sekaiwa[.]rar | Triage

Sharing

Copy URL Twitter E-mail

General

Target

sekaiwa.rar
Size

5.8MB
MD5

e48dfd52982c4b4e28df70bcdb3ed37c
SHA1

ac468f695eee9b9bf9635bc4d3ad003590ed4228
SHA256

79fc093cd00d8e846eedf2a8835de17f366a92a4f6c263f3eb80d1eb167f015d
SHA512

37310125e9659c6da4077fad353b6c6bf6c70273138f242c4ccac28dde4912ab4137f4766c71b9cc8e181206a558af2e58f6436106cfd68d485acdb2b6c7cb73
SSDEEP

98304:L6OWavQbDMJX7ku+scXNgBpLbVGVbaqIejuAqr4h2USuDqjvIZrVZJdESYHe8c8:L6J4/JIdrXNgbLbVGh9Iovqr1uYIZfJk

Score

1^/10

Malware Config

Signatures

Files

sekaiwa.rar
.rar

Password: infected
Setup.exe
.exe windows:6 windows x86 arch:x86

Password: infected

2c35c66db79673bb21a8340eb667ecbc

Code Sign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13/09/2018, 00:00

Not After

20/11/2021, 23:59

Subject

CN=Flexera Software LLC,O=Flexera Software LLC,L=Itasca,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:03:ef:1a:2c:f5:ad:30:2c:65:e7:c4:99:c4:3d:18:86:4f:c1:4e:ef:f5:ee:da:f0:83:be:68:3b:1b:b8:65
Signer

Actual PE Digest

09:03:ef:1a:2c:f5:ad:30:2c:65:e7:c4:99:c4:3d:18:86:4f:c1:4e:ef:f5:ee:da:f0:83:be:68:3b:1b:b8:65

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mfc140u

ord2378
ord4171
ord2215
ord6607
ord3932
ord4885
ord2526
ord14377
ord4227
ord8746
ord6589
ord13654
ord5850
ord1756
ord1770
ord1744
ord1722
ord12258
ord12262
ord13878
ord3266
ord9256
ord11002
ord6751
ord6486
ord6978
ord8965
ord14588
ord5669
ord8062
ord4225
ord1180
ord12348
ord14604
ord12405
ord14657
ord278
ord4815
ord8773
ord1002
ord13469
ord14137
ord13028
ord12220
ord2761
ord13756
ord6220
ord6129
ord6851
ord9132
ord5816
ord8072
ord1464
ord6122
ord265
ord1525
ord280
ord12559
ord5109
ord1450
ord5984
ord951
ord3968
ord1430
ord6834
ord5249
ord4236
ord1446
ord9135
ord3174
ord5033
ord12131
ord6130
ord12460
ord1788
ord5934
ord13700
ord13709
ord5939
ord4948
ord5938
ord2557
ord4495
ord5955
ord8831
ord8209
ord9213
ord11800
ord11795
ord5369
ord3843
ord4587
ord12102
ord9237
ord2304
ord11495
ord10402
ord9302
ord9175
ord7505
ord997
ord1474
ord540
ord3182
ord4884
ord9209
ord10250
ord8219
ord5409
ord7712
ord7723
ord7722
ord5228
ord5549
ord5760
ord9350
ord5525
ord5763
ord5252
ord3849
ord8464
ord2439
ord8360
ord8756
ord8712
ord12884
ord4664
ord4663
ord12763
ord2996
ord1693
ord1689
ord1526
ord1523
ord290
ord286
ord4323
ord2458
ord2990
ord5921
ord293
ord285
ord3009
ord6566
ord2522
ord3882
ord6218
ord2303
ord6263
ord4966
ord13359
ord4960
ord4954
ord13752
ord5013
ord2760
ord9210
ord4997
ord12172
ord4942
ord5019
ord2614
ord842
ord1111
ord9040
ord4974
ord4912
ord11396
ord4927
ord4988
ord4502
ord5790
ord9693
ord4494
ord1513
ord3055
ord14590
ord7923
ord14596
ord4092
ord3404
ord6877
ord11717
ord14234
ord13703
ord5935
ord2682
ord12124
ord3941
ord3372
ord3371
ord2246
ord5626
ord5582
ord3403
ord3164
ord458
ord6531
ord6316
ord1777
ord4936
ord2205
ord2383
ord12081
ord3265
ord5003
ord13707
ord2288
ord12168
ord5034
ord2307
ord14610
ord7166
ord501
ord1143
ord11936
ord3838
ord12089
ord9139
ord11726
ord11725
ord5652
ord10288
ord10284
ord10286
ord10287
ord10285
ord14785
ord8210
ord10255
ord3302
ord3305
ord1511
ord6860
ord995
ord13911
ord6349
ord14668
ord3257
ord4093
ord6350
ord14669
ord6348
ord14667
ord8000
ord12531
ord14466
ord11983
ord11982
ord2034
ord12027
ord7941
ord12947
ord4090
ord4152
ord9398
ord14595
ord7922
ord14589
ord12542
ord12541
ord2486
ord5357
ord8324
ord7997
ord4589
ord12865
ord12928
ord10433
ord12247
ord8386
ord1472
ord7653
ord8470
ord12219
ord12251
ord1171
ord7428
ord6549
ord1133
ord974
ord13258
ord5852
ord8217
ord12239
ord5918
ord3852
ord366
ord1072
ord932
ord12593
ord1808
ord1807
ord14524
ord12416
ord14663
ord1416
ord1045
ord296
ord2385
ord2389
ord3697
ord10472
ord11015
ord7493
ord7820
ord13544
ord266
ord5411
ord2409

kernel32

InterlockedDecrement
FindClose
GetSystemInfo
GetSystemDirectoryW
GetTempPathW
GetTempFileNameW
GetWindowsDirectoryW
DeleteFileW
OutputDebugStringW
SystemTimeToFileTime
GetTickCount
lstrcpynW
lstrcatW
lstrcmpiW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
ResetEvent
SetEvent
LoadLibraryExW
GetModuleHandleW
FindResourceW
LoadResource
LeaveCriticalSection
EnterCriticalSection
SizeofResource
WideCharToMultiByte
GetFileSize
LocalFree
CloseHandle
QueryPerformanceFrequency
FormatMessageW
CreateEventW
CreateFileW
SetFilePointer
WriteFile
ReadFile
lstrcpyW
FreeLibrary
GetProcAddress
SetCurrentDirectoryW
GetCurrentDirectoryW
LoadLibraryW
MultiByteToWideChar
GetFileAttributesW
GetModuleFileNameW
lstrlenW
DeleteCriticalSection
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
SetLastError

user32

CharUpperW
MsgWaitForMultipleObjects
wsprintfW
TranslateMessage
DispatchMessageW
PeekMessageW
CharNextW
GetWindowLongW
GetKeyState
LoadMenuW
InflateRect
SetWindowPos
SendMessageW
LoadStringW
GetSubMenu
OffsetRect
LoadBitmapW
LoadIconW
SetWindowLongW
GetDesktopWindow
GetCursorPos
UpdateWindow
EnableWindow
RegisterWindowMessageW

advapi32

RegQueryValueExW
RegOpenKeyW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryInfoKeyW
RegOpenKeyExW

shell32

ShellExecuteW

comctl32

ImageList_AddMasked
InitCommonControlsEx

shlwapi

PathFileExistsW
PathIsRootW
PathAppendW
PathRemoveFileSpecW

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CLSIDFromString
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance

oleaut32

CreateErrorInfo
SystemTimeToVariantTime
VarUI4FromStr
SafeArrayGetDim
SafeArrayDestroy
VariantInit
SafeArrayGetUBound
SafeArrayGetElement
SafeArrayGetLBound
SafeArrayCopy
SysStringByteLen
SysAllocStringByteLen
GetErrorInfo
SysAllocString
VariantCopy
SafeArrayUnaccessData
SafeArrayAccessData
VariantChangeType
VariantClear
SysReAllocStringLen
SysStringLen
SysAllocStringLen
SysFreeString
VariantTimeToSystemTime

toolkitpro1840vc140u

?DoModal@CXTPCustomizeSheet@@UAEHXZ
??1CXTPCustomizeSheet@@UAE@XZ
??0CXTPCustomizeSheet@@QAE@PAVCXTPCommandBars@@I@Z
??0CXTPWindowRect@@QAE@PBVCWnd@@@Z
??1CXTPFrameWnd@@UAE@XZ
?OnWndMsg@?$CXTPCommandBarsSiteBase@VCFrameWnd@@@@MAEHIIJPAJ@Z
?PreTranslateMessage@?$CXTPCommandBarsSiteBase@VCFrameWnd@@@@MAEHPAUtagMSG@@@Z
?LoadCommandBars@?$CXTPCommandBarsSiteBase@VCFrameWnd@@@@UAEXPB_WH@Z
?SaveCommandBars@?$CXTPCommandBarsSiteBase@VCFrameWnd@@@@UAEXPB_W@Z
?InitCommandBars@?$CXTPCommandBarsSiteBase@VCFrameWnd@@@@UAEHPAUCRuntimeClass@@@Z
?OnSetPreviewMode@?$CXTPFrameWndBase@VCFrameWnd@@@@UAEXHPAUCPrintPreviewState@@@Z
?LoadFrame@?$CXTPFrameWndBase@VCFrameWnd@@@@UAEHIKPAVCWnd@@PAUCCreateContext@@@Z
?XTPColorManager@@YAPAVCXTPColorManager@@XZ
?SetMenu@CXTPCommandBars@@QAEPAVCXTPMenuBar@@PB_WI@Z
?GetShortcutManager@CXTPCommandBars@@QBEPAVCXTPShortcutManager@@XZ
?GetThisClass@CXTPCommandBars@@SGPAUCRuntimeClass@@XZ
?AddCategories@CXTPCustomizeCommandsPage@@QAEHIH@Z
?InsertNewMenuCategory@CXTPCustomizeCommandsPage@@QAEXIH@Z
?InsertAllCommandsCategory@CXTPCustomizeCommandsPage@@QAEXIHH@Z
?InsertBuiltInMenus@CXTPCustomizeCommandsPage@@QAEHIIH@Z
?GetThisClass@CXTPFrameWnd@@SGPAUCRuntimeClass@@XZ
??0CXTPFrameWnd@@QAE@XZ
??0CXTPCustomizeKeyboardPage@@QAE@PAVCXTPCustomizeSheet@@@Z
??1CXTPCustomizeKeyboardPage@@UAE@XZ
?AddCategories@CXTPCustomizeKeyboardPage@@QAEHIH@Z
??0CXTPSplitterWndEx@@QAE@XZ
??1CXTPSplitterWndEx@@UAE@XZ
??0CXTPStatusBar@@QAE@XZ
??1CXTPStatusBar@@UAE@XZ
?Create@CXTPStatusBar@@QAEHPAVCWnd@@KI@Z
?AddIndicator@CXTPStatusBar@@QAEPAVCXTPStatusBarPane@@IH@Z
?SetPaneText@CXTPStatusBar@@QAEHHPB_W@Z
?GetXtremeColor@@YAKI@Z
??0CXTPCustomizeOptionsPage@@QAE@PAVCXTPCustomizeSheet@@@Z
??1CXTPCustomizeOptionsPage@@UAE@XZ
?GetInstanceAddRef@CXTPPaintManager@@SAPAV1@XZ
?ReleaseInstance@CXTPPaintManager@@SAXXZ
?SetTheme@CXTPPaintManager@@SAXW4XTPPaintTheme@@@Z
?GetColor@CXTPColorManager@@QBEKH@Z
?RegisterWndClass@CXTPDrawHelpers@@SAHPAUHINSTANCE__@@PB_WIPAUHICON__@@PAUHBRUSH__@@@Z
?SetAccelerators@CXTPShortcutManager@@QAEXI@Z
?AddPage@CXTPCustomizeSheet@@QAEXPAVCXTPPropertyPage@@H@Z

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

wininet

InternetQueryOptionW
InternetGetConnectedState
InternetAutodial
InternetErrorDlg
HttpQueryInfoW
HttpSendRequestW
HttpOpenRequestW
InternetSetStatusCallbackW
InternetGetLastResponseInfoW
InternetReadFile
InternetOpenUrlW
InternetConnectW
InternetCloseHandle
InternetOpenW
InternetCanonicalizeUrlW
InternetCrackUrlW

vcruntime140

__std_terminate
__std_exception_destroy
__std_exception_copy
_purecall
strstr
memcpy
_CxxThrowException
_except_handler4_common
__vcrt_InitializeCriticalSectionEx
__CxxFrameHandler3
memset
wcsstr
memmove

api-ms-win-crt-heap-l1-1-0

_recalloc
_set_new_mode
malloc
free

api-ms-win-crt-string-l1-1-0

wcslen
towupper
_wcsnicmp
wmemcpy_s
wcsncpy_s

api-ms-win-crt-runtime-l1-1-0

_controlfp_s
_crt_atexit
_initialize_onexit_table
_register_onexit_function
_register_thread_local_exe_atexit_callback
_c_exit
_cexit
_invalid_parameter_noinfo_noreturn
_exit
exit
_initterm_e
_initterm
_get_wide_winmain_command_line
_initialize_wide_environment
_configure_wide_argv
_set_app_type
_seh_filter_exe
_errno
_invalid_parameter_noinfo
terminate

api-ms-win-crt-utility-l1-1-0

_swab

api-ms-win-crt-multibyte-l1-1-0

_mbstrlen

api-ms-win-crt-convert-l1-1-0

wcstol
_itow_s
_ltow_s
_itoa_s

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode
__stdio_common_vswprintf_s
__stdio_common_vswprintf

