RtkAudUService64[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

RtkAudUService64.zip
Size

7.5MB
MD5

49e7ca27b322e2b9e2e0e7fc1802b319
SHA1

1edd4fbbb5244ea8817f40ebd52ba92116877cff
SHA256

b2d46cbd4a2349d6ad8d9614e34d5637b02eea1e6bbc4eef3f483d50de056536
SHA512

3076e7f27e2a0e602899110fc7804752fdecf96fa43369b20b2101a160e32b4de9c4cf3ef94db30fc6d445f35497d71c300becbbb45c6ddeaf41eda87094e42d
SSDEEP

196608:FnJcY7ttbe37b+W08Ec+OTgbdGJk0zTMLqRQDpqRXfAnigT6Lbf:FVtCw8Ec+OTmdgk0zAeQDpKXInigT6Hf

Score

3^/10

Malware Config

Signatures

Unsigned PE 4 IoCs

Checks for missing Authenticode signature.

resource
unpack001/RtkAudUService64.exe
unpack001/libgcc_s_seh-1.dll
unpack001/libstdc++-6.dll
unpack001/libvmime.dll

Files

RtkAudUService64.zip
.zip
RtkAudUService64.exe
.exe windows:4 windows x64 arch:x64

a1aa8e6380e273c50b16267cd686a857

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

GetUserNameA
RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW

libgcc_s_seh-1

_Unwind_Resume

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDIBits
SelectObject

kernel32

CreateDirectoryW
DeleteCriticalSection
EnterCriticalSection
GetComputerNameA
GetFileAttributesW
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleW
GetProcAddress
GlobalLock
GlobalUnlock
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
SetUnhandledExceptionFilter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_amsg_exit
_assert
_cexit
_commode
_errno
_filelengthi64
_fileno
_fmode
_initterm
_localtime64
_mktime64
_onexit
_stat64
_time64
_utime
_wcsdup
_wfopen
abort
calloc
exit
fclose
fflush
fgetpos
fopen_s
fprintf
fputc
fputwc
fread
free
freopen_s
fsetpos
fwprintf
fwrite
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
realloc
remove
signal
strerror
strlen
strncmp
strtol
vfprintf
wcslen

shell32

SHFileOperationA
SHFileOperationW

libstdc++-6

_ZNKRSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEE3strEv
_ZNKRSt7__cxx1118basic_stringstreamIwSt11char_traitsIwESaIwEE3strEv
_ZNKRSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEE3strEv
_ZNKSt10filesystem7__cxx1128recursive_directory_iteratordeEv
_ZNKSt10filesystem7__cxx114path17_M_find_extensionEv
_ZNKSt10filesystem7__cxx114path5_List13_Impl_deleterclEPNS2_5_ImplE
_ZNKSt10filesystem7__cxx114path7compareERKS1_
_ZNKSt13basic_fstreamIcSt11char_traitsIcEE5rdbufEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE10do_unshiftERiPcS2_RS2_
_ZNKSt25__codecvt_utf8_utf16_baseIwE11do_encodingEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE13do_max_lengthEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE16do_always_noconvEv
_ZNKSt25__codecvt_utf8_utf16_baseIwE5do_inERiPKcS3_RS3_PwS5_RS5_
_ZNKSt25__codecvt_utf8_utf16_baseIwE6do_outERiPKwS3_RS3_PcS5_RS5_
_ZNKSt25__codecvt_utf8_utf16_baseIwE9do_lengthERiPKcS3_y
_ZNKSt9type_info7__equalERKS_
_ZNSo5writeEPKcx
_ZNSolsEPFRSoS_E
_ZNSolsEPSt15basic_streambufIcSt11char_traitsIcEE
_ZNSolsEi
_ZNSt10filesystem6statusERKNS_7__cxx114pathE
_ZNSt10filesystem7__cxx1116filesystem_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEESt10error_code
_ZNSt10filesystem7__cxx1116filesystem_errorD1Ev
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorC1ERKNS0_4pathENS_17directory_optionsEPSt10error_code
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorD1Ev
_ZNSt10filesystem7__cxx1128recursive_directory_iteratorppEv
_ZNSt10filesystem7__cxx114path14_M_split_cmptsEv
_ZNSt10filesystem7__cxx114path5_ListC1ERKS2_
_ZNSt10filesystem7__cxx114path5_ListC1Ev
_ZNSt12__shared_ptrINSt10filesystem7__cxx1128recursive_directory_iterator10_Dir_stackELN9__gnu_cxx12_Lock_policyE2EEC1EOS6_
_ZNSt12__shared_ptrINSt10filesystem7__cxx1128recursive_directory_iterator10_Dir_stackELN9__gnu_cxx12_Lock_policyE2EEC1Ev
_ZNSt13basic_fstreamIcSt11char_traitsIcEE5closeEv
_ZNSt13basic_fstreamIcSt11char_traitsIcEEC1EPKwSt13_Ios_Openmode
_ZNSt13basic_fstreamIcSt11char_traitsIcEEC1ERKNSt7__cxx1112basic_stringIcS1_SaIcEEESt13_Ios_Openmode
_ZNSt13basic_fstreamIcSt11char_traitsIcEED1Ev
_ZNSt13basic_ostreamIwSt11char_traitsIwEElsEm
_ZNSt13runtime_errorC1EPKc
_ZNSt13runtime_errorD1Ev
_ZNSt14basic_ofstreamIcSt11char_traitsIcEEC1ERKNSt7__cxx1112basic_stringIcS1_SaIcEEESt13_Ios_Openmode
_ZNSt14basic_ofstreamIcSt11char_traitsIcEED1Ev
_ZNSt25__codecvt_utf8_utf16_baseIwED2Ev
_ZNSt3_V216generic_categoryEv
_ZNSt6chrono3_V212system_clock3nowEv
_ZNSt6thread15_M_start_threadESt10unique_ptrINS_6_StateESt14default_deleteIS1_EEPFvvE
_ZNSt6thread6_StateD2Ev
_ZNSt6thread6detachEv
_ZNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEE15_M_replace_coldEPwyPKwyy
_ZNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEEC1Ev
_ZNSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt7__cxx1118basic_stringstreamIwSt11char_traitsIwESaIwEEC1Ev
_ZNSt7__cxx1118basic_stringstreamIwSt11char_traitsIwESaIwEED1Ev
_ZNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEEC1Ev
_ZNSt7codecvtIwciEC2Ey
_ZSt17__throw_bad_allocv
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base
_ZSt19__throw_logic_errorPKc
_ZSt19__throw_range_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt20__throw_out_of_rangePKc
_ZSt24__throw_invalid_argumentPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt25__throw_bad_function_callv
_ZSt28__throw_bad_array_new_lengthv
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_
_ZSt4cerr
_ZSt4cout
_ZSt4endlIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_
_ZSt5wcout
_ZSt9terminatev
_ZStlsISt11char_traitsIcEERSt13basic_ostreamIcT_ES5_PKc
_ZStlsIcSt11char_traitsIcESaIcEERSt13basic_ostreamIT_T0_ES7_RKNSt7__cxx1112basic_stringIS4_S5_T1_EE
_ZStlsIwSt11char_traitsIwEERSt13basic_ostreamIT_T0_ES6_PKS3_
_ZStlsIwSt11char_traitsIwEERSt13basic_ostreamIT_T0_ES6_PKc
_ZStlsIwSt11char_traitsIwEERSt13basic_ostreamIT_T0_ES6_S3_
_ZStlsIwSt11char_traitsIwEERSt13basic_ostreamIT_T0_ES6_c
_ZStlsIwSt11char_traitsIwESaIwEERSt13basic_ostreamIT_T0_ES7_RKNSt7__cxx1112basic_stringIS4_S5_T1_EE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVNSt6thread6_StateE
_ZTVSt25__codecvt_utf8_utf16_baseIwE
_ZdaPv
_ZdlPv
_ZdlPvy
_Znay
_Znwy
__cxa_allocate_exception
__cxa_bad_cast
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_rethrow
__cxa_throw
__dynamic_cast
__gxx_personality_seh0

