Helper[.]exe | Triage

Resubmissions

13/02/2024, 10:07

240213-l5na6sfb7x 8

13/02/2024, 10:00

240213-l1v58afa61 8

Sharing

Copy URL Twitter E-mail

General

Target

Helper.exe
Size

14.6MB
MD5

bf2eae7caf9b1974dfdb3e0650a5c2d4
SHA1

e404b90f48cf9420342d517347b04cb789346e38
SHA256

3deaa6334651dad91c2b0587cc097e9532904e4f6aabf06a8a0518ac41f3a2a1
SHA512

ad4e5d011ac28e8330686cbacf1c33ab9260ff2c9ce41d91c04e77c94444eda36ebb080304734e21a9e8d7af453fe21db99b3f26dd2928410972f7b4759c50a2
SSDEEP

393216:MCkNRQDn2q+/FhOGyXRNzq+3rdHmqo08YGicez6nlug:MCUwnoYNHBHmqo08YJz6nlT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Helper.exe

Files

Helper.exe
.exe windows:4 windows x86 arch:x86

7eae418c7423834ffc3d79b4300bd6fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEnvironmentVariableW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
SetCurrentDirectoryW
GetFileAttributesW
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
GetVersion
SetErrorMode
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
ExitProcess
MoveFileW
CreateThread
GetLastError
CreateDirectoryW
CreateProcessW
RemoveDirectoryW
lstrcmpiA
CreateFileW
GetTempFileNameW
WriteFile
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
lstrcmpiW
lstrcmpW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
ExpandEnvironmentStringsW
GlobalFree
GlobalLock
GlobalUnlock
GlobalAlloc
DeleteFileW
FindFirstFileW
FindNextFileW
FindClose
SetFilePointer
ReadFile
MulDiv
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
WritePrivateProfileStringW
FreeLibrary
GetPrivateProfileStringW
GetModuleHandleW
LoadLibraryExW

user32

GetWindowRect
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongW
SetCursor
LoadCursorW
CheckDlgButton
GetMessagePos
CallWindowProcW
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
ScreenToClient
EnableMenuItem
GetDlgItem
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharPrevW
CharNextA
wsprintfA
DispatchMessageW
PeekMessageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
SystemParametersInfoW
EndDialog
RegisterClassW
DialogBoxParamW
CreateWindowExW
GetClassInfoW
DestroyWindow
CharNextW
ExitWindowsEx
SetWindowTextW
LoadImageW
SetTimer
ShowWindow
PostQuitMessage
wsprintfW
SetWindowLongW
FindWindowExW
IsWindow
CreatePopupMenu
AppendMenuW
GetSystemMetrics
DrawTextW
EndPaint
CreateDialogParamW
SendMessageTimeoutW
SetForegroundWindow

gdi32

SelectObject
SetTextColor
SetBkMode
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor

shell32

ShellExecuteExW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFileInfoW
SHFileOperationW
SHBrowseForFolderW

advapi32

AdjustTokenPrivileges
RegCreateKeyExW
RegOpenKeyExW
SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
RegEnumValueW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegEnumKeyW

comctl32

ImageList_Create
ImageList_AddMasked
ord17
ImageList_Destroy

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CoCreateInstance

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 451KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 672KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
packages/AAM/IPC/IPC.pima
.zip
AdobeIPCBroker.exe
.exe windows:6 windows x86 arch:x86

b78757e60c78fbd8d0549e7a1e0d29a1

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/10/2018, 00:00

Not After

03/11/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43
Signer

Actual PE Digest

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdobeIPCBroker.pdb

Imports

ws2_32

htonl
getsockopt
ioctlsocket
connect
closesocket
listen
getsockname
bind
WSAGetLastError
WSASetLastError
WSAStartup
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
send
select
recv
ntohs
inet_ntoa
inet_addr
htons
__WSAFDIsSet

kernel32

GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetLastError
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
FindFirstFileW
FindNextFileW
InitializeCriticalSectionEx
FindClose
RaiseException
DecodePointer
ReleaseMutex
CreateMutexA
Sleep
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
CreateMutexW
FreeLibrary
CreateProcessW
GetProcAddress
CloseHandle
LoadLibraryA
MultiByteToWideChar
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
InitializeCriticalSection
GetThreadPriority
HeapSize
HeapFree
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
FindNextFileA
SwitchToThread
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentVariableW
GetCurrentProcessId
ReadFile
WriteFile
ConnectNamedPipe
GetOverlappedResult
OpenProcess
QueryFullProcessImageNameW
GetNamedPipeServerProcessId
GetLocalTime
GetCurrentThread
GetTickCount
GetEnvironmentStringsW
SetStdHandle
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
SetEndOfFile
SetFilePointerEx
UnlockFile
GetTempPathW
DuplicateHandle
PeekNamedPipe
CreateNamedPipeW
SetEvent
ResetEvent
CreateEventW
GetCurrentProcess
SetThreadPriority
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleHandleExW
LoadLibraryExW
WaitForMultipleObjects
GetNamedPipeInfo
LocalAlloc
LocalReAlloc
LocalFree
FormatMessageW
LCMapStringW
SetFilePointer
RtlCaptureStackBackTrace
TerminateProcess
GlobalAlloc
GlobalFree
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
QueryPerformanceCounter
IsDebuggerPresent
GetStartupInfoW
WideCharToMultiByte
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CompareStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedPushEntrySList
GetDriveTypeW
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetFullPathNameA
HeapAlloc
FindFirstFileExA

user32

SetWindowLongW
RegisterClassW
CreateWindowExW
SetTimer
KillTimer
TranslateMessage
DispatchMessageW
PostMessageW
PostQuitMessage
DestroyWindow
MsgWaitForMultipleObjectsEx
GetWindowLongW
GetShellWindow
EnumWindows
GetWindowThreadProcessId
DefWindowProcW
PeekMessageW

advapi32

GetUserNameW
RegCloseKey
CreateProcessWithTokenW
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
OleRun
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

shell32

ShellExecuteExW
SHCreateDirectoryExW
CommandLineToArgvW

Sections

.text
Size: 748KB - Virtual size: 747KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/AdobeIPCBrokerCustomHook.exe
.exe windows:6 windows x86 arch:x86

85aa1a3ec9a324deb93be1db280c6b57

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/10/2018, 00:00

Not After

03/11/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54
Signer

Actual PE Digest

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdobeIPCBrokerCustomHook.pdb

Imports

shlwapi

PathAppendW

kernel32

RaiseException
HeapSize
TerminateProcess
GetTempPathW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CloseHandle
CreateFileW
ReadConsoleW
WriteConsoleW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
SetEndOfFile
GetLastError
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
SetFilePointerEx
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle

user32

FindWindowExW
PostMessageW

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/AAM/IPC/IPC.pimx
packages/AAM/IPC/IPC.sig
.xml
packages/ADC/Core/Core.pima
.zip
placeholder.txt
packages/ADC/Core/Core.pimx
.xml
packages/ADC/Core/Core.sig
.xml
packages/ADC/HDBox/HDBox.pima
.zip
Adobe Update Helper.exe
.exe windows:5 windows x86 arch:x86

725e38d4598d66912b71e930ae1b0342

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5c:12:9b:b9:f3:ca:b1:11:86:2a:1a:18:f1:c0:dc:ec:a8:3e:ae:0e:4a:af:66:ae:2b:a7:9b:06:25:21:a3:91
Signer

Actual PE Digest

5c:12:9b:b9:f3:ca:b1:11:86:2a:1a:18:f1:c0:dc:ec:a8:3e:ae:0e:4a:af:66:ae:2b:a7:9b:06:25:21:a3:91

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\UpdateURIHandler\UpdateURIHandler\Adobe Update Helper.pdb

Imports

kernel32

ReadFile
GetCurrentProcess
WaitForSingleObject
CreateProcessW
GetModuleHandleW
GetVersionExW
MoveFileExW
LocalFree
CloseHandle
DeleteFileW
FormatMessageW
SetFileAttributesW
GetFileAttributesW
lstrcmpW
CreateFileW
FindClose
GetTempPathW
GetModuleFileNameW
RemoveDirectoryW
FindNextFileW
SetLastError
FindFirstFileW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
GetProcAddress
InitializeCriticalSectionEx
WriteConsoleW
GetConsoleOutputCP
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
GetCommandLineW
GetCommandLineA
ExitProcess
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetTimeZoneInformation
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
GetStartupInfoW
InitializeSListHead
FreeLibrary
LoadLibraryA
LCMapStringW
GetUserDefaultLCID
Sleep
SizeofResource
GetFullPathNameW
WriteFile
LockResource
LoadResource
FindResourceW
GetFileSize
FlushFileBuffers
GetUserDefaultLangID
GetUserDefaultUILanguage
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
SetFilePointer
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetFileInformationByHandle
HeapFree
TerminateProcess
OpenProcess
HeapSize
CreateEventW
SetEvent
GlobalAlloc
GlobalFree
HeapReAlloc
CreateThread
ResetEvent
HeapAlloc
HeapDestroy
GetProcessHeap
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryW
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
GetStringTypeW
EncodePointer
LCMapStringEx
GetCPInfo
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount

user32

GetWindowThreadProcessId
MessageBoxW
GetShellWindow
AllowSetForegroundWindow
EnumWindows

advapi32

EqualSid
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
DuplicateTokenEx
FreeSid
AllocateAndInitializeSid
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetTokenInformation

shell32

SHGetPathFromIDListW
SHGetFolderPathW
SHCreateDirectoryExW
SHGetFolderLocation
SHGetSpecialFolderPathW

ole32

CoCreateInstance
StringFromGUID2
CLSIDFromProgID
OleRun
CoCreateGuid
CoTaskMemFree
CoInitialize
CLSIDFromString
CoUninitialize

oleaut32

SysStringLen
SysFreeString
SysAllocString
GetErrorInfo
VariantClear

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

InternetCanonicalizeUrlW

shlwapi

PathIsDirectoryW
PathFindFileNameW
PathFileExistsW
PathIsRootW
PathAppendW
PathRenameExtensionW
PathRemoveFileSpecW
PathFileExistsA
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW
PathIsSystemFolderW

Sections

.text
Size: 971KB - Virtual size: 971KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRClient.dll
.dll windows:6 windows x86 arch:x86

e85acdc65f4a1f62f6ed3dfa469bd2cf

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fc:2e:89:cc:38:15:aa:ac:27:c6:a1:e6:8a:26:35:84:61:93:56:85:08:72:40:1e:e6:b1:49:3b:ba:99:95:ee
Signer

Actual PE Digest

fc:2e:89:cc:38:15:aa:ac:27:c6:a1:e6:8a:26:35:84:61:93:56:85:08:72:40:1e:e6:b1:49:3b:ba:99:95:ee

