97e2f6d446f9676d3cceac25327b20105699c18979c709ee9671ba24cf46a2f0

Sharing

Copy URL

Twitter E-mail

General

Target

97e2f6d446f9676d3cceac25327b20105699c18979c709ee9671ba24cf46a2f0
Size

5.9MB
MD5

eebfe829741147d053be3a8bad652dac
SHA1

66e3782d919940a0746d70b28c9d4ffdcf364fb6
SHA256

97e2f6d446f9676d3cceac25327b20105699c18979c709ee9671ba24cf46a2f0
SHA512

04c48afe6c6a87eace132bb395cf0334874b01c732c43e33ee615327eea331ace4ae6038ef673e18d198acd34b36e52cbbf93983fc66dbe65b28ba4ad5117127
SSDEEP

98304:SSVQKPmU3VmwZqsIJ6SF1nJ8Ih1EVfNp4ats6m9jWRrB+/CRogJmNnABVRz5NCQs:SR+VvqkSFlvQxNpbTm9juyFNw1sB6ggo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/kaf-cli.exe

Files

97e2f6d446f9676d3cceac25327b20105699c18979c709ee9671ba24cf46a2f0
.zip
kaf-cli.exe
.exe windows:6 windows x64 arch:x64

9cbefe68f395e67356e2a5d8d1b285c0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
PostQueuedCompletionStatus
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 906KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kindlegen.exe
.exe windows:5 windows x86 arch:x86

13a5d344467ac8ec3956e7e2f5f90707

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

63:6e:2c:da:3e:0d:98:e0:59:3e:7a:b5:98:91:3d:1d
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

09/01/2014, 00:00

Not After

31/03/2016, 23:59

Subject

CN=Amazon Services LLC,OU=Software Services+OU=Digital ID Class 3 - Microsoft Software Validation v2,O=Amazon Services LLC,L=Seattle,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

dc:da:1d:a1:8d:8b:17:9c:2e:fa:a0:5c:ca:ea:b4:d0:8d:ea:db:24
Signer

Actual PE Digest

dc:da:1d:a1:8d:8b:17:9c:2e:fa:a0:5c:ca:ea:b4:d0:8d:ea:db:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
SetErrorMode
CreateDirectoryW
GetSystemDefaultLCID
GetModuleHandleW
lstrcpynW
GetFileAttributesW
lstrlenW
GetTempPathW
GetLastError
SetLastError
GetProcAddress
MoveFileW
GetLocalTime
FindNextFileW
GetFileAttributesExW
GetCurrentThreadId
DeleteFileW
GetCurrentProcessId
SetFileAttributesW
GetVolumeInformationW
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
CreateFileW
FlushFileBuffers
CreateMutexW
WaitForSingleObject
SetEvent
InitializeCriticalSection
Sleep
LeaveCriticalSection
ReleaseSemaphore
EnterCriticalSection
ResetEvent
DeleteCriticalSection
ReleaseMutex
ResumeThread
GetDateFormatW
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetTimeFormatW
FileTimeToSystemTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
WaitForMultipleObjects
HeapAlloc
CreateEventA
CreateSemaphoreA
DuplicateHandle
GetCurrentProcess
WideCharToMultiByte
LoadLibraryW
GetVersionExW
GetACP
MultiByteToWideChar
CreateFileA
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetTempFileNameW
SetFileTime
GetCurrentDirectoryW
LoadResource
SizeofResource
FindResourceW
FreeLibrary
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameW
RaiseException
lstrcmpiW
InterlockedExchange
ExitThread
CreateThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapReAlloc
ExitProcess
GetCPInfo
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
HeapSize
SetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetOEMCP
IsValidCodePage
VirtualAlloc
GetConsoleCP
GetConsoleMode
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetModuleHandleA
GetLocaleInfoW
GetTimeZoneInformation
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringA
CompareStringW
SetEnvironmentVariableA
OpenEventA
SetWaitableTimer
CreateWaitableTimerA
GetFullPathNameA
GetCurrentDirectoryA
IsDBCSLeadByteEx
GetFullPathNameW
HeapFree
CloseHandle
GetProcessHeap
FindClose
FindFirstFileW
GetFileInformationByHandle

ole32

CoInitializeEx
CoCreateInstance
CoRegisterClassObject
CoRevokeClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CLSIDFromProgID

advapi32

RegDeleteValueW
RegEnumKeyExA
RegQueryValueExA
RegSetValueExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey

user32

SetTimer
CharNextW
wsprintfW
KillTimer
GetDesktopWindow

shell32

SHFileOperationW
SHGetMalloc
SHGetPathFromIDListW
SHGetDesktopFolder

oleaut32

SysAllocStringByteLen
SysStringByteLen
VariantChangeType
VariantInit
SysFreeString
SysAllocString
SysStringLen
LoadTypeLi
VarUI4FromStr
LoadRegTypeLi
SysAllocStringLen
VariantCopy
GetErrorInfo
VariantClear