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ToolkitPro1840vc140U.dll
.dll windows:6 windows x86 arch:x86

Password: infected

4b8c91e7fd28dcf79d699c9f9f735f63

Code Sign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/11/2006, 00:00

Not After

16/07/2036, 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

13/09/2018, 00:00

Not After

20/11/2021, 23:59

Subject

CN=Flexera Software LLC,O=Flexera Software LLC,L=Itasca,ST=Illinois,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

83:78:b9:74:5a:64:fb:c7:4b:4c:46:d0:ad:6b:4a:91:e4:f0:2a:b1:6e:91:42:3b:f1:bb:61:98:1f:82:4d:d1
Signer

Actual PE Digest

83:78:b9:74:5a:64:fb:c7:4b:4c:46:d0:ad:6b:4a:91:e4:f0:2a:b1:6e:91:42:3b:f1:bb:61:98:1f:82:4d:d1

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc140u

ord5891
ord12358
ord7394
ord6818
ord1426
ord7066
ord12141
ord5423
ord9377
ord7073
ord2925
ord6880
ord4076
ord1368
ord8874
ord8873
ord8875
ord5579
ord4884
ord11080
ord11118
ord376
ord9527
ord1078
ord6590
ord4226
ord9133
ord12105
ord5985
ord7450
ord8124
ord5027
ord5026
ord5029
ord5025
ord5024
ord11117
ord7137
ord512
ord1149
ord10504
ord12176
ord8920
ord8912
ord13754
ord6219
ord7504
ord885
ord883
ord886
ord2360
ord872
ord3599
ord6229
ord1727
ord14429
ord7104
ord898
ord3954
ord2300
ord2399
ord551
ord8505
ord6175
ord1182
ord1890
ord12594
ord458
ord7379
ord926
ord3031
ord3238
ord6248
ord13224
ord4108
ord1928
ord10498
ord1411
ord12217
ord2594
ord9253
ord3054
ord9225
ord7627
ord3684
ord6802
ord914
ord1408
ord7626
ord4487
ord6830
ord3254
ord3363
ord1442
ord13100
ord13042
ord3323
ord7378
ord917
ord916
ord9375
ord1464
ord467
ord3956
ord1114
ord6851
ord5816
ord13648
ord8072
ord6122
ord7810
ord14128
ord2220
ord1405
ord11463
ord14597
ord6801
ord3237
ord3359
ord503
ord1144
ord4715
ord9701
ord6225
ord7815
ord2307
ord7406
ord7165
ord7146
ord6570
ord3175
ord3342
ord4223
ord1162
ord9130
ord7166
ord13838
ord5837
ord5850
ord13656
ord7891
ord9467
ord7509
ord7510
ord5813
ord5878
ord2029
ord14127
ord3076
ord12645
ord6869
ord7377
ord459
ord511
ord9528
ord3173
ord922
ord924
ord5037
ord6842
ord3260
ord3366
ord4239
ord1454
ord9138
ord6117
ord7486
ord12929
ord975
ord2010
ord1451
ord2173
ord14490
ord5852
ord5830
ord5845
ord8352
ord7074
ord8066
ord7427
ord7647
ord7428
ord6852
ord12122
ord7648
ord6123
ord13235
ord7408
ord6832
ord966
ord3256
ord3627
ord3644
ord6469
ord13924
ord5221
ord13379
ord6263
ord7926
ord12482
ord9919
ord10527
ord9581
ord3903
ord14265
ord14263
ord3888
ord3856
ord5038
ord13226
ord2692
ord2625
ord4089
ord4140
ord4141
ord1444
ord7907
ord5756
ord5688
ord14379
ord14372
ord4173
ord13973
ord6932
ord14276
ord14289
ord9254
ord11001
ord10821
ord11075
ord7638
ord6113
ord14547
ord8777
ord5397
ord7032
ord3905
ord7418
ord9463
ord7642
ord8161
ord8031
ord2053
ord7315
ord10765
ord7078
ord6502
ord12100
ord7490
ord5965
ord4814
ord5842
ord7909
ord6805
ord929
ord2008
ord12611
ord12642
ord4671
ord1413
ord4216
ord5390
ord3222
ord9175
ord814
ord3353
ord1345
ord7604
ord12115
ord552
ord8506
ord1656
ord1183
ord10437
ord11374
ord10868
ord10923
ord10342
ord11540
ord12062
ord484
ord13254
ord12638
ord1131
ord2381
ord2752
ord6848
ord984
ord3261
ord3367
ord5841
ord1460
ord2650
ord2626
ord11716
ord8992
ord4973
ord7644
ord13063
ord852
ord12302
ord7827
ord9008
ord5780
ord3613
ord908
ord1403
ord13263
ord902
ord1400
ord13695
ord14114
ord14124
ord7372
ord12224
ord8099
ord5394
ord6325
ord1546
ord1558
ord293
ord2235
ord7684
ord12169
ord461
ord909
ord13851
ord13125
ord2365
ord2223
ord2285
ord973
ord12595
ord7829
ord359
ord6868
ord13043
ord12880
ord7121
ord481
ord14065
ord13832
ord2858
ord5609
ord6199
ord9081
ord3857
ord10976
ord11024
ord11267
ord9197
ord12786
ord5577
ord12575
ord11252
ord8395
ord7655
ord2843
ord13352
ord2558
ord12418
ord12660
ord4703
ord9484
ord2718
ord12964
ord12093
ord1128
ord4138
ord4088
ord14511
ord5377
ord5368
ord10431
ord10251
ord10721
ord11138
ord11139
ord9363
ord11743
ord9979
ord9212
ord7501
ord5765
ord8049
ord12643
ord6555
ord5514
ord12754
ord12429
ord1449
ord2172
ord2470
ord555
ord8509
ord1659
ord12599
ord6179
ord1186
ord492
ord3075
ord822
ord1353
ord1141
ord13719
ord3694
ord3677
ord12744
ord1888
ord1892
ord2011
ord12612
ord6310
ord13941
ord7128
ord13741
ord845
ord12569
ord8123
ord485
ord2268
ord2374
ord2648
ord11715
ord11774
ord1815
ord3239
ord930
ord7382
ord13981
ord12078
ord12098
ord12171
ord8990
ord3939
ord8172
ord12457
ord8339
ord3842
ord1076
ord4255
ord4285
ord4251
ord4209
ord4179
ord4113
ord2651
ord14239
ord7622
ord1005
ord11836
ord11820
ord11140
ord11141
ord10991
ord9579
ord9341
ord11137
ord11115
ord1401
ord9477
ord2668
ord4745
ord13420
ord903
ord7373
ord5434
ord11903
ord11581
ord11278
ord11275
ord7787
ord2680
ord7696
ord2749
ord13940
ord10047
ord11146
ord9011
ord11122
ord13937
ord13694
ord7686
ord7342
ord1458
ord2296
ord5337
ord6190
ord2555
ord4091
ord365
ord5580
ord6316
ord4093
ord1143
ord501
ord7410
ord13106
ord5989
ord9239

kernel32

MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
RaiseException
TerminateThread
MoveFileW
GetWindowsDirectoryW
GetTickCount
DecodePointer
GetThreadPriority
GetFullPathNameW
GetFileInformationByHandle
LocalSize
OpenProcess
lstrcpynA
GetModuleFileNameA
VirtualQuery
VirtualProtect
GetSystemInfo
FlushInstructionCache
TlsFree
GetCurrentProcess
SetLastError
GetUserDefaultLangID
WriteFile
SetFileTime
LocalFileTimeToFileTime
ExitProcess
GetPrivateProfileIntW
LocalFree
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
OutputDebugStringA
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
lstrcmpW
GetDriveTypeW
lstrcpyW
SuspendThread
FindFirstFileW
FindClose
FileTimeToLocalFileTime
FindNextChangeNotification
FindFirstChangeNotificationW
FindCloseChangeNotification
IsBadStringPtrW
GlobalSize
CopyFileW
GetPrivateProfileSectionNamesW
WritePrivateProfileStringW
GetPrivateProfileStringW
GetTempPathW
GetTempFileNameW
GetCurrentProcessId
GlobalFree
LoadLibraryExW
GetVersionExW
ResumeThread
SetThreadPriority
CreateThread
GetFileSize
TlsSetValue
TlsGetValue
TlsAlloc
GetProcessHeap
MultiByteToWideChar
EnumResourceLanguagesW
EnumResourceTypesW
EnumResourceNamesW
lstrcmpA
SetFilePointer
ReadFile
CreateFileW
GlobalUnlock
GlobalLock
SizeofResource
GetModuleHandleA
OutputDebugStringW
CompareStringW
LoadLibraryA
LockResource
LoadResource
FreeResource
Sleep
GetCurrentThreadId
WideCharToMultiByte
GlobalAlloc
GetModuleFileNameW
GetFileAttributesW
CreateDirectoryW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetCurrentDirectoryW
lstrcpynW
GetLastError
GetCurrencyFormatW
GetNumberFormatW
WaitForMultipleObjects
CreateEventW
WaitForSingleObject
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSection
CloseHandle
HeapFree
HeapAlloc
HeapDestroy
HeapCreate
GlobalReAlloc
GetUserDefaultLCID
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
SystemTimeToTzSpecificLocalTime
GetModuleHandleW
SetFileAttributesW
DeleteFileW
FindResourceW
MulDiv
FormatMessageW
LocalAlloc
LoadLibraryW
GetProcAddress
FreeLibrary
SystemTimeToFileTime
FileTimeToSystemTime
GetTimeZoneInformation
GetLocalTime
GetPrivateProfileSectionW

user32

GetActiveWindow
IsDialogMessageW
GetClassNameW
SetClassLongW
UnionRect
BringWindowToTop
DeferWindowPos
MoveWindow
ShowWindow
CopyAcceleratorTableW
LoadAcceleratorsW
IsWindowEnabled
MapVirtualKeyExW
VkKeyScanExW
GetKeyNameTextW
GetKeyboardState
IsCharLowerW
CharUpperW
IsIconic
GetKeyboardLayout
GetKeyboardLayoutList
ToUnicodeEx
ShowScrollBar
GetLastActivePopup
GetForegroundWindow
WindowFromPoint
SetCursorPos
GetClassLongW
GetSystemMenu
GetMenuState
SetMenu
GetMenu
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
LoadImageW
DestroyIcon
DrawStateW
GetClipboardFormatNameW
SetClipboardData
EndDeferWindowPos
BeginDeferWindowPos
GetMenuDefaultItem
GetIconInfo
CreateIconIndirect
CreatePopupMenu
GetDlgItem
SetParent
LockWindowUpdate
GetDCEx
SystemParametersInfoW
GetWindow
GetTopWindow
GetSubMenu
LoadMenuW
WaitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
GetUserObjectInformationW
CloseDesktop
OpenInputDesktop
wsprintfW
ShowCaret
HideCaret
GetWindowRgn
GetMenuItemInfoW
SetActiveWindow
GetMenuItemID
MapVirtualKeyW
GetDlgCtrlID
GetNextDlgTabItem
IsChild
IsMenu
IntersectRect
InvertRect
GetMessagePos
SetWindowLongW
SetFocus
GetClassInfoW
DefWindowProcW
DrawFrameControl
ReleaseDC
GetDC
MapWindowPoints
MessageBeep
IsClipboardFormatAvailable
EmptyClipboard
RegisterClipboardFormatW
CloseClipboard
OpenClipboard
GetWindowLongW
GetDesktopWindow
EqualRect
ClientToScreen
SetWindowRgn
FillRect
LoadIconW
FindWindowW
InflateRect
DrawFocusRect
GetSysColorBrush
GetWindowRect
GetKeyState
SetRectEmpty
FrameRect
GetSysColor
GetFocus
SendMessageW
LoadCursorW
GetParent
PtInRect
IsRectEmpty
OffsetRect
CopyRect
SetRect
ScreenToClient
GetCursorPos
SetCursor
GetClientRect
EnableScrollBar
RedrawWindow
InvalidateRect
UpdateWindow
GetSystemMetrics
EnableWindow
KillTimer
SetTimer
ReleaseCapture
SetCapture
GetCapture
IsWindowVisible
SetWindowPos
IsWindow
PostMessageW
RegisterWindowMessageW
SetForegroundWindow
MessageBoxW
AdjustWindowRectEx
SendMessageTimeoutW
DrawIconEx
IsZoomed
PostQuitMessage
GetDialogBaseUnits
DrawTextW
DrawTextExW
GrayStringW
TabbedTextOutW
ValidateRect
CallWindowProcW
IsWindowUnicode
GetWindowLongA
SetWindowLongA
CreateIconFromResourceEx
LoadBitmapW
CopyIcon
CopyImage
LoadMenuIndirectW
GetMenuStringW
LookupIconIdFromDirectoryEx
PostThreadMessageW
GetCursor
CreateWindowExW
DestroyWindow
GetWindowThreadProcessId
GetScrollInfo
GetDoubleClickTime
DrawEdge
GetClipboardData
CheckMenuItem
AppendMenuW
GetAsyncKeyState
MapDialogRect
SetWindowTextW
LoadStringW
GetWindowPlacement
EnableMenuItem
DragDetect
SetScrollPos
GetScrollPos
CreateCaret
DestroyCaret
SetCaretPos
GetTabbedTextExtentW
UnregisterClassW
DestroyMenu
TrackPopupMenu
DrawAnimatedRects
SetMenuDefaultItem
EnumChildWindows
wsprintfA
DeleteMenu
mouse_event
EnumWindows
BeginPaint
EndPaint
GetWindowDC
GetCaretPos
GetMenuItemCount
GetTabbedTextExtentA
InsertMenuW

