EditorLauncher[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

EditorLauncher.zip
Size

65.2MB
MD5

c89d31c8c4ef929e0f37000456662479
SHA1

fab6b6070986c31fc51668a46e83432d7b23a202
SHA256

551a225b5592be85a793a0799182e5304613fbdfbc592119f62f712f5f4c074a
SHA512

19c79be5b388933c0d433db32d9a7e6aa647fcc6c3213c8e553e0929127b716b775596e6b5aa0b8d3de9c3e00eb0dd7573601e7eed77ec8660fe1c2fa766cf40
SSDEEP

1572864:15raU9YS6NQ+fxsyKuSV4YLa4ea5JDxvAKtWNjfnKaNbxFfPYGNYTX:1kUWDbxsyKuSVVLtJDxIKtWp5pfAHTX

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/EditorLauncher.exe
unpack001/assets/META-INF/AIR/extensions/com.alexomara.ane.AIRControl.AIRControl/META-INF/ANE/Windows-x86/AIRControl.dll
unpack001/assets/META-INF/AIR/extensions/com.amanitadesign.steam.FRESteamWorks/META-INF/ANE/Windows-x86/FRESteamWorks.dll
unpack001/assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/CaptiveAppEntry.exe
unpack001/assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Template.exe
unpack001/assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/CaptiveAppEntry.exe
unpack001/assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/Template.exe

Files

EditorLauncher.zip
.zip
EditorLauncher.exe
.exe windows:6 windows x64 arch:x64

dfa4b7e43927c69560b31967c9d4722b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

MultiByteToWideChar
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleW
FlushInstructionCache
RtlLookupFunctionEntry
RtlDeleteFunctionTable
InterlockedPushEntrySList
InterlockedFlushSList
InitializeSListHead
GetTickCount64
DuplicateHandle
QueueUserAPC
WaitForSingleObjectEx
SetThreadPriority
GetThreadPriority
ResumeThread
GetCurrentThreadId
Sleep
TlsAlloc
GetCurrentThread
CreateThread
WaitForMultipleObjectsEx
SignalObjectAndWait
RtlCaptureContext
SetThreadStackGuarantee
VirtualQuery
GetStdHandle
WideCharToMultiByte
GetConsoleOutputCP
MapViewOfFileEx
UnmapViewOfFile
GetStringTypeExW
SetEvent
GetCurrentProcessorNumber
GlobalMemoryStatusEx
CreateIoCompletionPort
PostQueuedCompletionStatus
SleepEx
GetQueuedCompletionStatus
InterlockedPopEntrySList
GetCurrentProcessorNumberEx
ExitProcess
CreateMemoryResourceNotification
GetProcessAffinityMask
SetThreadIdealProcessorEx
GetThreadIdealProcessorEx
GetLargePageMinimum
VirtualUnlock
GetLogicalProcessorInformation
SetThreadGroupAffinity
SetThreadAffinityMask
IsProcessInJob
QueryInformationJobObject
K32GetProcessMemoryInfo
VirtualAlloc
VirtualFree
VirtualProtect
SwitchToThread
CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
GetFileSize
GetEnvironmentVariableW
SetEnvironmentVariableW
CreateEventW
ResetEvent
CreateSemaphoreExW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
GetThreadContext
SuspendThread
SetThreadContext
GetEnabledXStateFeatures
InitializeContext
RtlRestoreContext
RtlInstallFunctionTableCallback
GetSystemDefaultLCID
GetUserDefaultLCID
RtlUnwind
LoadLibraryExW
HeapAlloc
HeapFree
GetProcessHeap
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
FormatMessageW
OutputDebugStringA
GetACP
LCMapStringEx
LocalFree
VerSetConditionMask
VerifyVersionInfoW
FindClose
GetModuleFileNameW
FindNextFileW
QueryThreadCycleTime
VirtualAllocExNuma
GetNumaProcessorNodeEx
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
GetThreadGroupAffinity
GetSystemTimes
GetSystemTimeAsFileTime
CreateFileMappingW
CreateProcessW
GetCPInfo
CreateFileW
GetFileAttributesExW
GetTempPathW
GetCurrentDirectoryW
FindFirstFileExW
GetFullPathNameW
OpenProcess
LoadLibraryExA
OpenEventW
ExitThread
HeapReAlloc
CreateNamedPipeA
WaitForMultipleObjects
DisconnectNamedPipe
CreateFileA
CancelIoEx
GetOverlappedResult
ConnectNamedPipe
FlushFileBuffers
MapViewOfFile
GetActiveProcessorGroupCount
GetSystemTime
SetConsoleCtrlHandler
GetLocaleInfoEx
GetUserDefaultLocaleName
RtlAddFunctionTable
CreateDirectoryW
RemoveDirectoryW
GetFileSizeEx
LoadLibraryA
IsWow64Process
InitializeCriticalSectionAndSpinCount
AddVectoredExceptionHandler
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
RaiseFailFastException
FreeLibrary
RaiseException
WaitForSingleObject
TlsSetValue
TlsGetValue
GetSystemInfo
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WriteFile
GetProcessTimes
GetCommandLineW
ReadFile
SetFilePointer
GetProcAddress
GetModuleHandleExW
SetErrorMode
CloseHandle
GetCurrentProcess
FlushProcessWriteBuffers
SetLastError
GetLastError
OutputDebugStringW
SetXStateFeaturesMask
DebugBreak
DecodePointer
GetStringTypeW
RtlVirtualUnwind
IsProcessorFeaturePresent
RtlUnwindEx
EncodePointer
TlsFree
RtlPcToFileHeader
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
GetExitCodeThread
CreateFileMappingA

advapi32

RegGetValueW
SetKernelObjectSecurity
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
EventRegister
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
SetThreadToken
RevertToSelf
OpenThreadToken
EventWriteTransfer
EventWrite

ole32

CoTaskMemAlloc
CoTaskMemFree
CoWaitForMultipleHandles
IIDFromString
CLSIDFromProgID
CoGetMarshalSizeMax
CoMarshalInterface
CoCreateGuid
CoGetObjectContext
CoRegisterInitializeSpy
CoGetContextToken
CoGetClassObject
CoCreateFreeThreadedMarshaler
CreateStreamOnHGlobal
StringFromGUID2
CoInitializeEx
CoUninitialize
CoUnmarshalInterface
CoRevokeInitializeSpy
CoReleaseMarshalData

oleaut32

SafeArrayAllocData
SafeArrayGetElemsize
SysStringByteLen
SysAllocStringByteLen
SafeArrayCreateVector
SafeArrayPutElement
LoadRegTypeLi
CreateErrorInfo
SafeArrayAllocDescriptorEx
VarCyFromDec
VariantInit
VariantClear
SafeArraySetRecordInfo
VariantChangeType
SafeArrayGetVartype
LoadTypeLibEx
QueryPathOfRegTypeLi
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetDim
SysAllocStringLen
SysStringLen
SysAllocString
SetErrorInfo
GetErrorInfo
SysFreeString
VariantChangeTypeEx
GetRecordInfoFromTypeInfo

user32

MessageBoxW
LoadStringW

version

VerQueryValueW
GetFileVersionInfoExW
GetFileVersionInfoSizeExW

shell32

ShellExecuteW

api-ms-win-crt-string-l1-1-0

strncmp
wcsncmp
iswupper
towlower
isalpha
isdigit
wcstok_s
strnlen
iswascii
towupper
wcscat_s
strcspn
wcscpy_s
_stricmp
strlen
isupper
strcmp
_wcsnicmp
_wcsdup
wcsncpy_s
tolower
islower
strtok_s
isspace
_strdup
__strncnt
strncpy_s
strcpy_s
wcsncat_s
strncat_s
strcat_s
iswspace
wcsnlen
_strnicmp
_wcsicmp

api-ms-win-crt-stdio-l1-1-0

fwrite
__stdio_common_vswprintf_s
__p__commode
_set_fmode
__stdio_common_vsnprintf_s
__stdio_common_vfwprintf
_flushall
_wfopen
_wfsopen
fseek
__stdio_common_vfprintf
ftell
__stdio_common_vsprintf_s
fputws
__acrt_iob_func
fflush
_fileno
_dup
_setmode
setvbuf
fputwc
_get_stream_buffer_pointers
_fseeki64
fread
fsetpos
ungetc
fgetpos
fgetc
fputc
__stdio_common_vswprintf
fclose
fgets
__stdio_common_vsscanf
fopen
fputs
__stdio_common_vsnwprintf_s
_putws

api-ms-win-crt-runtime-l1-1-0

terminate
_errno
_beginthreadex
abort
exit
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_invalid_parameter_noinfo_noreturn
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
_exit
_controlfp_s
__p___argc
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo
_wcserror

api-ms-win-crt-convert-l1-1-0

atol
_ltow_s
strtoull
_atoi64
strtoul
wcstoul
_wtoi
_wcstoui64
_itow_s

api-ms-win-crt-heap-l1-1-0

calloc
free
_set_new_mode
malloc
realloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

ceil
atanf
atan2f
atan2
atan
asinf
asin
acosf
modff
cos
powf
pow
floorf
log2
atanh
acosh
cosf
cbrt
asinh
asinhf
ilogbf
atanhf
cbrtf
acoshf
log2f
fma
fmaf
fmod
cosh
coshf
modf
exp
expf
_fdopen
floor
_copysign
_copysignf
_isnanf
__setusermatherr
_isnan
ceilf
fmodf
ilogb
frexp
log
log10
log10f
logf
_finite
sin
sinf
sinh
sinhf
sqrt
sqrtf
tan
tanf
tanh
acos
tanhf

api-ms-win-crt-time-l1-1-0

_time64
wcsftime
_gmtime64_s

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
_lock_locales
_unlock_locales
setlocale
__pctype_func
___lc_locale_name_func
___lc_codepage_func
___mb_cur_max_func
localeconv

api-ms-win-crt-filesystem-l1-1-0

_wrename
_wremove
_unlock_file
_lock_file

Exports

Exports

CLRJitAttachState
DotNetRuntimeInfo
MetaDataGetDispenser
g_CLREngineMetrics

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CLR_UEF
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Section
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/JustShapesAndBeats.swf
assets/META-INF/AIR/application.xml
.xml
assets/META-INF/AIR/extensions/com.alexomara.ane.AIRControl.AIRControl/META-INF/ANE/Windows-x86/AIRControl.dll
.dll windows:4 windows x86 arch:x86

9ee3e940f1cfe3dd4ca93fb63e5000af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

adobe air

FRENewObjectFromUTF8
FREGetObjectAsBool

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

kernel32

AddAtomA
CloseHandle
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FindAtomA
GetAtomNameA
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetTickCount
InitializeCriticalSection
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
ReleaseSemaphore
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