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\Win32\Release\CRClient.pdb

Imports

dbghelp

StackWalk64
SymGetModuleBase64
SymFunctionTableAccess64
SymInitialize
SymGetModuleInfo64
SymFromAddr

kernel32

GetCurrentProcess
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
FindResourceExW
GetModuleHandleW
CloseHandle
CreateThread
WaitForSingleObject
GetModuleFileNameW
FreeLibrary
ReadFile
GetCurrentThreadId
ReadProcessMemory
TerminateProcess
GetCurrentProcessId
TerminateThread
OpenThread
GetThreadId
GetProcessId
K32GetModuleFileNameExW
SuspendThread
GetThreadContext
ResumeThread
VirtualProtect
LocaleNameToLCID
WerRegisterRuntimeExceptionModule
WerUnregisterRuntimeExceptionModule
WideCharToMultiByte
VerSetConditionMask
VerifyVersionInfoW
CreateProcessW
CreateNamedPipeW
WriteFile
FlushFileBuffers
DisconnectNamedPipe
CreateFileW
GetFileAttributesExW
CreateEventW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WaitForSingleObjectEx
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LoadLibraryW
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionEx
WriteProcessMemory
GetLastError
RaiseException
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
ConnectNamedPipe
IsDebuggerPresent

user32

IsHungAppWindow
DisableProcessWindowsGhosting
MessageBoxW
GetWindowTextW
GetWindowTextLengthW
ReleaseDC
DrawIconEx
GetSysColor
GetDC
SetFocus
GetDlgCtrlID
IsDlgButtonChecked
PostMessageW
ShowWindow
GetSystemMenu
EnableMenuItem
EnableWindow
CheckDlgButton
IsWindowVisible
EndDialog
GetWindow
SetWindowTextW
SetDlgItemTextW
SetWindowPos
OffsetRect
CopyRect
GetDesktopWindow
GetKeyState
GetDlgItem
GetWindowLongW
GetParent
SetCursor
LoadCursorW
ReleaseCapture
PtInRect
ClientToScreen
GetWindowRect
SetCapture
InvalidateRect
GetCapture
SendMessageW
SetWindowLongW
CallWindowProcW
GetWindowThreadProcessId
EnumWindows
GetSysColorBrush
SetPropW
RemovePropW
DialogBoxIndirectParamW
GetPropW

gdi32

DeleteDC
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetBkMode
CreateFontIndirectW
GetObjectW
SetTextColor
DeleteObject

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetKnownFolderPath
SHCreateDirectoryExW
ord6

ole32

CoTaskMemFree
CoCreateGuid

msvcp140

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
_Wcscoll
_Wcsxfrm
?id@?$collate@_W@std@@2V0locale@2@A
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?read@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@PA_W_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
_Strxfrm
_Strcoll
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_JH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPBD@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_start
_Thrd_detach
_Mtx_init
_Mtx_lock
_Mtx_unlock
_Cnd_init
_Cnd_wait
_Cnd_signal
_Cnd_destroy
_Mtx_destroy
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?empty@locale@std@@SA?AV12@XZ
?uncaught_exception@std@@YA_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$ctype@_W@std@@2V0locale@2@A
_Cnd_do_broadcast_at_thread_exit
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
_Thrd_join
_Thrd_id
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
?_Syserror_map@std@@YAPBDH@Z
_Mtx_trylock
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z

shlwapi

PathFileExistsW
PathAppendW

vcruntime140

_set_purecall_handler
wcsstr
strchr
memmove
memset
_CxxThrowException
_except_handler4_common
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
__std_terminate
__CxxFrameHandler3
_get_purecall_handler
memchr
memcpy

api-ms-win-crt-heap-l1-1-0

_set_new_mode
malloc
_recalloc
_callnewh
free
calloc
realloc

api-ms-win-crt-runtime-l1-1-0

_errno
_invalid_parameter_noinfo
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_get_invalid_parameter_handler
_set_invalid_parameter_handler
_initialize_narrow_environment
_set_new_handler
_configure_narrow_argv
signal
_seh_filter_dll
terminate
_invalid_parameter_noinfo_noreturn
_initterm_e

api-ms-win-crt-stdio-l1-1-0

ungetwc
fsetpos
setvbuf
_fseeki64
fflush
fgetpos
fputwc
fwrite
fputc
fread
fgetc
__stdio_common_vswprintf_s
__stdio_common_vswprintf
_get_stream_buffer_pointers
fclose
ungetc
fgetwc

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-string-l1-1-0

strtok_s
isspace
tolower
_strdup
wcsnlen
iswspace
wmemcpy_s
strncpy_s

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-convert-l1-1-0

_wtoi
_itoa_s

Exports

Exports

?AddCRCustomData@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?AdobeCrashReporterEnableSignalHandling@@YA_NP6AXHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@ZW4AdobeCrashReporterShowDialogForSignals@@I@Z
?CrashReporterInitialize@@YA_NPAXPBD1111P6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@@Z
?GetCRDialogOptions@@YAHXZ
?GetCRLastErrorCode@@YA?AW4ERROR_CR@@XZ
?SetCRDialogOptions@@YA_NH@Z
?SetCRDialogSaclingFactor@@YA_NW4AdobeCrashReporterScalingFactor@@@Z
?SetCRDialogUserEmail@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetCRDisplayName@@YA_NPBD@Z
?SetCRHighbeamSessionId@@YA_NPBD@Z
?SetCRHighbeamSessionInfo@@YA_NPAXPBG@Z
?SetCRIMSUserGuid@@YA_NPBD_N@Z
?SetCRLocale@@YA_NPBD@Z
?SetCRParentWnd@@YA_NPAX@Z
?SetCRPostHandler@@YA_NP6AXXZ@Z
?SetCRPostHandlerPassingExceptionInfoAndContext@@YA_NP6AXPAU_EXCEPTION_RECORD@@PAU_CONTEXT@@@Z@Z
?SetCRPosthandlerThreadPreference@@YA_N_N@Z
?SetCRPreHandler@@YA_NP6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@Z
?ShowCRDialogOnlyOnFirstCrash@@YA_NXZ
OutOfProcessExceptionEventCallback
OutOfProcessExceptionEventDebuggerLaunchCallback
OutOfProcessExceptionEventSignatureCallback

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRLogTransport.exe
.exe windows:6 windows x86 arch:x86

f65b2f7bb965e14812041bb29c26c996

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:28:23:27:c8:89:1d:c7:f4:96:e6:7e:ff:a7:1d:fd:7b:c4:66:fd:38:f6:df:ba:d2:e6:04:b7:f5:b0:ec:9d
Signer

Actual PE Digest

c6:28:23:27:c8:89:1d:c7:f4:96:e6:7e:ff:a7:1d:fd:7b:c4:66:fd:38:f6:df:ba:d2:e6:04:b7:f5:b0:ec:9d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\CRLogTransport\public\binary\Win\x86\Release\CRLogTransport.pdb

Imports

shlwapi

PathIsDirectoryW
PathFileExistsW

wininet

HttpOpenRequestW
InternetReadFile
InternetQueryOptionW
InternetQueryDataAvailable
InternetSetOptionW
InternetSetStatusCallbackW
InternetOpenW
InternetSetOptionA
InternetCloseHandle
HttpQueryInfoW
InternetConnectW
InternetCrackUrlW
HttpSendRequestW

kernel32

MultiByteToWideChar
WideCharToMultiByte
CompareFileTime
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
DeleteFileW
CloseHandle
GetProcAddress
MoveFileExW
GetFileTime
ReadFile
GetModuleFileNameW
InitializeCriticalSectionEx
Sleep
DeleteCriticalSection
GetSystemTimeAsFileTime
SetEvent
AreFileApisANSI
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
GetLastError
UnhandledExceptionFilter
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
FormatMessageA
FormatMessageW
LocalFree
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW
SHCreateDirectoryExW

msvcp140

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?bad@ios_base@std@@QBE_NXZ
?fail@ios_base@std@@QBE_NXZ
?good@ios_base@std@@QBE_NXZ
??Bios_base@std@@QBE_NXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??7ios_base@std@@QBE_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Xlength_error@std@@YAXPBD@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

vcruntime140

__CxxFrameHandler3
memmove
memcpy
_except_handler4_common
memchr
memcmp
__std_exception_copy
__std_exception_destroy
memset
__std_terminate
_CxxThrowException
_purecall

api-ms-win-crt-stdio-l1-1-0

_set_fmode
fgetpos
setvbuf
ungetc
__p__commode
__stdio_common_vfprintf
fsetpos
fread
fgetc
_fseeki64
fclose
fflush
fputc
ferror
_get_stream_buffer_pointers
__stdio_common_vsprintf
_wsopen_s
_close
fseek
fopen
ftell
fwrite

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free
_set_new_mode

api-ms-win-crt-string-l1-1-0

strncpy
strlen
strnlen
wcslen
tolower
strncpy_s
strtok_s
wcscmp

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_wrename
_unlock_file

api-ms-win-crt-runtime-l1-1-0

_errno
strerror
_controlfp_s
_invalid_parameter_noinfo
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_getpid
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
exit
_exit
terminate
__p___argc
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
signal

api-ms-win-crt-math-l1-1-0

_fdopen
__setusermatherr
ceil

api-ms-win-crt-time-l1-1-0

_gmtime32_s
_time32
strftime

api-ms-win-crt-utility-l1-1-0

abs
srand
rand

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRWindowsClientService.exe
.exe windows:6 windows x86 arch:x86

69dee0d8a8373479e85bb26fb3c65944

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

95:9b:a0:07:78:8c:d0:02:fe:95:b2:e4:33:d0:ed:82:88:9d:57:12:09:75:06:3b:41:c1:2a:00:51:0c:95:97
Signer

Actual PE Digest

95:9b:a0:07:78:8c:d0:02:fe:95:b2:e4:33:d0:ed:82:88:9d:57:12:09:75:06:3b:41:c1:2a:00:51:0c:95:97

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\Win32\Release\CRWindowsClientService.pdb

Imports

dbghelp

MiniDumpWriteDump

wininet

HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetOpenW
HttpQueryInfoW

kernel32

RaiseException
GetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetExitCodeProcess
OpenThread
GetExitCodeThread
OpenProcess
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
LocalFree
WriteFile
IsDebuggerPresent
GetCurrentProcess
GetTimeZoneInformation
GlobalMemoryStatusEx
GetSystemInfo
GetLocaleInfoEx
CreateFileW
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
CloseHandle
EnterCriticalSection
OutputDebugStringW
ReadFile

