Public[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Public.zip
Size

5.1MB
MD5

ed09841a5e7879af356ec8a44b4bae21
SHA1

190e758bedbeb3ced87ce27ed81f6482f36020c0
SHA256

5b708147ed7ef2090899423661d2f7782e0a98b28ead059b7b79f62aec24c872
SHA512

18029ea83a37f690aabf289118acd6de33ba4508cf2970566f5a354e2fd9b47e792ecfc10f2d3b1d88c47286aeb217509c159ca29ce0c309fdc56947e266b68c
SSDEEP

98304:TLZtmXwtXX+gnNVfmNvrByEAKNenNLCjbiOc67D9diQiorSGVAoIM4J10nph7+XP:TrTXhNVmNvrBKKepCjbiOh7CoIxwp9yP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

upx

resource	yara_rule
static1/unpack001/f.exe	upx

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/admin.exe
unpack001/f.exe
unpack002/out.upx
unpack001/libffi-8.dll
unpack001/libglib-2.0-0.dll
unpack001/libgobject-2.0-0.dll
unpack001/libiconv-2.dll
unpack001/libintl-8.dll
unpack001/libpcre2-8-0.dll
unpack001/windows_encryptor_393FB90.exe

Files

Public.zip
.zip
admin.exe
.exe windows:4 windows x64 arch:x64

0996dbd9e1eccaaac931127df77ece8f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQuery

msvcrt

__C_specific_handler
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_cexit
_fmode
_initterm
_onexit
abort
atoi
calloc
clock
exit
fprintf
free
fwrite
malloc
memcpy
memmove
printf
signal
sscanf
strcat
strcpy
strlen
strncmp
vfprintf

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 532B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
f.exe
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 6.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

.text
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 572KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libffi-8.dll
.dll windows:4 windows x64 arch:x64

c5946a05304213e7ce7c351c162e7e79

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetLastError
GetModuleHandleW
GetProcAddress
GetSystemInfo
InitializeCriticalSection
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
Sleep
TerminateProcess
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
_write
memcpy
realloc
strlen
strncmp
vfprintf

Exports

Exports

ffi_call
ffi_call_go
ffi_call_win64
ffi_closure_alloc
ffi_closure_free
ffi_closure_win64
ffi_closure_win64_inner
ffi_data_to_code_pointer
ffi_get_struct_offsets
ffi_go_closure_win64
ffi_java_ptrarray_to_raw
ffi_java_raw_call
ffi_java_raw_size
ffi_java_raw_to_ptrarray
ffi_prep_cif
ffi_prep_cif_core
ffi_prep_cif_machdep
ffi_prep_cif_var
ffi_prep_closure
ffi_prep_closure_loc
ffi_prep_go_closure
ffi_prep_java_raw_closure
ffi_prep_java_raw_closure_loc
ffi_prep_raw_closure
ffi_prep_raw_closure_loc
ffi_ptrarray_to_raw
ffi_raw_call
ffi_raw_size
ffi_raw_to_ptrarray
ffi_tramp_alloc
ffi_tramp_free
ffi_tramp_get_addr
ffi_tramp_is_present
ffi_tramp_is_supported
ffi_tramp_set_parms
ffi_type_complex_double
ffi_type_complex_float
ffi_type_complex_longdouble
ffi_type_double
ffi_type_float
ffi_type_longdouble
ffi_type_pointer
ffi_type_sint16
ffi_type_sint32
ffi_type_sint64
ffi_type_sint8
ffi_type_uint16
ffi_type_uint32
ffi_type_uint64
ffi_type_uint8
ffi_type_void

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libglib-2.0-0.dll
.dll windows:4 windows x64 arch:x64

90de3ed4d717f78d69796d1ae08d87b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

GetUserNameW
RegCloseKey
RegLoadMUIStringW
RegOpenKeyExW
RegQueryValueExW

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_dcgettext
libintl_dgettext
libintl_dngettext
libintl_gettext
libintl_sprintf
libintl_textdomain

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
AllocConsole
AttachConsole
CloseHandle
CreateEventA
CreateEventW
CreateFileMappingA
CreateFileW
CreateProcessW
DebugBreak
DeleteCriticalSection
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExpandEnvironmentStringsW
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineW
GetComputerNameW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetDateFormatW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetProcAddress
GetProcessAffinityMask
GetShortPathNameW
GetStdHandle
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetThreadLocale
GetThreadPriority
GetTimeFormatW
GetTimeZoneInformation
GetVersion
GetWindowsDirectoryW
InitializeConditionVariable
InitializeCriticalSection
InitializeSRWLock
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExW
MultiByteToWideChar
OutputDebugStringA
PeekConsoleInputA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleInputA
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetConsoleMode
SetEnvironmentVariableW
SetEvent
SetThreadPriority
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
TryEnterCriticalSection
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteFile

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_aligned_free
_aligned_malloc
_amsg_exit
_beginthreadex
_chdir
_chsize
_close
_commit
_close
_dup
_dup2
_endthreadex
_errno
_exit
_findclose
_fileno
_fmode
_fdopen
_fstat64
_get_osfhandle
_getdrive
_getpid
_gmtime64
_initterm
_isatty
_kbhit
_localtime64
_lock
_lseeki64
_mktime64
_open_osfhandle
_pipe
_read
_setmode
_snwprintf_s
_strdup
_stricmp
_strnicmp
_ui64toa_s
_unlock
_vscprintf
_vsnprintf
_waccess
_wchdir
_wchmod
_wcsicmp
_wfindfirst64
_wfindnext64
_wfopen
_wfreopen
_wfullpath
_wmkdir
_wopen
_wputenv
_wremove
_write
_wrmdir
_wspawnv
_wspawnve
_wspawnvp
_wspawnvpe
_wunlink
_wutime64
abort
atoi
atol
bsearch
calloc
exit
fclose
feof
ferror
fflush
fputc
fputs
fread
free
freopen
fwrite
getenv
islower
isupper
iswctype
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
realloc
setlocale
strcat
strchr
strcmp
strcoll
strcpy
strcspn
strerror
strftime
strlen
strncmp
strncpy
strncpy_s
strpbrk
strrchr
strspn
strstr
strtol
strtoul
strxfrm
swprintf_s
tolower
toupper
vfprintf
wcscat
wcschr
wcscmp
wcscpy
wcslen
wcsncmp
wcsspn
wcstol
wcstoul
wctomb

ole32

CoTaskMemFree

shell32

CommandLineToArgvW
SHGetKnownFolderPath

user32

IsWindow
MessageBoxW
MsgWaitForMultipleObjectsEx
PeekMessageA
PostMessageA

ws2_32

WSACloseEvent
WSACreateEvent
WSADuplicateSocketA
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSASetEvent
WSASocketA
closesocket
getsockopt
ioctlsocket
recv
send

libpcre2-8-0

pcre2_code_free_8
pcre2_compile_8
pcre2_compile_context_create_8
pcre2_compile_context_free_8
pcre2_config_8
pcre2_dfa_match_8
pcre2_get_error_message_8
pcre2_get_ovector_count_8
pcre2_get_ovector_pointer_8
pcre2_jit_compile_8
pcre2_jit_match_8
pcre2_match_8
pcre2_match_context_create_8
pcre2_match_context_free_8
pcre2_match_data_create_8
pcre2_match_data_create_from_pattern_8
pcre2_match_data_free_8
pcre2_pattern_info_8
pcre2_set_bsr_8
pcre2_set_newline_8
pcre2_substring_nametable_scan_8
pcre2_substring_number_from_name_8