_write
__dllonexit
__lc_codepage
__mb_cur_max
_assert
_errno
abort
fflush
fputc
free
getenv
iswctype
localeconv
malloc
memchr
memcpy
memmove
setlocale
strcmp
strcoll
strerror
strftime
strlen
strxfrm
towlower
towupper
wcscoll
wcsftime
wcslen
wcsxfrm

winmm

joyGetDevCapsA
joyGetNumDevs
joyGetPosEx

Exports

Exports

initializer

Sections

.text
Size: 431KB - Virtual size: 431KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 77B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/META-INF/AIR/extensions/com.alexomara.ane.AIRControl.AIRControl/META-INF/ANE/Windows-x86/library.swf
assets/META-INF/AIR/extensions/com.alexomara.ane.AIRControl.AIRControl/META-INF/ANE/extension.xml
assets/META-INF/AIR/extensions/com.alexomara.ane.AIRControl.AIRControl/catalog.xml
.xml
assets/META-INF/AIR/extensions/com.alexomara.ane.AIRControl.AIRControl/library.swf
assets/META-INF/AIR/extensions/com.amanitadesign.steam.FRESteamWorks/META-INF/ANE/Windows-x86/FRESteamWorks.dll
.dll windows:6 windows x86 arch:x86

58b1020942261457b617fc3d8f2f0f75

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

steam_api

SteamAPI_RunCallbacks
SteamAPI_RestartAppIfNecessary
SteamAPI_InitSafe
SteamAPI_UnregisterCallResult
SteamAPI_RegisterCallback
SteamInternal_CreateInterface
SteamAPI_RegisterCallResult
SteamAPI_GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_Shutdown
SteamAPI_UnregisterCallback

adobe air

FRESetObjectProperty
FREAcquireByteArray
FREDispatchStatusEventAsync
FREReleaseByteArray
FRESetArrayElementAt
FREGetObjectAsUTF8
FRENewObjectFromBool
FREGetObjectAsUint32
FREGetObjectAsDouble
FRENewObjectFromDouble
FREGetArrayElementAt
FREGetObjectAsBool
FRENewObjectFromUTF8
FREGetArrayLength
FREGetObjectAsInt32
FRENewObjectFromInt32
FRENewObjectFromUint32
FRENewObject
FRESetArrayLength

kernel32

GetConsoleMode
SetFilePointerEx
FlushFileBuffers
WriteConsoleW
CreateFileW
GetConsoleCP
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RaiseException
RtlUnwind
GetLastError
FreeLibrary
LoadLibraryExW
GetModuleFileNameW
InterlockedFlushSList
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
GetStdHandle
GetFileType
SetEnvironmentVariableA
SetEnvironmentVariableW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
HeapSize
WriteFile

advapi32

SystemFunction036

Exports

Exports

ExtFinalizerFRESteamWorks
ExtInitializerFRESteamWorks

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/META-INF/AIR/extensions/com.amanitadesign.steam.FRESteamWorks/META-INF/ANE/Windows-x86/library.swf
assets/META-INF/AIR/extensions/com.amanitadesign.steam.FRESteamWorks/META-INF/ANE/extension.xml
assets/META-INF/AIR/extensions/com.amanitadesign.steam.FRESteamWorks/catalog.xml
.xml
assets/META-INF/AIR/extensions/com.amanitadesign.steam.FRESteamWorks/library.swf
assets/META-INF/AIR/hash
assets/META-INF/signatures.xml
assets/application.xml
.xml
assets/bin/aasdoc
.sh linux
assets/bin/aasdoc.bat
assets/bin/acompc
.sh linux
assets/bin/acompc.bat
assets/bin/adl.exe
.exe windows:6 windows x86 arch:x86

84047b4daf2566afb17fd03175d8609c

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:ea:ca:25:67:b5:a1:e9:5f:80:96:48:6e:e6:00:f1:4f:dd:48:5f:42:dd:b8:76:69:04:2f:ce:ba:78:2f:d9
Signer

Actual PE Digest

d3:ea:ca:25:67:b5:a1:e9:5f:80:96:48:6e:e6:00:f1:4f:dd:48:5f:42:dd:b8:76:69:04:2f:ce:ba:78:2f:d9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GetProcessHeap
WriteConsoleW
HeapFree
HeapAlloc
GetFullPathNameW
GetFileAttributesW
CreateFileW
GetCommandLineW
SetStdHandle
GetStdHandle
LoadLibraryW
RaiseException
DecodePointer
SetFilePointerEx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
WriteFile
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetFileType
GetModuleFileNameA
GetModuleHandleExW
GetCommandLineA
GetACP
CompareStringW
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc

shlwapi

PathAppendW
StrCmpW
PathRemoveFileSpecW

shell32

CommandLineToArgvW

msi

ord90

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 288KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/bin/adt.bat
assets/bin/amxmlc
.sh linux
assets/bin/amxmlc.bat
assets/bin/asdoc
.sh linux
assets/bin/asdoc.bat
assets/bin/compc
.sh linux
assets/bin/compc.bat
assets/bin/fdb
.sh linux
assets/bin/fdb.bat
assets/bin/fontswf
.sh linux
assets/bin/fontswf.bat
assets/bin/mxmlc
.sh linux
assets/bin/mxmlc.bat
assets/bin/optimizer
.sh linux
assets/bin/optimizer.bat
assets/bin/swcdepends
.sh linux
assets/bin/swcdepends.bat
assets/bin/swfdump
.sh linux
assets/bin/swfdump.bat
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Adobe AIR.dll
.dll windows:6 windows x86 arch:x86

86abd472a5ab54d3b56d38aa57b0b442

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fc:45:ee:37:d8:97:bf:58:73:6d:5f:00:74:22:e9:27:68:3f:e7:96:19:c9:08:a8:e8:a8:de:a4:c9:f8:68:45
Signer

Actual PE Digest

fc:45:ee:37:d8:97:bf:58:73:6d:5f:00:74:22:e9:27:68:3f:e7:96:19:c9:08:a8:e8:a8:de:a4:c9:f8:68:45

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
WaitForSingleObject
SleepEx
QueueUserAPC
OpenThread
SetThreadPriority
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
IsDBCSLeadByte
GetLocalTime
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
SetCurrentDirectoryW
GetCurrentDirectoryW
GetSystemDirectoryW
DebugBreak
SetEvent
ResetEvent
CreateEventW
TerminateThread
GetTickCount
WaitForMultipleObjects
CreateWaitableTimerW
VerSetConditionMask
CreateFileA
DeleteFileW
GetFileAttributesW
GetFileSize
ReadFile
SetFilePointer
ExitThread
CreateProcessA
GetSystemDirectoryA
FindResourceExW
LoadResource
LockResource
GlobalFree
LoadLibraryW
FindResourceExA
MoveFileExW
VerifyVersionInfoW
GetUserDefaultUILanguage
GetUserDefaultLangID
FindFirstFileW
GetTempPathW
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
GetFileAttributesA
GetFileAttributesExW
GetFileInformationByHandle
GetFileSizeEx
GetFullPathNameW
GetLogicalDriveStringsW
GetLongPathNameW
QueryPerformanceFrequency
GetVolumeInformationW
RemoveDirectoryW
SetEndOfFile
DeviceIoControl
CreateMutexA
CreateProcessW
lstrlenW
GetTempPathA
GetTempFileNameA
GetSystemWow64DirectoryW
GetDriveTypeW
GetProcessTimes
SetNamedPipeHandleState
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
ReleaseSemaphore
CreateSemaphoreW
DuplicateHandle
GetExitCodeThread
GetLocaleInfoA
GetExitCodeProcess
GetModuleHandleA
LocalFree
ConnectNamedPipe
GetOverlappedResult
OpenProcess
CreateNamedPipeA
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
lstrlenA
GetComputerNameExW
SetHandleInformation
CreateNamedPipeW
CancelIo
FormatMessageW
GenerateConsoleCtrlEvent
SizeofResource
lstrcmpiW
FindResourceW
SetThreadAffinityMask
CompareFileTime
CreateEventA
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerA
VerifyVersionInfoA
GlobalMemoryStatus
FlushConsoleInputBuffer
InterlockedPopEntrySList
FlushInstructionCache
LoadLibraryExA
FreeLibraryAndExitThread
ReadConsoleInputA
SetConsoleMode
ReadConsoleW
GetTempFileNameW
RaiseFailFastException
FileTimeToSystemTime
GetVersionExW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFullPathNameA
LockFile
LockFileEx
UnlockFile
UnlockFileEx
CreateFileMappingW
FormatMessageA
AreFileApisANSI
GetNumberFormatW
GetCurrencyFormatW
InterlockedIncrement
InterlockedDecrement
GetNativeSystemInfo
LocalAlloc
lstrcpynW
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
GetProcessAffinityMask
CreateFileW
WriteConsoleW
CreateThread
WaitForSingleObjectEx
CloseHandle
OutputDebugStringA
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
WriteFile
SetStdHandle
GetStringTypeW
HeapReAlloc
HeapSize
SetConsoleCtrlHandler
GetFileType
GetStdHandle
GetProcessHeap
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindNextFileA
FindFirstFileExA
FindClose
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetCurrentThread
HeapAlloc
HeapFree
WideCharToMultiByte
MultiByteToWideChar
GetModuleFileNameW
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsAlloc
SetLastError
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
EncodePointer
OutputDebugStringW
TerminateProcess
GetCurrentProcess
InitializeSListHead
GetModuleHandleW
GetStartupInfoW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetSystemInfo
TlsSetValue
TlsGetValue
GetCurrentThreadId
SwitchToThread
Sleep
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
LoadLibraryA
DecodePointer

user32

RegisterWindowMessageA
EnumDisplayDevicesW
CharNextW
EnumDisplayDevicesA
UpdateLayeredWindow
GetAsyncKeyState
GetLastInputInfo
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
RemoveMenu
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DestroyMenu
CreatePopupMenu
CreateMenu
DdeFreeStringHandle
DdeCreateStringHandleA
DdeClientTransaction
DdeDisconnect
DdeConnect
DdeUninitialize
DdeInitializeW
GetKeyboardLayout
ActivateKeyboardLayout
MapVirtualKeyW
ToAscii
GetKeyboardState
CharLowerW
CharUpperW
UnregisterClassA
SetCaretPos
ShowCaret
DestroyCaret
CreateCaret
PostMessageA
GetMessageW
EnumDisplayMonitors
ChangeDisplaySettingsExW
OffsetRect
GetSysColor
GetWindowDC
GetMenuBarInfo
EnumDisplaySettingsW
GetWindow
EnumWindows
GetClassLongW
MapWindowPoints
GetWindowTextW
SetWindowRgn
EndPaint
BeginPaint
UpdateWindow
DeleteMenu
GetSystemMenu
DrawMenuBar
SetMenu
GetActiveWindow
IsZoomed
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
FlashWindowEx
ShowWindow
IsWindow
GetClassInfoExW
MonitorFromPoint
GetAncestor
FindWindowExW
EnumChildWindows
UnregisterClassW
wsprintfW
GetMonitorInfoA
MonitorFromRect
GetProcessWindowStation
PostQuitMessage
GetUserObjectInformationW
GetDoubleClickTime
GetKeyState
GetCursorPos
ScreenToClient
RegisterClipboardFormatA
RegisterClipboardFormatW
GetClipboardFormatNameA
GetDC
ReleaseDC
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
RemovePropW
SetForegroundWindow
GetForegroundWindow
WaitForInputIdle
GetWindowInfo
LoadCursorW
GetWindowThreadProcessId
CopyRect
SetCursorPos
InvalidateRect
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetCapture
GetQueueStatus
GetFocus
CallWindowProcW
AttachThreadInput
GetMessageTime
TrackMouseEvent
LoadStringW
CloseWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
MsgWaitForMultipleObjects
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
CreateIconIndirect
DestroyIcon
LoadIconW
GetParent
GetDesktopWindow
SetWindowLongW
GetWindowLongW
IsClipboardFormatAvailable
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageW
SendMessageTimeoutW
PostMessageW
PtInRect
InflateRect
SetRectEmpty
SetRect
ClientToScreen
GetCursor
SetCursor
MessageBoxW
MessageBoxA
GetWindowRect
GetClientRect
GetWindowTextLengthW
SetWindowTextW
GetPropW
SetPropW
GetSystemMetrics
IsWindowEnabled
EnableWindow
SendInput
SetFocus
GetDlgItemTextW
GetDlgItemTextA
SetDlgItemTextW
SetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxIndirectParamW
DialogBoxParamW
SetWindowPos
MoveWindow
DestroyWindow
PostThreadMessageW
ShowWindowAsync