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegQueryInfoKeyW

shell32

ShellExecuteW
SHGetKnownFolderPath
SHCreateDirectoryExW
CommandLineToArgvW

ole32

CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateGuid
CoCreateInstance
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
VariantClear

shlwapi

PathAppendW
PathFileExistsW

msvcp140

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
_Stat
?_Winerror_map@std@@YAHH@Z
?_Winerror_message@std@@YAKKPADK@Z
?_Syserror_map@std@@YAPBDH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??Bid@locale@std@@QAEIXZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?empty@locale@std@@SA?AV12@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$ctype@_W@std@@2V0locale@2@A
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xinvalid_argument@std@@YAXPBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

vcruntime140

__std_terminate
wcsrchr
_except_handler4_common
__std_exception_copy
wcsstr
memset
memmove
memcpy
_CxxThrowException
__CxxFrameHandler3
memchr
__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_c_exit
_register_thread_local_exe_atexit_callback
_initialize_wide_environment
_invalid_parameter_noinfo
_errno
exit
_controlfp_s
_configure_wide_argv
_initterm
_invalid_parameter_noinfo_noreturn
terminate
_initterm_e
_set_app_type
_cexit
_exit
_get_wide_winmain_command_line
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_seh_filter_exe

api-ms-win-crt-string-l1-1-0

strncpy_s
wcscspn
wmemcpy_s
iswspace
strtok_s
isspace
strlen
_wcslwr_s
wcsnlen
tolower
toupper
wcsspn

api-ms-win-crt-heap-l1-1-0

_callnewh
free
_set_new_mode
calloc
_recalloc
malloc

api-ms-win-crt-utility-l1-1-0

abs

api-ms-win-crt-stdio-l1-1-0

fputwc
fgetwc
_get_stream_buffer_pointers
fclose
fputc
fflush
ungetc
fgetpos
_set_fmode
fread
fsetpos
_fseeki64
fwrite
__p__commode
__stdio_common_vsprintf
fgetc
__stdio_common_vswprintf_s
setvbuf
__stdio_common_vswprintf
ungetwc

api-ms-win-crt-filesystem-l1-1-0

_wrename
_wremove
_unlock_file
_lock_file

api-ms-win-crt-time-l1-1-0

_localtime64_s
_time64

api-ms-win-crt-convert-l1-1-0

strtol
_wtoi
atoi
_itoa_s

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDHelper.exe
.exe windows:5 windows x86 arch:x86

82a2d44124f64fef31cc8e1daa6c7ece

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

de:cc:ee:a7:3f:78:21:5c:80:10:85:3f:99:1d:d8:4a:5e:00:1d:cc:0d:b9:71:db:6f:e7:16:c3:86:7c:71:81
Signer

Actual PE Digest

de:cc:ee:a7:3f:78:21:5c:80:10:85:3f:99:1d:d8:4a:5e:00:1d:cc:0d:b9:71:db:6f:e7:16:c3:86:7c:71:81

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HDHelper\HDHelper\HDHelper.pdb

Imports

kernel32

GetCurrentProcess
ReadFile
WaitForSingleObject
lstrcmpW
GetModuleHandleW
GetExitCodeProcess
GetVersionExW
Sleep
lstrcmpiW
MoveFileExW
CloseHandle
DeleteFileW
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
FindClose
GetTempPathW
GetModuleFileNameW
FindNextFileW
SetLastError
FindFirstFileW
GetProcessHeap
DeleteCriticalSection
LocalFree
GetProcAddress
DecodePointer
HeapAlloc
LoadLibraryW
RaiseException
GetLastError
LocalAlloc
InitializeCriticalSectionEx
CreateProcessW
HeapFree
WriteConsoleW
SetEndOfFile
GetConsoleOutputCP
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
ExitProcess
GetStdHandle
GetTimeZoneInformation
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
GetStartupInfoW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
InitializeCriticalSectionAndSpinCount
OutputDebugStringW
IsDebuggerPresent
GetCPInfo
LCMapStringEx
EncodePointer
GetStringTypeW
WriteFile
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
CreateEventW
GlobalAlloc
GlobalFree
VerSetConditionMask
VerifyVersionInfoW
FreeLibrary
TerminateProcess
OpenProcess
HeapSize
CreateToolhelp32Snapshot
Process32NextW
SetEvent
Process32FirstW
HeapReAlloc
ResetEvent
GetCurrentProcessId
SetFilePointer
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetFileInformationByHandle
GetUserDefaultLangID
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
GetUserDefaultUILanguage
LCMapStringW
GetUserDefaultLCID

user32

GetWindowThreadProcessId
AllowSetForegroundWindow
GetShellWindow
EnumWindows

advapi32

LookupAccountSidW
EqualSid
FreeSid
AllocateAndInitializeSid
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
CreateProcessAsUserW
ConvertStringSidToSidW
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
RegGetKeySecurity
RegCloseKey
SetEntriesInAclW
CreateWellKnownSid
RegCreateKeyExW
RegSetKeySecurity
RegSetValueExW
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW

ole32

CLSIDFromProgID
OleRun
CLSIDFromString
CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit
VariantCopy
GetErrorInfo

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

PathIsDirectoryW
PathFindFileNameW
PathFileExistsW
PathStripPathW
PathAppendW
PathRenameExtensionW
PathRemoveExtensionW
PathAddExtensionW
PathRemoveFileSpecW
PathIsFileSpecW

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDIM.dll
.dll windows:5 windows x86 arch:x86

5ad8081d7f1a9799498c3b8452215791

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

84:f8:a7:61:3a:3e:84:99:03:1b:8d:1b:0b:c3:c3:38:cb:27:0f:bf:dd:42:7e:9b:ef:ef:7b:ef:1a:87:93:51
Signer

Actual PE Digest

84:f8:a7:61:3a:3e:84:99:03:1b:8d:1b:0b:c3:c3:38:cb:27:0f:bf:dd:42:7e:9b:ef:ef:7b:ef:1a:87:93:51

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HDIM\HDIM\HDIM.pdb

Imports

kernel32

DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
OutputDebugStringW
WriteConsoleW
SetEndOfFile
GetConsoleOutputCP
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
ReadFile
FindFirstFileW
FindNextFileW
WriteFile
GetModuleFileNameW
GetTempPathW
FindClose
CreateFileW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
CloseHandle
LocalFree
MoveFileExW
lstrcmpW
FlushFileBuffers
LoadLibraryW
GetProcAddress
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
SetFilePointer
GetCurrentThreadId
GetCurrentProcess
GetVersionExW
CreateEventW
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
GetFileInformationByHandle
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
WaitForSingleObject
ReleaseMutex
OpenMutexW
GetUserDefaultLangID
GetUserDefaultUILanguage
HeapFree
SetLastError
TerminateProcess
HeapSize
SetEvent
HeapReAlloc
ResetEvent
HeapAlloc
GetProcessHeap
LCMapStringW
GetUserDefaultLCID
GetStringTypeW
EncodePointer
LCMapStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
CompareStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
SetFilePointerEx

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathAppendW
PathIsDirectoryW
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW
PathRenameExtensionW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetFolderLocation
SHCreateDirectoryExW
SHGetFolderPathW

ole32

CLSIDFromString
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
OleRun
CLSIDFromProgID

oleaut32

SysAllocString
VariantClear
SysFreeString
VariantInit
VariantCopy
GetErrorInfo

Exports

Exports

ccim_GetInformation
ccim_UserAction
ccim_endWorkflow
ccim_startWorkflow
ccim_startWorkflowWithMode
hdimSetLoggerFnPtr

Sections

.text
Size: 267KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDNative.dll
.dll windows:5 windows x86 arch:x86

584a52729b2707f2bf3e2676fc63f445

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

43:26:b0:57:d1:e1:ca:6b:6e:29:68:d3:63:24:cd:67:95:f8:48:ea:0d:b8:f1:dc:22:80:f5:18:31:91:4e:eb
Signer

Actual PE Digest

43:26:b0:57:d1:e1:ca:6b:6e:29:68:d3:63:24:cd:67:95:f8:48:ea:0d:b8:f1:dc:22:80:f5:18:31:91:4e:eb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HDNative\HDNative\HDNative.pdb

Imports

kernel32

HeapFree
DecodePointer
HeapAlloc
GetProcessHeap
RaiseException
InitializeCriticalSectionEx
GetModuleHandleW
GetProcAddress
GetCurrentProcess
LocalFree
CloseHandle
GetLastError
CreateFileW
DeleteCriticalSection
FindClose
GetModuleFileNameW
FindNextFileW
SetLastError
LoadLibraryW
WriteConsoleW
GetConsoleOutputCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleMode
SetFilePointerEx
SetStdHandle
GetStdHandle
GetModuleHandleExW
ExitProcess
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
RtlUnwind
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
MultiByteToWideChar
WideCharToMultiByte
WriteFile
FlushFileBuffers
CreateEventW
FreeLibrary
TerminateProcess
HeapSize
HeapReAlloc
GetCurrentProcessId
LCMapStringW
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetCPInfo
UnhandledExceptionFilter

ole32

CLSIDFromProgID
OleRun
CLSIDFromString
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

GetErrorInfo
VariantClear
SysAllocString
SysFreeString

shlwapi

PathStripPathW
PathAppendW

Exports

Exports

hdNativeGetProductInstallStatus
hdNativeLaunchProduct
hdNativeSetLoggerFnPtr

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDPIM.dll
.dll windows:5 windows x86 arch:x86

325f386c0b7d0ebf5b83980c304c3e51

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:91:1b:25:90:0f:7c:6b:a5:19:ca:46:ca:fc:32:a6:52:94:99:2d:b1:14:44:c4:7b:26:96:82:98:0d:c6:0f
Signer

Actual PE Digest

18:91:1b:25:90:0f:7c:6b:a5:19:ca:46:ca:fc:32:a6:52:94:99:2d:b1:14:44:c4:7b:26:96:82:98:0d:c6:0f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HDPIM\HDPIM\HDPIM.pdb

Imports

kernel32

QueryFullProcessImageNameW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
GetUserDefaultLangID
GetCurrentProcess
GetDriveTypeW
lstrcmpW
lstrcmpiW
CopyFileW
MoveFileExW
LocalFree
SetCurrentDirectoryW
WaitForSingleObject
GetCurrentDirectoryW
CloseHandle
VirtualAlloc
VirtualFree
CreateDirectoryW
GetProcAddress
GetTempFileNameW
DeleteFileW
GetDiskFreeSpaceExW
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
LocalAlloc
FindClose
GetTempPathW
GetModuleFileNameW
RemoveDirectoryW
lstrlenW
FindNextFileW
SetLastError
FindFirstFileW
VerifyVersionInfoW
VerSetConditionMask
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
ReadFile
GetVersionExW
GetFullPathNameW
Sleep
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
GetStdHandle
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStartupInfoW
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetExitCodeProcess
GetModuleHandleW
CreateProcessW
GetFileSizeEx
FlushFileBuffers
SystemTimeToFileTime
GetFileAttributesExW
CopyFileExW
GetACP
MultiByteToWideChar
WideCharToMultiByte
HeapFree
GetSystemDirectoryW
LoadLibraryW
HeapAlloc
GetProcessHeap
SetDllDirectoryW
SetFileTime
GetSystemTime
CreateEventW
GlobalAlloc
GlobalFree
SizeofResource
WriteFile
GetFinalPathNameByHandleW
LockResource
LoadResource
FindResourceW
GetFileSize
FreeLibrary
TerminateProcess
Thread32Next
Thread32First
DuplicateHandle
HeapSize
ProcessIdToSessionId
SetEvent
TerminateThread
HeapReAlloc
CreateThread
FindResourceExW
ResetEvent
HeapDestroy
GetCurrentProcessId
GetThreadTimes
OpenThread
GetFileInformationByHandle
WaitForMultipleObjects
GetUserDefaultUILanguage
CreateMutexW
ReleaseMutex
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetCurrentThreadId
GetPhysicallyInstalledSystemMemory
GetLogicalDriveStringsW
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
GetDateFormatW
OpenMutexW
LoadLibraryA
LCMapStringW
LCMapStringA
GetUserDefaultLCID
GetStringTypeExA
SetEndOfFile
SetFilePointerEx
ResumeThread
GetSystemTimeAsFileTime
SetThreadPriority
GetCurrentThread
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
UnlockFileEx
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
GetStringTypeW
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
GetExitCodeThread
GetLocaleInfoEx
EncodePointer
LCMapStringEx
QueryPerformanceFrequency
InitializeCriticalSectionEx