Exports

Exports

__glib_assert_msg
_glib_get_locale_dir
g_abort
g_access
g_aligned_alloc
g_aligned_alloc0
g_aligned_free
g_aligned_free_sized
g_allocator_free
g_allocator_new
g_array_append_vals
g_array_binary_search
g_array_copy
g_array_free
g_array_get_element_size
g_array_insert_vals
g_array_new
g_array_new_take
g_array_new_take_zero_terminated
g_array_prepend_vals
g_array_ref
g_array_remove_index
g_array_remove_index_fast
g_array_remove_range
g_array_set_clear_func
g_array_set_size
g_array_sized_new
g_array_sort
g_array_sort_with_data
g_array_steal
g_array_unref
g_ascii_digit_value
g_ascii_dtostr
g_ascii_formatd
g_ascii_strcasecmp
g_ascii_strdown
g_ascii_string_to_signed
g_ascii_string_to_unsigned
g_ascii_strncasecmp
g_ascii_strtod
g_ascii_strtoll
g_ascii_strtoull
g_ascii_strup
g_ascii_table
g_ascii_tolower
g_ascii_toupper
g_ascii_xdigit_value
g_assert_warning
g_assertion_message
g_assertion_message_cmpnum
g_assertion_message_cmpstr
g_assertion_message_cmpstrv
g_assertion_message_error
g_assertion_message_expr
g_async_queue_length
g_async_queue_length_unlocked
g_async_queue_lock
g_async_queue_new
g_async_queue_new_full
g_async_queue_pop
g_async_queue_pop_unlocked
g_async_queue_push
g_async_queue_push_front
g_async_queue_push_front_unlocked
g_async_queue_push_sorted
g_async_queue_push_sorted_unlocked
g_async_queue_push_unlocked
g_async_queue_ref
g_async_queue_ref_unlocked
g_async_queue_remove
g_async_queue_remove_unlocked
g_async_queue_sort
g_async_queue_sort_unlocked
g_async_queue_timed_pop
g_async_queue_timed_pop_unlocked
g_async_queue_timeout_pop
g_async_queue_timeout_pop_unlocked
g_async_queue_try_pop
g_async_queue_try_pop_unlocked
g_async_queue_unlock
g_async_queue_unref
g_async_queue_unref_and_unlock
g_atexit
g_atomic_int_add
g_atomic_int_and
g_atomic_int_compare_and_exchange
g_atomic_int_compare_and_exchange_full
g_atomic_int_dec_and_test
g_atomic_int_exchange
g_atomic_int_exchange_and_add
g_atomic_int_get
g_atomic_int_inc
g_atomic_int_or
g_atomic_int_set
g_atomic_int_xor
g_atomic_pointer_add
g_atomic_pointer_and
g_atomic_pointer_compare_and_exchange
g_atomic_pointer_compare_and_exchange_full
g_atomic_pointer_exchange
g_atomic_pointer_get
g_atomic_pointer_or
g_atomic_pointer_set
g_atomic_pointer_xor
g_atomic_rc_box_acquire
g_atomic_rc_box_alloc
g_atomic_rc_box_alloc0
g_atomic_rc_box_dup
g_atomic_rc_box_get_size
g_atomic_rc_box_release
g_atomic_rc_box_release_full
g_atomic_ref_count_compare
g_atomic_ref_count_dec
g_atomic_ref_count_inc
g_atomic_ref_count_init
g_base64_decode
g_base64_decode_inplace
g_base64_decode_step
g_base64_encode
g_base64_encode_close
g_base64_encode_step
g_basename
g_bit_lock
g_bit_nth_lsf
g_bit_nth_msf
g_bit_storage
g_bit_trylock
g_bit_unlock
g_blow_chunks
g_bookmark_file_add_application
g_bookmark_file_add_group
g_bookmark_file_copy
g_bookmark_file_error_quark
g_bookmark_file_free
g_bookmark_file_get_added
g_bookmark_file_get_added_date_time
g_bookmark_file_get_app_info
g_bookmark_file_get_application_info
g_bookmark_file_get_applications
g_bookmark_file_get_description
g_bookmark_file_get_groups
g_bookmark_file_get_icon
g_bookmark_file_get_is_private
g_bookmark_file_get_mime_type
g_bookmark_file_get_modified
g_bookmark_file_get_modified_date_time
g_bookmark_file_get_size
g_bookmark_file_get_title
g_bookmark_file_get_uris
g_bookmark_file_get_visited
g_bookmark_file_get_visited_date_time
g_bookmark_file_has_application
g_bookmark_file_has_group
g_bookmark_file_has_item
g_bookmark_file_load_from_data
g_bookmark_file_load_from_data_dirs
g_bookmark_file_load_from_file
g_bookmark_file_move_item
g_bookmark_file_new
g_bookmark_file_remove_application
g_bookmark_file_remove_group
g_bookmark_file_remove_item
g_bookmark_file_set_added
g_bookmark_file_set_added_date_time
g_bookmark_file_set_app_info
g_bookmark_file_set_application_info
g_bookmark_file_set_description
g_bookmark_file_set_groups
g_bookmark_file_set_icon
g_bookmark_file_set_is_private
g_bookmark_file_set_mime_type
g_bookmark_file_set_modified
g_bookmark_file_set_modified_date_time
g_bookmark_file_set_title
g_bookmark_file_set_visited
g_bookmark_file_set_visited_date_time
g_bookmark_file_to_data
g_bookmark_file_to_file
g_build_filename
g_build_filename_valist
g_build_filenamev
g_build_path
g_build_pathv
g_byte_array_append
g_byte_array_free
g_byte_array_free_to_bytes
g_byte_array_new
g_byte_array_new_take
g_byte_array_prepend
g_byte_array_ref
g_byte_array_remove_index
g_byte_array_remove_index_fast
g_byte_array_remove_range
g_byte_array_set_size
g_byte_array_sized_new
g_byte_array_sort
g_byte_array_sort_with_data
g_byte_array_steal
g_byte_array_unref
g_bytes_compare
g_bytes_equal
g_bytes_get_data
g_bytes_get_region
g_bytes_get_size
g_bytes_hash
g_bytes_new
g_bytes_new_from_bytes
g_bytes_new_static
g_bytes_new_take
g_bytes_new_with_free_func
g_bytes_ref
g_bytes_unref
g_bytes_unref_to_array
g_bytes_unref_to_data
g_cache_destroy
g_cache_insert
g_cache_key_foreach
g_cache_new
g_cache_remove
g_cache_value_foreach
g_canonicalize_filename
g_chdir
g_checksum_copy
g_checksum_free
g_checksum_get_digest
g_checksum_get_string
g_checksum_new
g_checksum_reset
g_checksum_type_get_length
g_checksum_update
g_child_watch_add
g_child_watch_add_full
g_child_watch_funcs
g_child_watch_source_new
g_chmod
g_clear_error
g_clear_handle_id
g_clear_list
g_clear_pointer
g_clear_slist
g_close
g_completion_add_items
g_completion_clear_items
g_completion_complete
g_completion_complete_utf8
g_completion_free
g_completion_new
g_completion_remove_items
g_completion_set_compare
g_compute_checksum_for_bytes
g_compute_checksum_for_data
g_compute_checksum_for_string
g_compute_hmac_for_bytes
g_compute_hmac_for_data
g_compute_hmac_for_string
g_cond_broadcast
g_cond_clear
g_cond_free
g_cond_init
g_cond_new
g_cond_signal
g_cond_timed_wait
g_cond_wait
g_cond_wait_until
g_convert
g_convert_error_quark
g_convert_with_fallback
g_convert_with_iconv
g_creat
g_datalist_clear
g_datalist_foreach
g_datalist_get_data
g_datalist_get_flags
g_datalist_id_dup_data
g_datalist_id_get_data
g_datalist_id_remove_multiple
g_datalist_id_remove_no_notify
g_datalist_id_replace_data
g_datalist_id_set_data_full
g_datalist_init
g_datalist_set_flags
g_datalist_unset_flags
g_dataset_destroy
g_dataset_foreach
g_dataset_id_get_data
g_dataset_id_remove_no_notify
g_dataset_id_set_data_full
g_date_add_days
g_date_add_months
g_date_add_years
g_date_clamp
g_date_clear
g_date_compare
g_date_copy
g_date_days_between
g_date_free
g_date_get_day
g_date_get_day_of_year
g_date_get_days_in_month
g_date_get_iso8601_week_of_year
g_date_get_julian
g_date_get_monday_week_of_year
g_date_get_monday_weeks_in_year
g_date_get_month
g_date_get_sunday_week_of_year
g_date_get_sunday_weeks_in_year
g_date_get_weekday
g_date_get_year
g_date_is_first_of_month
g_date_is_last_of_month
g_date_is_leap_year
g_date_new
g_date_new_dmy
g_date_new_julian
g_date_order
g_date_set_day
g_date_set_dmy
g_date_set_julian
g_date_set_month
g_date_set_parse
g_date_set_time
g_date_set_time_t
g_date_set_time_val
g_date_set_year
g_date_strftime
g_date_subtract_days
g_date_subtract_months
g_date_subtract_years
g_date_time_add
g_date_time_add_days
g_date_time_add_full
g_date_time_add_hours
g_date_time_add_minutes
g_date_time_add_months
g_date_time_add_seconds
g_date_time_add_weeks
g_date_time_add_years
g_date_time_compare
g_date_time_difference
g_date_time_equal
g_date_time_format
g_date_time_format_iso8601
g_date_time_get_day_of_month
g_date_time_get_day_of_week
g_date_time_get_day_of_year
g_date_time_get_hour
g_date_time_get_microsecond
g_date_time_get_minute
g_date_time_get_month
g_date_time_get_second
g_date_time_get_seconds
g_date_time_get_timezone
g_date_time_get_timezone_abbreviation
g_date_time_get_utc_offset
g_date_time_get_week_numbering_year
g_date_time_get_week_of_year
g_date_time_get_year
g_date_time_get_ymd
g_date_time_hash
g_date_time_is_daylight_savings
g_date_time_new
g_date_time_new_from_iso8601
g_date_time_new_from_timeval_local
g_date_time_new_from_timeval_utc
g_date_time_new_from_unix_local
g_date_time_new_from_unix_utc
g_date_time_new_local
g_date_time_new_now
g_date_time_new_now_local
g_date_time_new_now_utc
g_date_time_new_utc
g_date_time_ref
g_date_time_to_local
g_date_time_to_timeval
g_date_time_to_timezone
g_date_time_to_unix
g_date_time_to_utc
g_date_time_unref
g_date_to_struct_tm
g_date_valid
g_date_valid_day
g_date_valid_dmy
g_date_valid_julian
g_date_valid_month
g_date_valid_weekday
g_date_valid_year
g_dcgettext
g_dgettext
g_dir_close
g_dir_make_tmp
g_dir_open
g_dir_open_utf8
g_dir_read_name
g_dir_read_name_utf8
g_dir_rewind
g_direct_equal
g_direct_hash
g_dngettext
g_double_equal
g_double_hash
g_dpgettext
g_dpgettext2
g_environ_getenv
g_environ_setenv
g_environ_unsetenv
g_error_copy
g_error_domain_register
g_error_domain_register_static
g_error_free
g_error_matches
g_error_new
g_error_new_literal
g_error_new_valist
g_file_error_from_errno
g_file_error_quark
g_file_get_contents
g_file_get_contents_utf8
g_file_open_tmp
g_file_open_tmp_utf8
g_file_read_link
g_file_set_contents
g_file_set_contents_full
g_file_test
g_file_test_utf8
g_filename_display_basename
g_filename_display_name
g_filename_from_uri
g_filename_from_uri_utf8
g_filename_from_utf8
g_filename_from_utf8_utf8
g_filename_to_uri
g_filename_to_uri_utf8
g_filename_to_utf8
g_filename_to_utf8_utf8
g_find_program_in_path
g_fopen
g_format_size
g_format_size_for_display
g_format_size_full
g_fprintf
g_free
g_free_sized
g_freopen
g_fsync
g_get_application_name
g_get_charset
g_get_codeset
g_get_console_charset
g_get_current_dir
g_get_current_dir_utf8
g_get_current_time
g_get_environ
g_get_filename_charsets
g_get_home_dir
g_get_host_name
g_get_language_names
g_get_language_names_with_category
g_get_locale_variants
g_get_monotonic_time
g_get_num_processors
g_get_os_info
g_get_prgname
g_get_real_name
g_get_real_time
g_get_system_config_dirs
g_get_system_data_dirs
g_get_tmp_dir
g_get_user_cache_dir
g_get_user_config_dir
g_get_user_data_dir
g_get_user_name
g_get_user_runtime_dir
g_get_user_special_dir
g_get_user_state_dir
g_getenv
g_getenv_utf8
g_hash_table_add
g_hash_table_contains
g_hash_table_destroy
g_hash_table_find
g_hash_table_foreach
g_hash_table_foreach_remove
g_hash_table_foreach_steal
g_hash_table_get_keys
g_hash_table_get_keys_as_array
g_hash_table_get_keys_as_ptr_array
g_hash_table_get_values
g_hash_table_get_values_as_ptr_array
g_hash_table_insert
g_hash_table_iter_get_hash_table
g_hash_table_iter_init
g_hash_table_iter_next
g_hash_table_iter_remove
g_hash_table_iter_replace
g_hash_table_iter_steal
g_hash_table_lookup
g_hash_table_lookup_extended
g_hash_table_new
g_hash_table_new_full
g_hash_table_new_similar