ole32

CreateBindCtx
OleFlushClipboard
OleGetClipboard
OleSetClipboard
DoDragDrop
RevokeDragDrop
CoCreateInstance
CoSetProxyBlanket
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
CoUninitialize
ReleaseStgMedium
OleIsCurrentClipboard
RegisterDragDrop
CreateStreamOnHGlobal
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
PropVariantClear
CoTaskMemAlloc
CoTaskMemRealloc
OleUninitialize
OleInitialize
MkParseDisplayName

oleaut32

SysStringLen
VariantClear
VariantInit
SysAllocStringByteLen
LoadRegTypeLi
SysAllocStringLen
SysAllocString
LoadTypeLi
VarUI4FromStr
SysStringByteLen
SysFreeString

crypt32

CertGetEnhancedKeyUsage
CryptFindLocalizedName
CryptImportPublicKeyInfo
CryptProtectData
CryptUnprotectData
CertAddEncodedCertificateToStore
CertDuplicateCertificateContext
CertCloseStore
CertFindCertificateInStore
CertVerifySubjectCertificateContext
CertFreeCertificateChain
CertFreeCertificateContext
CryptVerifyMessageSignature
CryptGetMessageCertificates
CertOpenStore
CertEnumCertificatesInStore
CertGetCertificateChain
CertCreateCertificateContext

winspool.drv

ClosePrinter
GetPrinterW
OpenPrinterW
EnumPrintersW

winmm

timeGetDevCaps
timeGetTime
timeKillEvent
timeSetEvent
mixerGetControlDetailsA
waveOutPause
waveOutRestart
waveInGetPosition
mixerSetControlDetails
waveOutReset
timeBeginPeriod
timeEndPeriod
waveOutGetDevCapsW
waveOutOpen
waveOutClose
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutWrite
waveOutGetPosition
waveOutGetNumDevs
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInStop
waveInReset
waveInGetDevCapsA
mixerGetID
waveOutGetDevCapsA
waveOutMessage
waveInMessage
mixerGetDevCapsA
mixerOpen
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA

oleacc

AccessibleObjectFromWindow

ws2_32

getsockname
closesocket
htonl
getsockopt
shutdown
listen
accept
gethostname
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
setsockopt
recv
__WSAFDIsSet
select
ioctlsocket
sendto
send
htons
connect
bind
WSAAddressToStringA
recvfrom
getpeername
WSASocketW
WSAIoctl
WSAAsyncSelect
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
ntohs
ntohl
inet_ntoa
inet_addr

gdi32

CreateBitmap
GetObjectW
BitBlt
CreateDIBSection
SetDIBitsToDevice
DeleteObject
CreateCompatibleDC
GetCurrentObject
DeleteDC
GetTextCharacterExtra
GetFontData
EnumFontFamiliesExW
GetClipRgn
GetBkMode
GetBkColor
EnumFontFamiliesW
EnumFontFamiliesA
CreateRectRgn
CreateFontIndirectA
GdiFlush
MoveToEx
SelectClipRgn
OffsetRgn
LineTo
CreatePen
CombineRgn
GetClipBox
CreateRectRgnIndirect
GetDeviceCaps
GetDIBits
CreateCompatibleBitmap
SelectPalette
RealizePalette
GetICMProfileA
SetPixel
GetStockObject
GetTextAlign
GetTextColor
GetTextExtentPoint32A
GetTextExtentPoint32W
IntersectClipRect
CreateDCA
CreateFontIndirectW
SetBkColor
SetBkMode
SetGraphicsMode
SetTextCharacterExtra
SetTextColor
SetTextAlign
GetTextMetricsW
GetWorldTransform
SetWorldTransform
ExtTextOutA
ExtTextOutW
DPtoLP
CreateDCW
CreateICW
CreateSolidBrush
Rectangle
GdiAlphaBlend
SetStretchBltMode
StretchBlt
GetStretchBltMode
CreatePalette
RestoreDC
GetSystemPaletteEntries
PolyBezierTo
LPtoDP
ExtCreatePen
StrokePath
SelectClipPath
FillPath
EndPath
BeginPath
AbortDoc
EndPage
StartPage
EndDoc
StartDocW
StretchDIBits
SetPolyFillMode
SaveDC
SelectObject
ResetDCW

msimg32

AlphaBlend

advapi32

SetEntriesInAclW
CryptExportKey
CryptEncrypt
GetSidSubAuthorityCount
GetSidSubAuthority
CryptImportKey
CryptDestroyKey
CryptGenKey
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegOpenKeyA
SetSecurityInfo
IsValidSid
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
MakeSelfRelativeSD
InitializeSecurityDescriptor
InitializeAcl
RegEnumKeyExW
GetTokenInformation
OpenProcessToken
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom
RegCloseKey
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExA
RegSetValueExW
RegQueryInfoKeyW
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

comdlg32

PrintDlgW
CommDlgExtendedError
GetSaveFileNameW
GetOpenFileNameW
PageSetupDlgW

shell32

ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteW
CommandLineToArgvW
SHChangeNotify
SHGetSpecialFolderLocation
Shell_NotifyIconW
ord4
ord2
SHGetDiskFreeSpaceExW
SHFileOperationW
SHGetFolderPathW
SHAppBarMessage
SHGetSettings
SHBrowseForFolderW
SHGetFolderLocation
SHGetFolderPathA
SHGetPathFromIDListW

shlwapi

AssocQueryStringW
PathFileExistsW
PathRemoveFileSpecW
StrStrIW
StrRStrIW
ord219
PathAppendA
PathAppendW
StrDupW
StrCmpW

wininet

InternetGetCookieW
InternetSetCookieW
InternetErrorDlg

msi

ord137
ord141
ord96
ord113
ord88
ord16
ord205
ord37
ord72
ord90
ord173
ord70
ord125
ord121
ord17
ord20
ord92
ord151
ord153
ord78
ord159
ord32
ord84
ord8

urlmon

CopyStgMedium
CoInternetCompareUrl
CoInternetParseUrl

comctl32

ImageList_GetIconSize
ImageList_Draw

mscms

TranslateBitmapBits
CloseColorProfile
CreateColorTransformW
DeleteColorTransform
OpenColorProfileW

secur32

LsaFreeReturnBuffer
LsaGetLogonSessionData

dsound

ord8
ord1

iphlpapi

GetAdaptersAddresses

dnsapi

DnsQuery_UTF8
DnsFree

Exports

Exports

ADLWMain
AdobeCPGetAPI
AppEntryWinMain
AppInstallWinMain
CaptiveAppEntryWinMain
ExtendedAppEntryWinMain
FREAcquireBitmapData
FREAcquireBitmapData2
FREAcquireByteArray
FRECallObjectMethod
FREDispatchStatusEventAsync
FREGetArrayElementAt
FREGetArrayLength
FREGetContextActionScriptData
FREGetContextNativeData
FREGetObjectAsBool
FREGetObjectAsDouble
FREGetObjectAsInt32
FREGetObjectAsUTF8
FREGetObjectAsUint32
FREGetObjectProperty
FREGetObjectType
FREInvalidateBitmapDataRect
FRENewObject
FRENewObjectFromBool
FRENewObjectFromDouble
FRENewObjectFromInt32
FRENewObjectFromUTF8
FRENewObjectFromUint32
FREReleaseBitmapData
FREReleaseByteArray
FRESetArrayElementAt
FRESetArrayLength
FRESetContextActionScriptData
FRESetContextNativeData
FRESetObjectProperty
NAIPWMain
RuntimeInstallerWinMain

Sections

.text
Size: 11.9MB - Virtual size: 11.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.6MB - Virtual size: 6.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 276KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 744KB - Virtual size: 743KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Adobe AIR.vch
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/CaptiveAppEntry.exe
.exe windows:6 windows x86 arch:x86

99f1208f8baa2895eb326f6c41fd3294

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
WriteConsoleW
GetProcAddress
ExitProcess
HeapAlloc
GetProcessHeap
GetModuleHandleW
LoadLibraryW
GetFileAttributesW
CreateFileW
GetUserDefaultUILanguage
GetModuleFileNameW
GetStdHandle
GetCommandLineW
RaiseException
DecodePointer
SetFilePointerEx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
WriteFile
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetFileType
GetModuleFileNameA
GetModuleHandleExW
GetACP
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
HeapFree

shell32

CommandLineToArgvW

user32

MessageBoxExW

shlwapi

StrCmpW

Exports

Exports

AmdPowerXpressRequestBetterBatteryLife
NvOptimusDisablement

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING-LGPL-2.1
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING-MPL-1.1
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Licenses/pcre2/COPYING
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Licenses/pixman/COPYING
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/NPSWF32.dll
.dll windows:5 windows x86 arch:x86

b8ee5247fe5026a539c47b8fccacd597

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ee:f1:c7:7a:e9:4b:3c:30:70:10:48:cc:6e:c1:49:a3:ca:e5:a1:fb:ac:10:b6:9f:de:ec:10:8d:48:55:f4:46
Signer

Actual PE Digest

ee:f1:c7:7a:e9:4b:3c:30:70:10:48:cc:6e:c1:49:a3:ca:e5:a1:fb:ac:10:b6:9f:de:ec:10:8d:48:55:f4:46