user32

GetDesktopWindow
GetDC
LoadStringA
ReleaseDC
AllowSetForegroundWindow
GetShellWindow
EnumWindows
PostThreadMessageW
PostMessageW
GetWindowThreadProcessId

advapi32

CryptAcquireContextW
AllocateAndInitializeSid
FreeSid
RegQueryValueExW
RegDeleteValueW
InitializeSecurityDescriptor
RegSetKeySecurity
RegEnumKeyExW
RegQueryInfoKeyW
RegGetKeySecurity
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
EqualSid
LookupAccountSidW
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
CreateProcessAsUserW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetTokenInformation
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
CreateWellKnownSid
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash

shell32

SHGetFolderPathW
SHCreateDirectoryExW
SHSetLocalizedName
ord709
ord75
SHCreateItemFromParsingName
SHGetKnownFolderPath
SHGetSpecialFolderPathW
ord680
SHGetPathFromIDListW
SHGetFolderLocation
ord51

ole32

CoUninitialize
CoInitialize
CoInitializeEx
OleRun
CoSetProxyBlanket
StringFromGUID2
CoCreateGuid
CoInitializeSecurity
CoTaskMemFree
CLSIDFromProgID
CoCreateInstance
CLSIDFromString

oleaut32

VariantInit
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
VariantChangeType
SysStringLen
VariantCopy
SafeArrayAccessData
SafeArrayCreateVector
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayDestroy
GetErrorInfo

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

psapi

GetModuleBaseNameW
GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcessModules

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

winhttp

WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpQueryAuthSchemes
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpCloseHandle
WinHttpOpen
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpGetProxyForUrl
WinHttpQueryDataAvailable
WinHttpConnect
WinHttpQueryOption
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpSetCredentials
WinHttpGetIEProxyConfigForCurrentUser

shlwapi

PathFileExistsA
PathIsSystemFolderW
PathIsDirectoryEmptyW
PathIsDirectoryW
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW
PathStripToRootW
PathMakePrettyW
PathFindFileNameW
PathAddBackslashW
PathFileExistsW
PathGetCharTypeW
PathIsRootW
PathIsRelativeW
PathIsUNCW
PathStripPathW
PathFindExtensionW
PathAppendW
PathRenameExtensionW
PathRemoveBackslashW
PathRemoveFileSpecW
PathIsSameRootW

crypt32

CertGetIssuerCertificateFromStore
CertGetNameStringW

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WinVerifyTrust

gdi32

AddFontResourceW
RemoveFontResourceW
GetDeviceCaps

bcrypt

BCryptOpenAlgorithmProvider
BCryptHashData
BCryptCreateHash
BCryptFinishHash
BCryptCloseAlgorithmProvider
BCryptDestroyHash

Exports

Exports

hdpimAreUpdatesEnabled
hdpimCheckAndReportConflictingProcess
hdpimCheckForUpdate
hdpimControlProgress
hdpimCreateSession
hdpimDownloadProduct
hdpimGetAvailableUpdateInfo
hdpimGetInstalledProductsList
hdpimGetProductInstallDirIsMoved
hdpimGetProductInstallStatus
hdpimGetProductInstalledVersions
hdpimGetProductLaunchPath
hdpimGetProductReferenceInfo
hdpimInstallProduct
hdpimInstallUpdate
hdpimLaunchProduct
hdpimRepairProduct
hdpimSetLogger
hdpimSetLoggerFnPtr
hdpimTerminateSession
hdpimUnInstallProduct

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 543KB - Virtual size: 543KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDUWP.dll
.dll windows:5 windows x86 arch:x86

3a47b6ad9f12d5e5e7a2b2c62d7d90f8

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:bb:88:da:a7:e2:d9:2d:fd:a8:e3:06:51:2a:7b:a8:bc:e2:10:3d:8c:fe:36:6e:73:fb:87:81:6b:7e:b1:2a
Signer

Actual PE Digest

15:bb:88:da:a7:e2:d9:2d:fd:a8:e3:06:51:2a:7b:a8:bc:e2:10:3d:8c:fe:36:6e:73:fb:87:81:6b:7e:b1:2a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HDUWP\HDUWP\HDUWP.pdb

Imports

kernel32

CloseHandle
CreateEventExW
PackageFullNameFromId
PackageFamilyNameFromId
SetEvent
WaitForSingleObject
AcquireSRWLockShared
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetLastError
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
RaiseException
IsDebuggerPresent
GetProcAddress
InitOnceExecuteOnce
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DecodePointer
ReleaseSRWLockShared

ole32

CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoInitialize
CoTaskMemFree

vccorlib140

?EventSourceAdd@Details@Platform@@YG?AVEventRegistrationToken@Foundation@Windows@@PAPAXPAUEventLock@12@P$AAVDelegate@2@@Z
?EventSourceRemove@Details@Platform@@YGXPAPAXPAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z
??0OutOfBoundsException@Platform@@Q$AAA@XZ
??0ChangedStateException@Platform@@Q$AAA@XZ
??0OutOfMemoryException@Platform@@Q$AAA@XZ
??0FailureException@Platform@@Q$AAA@XZ
?Allocate@Heap@Details@Platform@@SAPAXI@Z
??0Delegate@Platform@@Q$AAA@XZ
?get@Message@Exception@Platform@@Q$AAAP$AAVString@3@XZ
?GetIidsFn@@YGJHPAKPBU__s_GUID@@PAPAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YGJPAXAAVGuid@Platform@@PAPAX@Z
?EventSourceGetTargetArraySize@Details@Platform@@YGIPAX@Z
?EventSourceGetTargetArray@Details@Platform@@YGPAXPAXPAUEventLock@12@@Z
?EventSourceUninitialize@Details@Platform@@YGXPAPAX@Z
?EventSourceInitialize@Details@Platform@@YGXPAPAX@Z
?GetIBoxArrayVtable@Details@Platform@@YGPAXPAX@Z
?AllocateException@Heap@Details@Platform@@SAPAXII@Z
?AlignedFree@Heap@Details@Platform@@SAXPAX@Z
?Free@Heap@Details@Platform@@SAXPAX@Z
?Allocate@Heap@Details@Platform@@SAPAXII@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AAEXXZ
?__abi_WinRTraiseCOMException@@YGXJ@Z
?__abi_WinRTraiseObjectDisposedException@@YGXXZ
?__abi_WinRTraiseDisconnectedException@@YGXXZ
?__abi_WinRTraiseWrongThreadException@@YGXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YGXXZ
?__abi_WinRTraiseChangedStateException@@YGXXZ
?__abi_WinRTraiseOutOfBoundsException@@YGXXZ
?__abi_WinRTraiseInvalidArgumentException@@YGXXZ
?__abi_WinRTraiseOutOfMemoryException@@YGXXZ
?__abi_WinRTraiseAccessDeniedException@@YGXXZ
?__abi_WinRTraiseFailureException@@YGXXZ
?__abi_WinRTraiseOperationCanceledException@@YGXXZ
?__abi_WinRTraiseNullReferenceException@@YGXXZ
?__abi_WinRTraiseInvalidCastException@@YGXXZ
?__abi_WinRTraiseNotImplementedException@@YGXXZ
??0Object@Platform@@Q$AAA@XZ
?__abi_cast_Object_to_String@__abi_details@@YGP$AAVString@Platform@@_NP$AAVObject@3@@Z
?__abi_cast_String_to_Object@__abi_details@@YGP$AAVObject@Platform@@P$AAVString@3@@Z
?__abi_translateCurrentException@@YGJ_N@Z
?EventSourceGetTargetArrayEvent@Details@Platform@@YGPAXPAXIPBXPA_J@Z
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

api-ms-win-core-winrt-l1-1-0

RoInitialize

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringRawBuffer
WindowsDuplicateString
WindowsDeleteString
WindowsCreateString
WindowsCompareStringOrdinal

vcruntime140

__std_type_info_destroy_list
memset
__vcrt_GetModuleFileNameW
memcpy
__CxxFrameHandler3
_CxxThrowException
__std_exception_destroy
__std_exception_copy
_except_handler4_common
__vcrt_LoadLibraryExW
memmove

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_crt_atexit
_initterm_e
_initterm
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_invalid_parameter_noinfo_noreturn
_initialize_narrow_environment
_cexit

api-ms-win-crt-string-l1-1-0

strcat_s
strcpy_s
wcslen
_wcsdup

api-ms-win-crt-heap-l1-1-0

malloc
free
_callnewh

api-ms-win-crt-convert-l1-1-0

_wtoi

Exports

Exports

hduwpGetInstalledPackageUsers
hduwpGetPackageFamilyName
hduwpGetPackageFullName
hduwpInstallPackage
hduwpIsPackageInstalledForAnyUser
hduwpIsPackageInstalledForCurrentUser
hduwpIsPackageWithFamilyNameInstalledForCurrentUser
hduwpLaunchPackage
hduwpRegisterPackage
hduwpUninstallPackage

Sections

.text
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDZIP.dll
.dll windows:5 windows x86 arch:x86

b1515195b219e3a91fd82844e2d018e6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

47:d1:50:09:ef:60:b6:21:ab:0f:6d:4c:51:7e:b0:04:08:7d:14:03:42:d4:87:1c:42:03:cd:f3:1c:3e:84:46
Signer

Actual PE Digest

47:d1:50:09:ef:60:b6:21:ab:0f:6d:4c:51:7e:b0:04:08:7d:14:03:42:d4:87:1c:42:03:cd:f3:1c:3e:84:46

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HDZIP\HDZIP\HDZIP.pdb

Imports

kernel32

CreateSemaphoreW
GetLastError
GetFileSize
VirtualFree
VirtualAlloc
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
InitializeCriticalSection
ReleaseSemaphore
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileW
GetFullPathNameW
FindFirstFileW
ReadFile
GetFileTime
DosDateTimeToFileTime
CloseHandle
LocalFileTimeToFileTime
Sleep
MultiByteToWideChar
SetFileAttributesW
GetFileAttributesW
CreateFileW
SetFileTime
WriteFile
lstrlenW
CreateDirectoryW
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
InitializeCriticalSectionEx
FormatMessageW
RaiseException
DecodePointer
LocalFree
WideCharToMultiByte
GetModuleFileNameW
GetTempPathW
DeleteFileW
FlushFileBuffers
GetCurrentProcess
GetProcAddress
GetModuleHandleW
HeapFree
SetLastError
TerminateProcess
HeapSize
HeapReAlloc
CreateThread
HeapAlloc
GetCurrentProcessId
GetProcessHeap
FreeLibrary
LCMapStringW
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetStringTypeW
EncodePointer
LCMapStringEx
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
SetStdHandle
GetFileType
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
SetFilePointerEx
ExitProcess
GetConsoleMode
ReadConsoleW
GetConsoleOutputCP
GetStdHandle
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
GetFileSizeEx
SetEndOfFile
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA

shlwapi

PathFileExistsW
PathAppendW
PathIsDirectoryW

ole32

StringFromGUID2
CoCreateGuid

oleaut32

VariantClear

Exports

Exports

hdzipCompressFolder
hdzipDecompressFile
hdzipSetLogger

Sections

.text
Size: 249KB - Virtual size: 248KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HUM.dll
.dll windows:5 windows x86 arch:x86