Sections

.text
Size: 738KB - Virtual size: 738KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 513KB - Virtual size: 512KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libgobject-2.0-0.dll
.dll windows:4 windows x64 arch:x64

172499ebd87d9d371f0f055fd5efba4e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libffi-8

ffi_call
ffi_prep_cif
ffi_type_double
ffi_type_float
ffi_type_pointer
ffi_type_sint32
ffi_type_sint64
ffi_type_uint32
ffi_type_uint64
ffi_type_void

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
_write
abort
calloc
free
fwrite
memcmp
memcpy
memmove
memset
qsort
realloc
strcat
strchr
strcmp
strlen
strncmp
strncpy
vfprintf

libglib-2.0-0

g_array_append_vals
g_array_free
g_array_new
g_array_ref
g_array_unref
g_assertion_message_expr
g_atomic_rc_box_acquire
g_atomic_rc_box_alloc0
g_atomic_rc_box_release_full
g_bookmark_file_copy
g_bookmark_file_free
g_byte_array_ref
g_byte_array_unref
g_bytes_ref
g_bytes_unref
g_checksum_copy
g_checksum_free
g_child_watch_funcs
g_datalist_clear
g_datalist_get_data
g_datalist_get_flags
g_datalist_id_dup_data
g_datalist_id_get_data
g_datalist_id_remove_no_notify
g_datalist_id_replace_data
g_datalist_id_set_data_full
g_datalist_set_flags
g_datalist_unset_flags
g_date_copy
g_date_free
g_date_time_ref
g_date_time_unref
g_direct_hash
g_error_copy
g_error_free
g_free
g_free_sized
g_getenv
g_hash_table_add
g_hash_table_contains
g_hash_table_foreach
g_hash_table_insert
g_hash_table_lookup
g_hash_table_new
g_hash_table_ref
g_hash_table_remove
g_hash_table_unref
g_hook_alloc
g_hook_destroy
g_hook_destroy_link
g_hook_first_valid
g_hook_insert_before
g_hook_list_clear
g_hook_list_init
g_hook_next_valid
g_idle_funcs
g_intern_static_string
g_intern_string
g_io_channel_ref
g_io_channel_unref
g_io_watch_funcs
g_key_file_ref
g_key_file_unref
g_list_free
g_list_prepend
g_log
g_main_context_ref
g_main_context_unref
g_main_loop_ref
g_main_loop_unref
g_malloc
g_malloc0
g_malloc0_n
g_malloc_n
g_mapped_file_ref
g_mapped_file_unref
g_markup_parse_context_ref
g_markup_parse_context_unref
g_match_info_ref
g_match_info_unref
g_memdup2
g_mutex_clear
g_mutex_init
g_mutex_lock
g_mutex_unlock
g_nullify_pointer
g_once_init_enter
g_once_init_leave
g_option_group_ref
g_option_group_unref
g_parse_debug_string
g_pattern_spec_copy
g_pattern_spec_free
g_ptr_array_add
g_ptr_array_new_with_free_func
g_ptr_array_ref
g_ptr_array_remove_index
g_ptr_array_steal
g_ptr_array_steal_index_fast
g_ptr_array_unref
g_qsort_with_data
g_quark_from_static_string
g_quark_from_string
g_quark_to_string
g_quark_try_string
g_realloc
g_realloc_n
g_rec_mutex_clear
g_rec_mutex_init
g_rec_mutex_lock
g_rec_mutex_unlock
g_regex_ref
g_regex_unref
g_return_if_fail_warning
g_rw_lock_reader_lock
g_rw_lock_reader_unlock
g_rw_lock_writer_lock
g_rw_lock_writer_unlock
g_slice_alloc
g_slice_free1
g_slist_append
g_slist_copy
g_slist_delete_link
g_slist_find
g_slist_free
g_slist_length
g_slist_prepend
g_slist_remove
g_slist_sort
g_source_destroy
g_source_ref
g_source_set_callback_indirect
g_source_unref
g_str_equal
g_str_hash
g_strcmp0
g_strconcat
g_strdup
g_strdup_printf
g_strdupv
g_strescape
g_strfreev
g_string_append_len
g_string_append_printf
g_string_free
g_string_free_and_steal
g_string_insert_len
g_string_new
g_string_new_len
g_thread_ref
g_thread_unref
g_time_zone_ref
g_time_zone_unref
g_timeout_funcs
g_tree_ref
g_tree_unref
g_unichar_validate
g_uri_ref
g_uri_unref
g_variant_builder_ref
g_variant_builder_unref
g_variant_classify
g_variant_compare
g_variant_dict_ref
g_variant_dict_unref
g_variant_equal
g_variant_get_type
g_variant_is_of_type
g_variant_ref_sink
g_variant_take_ref
g_variant_type_copy
g_variant_type_equal
g_variant_type_free
g_variant_unref
glib__private__
glib_gettext