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

EndPaint
DestroyWindow
FillRect
LoadImageW
UnregisterClassW
GetClientRect
BeginPaint
LoadIconW
GetWindowLongW
SetWindowLongW
SetWindowPos
FrameRect
CreateWindowExW
RegisterClassW
DefWindowProcW

gdi32

BitBlt
SelectObject
CreateCompatibleDC
GetObjectW
GetStockObject
DeleteObject

shell32

ShellExecuteW

msvcr90

_encoded_null
memcpy
_except_handler4_common
_onexit
??3@YAXPAX@Z
??2@YAPAXI@Z
_encode_pointer
_malloc_crt
free
memset
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetTickCount
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/NPSWF64.dll
.dll windows:5 windows x64 arch:x64

ad9a10c28b07039cee460ff13509e776

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3a:fb:8c:d0:97:d3:7e:c0:2e:01:8b:a0:b4:db:33:ab:58:48:1f:61:41:8f:4e:74:0b:a8:fb:29:d9:1d:7a:39
Signer

Actual PE Digest

3a:fb:8c:d0:97:d3:7e:c0:2e:01:8b:a0:b4:db:33:ab:58:48:1f:61:41:8f:4e:74:0b:a8:fb:29:d9:1d:7a:39

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

EndPaint
DestroyWindow
FillRect
LoadImageW
UnregisterClassW
GetClientRect
BeginPaint
LoadIconW
GetWindowLongW
SetWindowLongW
SetWindowPos
FrameRect
CreateWindowExW
RegisterClassW
DefWindowProcW

gdi32

BitBlt
SelectObject
CreateCompatibleDC
GetObjectW
GetStockObject
DeleteObject

shell32

ShellExecuteW

msvcr90

_initterm_e
memset
_onexit
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
_encode_pointer
_malloc_crt
_initterm
memcpy
free
_encoded_null
_decode_pointer
_amsg_exit
__C_specific_handler
__CppXcptFilter
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock

kernel32

QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
GetTickCount
IsDebuggerPresent
Sleep
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlVirtualUnwind
SetUnhandledExceptionFilter

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Template.exe
.exe windows:6 windows x86 arch:x86

5f0b75a7b3dd72c9663605c0f5165d27

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
WriteConsoleW
GetProcAddress
ExitProcess
HeapAlloc
GetProcessHeap
GetModuleHandleW
LoadLibraryW
CreateFileW
GetUserDefaultUILanguage
GetStdHandle
GetCommandLineW
RaiseException
DecodePointer
SetFilePointerEx
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
WriteFile
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
RtlUnwind
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetFileType
GetModuleFileNameA
GetModuleHandleExW
GetACP
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
HeapFree

shell32

CommandLineToArgvW

user32

MessageBoxExW

shlwapi

StrCmpW
PathAppendW
PathRemoveFileSpecW

msi

ord90

Exports

Exports

AmdPowerXpressRequestBetterBatteryLife
NvOptimusDisablement

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/Thawte Root Certificate.cer
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/WebKit.dll
.dll windows:6 windows x86 arch:x86

771ffa791f1ce710d8c7f8a7c9e2f1ce

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:e6:24:24:07:e1:e5:c7:7c:ab:1a:9e:be:f7:12:96:f9:55:e3:3b:c3:98:a9:c7:1c:57:e1:05:84:0f:da:97
Signer

Actual PE Digest

51:e6:24:24:07:e1:e5:c7:7c:ab:1a:9e:be:f7:12:96:f9:55:e3:3b:c3:98:a9:c7:1c:57:e1:05:84:0f:da:97

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedFlushSList
SetLastError
HeapSize
GetTimeZoneInformation
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetProcessHeap
HeapReAlloc
GetACP
GetStdHandle
GetFileType
DecodePointer
GetStringTypeW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
TlsFree
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RaiseException
RtlUnwind
EncodePointer
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
CompareStringW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
SetEndOfFile
CreateDirectoryW
GetFullPathNameA
GetFullPathNameW
ReadConsoleW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
GetFileAttributesA
LoadLibraryW
FormatMessageW
LocalFree
UnhandledExceptionFilter
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
GetLocaleInfoW
MultiByteToWideChar
GetLastError
LoadLibraryExW
GetProcAddress
FreeLibrary
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileAttributesExW
ReadFile
GetFileSize
CreateFileW
FoldStringW
GetThreadTimes
GetCurrentThread
VirtualFree
GetSystemInfo
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
CloseHandle
WriteFile
DeleteFileA
GetTickCount
GetCPInfo

user32

SetParent
GetWindowLongW
SetWindowLongW
ShowWindow
SetFocus
GetKeyboardState
SetKeyboardState
GetWindowRect
ClientToScreen
SendMessageW
DefWindowProcA
DefWindowProcW
CallWindowProcW
RegisterClassExW
CreateWindowExW
DestroyWindow
MoveWindow
GetFocus
FillRect
SystemParametersInfoW
ReleaseDC
SetCapture
ReleaseCapture
UpdateWindow
GetUpdateRect
SetWindowRgn
GetWindowRgn
GetDC
GetLastInputInfo
LoadCursorW
IsChild
SetWindowLongA
EqualRect
IntersectRect
GetPropW
SetPropW
InvalidateRect

gdi32

GetCharWidthI
GetTextMetricsW
GetGlyphOutlineW
GetOutlineTextMetricsW
AddFontMemResourceEx
GetTextFaceW
EnumEnhMetaFile
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
GetFontUnicodeRanges
GetStockObject
EnumFontFamiliesExW
RemoveFontMemResourceEx
CreateFontIndirectW
GetFontData
ModifyWorldTransform
SaveDC
RestoreDC
IntersectClipRect
CreateDIBSection
SetWorldTransform
GetWorldTransform
SetGraphicsMode
SelectObject
GetRgnBox
GetClipBox
DeleteObject
CreateRectRgn
CreateCompatibleDC
GetGlyphIndicesW
GetObjectW
BitBlt
CreateCompatibleBitmap
DeleteDC
ExtCreateRegion
GetClipRgn
GetGraphicsMode
SelectClipRgn
ExtSelectClipRgn
GdiFlush
SetBkMode
SetTextColor
SetTextAlign
ExtTextOutW
GetCharWidth32W
SetMapMode
GetDeviceCaps
CreateSolidBrush
StretchDIBits

usp10

ScriptStringFree
ScriptStringOut
ScriptFreeCache
ScriptItemize
ScriptShape
ScriptStringAnalyse
ScriptPlace
ScriptXtoCP

urlmon

FindMimeFromData

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeEndPeriod
timeBeginPeriod

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoTaskMemFree
CoCreateInstance
CoCreateGuid