5827cc42e3f282ca493ab6907f31b2dc

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:26:cf:c1:2b:26:10:43:2d:0f:b6:a2:b9:c0:45:05:9d:90:52:48:39:dd:2d:c9:ec:cf:a2:fa:f1:c3:00:82
Signer

Actual PE Digest

05:26:cf:c1:2b:26:10:43:2d:0f:b6:a2:b9:c0:45:05:9d:90:52:48:39:dd:2d:c9:ec:cf:a2:fa:f1:c3:00:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HUM\HUM\HUM.pdb

Imports

kernel32

Sleep
InitializeCriticalSectionEx
GetModuleHandleW
GetProcAddress
WaitForSingleObject
GetCurrentProcess
ReadFile
DeleteCriticalSection
lstrcmpW
lstrcmpiW
DecodePointer
MoveFileExW
LocalFree
VirtualAlloc
VirtualFree
GetUserDefaultUILanguage
OpenMutexW
ReleaseMutex
CreateDirectoryW
GetVersionExW
CloseHandle
DeleteFileW
GetLastError
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
LocalAlloc
FindClose
GetTempPathW
GetModuleFileNameW
RemoveDirectoryW
lstrlenW
FindNextFileW
SetLastError
FindFirstFileW
RaiseException
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetTimeZoneInformation
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
FreeLibrary
LoadLibraryA
LCMapStringW
GetUserDefaultLCID
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameW
WriteFile
GetFileSize
FlushFileBuffers
CreateEventW
GlobalFree
VerSetConditionMask
VerifyVersionInfoW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryW
GetFileInformationByHandle
GetCurrentProcessId
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
HeapFree
TerminateProcess
OpenProcess
HeapSize
CreateToolhelp32Snapshot
ProcessIdToSessionId
Process32NextW
SetEvent
TerminateThread
Process32FirstW
HeapReAlloc
CreateThread
ResetEvent
HeapAlloc
HeapDestroy
GetProcessHeap
GetUserDefaultLangID
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateMutexW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
SetFilePointerEx
ResumeThread
SetThreadPriority
GetCurrentThread
GetStringTypeW
GetExitCodeThread
EncodePointer
LCMapStringEx
QueryPerformanceFrequency
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
RtlUnwind
InterlockedFlushSList
TlsAlloc

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
AdjustTokenPrivileges
LookupPrivilegeValueW
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
OpenProcessToken
CreateWellKnownSid
CryptAcquireContextW
LookupAccountSidW

shell32

SHGetFolderPathW
SHCreateDirectoryExW
SHGetPathFromIDListW
ord680
SHGetSpecialFolderPathW
SHGetFolderLocation

ole32

CoCreateGuid
CoUninitialize
CoTaskMemFree
StringFromGUID2
CLSIDFromString
OleRun
CLSIDFromProgID
CoCreateInstance
CoInitialize

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wtsapi32

WTSFreeMemory
WTSEnumerateSessionsW

winhttp

WinHttpOpenRequest
WinHttpQueryAuthSchemes
WinHttpSetTimeouts
WinHttpGetIEProxyConfigForCurrentUser
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpOpen
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpConnect
WinHttpSetCredentials
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpCloseHandle
WinHttpSetOption

shlwapi

PathIsRootW
PathFileExistsW
PathFindFileNameW
PathIsFileSpecW
PathAddExtensionW
PathRemoveExtensionW
PathIsDirectoryW
PathIsSystemFolderW
PathAppendW
PathFileExistsA
PathRemoveFileSpecW
PathRenameExtensionW
PathStripPathW

oleaut32

VariantClear
VariantChangeType
SysStringLen
SysAllocString
SysFreeString
VariantInit
VariantCopy
GetErrorInfo

bcrypt

BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptFinishHash

crypt32

CertGetNameStringW

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain

Exports

Exports

humCreateSession
humDownloadProductFFC
humGetAllProducts
humGetLatestApplicableUpdates
humGetLatestProducts
humGetLatestUpdates
humParseProductFFC
humSetLoggerFnPtr
humTerminateSession

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set-up.exe
.exe windows:5 windows x86 arch:x86

1ec5f8e7ee2e86fad5c5364ac8fac8c6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

68:fb:2d:b9:04:80:b7:4d:0f:38:15:03:db:37:0e:66:c8:7d:9e:ef:34:47:ae:7d:8f:47:a1:25:be:cd:49:fc
Signer

Actual PE Digest

68:fb:2d:b9:04:80:b7:4d:0f:38:15:03:db:37:0e:66:c8:7d:9e:ef:34:47:ae:7d:8f:47:a1:25:be:cd:49:fc

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HDBootStrapper\HDBootStrapper\Set-up.pdb

Imports

kernel32

FindFirstFileW
SetLastError
FindNextFileW
lstrlenW
RemoveDirectoryW
GetModuleFileNameW
GetTempPathW
FindClose
LocalAlloc
CreateFileW
GetFileAttributesW
SetFileAttributesW
FormatMessageW
GetLastError
GetDiskFreeSpaceExW
DeleteFileW
CloseHandle
GetCurrentDirectoryW
SetCurrentDirectoryW
LocalFree
MoveFileExW
CopyFileW
lstrcmpiW
lstrcmpW
GetDriveTypeW
GetCurrentProcess
ReadFile
WaitForSingleObject
GetProcAddress
CreateProcessW
GetModuleHandleW
GetExitCodeProcess
TerminateProcess
OpenProcess
CreateToolhelp32Snapshot
MultiByteToWideChar
Sleep
Process32NextW
Process32FirstW
LoadLibraryW
FreeLibrary
WideCharToMultiByte
HeapFree
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
DeleteCriticalSection
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
GlobalAlloc
GlobalLock
GlobalUnlock
MulDiv
GetStdHandle
AttachConsole
FreeConsole
GetConsoleWindow
CreateMutexW
ReleaseMutex
GetSystemDirectoryW
SetDllDirectoryW
GetVersionExW
GetFullPathNameW
OpenMutexW
SetWaitableTimer
CreateWaitableTimerW
WaitForMultipleObjects
CancelWaitableTimer
CreateEventW
SetEvent
ResetEvent
GetOverlappedResult
ReadDirectoryChangesW
GetFileSizeEx
GetLocalTime
GetTimeFormatW
GetDateFormatW
SetHandleInformation
ExpandEnvironmentStringsW
DeviceIoControl
GetUserDefaultLangID
CreatePipe
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
GetWindowsDirectoryW
VerSetConditionMask
VerifyVersionInfoW
InitializeCriticalSection
GetCurrentProcessId
GetLocaleInfoA
EnumSystemLocalesW
GetUserDefaultUILanguage
GetACP
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
LoadLibraryA
LCMapStringW
GetUserDefaultLCID
SizeofResource
WriteFile
LockResource
LoadResource
FindResourceW
GetFileSize
FlushFileBuffers
GlobalFree
CreateThread
SetFilePointer
ProcessIdToSessionId
TerminateThread
FindResourceExW
QueryFullProcessImageNameW
GetFileInformationByHandle
CreateNamedPipeW
ConnectNamedPipe
CreateDirectoryW
ReleaseSemaphore
OpenSemaphoreW
CreateSemaphoreW
GetTimeZoneInformation
SystemTimeToFileTime
VirtualFree
VirtualAlloc
CreateFileA
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
WaitForSingleObjectEx
DeleteFileA
HeapCompact
UnlockFile
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
SetFilePointerEx
ResumeThread
SetThreadPriority
GetCurrentThread
GetStringTypeW
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
IsProcessorFeaturePresent
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
GetModuleHandleExW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
QueryPerformanceFrequency
InitOnceComplete
InitOnceBeginInitialize
GetExitCodeThread
GetLocaleInfoEx
EncodePointer
LCMapStringEx
CompareStringEx
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
SetStdHandle
ExitThread
FreeLibraryAndExitThread
ExitProcess
CompareStringW
GetLocaleInfoW
IsValidLocale
GetConsoleOutputCP
GetConsoleMode
ReadConsoleW
FindFirstFileExW
IsValidCodePage

ws2_32

getnameinfo
WSAStartup
WSACleanup

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1023KB - Virtual size: 1022KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 178KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 239KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup.exe
.exe windows:5 windows x86 arch:x86

4ea65e918c27e4db6ca317fd81f8736c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fe:77:7e:24:82:78:13:af:da:58:f3:4f:f5:90:80:56:7a:6d:87:9c:46:70:71:e9:ae:8e:8b:fe:9c:1a:45:6c
Signer

Actual PE Digest

fe:77:7e:24:82:78:13:af:da:58:f3:4f:f5:90:80:56:7a:6d:87:9c:46:70:71:e9:ae:8e:8b:fe:9c:1a:45:6c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\Setup\Setup\Setup.pdb

Imports

kernel32

SetDllDirectoryW
GetConsoleWindow
DeleteCriticalSection
DecodePointer
FreeConsole
RaiseException
AttachConsole
GetLastError
InitializeCriticalSectionEx
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleOutputCP
SetFilePointerEx
ReadConsoleW
QueryPerformanceFrequency
GetStdHandle
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
GetCurrentProcessId
FindFirstFileW
FindNextFileW
WriteFile
SetFilePointer
GetTempPathW
CreateFileW
GetCurrentThreadId
DeleteFileW
CloseHandle
lstrcmpW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ReadFile
GetFullPathNameW
GetModuleFileNameW
FindClose
GetFileAttributesW
SetFileAttributesW
LocalFree
MoveFileExW
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
Sleep
CreateThread
LoadLibraryW
GetProcAddress
FreeLibrary
GetUserDefaultLangID
GetUserDefaultUILanguage
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
GetFileInformationByHandle
GetCurrentProcess
GetVersionExW
CreateEventW
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetEvent
ResetEvent
HeapFree
SetLastError
TerminateProcess
HeapSize
HeapReAlloc
HeapAlloc
GetProcessHeap
LCMapStringW
GetUserDefaultLCID
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
InitializeSListHead
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsDebuggerPresent
GetStartupInfoW
GetStringTypeW
EncodePointer
LCMapStringEx
GetCPInfo
RtlUnwind
InterlockedPushEntrySList
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
SetStdHandle
GetFileType
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
OutputDebugStringW

user32

SendMessageW

ole32

CoUninitialize
CoCreateInstance
CoTaskMemFree
OleRun
CLSIDFromString
CLSIDFromProgID
CoInitialize

crclient

?ShowCRDialogOnlyOnFirstCrash@@YA_NXZ
?CrashReporterInitialize@@YA_NPAXPBD1111P6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@@Z
?SetCRDisplayName@@YA_NPBD@Z