Exports

Exports

g_array_get_type
g_binding_dup_source
g_binding_dup_target
g_binding_flags_get_type
g_binding_get_flags
g_binding_get_source
g_binding_get_source_property
g_binding_get_target
g_binding_get_target_property
g_binding_get_type
g_binding_group_bind
g_binding_group_bind_full
g_binding_group_bind_with_closures
g_binding_group_dup_source
g_binding_group_get_type
g_binding_group_new
g_binding_group_set_source
g_binding_unbind
g_bookmark_file_get_type
g_boxed_copy
g_boxed_free
g_boxed_type_register_static
g_byte_array_get_type
g_bytes_get_type
g_cclosure_marshal_BOOLEAN__BOXED_BOXED
g_cclosure_marshal_BOOLEAN__BOXED_BOXEDv
g_cclosure_marshal_BOOLEAN__FLAGS
g_cclosure_marshal_BOOLEAN__FLAGSv
g_cclosure_marshal_STRING__OBJECT_POINTER
g_cclosure_marshal_STRING__OBJECT_POINTERv
g_cclosure_marshal_VOID__BOOLEAN
g_cclosure_marshal_VOID__BOOLEANv
g_cclosure_marshal_VOID__BOXED
g_cclosure_marshal_VOID__BOXEDv
g_cclosure_marshal_VOID__CHAR
g_cclosure_marshal_VOID__CHARv
g_cclosure_marshal_VOID__DOUBLE
g_cclosure_marshal_VOID__DOUBLEv
g_cclosure_marshal_VOID__ENUM
g_cclosure_marshal_VOID__ENUMv
g_cclosure_marshal_VOID__FLAGS
g_cclosure_marshal_VOID__FLAGSv
g_cclosure_marshal_VOID__FLOAT
g_cclosure_marshal_VOID__FLOATv
g_cclosure_marshal_VOID__INT
g_cclosure_marshal_VOID__INTv
g_cclosure_marshal_VOID__LONG
g_cclosure_marshal_VOID__LONGv
g_cclosure_marshal_VOID__OBJECT
g_cclosure_marshal_VOID__OBJECTv
g_cclosure_marshal_VOID__PARAM
g_cclosure_marshal_VOID__PARAMv
g_cclosure_marshal_VOID__POINTER
g_cclosure_marshal_VOID__POINTERv
g_cclosure_marshal_VOID__STRING
g_cclosure_marshal_VOID__STRINGv
g_cclosure_marshal_VOID__UCHAR
g_cclosure_marshal_VOID__UCHARv
g_cclosure_marshal_VOID__UINT
g_cclosure_marshal_VOID__UINT_POINTER
g_cclosure_marshal_VOID__UINT_POINTERv
g_cclosure_marshal_VOID__UINTv
g_cclosure_marshal_VOID__ULONG
g_cclosure_marshal_VOID__ULONGv
g_cclosure_marshal_VOID__VARIANT
g_cclosure_marshal_VOID__VARIANTv
g_cclosure_marshal_VOID__VOID
g_cclosure_marshal_VOID__VOIDv
g_cclosure_marshal_generic
g_cclosure_marshal_generic_va
g_cclosure_new
g_cclosure_new_object
g_cclosure_new_object_swap
g_cclosure_new_swap
g_checksum_get_type
g_clear_object
g_clear_signal_handler
g_closure_add_finalize_notifier
g_closure_add_invalidate_notifier
g_closure_add_marshal_guards
g_closure_get_type
g_closure_invalidate
g_closure_invoke
g_closure_new_object
g_closure_new_simple
g_closure_ref
g_closure_remove_finalize_notifier
g_closure_remove_invalidate_notifier
g_closure_set_marshal
g_closure_set_meta_marshal
g_closure_sink
g_closure_unref
g_date_get_type
g_date_time_get_type
g_enum_complete_type_info
g_enum_get_value
g_enum_get_value_by_name
g_enum_get_value_by_nick
g_enum_register_static
g_enum_to_string
g_error_get_type
g_flags_complete_type_info
g_flags_get_first_value
g_flags_get_value_by_name
g_flags_get_value_by_nick
g_flags_register_static
g_flags_to_string
g_gstring_get_type
g_gtype_get_type
g_hash_table_get_type
g_initially_unowned_get_type
g_io_channel_get_type
g_io_condition_get_type
g_key_file_get_type
g_main_context_get_type
g_main_loop_get_type
g_mapped_file_get_type
g_markup_parse_context_get_type
g_match_info_get_type
g_normalize_mode_get_type
g_object_add_toggle_ref
g_object_add_weak_pointer
g_object_bind_property
g_object_bind_property_full
g_object_bind_property_with_closures
g_object_class_find_property
g_object_class_install_properties
g_object_class_install_property
g_object_class_list_properties
g_object_class_override_property
g_object_compat_control
g_object_connect
g_object_disconnect
g_object_dup_data
g_object_dup_qdata
g_object_force_floating
g_object_freeze_notify
g_object_get
g_object_get_data
g_object_get_property
g_object_get_qdata
g_object_get_type
g_object_get_valist
g_object_getv
g_object_interface_find_property
g_object_interface_install_property
g_object_interface_list_properties
g_object_is_floating
g_object_new
g_object_new_valist
g_object_new_with_properties
g_object_newv
g_object_notify
g_object_notify_by_pspec
g_object_ref
g_object_ref_sink
g_object_remove_toggle_ref
g_object_remove_weak_pointer
g_object_replace_data
g_object_replace_qdata
g_object_run_dispose
g_object_set
g_object_set_data
g_object_set_data_full
g_object_set_property
g_object_set_qdata
g_object_set_qdata_full
g_object_set_valist
g_object_setv
g_object_steal_data
g_object_steal_qdata
g_object_take_ref
g_object_thaw_notify
g_object_unref
g_object_watch_closure
g_object_weak_ref
g_object_weak_unref
g_option_group_get_type
g_param_spec_boolean
g_param_spec_boxed
g_param_spec_char
g_param_spec_double
g_param_spec_enum
g_param_spec_flags
g_param_spec_float
g_param_spec_get_blurb
g_param_spec_get_default_value
g_param_spec_get_name
g_param_spec_get_name_quark
g_param_spec_get_nick
g_param_spec_get_qdata
g_param_spec_get_redirect_target
g_param_spec_gtype
g_param_spec_int
g_param_spec_int64
g_param_spec_internal
g_param_spec_is_valid_name
g_param_spec_long
g_param_spec_object
g_param_spec_override
g_param_spec_param
g_param_spec_pointer
g_param_spec_pool_insert
g_param_spec_pool_list
g_param_spec_pool_list_owned
g_param_spec_pool_lookup
g_param_spec_pool_new
g_param_spec_pool_remove
g_param_spec_ref
g_param_spec_ref_sink
g_param_spec_set_qdata
g_param_spec_set_qdata_full
g_param_spec_sink
g_param_spec_steal_qdata
g_param_spec_string
g_param_spec_types
g_param_spec_uchar
g_param_spec_uint
g_param_spec_uint64
g_param_spec_ulong
g_param_spec_unichar
g_param_spec_unref
g_param_spec_value_array
g_param_spec_variant
g_param_type_register_static
g_param_value_convert
g_param_value_defaults