Exports

Exports

WebKitGetAPI
cairo_append_path
cairo_arc
cairo_arc_negative
cairo_clip
cairo_clip_extents
cairo_clip_preserve
cairo_close_path
cairo_copy_clip_rectangle_list
cairo_copy_page
cairo_copy_path
cairo_copy_path_flat
cairo_create
cairo_curve_to
cairo_debug_reset_static_data
cairo_destroy
cairo_device_acquire
cairo_device_destroy
cairo_device_finish
cairo_device_flush
cairo_device_get_reference_count
cairo_device_get_type
cairo_device_get_user_data
cairo_device_reference
cairo_device_release
cairo_device_set_user_data
cairo_device_status
cairo_device_to_user
cairo_device_to_user_distance
cairo_fill
cairo_fill_extents
cairo_fill_preserve
cairo_font_extents
cairo_font_face_destroy
cairo_font_face_get_reference_count
cairo_font_face_get_type
cairo_font_face_get_user_data
cairo_font_face_reference
cairo_font_face_set_user_data
cairo_font_face_status
cairo_font_options_copy
cairo_font_options_create
cairo_font_options_destroy
cairo_font_options_equal
cairo_font_options_get_antialias
cairo_font_options_get_hint_metrics
cairo_font_options_get_hint_style
cairo_font_options_get_subpixel_order
cairo_font_options_hash
cairo_font_options_merge
cairo_font_options_set_antialias
cairo_font_options_set_hint_metrics
cairo_font_options_set_hint_style
cairo_font_options_set_subpixel_order
cairo_font_options_status
cairo_format_stride_for_width
cairo_get_antialias
cairo_get_current_point
cairo_get_dash
cairo_get_dash_count
cairo_get_fill_rule
cairo_get_font_face
cairo_get_font_matrix
cairo_get_font_options
cairo_get_group_target
cairo_get_line_cap
cairo_get_line_join
cairo_get_line_width
cairo_get_matrix
cairo_get_miter_limit
cairo_get_operator
cairo_get_reference_count
cairo_get_scaled_font
cairo_get_source
cairo_get_target
cairo_get_tolerance
cairo_get_user_data
cairo_glyph_allocate
cairo_glyph_extents
cairo_glyph_free
cairo_glyph_path
cairo_has_current_point
cairo_identity_matrix
cairo_image_surface_create
cairo_image_surface_create_for_data
cairo_image_surface_create_from_png
cairo_image_surface_create_from_png_stream
cairo_image_surface_get_data
cairo_image_surface_get_format
cairo_image_surface_get_height
cairo_image_surface_get_stride
cairo_image_surface_get_width
cairo_in_clip
cairo_in_fill
cairo_in_stroke
cairo_line_to
cairo_mask
cairo_mask_surface
cairo_matrix_init
cairo_matrix_init_identity
cairo_matrix_init_rotate
cairo_matrix_init_scale
cairo_matrix_init_translate
cairo_matrix_invert
cairo_matrix_multiply
cairo_matrix_rotate
cairo_matrix_scale
cairo_matrix_transform_distance
cairo_matrix_transform_point
cairo_matrix_translate
cairo_mesh_pattern_begin_patch
cairo_mesh_pattern_curve_to
cairo_mesh_pattern_end_patch
cairo_mesh_pattern_get_control_point
cairo_mesh_pattern_get_corner_color_rgba
cairo_mesh_pattern_get_patch_count
cairo_mesh_pattern_get_path
cairo_mesh_pattern_line_to
cairo_mesh_pattern_move_to
cairo_mesh_pattern_set_control_point
cairo_mesh_pattern_set_corner_color_rgb
cairo_mesh_pattern_set_corner_color_rgba
cairo_move_to
cairo_new_path
cairo_new_sub_path
cairo_paint
cairo_paint_with_alpha
cairo_path_destroy
cairo_path_extents
cairo_pattern_add_color_stop_rgb
cairo_pattern_add_color_stop_rgba
cairo_pattern_create_for_surface
cairo_pattern_create_linear
cairo_pattern_create_mesh
cairo_pattern_create_radial
cairo_pattern_create_raster_source
cairo_pattern_create_rgb
cairo_pattern_create_rgba
cairo_pattern_destroy
cairo_pattern_get_color_stop_count
cairo_pattern_get_color_stop_rgba
cairo_pattern_get_extend
cairo_pattern_get_filter
cairo_pattern_get_linear_points
cairo_pattern_get_matrix
cairo_pattern_get_radial_circles
cairo_pattern_get_reference_count
cairo_pattern_get_rgba
cairo_pattern_get_surface
cairo_pattern_get_type
cairo_pattern_get_user_data
cairo_pattern_reference
cairo_pattern_set_extend
cairo_pattern_set_filter
cairo_pattern_set_matrix
cairo_pattern_set_user_data
cairo_pattern_status
cairo_pop_group
cairo_pop_group_to_source
cairo_push_group
cairo_push_group_with_content
cairo_raster_source_pattern_get_acquire
cairo_raster_source_pattern_get_callback_data
cairo_raster_source_pattern_get_copy
cairo_raster_source_pattern_get_finish
cairo_raster_source_pattern_get_snapshot
cairo_raster_source_pattern_set_acquire
cairo_raster_source_pattern_set_callback_data
cairo_raster_source_pattern_set_copy
cairo_raster_source_pattern_set_finish
cairo_raster_source_pattern_set_snapshot
cairo_recording_surface_create
cairo_recording_surface_get_extents
cairo_recording_surface_ink_extents
cairo_rectangle
cairo_rectangle_list_destroy
cairo_reference
cairo_region_contains_point
cairo_region_contains_rectangle
cairo_region_copy
cairo_region_create
cairo_region_create_rectangle
cairo_region_create_rectangles
cairo_region_destroy
cairo_region_equal
cairo_region_get_extents
cairo_region_get_rectangle
cairo_region_intersect
cairo_region_intersect_rectangle
cairo_region_is_empty
cairo_region_num_rectangles
cairo_region_reference
cairo_region_status
cairo_region_subtract
cairo_region_subtract_rectangle
cairo_region_translate
cairo_region_union
cairo_region_union_rectangle
cairo_region_xor
cairo_region_xor_rectangle
cairo_rel_curve_to
cairo_rel_line_to
cairo_rel_move_to
cairo_reset_clip
cairo_restore
cairo_rotate
cairo_save
cairo_scale
cairo_scaled_font_create
cairo_scaled_font_destroy
cairo_scaled_font_extents
cairo_scaled_font_get_ctm
cairo_scaled_font_get_font_face
cairo_scaled_font_get_font_matrix
cairo_scaled_font_get_font_options
cairo_scaled_font_get_reference_count
cairo_scaled_font_get_scale_matrix
cairo_scaled_font_get_type
cairo_scaled_font_get_user_data
cairo_scaled_font_glyph_extents
cairo_scaled_font_reference
cairo_scaled_font_set_user_data
cairo_scaled_font_status
cairo_scaled_font_text_extents
cairo_scaled_font_text_to_glyphs
cairo_select_font_face
cairo_set_antialias
cairo_set_dash
cairo_set_fill_rule
cairo_set_font_face
cairo_set_font_matrix
cairo_set_font_options
cairo_set_font_size
cairo_set_line_cap
cairo_set_line_join
cairo_set_line_width
cairo_set_matrix
cairo_set_miter_limit
cairo_set_operator
cairo_set_scaled_font
cairo_set_source
cairo_set_source_rgb
cairo_set_source_rgba
cairo_set_source_surface
cairo_set_tolerance
cairo_set_user_data
cairo_show_glyphs
cairo_show_page
cairo_show_text
cairo_show_text_glyphs
cairo_status
cairo_status_to_string
cairo_stroke
cairo_stroke_extents
cairo_stroke_preserve
cairo_surface_copy_page
cairo_surface_create_similar
cairo_surface_create_similar_image
cairo_surface_destroy
cairo_surface_finish
cairo_surface_flush
cairo_surface_get_content
cairo_surface_get_device
cairo_surface_get_device_offset
cairo_surface_get_device_scale
cairo_surface_get_fallback_resolution
cairo_surface_get_font_options
cairo_surface_get_mime_data
cairo_surface_get_reference_count
cairo_surface_get_type
cairo_surface_get_user_data
cairo_surface_has_show_text_glyphs
cairo_surface_map_to_image
cairo_surface_mark_dirty
cairo_surface_mark_dirty_rectangle
cairo_surface_reference
cairo_surface_set_device_offset
cairo_surface_set_device_scale
cairo_surface_set_fallback_resolution
cairo_surface_set_mime_data
cairo_surface_set_user_data
cairo_surface_show_page
cairo_surface_status
cairo_surface_supports_mime_type
cairo_surface_unmap_image
cairo_surface_write_to_png
cairo_surface_write_to_png_stream
cairo_text_cluster_allocate
cairo_text_cluster_free
cairo_text_extents
cairo_text_path
cairo_toy_font_face_create
cairo_toy_font_face_get_family
cairo_toy_font_face_get_slant
cairo_toy_font_face_get_weight
cairo_transform
cairo_translate
cairo_user_font_face_create
cairo_user_font_face_get_init_func
cairo_user_font_face_get_render_glyph_func
cairo_user_font_face_get_text_to_glyphs_func
cairo_user_font_face_get_unicode_to_glyph_func
cairo_user_font_face_set_init_func
cairo_user_font_face_set_render_glyph_func
cairo_user_font_face_set_text_to_glyphs_func
cairo_user_font_face_set_unicode_to_glyph_func
cairo_user_to_device
cairo_user_to_device_distance
cairo_win32_font_face_create_for_hfont
cairo_win32_font_face_create_for_logfontw
cairo_win32_font_face_create_for_logfontw_hfont
cairo_win32_scaled_font_done_font
cairo_win32_scaled_font_get_device_to_logical
cairo_win32_scaled_font_get_logical_to_device
cairo_win32_scaled_font_get_metrics_factor
cairo_win32_scaled_font_select_font
cairo_win32_surface_create
cairo_win32_surface_create_with_ddb
cairo_win32_surface_create_with_dib
cairo_win32_surface_get_dc
cairo_win32_surface_get_image

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 948KB - Virtual size: 947KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.unwante
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 247KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/WebKit/LGPL License.txt
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/WebKit/Notice WebKit.txt
assets/runtimes/air/win/Adobe AIR/Versions/1.0/Resources/template.msi
.msi
assets/runtimes/air/win/Adobe AIR/sentinel
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Adobe AIR.dll
.dll windows:6 windows x64 arch:x64

3740f4e247142de610d3acf8455d9122

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6c:c0:30:77:40:4d:cb:02:58:13:48:18:d6:d7:bd:e4:9c:19:f2:1e:bf:53:28:23:1c:0a:cc:33:d0:90:d8:2c
Signer

Actual PE Digest

6c:c0:30:77:40:4d:cb:02:58:13:48:18:d6:d7:bd:e4:9c:19:f2:1e:bf:53:28:23:1c:0a:cc:33:d0:90:d8:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
FindNextFileW
GetTempPathW
SetUnhandledExceptionFilter
GetCurrentProcess
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
CreateDirectoryA
CreateDirectoryW
DeleteFileA
GetFileAttributesA
GetFileAttributesExW
GetFileInformationByHandle
GetFileSizeEx
GetFullPathNameW
GetLogicalDriveStringsW
GetLongPathNameW
GetTempFileNameW
GetVolumeInformationW
RemoveDirectoryW
GetUserDefaultUILanguage
SetFilePointerEx
DeviceIoControl
CreateMutexA
CreateProcessW
GetModuleFileNameA
GetModuleFileNameW
lstrlenW
GetTempPathA
GetTempFileNameA
GetSystemWow64DirectoryW
GetDriveTypeW
GetProcessTimes
SetLastError
GetStdHandle
SetNamedPipeHandleState
BeginUpdateResourceW
UpdateResourceW
EndUpdateResourceW
SetConsoleCtrlHandler
ReleaseSemaphore
CreateSemaphoreW
DuplicateHandle
GetCurrentThread
GetExitCodeThread
GetLocaleInfoA
GetExitCodeProcess
GetModuleHandleA
LCMapStringW
GetLocaleInfoW
LocalFree
ConnectNamedPipe
GetOverlappedResult
OpenProcess
GetSystemTimeAsFileTime
CreateNamedPipeA
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
lstrlenA
GetComputerNameExW
SetHandleInformation
CreateNamedPipeW
CancelIo
TerminateProcess
FormatMessageW
GenerateConsoleCtrlEvent
SizeofResource
LoadLibraryExW
lstrcmpiW
FindResourceW
SetThreadAffinityMask
CompareFileTime
CreateEventA
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerA
VerifyVersionInfoA
IsDebuggerPresent
OutputDebugStringW
EncodePointer
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
LoadLibraryExA
CompareStringW
GetStringTypeW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
GetStartupInfoW
FindClose
RtlUnwindEx
InterlockedFlushSList
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
HeapReAlloc
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
WriteConsoleW
ReadConsoleW
VerifyVersionInfoW
MoveFileExW
FindResourceExA
LoadLibraryW
GlobalFree
LockResource
LoadResource
FindResourceExW
GetSystemDirectoryA
CreateProcessA
ExitThread
WriteFile
SetFilePointer
ReadFile
GetFileSize
GetFileAttributesW
DeleteFileW
CreateFileW
CreateFileA
VerSetConditionMask
CreateWaitableTimerW
WaitForMultipleObjects
GetModuleHandleW
GetTickCount
TerminateThread
CreateEventW
ResetEvent
SetEvent
MultiByteToWideChar
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
WideCharToMultiByte
GlobalUnlock
GlobalLock
GlobalSize
GlobalAlloc
GetLocalTime
IsDBCSLeadByte
GetCPInfo
GetACP
GetCurrentProcessId
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
TlsFree
TlsAlloc
SetThreadPriority
OpenThread
CreateThread
QueueUserAPC
SleepEx
WaitForSingleObject
CloseHandle
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemTime
GetProcessHeap
HeapSize
HeapFree
HeapAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
OutputDebugStringA
RaiseFailFastException
DebugBreak
RtlPcToFileHeader
GetUserDefaultLangID
GlobalMemoryStatus
FlushConsoleInputBuffer
FileTimeToSystemTime
GetVersionExW
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFullPathNameA
LockFile
LockFileEx
UnlockFile
UnlockFileEx
CreateFileMappingW
FormatMessageA
AreFileApisANSI
GetNumberFormatW
GetCurrencyFormatW
ReadConsoleInputA
SetConsoleMode
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
GetProcessAffinityMask
GetSystemInfo
TlsSetValue
TlsGetValue
GetCurrentThreadId
SwitchToThread
Sleep
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetLastError
RaiseException
SetEndOfFile
DecodePointer