gdi32

ExtCreatePen
DPtoLP
CombineRgn
GetDIBits
SetStretchBltMode
GetBitmapBits
GetTextMetricsW
SetPixelV
SetBkMode
SetBrushOrgEx
GetCharWidthW
SetBoundsRect
GetTextAlign
GetWindowOrgEx
GetViewportExtEx
GetWindowExtEx
SetMapMode
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
GetClipBox
GetTextExtentPointW
GetObjectType
MoveToEx
OffsetRgn
GetBoundsRect
CreateDCW
GetObjectA
CreateDIBitmap
CreatePalette
SelectPalette
GetClipRgn
IntersectClipRect
ExtSelectClipRgn
GetTextCharsetInfo
GetTextExtentExPointW
GetRgnBox
GetCurrentPositionEx
GetTextExtentPoint32A
CloseFigure
FillPath
StrokeAndFillPath
PolyBezierTo
OffsetViewportOrgEx
CreatePenIndirect
ExtTextOutW
TextOutW
StrokePath
EndPath
BeginPath
SetBkColor
Rectangle
RectVisible
PtVisible
GetBkMode
GetBkColor
Escape
CreateHatchBrush
CreateBrushIndirect
StretchDIBits
Polyline
ExtCreateRegion
SetTextColor
GetCurrentObject
GetPixel
ExtFloodFill
EnumFontFamiliesW
EnumFontFamiliesExW
CreateRectRgnIndirect
PtInRegion
PatBlt
CreateRectRgn
GdiFlush
SetPixelFormat
ChoosePixelFormat
RoundRect
GetViewportOrgEx
GetMapMode
CreateSolidBrush
CreateRoundRectRgn
CreateDIBSection
LineTo
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
Polygon
GetBitmapDimensionEx
GetDeviceCaps
GetTextExtentPoint32W
SelectObject
StretchBlt
GetStockObject
CreateBitmap
CreateFontIndirectW
CreatePen
CreatePatternBrush
Ellipse
FillRgn
FrameRgn
GetTextColor
SetPixel
GetObjectW
DeleteDC
CreatePolygonRgn
DeleteObject

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
IsTextUnicode
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW
RegOpenKeyW
RegDeleteKeyW
RegEnumKeyExW
RegEnumValueW
RegEnumKeyW

shell32

DragAcceptFiles
SHGetMalloc
SHGetPathFromIDListW
SHGetSpecialFolderLocation
DragFinish
ExtractIconExW
Shell_NotifyIconW
ShellExecuteExW
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW
SHGetFileInfoW
SHAppBarMessage

comctl32

ImageList_SetBkColor
ImageList_ReplaceIcon
ImageList_Add
ImageList_SetImageCount
ImageList_Create
ImageList_GetBkColor
ImageList_GetIcon
ImageList_GetImageCount
_TrackMouseEvent
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_AddMasked
ImageList_SetOverlayImage
ImageList_Replace
ImageList_Remove
ImageList_Copy
ImageList_BeginDrag
ImageList_SetDragCursorImage
ImageList_Destroy
ImageList_DrawEx
ImageList_GetIconSize
ord17
FlatSB_GetScrollProp
ImageList_Draw
InitCommonControlsEx

shlwapi

PathCombineW
PathRemoveFileSpecW
PathFindExtensionW
PathFindFileNameA

ole32

OleUninitialize
OleInitialize
PropVariantClear
DoDragDrop
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
CLSIDFromProgID
OleRun
CoCreateInstance

oleaut32

GetErrorInfo
SystemTimeToVariantTime
VariantTimeToSystemTime
VarUdateFromDate
VariantClear
VariantChangeType
VariantChangeTypeEx
VariantInit
VariantCopy
SysAllocString
SysFreeString
SysStringByteLen
SysAllocStringByteLen
DosDateTimeToVariantTime
VarBstrFromDate
VarDateFromStr
OleLoadPicturePath
SysStringLen
SafeArrayCreateVector
VarCmp
SetErrorInfo
CreateErrorInfo

gdiplus

GdipSetPathGradientBlend
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateFontFromLogfontA
GdipSetCompositingQuality
GdipSetCompositingMode
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateHICONFromBitmap
GdipCreateBitmapFromHICON
GdipCreateBitmapFromScan0
GdipSaveImageToFile
GdipSetStringFormatMeasurableCharacterRanges
GdipSetStringFormatTrimming
GdipSetStringFormatFlags
GdipMeasureCharacterRanges
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipCreateFont
GdipGetGenericFontFamilyMonospace
GdipDeleteFontFamily
GdipGetWorldTransform
GdipSetWorldTransform
GdipReleaseDC
GdipGetDC
GdipGetRegionBounds
GdipRotateMatrix
GdipTranslateMatrix
GdipDeleteMatrix
GdipCloneMatrix
GdipCreateMatrix
GdipAddPathString
GdipGetPathData
GdipCreatePath2
GdipFlattenPath
GdipAddPathLine2I
GdipAddPathLineI
GdipAddPathBeziers
GdipReversePath
GdipGetPathPoints
GdipClonePath
GdipCreateBitmapFromResource
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromFile
GdipCreateBitmapFromStream
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipCloneStringFormat
GdipStringFormatGetGenericTypographic
GdipCreateFontFromDC
GdipDrawImageRectI
GdipFillEllipseI
GdipFillPolygonI
GdipGraphicsClear
GdipDrawEllipseI
GdipResetWorldTransform
GdipSetPixelOffsetMode
GdipCreateFromHDC2
GdipCreateLineBrushFromRectI
GdipGetPathPointsI
GdipGetPathTypes
GdipGetPointCount
GdipIsOutlineVisiblePathPoint
GdipGetPathWorldBoundsI
GdipFillPieI
GdipFillRectangleI
GdipDeleteBrush
GdipGetPathGradientPointCount
GdipSetPathGradientCenterPointI
GdipSetPathGradientSurroundColorsWithCount
GdipSetPathGradientCenterColor
GdipCreatePathGradientFromPath
GdipSetLineBlend
GdipCreateLineBrushI
GdipCloneBrush
GdipAddPathEllipseI
GdipFree
GdipAlloc
GdipRestoreGraphics
GdipSaveGraphics
GdipGetClipBoundsI
GdipGetClip
GdipSetClipRegion
GdipSetClipRectI
GdipRotateWorldTransform
GdipTranslateWorldTransform
GdipDeleteRegion
GdipCreateRegionPath
GdipCreateRegion
GdipSetStringFormatLineAlign
GdipSetStringFormatAlign
GdipDeleteStringFormat
GdipCreateStringFormat
GdipDrawString
GdipGetTextRenderingHint
GdipSetTextRenderingHint
GdipFillRectangle
GdipDrawRectangle
GdipFillPolygon
GdipDrawPolygon
GdipGetSmoothingMode
GdipAddPathPolygon
GdipClosePathFigures
GdipStartPathFigure
GdipFillPath
GdipDrawPath
GdipCreateLineBrush
GdipIsVisiblePathPointI
GdipAddPathPie
GdipAddPathEllipse
GdipAddPathArc
GdipAddPathLine
GdipDrawCurve
GdipDrawLines
GdipDrawLine
GdipSetPenDashArray
GdipSetPenDashStyle
GdipIsOutlineVisiblePathPointI
GdipAddPathCurve
GdipDeletePath
GdipCreatePath
GdipMeasureString
GdipDeleteFont
GdipCreateFontFromLogfontW
GdipGetDpiY
GdipGetDpiX
GdipSetPageUnit
GdipScaleWorldTransform
GdipSetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdiplusShutdown
GdiplusStartup
GdipFillEllipse
GdipDrawEllipse
GdipDeletePen
GdipCreatePen1
GdipSetLinePresetBlend
GdipCreateLineBrushFromRect
GdipCreateSolidFill
GdipCreateHatchBrush

glu32

gluProject
gluPerspective
gluLookAt
gluUnProject

opengl32

glEndList
glCallList
glMultMatrixd
glVertex3d
glPushAttrib
glPopAttrib
glLineWidth
glEnd
glDisable
glColor3f
glBegin
glViewport
glTranslated
glShadeModel
glReadPixels
glPushMatrix
glPopMatrix
glMatrixMode
glMaterialfv
glLoadIdentity
glLightfv
glLightModelfv
glIsEnabled
glHint
glGetIntegerv
glGetDoublev
glFlush
glFinish
glEnable
glColorMaterial
glClearDepth
glClearAccum
glBlendFunc
glAccum
wglMakeCurrent
wglDeleteContext
wglCreateContext
glClearColor
glClear
glGetError
glNewList
glNormal3d
glRotated
glDeleteLists

winmm

PlaySoundW

imagehlp

ImageDirectoryEntryToData

vcruntime140

__std_type_info_destroy_list
_except_handler4_common
__vcrt_InitializeCriticalSectionEx
strstr
memchr
_setjmp3
_purecall
__std_terminate
memmove
__CxxFrameHandler3
memcpy
memset
_CxxThrowException
wcschr
wcsstr
strchr
wcsrchr
longjmp

api-ms-win-crt-runtime-l1-1-0

abort
terminate
_invalid_parameter_noinfo
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
_initterm
_initterm_e
_errno
strerror

api-ms-win-crt-heap-l1-1-0

realloc
free
_recalloc
malloc
calloc

api-ms-win-crt-utility-l1-1-0

ldiv
rand
qsort
_lfind

api-ms-win-crt-time-l1-1-0

_gmtime64
_mktime64
_localtime64_s
_time64
wcsftime

api-ms-win-crt-math-l1-1-0

_libm_sse2_acos_precise
_libm_sse2_atan_precise
_libm_sse2_tan_precise
_libm_sse2_sin_precise
_libm_sse2_cos_precise
_isnan
_except1
_libm_sse2_pow_precise
_libm_sse2_sqrt_precise
_libm_sse2_asin_precise
frexp
modf
_CIatan2
ceil
_libm_sse2_log10_precise
_libm_sse2_log_precise
floor

api-ms-win-crt-convert-l1-1-0

wcstoul
wcstombs
_wtol
wcstol
wcstod
wcstombs_s
_wtoi
_itow_s
atof

api-ms-win-crt-stdio-l1-1-0

_write
_close
_open
_lseeki64
_wopen
__stdio_common_vsprintf
__stdio_common_vswprintf
ftell
fseek
_fileno
fclose
_wfopen_s
fgetws
__stdio_common_vswprintf_s
__stdio_common_vswscanf
_read

api-ms-win-crt-string-l1-1-0

isdigit
_wcsdup
_wcsicoll
_wcsupr_s
iswupper
iswlower
strpbrk
strncmp
wcspbrk
isleadbyte
isalnum
strcpy_s
_stricmp
wcsspn
wcsncpy
wcstok_s
isprint
isxdigit
iswxdigit
iswspace
iswprint
iswdigit
iswalpha
iswalnum
wcsncmp
towupper
_wcslwr_s
_wcsnicmp
_wcsicmp
wcsncpy_s
wcscpy_s
isspace