user32

CloseClipboard
GetAsyncKeyState
GetClipboardData
GetDesktopWindow
GetForegroundWindow
GetKeyboardLayout
GetWindowDC
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
OpenClipboard
ReleaseDC

libvmime

_ZN5vmime11addressList13appendAddressERKSt10shared_ptrINS_7addressEE
_ZN5vmime11addressListC1Ev
_ZN5vmime11addressListD1Ev
_ZN5vmime11propertySet12findOrCreateERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet8property8setValueIbEEvRKT_
_ZN5vmime11propertySetixERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime12emailAddressC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime14fileAttachmentC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9mediaTypeE
_ZN5vmime14messageBuilder10setSubjectERKNS_4textE
_ZN5vmime14messageBuilder12setExpeditorERKNS_7mailboxE
_ZN5vmime14messageBuilder13setRecipientsERKNS_11addressListE
_ZN5vmime14messageBuilder16appendAttachmentERKSt10shared_ptrINS_10attachmentEE
_ZN5vmime14messageBuilderC1Ev
_ZN5vmime14messageBuilderD1Ev
_ZN5vmime16headerFieldValue16getGeneratedSizeERKNS_17generationContextE
_ZN5vmime3net6tracer14traceSendBytesEyRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime3net6tracer17traceReceiveBytesEyRKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime3net7service16setTracerFactoryERKSt10shared_ptrINS0_13tracerFactoryEE
_ZN5vmime3net7service22setCertificateVerifierERKSt10shared_ptrINS_8security4cert19certificateVerifierEE
_ZN5vmime3net7session12getTransportERKNS_7utility3urlERKSt10shared_ptrINS_8security13authenticatorEE
_ZN5vmime3net7session13getPropertiesEv
_ZN5vmime3net7session6createEv
_ZN5vmime3net9transport11sendOptionsC1Ev
_ZN5vmime3net9transport11sendOptionsD1Ev
_ZN5vmime4textC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime4textD1Ev
_ZN5vmime6objectC2Ev
_ZN5vmime6objectD2Ev
_ZN5vmime7mailboxC1ERKNS_12emailAddressE
_ZN5vmime7utility3urlC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime8platform10getHandlerEv
_ZN5vmime8security4cert16certificateChain5getAtEy
_ZN5vmime8security4cert26defaultCertificateVerifier19setX509TrustedCertsERKSt6vectorISt10shared_ptrINS1_15X509CertificateEESaIS6_EE
_ZN5vmime8security4cert26defaultCertificateVerifier6verifyERKSt10shared_ptrINS1_16certificateChainEERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime8security4cert26defaultCertificateVerifierC2Ev
_ZN5vmime8security4cert26defaultCertificateVerifierD2Ev
_ZN5vmime8security4sasl24defaultSASLAuthenticator10setServiceERKSt10shared_ptrINS_3net7serviceEE
_ZN5vmime8security4sasl24defaultSASLAuthenticator14setSASLSessionERKSt10shared_ptrINS1_11SASLSessionEE
_ZN5vmime8security4sasl24defaultSASLAuthenticator16setSASLMechanismERKSt10shared_ptrINS1_13SASLMechanismEE
_ZN5vmime8security4sasl24defaultSASLAuthenticatorC2Ev
_ZN5vmime8security4sasl24defaultSASLAuthenticatorD2Ev
_ZN5vmime9component9parseImplERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime9component9parseImplERKNS_14parsingContextERKSt10shared_ptrINS_7utility24parserInputStreamAdapterEEyyPy
_ZN5vmime9componentD2Ev
_ZN5vmime9mediaTypeC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNK5vmime10exceptions13command_error7commandB5cxx11Ev
_ZNK5vmime10exceptions13command_error8responseB5cxx11Ev
_ZNK5vmime10exceptions16invalid_response8responseB5cxx11Ev
_ZNK5vmime10exceptions20authentication_error8responseB5cxx11Ev
_ZNK5vmime10exceptions20filesystem_exception4pathEv
_ZNK5vmime10exceptions25connection_greeting_error8responseB5cxx11Ev
_ZNK5vmime14messageBuilder9constructEv
_ZNK5vmime8security4sasl24defaultSASLAuthenticator11getHostnameB5cxx11Ev
_ZNK5vmime8security4sasl24defaultSASLAuthenticator14getAccessTokenB5cxx11Ev
_ZNK5vmime8security4sasl24defaultSASLAuthenticator14getServiceNameB5cxx11Ev
_ZNK5vmime8security4sasl24defaultSASLAuthenticator17getAnonymousTokenB5cxx11Ev
_ZNK5vmime8security4sasl24defaultSASLAuthenticator23getAcceptableMechanismsERKSt6vectorISt10shared_ptrINS1_13SASLMechanismEESaIS6_EERKS6_
_ZNK5vmime9component8generateB5cxx11Eyy
_ZNK5vmime9component8generateERKNS_17generationContextERNS_7utility12outputStreamEyPy
_ZNK5vmime9component8generateERNS_7utility12outputStreamEyPy
_ZNK5vmime9exception5otherEv
_ZTVN5vmime12emailAddressE
_ZTVN5vmime16headerFieldValueE
_ZTVN5vmime3net13tracerFactoryE
_ZTVN5vmime3net6tracerE
_ZTVN5vmime4wordE
_ZTVN5vmime7addressE
_ZTVN5vmime7charsetE
_ZTVN5vmime7mailboxE
_ZTVN5vmime9mediaTypeE

Sections

.text
Size: 272KB - Virtual size: 272KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 728B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
advapi32.dll
.dll windows:10 windows x64 arch:x64

dc649ce6dc3a3e76d55574e45a065b48

Code Sign

33:00:00:06:ad:ac:dd:3c:98:83:5e:29:49:00:00:00:00:06:ad
Certificate

Issuer

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13/07/2023, 22:37

Not After

15/09/2024, 22:37

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Development Root Certificate Authority 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/05/2014, 17:33

Not After

28/05/2029, 17:43

Subject

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a8:5b:d0:6a:c4:98:7a:6f:82:4e:2f:4e:9f:05:96:c2:4a:0c:28:32:04:38:da:08:ba:fa:f4:fe:08:b7:a5:82
Signer

Actual PE Digest

a8:5b:d0:6a:c4:98:7a:6f:82:4e:2f:4e:9f:05:96:c2:4a:0c:28:32:04:38:da:08:ba:fa:f4:fe:08:b7:a5:82