Exports

Exports

??0?$XMLHolder@U_RTL_CRITICAL_SECTION@@@xercesc_2_8@@QAE@XZ
??0ASCIIRangeFactory@xercesc_2_8@@QAE@XZ
??0AbstractDOMParser@xercesc_2_8@@IAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??0AbstractNumericFacetValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0AbstractNumericValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0AbstractStringValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0AnySimpleTypeDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0AnyURIDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0AnyURIDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ArrayIndexOutOfBoundsException@xercesc_2_8@@QAE@ABV01@@Z
??0ArrayIndexOutOfBoundsException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0ArrayIndexOutOfBoundsException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0ArrayIndexOutOfBoundsException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0AttributeList@xercesc_2_8@@QAE@XZ
??0Attributes@xercesc_2_8@@QAE@XZ
??0BMPattern@xercesc_2_8@@QAE@QB_WH_NQAVMemoryManager@1@@Z
??0BMPattern@xercesc_2_8@@QAE@QB_W_NQAVMemoryManager@1@@Z
??0Base64BinaryDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0Base64BinaryDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0BinFileInputStream@xercesc_2_8@@QAE@QAXQAVMemoryManager@1@@Z
??0BinFileInputStream@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0BinFileInputStream@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0BinHTTPURLInputStream@xercesc_2_8@@QAE@ABVXMLURL@1@PBVXMLNetHTTPInfo@1@@Z
??0BinInputStream@xercesc_2_8@@IAE@XZ
??0BinMemInputStream@xercesc_2_8@@QAE@QBEIW4BufOpts@01@QAVMemoryManager@1@@Z
??0BlockRangeFactory@xercesc_2_8@@QAE@XZ
??0BooleanDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0BooleanDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0CharOp@xercesc_2_8@@QAE@FHQAVMemoryManager@1@@Z
??0CharToken@xercesc_2_8@@QAE@GHQAVMemoryManager@1@@Z
??0ChildOp@xercesc_2_8@@QAE@FQAVMemoryManager@1@@Z
??0ClosureToken@xercesc_2_8@@QAE@GQAVToken@1@QAVMemoryManager@1@@Z
??0ComplexTypeInfo@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ConcatToken@xercesc_2_8@@QAE@QAVToken@1@0QAVMemoryManager@1@@Z
??0ConditionOp@xercesc_2_8@@QAE@FHQBVOp@1@00QAVMemoryManager@1@@Z
??0ConditionToken@xercesc_2_8@@QAE@IQAVToken@1@00QAVMemoryManager@1@@Z
??0ContentHandler@xercesc_2_8@@QAE@XZ
??0ContentLeafNameTypeVector@xercesc_2_8@@QAE@ABV01@@Z
??0ContentLeafNameTypeVector@xercesc_2_8@@QAE@QAPAVQName@1@QAW4NodeTypes@ContentSpecNode@1@IQAVMemoryManager@1@@Z
??0ContentLeafNameTypeVector@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@ABV01@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@QAVQName@1@QAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@QAVQName@1@_NQAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@QAVXMLElementDecl@1@QAVMemoryManager@1@@Z
??0ContentSpecNode@xercesc_2_8@@QAE@W4NodeTypes@01@QAV01@1_N2QAVMemoryManager@1@@Z
??0Context@RegularExpression@xercesc_2_8@@QAE@PAV012@@Z
??0Context@RegularExpression@xercesc_2_8@@QAE@QAVMemoryManager@2@@Z
??0DGXMLScanner@xercesc_2_8@@QAE@QAVXMLDocumentHandler@1@QAVDocTypeHandler@1@QAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0DGXMLScanner@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0DOMAttr@xercesc_2_8@@IAE@ABV01@@Z
??0DOMAttr@xercesc_2_8@@IAE@XZ
??0DOMAttrImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMAttrImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMAttrMapImpl@xercesc_2_8@@QAE@PAVDOMNode@1@@Z
??0DOMAttrMapImpl@xercesc_2_8@@QAE@PAVDOMNode@1@PBV01@@Z
??0DOMAttrNSImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMAttrNSImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W1@Z
??0DOMAttrNSImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMBuilder@xercesc_2_8@@IAE@XZ
??0DOMBuilderImpl@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??0DOMCDATASection@xercesc_2_8@@IAE@ABV01@@Z
??0DOMCDATASection@xercesc_2_8@@IAE@XZ
??0DOMCDATASectionImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMCDATASectionImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMCharacterData@xercesc_2_8@@IAE@ABV01@@Z
??0DOMCharacterData@xercesc_2_8@@IAE@XZ
??0DOMCharacterDataImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMCharacterDataImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMChildNode@xercesc_2_8@@QAE@ABV01@@Z
??0DOMChildNode@xercesc_2_8@@QAE@XZ
??0DOMComment@xercesc_2_8@@IAE@XZ
??0DOMCommentImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMCommentImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMConfiguration@xercesc_2_8@@IAE@XZ
??0DOMConfigurationImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DOMDeepNodeListImpl@xercesc_2_8@@QAE@PBVDOMNode@1@PB_W1@Z
??0DOMDeepNodeListImpl@xercesc_2_8@@QAE@PBVDOMNode@1@PB_W@Z
??0DOMDocument@xercesc_2_8@@IAE@XZ
??0DOMDocumentFragment@xercesc_2_8@@IAE@XZ
??0DOMDocumentFragmentImpl@xercesc_2_8@@AAE@ABV01@_N@Z
??0DOMDocumentFragmentImpl@xercesc_2_8@@IAE@PAVDOMDocument@1@@Z
??0DOMDocumentImpl@xercesc_2_8@@QAE@PB_W0PAVDOMDocumentType@1@QAVMemoryManager@1@@Z
??0DOMDocumentImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DOMDocumentRange@xercesc_2_8@@IAE@XZ