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_wsplitpath_s

api-ms-win-crt-locale-l1-1-0

_wsetlocale

Exports

Exports

?$TSS0@?1??InstancePointer@?$CXTPSingleton@VCXTPChartObjectFactory@@V?$CXTPSingletonDependencies@VCXTPDummySingletonDependency@@V1@V1@V1@V1@V1@V1@V1@V1@V1@@@@@KAAAVCXTPSingletonPointer@@XZ@4HA
?$TSS0@?1??InstancePointer@?$CXTPSingleton@VCXTPOpenGLListPool@@V?$CXTPSingletonDependencies@VCXTPDummySingletonDependency@@V1@V1@V1@V1@V1@V1@V1@V1@V1@@@@@KAAAVCXTPSingletonPointer@@XZ@4HA
??0?$CArray@PAUXTP_TAGCLOUDTAG@@PAU1@@@QAE@XZ
??0?$CArray@PAV?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PAV12@@@QAE@XZ
??0?$CArray@PAVCXTPCommandBar@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPDatePickerButton@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPDockingPaneCaptionButton@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPReportInplaceButton@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPReportRow@@PAV1@@@QAE@XZ
??0?$CArray@PAVCXTPSyntaxEditColorInfo@@PAV1@@@QAE@XZ
??0?$CArray@UXTP_EDIT_LEXCLASSINFO@XTPSyntaxEditLexAnalyser@@AAU12@@@QAE@XZ
??0?$CArray@UXTP_EDIT_LEXPROPINFO@XTPSyntaxEditLexAnalyser@@AAU12@@@QAE@XZ
??0?$CArray@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@ABV12@@@QAE@XZ
??0?$CArray@VCXTPCalendarReminderForOccurrence@@ABV1@@@QAE@XZ
??0?$CList@UXTP_EDIT_SCHEMAFILEINFO@@AAU1@@@QAE@H@Z
??0?$CMap@PAVCXTPReportRecordItem@@PAV1@VCXTPReportRecordMergeItem@@AAV2@@@QAE@H@Z
??0?$CXTPArrayT@IIJ@@QAE@XZ
??0?$CXTPArrayT@PAVCXTPReportHyperlink@@PAV1@PAUIDispatch@@@@QAE@XZ
??0?$CXTPArrayT@PAVCXTPReportRecordItemControl@@PAV1@PAUIDispatch@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarEventCategory@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarEventLabel@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarReminder@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarResource@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarSchedule@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarTimeLineViewGroup@@@@QAE@XZ
??0?$CXTPCalendarPtrCollectionT@VCXTPCalendarViewEvent@@@@QAE@XZ
??0?$CXTPCalendarThemeCustomizableXValueT@HH@@QAE@ABV0@@Z
??0?$CXTPCalendarThemeCustomizableXValueT@HH@@QAE@XZ
??0?$CXTPCalendarThemeCustomizableXValueT@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W@@QAE@ABV0@@Z
??0?$CXTPCalendarThemeCustomizableXValueT@V?$CStringT@_WV?$StrTraitMFC_DLL@_WV?$ChTraitsCRT@_W@ATL@@@@@ATL@@PB_W@@QAE@XZ
??0?$CXTPCalendarThemeCustomizableXValueT@VCRect@@V1@@@QAE@ABV0@@Z
??0?$CXTPCalendarThemeCustomizableXValueT@VCRect@@V1@@@QAE@XZ
??0?$CXTPCalendarViewDayT@VCXTPCalendarDayView@@VCXTPCalendarDayViewGroup@@UXTP_CALENDAR_HITTESTINFO@@VCXTPCalendarDayViewDay@@@@QAE@PBVCXTPCalendarDayView@@@Z
??0?$CXTPCalendarViewDayT@VCXTPCalendarMonthView@@VCXTPCalendarMonthViewGroup@@UXTP_CALENDAR_HITTESTINFO@@VCXTPCalendarMonthViewDay@@@@QAE@PBVCXTPCalendarMonthView@@@Z
??0?$CXTPCalendarViewDayT@VCXTPCalendarWeekView@@VCXTPCalendarWeekViewGroup@@UXTP_CALENDAR_HITTESTINFO@@VCXTPCalendarWeekViewDay@@@@QAE@PBVCXTPCalendarWeekView@@@Z
??0?$CXTPCalendarViewEventT@VCXTPCalendarDayViewGroup@@@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarDayViewGroup@@@Z
??0?$CXTPCalendarViewEventT@VCXTPCalendarMonthViewGroup@@@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarMonthViewGroup@@@Z
??0?$CXTPCalendarViewEventT@VCXTPCalendarWeekViewGroup@@@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarWeekViewGroup@@@Z
??0?$CXTPCalendarViewGroupT@VCXTPCalendarDayViewDay@@VCXTPCalendarDayViewEvent@@VCXTPCalendarDayViewGroup@@@@QAE@PAVCXTPCalendarDayViewDay@@@Z
??0?$CXTPCalendarViewGroupT@VCXTPCalendarMonthViewDay@@VCXTPCalendarMonthViewEvent@@VCXTPCalendarMonthViewGroup@@@@QAE@PAVCXTPCalendarMonthViewDay@@@Z
??0?$CXTPCalendarViewGroupT@VCXTPCalendarWeekViewDay@@VCXTPCalendarWeekViewEvent@@VCXTPCalendarWeekViewGroup@@@@QAE@PAVCXTPCalendarWeekViewDay@@@Z
??0?$CXTPCalendarViewPartCustomizableValueT@VCBrush@@@@QAE@ABV0@@Z
??0?$CXTPCalendarViewPartCustomizableValueT@VCBrush@@@@QAE@XZ
??0?$CXTPCalendarViewPartCustomizableValueT@VCFont@@@@QAE@ABV0@@Z
??0?$CXTPCalendarViewPartCustomizableValueT@VCFont@@@@QAE@XZ
??0?$CXTPCalendarViewT@VCXTPCalendarDayViewDay@@@@QAE@PAVCXTPCalendarControl@@W4XTPCalendarViewType@@@Z
??0?$CXTPCalendarViewT@VCXTPCalendarMonthViewDay@@@@QAE@PAVCXTPCalendarControl@@W4XTPCalendarViewType@@@Z
??0?$CXTPCalendarViewT@VCXTPCalendarWeekViewDay@@@@QAE@PAVCXTPCalendarControl@@W4XTPCalendarViewType@@@Z
??0?$CXTPChartPieDiagramBase@VCXTPChart2dDiagram@@@@IAE@XZ
??0?$CXTPChartPieDiagramBase@VCXTPChart3dDiagram@@@@IAE@XZ
??0?$CXTPCommandBarsSiteBase@VCFrameWnd@@@@QAE@XZ
??0?$CXTPCommandBarsSiteBase@VCMDIFrameWnd@@@@QAE@XZ
??0?$CXTPFrameWndBase@VCFrameWnd@@@@QAE@XZ
??0?$CXTPFrameWndBase@VCMDIFrameWnd@@@@QAE@XZ
??0?$CXTPHeapAllocatorT@UCXTPReportAllocatorDefaultData@@@@QAE@ABV0@@Z
??0?$CXTPHeapAllocatorT@UCXTPReportAllocatorDefaultData@@@@QAE@XZ
??0?$CXTPHeapAllocatorT@UCXTPReportDataAllocatorData@@@@QAE@ABV0@@Z
??0?$CXTPHeapAllocatorT@UCXTPReportDataAllocatorData@@@@QAE@XZ
??0?$CXTPHeapAllocatorT@UCXTPReportRowAllocatorData@@@@QAE@ABV0@@Z
??0?$CXTPHeapAllocatorT@UCXTPReportRowAllocatorData@@@@QAE@XZ
??0?$CXTPHeapObjectT@V?$CXTPArrayT@PAVCXTPReportHyperlink@@PAV1@PAUIDispatch@@@@VCXTPReportDataAllocator@@@@QAE@XZ
??0?$CXTPHeapObjectT@VCXTPCmdTarget@@VCXTPReportDataAllocator@@@@QAE@XZ
??0?$CXTPHeapObjectT@VCXTPReportRowBase@@VCXTPReportRowAllocator@@@@QAE@XZ
??0?$CXTPMarkupGdiPlusTransformObject@VCXTPMarkupRotateTransform@@@@IAE@XZ
??0?$CXTPMarkupGdiPlusTransformObject@VCXTPMarkupScaleTransform@@@@IAE@XZ
??0?$CXTPMarkupGdiPlusTransformObject@VCXTPMarkupSkewTransform@@@@IAE@XZ
??0?$CXTPMarkupGdiPlusTransformObject@VCXTPMarkupTranslateTransform@@@@IAE@XZ
??0?$CXTPMaskEditT@VCEdit@@@@QAE@XZ
??0?$CXTPObservable@VCXTPApplication@@UIXTPApplicationEvents@@@@IAE@XZ
??0?$CXTPObservable@VCXTPChartDeviceCommand@@VCXTPChartDeviceCommandEvents@@@@IAE@XZ
??0?$CXTPObservable@VCXTPFrameShadowManager@@UIXTPFrameShadowManagerEvents@@@@IAE@XZ
??0?$CXTPObservable@VCXTPPaintManager@@UIXTPPaintManagerEvents@@@@IAE@XZ
??0?$CXTPScrollBarContainer@VCSplitterWnd@@@@IAE@XZ
??0?$CXTPScrollBarContainer@VCWnd@@@@IAE@XZ
??0?$CXTPSingleton@VCXTPChartObjectFactory@@V?$CXTPSingletonDependencies@VCXTPDummySingletonDependency@@V1@V1@V1@V1@V1@V1@V1@V1@V1@@@@@IAE@XZ
??0?$CXTPSingleton@VCXTPOpenGLListPool@@V?$CXTPSingletonDependencies@VCXTPDummySingletonDependency@@V1@V1@V1@V1@V1@V1@V1@V1@V1@@@@@IAE@XZ
??0?$CXTPSyntaxEditLexObj_SpecCollT@VCXTPSyntaxEditLexObj_Previous@XTPSyntaxEditLexAnalyser@@VCXTPSyntaxEditLexObj_Start@2@VCXTPSyntaxEditLexObj_End@2@VCXTPSyntaxEditLexObj_Token@2@VCXTPSyntaxEditLexObj_Skip@2@VCXTPSyntaxEditLexObj_ActiveTags@2@VCXTPSyntaxEditLexNULL@2@V82@V82@V82@@XTPSyntaxEditLexAnalyser@@QAE@ABV01@@Z
??0?$CXTPSyntaxEditLexObj_SpecCollT@VCXTPSyntaxEditLexObj_Previous@XTPSyntaxEditLexAnalyser@@VCXTPSyntaxEditLexObj_Start@2@VCXTPSyntaxEditLexObj_End@2@VCXTPSyntaxEditLexObj_Token@2@VCXTPSyntaxEditLexObj_Skip@2@VCXTPSyntaxEditLexObj_ActiveTags@2@VCXTPSyntaxEditLexNULL@2@V82@V82@V82@@XTPSyntaxEditLexAnalyser@@QAE@XZ
??0?$CXTPTypeIdProvider@VCXTPChart3dPieDeviceCommandEvents@@VCXTPChartDeviceCommandEvents@@@@IAE@XZ
??0?$CXTPTypeIdProvider@VCXTPChart3dPieDeviceCommandEvents@@VCXTPChartDeviceCommandEvents@@@@QAE@ABV0@@Z
??0?$CXTPTypeIdProvider@VCXTPChartDeviceCommandEvents@@V1@@@IAE@XZ
??0?$CXTPTypeIdProvider@VCXTPChartDeviceCommandEvents@@V1@@@QAE@ABV0@@Z
??0CAppearanceSetFlat@CXTPTabPaintManager@@QAE@$$QAV01@@Z
??0CAppearanceSetFlat@CXTPTabPaintManager@@QAE@ABV01@@Z
??0CAppearanceSetFlat@CXTPTabPaintManager@@QAE@XZ
??0CAppearanceSetPropertyPage2003@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPage2003@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPage2003@@QAE@XZ
??0CAppearanceSetPropertyPage2007@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPage2007@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPage2007@@QAE@XZ
??0CAppearanceSetPropertyPage@CXTPTabPaintManager@@QAE@$$QAV01@@Z
??0CAppearanceSetPropertyPage@CXTPTabPaintManager@@QAE@ABV01@@Z
??0CAppearanceSetPropertyPage@CXTPTabPaintManager@@QAE@XZ
??0CAppearanceSetPropertyPageAccess2007@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPageAccess2007@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPageAccess2007@@QAE@XZ
??0CAppearanceSetPropertyPageFlat@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPageFlat@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPageFlat@@QAE@XZ
??0CAppearanceSetPropertyPageSelected@@QAE@$$QAV0@@Z
??0CAppearanceSetPropertyPageSelected@@QAE@ABV0@@Z
??0CAppearanceSetPropertyPageSelected@@QAE@XZ
??0CAppearanceSetStateButtons@@QAE@$$QAV0@@Z
??0CAppearanceSetStateButtons@@QAE@ABV0@@Z
??0CAppearanceSetStateButtons@@QAE@XZ
??0CAppearanceSetVisio@@QAE@$$QAV0@@Z
??0CAppearanceSetVisio@@QAE@ABV0@@Z
??0CAppearanceSetVisio@@QAE@XZ
??0CAppearanceSetVisualStudio2005@@QAE@$$QAV0@@Z
??0CAppearanceSetVisualStudio2005@@QAE@ABV0@@Z
??0CAppearanceSetVisualStudio2005@@QAE@XZ
??0CCaptionButton@CXTPSkinObjectFrame@@QAE@ABV01@@Z
??0CCaptionButton@CXTPSkinObjectFrame@@QAE@HPAV1@IH@Z
??0CCheckListState@CXTPCheckListBox@@QAE@ABV01@@Z
??0CCheckListState@CXTPCheckListBox@@QAE@H@Z
??0CColorSetAccess2007@@QAE@$$QAV0@@Z
??0CColorSetAccess2007@@QAE@ABV0@@Z
??0CColorSetAccess2007@@QAE@XZ
??0CColorSetDefault@CXTPTabPaintManager@@QAE@$$QAV01@@Z