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

advapi32.pdb

Imports

msvcrt

wcscpy_s
wcscat_s
swprintf_s
_wcsicmp
_wcsnicmp
tolower
strstr
strchr
_ultow_s
iswctype
wcstoul
_wcstoui64
_wcstoi64
_ultow
wcsstr
_errno
_ui64tow_s
_i64tow_s
_stricmp
memcpy_s
wcsnlen
_resetstkoflw
iswalpha
wcsncmp
_vsnprintf
__CxxFrameHandler4
__CxxFrameHandler3
?terminate@@YAXXZ
wcstok_s
memcmp
memcpy
memmove
_vsnwprintf
wcsrchr
wcschr
swscanf_s
__C_specific_handler
wcsncpy_s
memset

ntdll

RtlIsValidIndexHandle
RtlFreeHandle
NtOpenKey
NtQueryValueKey
NtClose
NtOpenThreadToken
NtOpenProcessToken
RtlEqualSid
RtlLengthSid
RtlAddAccessAllowedAceEx
NtSetInformationToken
RtlCreateSecurityDescriptor
RtlSetOwnerSecurityDescriptor
NtDuplicateToken
NtCompareTokens
RtlAllocateAndInitializeSid
RtlFreeSid
RtlIsGenericTableEmpty
RtlEnumerateGenericTableWithoutSplaying
RtlCopyUnicodeString
RtlDuplicateUnicodeString
RtlExpandEnvironmentStrings_U
NtOpenFile
RtlCreateUnicodeString
NtQueryInformationProcess
RtlGetLastNtStatus
NtQueryKey
RtlValidSid
LdrLoadDll
RtlImageNtHeader
LdrUnloadDll
NtDeviceIoControlFile
NtQuerySystemInformation
EtwEventRegister
EtwEventWrite
NtCreateKey
NtSetValueKey
RtlDeleteElementGenericTable
RtlAppendUnicodeToString
NtDeleteKey
RtlInsertElementGenericTable
RtlCopySid
RtlInitializeHandleTable
RtlDestroyHandleTable
EtwEventUnregister
NtEnumerateKey
RtlIntegerToUnicodeString
RtlStringFromGUID
RtlAppendUnicodeStringToString
RtlFormatCurrentUserKeyPath
RtlInitializeGenericTable
RtlQueryRegistryValuesEx
RtlLookupElementGenericTable
RtlNumberGenericTableElements
RtlGUIDFromString
RtlUpcaseUnicodeChar
NtQueryVolumeInformationFile
NtOpenSymbolicLinkObject
NtQuerySymbolicLinkObject
RtlPrefixUnicodeString
RtlDetermineDosPathNameType_U
NtQueryInformationFile
RtlGetFullPathName_U
RtlUnicodeToMultiByteN
RtlNtStatusToDosErrorNoTeb
RtlUnicodeToMultiByteSize
RtlAnsiCharToUnicodeChar
RtlMultiByteToUnicodeN
NtTraceControl
RtlSetLastWin32Error
RtlInitAnsiStringEx
RtlInitUnicodeStringEx
RtlCreateUnicodeStringFromAsciiz
NtRenameKey
RtlQueryPackageIdentity
RtlOemStringToUnicodeString
RtlIsTextUnicode
NtSetInformationThread
RtlAddAce
RtlValidAcl
RtlSetSaclSecurityDescriptor
RtlInitializeSid
RtlGetControlSecurityDescriptor
RtlAddAuditAccessObjectAce
RtlSetDaclSecurityDescriptor
RtlGetSaclSecurityDescriptor
RtlGetAce
RtlAddAuditAccessAceEx
RtlxAnsiStringToUnicodeSize
RtlGetOwnerSecurityDescriptor
RtlGetGroupSecurityDescriptor
RtlAbsoluteToSelfRelativeSD
RtlAddAccessDeniedAceEx
RtlAddAccessAllowedObjectAce
RtlAddAccessDeniedObjectAce
RtlAllocateHandle
RtlSetGroupSecurityDescriptor
RtlGetDaclSecurityDescriptor
RtlDosPathNameToNtPathName_U
EtwEventWriteTransfer
EtwEventSetInformation
RtlImpersonateSelf
RtlAdjustPrivilege
RtlCopyString
RtlTimeToSecondsSince1970
EtwTraceMessage
EtwGetTraceLoggerHandle
EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
EtwRegisterTraceGuidsW
EtwUnregisterTraceGuids
NtWaitForSingleObject
RtlGetVersion
NtQueryInformationThread
NtQuerySecurityObject
RtlRunOnceExecuteOnce
RtlRunOnceBeginInitialize
RtlDllShutdownInProgress
RtlRunOnceInitialize
RtlAcquireSRWLockExclusive
RtlReleaseSRWLockExclusive
TpSetTimer
TpWaitForTimer
TpReleaseTimer
NtQueryPerformanceCounter
RtlDeleteBoundaryDescriptor
NtCreateMutant
NtOpenPrivateNamespace
NtCreatePrivateNamespace
RtlAddSIDToBoundaryDescriptor
RtlCreateBoundaryDescriptor
NtWaitForMultipleObjects
RtlCreateAcl
RtlValidRelativeSecurityDescriptor
NtCreateFile
NtWriteFile
NtFlushBuffersFile
NtSetInformationFile
NtReadFile
RtlWaitOnAddress
RtlWakeAddressAll
RtlQueryPerformanceCounter
RtlInsertElementGenericTableAvl
RtlAcquireSRWLockShared
RtlLookupElementGenericTableAvl
RtlReleaseSRWLockShared
RtlEnumerateGenericTableAvl
RtlDeleteElementGenericTableAvl
RtlInitializeGenericTableAvl
RtlWakeAddressSingle
RtlDosPathNameToRelativeNtPathName_U
RtlReleaseRelativeName
RtlEqualUnicodeString
RtlDestroyQueryDebugBuffer
RtlQueryProcessDebugInformation
NtAlpcQueryInformation
RtlCreateQueryDebugBuffer
NtQueryObject
NtQueryMutant
RtlInitString
RtlAddAccessAllowedAce
RtlOpenCurrentUser
NtReplaceKey
NtSaveKey
NtSaveMergedKeys
RtlLengthSecurityDescriptor
RtlValidSecurityDescriptor
RtlGetNtProductType
RtlConvertSidToUnicodeString
RtlSubAuthorityCountSid
RtlSubAuthoritySid
RtlGetThreadPreferredUILanguages
RtlMakeSelfRelativeSD
RtlFreeHeap
RtlxUnicodeStringToAnsiSize
NtQueryInformationToken
RtlFreeUnicodeString
RtlAllocateHeap
RtlFirstFreeAce
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlInitializeCriticalSection
RtlDeleteCriticalSection
NtSetSystemInformation
RtlLeaveCriticalSection
RtlEnterCriticalSection
DbgPrint
RtlNtStatusToDosError
RtlInitAnsiString
RtlUnicodeStringToAnsiString
RtlGetCurrentTransaction
RtlInitUnicodeString
NtOpenKeyEx
NtSetInformationKey
LdrGetProcedureAddress
LdrGetDllHandle
RtlAnsiStringToUnicodeString
RtlFreeAnsiString
RtlUnicodeStringToInteger

api-ms-win-eventing-controller-l1-1-0

EnableTraceEx2
EnumerateTraceGuidsEx
ControlTraceW
TraceSetInformation
EventAccessRemove
EventAccessQuery
StartTraceW
StopTraceW
QueryAllTracesW
EventAccessControl