??0DOMDocumentTraversal@xercesc_2_8@@IAE@XZ
??0DOMDocumentType@xercesc_2_8@@IAE@XZ
??0DOMDocumentTypeImpl@xercesc_2_8@@QAE@ABV01@_N1@Z
??0DOMDocumentTypeImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W11_N@Z
??0DOMDocumentTypeImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W_N@Z
??0DOMElement@xercesc_2_8@@IAE@ABV01@@Z
??0DOMElement@xercesc_2_8@@IAE@XZ
??0DOMElementImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMElementImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMElementNSImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMElementNSImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W1@Z
??0DOMElementNSImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMEntity@xercesc_2_8@@IAE@ABV01@@Z
??0DOMEntity@xercesc_2_8@@IAE@XZ
??0DOMEntityImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMEntityImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMEntityReference@xercesc_2_8@@IAE@ABV01@@Z
??0DOMEntityReference@xercesc_2_8@@IAE@XZ
??0DOMEntityReferenceImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMEntityReferenceImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMEntityReferenceImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W_N@Z
??0DOMEntityResolver@xercesc_2_8@@IAE@XZ
??0DOMError@xercesc_2_8@@IAE@XZ
??0DOMErrorHandler@xercesc_2_8@@IAE@XZ
??0DOMErrorImpl@xercesc_2_8@@QAE@F@Z
??0DOMErrorImpl@xercesc_2_8@@QAE@FPB_W0PAX@Z
??0DOMErrorImpl@xercesc_2_8@@QAE@FQB_WQAVDOMLocator@1@@Z
??0DOMException@xercesc_2_8@@QAE@ABV01@@Z
??0DOMException@xercesc_2_8@@QAE@FPB_WQAVMemoryManager@1@@Z
??0DOMException@xercesc_2_8@@QAE@XZ
??0DOMImplementation@xercesc_2_8@@IAE@XZ
??0DOMImplementationLS@xercesc_2_8@@IAE@XZ
??0DOMImplementationSource@xercesc_2_8@@IAE@XZ
??0DOMInputSource@xercesc_2_8@@IAE@XZ
??0DOMLocator@xercesc_2_8@@IAE@XZ
??0DOMLocatorImpl@xercesc_2_8@@QAE@JJQAVDOMNode@1@QB_WJ@Z
??0DOMLocatorImpl@xercesc_2_8@@QAE@XZ
??0DOMNamedNodeMap@xercesc_2_8@@IAE@XZ
??0DOMNamedNodeMapImpl@xercesc_2_8@@QAE@PAVDOMNode@1@@Z
??0DOMNode@xercesc_2_8@@IAE@ABV01@@Z
??0DOMNode@xercesc_2_8@@IAE@XZ
??0DOMNodeFilter@xercesc_2_8@@IAE@XZ
??0DOMNodeImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMNodeImpl@xercesc_2_8@@QAE@PAVDOMNode@1@@Z
??0DOMNodeIterator@xercesc_2_8@@IAE@ABV01@@Z
??0DOMNodeIterator@xercesc_2_8@@IAE@XZ
??0DOMNodeIteratorImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMNodeIteratorImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PAVDOMNode@1@KPAVDOMNodeFilter@1@_N@Z
??0DOMNodeList@xercesc_2_8@@IAE@XZ
??0DOMNodeListImpl@xercesc_2_8@@QAE@PAVDOMNode@1@@Z
??0DOMNotation@xercesc_2_8@@IAE@ABV01@@Z
??0DOMNotation@xercesc_2_8@@IAE@XZ
??0DOMNotationImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMNotationImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMPSVITypeInfo@xercesc_2_8@@IAE@XZ
??0DOMParentNode@xercesc_2_8@@QAE@ABV01@@Z
??0DOMParentNode@xercesc_2_8@@QAE@PAVDOMDocument@1@@Z
??0DOMProcessingInstruction@xercesc_2_8@@IAE@ABV01@@Z
??0DOMProcessingInstruction@xercesc_2_8@@IAE@XZ
??0DOMProcessingInstructionImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMProcessingInstructionImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W1@Z
??0DOMRange@xercesc_2_8@@IAE@ABV01@@Z
??0DOMRange@xercesc_2_8@@IAE@XZ
??0DOMRangeException@xercesc_2_8@@QAE@ABV01@@Z
??0DOMRangeException@xercesc_2_8@@QAE@W4RangeExceptionCode@01@PB_WQAVMemoryManager@1@@Z
??0DOMRangeException@xercesc_2_8@@QAE@XZ
??0DOMRangeImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMRangeImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@QAVMemoryManager@1@@Z
??0DOMText@xercesc_2_8@@IAE@ABV01@@Z
??0DOMText@xercesc_2_8@@IAE@XZ
??0DOMTextImpl@xercesc_2_8@@QAE@ABV01@_N@Z
??0DOMTextImpl@xercesc_2_8@@QAE@PAVDOMDocument@1@PB_W@Z
??0DOMTreeWalker@xercesc_2_8@@IAE@ABV01@@Z
??0DOMTreeWalker@xercesc_2_8@@IAE@XZ
??0DOMTreeWalkerImpl@xercesc_2_8@@QAE@ABV01@@Z
??0DOMTreeWalkerImpl@xercesc_2_8@@QAE@PAVDOMNode@1@KPAVDOMNodeFilter@1@_N@Z
??0DOMTypeInfo@xercesc_2_8@@IAE@XZ
??0DOMTypeInfoImpl@xercesc_2_8@@QAE@PAVDOMDocumentImpl@1@PBVDOMPSVITypeInfo@1@@Z
??0DOMTypeInfoImpl@xercesc_2_8@@QAE@PB_W0@Z
??0DOMUserDataHandler@xercesc_2_8@@IAE@XZ
??0DOMWriter@xercesc_2_8@@IAE@XZ
??0DOMWriterFilter@xercesc_2_8@@IAE@XZ
??0DOMWriterImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DOMXPathEvaluator@xercesc_2_8@@IAE@XZ
??0DOMXPathExpression@xercesc_2_8@@IAE@XZ
??0DOMXPathNSResolver@xercesc_2_8@@IAE@XZ
??0DOMXPathNamespace@xercesc_2_8@@IAE@XZ
??0DOMXPathResult@xercesc_2_8@@IAE@XZ
??0DTDAttDef@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDAttDef@xercesc_2_8@@QAE@QB_W0W4AttTypes@XMLAttDef@1@W4DefAttTypes@31@0QAVMemoryManager@1@@Z
??0DTDAttDef@xercesc_2_8@@QAE@QB_WW4AttTypes@XMLAttDef@1@W4DefAttTypes@31@QAVMemoryManager@1@@Z
??0DTDAttDefList@xercesc_2_8@@QAE@QAV?$RefHashTableOf@VDTDAttDef@xercesc_2_8@@@1@QAVMemoryManager@1@@Z
??0DTDAttDefList@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDElementDecl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDElementDecl@xercesc_2_8@@QAE@QAVQName@1@W4ModelTypes@01@QAVMemoryManager@1@@Z
??0DTDElementDecl@xercesc_2_8@@QAE@QB_WIW4ModelTypes@01@QAVMemoryManager@1@@Z