g_param_value_is_valid
g_param_value_set_default
g_param_value_validate
g_param_values_cmp
g_pattern_spec_get_type
g_pointer_type_register_static
g_pollfd_get_type
g_ptr_array_get_type
g_regex_get_type
g_signal_accumulator_first_wins
g_signal_accumulator_true_handled
g_signal_add_emission_hook
g_signal_chain_from_overridden
g_signal_chain_from_overridden_handler
g_signal_connect_closure
g_signal_connect_closure_by_id
g_signal_connect_data
g_signal_connect_object
g_signal_emit
g_signal_emit_by_name
g_signal_emit_valist
g_signal_emitv
g_signal_get_invocation_hint
g_signal_group_block
g_signal_group_connect
g_signal_group_connect_after
g_signal_group_connect_closure
g_signal_group_connect_data
g_signal_group_connect_object
g_signal_group_connect_swapped
g_signal_group_dup_target
g_signal_group_get_type
g_signal_group_new
g_signal_group_set_target
g_signal_group_unblock
g_signal_handler_block
g_signal_handler_disconnect
g_signal_handler_find
g_signal_handler_is_connected
g_signal_handler_unblock
g_signal_handlers_block_matched
g_signal_handlers_destroy
g_signal_handlers_disconnect_matched
g_signal_handlers_unblock_matched
g_signal_has_handler_pending
g_signal_is_valid_name
g_signal_list_ids
g_signal_lookup
g_signal_name
g_signal_new
g_signal_new_class_handler
g_signal_new_valist
g_signal_newv
g_signal_override_class_closure
g_signal_override_class_handler
g_signal_parse_name
g_signal_query
g_signal_remove_emission_hook
g_signal_set_va_marshaller
g_signal_stop_emission
g_signal_stop_emission_by_name
g_signal_type_cclosure_new
g_source_get_type
g_source_set_closure
g_source_set_dummy_callback
g_strdup_value_contents
g_strv_get_type
g_thread_get_type
g_time_zone_get_type
g_tree_get_type
g_type_add_class_cache_func
g_type_add_class_private
g_type_add_instance_private
g_type_add_interface_check
g_type_add_interface_dynamic
g_type_add_interface_static
g_type_check_class_cast
g_type_check_class_is_a
g_type_check_instance
g_type_check_instance_cast
g_type_check_instance_is_a
g_type_check_instance_is_fundamentally_a
g_type_check_is_value_type
g_type_check_value
g_type_check_value_holds
g_type_children
g_type_class_add_private
g_type_class_adjust_private_offset
g_type_class_get_instance_private_offset
g_type_class_get_private
g_type_class_peek
g_type_class_peek_parent
g_type_class_peek_static
g_type_class_ref
g_type_class_unref
g_type_class_unref_uncached
g_type_create_instance
g_type_default_interface_peek
g_type_default_interface_ref
g_type_default_interface_unref
g_type_depth
g_type_ensure
g_type_free_instance
g_type_from_name
g_type_fundamental
g_type_fundamental_next
g_type_get_instance_count
g_type_get_plugin
g_type_get_qdata
g_type_get_type_registration_serial
g_type_init
g_type_init_with_debug_flags
g_type_instance_get_private
g_type_interface_add_prerequisite
g_type_interface_get_plugin
g_type_interface_instantiatable_prerequisite
g_type_interface_peek
g_type_interface_peek_parent
g_type_interface_prerequisites
g_type_interfaces
g_type_is_a
g_type_module_add_interface
g_type_module_get_type
g_type_module_register_enum
g_type_module_register_flags
g_type_module_register_type
g_type_module_set_name
g_type_module_unuse
g_type_module_use
g_type_name
g_type_name_from_class
g_type_name_from_instance
g_type_next_base
g_type_parent
g_type_plugin_complete_interface_info
g_type_plugin_complete_type_info
g_type_plugin_get_type
g_type_plugin_unuse
g_type_plugin_use
g_type_qname
g_type_query
g_type_register_dynamic
g_type_register_fundamental
g_type_register_static
g_type_register_static_simple
g_type_remove_class_cache_func
g_type_remove_interface_check
g_type_set_qdata
g_type_test_flags
g_type_value_table_peek
g_unicode_break_type_get_type
g_unicode_script_get_type
g_unicode_type_get_type
g_uri_get_type
g_value_array_append
g_value_array_copy
g_value_array_free
g_value_array_get_nth
g_value_array_get_type
g_value_array_insert
g_value_array_new
g_value_array_prepend
g_value_array_remove
g_value_array_sort
g_value_array_sort_with_data
g_value_copy
g_value_dup_boxed
g_value_dup_object
g_value_dup_param
g_value_dup_string
g_value_dup_variant
g_value_fits_pointer
g_value_get_boolean
g_value_get_boxed
g_value_get_char
g_value_get_double
g_value_get_enum
g_value_get_flags
g_value_get_float
g_value_get_gtype
g_value_get_int
g_value_get_int64
g_value_get_long
g_value_get_object
g_value_get_param
g_value_get_pointer
g_value_get_schar
g_value_get_string
g_value_get_type
g_value_get_uchar
g_value_get_uint
g_value_get_uint64
g_value_get_ulong
g_value_get_variant
g_value_init
g_value_init_from_instance
g_value_peek_pointer
g_value_register_transform_func
g_value_reset
g_value_set_boolean
g_value_set_boxed
g_value_set_boxed_take_ownership
g_value_set_char
g_value_set_double
g_value_set_enum
g_value_set_flags
g_value_set_float
g_value_set_gtype
g_value_set_instance
g_value_set_int
g_value_set_int64
g_value_set_interned_string
g_value_set_long
g_value_set_object
g_value_set_object_take_ownership
g_value_set_param
g_value_set_param_take_ownership
g_value_set_pointer
g_value_set_schar
g_value_set_static_boxed
g_value_set_static_string
g_value_set_string
g_value_set_string_take_ownership
g_value_set_uchar
g_value_set_uint
g_value_set_uint64
g_value_set_ulong
g_value_set_variant
g_value_take_boxed
g_value_take_object
g_value_take_param
g_value_take_string
g_value_take_variant
g_value_transform
g_value_type_compatible
g_value_type_transformable
g_value_unset
g_variant_builder_get_type
g_variant_dict_get_type
g_variant_get_gtype
g_variant_type_get_gtype
g_weak_ref_clear
g_weak_ref_get
g_weak_ref_init
g_weak_ref_set