api-ms-win-eventing-consumer-l1-1-0

ProcessTrace
CloseTrace
OpenTraceW

api-ms-win-eventing-consumer-l1-1-1

QueryTraceProcessingHandle

kernelbase

lstrcmpiW
RegKrnGetHKEY_ClassesRootAddress
RegKrnGetClassesEnumTableAddressInternal
RegKrnGetTermsrvRegistryExtensionFlags
lstrlenW
LocalAlloc
LocalReAlloc
CreateProcessAsUserW
CreateProcessAsUserA
GetSystemDefaultUILanguage
RegDeleteKeyExInternalW
RegCreateKeyExInternalW
RegOpenKeyExInternalW
CLOSE_LOCAL_HANDLE_INTERNAL
MapPredefinedHandleInternal
RegDeleteKeyExInternalA
RemapPredefinedHandleInternal
RegCreateKeyExInternalA
DisablePredefinedHandleTableInternal
RegOpenKeyExInternalA
GetStagedPackagePathByFullName
PackageIdFromFullName
GetUserDefaultUILanguage
lstrcmpW
Sleep

sechost

QueryAllTracesA
ControlTraceA
StartTraceA

api-ms-win-service-core-l1-1-0

StartServiceCtrlDispatcherW
SetServiceStatus
RegisterServiceCtrlHandlerExW

api-ms-win-service-core-l1-1-1

QueryServiceDynamicInformation
EnumServicesStatusExW
EnumDependentServicesW

api-ms-win-service-core-l1-1-2

GetServiceKeyNameW
GetServiceDisplayNameW

api-ms-win-service-management-l1-1-0

CreateServiceW
OpenServiceW
StartServiceW
ControlServiceExW
DeleteService
OpenSCManagerW
CloseServiceHandle

api-ms-win-service-management-l2-1-0

QueryServiceConfigW
SetServiceObjectSecurity
ChangeServiceConfig2W
NotifyServiceStatusChangeW
QueryServiceObjectSecurity
QueryServiceConfig2W
ChangeServiceConfigW
QueryServiceStatusEx

api-ms-win-service-private-l1-1-4

CreateServiceEx

api-ms-win-service-private-l1-1-2

QueryLocalUserServiceName
QueryUserServiceName
I_ScReparseServiceDatabase

api-ms-win-service-private-l1-1-3

QueryUserServiceNameForContext

api-ms-win-service-private-l1-1-0

I_ScSetServiceBitsW
I_ScSetServiceBitsA
WaitServiceState
I_ScRpcBindA
I_ScRpcBindW

api-ms-win-service-winsvc-l1-1-0

RegisterServiceCtrlHandlerW
ChangeServiceConfigA
StartServiceA
OpenServiceA
QueryServiceConfigA
NotifyServiceStatusChangeA
OpenSCManagerA
ControlServiceExA
QueryServiceStatus
StartServiceCtrlDispatcherA
CreateServiceA
QueryServiceConfig2A
ChangeServiceConfig2A
RegisterServiceCtrlHandlerA
ControlService
RegisterServiceCtrlHandlerExA

api-ms-win-core-namedpipe-l1-1-0

ImpersonateNamedPipeClient

api-ms-win-core-processthreads-l1-1-0

OpenThreadToken
GetProcessId
CreateThread
GetPriorityClass
GetCurrentThread
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
OpenProcessToken
OpenThread
SetThreadToken

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-security-base-l1-1-0

AllocateAndInitializeSid
AccessCheckByTypeResultListAndAuditAlarmByHandleW
ObjectDeleteAuditAlarmW
GetSidSubAuthorityCount
SetTokenInformation
AreAnyAccessesGranted
SetSecurityDescriptorRMControl
EqualSid
GetAce
GetSecurityDescriptorRMControl
SetSecurityDescriptorOwner
IsTokenRestricted
PrivilegedServiceAuditAlarmW
InitializeSid
GetSecurityDescriptorOwner
ImpersonateAnonymousToken
EqualDomainSid
ImpersonateLoggedOnUser
SetSecurityDescriptorSacl
IsValidSid
AddAce
AddAuditAccessAce
AccessCheckByTypeResultListAndAuditAlarmW
SetAclInformation
IsValidSecurityDescriptor
AddAccessDeniedAce
CreateRestrictedToken
FreeSid
EqualPrefixSid
GetFileSecurityW
GetSidSubAuthority
CheckTokenMembership
InitializeSecurityDescriptor
InitializeAcl
DuplicateToken
SetPrivateObjectSecurityEx
AddAccessAllowedObjectAce
GetKernelObjectSecurity
MapGenericMask
SetKernelObjectSecurity
AddAccessAllowedAceEx
GetLengthSid
SetSecurityDescriptorControl
DuplicateTokenEx
IsValidAcl
GetSecurityDescriptorLength
AddAccessAllowedAce
AddAccessDeniedObjectAce
MakeSelfRelativeSD
AccessCheckByType
AddAuditAccessAceEx
MakeAbsoluteSD
SetSecurityDescriptorGroup
GetSidIdentifierAuthority
GetTokenInformation
AccessCheckByTypeResultList
PrivilegeCheck
ObjectCloseAuditAlarmW
AccessCheck
DestroyPrivateObjectSecurity
GetSecurityDescriptorGroup
ConvertToAutoInheritPrivateObjectSecurity
DeleteAce
IsWellKnownSid
ObjectPrivilegeAuditAlarmW
GetWindowsAccountDomainSid
SetPrivateObjectSecurity
CopySid
GetSecurityDescriptorControl
SetSecurityAccessMask
AddAccessDeniedAceEx
CreatePrivateObjectSecurity
CreateWellKnownSid
GetPrivateObjectSecurity
AreAllAccessesGranted
CreatePrivateObjectSecurityWithMultipleInheritance
AccessCheckAndAuditAlarmW
AdjustTokenGroups
CreatePrivateObjectSecurityEx
GetAclInformation
SetFileSecurityW
AddAuditAccessObjectAce
AllocateLocallyUniqueId
GetSecurityDescriptorDacl
RevertToSelf
QuerySecurityAccessMask
GetSidLengthRequired
ObjectOpenAuditAlarmW
GetSecurityDescriptorSacl
FindFirstFreeAce
AccessCheckByTypeAndAuditAlarmW
SetSecurityDescriptorDacl
AdjustTokenPrivileges
ImpersonateSelf

api-ms-win-security-base-private-l1-1-0

MakeAbsoluteSD2

api-ms-win-core-registry-l1-1-0

RegDeleteTreeA
RegDisablePredefinedCacheEx
RegNotifyChangeKeyValue
RegGetKeySecurity
RegLoadAppKeyW
RegDeleteKeyExW
RegOpenCurrentUser
RegQueryInfoKeyW
RegGetValueA
RegSaveKeyExA
RegLoadMUIStringA
RegQueryValueExA
RegCreateKeyExA
RegFlushKey
RegCreateKeyExW
RegUnLoadKeyA
RegOpenUserClassesRoot
RegDeleteKeyExA
RegEnumKeyExW
RegSetKeySecurity
RegSaveKeyExW
RegDeleteTreeW
RegLoadMUIStringW
RegSetValueExW
RegLoadAppKeyA
RegSetValueExA
RegCopyTreeW
RegLoadKeyA
RegUnLoadKeyW
RegQueryInfoKeyA
RegLoadKeyW
RegOpenKeyExA
RegGetValueW
RegRestoreKeyW
RegEnumValueA
RegDeleteValueW
RegRestoreKeyA
RegDeleteValueA
RegEnumValueW
RegEnumKeyExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW
RegDeleteKeyValueA
RegDeleteKeyValueW
RegSetKeyValueA