??0DTDEntityDecl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDEntityDecl@xercesc_2_8@@QAE@QB_W0_NQAVMemoryManager@1@@Z
??0DTDEntityDecl@xercesc_2_8@@QAE@QB_W_NQAVMemoryManager@1@@Z
??0DTDEntityDecl@xercesc_2_8@@QAE@QB_W_W_N2@Z
??0DTDGrammar@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DTDHandler@xercesc_2_8@@QAE@XZ
??0DTDScanner@xercesc_2_8@@QAE@PAVDTDGrammar@1@QAVDocTypeHandler@1@QAVMemoryManager@1@2@Z
??0DTDValidator@xercesc_2_8@@QAE@QAVXMLErrorReporter@1@@Z
??0DatatypeValidator@xercesc_2_8@@IAE@QAV01@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@01@QAVMemoryManager@1@@Z
??0DatatypeValidatorFactory@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DateDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0DateDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DateTimeDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0DateTimeDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DateTimeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0DayDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0DayDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DecimalDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0DecimalDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0DecimalDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DeclHandler@xercesc_2_8@@QAE@XZ
??0DefaultPanicHandler@xercesc_2_8@@QAE@XZ
??0DocTypeHandler@xercesc_2_8@@QAE@XZ
??0DocumentHandler@xercesc_2_8@@QAE@XZ
??0DoubleDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0DoubleDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0DoubleDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0DurationDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0DurationDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ENTITYDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0ENTITYDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ElemStack@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0EmptyStackException@xercesc_2_8@@QAE@ABV01@@Z
??0EmptyStackException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0EmptyStackException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0EmptyStackException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0EncodingValidator@xercesc_2_8@@AAE@XZ
??0EndOfEntityException@xercesc_2_8@@QAE@ABV01@@Z
??0EndOfEntityException@xercesc_2_8@@QAE@PAVXMLEntityDecl@1@I@Z
??0EntityResolver@xercesc_2_8@@QAE@XZ
??0ErrorHandler@xercesc_2_8@@QAE@XZ
??0FieldActivator@xercesc_2_8@@QAE@ABV01@@Z
??0FieldActivator@xercesc_2_8@@QAE@QAVValueStoreCache@1@QAVXPathMatcherStack@1@QAVMemoryManager@1@@Z
??0FieldMatcher@xercesc_2_8@@AAE@QAVXercesXPath@1@QAVIC_Field@1@QAVValueStore@1@QAVFieldActivator@1@QAVMemoryManager@1@@Z
??0FieldValueMap@xercesc_2_8@@QAE@ABV01@@Z
??0FieldValueMap@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0FloatDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0FloatDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0FloatDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0GeneralAttributeCheck@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0Grammar@xercesc_2_8@@IAE@XZ
??0GrammarResolver@xercesc_2_8@@QAE@QAVXMLGrammarPool@1@QAVMemoryManager@1@@Z
??0HashBase@xercesc_2_8@@QAE@XZ
??0HashCMStateSet@xercesc_2_8@@QAE@XZ
??0HashPtr@xercesc_2_8@@QAE@XZ
??0HashXMLCh@xercesc_2_8@@QAE@XZ
??0HexBinaryDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0HexBinaryDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Field@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Field@xercesc_2_8@@QAE@QAVXercesXPath@1@QAVIdentityConstraint@1@@Z
??0IC_Key@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Key@xercesc_2_8@@QAE@QB_W0QAVMemoryManager@1@@Z
??0IC_KeyRef@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_KeyRef@xercesc_2_8@@QAE@QB_W0QAVIdentityConstraint@1@QAVMemoryManager@1@@Z
??0IC_Selector@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Selector@xercesc_2_8@@QAE@QAVXercesXPath@1@QAVIdentityConstraint@1@@Z
??0IC_Unique@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IC_Unique@xercesc_2_8@@QAE@QB_W0QAVMemoryManager@1@@Z
??0IDDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0IDDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0IDDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IDREFDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0IDREFDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0IDREFDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0IGXMLScanner@xercesc_2_8@@QAE@QAVXMLDocumentHandler@1@QAVDocTypeHandler@1@QAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0IGXMLScanner@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0IOException@xercesc_2_8@@QAE@ABV01@@Z
??0IOException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0IOException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0IOException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0IdentityConstraint@xercesc_2_8@@IAE@QB_W0QAVMemoryManager@1@@Z
??0IdentityConstraintHandler@xercesc_2_8@@QAE@QAVXMLScanner@1@QAVMemoryManager@1@@Z
??0IllegalArgumentException@xercesc_2_8@@QAE@ABV01@@Z