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathAddExtensionW
PathIsFileSpecW
PathRenameExtensionW
PathAppendW
PathFileExistsW
PathIsDirectoryW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHCreateDirectoryExW
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderPathW

oleaut32

SysStringLen
SysAllocString
SysFreeString
VariantInit
VariantCopy
GetErrorInfo
VariantClear

Sections

.text
Size: 420KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TokenResolverx64.exe
.exe windows:6 windows x64 arch:x64

b2250ce46eb3995753152fb2ff47dbad

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:f1:77:bb:65:d5:45:fd:75:46:f0:ef:f3:80:66:2e:df:c1:f4:e1:93:af:6b:98:03:e2:49:91:01:3a:6c:51
Signer

Actual PE Digest

52:f1:77:bb:65:d5:45:fd:75:46:f0:ef:f3:80:66:2e:df:c1:f4:e1:93:af:6b:98:03:e2:49:91:01:3a:6c:51

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win64\build\msvs_win32\Release\x64\sym\TokenResolver\TokenResolver\TokenResolverx64.pdb

Imports

kernel32

WriteFile
CreateFileW
GetLastError
CloseHandle
WriteConsoleW
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
GetModuleFileNameW
HeapFree
HeapAlloc
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
LCMapStringW
GetProcessHeap

shell32

SHGetFolderPathW
SHGetPathFromIDListW
SHGetFolderLocation

ole32

CoTaskMemFree

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninstaller.exe
.exe windows:5 windows x86 arch:x86

12f725025084aea26b04fe7baca4f7e2

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a4:6a:bc:6d:bf:9a:fc:eb:16:b1:03:7f:af:19:f6:ae:1d:f3:d9:46:fc:d3:b2:61:f6:d0:23:de:de:4f:f1:20
Signer

Actual PE Digest

a4:6a:bc:6d:bf:9a:fc:eb:16:b1:03:7f:af:19:f6:ae:1d:f3:d9:46:fc:d3:b2:61:f6:d0:23:de:de:4f:f1:20

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\Uninstaller\Uninstaller\Uninstaller.pdb

Imports

kernel32

GetFullPathNameA
SetFilePointer
InitializeCriticalSection
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
TryEnterCriticalSection
AreFileApisANSI
GetFileAttributesExW
lstrlenW
SystemTimeToFileTime
CreateMutexW
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
FlushViewOfFile
CreateFileA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetSystemTime
CreateFileMappingW
MapViewOfFile
UnlockFileEx
GetCurrentProcess
CreateEventW
GlobalAlloc
GlobalFree
GetProcAddress
GetModuleHandleW
CreateFileW
GetFileAttributesW
ReadFile
GetFullPathNameW
FindNextFileW
WriteFile
GetModuleFileNameW
GetTempPathW
FindClose
DeleteFileW
GetFileSize
FlushFileBuffers
HeapFree
SetLastError
TerminateProcess
WaitForSingleObject
GetTickCount
HeapSize
Sleep
HeapReAlloc
CreateThread
HeapAlloc
HeapDestroy
GetCurrentProcessId
GetProcessHeap
CreateProcessW
MultiByteToWideChar
FormatMessageW
WideCharToMultiByte
LoadLibraryW
FreeLibrary
LoadLibraryA
LCMapStringW
GetUserDefaultLCID
FormatMessageA
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
LCMapStringEx
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
CompareStringW
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetFileSizeEx
GetConsoleOutputCP
SetEndOfFile
WriteConsoleW
ExitThread
DeleteCriticalSection
LocalFree
DecodePointer
RaiseException
CloseHandle
GetLastError
InitializeCriticalSectionEx
OpenProcess
CreateNamedPipeW
FreeLibraryAndExitThread

user32

EnumWindows
GetShellWindow
AllowSetForegroundWindow
GetWindowThreadProcessId

advapi32

RegQueryValueExW
GetTokenInformation
FreeSid
OpenProcessToken
SetEntriesInAclW
AllocateAndInitializeSid
EqualSid
RegOpenKeyExW
GetUserNameW
RegCloseKey
GetNamedSecurityInfoW
SetNamedSecurityInfoW
DuplicateTokenEx
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

CommandLineToArgvW
SHCreateDirectoryExW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetFolderLocation

ole32

CLSIDFromProgID
StringFromGUID2
CoInitialize
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoCreateGuid
CLSIDFromString
CoTaskMemFree
OleRun

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit
GetErrorInfo
SysStringLen
VariantChangeType

shlwapi

PathRemoveBackslashW
PathRemoveFileSpecW
PathFileExistsW
PathFileExistsA
PathIsDirectoryW
PathStripPathW
PathAppendW

Sections

.text
Size: 889KB - Virtual size: 889KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cr_win_client_config.cfg
customhook/HDCoreCustomHook.exe
.exe windows:5 windows x86 arch:x86

d5610168be86662daf8fe8b34af20c20

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ae:9c:53:90:74:05:d0:bf:3e:68:e3:c2:e3:04:12:a9:79:63:77:fb:57:a9:9e:80:b3:43:10:14:8a:9c:cd:a0
Signer

Actual PE Digest

ae:9c:53:90:74:05:d0:bf:3e:68:e3:c2:e3:04:12:a9:79:63:77:fb:57:a9:9e:80:b3:43:10:14:8a:9c:cd:a0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\workspace\ccd-hyperdrive\main\native\win32\build\msvs_win32\Release\x86\sym\HDBoxCustomHook\HDBoxCustomHook\HDCoreCustomHook.pdb

Imports

kernel32

GetCurrentProcess
ReadFile
WaitForSingleObject
lstrcmpW
GetModuleHandleW
GetVersionExW
MoveFileExW
CloseHandle
DeleteFileW
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
FindClose
GetTempPathW
GetModuleFileNameW
FindNextFileW
SetLastError
FindFirstFileW
SetDllDirectoryW
GetProcessHeap
LocalFree
GetProcAddress
HeapAlloc
LoadLibraryW
GetSystemDirectoryW
LocalAlloc
HeapFree
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
WriteConsoleW
GetConsoleOutputCP
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetLocaleInfoW
CompareStringW
GetCommandLineW
GetCommandLineA
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetTimeZoneInformation
GetFileType
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetFullPathNameW
WriteFile
GetFileSize
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
SetFilePointer
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetFileInformationByHandle
CreateEventW
VerSetConditionMask
VerifyVersionInfoW
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
TerminateProcess
HeapSize
Sleep
SetEvent
HeapReAlloc
CreateThread
ResetEvent
HeapDestroy
GetUserDefaultLangID
GetUserDefaultUILanguage
FreeLibrary
LoadLibraryA
LCMapStringW
GetUserDefaultLCID
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
GetStringTypeW
EncodePointer
LCMapStringEx
GetCPInfo
IsDebuggerPresent

advapi32

SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
RegGetKeySecurity
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
SetEntriesInAclW
CreateWellKnownSid
RegCreateKeyExW
RegEnumKeyExW
RegSetKeySecurity
RegSetValueExW
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW

shell32

SHGetFolderPathW
SHGetPathFromIDListW
SHGetFolderLocation
SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

StringFromGUID2
CLSIDFromString
OleRun
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateGuid

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

PathAppendW
PathIsDirectoryW
PathFindFileNameW
PathRemoveExtensionW
PathRemoveFileSpecW
PathRenameExtensionW
PathFileExistsA
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW

oleaut32

VariantCopy
VariantClear
SysAllocString
SysFreeString
VariantInit
GetErrorInfo

Sections

.text
Size: 939KB - Virtual size: 939KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/ADC/HDBox/HDBox.pimx
.xml
packages/ADC/HDBox/HDBox.sig
.xml
packages/ADC/IPCBox/IPCBox.pima
.zip
AdobeIPCBroker.exe
.exe windows:6 windows x86 arch:x86

5b6f58ae57e4aefc02da53e9f79595c4

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:92:74:6d:a5:87:98:2c:5c:ef:e3:57:a6:65:89:8e:24:17:d1:7d:99:8e:71:d1:46:74:b4:45:56:ac:d3:29
Signer

Actual PE Digest

e0:92:74:6d:a5:87:98:2c:5c:ef:e3:57:a6:65:89:8e:24:17:d1:7d:99:8e:71:d1:46:74:b4:45:56:ac:d3:29

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdobeIPCBroker.pdb

Imports

kernel32

GlobalFree
lstrcpyW
GetModuleFileNameW
SetEvent
CreateEventW
WaitForSingleObject
WaitForMultipleObjects
CreateWaitableTimerW
SetWaitableTimer
SetDllDirectoryW
SwitchToThread
GetStdHandle
GetFileAttributesW
WriteFile
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetDynamicTimeZoneInformation
GetConsoleMode
DeleteFileW
FindClose
ReadFile
ConnectNamedPipe
GetOverlappedResult
RaiseException
GetCurrentThread
GetTickCount
FreeEnvironmentStringsW
GetEnvironmentVariableW
GetSystemInfo
GetCurrentProcess
TerminateProcess
OpenProcess
GlobalAlloc
LocalAlloc
LocalFree
SetStdHandle
GetEnvironmentStringsW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindFirstFileW
FindNextFileW
FlushFileBuffers
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
SetEndOfFile
SetFilePointerEx
UnlockFile
DuplicateHandle
PeekNamedPipe
CreateNamedPipeW
GetNamedPipeInfo
ResetEvent
ReleaseMutex
SetThreadPriority
GetThreadPriority
TlsAlloc
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FreeLibrary
GetModuleHandleExW
GetProcAddress
LoadLibraryExW
CloseHandle
MoveFileExW
RtlCaptureStackBackTrace
LCMapStringW
SetFilePointer
FormatMessageW
LocalReAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
LoadLibraryA
GetVersionExW
GetNativeSystemInfo
SetLastError
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
CreateThreadpool
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
CloseThreadpool
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
GetProcessTimes
K32GetProcessMemoryInfo
WakeConditionVariable
LoadLibraryW
QueryPerformanceCounter
FormatMessageA
GetSystemTime
SystemTimeToFileTime
GetProcessHeap
GetFileSize
HeapDestroy
HeapCompact
HeapAlloc
HeapReAlloc
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
HeapValidate
UnlockFileEx
GetFullPathNameA
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapFree
HeapCreate
AreFileApisANSI
TryEnterCriticalSection
QueryPerformanceFrequency
GetExitCodeThread
InitOnceBeginInitialize
InitOnceComplete
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
TlsFree
GetModuleHandleW
GetCPInfo
GetStringTypeW
CompareStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
CreateTimerQueue
SignalObjectAndWait
CreateThread
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
VirtualProtect
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
ResumeThread
GetTimeZoneInformation
GetDriveTypeW
GetFileInformationByHandle
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetCommandLineA
ReadConsoleW
GetConsoleCP
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
WriteConsoleW
GetLastError
CreateMutexW
GetCommandLineW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetUserDefaultLCID
GetLocaleInfoW
WideCharToMultiByte
MultiByteToWideChar
GetTempPathW