??0CColorSetDefault@CXTPTabPaintManager@@QAE@ABV01@@Z
??0CColorSetDefault@CXTPTabPaintManager@@QAE@XZ
??0CColorSetVisualStudio2003@@QAE@$$QAV0@@Z
??0CColorSetVisualStudio2003@@QAE@ABV0@@Z
??0CColorSetVisualStudio2003@@QAE@XZ
??0CColorSetVisualStudio2005@@QAE@$$QAV0@@Z
??0CColorSetVisualStudio2005@@QAE@ABV0@@Z
??0CColorSetVisualStudio2005@@QAE@XZ
??0CColorSetVisualStudio@@QAE@$$QAV0@@Z
??0CColorSetVisualStudio@@QAE@ABV0@@Z
??0CColorSetVisualStudio@@QAE@XZ
??0CColorSetWinNative@@QAE@ABV0@@Z
??0CColorSetWinNative@@QAE@XZ
??0CColorSetWinXP@@QAE@$$QAV0@@Z
??0CColorSetWinXP@@QAE@ABV0@@Z
??0CColorSetWinXP@@QAE@XZ
??0CFMFileInfo@CXTPSyntaxEditFileChangesMonitor@@QAE@ABV01@@Z
??0CFMFileInfo@CXTPSyntaxEditFileChangesMonitor@@QAE@XZ
??0CFontDesc@CXTPControlFontComboBoxList@@QAE@$$QAV01@@Z
??0CFontDesc@CXTPControlFontComboBoxList@@QAE@ABV01@@Z
??0CFontDesc@CXTPControlFontComboBoxList@@QAE@PB_W0EEK@Z
??0CFontDescHolder@CXTPControlFontComboBoxList@@QAE@XZ
??0CHeaderBackground@CTOHeader@CXTPCalendarTheme@@QAE@ABU012@@Z
??0CHeaderBackground@CTOHeader@CXTPCalendarTheme@@QAE@XZ
??0CHeaderText@CTOHeader@CXTPCalendarTheme@@QAE@ABU012@@Z
??0CHeaderText@CTOHeader@CXTPCalendarTheme@@QAE@XZ
??0CKeyAssign@CXTPShortcutManager@@QAE@PAV1@@Z
??0CKeyHelper@CXTPShortcutManager@@QAE@ABV01@@Z
??0CKeyHelper@CXTPShortcutManager@@QAE@PBVCXTPShortcutManagerAccel@@PAV1@@Z
??0CKeyNameText@CXTPShortcutManager@@QAE@XZ
??0CLogFont@CXTPPaintManager@@QAE@XZ
??0CManageState@CXTPResourceManager@@QAE@XZ
??0CMonthViewGrid@CXTPCalendarMonthView@@QAE@PAV1@@Z
??0CNavigateButtonActiveFiles@CXTPTabClientWnd@@QAE@$$QAV01@@Z
??0CNavigateButtonActiveFiles@CXTPTabClientWnd@@QAE@ABV01@@Z
??0CNavigateButtonActiveFiles@CXTPTabClientWnd@@QAE@PAVCXTPTabManager@@PAV1@@Z
??0CNonClientMetrics@CXTPPaintManager@@QAE@XZ
??0COLOR_CELL@CXTPColorSelectorCtrl@@QAE@XZ
??0CRepositionContext@CXTPTaskPanel@@QAE@PAV1@@Z
??0CRichEditContext@CXTPCommandBarEditCtrl@@QAE@ABV01@@Z
??0CRichEditContext@CXTPCommandBarEditCtrl@@QAE@XZ
??0CRstEvent@@QAE@PAVCXTPReportDataManager@@@Z
??0CShellMalloc@CXTPShellPidl@@QAE@ABV01@@Z
??0CShellMalloc@CXTPShellPidl@@QAE@XZ
??0CShellSpecialFolder@CXTPShellPidl@@QAE@ABV01@@Z
??0CShellSpecialFolder@CXTPShellPidl@@QAE@H@Z
??0CSingleWorkspace@CXTPTabClientWnd@@QAE@XZ
??0CStringPtrArray@CXTPSyntaxEditStringsManager@CXTPSyntaxEditBufferManager@@QAE@XZ
??0CTOCellDynBackground@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOColorsSet@CXTPCalendarTheme@@QAE@XZ
??0CTODay@CXTPCalendarTheme@@QAE@XZ
??0CTODay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayView@CXTPCalendarTheme@@QAE@XZ
??0CTODayView@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDay@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayGroup@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayGroup@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayGroupAllDayEvents@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayGroupAllDayEvents@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayGroupCell@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayGroupCell@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayGroupHeader@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayGroupHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewDayHeader@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewDayHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewEvent@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewEvent@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewEvent_MultiDay@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewEvent_MultiDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewEvent_SingleDay@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewEvent_SingleDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTODayViewTimeScale@CXTPCalendarTheme@@QAE@XZ
??0CTODayViewTimeScale@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOEvent@CXTPCalendarTheme@@QAE@XZ
??0CTOEvent@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOEventIconsToDraw@CXTPCalendarTheme@@QAE@XZ
??0CTOFormula_MulDivC@CXTPCalendarTheme@@QAE@XZ
??0CTOHeader@CXTPCalendarTheme@@QAE@XZ
??0CTOHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthView@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthView@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewDay@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewDayHeader@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewDayHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewEvent@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewEvent@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewEvent_MultiDay@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewEvent_MultiDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewEvent_SingleDay@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewEvent_SingleDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewWeekDayHeader@CXTPCalendarTheme@@QAE@XZ
??0CTOMonthViewWeekDayHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOMonthViewWeekHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOPrevNextEventButton@@QAE@XZ
??0CTOPrevNextEventButtons@@QAE@XZ
??0CTOWeekView@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekView@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewDay@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewDayHeader@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewDayHeader@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewEvent@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewEvent@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewEvent_MultiDay@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewEvent_MultiDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTOWeekViewEvent_SingleDay@CXTPCalendarTheme@@QAE@XZ
??0CTOWeekViewEvent_SingleDay@CXTPCalendarThemeOffice2007@@QAE@XZ
??0CTabClientDropTarget@CXTPTabClientWnd@@QAE@XZ
??0CThemeFontColorSet@CXTPCalendarTheme@@QAE@ABV01@@Z
??0CThemeFontColorSet@CXTPCalendarTheme@@QAE@XZ
??0CThemeFontColorSetValue@CXTPCalendarTheme@@QAE@$$QAV01@@Z
??0CThemeFontColorSetValue@CXTPCalendarTheme@@QAE@ABV01@@Z
??0CThemeFontColorSetValue@CXTPCalendarTheme@@QAE@XZ
??0CTrackArray@CXTPMouseManager@@QAE@XZ
??0CUpdateContext@CXTPCalendarControl@@QAE@PAV1@H@Z
??0CUpdateContext@CXTPReportControl@@QAE@PAV1@@Z
??0CWorkspace@CXTPTabClientWnd@@QAE@XZ
??0CXTButton@@QAE@PAUCRuntimeClass@@@Z
??0CXTButtonTheme@@QAE@XZ
??0CXTButtonThemeFactory@@QAE@XZ
??0CXTButtonThemeOffice2003@@QAE@H@Z
??0CXTButtonThemeOfficeXP@@QAE@H@Z
??0CXTColorRef@@QAE@HHH@Z
??0CXTColorRef@@QAE@K@Z
??0CXTColorRef@@QAE@XZ
??0CXTComboBoxEx@@QAE@XZ
??0CXTDateTimeCtrl@@QAE@XZ
??0CXTDisabledButtonTheme@@QAE@XZ
??0CXTFlatComboBox@@QAE@XZ
??0CXTFlatComboBoxTheme@@QAE@XZ
??0CXTFlatComboBoxThemeFactory@@QAE@XZ
??0CXTFlatComboBoxThemeOffice2003@@QAE@XZ
??0CXTFlatComboBoxThemeOfficeXP@@QAE@XZ
??0CXTFlatEdit@@QAE@XZ
??0CXTFlatEditTheme@@QAE@XZ
??0CXTFlatEditThemeFactory@@QAE@XZ
??0CXTFlatEditThemeOffice2003@@QAE@XZ
??0CXTFlatEditThemeOfficeXP@@QAE@XZ
??0CXTHtmlView@@IAE@XZ
??0CXTListViewHelper@@QAE@XZ
??0CXTMemDC@@QAE@PAVCDC@@ABVCRect@@VCXTPPaintManagerColorGradient@@H@Z
??0CXTMonthCalCtrl@@QAE@XZ
??0CXTOutBarCtrl@@QAE@XZ
??0CXTOutBarCtrlTheme@@QAE@XZ
??0CXTOutBarCtrlThemeFactory@@QAE@XZ
??0CXTOutBarCtrlThemeOffice2003@@QAE@XZ
??0CXTOutBarCtrlThemeOfficeXP@@QAE@XZ
??0CXTOutBarEditItem@@QAE@XZ
??0CXTOutBarFolder@@QAE@PB_WKPAVCXTOutBarCtrl@@@Z
??0CXTOutBarItem@@QAE@ABV0@@Z
??0CXTOutBarItem@@QAE@PB_WHK@Z
??0CXTPA2W@CXTPResourceManager@@QAE@PBD@Z
??0CXTPAccessible@@QAE@ABV0@@Z
??0CXTPAccessible@@QAE@XZ
??0CXTPActiveScriptEngine@@QAE@XZ
??0CXTPActiveScriptObjectContext@@AAE@PAVCXTPActiveScriptEngine@@PAUIDispatch@@@Z
??0CXTPActiveScriptStdRuntime@@QAE@XZ
??0CXTPAnimationDC@@QAE@PAUHDC__@@ABVCRect@@@Z
??0CXTPAnimationDC@@QAE@PAUHDC__@@ABVCRect@@ABVCXTPPaintManagerColorGradient@@H@Z
??0CXTPApplication@@AAE@XZ
??0CXTPArcBall@@QAE@$$QAV0@@Z
??0CXTPArcBall@@QAE@ABV0@@Z
??0CXTPArcBall@@QAE@XZ
??0CXTPArrowDrawer@@QAE@MMH@Z
??0CXTPAuxData@@AAE@XZ
??0CXTPBitmapDC@@QAE@PAVCDC@@PAUHBITMAP__@@@Z
??0CXTPBitmapDC@@QAE@PAVCDC@@PAVCBitmap@@@Z
??0CXTPBitmapDC@@QAE@XZ
??0CXTPBrowseButton@@QAE@XZ
??0CXTPBrowseDialog@@QAE@PAVCWnd@@@Z
??0CXTPBrowseEdit@@QAE@XZ
??0CXTPBrush@@QAE@HK@Z
??0CXTPBrush@@QAE@K@Z
??0CXTPBrush@@QAE@PAVCBitmap@@@Z
??0CXTPBrush@@QAE@XZ
??0CXTPBrushDC@@QAE@PAUHDC__@@K@Z
??0CXTPBufferDC@@QAE@AAVCPaintDC@@@Z
??0CXTPBufferDC@@QAE@PAUHDC__@@ABVCRect@@@Z
??0CXTPBufferDC@@QAE@PAUHDC__@@ABVCRect@@ABVCXTPPaintManagerColorGradient@@H@Z
??0CXTPBufferDCEx@@QAE@PAUHDC__@@VCRect@@@Z
??0CXTPButton@@QAE@XZ
??0CXTPButtonTheme@@QAE@XZ
??0CXTPButtonThemeFlat@@QAE@XZ
??0CXTPButtonThemeOffice2000@@QAE@XZ
??0CXTPButtonThemeOffice2003@@QAE@XZ
??0CXTPButtonThemeOffice2013@@QAE@XZ
??0CXTPButtonThemeOfficeXP@@QAE@XZ
??0CXTPButtonThemeResource@@QAE@XZ
??0CXTPButtonThemeUltraFlat@@QAE@XZ
??0CXTPButtonThemeVisualStudio2012@@QAE@H@Z
??0CXTPButtonThemeVisualStudio2015@@QAE@XZ
??0CXTPCalendarBusyStatusComboBox@@QAE@XZ
??0CXTPCalendarCaptionBarControl@@QAE@XZ
??0CXTPCalendarCaptionBarOffice2000Theme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarOffice2003Theme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarOffice2013Theme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarOfficeXPTheme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarPaintManager@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarResourceTheme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarCaptionBarTheme@@QAE@XZ