api-ms-win-core-registry-l1-1-2

RegQueryMultipleValuesA
RegQueryMultipleValuesW

api-ms-win-core-sysinfo-l1-1-0

GetComputerNameExA
GetSystemDirectoryW
GetSystemTimeAsFileTime
GetTickCount
GetLocalTime
GetSystemWindowsDirectoryW
GetComputerNameExW
GetSystemTime

api-ms-win-core-sysinfo-l1-2-0

GetSystemTimePreciseAsFileTime

kernel32

AreFileApisANSI
MultiByteToWideChar
LocalFree
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
GetLastError
GetProcAddress
DelayLoadFailureHook
ResolveDelayLoadedAPI
FreeLibrary
LoadLibraryExW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
CreateEventW
CloseHandle
GetThreadUILanguage
GetCommandLineW
GetModuleHandleExW
WriteFile
ExpandEnvironmentStringsW
SetFilePointer
CreateFileW
FormatMessageW
GetFileAttributesExW
OutputDebugStringW
DeleteFileW
MoveFileW
GetModuleHandleW
GetFileSizeEx
CreateFileMappingW
HeapAlloc
GetProcessHeap
MapViewOfFile
UnmapViewOfFile
HeapFree
GetLongPathNameW
CompareFileTime
FindResourceExW
LoadResource
GetVolumePathNameW
DeleteCriticalSection
WaitForSingleObject
InitOnceBeginInitialize
CompareStringOrdinal
ReleaseMutex
InitOnceComplete
GetComputerNameW
ExpandEnvironmentStringsA
GetModuleFileNameW
SearchPathW
GetFullPathNameW
GetFileAttributesW
SleepEx
LoadLibraryExA
LoadLibraryA
CreateMutexW
CreateThreadpoolTimer
InitializeCriticalSection
SizeofResource
LockResource
SetEvent
ResetEvent
GetFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GetFileSize
FindFirstFileExW
FindNextFileW
FindClose
CopyFileExW
TermsrvDeleteKey
TermsrvOpenUserClasses
ReadProcessMemory
DecodePointer
LoadLibraryW
DuplicateHandle
FreeLibraryAndExitThread
EncodePointer
FreeLibraryWhenCallbackReturns
CloseThreadpoolIo
CancelIoEx
CancelThreadpoolIo
CreateThreadpoolIo
DeviceIoControl
StartThreadpoolIo
GetFileMUIPath
EnumUILanguagesW
SetErrorMode
RaiseException
SetFileInformationByHandle
SetLastError

rpcrt4

RpcBindingBind
RpcBindingCreateW
RpcSsDestroyClientContext
RpcBindingSetAuthInfoExW
RpcStringFreeW
RpcBindingFree
NdrClientCall3
RpcExceptionFilter
UuidToStringW
UuidFromStringW
NdrClientCall2
RpcBindingFromStringBindingW
RpcMgmtInqServerPrincNameW
RpcStringBindingComposeW
I_RpcSNCHOption
RpcBindingSetAuthInfoA
RpcEpResolveBinding
RpcBindingSetAuthInfoW
I_RpcMapWin32Status
I_RpcExceptionFilter

api-ms-win-core-timezone-l1-1-0

EnumDynamicTimeZoneInformation
GetDynamicTimeZoneInformationEffectiveYears

api-ms-win-security-audit-l1-1-1

AuditLookupSubCategoryNameW
AuditQuerySecurity
AuditEnumeratePerUserPolicy
AuditSetPerUserPolicy
AuditEnumerateSubCategories
AuditQueryGlobalSaclW
AuditEnumerateCategories
AuditQueryPerUserPolicy
AuditLookupCategoryNameW
AuditSetGlobalSaclW
AuditSetSecurity

api-ms-win-security-audit-l1-1-0

AuditComputeEffectivePolicyBySid
AuditFree
AuditQuerySystemPolicy
AuditSetSystemPolicy

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventUnregister
EventWriteTransfer

api-ms-win-core-pcw-l1-1-0

PcwCollectData
PcwSetQueryItemUserData
PcwAddQueryItem
PcwRemoveQueryItem
PcwSendNotification
PcwSendStatelessNotification
PcwCreateNotifier
PcwEnumerateInstances
PcwCreateQuery