user32

SetTimer
EnumWindows
GetShellWindow
GetWindowThreadProcessId
GetWindowLongW
MsgWaitForMultipleObjectsEx
DestroyWindow
PostQuitMessage
KillTimer
TranslateMessage
PostMessageW
PeekMessageW
DispatchMessageW
SetWindowLongW
RegisterClassW
CreateWindowExW
DefWindowProcW

ole32

CoTaskMemFree
StringFromGUID2
CoCreateGuid

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpSetStatusCallback
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpCrackUrl
WinHttpWriteData
WinHttpQueryAuthSchemes
WinHttpCloseHandle
WinHttpOpenRequest
WinHttpReadData
WinHttpQueryHeaders
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpReceiveResponse
WinHttpSetCredentials
WinHttpSetOption

shlwapi

UrlIsW
PathCreateFromUrlW
PathFileExistsW

crclient

?CrashReporterInitialize@@YA_NPAXPBD1111P6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@5@Z

bcrypt

BCryptDestroyHash
BCryptHashData
BCryptCreateHash
BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptFinishHash

advapi32

OpenProcessToken
AdjustTokenPrivileges
AllocateAndInitializeSid
DuplicateTokenEx
EqualSid
FreeSid
GetLengthSid
GetSidSubAuthority
GetTokenInformation
SetTokenInformation
LookupPrivilegeValueW
CreateProcessWithTokenW
ConvertStringSidToSidW
GetUserNameW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW

shell32

ShellExecuteExW
CommandLineToArgvW
SHCreateDirectoryExW
SHGetKnownFolderPath

ws2_32

WSASetLastError
htonl
getservbyname
ntohs
bind
closesocket
connect
ioctlsocket
getsockname
getsockopt
htons
listen
recv
select
send
socket
WSAStartup
WSACleanup
WSAGetLastError
__WSAFDIsSet
inet_addr
inet_ntoa
gethostbyaddr
gethostbyname
getservbyport

wininet

DetectAutoProxyUrl

Exports

Exports

UTF8ToHtml
UTF8Toisolat1
__docbDefaultSAXHandler
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXHandler
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlErrEncoding
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRaiseError
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlSimpleError
__xmlStructuredError
__xmlStructuredErrorContext
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
docbDefaultSAXHandlerInit
emptyExp
forbiddenExp
gudeCancel
gudeClearCache
gudeCreate
gudeDestroy
gudeDownload
gudeDownloadRangeToMemory
gudeDownloadToMemory
gudeDownloadWithSize
gudeErrorString
gudeHTTPStatusString
gudePause
gudeRegisterAddChunkHeaderCallback
gudeRegisterAddHeaderCallback
gudeRegisterAddParametersCallback
gudeRegisterAssertCallback
gudeRegisterCancellationCallback
gudeRegisterChunkErrorRetryCallback
gudeRegisterCompletionCallback
gudeRegisterErrorCallback
gudeRegisterLoggingCallback
gudeRegisterMonitorCallback
gudeRegisterPausedCallback
gudeRegisterProgressCallback
gudeRegisterRequestBodyCallback
gudeRegisterResponseBodyCallback
gudeRegisterResponseHeaderCallback
gudeRegisterSSLCertificatePolicyCallback
gudeRegisterSetServerTypeCallback
gudeRegisterSetTimeoutCallback
gudeRegisterSetTimeoutResourceCallback
gudeRegisterStatusLineCallback
gudeResume
gudeSendRequest
gudeSetLogLevel
gudeSetMultipartUploadThreshold
gudeSetSystemProxyCredentials
gudeSetTargetDataRates
gudeSetWorkerPoolUpperLimit
gudeUpload
gudeUploadFromMemory
gudeVersion
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCreatePushParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlDocContentDumpFormatOutput
htmlDocContentDumpOutput
htmlDocDump
htmlDocDumpMemory
htmlDocDumpMemoryFormat
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNodeDump
htmlNodeDumpFile
htmlNodeDumpFileFormat
htmlNodeDumpFormatOutput
htmlNodeDumpOutput
htmlNodeStatus
htmlParseCharRef
htmlParseChunk
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSaveFile
htmlSaveFileEnc
htmlSaveFileFormat
htmlSetMetaEncoding
htmlTagLookup
initGenericErrorDefaultFunc
initdocbDefaultSAXHandler
inithtmlDefaultSAXHandler
initxmlDefaultSAXHandler
inputPop
inputPush
isolat1ToUTF8
namePop
namePush
nodePop
nodePush
valuePop
valuePush
xmlACatalogAdd
xmlACatalogDump
xmlACatalogRemove
xmlACatalogResolve
xmlACatalogResolvePublic
xmlACatalogResolveSystem
xmlACatalogResolveURI
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocOutputBuffer
xmlAllocParserInputBuffer
xmlAttrSerializeTxtContent
xmlAutomataCompile
xmlAutomataGetInitState
xmlAutomataIsDeterminist
xmlAutomataNewAllTrans
xmlAutomataNewCountTrans
xmlAutomataNewCountTrans2
xmlAutomataNewCountedTrans
xmlAutomataNewCounter
xmlAutomataNewCounterTrans
xmlAutomataNewEpsilon
xmlAutomataNewNegTrans
xmlAutomataNewOnceTrans
xmlAutomataNewOnceTrans2
xmlAutomataNewState
xmlAutomataNewTransition
xmlAutomataNewTransition2
xmlAutomataSetFinalState
xmlBoolToText
xmlBufContent
xmlBufEnd
xmlBufGetNodeContent
xmlBufNodeDump
xmlBufShrink
xmlBufUse
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDetach
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlCanonicPath
xmlCatalogAdd
xmlCatalogAddLocal
xmlCatalogCleanup
xmlCatalogConvert
xmlCatalogDump
xmlCatalogFreeLocal
xmlCatalogGetDefaults
xmlCatalogGetPublic
xmlCatalogGetSystem
xmlCatalogIsEmpty
xmlCatalogLocalResolve
xmlCatalogLocalResolveURI
xmlCatalogRemove
xmlCatalogResolve
xmlCatalogResolvePublic
xmlCatalogResolveSystem
xmlCatalogResolveURI
xmlCatalogSetDebug
xmlCatalogSetDefaultPrefer
xmlCatalogSetDefaults
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlChildElementCount
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupOutputCallbacks
xmlCleanupParser
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlConvertSGMLCatalog
xmlCopyAttributeTable
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDoc
xmlCopyDocElementContent
xmlCopyDtd
xmlCopyElementContent
xmlCopyElementTable
xmlCopyEntitiesTable
xmlCopyEnumeration
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyNotationTable
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreatePushParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDebugCheckDocument
xmlDebugDumpAttr
xmlDebugDumpAttrList
xmlDebugDumpDTD
xmlDebugDumpDocument
xmlDebugDumpDocumentHead
xmlDebugDumpEntities
xmlDebugDumpNode
xmlDebugDumpNodeList
xmlDebugDumpOneNode
xmlDebugDumpString
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictGetUsage
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSetLimit
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocDump
xmlDocDumpFormatMemory
xmlDocDumpFormatMemoryEnc
xmlDocDumpMemory
xmlDocDumpMemoryEnc
xmlDocFormatDump
xmlDocGetRootElement
xmlDocSetRootElement
xmlDumpAttributeDecl
xmlDumpAttributeTable
xmlDumpElementDecl
xmlDumpElementTable
xmlDumpEntitiesTable
xmlDumpEntityDecl
xmlDumpNotationDecl
xmlDumpNotationTable
xmlElemDump
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlErrMemory
xmlEscapeFormatString
xmlExpCtxtNbCons
xmlExpCtxtNbNodes
xmlExpDump
xmlExpExpDerive
xmlExpFree
xmlExpFreeCtxt
xmlExpGetLanguage
xmlExpGetStart
xmlExpIsNillable
xmlExpMaxToken
xmlExpNewAtom
xmlExpNewCtxt
xmlExpNewOr
xmlExpNewRange
xmlExpNewSeq
xmlExpParse
xmlExpRef
xmlExpStringDerive
xmlExpSubsume
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFirstElementChild
xmlFree
xmlFreeAttributeTable
xmlFreeAutomata
xmlFreeCatalog
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreePattern
xmlFreePatternList
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeStreamCtxt
xmlFreeTextReader
xmlFreeURI
xmlFreeValidCtxt
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNodePath
xmlGetNsList
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashDefaultDeallocator
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlIOFTPClose
xmlIOFTPMatch
xmlIOFTPOpen
xmlIOFTPRead
xmlIOHTTPClose
xmlIOHTTPMatch
xmlIOHTTPOpen
xmlIOHTTPOpenW
xmlIOHTTPRead
xmlIOParseDTD
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeCatalog
xmlInitializeDict
xmlInitializeGlobalState
xmlIsBaseChar
xmlIsBaseCharGroup
xmlIsBlank
xmlIsBlankNode

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 525KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRClient.dll
.dll windows:6 windows x86 arch:x86

b9bd38ede3ed98b9ff2e81cae42eba02

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

23:ee:e0:ad:67:cc:f9:be:b4:56:6c:45:12:0a:58:3d:bc:cc:0f:fd:d2:d0:b5:c3:8d:03:fb:87:c2:b0:39:b0
Signer

Actual PE Digest

23:ee:e0:ad:67:cc:f9:be:b4:56:6c:45:12:0a:58:3d:bc:cc:0f:fd:d2:d0:b5:c3:8d:03:fb:87:c2:b0:39:b0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\Win32\Release_MT\CRClient.pdb