??0CXTPCalendarCaptionBarThemePart@@QAE@PAVCXTPCalendarCaptionBarTheme@@H@Z
??0CXTPCalendarCaptionBarVisualStudio2015Theme@@QAE@PAVCXTPCalendarCaptionBarTheme@@@Z
??0CXTPCalendarComboBoxBase@@QAE@XZ
??0CXTPCalendarControl@@QAE@XZ
??0CXTPCalendarControlView@@IAE@XZ
??0CXTPCalendarControlViewPrintOptions@@QAE@XZ
??0CXTPCalendarController@@QAE@XZ
??0CXTPCalendarCustomDataProvider@@QAE@XZ
??0CXTPCalendarCustomProperties@@QAE@H@Z
??0CXTPCalendarData@@QAE@XZ
??0CXTPCalendarDatabaseDataProvider@@QAE@XZ
??0CXTPCalendarDayView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarDayViewDay@@QAE@PAVCXTPCalendarDayView@@VCOleDateTime@ATL@@@Z
??0CXTPCalendarDayViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarDayViewGroup@@@Z
??0CXTPCalendarDayViewGroup@@QAE@PAVCXTPCalendarDayViewDay@@@Z
??0CXTPCalendarDayViewTimeScale@@QAE@PAVCXTPCalendarDayView@@HH@Z
??0CXTPCalendarEvent@@QAE@PAVCXTPCalendarData@@@Z
??0CXTPCalendarEventCategories@@QAE@XZ
??0CXTPCalendarEventCategory@@QAE@IPB_WKK@Z
??0CXTPCalendarEventCategory@@QAE@PAV0@@Z
??0CXTPCalendarEventCategoryComboBox@@QAE@XZ
??0CXTPCalendarEventCategoryIDs@@QAE@XZ
??0CXTPCalendarEventColorDlg@@QAE@HPAVCXTPCalendarControl@@PAVCWnd@@@Z
??0CXTPCalendarEventColorEdit@@QAE@H@Z
??0CXTPCalendarEventColorListBox@@QAE@XZ
??0CXTPCalendarEventColorNewDlg@@QAE@HPAVCWnd@@@Z
??0CXTPCalendarEventLabel@@QAE@HKPB_W@Z
??0CXTPCalendarEventLabel@@QAE@PAV0@@Z
??0CXTPCalendarEventLabelComboBox@@QAE@XZ
??0CXTPCalendarEventLabels@@QAE@XZ
??0CXTPCalendarEventPropertiesDlg@@QAE@PAVCXTPCalendarControl@@HPAVCWnd@@PAVCXTPCalendarEvent@@IVCOleDateTime@ATL@@@Z
??0CXTPCalendarEventRecurrenceDlg@@QAE@PAVCXTPCalendarEvent@@PAVCWnd@@I@Z
??0CXTPCalendarEvents@@QAE@XZ
??0CXTPCalendarIconIDs@@QAE@XZ
??0CXTPCalendarMAPIDataProvider@@QAE@XZ
??0CXTPCalendarMAPIWrapper@@QAE@ABV0@@Z
??0CXTPCalendarMAPIWrapper@@QAE@XZ
??0CXTPCalendarMemoryDataProvider@@QAE@XZ
??0CXTPCalendarMonthView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarMonthViewDay@@QAE@PBVCXTPCalendarMonthView@@HH@Z
??0CXTPCalendarMonthViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarMonthViewGroup@@@Z
??0CXTPCalendarMonthViewGroup@@QAE@PAVCXTPCalendarMonthViewDay@@@Z
??0CXTPCalendarMsgNotifier@@QAE@XZ
??0CXTPCalendarOccurSeriesChooseDlg@@QAE@PAVCWnd@@IPB_WI@Z
??0CXTPCalendarOffice2000Theme@@QAE@XZ
??0CXTPCalendarOffice2003Theme@@QAE@XZ
??0CXTPCalendarOffice2013Theme@@QAE@XZ
??0CXTPCalendarOfficeXPTheme@@QAE@XZ
??0CXTPCalendarOptions@@QAE@XZ
??0CXTPCalendarPageSetupDialog@@QAE@PAVCXTPCalendarControlViewPrintOptions@@KPAVCWnd@@@Z
??0CXTPCalendarPaintManager@@QAE@XZ
??0CXTPCalendarRecurrencePattern@@IAE@PAVCXTPCalendarData@@@Z
??0CXTPCalendarReminder@@QAE@PAVCXTPCalendarRemindersManager@@@Z
??0CXTPCalendarReminderForOccurrence@@QAE@ABV0@@Z
??0CXTPCalendarReminderForOccurrence@@QAE@XZ
??0CXTPCalendarReminderForOccurrenceArray@@QAE@XZ
??0CXTPCalendarReminders@@QAE@XZ
??0CXTPCalendarRemindersDialog@@QAE@PAVCWnd@@I@Z
??0CXTPCalendarRemindersManager@@QAE@XZ
??0CXTPCalendarResource@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarResourceDescription@@QAE@XZ
??0CXTPCalendarResourceTheme@@QAE@XZ
??0CXTPCalendarResources@@QAE@XZ
??0CXTPCalendarResourcesManager@@QAE@XZ
??0CXTPCalendarResourcesNf@@QAE@XZ
??0CXTPCalendarSchedule@@QAE@IPB_W@Z
??0CXTPCalendarSchedules@@QAE@XZ
??0CXTPCalendarShadowDrawer@@QAE@ABV0@@Z
??0CXTPCalendarShadowDrawer@@QAE@PAVCDC@@N@Z
??0CXTPCalendarTLV_TimeScaleParams@@QAE@HPAVCXTPCalendarTimeLineViewTimeScale@@@Z
??0CXTPCalendarTLV_TimeScaleParams_Day@@QAE@PAVCXTPCalendarTimeLineViewTimeScale@@@Z
??0CXTPCalendarTLV_TimeScaleParams_Month@@QAE@PAVCXTPCalendarTimeLineViewTimeScale@@@Z
??0CXTPCalendarTLV_TimeScaleParams_Week@@QAE@PAVCXTPCalendarTimeLineViewTimeScale@@@Z
??0CXTPCalendarTheme@@QAE@XZ
??0CXTPCalendarThemeBOOLValue@@QAE@$$QAV0@@Z
??0CXTPCalendarThemeBOOLValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeBOOLValue@@QAE@XZ
??0CXTPCalendarThemeFontValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeFontValue@@QAE@XZ
??0CXTPCalendarThemeIntValue@@QAE@$$QAV0@@Z
??0CXTPCalendarThemeIntValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeIntValue@@QAE@XZ
??0CXTPCalendarThemeOffice2007@@QAE@XZ
??0CXTPCalendarThemePart@@QAE@XZ
??0CXTPCalendarThemeRectValue@@QAE@$$QAV0@@Z
??0CXTPCalendarThemeRectValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeRectValue@@QAE@XZ
??0CXTPCalendarThemeStringValue@@QAE@$$QAV0@@Z
??0CXTPCalendarThemeStringValue@@QAE@ABV0@@Z
??0CXTPCalendarThemeStringValue@@QAE@XZ
??0CXTPCalendarTimeLineView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarTimeLineViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarTimeLineViewGroup@@@Z
??0CXTPCalendarTimeLineViewGroup@@QAE@PAVCXTPCalendarTimeLineView@@PAV0@@Z
??0CXTPCalendarTimeLineViewGroups@@QAE@XZ
??0CXTPCalendarTimeLineViewPart@@QAE@PAVCXTPCalendarViewPart@@@Z
??0CXTPCalendarTimeLineViewTimeScale@@QAE@PAVCXTPCalendarTimeLineView@@@Z
??0CXTPCalendarTimeLineViewTimeScalePart@@QAE@PAVCXTPCalendarViewPart@@@Z
??0CXTPCalendarTimeScalePropertiesDlg@@QAE@PAVCWnd@@I@Z
??0CXTPCalendarTimeZone@@QAE@PBU_TIME_ZONE_INFORMATION@@@Z
??0CXTPCalendarTimeZone@@QAE@PBV0@@Z
??0CXTPCalendarTimeZones@@QAE@XZ
??0CXTPCalendarTip@@QAE@XZ
??0CXTPCalendarUIntArray@@QAE@XZ
??0CXTPCalendarUtils@@AAE@XZ
??0CXTPCalendarView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarViewDay@@QAE@PBVCXTPCalendarView@@@Z
??0CXTPCalendarViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarViewGroup@@@Z
??0CXTPCalendarViewEventSubjectEditor@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarViewEventSubjectEditorColored@@QAE@PAVCXTPCalendarControl@@PAVCXTPCalendarViewEvent@@K@Z
??0CXTPCalendarViewEvents@@QAE@XZ
??0CXTPCalendarViewGroup@@QAE@PAVCXTPCalendarViewDay@@@Z
??0CXTPCalendarViewPart@@QAE@PAV0@@Z
??0CXTPCalendarViewPartBrushValue@@QAE@ABV0@@Z
??0CXTPCalendarViewPartBrushValue@@QAE@XZ
??0CXTPCalendarViewPartFontValue@@QAE@XZ
??0CXTPCalendarVisualStudio2015Theme@@QAE@XZ
??0CXTPCalendarWMHandler@@QAE@XZ
??0CXTPCalendarWeekView@@QAE@PAVCXTPCalendarControl@@@Z
??0CXTPCalendarWeekViewDay@@QAE@PAVCXTPCalendarWeekView@@@Z
??0CXTPCalendarWeekViewEvent@@QAE@PAVCXTPCalendarEvent@@PAVCXTPCalendarWeekViewGroup@@@Z
??0CXTPCalendarWeekViewGroup@@QAE@PAVCXTPCalendarWeekViewDay@@@Z
??0CXTPCaption@@QAE@XZ
??0CXTPCaptionButton@@QAE@XZ
??0CXTPCaptionButtonTheme@@QAE@XZ
??0CXTPCaptionButtonThemeOffice2003@@QAE@XZ
??0CXTPCaptionButtonThemeOfficeXP@@QAE@XZ
??0CXTPCaptionPopupWnd@@QAE@XZ
??0CXTPCaptionTheme@@QAE@XZ
??0CXTPCaptionThemeOffice2003@@QAE@XZ
??0CXTPCaptionThemeOfficeXP@@QAE@XZ
??0CXTPChart2dDiagram@@IAE@XZ
??0CXTPChart3dBox@@QAE@ABV0@@Z
??0CXTPChart3dBox@@QAE@XZ
??0CXTPChart3dDeviceCommand@@IAE@W4XTPChart3dAntialiasingPolicy@@@Z
??0CXTPChart3dDeviceContext@@IAE@PAVCXTPChartContainer@@PAUHDC__@@VCRect@@PAVCXTPChartDrawingObjectFactory@@@Z
??0CXTPChart3dDiagram@@IAE@XZ
??0CXTPChart3dDiagramView@@QAE@PAVCXTPChartDiagram@@PAVCXTPChartElementView@@@Z
??0CXTPChart3dLineDeviceCommand@@IAE@ABV?$CXTPPoint3T@N@@0ABVCXTPChartColor@@H@Z
??0CXTPChart3dPie@@QAE@NNABVCXTPChartEllipse@@HH@Z
??0CXTPChart3dPieDeviceCommand@@IAE@W4XTPChart3dAntialiasingPolicy@@ABV?$CXTPPoint3T@N@@NNNNNN@Z
??0CXTPChart3dPieDeviceCommandEvents@@IAE@XZ
??0CXTPChart3dPieDeviceCommandEvents@@QAE@$$QAV0@@Z
??0CXTPChart3dPieDeviceCommandEvents@@QAE@ABV0@@Z
??0CXTPChart3dPieDiagram@@QAE@XZ
??0CXTPChart3dPieDiagramView@@QAE@PAVCXTPChartDiagram@@PAVCXTPChartElementView@@@Z
??0CXTPChart3dPieSeriesLabel@@QAE@XZ
??0CXTPChart3dPieSeriesLabelDeviceCommand@@QAE@PAVCXTPChart3dPieSeriesLabelView@@@Z
??0CXTPChart3dPieSeriesLabelView@@QAE@PAVCXTPChartSeriesLabel@@PAVCXTPChartSeriesPointView@@PAVCXTPChartElementView@@@Z
??0CXTPChart3dPieSeriesLabelsView@@QAE@PAVCXTPChartElementView@@@Z
??0CXTPChart3dPieSeriesLabelsViewDeviceCommand@@QAE@PAVCXTPChart3dPieSeriesLabelsView@@@Z
??0CXTPChart3dPieSeriesPointView@@QAE@PAVCXTPChartSeriesPoint@@PAVCXTPChartElementView@@@Z
??0CXTPChart3dPieSeriesStyle@@QAE@XZ
??0CXTPChart3dPieSeriesView@@QAE@PAVCXTPChartSeries@@PAVCXTPChartDiagramView@@@Z
??0CXTPChart3dRotateDeviceCommand@@QAE@ABVCXTPChart3dRotation@@@Z
??0CXTPChart3dRotation@@QAE@ABV0@@Z
??0CXTPChart3dRotation@@QAE@NNN@Z
??0CXTPChart3dRotation@@QAE@XZ
??0CXTPChart3dTranslateDeviceCommand@@QAE@NNN@Z
??0CXTPChartAppearance@@QAE@PAVCXTPChartElement@@@Z
??0CXTPChartAreaSeriesStyle@@QAE@XZ
??0CXTPChartAreaSeriesView@@QAE@PAVCXTPChartSeries@@PAVCXTPChartDiagramView@@@Z
??0CXTPChartAxis@@QAE@PAVCXTPChartDiagram@@@Z
??0CXTPChartAxisAppearance@@QAE@PAVCXTPChartElement@@@Z
??0CXTPChartAxisConstantLine@@QAE@XZ
??0CXTPChartAxisConstantLines@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisCustomLabel@@QAE@XZ
??0CXTPChartAxisCustomLabels@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisGridLines@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisLabel@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisRange@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisStrip@@QAE@XZ
??0CXTPChartAxisStrips@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisTickMarks@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisTitle@@QAE@PAVCXTPChartAxis@@@Z
??0CXTPChartAxisView@@IAE@PAVCXTPChartAxis@@PAVCXTPChartElementView@@@Z
??0CXTPChartAxisViewTick@@QAE@$$QAV0@@Z
??0CXTPChartAxisViewTick@@QAE@ABV0@@Z