Exports

Exports

A_SHAFinal
A_SHAInit
A_SHAUpdate
AbortSystemShutdownA
AbortSystemShutdownW
AccessCheck
AccessCheckAndAuditAlarmA
AccessCheckAndAuditAlarmW
AccessCheckByType
AccessCheckByTypeAndAuditAlarmA
AccessCheckByTypeAndAuditAlarmW
AccessCheckByTypeResultList
AccessCheckByTypeResultListAndAuditAlarmA
AccessCheckByTypeResultListAndAuditAlarmByHandleA
AccessCheckByTypeResultListAndAuditAlarmByHandleW
AccessCheckByTypeResultListAndAuditAlarmW
AddAccessAllowedAce
AddAccessAllowedAceEx
AddAccessAllowedObjectAce
AddAccessDeniedAce
AddAccessDeniedAceEx
AddAccessDeniedObjectAce
AddAce
AddAuditAccessAce
AddAuditAccessAceEx
AddAuditAccessObjectAce
AddConditionalAce
AddMandatoryAce
AddUsersToEncryptedFile
AddUsersToEncryptedFileEx
AdjustTokenGroups
AdjustTokenPrivileges
AllocateAndInitializeSid
AllocateLocallyUniqueId
AreAllAccessesGranted
AreAnyAccessesGranted
AuditComputeEffectivePolicyBySid
AuditComputeEffectivePolicyByToken
AuditEnumerateCategories
AuditEnumeratePerUserPolicy
AuditEnumerateSubCategories
AuditFree
AuditLookupCategoryGuidFromCategoryId
AuditLookupCategoryIdFromCategoryGuid
AuditLookupCategoryNameA
AuditLookupCategoryNameW
AuditLookupSubCategoryNameA
AuditLookupSubCategoryNameW
AuditQueryGlobalSaclA
AuditQueryGlobalSaclW
AuditQueryPerUserPolicy
AuditQuerySecurity
AuditQuerySystemPolicy
AuditSetGlobalSaclA
AuditSetGlobalSaclW
AuditSetPerUserPolicy
AuditSetSecurity
AuditSetSystemPolicy
BackupEventLogA
BackupEventLogW
BaseRegCloseKey
BaseRegCreateKey
BaseRegDeleteKeyEx
BaseRegDeleteValue
BaseRegFlushKey
BaseRegGetVersion
BaseRegLoadKey
BaseRegOpenKey
BaseRegRestoreKey
BaseRegSaveKeyEx
BaseRegSetKeySecurity
BaseRegSetValue
BaseRegUnLoadKey
BuildExplicitAccessWithNameA
BuildExplicitAccessWithNameW
BuildImpersonateExplicitAccessWithNameA
BuildImpersonateExplicitAccessWithNameW
BuildImpersonateTrusteeA
BuildImpersonateTrusteeW
BuildSecurityDescriptorA
BuildSecurityDescriptorW
BuildTrusteeWithNameA
BuildTrusteeWithNameW
BuildTrusteeWithObjectsAndNameA
BuildTrusteeWithObjectsAndNameW
BuildTrusteeWithObjectsAndSidA
BuildTrusteeWithObjectsAndSidW
BuildTrusteeWithSidA
BuildTrusteeWithSidW
CancelOverlappedAccess
ChangeServiceConfig2A
ChangeServiceConfig2W
ChangeServiceConfigA
ChangeServiceConfigW
CheckForHiberboot
CheckTokenMembership
ClearEventLogA
ClearEventLogW
CloseCodeAuthzLevel
CloseEncryptedFileRaw
CloseEventLog
CloseServiceHandle
CloseThreadWaitChainSession
CloseTrace
CommandLineFromMsiDescriptor
ComputeAccessTokenFromCodeAuthzLevel
ControlService
ControlServiceExA
ControlServiceExW
ControlTraceA
ControlTraceW
ConvertAccessToSecurityDescriptorA
ConvertAccessToSecurityDescriptorW
ConvertSDToStringSDDomainW
ConvertSDToStringSDRootDomainA
ConvertSDToStringSDRootDomainW
ConvertSecurityDescriptorToAccessA
ConvertSecurityDescriptorToAccessNamedA
ConvertSecurityDescriptorToAccessNamedW
ConvertSecurityDescriptorToAccessW
ConvertSecurityDescriptorToStringSecurityDescriptorA
ConvertSecurityDescriptorToStringSecurityDescriptorW
ConvertSidToStringSidA
ConvertSidToStringSidW
ConvertStringSDToSDDomainA
ConvertStringSDToSDDomainW
ConvertStringSDToSDRootDomainA
ConvertStringSDToSDRootDomainW
ConvertStringSecurityDescriptorToSecurityDescriptorA
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidA
ConvertStringSidToSidW
ConvertToAutoInheritPrivateObjectSecurity
CopySid
CreateCodeAuthzLevel
CreatePrivateObjectSecurity
CreatePrivateObjectSecurityEx
CreatePrivateObjectSecurityWithMultipleInheritance
CreateProcessAsUserA
CreateProcessAsUserW
CreateProcessWithLogonW
CreateProcessWithTokenW
CreateRestrictedToken
CreateServiceA
CreateServiceEx
CreateServiceW
CreateTraceInstanceId
CreateWellKnownSid
CredBackupCredentials
CredDeleteA
CredDeleteW
CredEncryptAndMarshalBinaryBlob
CredEnumerateA
CredEnumerateW
CredFindBestCredentialA
CredFindBestCredentialW
CredFree
CredGetSessionTypes
CredGetTargetInfoA
CredGetTargetInfoW
CredIsMarshaledCredentialA
CredIsMarshaledCredentialW
CredIsProtectedA
CredIsProtectedW
CredMarshalCredentialA
CredMarshalCredentialW
CredProfileLoaded
CredProfileLoadedEx
CredProfileUnloaded
CredProtectA
CredProtectW
CredReadA
CredReadByTokenHandle
CredReadDomainCredentialsA
CredReadDomainCredentialsW
CredReadW
CredRenameA
CredRenameW
CredRestoreCredentials
CredUnmarshalCredentialA
CredUnmarshalCredentialW
CredUnprotectA
CredUnprotectW
CredWriteA
CredWriteDomainCredentialsA
CredWriteDomainCredentialsW
CredWriteW
CredpConvertCredential
CredpConvertOneCredentialSize
CredpConvertTargetInfo
CredpDecodeCredential
CredpEncodeCredential
CredpEncodeSecret
CryptAcquireContextA
CryptAcquireContextW
CryptContextAddRef
CryptCreateHash
CryptDecrypt
CryptDeriveKey
CryptDestroyHash
CryptDestroyKey
CryptDuplicateHash
CryptDuplicateKey
CryptEncrypt
CryptEnumProviderTypesA
CryptEnumProviderTypesW
CryptEnumProvidersA
CryptEnumProvidersW
CryptExportKey
CryptGenKey
CryptGenRandom
CryptGetDefaultProviderA
CryptGetDefaultProviderW
CryptGetHashParam
CryptGetKeyParam
CryptGetProvParam
CryptGetUserKey
CryptHashData
CryptHashSessionKey
CryptImportKey
CryptReleaseContext
CryptSetHashParam
CryptSetKeyParam
CryptSetProvParam
CryptSetProviderA
CryptSetProviderExA
CryptSetProviderExW
CryptSetProviderW
CryptSignHashA
CryptSignHashW
CryptVerifySignatureA
CryptVerifySignatureW
CveEventWrite
DecryptFileA
DecryptFileW
DeleteAce
DeleteService
DeregisterEventSource
DestroyPrivateObjectSecurity
DuplicateEncryptionInfoFile
DuplicateToken
DuplicateTokenEx
EnableTrace