??0IllegalArgumentException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0IllegalArgumentException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0IllegalArgumentException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0InMemMsgLoader@xercesc_2_8@@QAE@QB_W@Z
??0InputSource@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QBD0QAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QBDQAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QB_W0QAVMemoryManager@1@@Z
??0InputSource@xercesc_2_8@@IAE@QB_WQAVMemoryManager@1@@Z
??0InvalidDatatypeFacetException@xercesc_2_8@@QAE@ABV01@@Z
??0InvalidDatatypeFacetException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0InvalidDatatypeFacetException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0InvalidDatatypeFacetException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0InvalidDatatypeValueException@xercesc_2_8@@QAE@ABV01@@Z
??0InvalidDatatypeValueException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0InvalidDatatypeValueException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0InvalidDatatypeValueException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0KVStringPair@xercesc_2_8@@QAE@ABV01@@Z
??0KVStringPair@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0KVStringPair@xercesc_2_8@@QAE@QB_W0IQAVMemoryManager@1@@Z
??0KVStringPair@xercesc_2_8@@QAE@QB_W0QAVMemoryManager@1@@Z
??0KVStringPair@xercesc_2_8@@QAE@QB_WI0IQAVMemoryManager@1@@Z
??0LexicalHandler@xercesc_2_8@@QAE@XZ
??0ListDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0ListDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0LocalFileInputSource@xercesc_2_8@@QAE@QB_W0QAVMemoryManager@1@@Z
??0LocalFileInputSource@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0Locator@xercesc_2_8@@QAE@XZ
??0MalformedURLException@xercesc_2_8@@QAE@ABV01@@Z
??0MalformedURLException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0MalformedURLException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0MalformedURLException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0Match@xercesc_2_8@@QAE@ABV01@@Z
??0Match@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0MemBufFormatTarget@xercesc_2_8@@QAE@HQAVMemoryManager@1@@Z
??0MemBufInputSource@xercesc_2_8@@QAE@QBEIQBD_NQAVMemoryManager@1@@Z
??0MemBufInputSource@xercesc_2_8@@QAE@QBEIQB_W_NQAVMemoryManager@1@@Z
??0MemoryManager@xercesc_2_8@@IAE@XZ
??0MemoryManagerArrayImpl@xercesc_2_8@@QAE@XZ
??0MemoryManagerImpl@xercesc_2_8@@QAE@XZ
??0ModifierOp@xercesc_2_8@@QAE@FHHQAVMemoryManager@1@@Z
??0ModifierToken@xercesc_2_8@@QAE@QAVToken@1@HHQAVMemoryManager@1@@Z
??0MonthDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0MonthDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0MonthDayDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0MonthDayDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NCNameDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0NCNameDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0NCNameDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NOTATIONDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0NOTATIONDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NameDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0NameDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0NameDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NamespaceScope@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0NetAccessorException@xercesc_2_8@@QAE@ABV01@@Z
??0NetAccessorException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0NetAccessorException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0NetAccessorException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0NoSuchElementException@xercesc_2_8@@QAE@ABV01@@Z
??0NoSuchElementException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0NoSuchElementException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0NoSuchElementException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0NullPointerException@xercesc_2_8@@QAE@ABV01@@Z
??0NullPointerException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0NullPointerException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0NullPointerException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0NumberFormatException@xercesc_2_8@@QAE@ABV01@@Z
??0NumberFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0NumberFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0NumberFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0Op@xercesc_2_8@@IAE@FQAVMemoryManager@1@@Z
??0OpFactory@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0OutOfMemoryException@xercesc_2_8@@QAE@ABV01@@Z
??0OutOfMemoryException@xercesc_2_8@@QAE@XZ
??0PSVIAttribute@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0PSVIAttributeList@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0PSVIElement@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0PSVIHandler@xercesc_2_8@@IAE@XZ
??0PSVIItem@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0PanicHandler@xercesc_2_8@@IAE@XZ
??0ParenToken@xercesc_2_8@@QAE@GQAVToken@1@HQAVMemoryManager@1@@Z
??0ParseException@xercesc_2_8@@QAE@ABV01@@Z