Sections

.text
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 165KB - Virtual size: 181KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 92B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 504KB - Virtual size: 504KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
chili.doc
mfc140u.dll
.dll windows:6 windows x86 arch:x86

Password: infected

97f1ff3f756feed89f7611714ac1b113

Code Sign

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/02/2023, 22:33

Not After

31/01/2024, 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7
Signer

Actual PE Digest

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7

Digest Algorithm

sha256

PE Digest Matches

true

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7
Signer

Actual PE Digest

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumValueW
RegQueryValueExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumKeyW
RegQueryValueW
RegSetValueW
GetFileSecurityW
SetFileSecurityW
IsTextUnicode
RegQueryValueExA
RegOpenKeyExA

kernel32

IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
ExpandEnvironmentStringsA
LoadLibraryExA
QueryPerformanceCounter
InitializeSListHead
OutputDebugStringW
TerminateProcess
LockResource
LoadResource
FindResourceW
GetLastError
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryA
LoadLibraryW
GetModuleFileNameW
OutputDebugStringA
MultiByteToWideChar
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
InitializeCriticalSection
DeleteFileW
MulDiv
VerSetConditionMask
VerifyVersionInfoW
FreeLibrary
CloseHandle
GetTempPathW
CreateFileW
SetFilePointer
Sleep
GetCurrentDirectoryW
lstrcmpW
GetSystemDirectoryW
LoadLibraryExW
DecodePointer
EncodePointer
GlobalFree
GetTickCount
GetWindowsDirectoryW
lstrcmpiW
SetThreadPriority
LocalAlloc
LocalFree
TlsAlloc
TlsFree
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalReAlloc
TlsSetValue
GetFileSize
GetFileAttributesW
GlobalSize
SearchPathW
GetLocaleInfoW
GetUserDefaultUILanguage
RaiseException
GetSystemInfo
VirtualQuery
GetSystemDefaultUILanguage
FormatMessageA
GetEnvironmentVariableA
GetEnvironmentVariableW
GlobalFlags
GlobalFindAtomW
GetSystemTime
LocalUnlock
LocalLock
GlobalGetAtomNameW
GetAtomNameW
SuspendThread
ResumeThread
SetEvent
CopyFileW
GetTickCount64
WaitForMultipleObjects
CreateEventW
ReleaseMutex
CreateMutexW
ReleaseSemaphore
CreateSemaphoreW
WaitForSingleObject
FormatMessageW
SetFileAttributesW
LocalFileTimeToFileTime
GetFileAttributesExW
GetFileSizeEx
FindNextFileW
SystemTimeToTzSpecificLocalTime
FileTimeToLocalFileTime
FileTimeToSystemTime
GetShortPathNameW
GetStringTypeExW
GetThreadLocale
FindClose
FindFirstFileW
GetVolumeInformationW
MoveFileW
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
WriteFile
ReadFile
GetCurrentProcess
DuplicateHandle
GetProfileIntW
SystemTimeToFileTime
ReplaceFileW
SetFileTime
GetFileTime
GetFullPathNameW
GetDiskFreeSpaceW
GetTempFileNameW
VirtualProtect
lstrcpyA
CompareStringW
IsDBCSLeadByte
GetCurrentThread
GetVersionExW
WideCharToMultiByte
lstrcmpA
CompareStringA
GlobalDeleteAtom
SetErrorMode
GetUserDefaultLCID
GetCurrentProcessId
GlobalAddAtomW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
FindResourceExW
SizeofResource

vcruntime140

__current_exception
__current_exception_context
_except_handler4_common
memcmp
wcsrchr
wcsstr
wcschr
_purecall
memmove
memset
memcpy
__std_terminate
__CxxFrameHandler3
__std_type_info_destroy_list
_CxxThrowException

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc
_recalloc
_expand
_msize
calloc

api-ms-win-crt-runtime-l1-1-0

__p___argc
_endthread
__p___wargv
_resetstkoflw
_errno
_beginthreadex
_initterm_e
_initterm
terminate
_cexit
_endthreadex
_beginthread
_invalid_parameter_noinfo
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
abort
__doserrno

api-ms-win-crt-string-l1-1-0

wcscspn
wcsspn
_strnicmp
_wcsupr_s
iswspace
wcscmp
wmemcpy_s
wcsnlen
toupper
wcscoll
_wcsicoll
wcsncmp
wcscpy_s
iswdigit
wcspbrk
iswalnum
iswprint
towupper
towlower
wcsncpy_s
strnlen
_wcslwr_s
wcscat_s
_wcsrev
wcslen
strcpy_s
_wcsdup
strlen
_wcsnicmp
iswalpha
_wcsicmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fgetws
fflush
fclose
fseek
__stdio_common_vsprintf_s
__stdio_common_vswscanf
_get_osfhandle
_fileno
_open_osfhandle
ftell
__stdio_common_vswprintf_s
__stdio_common_vswprintf
fread
fputws
feof
fwrite
clearerr_s
ferror
__stdio_common_vsnwprintf_s

api-ms-win-crt-utility-l1-1-0

labs
abs
rand_s
ldiv

api-ms-win-crt-convert-l1-1-0

_itow_s
wcstod
wcstoul
_wtol
wcstol
_ltow_s
_ultow_s
_wtoi

api-ms-win-crt-math-l1-1-0

ceil
exp
sqrt
atan2
cos
sin
floor
_fdopen
fabs

api-ms-win-crt-time-l1-1-0

_localtime64_s
_mktime64
clock
_time64

api-ms-win-crt-filesystem-l1-1-0

_wfullpath
_wsplitpath_s
_wmakepath_s

api-ms-win-crt-multibyte-l1-1-0

_mbscspn
_mbsicmp
_mbsstr
_ismbcspace
_mbsrchr
_mbscmp
_mbscoll
_mbschr
_mbspbrk
_mbsspn
_mbsinc
_mbsrev
_mbsicoll
_mbslwr_s
_mbsupr_s

user32

LoadAcceleratorsW
TranslateAcceleratorW
GetSystemMetrics
DestroyMenu
LoadMenuW
GetSubMenu
PostThreadMessageW
GetClassInfoW
DefWindowProcW
GetWindow
GetMenuItemCount
IsWindowVisible
IsIconic
GetForegroundWindow
DrawIcon
GetMonitorInfoW
MonitorFromPoint
SystemParametersInfoW
ValidateRect
SetLayeredWindowAttributes
CallNextHookEx
SetWindowsHookExW
UnhookWindowsHookEx
GetUpdateRect
UnionRect
SetWindowPos
LockWindowUpdate
GetKeyState
BeginDeferWindowPos
EndDeferWindowPos
AppendMenuW
CreatePopupMenu
IntersectRect
SetScrollPos
EnableMenuItem
GetNextDlgTabItem
GetSystemMenu
IsMenu
IsZoomed
ModifyMenuW
DeleteMenu
SetWindowRgn
DestroyAcceleratorTable
GetTopWindow
DestroyWindow
MonitorFromRect
EnumDisplayMonitors
GetSysColor
GetClassLongW
IsClipboardFormatAvailable
DestroyCursor
CreateAcceleratorTableW
CopyAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyW
CharUpperW
SetWindowTextW
GetMenuState
CheckMenuItem
SetFocus
GetMenuItemInfoW
DrawFrameControl
SubtractRect
GetLastActivePopup
GetMessageW
UpdateLayeredWindow
EnableScrollBar
GetScrollPos
GetMenuDefaultItem
SetMenuDefaultItem
HideCaret
InvertRect
EnumChildWindows
GetWindowTextW
GetDoubleClickTime
GetDC
ReleaseDC
GetWindowRgn
FrameRect
ShowScrollBar
IsWindowEnabled
InsertMenuW
GetActiveWindow
RegisterClipboardFormatW
GetComboBoxInfo
CharUpperBuffW
DrawEdge
PostQuitMessage
UnregisterClassW
GetCapture
GetWindowThreadProcessId
MessageBoxW
SetWindowLongW
SetMenuItemBitmaps
SetMenuItemInfoW
GetMenuCheckMarkDimensions
CallWindowProcW
SetActiveWindow
CreateMenu
MoveWindow
InvalidateRgn
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
GetWindowTextLengthW
GetTabbedTextExtentW
GetDlgItem
CreateDialogIndirectParamW
EndDialog
GetPropW
RemovePropW
SetPropW
MapDialogRect
GetMessageTime
GetMessagePos
GetDialogBaseUnits
GetDCEx
RemoveMenu
MsgWaitForMultipleObjectsEx
CharNextW
SetWindowContextHelpId
IsDialogMessageW
ClipCursor
SendNotifyMessageW
InSendMessage
GetMenuStringW
WindowFromDC
SetScrollRange
AdjustWindowRectEx
CountClipboardFormats
GetMenu
SetMenu
GetClassInfoExW
CreateWindowExW
SetWindowPlacement
TrackPopupMenuEx
RegisterClassW
WinHelpW
GetScrollRange
SetScrollInfo
GetScrollInfo
ScrollWindow
MonitorFromWindow
BeginPaint
EndPaint
SendDlgItemMessageA
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
GetMenuBarInfo
GetWindowDC
DefFrameProcW
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
CheckDlgButton
CheckRadioButton
GetDlgItemInt
GetDlgItemTextW
SendDlgItemMessageW
SetDlgItemInt
SetDlgItemTextW
IsDlgButtonChecked
ScrollWindowEx
RealChildWindowFromPoint
CharToOemBuffA
OemToCharBuffA
GetClientRect
KillTimer
SetRectEmpty
GetWindowRect
SendMessageW
InvalidateRect
IsWindow
SetRect
EnableWindow
IsCharLowerW
GetKeyNameTextW
GetKeyboardLayout
MapVirtualKeyExW
DrawStateW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetAsyncKeyState
GetDesktopWindow
WaitMessage
DispatchMessageW
TranslateMessage
PeekMessageW
SetForegroundWindow
LoadCursorW
GetFocus
IsChild
TrackPopupMenu
LoadIconW
GetNextDlgGroupItem
DrawFocusRect
SetCursor
GetWindowLongW
LoadImageW
CopyImage
GetIconInfo
FillRect
NotifyWinEvent
CopyRect
LoadBitmapW
MapWindowPoints
MessageBeep
SetCursorPos
WindowFromPoint
ClientToScreen
SetCapture
ReleaseCapture
CopyIcon
BringWindowToTop
RegisterWindowMessageW
DestroyIcon
GetClassNameW
SetParent
ShowWindow
GetWindowPlacement
IsRectEmpty
GetDlgCtrlID
PostMessageW
DeferWindowPos
EqualRect
GetSysColorBrush
SetClassLongW
GetParent
DrawIconEx
InflateRect
OffsetRect
PtInRect
UpdateWindow
SetTimer
TrackMouseEvent
ScreenToClient
ShowOwnedPopups
GetCursorPos
GetMenuItemID
RedrawWindow

gdi32

GetViewportOrgEx
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
LPtoDP
GetCharWidthW
CreateFontW
StretchDIBits
RoundRect
CreateEllipticRgn
CreateHatchBrush
ExtTextOutW
Polyline
SetDIBColorTable
GetDIBits
SelectPalette
StretchBlt
SetBkColor
CreateBitmap
EnumFontFamiliesExW
CreateRoundRectRgn
SetRectRgn
FillRgn
GetBoundsRect
CombineRgn
CreateRectRgn
PatBlt
DeleteDC
GetCurrentObject
EndDoc
EndPage
StartPage
ExtFloodFill
SetPaletteEntries
CreateDIBitmap
CreatePatternBrush
CreatePen
EnumFontFamiliesW
GetTextCharsetInfo
GetDeviceCaps
CreateFontIndirectW
GetBkColor
SetPixel
Ellipse
CreateDIBSection
OffsetRgn
CreateRectRgnIndirect
GetRgnBox
BitBlt
SetPixelV
CreateCompatibleBitmap
FrameRgn
PtInRegion
CreatePolygonRgn
GetPixel
GetSystemPaletteEntries
GetNearestPaletteIndex
RealizePalette
CreatePalette
GetPaletteEntries
GetStockObject
Rectangle
RectVisible
GetTextColor
GetObjectType
DeleteObject
SelectObject
CreateCompatibleDC
GetObjectW
CreateSolidBrush
GetTextExtentPoint32W
GetTextMetricsW
Escape
TextOutW
GetClipBox
GetTextAlign
GetCurrentPositionEx
MoveToEx
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
GetROP2
GetBkMode
GetPolyFillMode
GetStretchBltMode
GetNearestColor
GetTextFaceW
GetWindowExtEx
GetViewportExtEx
SetTextColor
SetMapMode
SetWindowExtEx
ScaleWindowExtEx
GetWindowOrgEx
SetWindowOrgEx
IntersectClipRect
CreateDCW
SetBrushOrgEx
SetAbortProc
StartDocW
DPtoLP
AbortDoc
CopyMetaFileW
UnrealizeObject
SetBkMode
SetPolyFillMode
SetROP2
SetStretchBltMode
SetGraphicsMode
SetWorldTransform
ModifyWorldTransform
OffsetWindowOrgEx
SelectClipRgn
ExcludeClipRect
OffsetClipRgn
LineTo
SetTextAlign
SetTextJustification
SetTextCharacterExtra
SetMapperFlags
GetLayout
SetLayout
ArcTo
SetArcDirection
PolyDraw
PolylineTo
SetColorAdjustment
PolyBezierTo
SelectClipPath
GetClipRgn
ExtSelectClipRgn
PlayMetaFileRecord
PlayMetaFile
EnumMetaFile
ExtCreatePen
CreateDIBPatternBrushPt
GetMapMode
PtVisible
Polygon