EnableTraceEx
EnableTraceEx2
EncryptFileA
EncryptFileW
EncryptedFileKeyInfo
EncryptionDisable
EnumDependentServicesA
EnumDependentServicesW
EnumDynamicTimeZoneInformation
EnumServiceGroupW
EnumServicesStatusA
EnumServicesStatusExA
EnumServicesStatusExW
EnumServicesStatusW
EnumerateTraceGuids
EnumerateTraceGuidsEx
EqualDomainSid
EqualPrefixSid
EqualSid
EventAccessControl
EventAccessQuery
EventAccessRemove
EventActivityIdControl
EventEnabled
EventProviderEnabled
EventRegister
EventSetInformation
EventUnregister
EventWrite
EventWriteEndScenario
EventWriteEx
EventWriteStartScenario
EventWriteString
EventWriteTransfer
FileEncryptionStatusA
FileEncryptionStatusW
FindFirstFreeAce
FlushEfsCache
FlushTraceA
FlushTraceW
FreeEncryptedFileKeyInfo
FreeEncryptedFileMetadata
FreeEncryptionCertificateHashList
FreeInheritedFromArray
FreeSid
GetAccessPermissionsForObjectA
GetAccessPermissionsForObjectW
GetAce
GetAclInformation
GetAuditedPermissionsFromAclA
GetAuditedPermissionsFromAclW
GetCurrentHwProfileA
GetCurrentHwProfileW
GetDynamicTimeZoneInformationEffectiveYears
GetEffectiveRightsFromAclA
GetEffectiveRightsFromAclW
GetEncryptedFileMetadata
GetEventLogInformation
GetExplicitEntriesFromAclA
GetExplicitEntriesFromAclW
GetFileSecurityA
GetFileSecurityW
GetInformationCodeAuthzLevelW
GetInformationCodeAuthzPolicyW
GetInheritanceSourceA
GetInheritanceSourceW
GetKernelObjectSecurity
GetLengthSid
GetLocalManagedApplicationData
GetLocalManagedApplications
GetManagedApplicationCategories
GetManagedApplications
GetMultipleTrusteeA
GetMultipleTrusteeOperationA
GetMultipleTrusteeOperationW
GetMultipleTrusteeW
GetNamedSecurityInfoA
GetNamedSecurityInfoExA
GetNamedSecurityInfoExW
GetNamedSecurityInfoW
GetNumberOfEventLogRecords
GetOldestEventLogRecord
GetOverlappedAccessResults
GetPrivateObjectSecurity
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorLength
GetSecurityDescriptorOwner
GetSecurityDescriptorRMControl
GetSecurityDescriptorSacl
GetSecurityInfo
GetSecurityInfoExA
GetSecurityInfoExW
GetServiceDisplayNameA
GetServiceDisplayNameW
GetServiceKeyNameA
GetServiceKeyNameW
GetSidIdentifierAuthority
GetSidLengthRequired
GetSidSubAuthority
GetSidSubAuthorityCount
GetStringConditionFromBinary
GetThreadWaitChain
GetTokenInformation
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
GetTrusteeFormA
GetTrusteeFormW
GetTrusteeNameA
GetTrusteeNameW
GetTrusteeTypeA
GetTrusteeTypeW
GetUserNameA
GetUserNameW
GetWindowsAccountDomainSid
I_QueryTagInformation
I_ScGetCurrentGroupStateW
I_ScIsSecurityProcess
I_ScPnPGetServiceName
I_ScQueryServiceConfig
I_ScRegisterPreshutdownRestart
I_ScReparseServiceDatabase
I_ScSendPnPMessage
I_ScSendTSMessage
I_ScSetServiceBitsA
I_ScSetServiceBitsW
I_ScValidatePnPService
IdentifyCodeAuthzLevelW
ImpersonateAnonymousToken
ImpersonateLoggedOnUser
ImpersonateNamedPipeClient
ImpersonateSelf
InitializeAcl
InitializeSecurityDescriptor
InitializeSid
InitiateShutdownA
InitiateShutdownW
InitiateSystemShutdownA
InitiateSystemShutdownExA
InitiateSystemShutdownExW
InitiateSystemShutdownW
InstallApplication
IsTextUnicode
IsTokenRestricted
IsTokenUntrusted
IsValidAcl
IsValidRelativeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
IsWellKnownSid
LockServiceDatabase
LogonUserA
LogonUserExA
LogonUserExExW
LogonUserExW
LogonUserW
LookupAccountNameA
LookupAccountNameW
LookupAccountSidA
LookupAccountSidW
LookupPrivilegeDisplayNameA
LookupPrivilegeDisplayNameW
LookupPrivilegeNameA
LookupPrivilegeNameW
LookupPrivilegeValueA
LookupPrivilegeValueW
LookupSecurityDescriptorPartsA
LookupSecurityDescriptorPartsW
LsaAddAccountRights
LsaAddPrivilegesToAccount
LsaClearAuditLog
LsaClose
LsaConfigureAutoLogonCredentials
LsaCreateAccount
LsaCreateSecret
LsaCreateTrustedDomain
LsaCreateTrustedDomainEx
LsaDelete
LsaDeleteTrustedDomain
LsaDisableUserArso
LsaEnableUserArso
LsaEnumerateAccountRights
LsaEnumerateAccounts
LsaEnumerateAccountsWithUserRight
LsaEnumeratePrivileges
LsaEnumeratePrivilegesOfAccount
LsaEnumerateTrustedDomains
LsaEnumerateTrustedDomainsEx
LsaFreeMemory
LsaGetAppliedCAPIDs
LsaGetDeviceRegistrationInfo
LsaGetQuotasForAccount
LsaGetRemoteUserName
LsaGetSystemAccessAccount
LsaGetUserName
LsaICLookupNames
LsaICLookupNamesWithCreds
LsaICLookupSids
LsaICLookupSidsWithCreds
LsaInvokeTrustScanner
LsaIsUserArsoAllowed
LsaIsUserArsoEnabled
LsaLookupNames
LsaLookupNames2
LsaLookupPrivilegeDisplayName
LsaLookupPrivilegeName
LsaLookupPrivilegeValue
LsaLookupSids
LsaLookupSids2
LsaManageSidNameMapping
LsaNtStatusToWinError
LsaOpenAccount
LsaOpenPolicy
LsaOpenPolicySce
LsaOpenSecret
LsaOpenTrustedDomain
LsaOpenTrustedDomainByName
LsaProfileDeleted
LsaQueryCAPs
LsaQueryDomainInformationPolicy
LsaQueryForestTrustInformation
LsaQueryForestTrustInformation2
LsaQueryInfoTrustedDomain
LsaQueryInformationPolicy
LsaQuerySecret
LsaQuerySecurityObject
LsaQueryTrustedDomainInfo
LsaQueryTrustedDomainInfoByName
LsaRemoveAccountRights
LsaRemovePrivilegesFromAccount
LsaRetrievePrivateData
LsaSetCAPs
LsaSetDomainInformationPolicy
LsaSetForestTrustInformation
LsaSetForestTrustInformation2
LsaSetInformationPolicy
LsaSetInformationTrustedDomain
LsaSetQuotasForAccount
LsaSetSecret
LsaSetSecurityObject
LsaSetSystemAccessAccount
LsaSetTrustedDomainInfoByName
LsaSetTrustedDomainInformation
LsaStorePrivateData
LsaValidateProcUniqueLuid
MD4Final
MD4Init
MD4Update
MD5Final
MD5Init
MD5Update
MIDL_user_free_Ext
MSChapSrvChangePassword
MSChapSrvChangePassword2
MakeAbsoluteSD