user32

CharNextW
EnumDisplayDevicesA
UpdateLayeredWindow
GetAsyncKeyState
GetLastInputInfo
SetMenuItemInfoW
GetMenuItemInfoW
InsertMenuItemW
RemoveMenu
SetMenuInfo
GetMenuInfo
TrackPopupMenu
DestroyMenu
CreatePopupMenu
CreateMenu
DdeFreeStringHandle
DdeCreateStringHandleA
DdeClientTransaction
DdeDisconnect
DdeConnect
DdeUninitialize
DdeInitializeW
GetKeyboardLayout
ActivateKeyboardLayout
MapVirtualKeyW
ToAscii
GetKeyboardState
CharLowerW
CharUpperW
UnregisterClassA
SetCaretPos
ShowCaret
DestroyCaret
CreateCaret
PostQuitMessage
GetMessageW
EnumDisplayMonitors
ChangeDisplaySettingsExW
PostMessageA
GetSysColor
GetWindowDC
GetMenuBarInfo
EnumDisplaySettingsW
GetWindow
EnumWindows
GetClassLongW
SetWindowLongW
GetWindowLongW
MapWindowPoints
GetWindowTextW
SetWindowRgn
EndPaint
BeginPaint
UpdateWindow
DeleteMenu
GetSystemMenu
DrawMenuBar
SetMenu
GetActiveWindow
IsZoomed
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
FlashWindowEx
ShowWindowAsync
ShowWindow
IsWindow
GetClassInfoExW
GetAncestor
FindWindowExW
EnumChildWindows
RemovePropW
SetForegroundWindow
GetForegroundWindow
WaitForInputIdle
GetWindowInfo
LoadCursorW
UnregisterClassW
GetUserObjectInformationW
GetProcessWindowStation
RegisterWindowMessageA
OffsetRect
EnumDisplayDevicesW
GetDoubleClickTime
GetKeyState
GetCursorPos
ScreenToClient
RegisterClipboardFormatA
RegisterClipboardFormatW
GetClipboardFormatNameA
GetDC
ReleaseDC
OpenClipboard
CloseClipboard
SetClipboardData
GetClipboardData
EmptyClipboard
IsClipboardFormatAvailable
TranslateMessage
DispatchMessageW
GetWindowThreadProcessId
CopyRect
SetCursorPos
InvalidateRect
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetCapture
GetQueueStatus
GetFocus
CallWindowProcW
AttachThreadInput
GetMessageTime
TrackMouseEvent
LoadStringW
CloseWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
MsgWaitForMultipleObjects
GetMonitorInfoW
MonitorFromWindow
SystemParametersInfoW
CreateIconIndirect
DestroyIcon
LoadIconW
GetParent
GetDesktopWindow
SetWindowLongPtrW
GetWindowLongPtrW
PtInRect
InflateRect
SetRectEmpty
PeekMessageW
SendMessageW
SendMessageTimeoutW
PostMessageW
PostThreadMessageW
DestroyWindow
MoveWindow
SetRect
ClientToScreen
GetCursor
SetCursor
MessageBoxW
MessageBoxA
GetWindowRect
GetClientRect
GetWindowTextLengthW
SetWindowTextW
GetPropW
SetPropW
GetSystemMetrics
IsWindowEnabled
EnableWindow
SendInput
SetFocus
GetDlgItemTextW
GetDlgItemTextA
SetDlgItemTextW
SetDlgItemTextA
GetDlgItem
EndDialog
DialogBoxIndirectParamW
DialogBoxParamW
SetWindowPos
MonitorFromPoint

ole32

CoCreateInstance
OleFlushClipboard
OleGetClipboard
OleSetClipboard
CreateBindCtx
RegisterDragDrop
DoDragDrop
RevokeDragDrop
OleIsCurrentClipboard
ReleaseStgMedium
CoUninitialize
CoTaskMemFree
CoInitialize
CoSetProxyBlanket
CreateStreamOnHGlobal
CoInitializeEx
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
PropVariantClear
CoTaskMemAlloc
CoTaskMemRealloc
OleUninitialize
OleInitialize
MkParseDisplayName

oleaut32

SysStringLen
VariantClear
VariantInit
LoadRegTypeLi
SysAllocStringLen
SysAllocString
LoadTypeLi
VarUI4FromStr
SysFreeString

winspool.drv

ClosePrinter
EnumPrintersW
OpenPrinterW
GetPrinterW

winmm

timeEndPeriod
waveOutGetDevCapsW
timeBeginPeriod
waveOutClose
waveOutPrepareHeader
timeGetDevCaps
timeGetTime
timeKillEvent
timeSetEvent
mixerGetControlDetailsA
waveOutPause
waveOutRestart
waveInGetPosition
mixerSetControlDetails
waveOutOpen
waveOutGetPosition
waveOutUnprepareHeader
waveOutWrite
waveOutReset
waveOutGetNumDevs
waveInGetNumDevs
waveInGetDevCapsW
waveInOpen
waveInClose
waveInPrepareHeader
waveInUnprepareHeader
waveInAddBuffer
waveInStart
waveInStop
waveInReset
waveInGetDevCapsA
mixerGetID
waveOutGetDevCapsA
waveOutMessage
waveInMessage
mixerGetDevCapsA
mixerOpen
mixerClose
mixerGetLineInfoA
mixerGetLineControlsA

oleacc

AccessibleObjectFromWindow

crypt32

CertDuplicateCertificateContext
CertGetEnhancedKeyUsage
CertAddEncodedCertificateToStore
CryptUnprotectData
CryptProtectData
CryptImportPublicKeyInfo
CertCloseStore
CertFindCertificateInStore
CertVerifySubjectCertificateContext
CertCreateCertificateContext
CertFreeCertificateContext
CryptVerifyMessageSignature
CryptGetMessageCertificates
CertOpenStore
CertEnumCertificatesInStore
CertGetCertificateChain
CertFreeCertificateChain
CryptFindLocalizedName

ws2_32

accept
listen
recvfrom
closesocket
htonl
htons
inet_addr
inet_ntoa
gethostname
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
setsockopt
recv
__WSAFDIsSet
shutdown
getsockopt
ntohl
ioctlsocket
sendto
send
select
connect
bind
WSAAddressToStringA
getsockname
getpeername
WSASocketW
WSAIoctl
WSAAsyncSelect
WSAGetLastError
WSASetLastError
WSACleanup
WSAStartup
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
ntohs

gdi32

SetStretchBltMode
StretchBlt
GdiAlphaBlend
Rectangle
CreateSolidBrush
CreatePalette
GetSystemPaletteEntries
CreateDCA
GetStretchBltMode
CreateFontIndirectW
PolyBezierTo
EnumFontFamiliesExW
GetFontData
CreateBitmap
GetObjectW
BitBlt
CreateDIBSection
SetDIBitsToDevice
SelectObject
DeleteDC
LPtoDP
CreateCompatibleDC
RestoreDC
ExtCreatePen
StrokePath
SelectClipPath
FillPath
EndPath
BeginPath
AbortDoc
EndPage
StartPage
EndDoc
StartDocW
StretchDIBits
SetPolyFillMode
SaveDC
DeleteObject
CreateICW
CreateDCW
DPtoLP
ExtTextOutW
ExtTextOutA
SetWorldTransform
GetWorldTransform
GetTextMetricsW
SetTextAlign
SetTextColor
SetTextCharacterExtra
SetGraphicsMode
SetBkMode
SetBkColor
IntersectClipRect
GetTextExtentPoint32W
GetTextExtentPoint32A
GetTextColor
GetTextAlign
GetTextCharacterExtra
GetCurrentObject
GetClipRgn
GetBkMode
GetBkColor
EnumFontFamiliesW
EnumFontFamiliesA
CreateRectRgn
CreateFontIndirectA
GdiFlush
MoveToEx
SelectClipRgn
OffsetRgn
LineTo
CreatePen
CombineRgn
GetClipBox
CreateRectRgnIndirect
GetDeviceCaps
GetDIBits
CreateCompatibleBitmap
SelectPalette
RealizePalette
GetICMProfileA
SetPixel
GetStockObject
ResetDCW

msimg32

AlphaBlend

advapi32

RegOpenKeyExW
RegOpenKeyExA
RegDeleteValueW
RegDeleteKeyW
RegOpenKeyA
SetSecurityInfo
SetEntriesInAclW
SetSecurityDescriptorDacl
SetSecurityDescriptorControl
MakeSelfRelativeSD
InitializeSecurityDescriptor
InitializeAcl
RegEnumKeyExW
GetTokenInformation
OpenProcessToken
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
RegQueryInfoKeyW
RegSetValueExW
RegQueryValueExA
CryptDestroyKey
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextW

version

VerQueryValueW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoSizeA

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
PrintDlgW
PageSetupDlgW

shell32

ShellExecuteExW
SHGetFileInfoW
SHGetSpecialFolderPathW
SHCreateDirectoryExW
ShellExecuteW
CommandLineToArgvW
SHChangeNotify
SHGetSpecialFolderLocation
Shell_NotifyIconW
ord4
ord2
SHGetDiskFreeSpaceExW
SHFileOperationW
SHGetFolderPathW
SHAppBarMessage
SHGetSettings
SHBrowseForFolderW
SHGetFolderLocation
SHGetFolderPathA
SHGetPathFromIDListW

shlwapi

AssocQueryStringW
PathFileExistsW
PathRemoveFileSpecW
StrStrIW
StrRStrIW
ord219
PathAppendA
PathAppendW
StrDupW
StrCmpW

wininet

InternetSetCookieW
InternetErrorDlg
InternetGetCookieW

msi

ord137
ord141
ord16
ord113
ord88
ord205
ord90
ord173
ord70
ord125
ord121
ord17
ord20
ord92
ord151
ord153
ord78
ord159
ord32
ord84
ord72
ord96
ord37
ord8

urlmon

CopyStgMedium
CoInternetCompareUrl
CoInternetParseUrl

comctl32

ImageList_Draw
ImageList_GetIconSize

mscms

TranslateBitmapBits
CloseColorProfile
CreateColorTransformW
DeleteColorTransform
OpenColorProfileW

secur32

LsaFreeReturnBuffer
LsaGetLogonSessionData

dsound

ord1
ord8

iphlpapi

GetAdaptersAddresses

dnsapi

DnsQuery_UTF8
DnsFree

Exports

Exports

ADLWMain
AppEntryWinMain
AppInstallWinMain
CaptiveAppEntryWinMain
ExtendedAppEntryWinMain
FREAcquireBitmapData
FREAcquireBitmapData2
FREAcquireByteArray
FRECallObjectMethod
FREDispatchStatusEventAsync
FREGetArrayElementAt
FREGetArrayLength
FREGetContextActionScriptData
FREGetContextNativeData
FREGetObjectAsBool
FREGetObjectAsDouble
FREGetObjectAsInt32
FREGetObjectAsUTF8
FREGetObjectAsUint32
FREGetObjectProperty
FREGetObjectType
FREInvalidateBitmapDataRect
FRENewObject
FRENewObjectFromBool
FRENewObjectFromDouble
FRENewObjectFromInt32
FRENewObjectFromUTF8
FRENewObjectFromUint32
FREReleaseBitmapData
FREReleaseByteArray
FRESetArrayElementAt
FRESetArrayLength
FRESetContextActionScriptData
FRESetContextNativeData
FRESetObjectProperty
NAIPWMain
RuntimeInstallerWinMain

Sections

.text
Size: 11.5MB - Virtual size: 11.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6.8MB - Virtual size: 6.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 570KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 527KB - Virtual size: 526KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/CaptiveAppEntry.exe
.exe windows:6 windows x64 arch:x64