ole32

OleRegGetMiscStatus
CoCreateInstance
OleRegEnumVerbs
CoDisconnectObject
CoRegisterMessageFilter
CoTreatAsClass
SetConvertStg
WriteFmtUserTypeStg
OleDuplicateData
WriteClassStg
GetRunningObjectTable
OleTranslateAccelerator
IsAccelerator
OleUninitialize
CoInitialize
OleInitialize
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemFree
RegisterDragDrop
CoLockObjectExternal
OleDraw
DoDragDrop
CoGetMalloc
StgOpenStorage
StgIsStorageFile
StgCreateDocfile
OleIsCurrentClipboard
CoCreateGuid
CoUninitialize
OleSetClipboard
OleGetClipboard
OleRegGetUserType
GetClassFile
CreateBindCtx
CreateFileMoniker
OleRun
OleIsRunning
OleQueryLinkFromData
PropVariantClear
RevokeDragDrop
OleQueryCreateFromData
OleSetMenuDescriptor
CreateGenericComposite
CreateItemMoniker
WriteClassStm
OleGetIconOfClass
GetHGlobalFromILockBytes
ReadClassStg
OleLoad
OleSave
OleCreate
OleCreateLinkToFile
OleCreateFromFile
OleCreateStaticFromData
OleCreateLinkFromData
OleCreateFromData
OleSetContainedObject
StringFromCLSID
OleLockRunning
StgOpenStorageOnILockBytes
CLSIDFromString
CLSIDFromProgID
PropVariantCopy
CoInitializeEx
CoGetClassObject
StringFromGUID2
ReadFmtUserTypeStg
OleLoadFromStream
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
ReadClassStm
OleSaveToStream
CreateOleAdviseHolder
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
ReleaseStgMedium
CoTaskMemAlloc
CreateDataAdviseHolder
CreateDataCache
CreateStreamOnHGlobal
CoFreeUnusedLibraries
OleFlushClipboard

oleaut32

SysAllocStringLen
SysAllocString
SysStringLen
SysFreeString
VariantChangeType
VariantClear
VariantTimeToSystemTime
SystemTimeToVariantTime
VarParseNumFromStr
SafeArrayCreateVector
VarBstrFromDec
VarDecFromStr
VarDateFromStr
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayUnlock
SafeArrayLock
SafeArrayPutElement
SafeArrayPtrOfIndex
SafeArrayGetElement
SafeArrayAllocDescriptor
SafeArrayAllocData
SafeArrayCopy
VarBstrFromCy
VarCyFromStr
SysReAllocStringLen
SysAllocStringByteLen
SafeArrayRedim
SafeArrayCreate
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetDim
SysStringByteLen
SafeArrayDestroy
VariantCopy
VarBstrCmp
DispCallFunc
VariantInit
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
OleLoadPicture
OleCreatePictureIndirect
OleCreateFontIndirect
OleTranslateColor
OleCreatePropertyFrame
VarBstrFromDate

shlwapi

StrFormatKBSizeW
PathFindExtensionW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
UrlUnescapeW

imm32

ImmGetOpenStatus
ImmReleaseContext
ImmGetContext

uxtheme

DrawThemeParentBackground
GetWindowTheme
DrawThemeBackground
GetThemeColor
OpenThemeData
CloseThemeData
GetCurrentThemeName
GetThemeSysColor
DrawThemeText
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
IsAppThemed

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 1024B - Virtual size: 676B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 231KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcp140.dll
.dll windows:6 windows x86 arch:x86

Password: infected

24216706a255de110587649ff38455df

Code Sign

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/02/2023, 22:33

Not After

31/01/2024, 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cd:45:24:8b:67:70:0a:4a:28:96:86:75:3b:da:5a:31:5b:2c:39:43:8d:50:46:0a:4d:50:f9:02:dc:11:6a:33
Signer

Actual PE Digest

cd:45:24:8b:67:70:0a:4a:28:96:86:75:3b:da:5a:31:5b:2c:39:43:8d:50:46:0a:4d:50:f9:02:dc:11:6a:33

Digest Algorithm

sha256

PE Digest Matches

true

cd:45:24:8b:67:70:0a:4a:28:96:86:75:3b:da:5a:31:5b:2c:39:43:8d:50:46:0a:4d:50:f9:02:dc:11:6a:33
Signer

Actual PE Digest

cd:45:24:8b:67:70:0a:4a:28:96:86:75:3b:da:5a:31:5b:2c:39:43:8d:50:46:0a:4d:50:f9:02:dc:11:6a:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

vcruntime140

_except_handler4_common
__current_exception_context
memcmp
__uncaught_exceptions
__uncaught_exception
memchr
memmove
__std_terminate
_purecall
memset
memcpy
__CxxFrameHandler3
_CxxThrowException
__AdjustPointer
__current_exception
__std_exception_destroy
__std_type_info_destroy_list
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free
_callnewh
calloc

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_initterm
_invalid_parameter_noinfo_noreturn
_seh_filter_dll
_cexit
_errno
_endthreadex
_beginthreadex
terminate
_set_new_handler
abort
_crt_atexit
_execute_onexit_table
_register_onexit_function

api-ms-win-crt-string-l1-1-0

isxdigit
isalnum
tolower
__strncnt
wcsnlen
isupper
iswxdigit
iswspace
wcscpy_s
isspace
isdigit
iswalnum
_wcsdup
iswdigit
islower
strcspn

api-ms-win-crt-locale-l1-1-0

_lock_locales
___lc_locale_name_func
___lc_codepage_func
localeconv
__pctype_func
setlocale
_unlock_locales
___mb_cur_max_func
___lc_collate_cp_func

api-ms-win-crt-stdio-l1-1-0

fputs
fgetwc
fputwc
ungetwc
fseek
_fsopen
_wfsopen
__stdio_common_vsprintf_s
__acrt_iob_func
_get_stream_buffer_pointers
fclose
fflush
fgetc
fgetpos
fputc
fread
fsetpos
_fseeki64
fwrite
setvbuf
ungetc

api-ms-win-crt-filesystem-l1-1-0

_wrename
_unlock_file
_wrmdir
_wremove
_wchdir
_lock_file

api-ms-win-crt-time-l1-1-0

_W_Getmonths
_W_Getdays
_W_Gettnames
_Wcsftime
_Gettnames
_Getmonths
_Getdays
_Strftime

api-ms-win-crt-environment-l1-1-0

_wgetcwd

api-ms-win-crt-math-l1-1-0

copysign
copysignf
_CIlog
ldexp
frexp
_CIpow

api-ms-win-crt-convert-l1-1-0

btowc
strtof
strtod

api-ms-win-crt-utility-l1-1-0

rand_s

kernel32

LeaveCriticalSection
CompareStringEx
MultiByteToWideChar
GetCPInfo
WideCharToMultiByte
LCMapStringEx
GetLocaleInfoEx
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesExW
GetFileInformationByHandle
SetFileAttributesW
InitializeSListHead
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetFileInformationByHandleEx
GetProcAddress
GetModuleHandleW
CloseThreadpoolWait
SetThreadpoolWait
CreateThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CreateThreadpoolTimer
GetTickCount64
GetSystemTimeAsFileTime
GetCurrentProcessorNumber
FlushProcessWriteBuffers
CreateSemaphoreExW
CreateEventExW
GetTempPathW
InitOnceExecuteOnce
GetStringTypeW
DeleteCriticalSection
InitializeCriticalSectionEx
RaiseException
EnterCriticalSection
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleExW
CloseThreadpoolWork
SubmitThreadpoolWork
CreateThreadpoolWork
FreeLibraryWhenCallbackReturns
IsProcessorFeaturePresent
RtlCaptureStackBackTrace
TryAcquireSRWLockExclusive
InitializeSRWLock
GetNativeSystemInfo
GetExitCodeThread
GetCurrentThreadId
SwitchToThread
Sleep
WaitForSingleObjectEx
SleepConditionVariableSRW
WakeAllConditionVariable
WakeConditionVariable
InitializeConditionVariable
FormatMessageA
LocalFree
DecodePointer
EncodePointer
CreateSymbolicLinkW
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
AreFileApisANSI
SetFileTime
SetFileInformationByHandle

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@G@std@@QAE@ABV01@@Z
??0?$_Yarn@G@std@@QAE@PBG@Z
??0?$_Yarn@G@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@ABV01@@Z
??0?$_Yarn@_W@std@@QAE@PB_W@Z
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_SDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@KW4_Codecvt_mode@1@I@Z
??0?$codecvt@_UDU_Mbstatet@@@std@@QAE@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0task_continuation_context@Concurrency@@AAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@G@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@GDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_SDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_UDU_Mbstatet@@@std@@MAE@XZ
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@$$QAV01@@Z
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@G@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@G@std@@QAEAAV01@PBG@Z
??4?$_Yarn@_W@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Crt_new_delete@std@@QAEAAU01@$$QAU01@@Z
??4_Crt_new_delete@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDU_Mbstatet@@@std@@6B@
??_7?$codecvt@GDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_SDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_UDU_Mbstatet@@@std@@6B@
??_7?$codecvt@_WDU_Mbstatet@@@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@GDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_SDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_UDU_Mbstatet@@@std@@QAEXXZ
??_F?$codecvt@_WDU_Mbstatet@@@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AAEXXZ
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Assign@_ContextCallback@details@Concurrency@@AAEXPAX@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@G@std@@QBEPBGXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QBEXV?$function@$$A6AXXZ@std@@_N@Z
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Capture@_ContextCallback@details@Concurrency@@AAEXXZ
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@G@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDI@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDI@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDI@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_SDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_UDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z
?_Getlconv@_Locinfo@std@@QBEPBUlconv@@XZ
?_Getmonths@_Locinfo@std@@QBEPBDXZ
?_Getname@_Locinfo@std@@QBEPBDXZ
?_Getptr@_Timevec@std@@QBEPAXXZ
?_Gettnames@_Locinfo@std@@QBE?AV_Timevec@2@XZ
?_Gettrue@_Locinfo@std@@QBEPBDXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IBE_JXZ
?_Gnavail@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IBE_JXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gndec@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gndec@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Gnpreinc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnpreinc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEPAGXZ
?_Gnpreinc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Id_cnt@id@locale@std@@0HA
?_Ifmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Ifmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADPBDH@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Index@ios_base@std@@0HA

Sections

.text
Size: 390KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
terrine.yml
vcruntime140.dll
.dll windows:6 windows x86 arch:x86

Password: infected

2262054530b5f8bbeb0c4e3a111a37eb

Code Sign

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/02/2023, 22:33

Not After

31/01/2024, 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4
Signer

Actual PE Digest

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4

Digest Algorithm

sha256

PE Digest Matches

true

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4
Signer

Actual PE Digest

57:9f:e4:21:b8:c6:d8:b4:2f:67:93:16:5a:44:7a:0e:0f:92:3b:62:4e:44:d2:ff:e9:16:74:72:cf:19:2b:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

LeaveCriticalSection
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
GetModuleHandleW
GetModuleFileNameW
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
RtlUnwind
VirtualQuery
EncodePointer
InterlockedPushEntrySList
InterlockedFlushSList
RaiseException
EnterCriticalSection
TlsGetValue
DeleteCriticalSection
GetLastError
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsSetValue

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_chkesp
_except_handler2
_except_handler3
_except_handler4_common
_get_purecall_handler
_get_unexpected
_global_unwind2
_is_exception_typeof
_local_unwind2
_local_unwind4
_longjmpex
_purecall
_seh_longjmp_unwind
_seh_longjmp_unwind4
_set_purecall_handler
_set_se_translator
_setjmp3
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

2c35c66db79673bb21a8340eb667ecbc

Code Sign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

09:03:ef:1a:2c:f5:ad:30:2c:65:e7:c4:99:c4:3d:18:86:4f:c1:4e:ef:f5:ee:da:f0:83:be:68:3b:1b:b8:65Signer

Headers

DLL Characteristics

File Characteristics

Imports

mfc140u

kernel32

user32

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

toolkitpro1840vc140u

msvcp140

rpcrt4

wininet

vcruntime140

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-multibyte-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Sections

.text Size: 190KB - Virtual size: 189KB

.rdata Size: 45KB - Virtual size: 44KB

.data Size: 2KB - Virtual size: 3KB

.gfids Size: 512B - Virtual size: 72B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 1.2MB - Virtual size: 1.2MB

.reloc Size: 16KB - Virtual size: 16KB

Password: infected

4b8c91e7fd28dcf79d699c9f9f735f63

Code Sign

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4aCertificate

Key Usages

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28Certificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

83:78:b9:74:5a:64:fb:c7:4b:4c:46:d0:ad:6b:4a:91:e4:f0:2a:b1:6e:91:42:3b:f1:bb:61:98:1f:82:4d:d1Signer

Headers

DLL Characteristics

File Characteristics

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

09:03:ef:1a:2c:f5:ad:30:2c:65:e7:c4:99:c4:3d:18:86:4f:c1:4e:ef:f5:ee:da:f0:83:be:68:3b:1b:b8:65
Signer

.text
Size: 190KB - Virtual size: 189KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 2KB - Virtual size: 3KB

.gfids
Size: 512B - Virtual size: 72B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 16KB - Virtual size: 16KB

18:da:d1:9e:26:7d:e8:bb:4a:21:58:cd:cc:6b:3b:4a
Certificate

08:8a:ef:a9:cb:ae:72:43:05:6e:30:d1:5b:c2:81:28
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

83:78:b9:74:5a:64:fb:c7:4b:4c:46:d0:ad:6b:4a:91:e4:f0:2a:b1:6e:91:42:3b:f1:bb:61:98:1f:82:4d:d1
Signer

.text
Size: 5.8MB - Virtual size: 5.8MB

.rdata
Size: 3.7MB - Virtual size: 3.7MB

.data
Size: 165KB - Virtual size: 181KB

.gfids
Size: 512B - Virtual size: 92B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

.reloc
Size: 504KB - Virtual size: 504KB

33:00:00:00:e5:ce:9e:eb:de:4d:48:35:f4:00:00:00:00:00:e5
Certificate

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7
Signer

47:d6:5c:47:1a:f3:9d:01:f2:71:75:96:21:64:9d:a7:85:20:32:e1:f1:1b:45:a0:c1:97:7f:89:b1:e2:6e:a7
Signer