??0ParseException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0ParseException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0ParseException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0Parser@xercesc_2_8@@QAE@XZ
??0ParserForXMLSchema@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0QName@xercesc_2_8@@QAE@ABV01@@Z
??0QName@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0QName@xercesc_2_8@@QAE@QB_W0IQAVMemoryManager@1@@Z
??0QName@xercesc_2_8@@QAE@QB_WIQAVMemoryManager@1@@Z
??0QNameDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0QNameDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0RangeFactory@xercesc_2_8@@IAE@XZ
??0RangeOp@xercesc_2_8@@QAE@FQBVToken@1@QAVMemoryManager@1@@Z
??0RangeToken@xercesc_2_8@@QAE@GQAVMemoryManager@1@@Z
??0RangeTokenElemMap@xercesc_2_8@@QAE@I@Z
??0RangeTokenMap@xercesc_2_8@@IAE@PAVMemoryManager@1@@Z
??0ReaderMgr@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0RegularExpression@xercesc_2_8@@QAE@QBD0QAVMemoryManager@1@@Z
??0RegularExpression@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0RegularExpression@xercesc_2_8@@QAE@QB_W0QAVMemoryManager@1@@Z
??0RegularExpression@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0RegxParser@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0RuntimeException@xercesc_2_8@@QAE@ABV01@@Z
??0RuntimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0RuntimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0RuntimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0SAX2XMLReader@xercesc_2_8@@QAE@XZ
??0SAX2XMLReaderImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??0SAXException@xercesc_2_8@@QAE@ABV01@@Z
??0SAXException@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SAXException@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0SAXException@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@ABV01@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@ABVSAXException@1@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0SAXNotRecognizedException@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@ABV01@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@ABVSAXException@1@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@QBDQAVMemoryManager@1@@Z
??0SAXNotSupportedException@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0SAXParseException@xercesc_2_8@@QAE@ABV01@@Z
??0SAXParseException@xercesc_2_8@@QAE@QB_W00JJQAVMemoryManager@1@@Z
??0SAXParseException@xercesc_2_8@@QAE@QB_WABVLocator@1@QAVMemoryManager@1@@Z
??0SAXParser@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVMemoryManager@1@QAVXMLGrammarPool@1@@Z
??0SGXMLScanner@xercesc_2_8@@QAE@QAVXMLDocumentHandler@1@QAVDocTypeHandler@1@QAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0SGXMLScanner@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0SchemaAttDef@xercesc_2_8@@QAE@PBV01@@Z
??0SchemaAttDef@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SchemaAttDef@xercesc_2_8@@QAE@QB_W0H0W4AttTypes@XMLAttDef@1@W4DefAttTypes@31@0QAVMemoryManager@1@@Z
??0SchemaAttDef@xercesc_2_8@@QAE@QB_W0HW4AttTypes@XMLAttDef@1@W4DefAttTypes@31@QAVMemoryManager@1@@Z
??0SchemaAttDefList@xercesc_2_8@@QAE@QAV?$RefHash2KeysTableOf@VSchemaAttDef@xercesc_2_8@@@1@QAVMemoryManager@1@@Z
??0SchemaAttDefList@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SchemaDateTimeException@xercesc_2_8@@QAE@ABV01@@Z
??0SchemaDateTimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0SchemaDateTimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0SchemaDateTimeException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0SchemaElementDecl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SchemaElementDecl@xercesc_2_8@@QAE@QBVQName@1@W4ModelTypes@01@HQAVMemoryManager@1@@Z
??0SchemaElementDecl@xercesc_2_8@@QAE@QB_W0HW4ModelTypes@01@HQAVMemoryManager@1@@Z
??0SchemaGrammar@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0SchemaInfo@xercesc_2_8@@QAE@GHHHHIQA_WQB_WQBVDOMElement@1@QAVMemoryManager@1@@Z
??0SchemaValidator@xercesc_2_8@@QAE@QAVXMLErrorReporter@1@QAVMemoryManager@1@@Z
??0SecurityManager@xercesc_2_8@@QAE@XZ
??0SelectorMatcher@xercesc_2_8@@AAE@QAVXercesXPath@1@QAVIC_Selector@1@QAVFieldActivator@1@HQAVMemoryManager@1@@Z
??0StringDatatypeValidator@xercesc_2_8@@IAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@HW4ValidatorType@21@QAVMemoryManager@1@@Z
??0StringDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0StringDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0StringOp@xercesc_2_8@@QAE@FQB_WQAVMemoryManager@1@@Z
??0StringToken@xercesc_2_8@@QAE@GQB_WHQAVMemoryManager@1@@Z
??0SubstitutionGroupComparator@xercesc_2_8@@QAE@QAVGrammarResolver@1@QAVXMLStringPool@1@@Z
??0ThrowEOEJanitor@xercesc_2_8@@QAE@PAVReaderMgr@1@_N@Z
??0TimeDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@@Z
??0TimeDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0Token@xercesc_2_8@@QAE@GQAVMemoryManager@1@@Z
??0TokenFactory@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0TranscodingException@xercesc_2_8@@QAE@ABV01@@Z
