInfo
FreeLibrary
GetProcAddress
LoadLibraryA
QueryPerformanceFrequency
CloseHandle
EnterCriticalSection
LeaveCriticalSection
SetEvent
SetDllDirectoryA
GetSystemTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
WideCharToMultiByte
WriteConsoleW
SetEndOfFile
FlushFileBuffers
InitializeCriticalSectionAndSpinCount
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ReadFile
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
GetStdHandle
GetFileType
GetConsoleMode
ReadConsoleW
WriteFile
GetConsoleCP
GetFileSizeEx
SetFilePointerEx
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetStringTypeW
SetStdHandle
CreateFileW

Exports

Exports

SVD_Destroy
SVD_GetDetect
SVD_GetDetectCount
SVD_GetParam
SVD_GetScore
SVD_Init
SVD_Init2
SVD_Process
SVD_Process2
SVD_SetParam
SVD_StartRecog
SVD_Stop
SVE_Destroy
SVE_GetOutputTrainDataSize
SVE_GetParam
SVE_GetTrainDataReady
SVE_GetTrainIdByIndex
SVE_GetTrainIdCount
SVE_Init
SVE_Init2
SVE_Process
SVE_Process2
SVE_SaveTrainDataToMemory
SVE_SetParam
SVE_StartTrain
SVE_Stop

Sections

.text
Size: 589KB - Virtual size: 589KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 706KB - Virtual size: 706KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Win64/Realtek/RealtekService_588/realtekservice.cat
Win64/hdxrt.cat
data1.cab
data1.hdr
data2.cab
layout.bin
setup.ini
setup.inx
setup.isn
setup.iss

Sharing

General

Malware Config

Signatures

Files

c062542419a816c407b09c909072a761

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

df:e6:b2:70:8f:5f:7d:08:dc:6f:4e:24:be:9b:19:6a:4e:46:0f:01:cc:84:d4:c1:22:55:a6:43:ea:f6:1a:7bSigner

e2:c2:9e:2d:f3:90:7f:30:d1:6d:11:03:98:25:05:18:f6:c3:fe:1fSigner

Headers

File Characteristics

Imports

dsound

setupapi

kernel32

user32

advapi32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 1KB

affd663658d87f17e7be2cfe73546714

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

df:e6:b2:70:8f:5f:7d:08:dc:6f:4e:24:be:9b:19:6a:4e:46:0f:01:cc:84:d4:c1:22:55:a6:43:ea:f6:1a:7b
Signer

e2:c2:9e:2d:f3:90:7f:30:d1:6d:11:03:98:25:05:18:f6:c3:fe:1f
Signer

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 1KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

79:5a:da:86:3f:02:d6:8c:63:ea:45:c3:cd:3e:24:68:67:9e:4f:46:71:62:bc:c3:b6:30:49:04:f0:6a:93:83
Signer

2f:84:9c:b4:45:7d:20:d9:93:aa:31:b3:b4:fa:e7:2d:44:17:14:10
Signer

.text
Size: 642KB - Virtual size: 2.2MB

.rsrc
Size: 131KB - Virtual size: 132KB

.reloc
Size: 512B - Virtual size: 512B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0b:8f:52:fa:f6:4c:42:1e:ab:b2:27:5a:e1:48:c5:19
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

81:09:a7:59:21:08:54:3b:d6:ad:23:0a:be:b7:c5:56:54:3e:72:9d:f7:c0:18:be:a9:28:b2:bd:07:b2:bd:54
Signer

6c:78:4f:a5:90:44:0e:de:04:34:0a:d6:63:a0:dd:cd:16:a4:30:27
Signer

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 36KB - Virtual size: 35KB