7404853f9a2768583879ed766d465f38

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetStdHandle
WriteConsoleW
GetProcAddress
ExitProcess
HeapAlloc
GetProcessHeap
GetModuleHandleW
LoadLibraryW
GetFileAttributesW
CreateFileW
GetUserDefaultUILanguage
GetModuleFileNameW
GetStdHandle
GetCommandLineW
RaiseException
SetFilePointerEx
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
WriteFile
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
RtlUnwindEx
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetFileType
GetCurrentProcess
GetModuleFileNameA
TerminateProcess
GetModuleHandleExW
GetACP
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapFree

shell32

CommandLineToArgvW

user32

MessageBoxExW

shlwapi

StrCmpW

Exports

Exports

AmdPowerXpressRequestBetterBatteryLife
NvOptimusDisablement

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING-LGPL-2.1
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/Licenses/cairo/COPYING-MPL-1.1
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/Licenses/pcre2/COPYING
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/Licenses/pixman/COPYING
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/NPSWF32.dll
.dll windows:5 windows x86 arch:x86

b8ee5247fe5026a539c47b8fccacd597

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ee:f1:c7:7a:e9:4b:3c:30:70:10:48:cc:6e:c1:49:a3:ca:e5:a1:fb:ac:10:b6:9f:de:ec:10:8d:48:55:f4:46
Signer

Actual PE Digest

ee:f1:c7:7a:e9:4b:3c:30:70:10:48:cc:6e:c1:49:a3:ca:e5:a1:fb:ac:10:b6:9f:de:ec:10:8d:48:55:f4:46

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

EndPaint
DestroyWindow
FillRect
LoadImageW
UnregisterClassW
GetClientRect
BeginPaint
LoadIconW
GetWindowLongW
SetWindowLongW
SetWindowPos
FrameRect
CreateWindowExW
RegisterClassW
DefWindowProcW

gdi32

BitBlt
SelectObject
CreateCompatibleDC
GetObjectW
GetStockObject
DeleteObject

shell32

ShellExecuteW

msvcr90

_encoded_null
memcpy
_except_handler4_common
_onexit
??3@YAXPAX@Z
??2@YAPAXI@Z
_encode_pointer
_malloc_crt
free
memset
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock

kernel32

QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
GetTickCount
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/NPSWF64.dll
.dll windows:5 windows x64 arch:x64

ad9a10c28b07039cee460ff13509e776

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3a:fb:8c:d0:97:d3:7e:c0:2e:01:8b:a0:b4:db:33:ab:58:48:1f:61:41:8f:4e:74:0b:a8:fb:29:d9:1d:7a:39
Signer

Actual PE Digest

3a:fb:8c:d0:97:d3:7e:c0:2e:01:8b:a0:b4:db:33:ab:58:48:1f:61:41:8f:4e:74:0b:a8:fb:29:d9:1d:7a:39

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

user32

EndPaint
DestroyWindow
FillRect
LoadImageW
UnregisterClassW
GetClientRect
BeginPaint
LoadIconW
GetWindowLongW
SetWindowLongW
SetWindowPos
FrameRect
CreateWindowExW
RegisterClassW
DefWindowProcW

gdi32

BitBlt
SelectObject
CreateCompatibleDC
GetObjectW
GetStockObject
DeleteObject

shell32

ShellExecuteW

msvcr90

_initterm_e
memset
_onexit
??3@YAXPEAX@Z
??2@YAPEAX_K@Z
_encode_pointer
_malloc_crt
_initterm
memcpy
free
_encoded_null
_decode_pointer
_amsg_exit
__C_specific_handler
__CppXcptFilter
__crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock

kernel32

QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
GetTickCount
IsDebuggerPresent
Sleep
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
RtlVirtualUnwind
SetUnhandledExceptionFilter

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/Template.exe
.exe windows:6 windows x64 arch:x64

f83fda1f16312325187770f5fee2bbb0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

SetStdHandle
WriteConsoleW
GetProcAddress
ExitProcess
HeapAlloc
GetProcessHeap
GetModuleHandleW
LoadLibraryW
CreateFileW
GetUserDefaultUILanguage
GetStdHandle
GetCommandLineW
RaiseException
SetFilePointerEx
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
WriteFile
CloseHandle
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
MultiByteToWideChar
WideCharToMultiByte
RtlUnwindEx
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
GetFileType
GetCurrentProcess
GetModuleFileNameA
TerminateProcess
GetModuleHandleExW
GetACP
LCMapStringW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
HeapFree

shell32

CommandLineToArgvW

user32

MessageBoxExW

shlwapi

StrCmpW
PathAppendW
PathRemoveFileSpecW

msi

ord90

Exports

Exports

AmdPowerXpressRequestBetterBatteryLife
NvOptimusDisablement

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/Thawte Root Certificate.cer
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/WebKit.dll
.dll windows:6 windows x64 arch:x64

704e216694e44094d78982517b7af7eb

Code Sign

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Flash Player,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ff:17:52:43:73:12:66:88:eb:11:8b:12:fd:fd:55:9b:d6:15:ce:39:9e:b0:29:6a:84:c4:99:76:40:01:dd:e5
Signer

Actual PE Digest

ff:17:52:43:73:12:66:88:eb:11:8b:12:fd:fd:55:9b:d6:15:ce:39:9e:b0:29:6a:84:c4:99:76:40:01:dd:e5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

TlsGetValue
TlsSetValue
TlsFree
InterlockedFlushSList
SetLastError
HeapSize
GetTimeZoneInformation
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
LCMapStringW
GetProcessHeap
HeapReAlloc
GetACP
GetStdHandle
GetFileType
GetStringTypeW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
TlsAlloc
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
InitializeCriticalSectionAndSpinCount
RtlUnwindEx
RaiseException
EncodePointer
RtlPcToFileHeader
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
CompareStringW
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
SetEndOfFile
CreateDirectoryW
GetFullPathNameA
GetFullPathNameW
ReadConsoleW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
GetFileAttributesA
LoadLibraryW
FormatMessageW
LocalFree
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetVersionExW
GetLocaleInfoW
MultiByteToWideChar
GetLastError
LoadLibraryExW
GetProcAddress
FreeLibrary
GetCurrentDirectoryW
SetCurrentDirectoryW
GetFileAttributesExW
ReadFile
GetFileSize
CreateFileW
FoldStringW
VirtualFree
GetThreadTimes
GetCurrentThread
VirtualAlloc
QueryPerformanceFrequency
QueryPerformanceCounter
CloseHandle
WriteFile
DeleteFileA
GetTickCount
GetOEMCP

user32

SetParent
GetWindowLongPtrW
SetWindowLongPtrW
ShowWindow
SetFocus
GetKeyboardState
SetKeyboardState
GetWindowRect
ClientToScreen
SendMessageW
DefWindowProcA
DefWindowProcW
CallWindowProcW
RegisterClassExW
IsChild
DestroyWindow
MoveWindow
GetFocus
FillRect
SystemParametersInfoW
ReleaseDC
SetCapture
ReleaseCapture
UpdateWindow
GetUpdateRect
SetWindowRgn
GetWindowRgn
GetDC
GetLastInputInfo
LoadCursorW
CreateWindowExW
SetWindowLongPtrA
EqualRect
IntersectRect
GetPropW
SetPropW
InvalidateRect

gdi32

GetCharWidthI
GetTextMetricsW
GetGlyphOutlineW
GetOutlineTextMetricsW
AddFontMemResourceEx
GetTextFaceW
EnumEnhMetaFile
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
GetFontUnicodeRanges
GetStockObject
EnumFontFamiliesExW
RemoveFontMemResourceEx
CreateFontIndirectW
GetFontData
ModifyWorldTransform
SaveDC
RestoreDC
IntersectClipRect
CreateDIBSection
SetWorldTransform
GetWorldTransform
SetGraphicsMode
SelectObject
GetRgnBox
GetClipBox
DeleteObject
CreateRectRgn
CreateCompatibleDC
GetGlyphIndicesW
GetObjectW
BitBlt
CreateCompatibleBitmap
DeleteDC
ExtCreateRegion
GetClipRgn
GetGraphicsMode
SelectClipRgn
ExtSelectClipRgn
GdiFlush
SetBkMode
SetTextColor
SetTextAlign
ExtTextOutW
GetCharWidth32W
SetMapMode
GetDeviceCaps
CreateSolidBrush
StretchDIBits

usp10

ScriptStringFree
ScriptStringOut
ScriptFreeCache
ScriptItemize
ScriptShape
ScriptStringAnalyse
ScriptPlace
ScriptXtoCP