Sections

.text
Size: 211KB - Virtual size: 211KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libiconv-2.dll
.dll windows:4 windows x64 arch:x64

d1b707499a1dc5e6414f511e64677d6b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetACP
GetCurrentProcess
GetLastError
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_strdup
_unlock
_write
abort
calloc
fputc
free
fwrite
localeconv
malloc
memcpy
memset
qsort
realloc
setlocale
strchr
strcmp
strerror
strlen
strncmp
strrchr
vfprintf
wcslen

Exports

Exports

_imp___libiconv_version
_libiconv_version
iconv_canonicalize
libiconv
libiconv_close
libiconv_open
libiconv_open_into
libiconv_relocate
libiconv_relocate2
libiconv_set_relocation_prefix
libiconvctl
libiconvlist
locale_charset

Sections

.text
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 938KB - Virtual size: 938KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 411B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libintl-8.dll
.dll windows:4 windows x64 arch:x64

b27b9ddbf928ae1646f6329a1abf21fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

libiconv-2

libiconv
libiconv_open
libiconv_set_relocation_prefix

kernel32

CloseHandle
CreateEventA
DeleteCriticalSection
EnterCriticalSection
EnumResourceLanguagesA
EnumSystemLocalesA
GetACP
GetCurrentProcess
GetCurrentThreadId
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetThreadLocale
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
SetEvent
Sleep
TerminateProcess
TlsGetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_fstat64
_initterm
_lock
_open
_read
_strdup
_stricmp
_unlock
_wcsdup
_wgetcwd
_wopen
_write
abort
bsearch
calloc
fclose
feof
fgets
fopen
fputc
fputwc
free
fwprintf
fwrite
getenv
isalnum
isalpha
isspace
localeconv
malloc
mbstowcs
memcpy
memset
putc
qsort
realloc
setlocale
strchr
strcmp
strcpy
strcspn
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtoul
tolower
vfprintf
wcschr
wcscmp
wcscpy
wcslen