Imports

dbghelp

SymFromAddr
StackWalk64
SymGetModuleBase64
SymFunctionTableAccess64
SymGetModuleInfo64
SymInitialize

kernel32

GetProcessHeap
SetUnhandledExceptionFilter
VirtualProtect
WriteProcessMemory
GetCurrentProcess
MultiByteToWideChar
GetModuleHandleW
CloseHandle
CreateThread
WaitForSingleObject
GetModuleFileNameW
FreeLibrary
ReadFile
GetCurrentThreadId
ReadProcessMemory
TerminateProcess
GetCurrentProcessId
TerminateThread
OpenThread
ConnectNamedPipe
GetProcessId
GetThreadId
K32GetModuleFileNameExW
SuspendThread
GetThreadContext
ResumeThread
LocaleNameToLCID
LoadLibraryW
WerRegisterRuntimeExceptionModule
WerUnregisterRuntimeExceptionModule
GetSystemDirectoryW
VerSetConditionMask
VerifyVersionInfoW
GetTimeZoneInformation
CreateProcessW
WideCharToMultiByte
CreateFileW
FindFirstFileW
FindNextFileW
FindClose
CreateNamedPipeW
WriteFile
FlushFileBuffers
DisconnectNamedPipe
GetFileAttributesExW
GetOEMCP
GetACP
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetFileSizeEx
GetFileType
GetStdHandle
ExitProcess
SetEnvironmentVariableW
GetModuleHandleExW
ExitThread
SetConsoleCtrlHandler
DeleteFileW
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
DecodePointer
GetProcAddress
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
IsValidCodePage
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
ResetEvent
SetEvent
OutputDebugStringW
IsDebuggerPresent
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStringTypeW
DuplicateHandle
WaitForSingleObjectEx
Sleep
SwitchToThread
GetCurrentThread
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
FindFirstFileExW
SetEndOfFile
SetFilePointerEx
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetCPInfo

user32

DialogBoxIndirectParamW
SetPropW
EndDialog
GetPropW
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
IsHungAppWindow
DisableProcessWindowsGhosting
MessageBoxW
GetWindowTextW
GetWindowTextLengthW
ReleaseDC
DrawIconEx
GetSysColor
GetDC
SetFocus
GetDlgCtrlID
IsDlgButtonChecked
PostMessageW
ShowWindow
GetSystemMenu
EnableMenuItem
EnableWindow
CheckDlgButton
GetSysColorBrush
CallWindowProcW
GetWindow
SetWindowTextW
SetDlgItemTextW
SetWindowPos
OffsetRect
CopyRect
GetDesktopWindow
GetKeyState
GetDlgItem
GetWindowLongW
GetParent
SetCursor
LoadCursorW
ReleaseCapture
PtInRect
ClientToScreen
GetWindowRect
SetCapture
InvalidateRect
GetCapture
SendMessageW
SetWindowLongW
RemovePropW

gdi32

DeleteDC
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetBkMode
CreateFontIndirectW
GetObjectW
DeleteObject
SetTextColor

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHCreateDirectoryExW
SHGetKnownFolderPath
ord6

ole32

CoCreateGuid
CoTaskMemFree

shlwapi

PathAppendW
PathFileExistsW

wintrust

WinVerifyTrust

Exports

Exports

?AddCRCustomData@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?AdobeCrashReporterEnableSignalHandling@@YA_NP6AXHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@ZW4AdobeCrashReporterShowDialogForSignals@@I@Z
?CrashReporterInitialize@@YA_NPAXPBD1111P6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@5@Z
?GetCRDialogOptions@@YAHXZ
?GetCRLastErrorCode@@YA?AW4ERROR_CR@@XZ
?SetCRDialogOptions@@YA_NH@Z
?SetCRDialogSaclingFactor@@YA_NW4AdobeCrashReporterScalingFactor@@@Z
?SetCRDialogUserEmail@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetCRDisplayName@@YA_NPBD@Z
?SetCRHighbeamSessionId@@YA_NPBD@Z
?SetCRHighbeamSessionInfo@@YA_NPAXPBG@Z
?SetCRIMSUserGuid@@YA_NPBD_N@Z
?SetCRLocale@@YA_NPBD@Z
?SetCRParentWnd@@YA_NPAX@Z
?SetCRPostHandler@@YA_NP6AXXZ@Z
?SetCRPostHandlerPassingExceptionInfoAndContext@@YA_NP6AXPAU_EXCEPTION_RECORD@@PAU_CONTEXT@@@Z@Z
?SetCRPosthandlerThreadPreference@@YA_N_N@Z
?SetCRPreHandler@@YA_NP6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@Z
?SetCRSignatureVerificationPreference@@YA_N_N@Z
?ShowCRDialogOnlyOnFirstCrash@@YA_NXZ
OutOfProcessExceptionEventCallback
OutOfProcessExceptionEventDebuggerLaunchCallback
OutOfProcessExceptionEventSignatureCallback

Sections

.text
Size: 606KB - Virtual size: 606KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 139KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRLogTransport.exe
.exe windows:6 windows x86 arch:x86

70ac13cda5d9728ade81378aec8b09b7

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bc:06:0e:6d:ca:fa:a9:c5:88:63:94:41:90:1d:cc:5c:e4:69:e5:ea:2a:4b:fe:06:93:ed:99:5a:53:68:8a:61
Signer

Actual PE Digest

bc:06:0e:6d:ca:fa:a9:c5:88:63:94:41:90:1d:cc:5c:e4:69:e5:ea:2a:4b:fe:06:93:ed:99:5a:53:68:8a:61

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\CRLogTransport\public\binary\Win\x86\Release_MT\CRLogTransport.pdb

Imports

shlwapi

PathIsDirectoryW
PathFileExistsW

wininet

InternetConnectW
InternetCloseHandle
HttpSendRequestW
InternetCrackUrlW
InternetSetOptionW
InternetSetOptionA
InternetOpenW
InternetSetStatusCallbackW
InternetQueryDataAvailable
InternetQueryOptionW
HttpOpenRequestW
InternetReadFile
HttpQueryInfoW

kernel32

GetACP
MultiByteToWideChar
WideCharToMultiByte
CompareFileTime
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
FreeEnvironmentStringsW
DeleteFileW
CloseHandle
GetProcAddress
MoveFileExW
FreeLibrary
GetEnvironmentStringsW
GetFileTime
GetLastError
FlushFileBuffers
GetModuleFileNameW
HeapFree
InitializeCriticalSectionEx
HeapSize
Sleep
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GetSystemTimeAsFileTime
WriteFile
GetFileSizeEx
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
SetStdHandle
GetTimeZoneInformation
WriteConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
SetEnvironmentVariableW
ReadFile
GetStdHandle
GetModuleHandleExW
ExitProcess
SetConsoleCtrlHandler
FormatMessageW
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
FormatMessageA
LocalFree
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
OutputDebugStringW
RtlUnwind
LoadLibraryExW
GetFileType
GetCommandLineA

shell32

SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRWindowsClientService.exe
.exe windows:6 windows x86 arch:x86

ec69bd2234ba45760cace382af5fa01e

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ce:fb:a7:b4:a2:d8:74:61:3b:af:13:15:3c:4b:2c:b8:10:95:9d:32:7b:02:97:dd:8d:8e:d1:97:2f:ec:d3:eb
Signer

Actual PE Digest

ce:fb:a7:b4:a2:d8:74:61:3b:af:13:15:3c:4b:2c:b8:10:95:9d:32:7b:02:97:dd:8d:8e:d1:97:2f:ec:d3:eb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\Win32\Release_MT\CRWindowsClientService.pdb

Imports

dbghelp

MiniDumpWriteDump

wininet

HttpQueryInfoW
InternetOpenW
HttpSendRequestW
InternetCloseHandle
InternetConnectW
HttpOpenRequestW

kernel32

RaiseException
GetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetExitCodeProcess
OpenThread
GetExitCodeThread
OpenProcess
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
LocalFree
ReadFile
WriteFile
CloseHandle
GetCurrentProcess
GetTimeZoneInformation
GlobalMemoryStatusEx
GetSystemInfo
GetLocaleInfoEx
GetFileAttributesExW
GetModuleFileNameW
IsProcessorFeaturePresent
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
DecodePointer
CreateFileW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
TerminateProcess
DeleteFileW
MoveFileExW
LoadLibraryExW
GetFileSizeEx
GetFileType
GetStdHandle
GetModuleHandleExW
ExitProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
FreeLibrary
SetEnvironmentVariableW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
FormatMessageW
QueryPerformanceCounter
FindClose
FindFirstFileExW
FindNextFileW
SetEndOfFile
SetFilePointerEx
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetEvent
ResetEvent
RtlUnwind

advapi32

RegQueryInfoKeyW
RegEnumValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey

shell32

CommandLineToArgvW
SHCreateDirectoryExW
SHGetKnownFolderPath
ShellExecuteW

ole32

CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoCreateGuid
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
VariantClear

shlwapi

PathFileExistsW
PathAppendW

wintrust

WinVerifyTrust

Sections

.text
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StartupOptions.xml
.xml
cr_win_client_config.cfg
customhook/AdobeIPCBrokerCustomHook.exe
.exe windows:6 windows x86 arch:x86

870810ea1d1d996da7743cf438651939

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

80:96:5c:72:07:97:8f:6f:bc:37:aa:11:de:89:40:76:04:e4:26:27:bc:cb:bf:cb:71:ff:eb:ac:d0:03:3f:e8
Signer

Actual PE Digest

80:96:5c:72:07:97:8f:6f:bc:37:aa:11:de:89:40:76:04:e4:26:27:bc:cb:bf:cb:71:ff:eb:ac:d0:03:3f:e8

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdobeIPCBrokerCustomHook.pdb

Imports

shlwapi

PathAppendW
PathRemoveFileSpecW

kernel32

GetCurrentProcessId
WriteConsoleW
HeapSize
TerminateProcess
GetModuleFileNameW
GetTempPathW
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Sleep
GetLastError
Process32NextW
Process32FirstW
CloseHandle
CreateProcessW
CreateFileW
GetProcessHeap
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
SetEndOfFile
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
GetFileSizeEx
SetFilePointerEx
GetFileType
HeapAlloc
HeapFree
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP

user32

FindWindowExW
PostMessageW

shell32

SHGetFolderPathW

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/ADC/IPCBox/IPCBox.pimx
.xml
packages/ADC/IPCBox/IPCBox.sig
.xml
packages/ApplicationInfo.xml
.xml
resources/Config.xml
.xml

Resubmissions

Sharing

General

Malware Config

Signatures

Files

7eae418c7423834ffc3d79b4300bd6fb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 451KB

.ndata Size: - Virtual size: 672KB

.rsrc Size: 63KB - Virtual size: 62KB

b78757e60c78fbd8d0549e7a1e0d29a1

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

shell32

Sections

.text Size: 748KB - Virtual size: 747KB

.rdata Size: 197KB - Virtual size: 196KB

.data Size: 17KB - Virtual size: 33KB

.gfids Size: 1024B - Virtual size: 596B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 44KB - Virtual size: 44KB

85aa1a3ec9a324deb93be1db280c6b57

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 451KB

.ndata
Size: - Virtual size: 672KB

.rsrc
Size: 63KB - Virtual size: 62KB

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43
Signer

.text
Size: 748KB - Virtual size: 747KB

.rdata
Size: 197KB - Virtual size: 196KB

.data
Size: 17KB - Virtual size: 33KB

.gfids
Size: 1024B - Virtual size: 596B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 44KB - Virtual size: 44KB

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54
Signer

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 4KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 512B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

5c:12:9b:b9:f3:ca:b1:11:86:2a:1a:18:f1:c0:dc:ec:a8:3e:ae:0e:4a:af:66:ae:2b:a7:9b:06:25:21:a3:91
Signer

.text
Size: 971KB - Virtual size: 971KB

.rdata
Size: 176KB - Virtual size: 176KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 96KB - Virtual size: 96KB

.reloc
Size: 33KB - Virtual size: 33KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0c:28:96:11:07:88:b1:29:82:5f:b1:d1:f6:ba:ac:a3
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

fc:2e:89:cc:38:15:aa:ac:27:c6:a1:e6:8a:26:35:84:61:93:56:85:08:72:40:1e:e6:b1:49:3b:ba:99:95:ee
Signer