??0TranscodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0TranscodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0TranscodingException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0TraverseSchema@xercesc_2_8@@QAE@QAVDOMElement@1@QAVXMLStringPool@1@QAVSchemaGrammar@1@QAVGrammarResolver@1@QAVXMLScanner@1@QB_WQAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@ABVXMLURL@1@QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@QB_W00QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@QB_W0QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@QB_WQBD1QAVMemoryManager@1@@Z
??0URLInputSource@xercesc_2_8@@QAE@QB_WQBDQAVMemoryManager@1@@Z
??0UTFDataFormatException@xercesc_2_8@@QAE@ABV01@@Z
??0UTFDataFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0UTFDataFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0UTFDataFormatException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0UnexpectedEOFException@xercesc_2_8@@QAE@ABV01@@Z
??0UnexpectedEOFException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@0000PAVMemoryManager@1@@Z
??0UnexpectedEOFException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@PAVMemoryManager@1@@Z
??0UnexpectedEOFException@xercesc_2_8@@QAE@QBDIW4Codes@XMLExcepts@1@QB_W222PAVMemoryManager@1@@Z
??0UnicodeRangeFactory@xercesc_2_8@@QAE@XZ
??0UnionDatatypeValidator@xercesc_2_8@@QAE@QAV?$RefVectorOf@VDatatypeValidator@xercesc_2_8@@@1@HQAVMemoryManager@1@@Z
??0UnionDatatypeValidator@xercesc_2_8@@QAE@QAVDatatypeValidator@1@QAV?$RefHashTableOf@VKVStringPair@xercesc_2_8@@@1@QAV?$RefArrayVectorOf@_W@1@HQAVMemoryManager@1@QAV?$RefVectorOf@VDatatypeValidator@xercesc_2_8@@@1@_N@Z
??0UnionDatatypeValidator@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0UnionOp@xercesc_2_8@@QAE@FHQAVMemoryManager@1@@Z
??0UnionToken@xercesc_2_8@@QAE@GQAVMemoryManager@1@@Z
??0ValidationContext@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0ValidationContextImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0ValueStore@xercesc_2_8@@QAE@QAVIdentityConstraint@1@QAVXMLScanner@1@QAVMemoryManager@1@@Z
??0ValueStoreCache@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0VecAttrListImpl@xercesc_2_8@@QAE@XZ
??0VecAttributesImpl@xercesc_2_8@@QAE@XZ
??0WFElemStack@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0WFXMLScanner@xercesc_2_8@@QAE@QAVXMLDocumentHandler@1@QAVDocTypeHandler@1@QAVXMLEntityHandler@1@QAVXMLErrorReporter@1@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0WFXMLScanner@xercesc_2_8@@QAE@QAVXMLValidator@1@QAVGrammarResolver@1@QAVMemoryManager@1@@Z
??0Win32LCPTranscoder@xercesc_2_8@@QAE@XZ
??0Win32TransService@xercesc_2_8@@QAE@XZ
??0Win32Transcoder@xercesc_2_8@@QAE@QB_WIIIQAVMemoryManager@1@@Z
??0WinSockNetAccessor@xercesc_2_8@@QAE@XZ
??0Wrapper4DOMInputSource@xercesc_2_8@@QAE@QAVDOMInputSource@1@_NQAVMemoryManager@1@@Z
??0XML256TableTranscoder@xercesc_2_8@@IAE@QB_WI0QBUTransRec@XMLTransService@1@IQAVMemoryManager@1@@Z
??0XML88591Transcoder@xercesc_2_8@@QAE@QB_WIQAVMemoryManager@1@@Z
??0XMLASCIITranscoder@xercesc_2_8@@QAE@QB_WIQAVMemoryManager@1@@Z
??0XMLAbstractDoubleFloat@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0XMLAttDef@xercesc_2_8@@IAE@QB_WW4AttTypes@01@W4DefAttTypes@01@0QAVMemoryManager@1@@Z
??0XMLAttDef@xercesc_2_8@@IAE@W4AttTypes@01@W4DefAttTypes@01@QAVMemoryManager@1@@Z
??0XMLAttDefList@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0XMLAttr@xercesc_2_8@@QAE@IQB_W00W4AttTypes@XMLAttDef@1@_NQAVMemoryManager@1@PAVDatatypeValidator@1@2@Z
??0XMLAttr@xercesc_2_8@@QAE@IQB_W0W4AttTypes@XMLAttDef@1@_NQAVMemoryManager@1@PAVDatatypeValidator@1@2@Z
??0XMLAttr@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLBigDecimal@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLBigDecimal@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0XMLBigInteger@xercesc_2_8@@QAE@ABV01@@Z
??0XMLBigInteger@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0XMLBuffer@xercesc_2_8@@QAE@IQAVMemoryManager@1@@Z
??0XMLBufferFullHandler@xercesc_2_8@@QAE@ABV01@@Z
??0XMLBufferFullHandler@xercesc_2_8@@QAE@XZ
??0XMLBufferMgr@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLCanRepGroup@xercesc_2_8@@QAE@W4CanRepGroup@01@@Z
??0XMLChTranscoder@xercesc_2_8@@QAE@QB_WIQAVMemoryManager@1@@Z
??0XMLContentModel@xercesc_2_8@@IAE@XZ
??0XMLDTDDescription@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0XMLDTDDescriptionImpl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLDTDDescriptionImpl@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0XMLDateTime@xercesc_2_8@@QAE@ABV01@@Z
??0XMLDateTime@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLDateTime@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0XMLDeleter@xercesc_2_8@@IAE@XZ
??0XMLDocumentHandler@xercesc_2_8@@IAE@XZ
??0XMLDouble@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLDouble@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0XMLEBCDICTranscoder@xercesc_2_8@@QAE@QB_WIQAVMemoryManager@1@@Z
??0XMLElementDecl@xercesc_2_8@@IAE@QAVMemoryManager@1@@Z
??0XMLEntityDecl@xercesc_2_8@@QAE@QAVMemoryManager@1@@Z
??0XMLEntityDecl@xercesc_2_8@@QAE@QB_W0QAVMemoryManager@1@@Z
??0XMLEntityDecl@xercesc_2_8@@QAE@QB_WQAVMemoryManager@1@@Z
??0XMLEntityDecl@xercesc_2_8@@QAE@QB_W_WQAVMemoryManager@1@@Z
??0XMLEntityHandler@xercesc_2_8@@IAE@XZ