Exports

Exports

DllMain
__imp_gl_get_setlocale_null_lock
__imp_libintl_version
__printf__
_nl_expand_alias
_nl_explode_name
_nl_find_domain
_nl_find_msg
_nl_language_preferences_default
_nl_load_domain
_nl_locale_name
_nl_locale_name_canonicalize
_nl_locale_name_default
_nl_locale_name_environ
_nl_locale_name_from_win32_LANGID
_nl_locale_name_from_win32_LCID
_nl_locale_name_posix
_nl_locale_name_thread
_nl_locale_name_thread_unsafe
_nl_log_untranslated
_nl_make_l10nflist
_nl_msg_cat_cntr
_nl_normalize_codeset
_nl_state_lock
bind_textdomain_codeset
bindtextdomain
dcgettext
dcngettext
dgettext
dngettext
gettext
gl_get_setlocale_null_lock
glwthread_mutex_destroy
glwthread_mutex_init
glwthread_mutex_lock
glwthread_mutex_trylock
glwthread_mutex_unlock
glwthread_once
glwthread_recmutex_destroy
glwthread_recmutex_init
glwthread_recmutex_lock
glwthread_recmutex_trylock
glwthread_recmutex_unlock
glwthread_rwlock_destroy
glwthread_rwlock_init
glwthread_rwlock_rdlock
glwthread_rwlock_tryrdlock
glwthread_rwlock_trywrlock
glwthread_rwlock_unlock
glwthread_rwlock_wrlock
libintl_asprintf
libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_dcgettext
libintl_dcigettext
libintl_dcngettext
libintl_dgettext
libintl_dngettext
libintl_fprintf
libintl_fwprintf
libintl_gettext
libintl_gettext_extract_plural
libintl_gettext_free_exp
libintl_gettext_germanic_plural
libintl_gettextparse
libintl_hash_string
libintl_ngettext
libintl_nl_current_default_domain
libintl_nl_default_default_domain
libintl_nl_default_dirname
libintl_nl_domain_bindings
libintl_relocate
libintl_relocate2
libintl_set_relocation_prefix
libintl_setlocale
libintl_snprintf
libintl_sprintf
libintl_swprintf
libintl_textdomain
libintl_vasnprintf
libintl_vasnwprintf
libintl_vasprintf
libintl_version
libintl_vfprintf
libintl_vfwprintf
libintl_vprintf
libintl_vsnprintf
libintl_vsprintf
libintl_vswprintf
libintl_vwprintf
libintl_wbindtextdomain
libintl_wprintf
locale_charset
ngettext
setlocale_null
setlocale_null_r
textdomain
xmax
xsum
xsum3
xsum4

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 5KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libpcre2-8-0.dll
.dll windows:4 windows x64 arch:x64

8c4395d3774c2304177e3aee4d17ee5a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
isalnum
isalpha
iscntrl
isgraph
islower
isprint
ispunct
isspace
isupper
_write
isxdigit
malloc
memchr
memcmp
memcpy
memmove
memset
realloc
strchr
strlen
strncmp
toupper
tolower
vfprintf

Exports

Exports

_pcre2_OP_lengths_8
_pcre2_auto_possessify_8
_pcre2_callout_end_delims_8
_pcre2_callout_start_delims_8
_pcre2_check_escape_8
_pcre2_default_compile_context_8
_pcre2_default_convert_context_8
_pcre2_default_match_context_8
_pcre2_default_tables_8
_pcre2_extuni_8
_pcre2_find_bracket_8
_pcre2_hspace_list_8
_pcre2_is_newline_8
_pcre2_jit_free_8
_pcre2_jit_free_rodata_8
_pcre2_jit_get_size_8
_pcre2_jit_get_target_8
_pcre2_memctl_malloc_8
_pcre2_ord2utf_8
_pcre2_script_run_8
_pcre2_strcmp_8
_pcre2_strcmp_c8_8
_pcre2_strcpy_c8_8
_pcre2_strlen_8
_pcre2_strncmp_8
_pcre2_strncmp_c8_8
_pcre2_study_8
_pcre2_ucd_boolprop_sets_8
_pcre2_ucd_caseless_sets_8
_pcre2_ucd_digit_sets_8
_pcre2_ucd_records_8
_pcre2_ucd_script_sets_8
_pcre2_ucd_stage1_8
_pcre2_ucd_stage2_8
_pcre2_ucp_gbtable_8
_pcre2_ucp_gentype_8
_pcre2_unicode_version_8
_pcre2_utf8_table1
_pcre2_utf8_table1_size
_pcre2_utf8_table2
_pcre2_utf8_table3
_pcre2_utf8_table4
_pcre2_utt_8
_pcre2_utt_names_8
_pcre2_utt_size_8
_pcre2_valid_utf_8
_pcre2_vspace_list_8
_pcre2_was_newline_8
_pcre2_xclass_8
pcre2_callout_enumerate_8
pcre2_code_copy_8
pcre2_code_copy_with_tables_8
pcre2_code_free_8
pcre2_compile_8
pcre2_compile_context_copy_8
pcre2_compile_context_create_8
pcre2_compile_context_free_8
pcre2_config_8
pcre2_convert_context_copy_8
pcre2_convert_context_create_8
pcre2_convert_context_free_8
pcre2_converted_pattern_free_8
pcre2_dfa_match_8
pcre2_general_context_copy_8
pcre2_general_context_create_8
pcre2_general_context_free_8
pcre2_get_error_message_8
pcre2_get_mark_8
pcre2_get_match_data_size_8
pcre2_get_ovector_count_8
pcre2_get_ovector_pointer_8
pcre2_get_startchar_8
pcre2_jit_compile_8
pcre2_jit_free_unused_memory_8
pcre2_jit_match_8
pcre2_jit_stack_assign_8
pcre2_jit_stack_create_8
pcre2_jit_stack_free_8
pcre2_maketables_8
pcre2_maketables_free_8
pcre2_match_8
pcre2_match_context_copy_8
pcre2_match_context_create_8
pcre2_match_context_free_8
pcre2_match_data_create_8
pcre2_match_data_create_from_pattern_8
pcre2_match_data_free_8
pcre2_pattern_convert_8
pcre2_pattern_info_8
pcre2_serialize_decode_8
pcre2_serialize_encode_8
pcre2_serialize_free_8
pcre2_serialize_get_number_of_codes_8
pcre2_set_bsr_8
pcre2_set_callout_8
pcre2_set_character_tables_8
pcre2_set_compile_extra_options_8
pcre2_set_compile_recursion_guard_8
pcre2_set_depth_limit_8
pcre2_set_glob_escape_8
pcre2_set_glob_separator_8
pcre2_set_heap_limit_8
pcre2_set_match_limit_8
pcre2_set_max_pattern_length_8
pcre2_set_newline_8
pcre2_set_offset_limit_8
pcre2_set_parens_nest_limit_8
pcre2_set_recursion_limit_8
pcre2_set_recursion_memory_management_8
pcre2_set_substitute_callout_8
pcre2_substitute_8
pcre2_substring_copy_byname_8
pcre2_substring_copy_bynumber_8
pcre2_substring_free_8
pcre2_substring_get_byname_8
pcre2_substring_get_bynumber_8
pcre2_substring_length_byname_8
pcre2_substring_length_bynumber_8
pcre2_substring_list_free_8
pcre2_substring_list_get_8
pcre2_substring_nametable_scan_8
pcre2_substring_number_from_name_8