urlmon

FindMimeFromData

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

winmm

timeEndPeriod
timeBeginPeriod

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW

ole32

CoTaskMemFree
CoCreateInstance
CoCreateGuid

Exports

Exports

WebKitGetAPI
cairo_append_path
cairo_arc
cairo_arc_negative
cairo_clip
cairo_clip_extents
cairo_clip_preserve
cairo_close_path
cairo_copy_clip_rectangle_list
cairo_copy_page
cairo_copy_path
cairo_copy_path_flat
cairo_create
cairo_curve_to
cairo_debug_reset_static_data
cairo_destroy
cairo_device_acquire
cairo_device_destroy
cairo_device_finish
cairo_device_flush
cairo_device_get_reference_count
cairo_device_get_type
cairo_device_get_user_data
cairo_device_reference
cairo_device_release
cairo_device_set_user_data
cairo_device_status
cairo_device_to_user
cairo_device_to_user_distance
cairo_fill
cairo_fill_extents
cairo_fill_preserve
cairo_font_extents
cairo_font_face_destroy
cairo_font_face_get_reference_count
cairo_font_face_get_type
cairo_font_face_get_user_data
cairo_font_face_reference
cairo_font_face_set_user_data
cairo_font_face_status
cairo_font_options_copy
cairo_font_options_create
cairo_font_options_destroy
cairo_font_options_equal
cairo_font_options_get_antialias
cairo_font_options_get_hint_metrics
cairo_font_options_get_hint_style
cairo_font_options_get_subpixel_order
cairo_font_options_hash
cairo_font_options_merge
cairo_font_options_set_antialias
cairo_font_options_set_hint_metrics
cairo_font_options_set_hint_style
cairo_font_options_set_subpixel_order
cairo_font_options_status
cairo_format_stride_for_width
cairo_get_antialias
cairo_get_current_point
cairo_get_dash
cairo_get_dash_count
cairo_get_fill_rule
cairo_get_font_face
cairo_get_font_matrix
cairo_get_font_options
cairo_get_group_target
cairo_get_line_cap
cairo_get_line_join
cairo_get_line_width
cairo_get_matrix
cairo_get_miter_limit
cairo_get_operator
cairo_get_reference_count
cairo_get_scaled_font
cairo_get_source
cairo_get_target
cairo_get_tolerance
cairo_get_user_data
cairo_glyph_allocate
cairo_glyph_extents
cairo_glyph_free
cairo_glyph_path
cairo_has_current_point
cairo_identity_matrix
cairo_image_surface_create
cairo_image_surface_create_for_data
cairo_image_surface_create_from_png
cairo_image_surface_create_from_png_stream
cairo_image_surface_get_data
cairo_image_surface_get_format
cairo_image_surface_get_height
cairo_image_surface_get_stride
cairo_image_surface_get_width
cairo_in_clip
cairo_in_fill
cairo_in_stroke
cairo_line_to
cairo_mask
cairo_mask_surface
cairo_matrix_init
cairo_matrix_init_identity
cairo_matrix_init_rotate
cairo_matrix_init_scale
cairo_matrix_init_translate
cairo_matrix_invert
cairo_matrix_multiply
cairo_matrix_rotate
cairo_matrix_scale
cairo_matrix_transform_distance
cairo_matrix_transform_point
cairo_matrix_translate
cairo_mesh_pattern_begin_patch
cairo_mesh_pattern_curve_to
cairo_mesh_pattern_end_patch
cairo_mesh_pattern_get_control_point
cairo_mesh_pattern_get_corner_color_rgba
cairo_mesh_pattern_get_patch_count
cairo_mesh_pattern_get_path
cairo_mesh_pattern_line_to
cairo_mesh_pattern_move_to
cairo_mesh_pattern_set_control_point
cairo_mesh_pattern_set_corner_color_rgb
cairo_mesh_pattern_set_corner_color_rgba
cairo_move_to
cairo_new_path
cairo_new_sub_path
cairo_paint
cairo_paint_with_alpha
cairo_path_destroy
cairo_path_extents
cairo_pattern_add_color_stop_rgb
cairo_pattern_add_color_stop_rgba
cairo_pattern_create_for_surface
cairo_pattern_create_linear
cairo_pattern_create_mesh
cairo_pattern_create_radial
cairo_pattern_create_raster_source
cairo_pattern_create_rgb
cairo_pattern_create_rgba
cairo_pattern_destroy
cairo_pattern_get_color_stop_count
cairo_pattern_get_color_stop_rgba
cairo_pattern_get_extend
cairo_pattern_get_filter
cairo_pattern_get_linear_points
cairo_pattern_get_matrix
cairo_pattern_get_radial_circles
cairo_pattern_get_reference_count
cairo_pattern_get_rgba
cairo_pattern_get_surface
cairo_pattern_get_type
cairo_pattern_get_user_data
cairo_pattern_reference
cairo_pattern_set_extend
cairo_pattern_set_filter
cairo_pattern_set_matrix
cairo_pattern_set_user_data
cairo_pattern_status
cairo_pop_group
cairo_pop_group_to_source
cairo_push_group
cairo_push_group_with_content
cairo_raster_source_pattern_get_acquire
cairo_raster_source_pattern_get_callback_data
cairo_raster_source_pattern_get_copy
cairo_raster_source_pattern_get_finish
cairo_raster_source_pattern_get_snapshot
cairo_raster_source_pattern_set_acquire
cairo_raster_source_pattern_set_callback_data
cairo_raster_source_pattern_set_copy
cairo_raster_source_pattern_set_finish
cairo_raster_source_pattern_set_snapshot
cairo_recording_surface_create
cairo_recording_surface_get_extents
cairo_recording_surface_ink_extents
cairo_rectangle
cairo_rectangle_list_destroy
cairo_reference
cairo_region_contains_point
cairo_region_contains_rectangle
cairo_region_copy
cairo_region_create
cairo_region_create_rectangle
cairo_region_create_rectangles
cairo_region_destroy
cairo_region_equal
cairo_region_get_extents
cairo_region_get_rectangle
cairo_region_intersect
cairo_region_intersect_rectangle
cairo_region_is_empty
cairo_region_num_rectangles
cairo_region_reference
cairo_region_status
cairo_region_subtract
cairo_region_subtract_rectangle
cairo_region_translate
cairo_region_union
cairo_region_union_rectangle
cairo_region_xor
cairo_region_xor_rectangle
cairo_rel_curve_to
cairo_rel_line_to
cairo_rel_move_to
cairo_reset_clip
cairo_restore
cairo_rotate
cairo_save
cairo_scale
cairo_scaled_font_create
cairo_scaled_font_destroy
cairo_scaled_font_extents
cairo_scaled_font_get_ctm
cairo_scaled_font_get_font_face
cairo_scaled_font_get_font_matrix
cairo_scaled_font_get_font_options
cairo_scaled_font_get_reference_count
cairo_scaled_font_get_scale_matrix
cairo_scaled_font_get_type
cairo_scaled_font_get_user_data
cairo_scaled_font_glyph_extents
cairo_scaled_font_reference
cairo_scaled_font_set_user_data
cairo_scaled_font_status
cairo_scaled_font_text_extents
cairo_scaled_font_text_to_glyphs
cairo_select_font_face
cairo_set_antialias
cairo_set_dash
cairo_set_fill_rule
cairo_set_font_face
cairo_set_font_matrix
cairo_set_font_options
cairo_set_font_size
cairo_set_line_cap
cairo_set_line_join
cairo_set_line_width
cairo_set_matrix
cairo_set_miter_limit
cairo_set_operator
cairo_set_scaled_font
cairo_set_source
cairo_set_source_rgb
cairo_set_source_rgba
cairo_set_source_surface
cairo_set_tolerance
cairo_set_user_data
cairo_show_glyphs
cairo_show_page
cairo_show_text
cairo_show_text_glyphs
cairo_status
cairo_status_to_string
cairo_stroke
cairo_stroke_extents
cairo_stroke_preserve
cairo_surface_copy_page
cairo_surface_create_similar
cairo_surface_create_similar_image
cairo_surface_destroy
cairo_surface_finish
cairo_surface_flush
cairo_surface_get_content
cairo_surface_get_device
cairo_surface_get_device_offset
cairo_surface_get_device_scale
cairo_surface_get_fallback_resolution
cairo_surface_get_font_options
cairo_surface_get_mime_data
cairo_surface_get_reference_count
cairo_surface_get_type
cairo_surface_get_user_data
cairo_surface_has_show_text_glyphs
cairo_surface_map_to_image
cairo_surface_mark_dirty
cairo_surface_mark_dirty_rectangle
cairo_surface_reference
cairo_surface_set_device_offset
cairo_surface_set_device_scale
cairo_surface_set_fallback_resolution
cairo_surface_set_mime_data
cairo_surface_set_user_data
cairo_surface_show_page
cairo_surface_status
cairo_surface_supports_mime_type
cairo_surface_unmap_image
cairo_surface_write_to_png
cairo_surface_write_to_png_stream
cairo_text_cluster_allocate
cairo_text_cluster_free
cairo_text_extents
cairo_text_path
cairo_toy_font_face_create
cairo_toy_font_face_get_family
cairo_toy_font_face_get_slant
cairo_toy_font_face_get_weight
cairo_transform
cairo_translate
cairo_user_font_face_create
cairo_user_font_face_get_init_func
cairo_user_font_face_get_render_glyph_func
cairo_user_font_face_get_text_to_glyphs_func
cairo_user_font_face_get_unicode_to_glyph_func
cairo_user_font_face_set_init_func
cairo_user_font_face_set_render_glyph_func
cairo_user_font_face_set_text_to_glyphs_func
cairo_user_font_face_set_unicode_to_glyph_func
cairo_user_to_device
cairo_user_to_device_distance
cairo_win32_font_face_create_for_hfont
cairo_win32_font_face_create_for_logfontw
cairo_win32_font_face_create_for_logfontw_hfont
cairo_win32_scaled_font_done_font
cairo_win32_scaled_font_get_device_to_logical
cairo_win32_scaled_font_get_logical_to_device
cairo_win32_scaled_font_get_metrics_factor
cairo_win32_scaled_font_select_font
cairo_win32_surface_create
cairo_win32_surface_create_with_ddb
cairo_win32_surface_create_with_dib
cairo_win32_surface_get_dc
cairo_win32_surface_get_image

Sections

.text
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 253KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.unwante
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/WebKit/LGPL License.txt
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/WebKit/Notice WebKit.txt
assets/runtimes/air/win64/Adobe AIR/Versions/1.0/Resources/template.msi
.msi
assets/runtimes/air/win64/Adobe AIR/sentinel

Sharing

General

Malware Config

Signatures

Files

dfa4b7e43927c69560b31967c9d4722b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

user32

version

shell32

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

Exports

Exports

Sections

.text Size: 6.0MB - Virtual size: 6.0MB

.CLR_UEF Size: 512B - Virtual size: 271B

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 28KB - Virtual size: 120KB

.pdata Size: 215KB - Virtual size: 214KB

.didat Size: 512B - Virtual size: 24B

Section Size: 512B - Virtual size: 8B

_RDATA Size: 77KB - Virtual size: 76KB

.rsrc Size: 1.4MB - Virtual size: 1.4MB

.reloc Size: 28KB - Virtual size: 28KB

9ee3e940f1cfe3dd4ca93fb63e5000af

Headers

File Characteristics

Imports

adobe air

advapi32

kernel32

msvcrt

winmm

Exports

Exports

Sections

.text Size: 431KB - Virtual size: 431KB

.data Size: 1024B - Virtual size: 640B

.rdata Size: 18KB - Virtual size: 18KB

.bss Size: - Virtual size: 24KB

.edata Size: 512B - Virtual size: 77B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 14KB - Virtual size: 14KB

58b1020942261457b617fc3d8f2f0f75

Headers

DLL Characteristics

File Characteristics

Imports

steam_api

adobe air

kernel32

advapi32

Exports

Exports

Sections

.text Size: 215KB - Virtual size: 214KB

.rdata Size: 72KB - Virtual size: 72KB

.data Size: 8KB - Virtual size: 11KB

.gfids Size: 1024B - Virtual size: 600B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 13KB - Virtual size: 13KB

84047b4daf2566afb17fd03175d8609c

.text
Size: 6.0MB - Virtual size: 6.0MB

.CLR_UEF
Size: 512B - Virtual size: 271B

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 28KB - Virtual size: 120KB

.pdata
Size: 215KB - Virtual size: 214KB

.didat
Size: 512B - Virtual size: 24B

Section
Size: 512B - Virtual size: 8B

_RDATA
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 28KB - Virtual size: 28KB

.text
Size: 431KB - Virtual size: 431KB

.data
Size: 1024B - Virtual size: 640B

.rdata
Size: 18KB - Virtual size: 18KB

.bss
Size: - Virtual size: 24KB

.edata
Size: 512B - Virtual size: 77B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 14KB - Virtual size: 14KB

.text
Size: 215KB - Virtual size: 214KB

.rdata
Size: 72KB - Virtual size: 72KB

.data
Size: 8KB - Virtual size: 11KB

.gfids
Size: 1024B - Virtual size: 600B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 13KB - Virtual size: 13KB

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

d3:ea:ca:25:67:b5:a1:e9:5f:80:96:48:6e:e6:00:f1:4f:dd:48:5f:42:dd:b8:76:69:04:2f:ce:ba:78:2f:d9
Signer

.text
Size: 46KB - Virtual size: 45KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 288KB - Virtual size: 288KB

.reloc
Size: 4KB - Virtual size: 3KB

0d:2c:ac:cd:3e:9e:ec:06:73:84:10:ba:31:bf:65:95
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

fc:45:ee:37:d8:97:bf:58:73:6d:5f:00:74:22:e9:27:68:3f:e7:96:19:c9:08:a8:e8:a8:de:a4:c9:f8:68:45
Signer