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 193KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9cbefe68f395e67356e2a5d8d1b285c0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 3.7MB - Virtual size: 3.7MB

.rdata Size: 3.6MB - Virtual size: 3.6MB

.data Size: 906KB - Virtual size: 1.3MB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 68KB - Virtual size: 67KB

.symtab Size: 512B - Virtual size: 4B

13a5d344467ac8ec3956e7e2f5f90707

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

63:6e:2c:da:3e:0d:98:e0:59:3e:7a:b5:98:91:3d:1dCertificate

Extended Key Usages

Key Usages

dc:da:1d:a1:8d:8b:17:9c:2e:fa:a0:5c:ca:ea:b4:d0:8d:ea:db:24Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

advapi32

user32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 3.8MB - Virtual size: 3.8MB

.rdata Size: 3.5MB - Virtual size: 3.5MB

.data Size: 193KB - Virtual size: 512KB

.tls Size: 512B - Virtual size: 2B

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 3.7MB - Virtual size: 3.7MB

.rdata
Size: 3.6MB - Virtual size: 3.6MB

.data
Size: 906KB - Virtual size: 1.3MB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 68KB - Virtual size: 67KB

.symtab
Size: 512B - Virtual size: 4B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

63:6e:2c:da:3e:0d:98:e0:59:3e:7a:b5:98:91:3d:1d
Certificate

dc:da:1d:a1:8d:8b:17:9c:2e:fa:a0:5c:ca:ea:b4:d0:8d:ea:db:24
Signer

.text
Size: 3.8MB - Virtual size: 3.8MB

.rdata
Size: 3.5MB - Virtual size: 3.5MB

.data
Size: 193KB - Virtual size: 512KB

.tls
Size: 512B - Virtual size: 2B

.rsrc
Size: 512B - Virtual size: 436B