Sections

.text
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 304B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
windows_encryptor_393FB90.exe
.exe windows:4 windows x64 arch:x64

83a524ea419614fdc209717cb771b7db

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

libglib-2.0-0

g_ascii_dtostr
g_build_filename
g_clear_error
g_date_time_difference
g_date_time_new_now_utc
g_date_time_to_unix
g_date_time_unref
g_dir_close
g_dir_open
g_dir_read_name
g_error_new_literal
g_file_test
g_fopen
g_free
g_log
g_malloc
g_malloc0_n
g_once_init_enter
g_once_init_leave
g_propagate_error
g_quark_from_static_string
g_quark_from_string
g_quark_to_string
g_rename
g_return_if_fail_warning
g_strcmp0
g_strconcat
g_strdup
g_strndup
g_strrstr
g_strv_length
g_utf8_strdown
g_variant_get_boolean
g_variant_get_double
g_variant_get_int32
g_variant_get_int64
g_variant_get_string
g_variant_get_strv
g_variant_iter_free
g_variant_iter_new
g_variant_iter_next
g_variant_parse
g_variant_type_free
g_variant_type_new
g_variant_unref
g_win32_get_command_line

libgobject-2.0-0

g_enum_register_static
g_object_class_install_property
g_object_new
g_object_notify_by_pspec
g_object_unref
g_param_spec_boolean
g_param_spec_boxed
g_param_spec_double
g_param_spec_int
g_param_spec_int64
g_param_spec_string
g_strv_get_type
g_type_add_instance_private
g_type_check_class_cast
g_type_check_instance_cast
g_type_class_adjust_private_offset
g_type_class_peek_parent
g_type_name
g_type_register_static
g_value_get_boolean
g_value_get_boxed
g_value_get_double
g_value_get_int
g_value_get_int64
g_value_get_string
g_value_set_boolean
g_value_set_boxed
g_value_set_double
g_value_set_int
g_value_set_int64
g_value_set_string

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_cexit
_commode
_errno
_fmode
_initterm
_lock
_onexit
_unlock
abort
calloc
exit
fclose
fflush
fprintf
fputc
fread
free
fseek
ftell
fwrite
localeconv
malloc
memchr
memcpy
memset
rewind
signal
strerror
strlen
strncmp
vfprintf
wcslen

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 925B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0996dbd9e1eccaaac931127df77ece8f

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 11KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 208B

.rdata Size: 4KB - Virtual size: 4KB

.pdata Size: 1024B - Virtual size: 624B

.xdata Size: 1024B - Virtual size: 532B

.bss Size: - Virtual size: 2KB

.idata Size: 2KB - Virtual size: 2KB

.CRT Size: 512B - Virtual size: 104B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

/4 Size: 1KB - Virtual size: 1KB

/19 Size: 228KB - Virtual size: 227KB

/31 Size: 10KB - Virtual size: 9KB

/45 Size: 13KB - Virtual size: 13KB

/57 Size: 3KB - Virtual size: 2KB

/70 Size: 2KB - Virtual size: 1KB

/81 Size: 12KB - Virtual size: 11KB

/92 Size: 1KB - Virtual size: 1KB

Headers

DLL Characteristics

File Characteristics

Sections

UPX0 Size: - Virtual size: 6.9MB

UPX1 Size: 3.3MB - Virtual size: 3.3MB

UPX2 Size: 512B - Virtual size: 4KB

Headers

DLL Characteristics

File Characteristics

Sections

.text Size: 4.3MB - Virtual size: 4.3MB

.rdata Size: 5.3MB - Virtual size: 5.3MB

.data Size: 362KB - Virtual size: 572KB

.idata Size: 1KB - Virtual size: 1KB

.symtab Size: 512B - Virtual size: 4B

c5946a05304213e7ce7c351c162e7e79

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

Exports

Exports

Sections

.text Size: 20KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 176B

.rdata Size: 3KB - Virtual size: 2KB

.pdata Size: 1024B - Virtual size: 1008B

.xdata Size: 1024B - Virtual size: 796B

.bss Size: - Virtual size: 1KB

.edata Size: 1KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 88B

.tls Size: 512B - Virtual size: 16B

.reloc Size: 512B - Virtual size: 120B

90de3ed4d717f78d69796d1ae08d87b2

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

libintl-8

kernel32

msvcrt

ole32

shell32

user32

ws2_32

.text
Size: 11KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 208B

.rdata
Size: 4KB - Virtual size: 4KB

.pdata
Size: 1024B - Virtual size: 624B

.xdata
Size: 1024B - Virtual size: 532B

.bss
Size: - Virtual size: 2KB

.idata
Size: 2KB - Virtual size: 2KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

/4
Size: 1KB - Virtual size: 1KB

/19
Size: 228KB - Virtual size: 227KB

/31
Size: 10KB - Virtual size: 9KB

/45
Size: 13KB - Virtual size: 13KB

/57
Size: 3KB - Virtual size: 2KB

/70
Size: 2KB - Virtual size: 1KB

/81
Size: 12KB - Virtual size: 11KB

/92
Size: 1KB - Virtual size: 1KB

UPX0
Size: - Virtual size: 6.9MB

UPX1
Size: 3.3MB - Virtual size: 3.3MB

UPX2
Size: 512B - Virtual size: 4KB

.text
Size: 4.3MB - Virtual size: 4.3MB

.rdata
Size: 5.3MB - Virtual size: 5.3MB

.data
Size: 362KB - Virtual size: 572KB

.idata
Size: 1KB - Virtual size: 1KB

.symtab
Size: 512B - Virtual size: 4B

.text
Size: 20KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 176B

.rdata
Size: 3KB - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 1008B

.xdata
Size: 1024B - Virtual size: 796B

.bss
Size: - Virtual size: 1KB

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.reloc
Size: 512B - Virtual size: 120B

.text
Size: 738KB - Virtual size: 738KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 513KB - Virtual size: 512KB

.pdata
Size: 31KB - Virtual size: 30KB

.xdata
Size: 30KB - Virtual size: 30KB

.bss
Size: - Virtual size: 6KB

.edata
Size: 57KB - Virtual size: 56KB

.idata
Size: 11KB - Virtual size: 10KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 211KB - Virtual size: 211KB

.data
Size: 512B - Virtual size: 304B

.rdata
Size: 67KB - Virtual size: 67KB

.pdata
Size: 12KB - Virtual size: 11KB

.xdata
Size: 11KB - Virtual size: 10KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 16KB - Virtual size: 15KB

.idata
Size: 9KB - Virtual size: 8KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 904B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 131KB - Virtual size: 130KB

.data
Size: 512B - Virtual size: 208B

.rdata
Size: 938KB - Virtual size: 938KB

.pdata
Size: 7KB - Virtual size: 6KB

.xdata
Size: 5KB - Virtual size: 4KB

.bss
Size: - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 411B

.idata
Size: 2KB - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 976B