Sections

.text
Size: 424KB - Virtual size: 420KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 224KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gdi32.dll
.dll windows:10 windows x64 arch:x64

6012d162af56fd88e2d8e4ec72e156df

Code Sign

33:00:00:06:ad:ac:dd:3c:98:83:5e:29:49:00:00:00:00:06:ad
Certificate

Issuer

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13/07/2023, 22:37

Not After

15/09/2024, 22:37

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Development Root Certificate Authority 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/05/2014, 17:33

Not After

28/05/2029, 17:43

Subject

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e4:bc:a1:b3:7c:97:83:9f:79:66:ad:28:ab:0e:87:e1:68:4d:93:71:4a:c9:38:a7:37:3d:10:55:52:bd:d2:4a
Signer

Actual PE Digest

e4:bc:a1:b3:7c:97:83:9f:79:66:ad:28:ab:0e:87:e1:68:4d:93:71:4a:c9:38:a7:37:3d:10:55:52:bd:d2:4a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

gdi32.pdb

Imports

ntdll

_wcsicmp
RtlInitUnicodeString
RtlDecodePointer
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext
_wcsnicmp
RtlFreeHeap

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
DisableThreadLibraryCalls
GetModuleHandleW
GetModuleHandleA

api-ms-win-core-processthreads-l1-1-1

GetProcessMitigationPolicy

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

win32u

NtGdiEngAlphaBlend
NtGdiEngAssociateSurface
NtGdiEngBitBlt
NtGdiEngCheckAbort
NtGdiEngCopyBits
NtGdiEngCreateClip
NtGdiEngDeleteClip
NtGdiEngDeletePath
NtGdiEngEraseSurface
NtGdiEngFillPath
NtGdiEngGradientFill
NtGdiEngLineTo
NtGdiEngLockSurface
NtGdiEngMarkBandingSurface
NtGdiEngPaint
NtGdiEngPlgBlt
NtGdiEngStretchBlt
NtGdiEngStretchBltROP
NtGdiEngStrokeAndFillPath
NtGdiEngStrokePath
NtGdiEngTextOut
NtGdiEngTransparentBlt
NtGdiEngUnlockSurface
NtGdiFONTOBJ_cGetAllGlyphHandles
NtGdiFONTOBJ_cGetGlyphs
NtGdiFONTOBJ_pQueryGlyphAttrs
NtGdiFONTOBJ_pfdg
NtGdiEnableEudc
NtGdiFONTOBJ_pvTrueTypeFontFile
NtGdiFONTOBJ_pxoGetXform
NtGdiFONTOBJ_vGetInfo
NtGdiFullscreenControl
NtGdiGetSpoolMessage
NtGdiInitSpool
NtGdiQueryFonts
NtGdiGetBitmapDpiScaleValue
NtGdiGetCOPPCompatibleOPMInformation
NtGdiGetCertificate
NtGdiGetCertificateByHandle
NtGdiGetCertificateSize
NtGdiGetCertificateSizeByHandle
NtGdiGetCharWidthInfo
NtGdiGetFontUnicodeRanges
NtGdiGetNumberOfPhysicalMonitors
NtGdiGetOPMInformation
NtGdiGetOPMRandomNumber
NtGdiGetPhysicalMonitorDescription
NtGdiGetPhysicalMonitors
NtGdiGetStringBitmapW
NtGdiGetSuggestedOPMProtectedOutputArraySize
NtGdiGetTextCharsetInfo
NtGdiHT_Get8BPPFormatPalette
NtGdiHT_Get8BPPMaskPalette
NtGdiPATHOBJ_bEnum
NtGdiPATHOBJ_bEnumClipLines
NtGdiPATHOBJ_vEnumStart
NtGdiPATHOBJ_vEnumStartClipLines
NtGdiPATHOBJ_vGetBounds
NtGdiSTROBJ_bEnum
NtGdiSTROBJ_bEnumPositionsOnly
NtGdiSTROBJ_bGetAdvanceWidths
NtGdiSTROBJ_dwGetCodePage
NtGdiSTROBJ_vEnumStart
NtGdiScaleRgn
NtGdiScaleValues
NtGdiSetMagicColors
NtGdiSetOPMSigningKeyAndSequenceNumbers
NtGdiXFORMOBJ_bApplyXform
NtGdiXFORMOBJ_iGetXform
NtGdiXLATEOBJ_cGetPalette
NtGdiXLATEOBJ_hGetColorTransform
NtGdiXLATEOBJ_iXlate
NtGdiGetDeviceCapsAll
NtGdiGetDeviceCaps
NtGdiGetCurrentDpiInfo
NtGdiDdDDIOpenAdapterFromHdc
NtGdiGetEntry
NtGdiDeleteObjectApp
NtGdiFlush
NtGdiEqualRgn
NtGdiExtCreateRegion
NtGdiCreateHalftonePalette
NtGdiPolyPolyDraw
NtGdiCreateRectRgn
NtGdiRectInRegion
NtGdiCombineRgn
NtGdiOffsetRgn
NtGdiGetRgnBox
NtGdiSetRectRgn
NtGdiGetRegionData
NtGdiEndGdiRendering
NtGdiDestroyPhysicalMonitor
NtGdiDestroyOPMProtectedOutput
NtGdiDdQueryVisRgnUniqueness
NtGdiDdNotifyFullscreenSpriteUpdate
NtGdiDdDestroyFullscreenSprite
NtGdiDdCreateFullscreenSprite
NtGdiDDCCISetVCPFeature
NtGdiDDCCISaveCurrentSettings
NtGdiDDCCIGetVCPFeature
NtGdiDDCCIGetTimingReport
NtGdiDDCCIGetCapabilitiesStringLength
NtGdiDDCCIGetCapabilitiesString
NtGdiCreateOPMProtectedOutputs
NtGdiCreateOPMProtectedOutput
NtGdiCreateBitmapFromDxSurface2
NtGdiCreateBitmapFromDxSurface
NtGdiConfigureOPMProtectedOutput
NtGdiCLIPOBJ_ppoGetPath
NtGdiCLIPOBJ_cEnumStart
NtGdiCLIPOBJ_bEnum
NtGdiBeginGdiRendering
NtGdiBRUSHOBJ_ulGetBrushColor
NtGdiBRUSHOBJ_pvGetRbrush
NtGdiBRUSHOBJ_pvAllocRbrush
NtGdiBRUSHOBJ_hGetColorTransform
NtGdiFONTOBJ_pifi

api-ms-win-gdi-internal-uap-l1-1-0

GdiSupportsFontChangeEvent
GetRandomRgn
DeleteColorSpace
PtInRegion
SetMetaRgn
DeleteEMFSpoolData
hdcCreateDCW
DocumentEventEx
FillRgn
CreateRoundRectRgn
SetPolyFillModeImpl
SelectObjectImpl
SelectClipRgnImpl
IntersectClipRectImpl
AbortDocImpl
IcmReleaseCachedColorSpace
UnloadUserModePrinterDriver
IcmDeleteLocalDC
vFreeUFIHashTable

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Exports

Exports

AbortDoc
AbortPath
AddFontMemResourceEx
AddFontResourceA
AddFontResourceExA
AddFontResourceExW
AddFontResourceTracking
AddFontResourceW
AngleArc
AnimatePalette
AnyLinkedFonts
Arc
ArcTo
BRUSHOBJ_hGetColorTransform
BRUSHOBJ_pvAllocRbrush
BRUSHOBJ_pvGetRbrush
BRUSHOBJ_ulGetBrushColor
BeginGdiRendering
BeginPath
BitBlt
CLIPOBJ_bEnum
CLIPOBJ_cEnumStart
CLIPOBJ_ppoGetPath
CancelDC
CheckColorsInGamut
ChoosePixelFormat
Chord
ClearBitmapAttributes
ClearBrushAttributes
CloseEnhMetaFile
CloseFigure
CloseMetaFile
ColorCorrectPalette
ColorMatchToTarget
CombineRgn
CombineTransform
ConfigureOPMProtectedOutput
CopyEnhMetaFileA
CopyEnhMetaFileW
CopyMetaFileA
CopyMetaFileW
CreateBitmap
CreateBitmapFromDxSurface
CreateBitmapFromDxSurface2
CreateBitmapIndirect
CreateBrushIndirect
CreateColorSpaceA
CreateColorSpaceW
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
CreateDCExW
CreateDCW
CreateDIBPatternBrush
CreateDIBPatternBrushPt
CreateDIBSection
CreateDIBitmap
CreateDPIScaledDIBSection
CreateDiscardableBitmap
CreateEllipticRgn
CreateEllipticRgnIndirect
CreateEnhMetaFileA
CreateEnhMetaFileW
CreateFontA
CreateFontIndirectA
CreateFontIndirectExA
CreateFontIndirectExW
CreateFontIndirectW
CreateFontW
CreateHalftonePalette
CreateHatchBrush
CreateICA
CreateICW
CreateMetaFileA
CreateMetaFileW
CreateOPMProtectedOutput
CreateOPMProtectedOutputs
CreatePalette
CreatePatternBrush
CreatePen
CreatePenIndirect
CreatePolyPolygonRgn
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateRoundRectRgn
CreateScalableFontResourceA
CreateScalableFontResourceW
CreateScaledCompatibleBitmap
CreateSessionMappedDIBSection
CreateSolidBrush
D3DKMTAbandonSwapChain
D3DKMTAcquireKeyedMutex
D3DKMTAcquireKeyedMutex2
D3DKMTAcquireSwapChain
D3DKMTAddSurfaceToSwapChain
D3DKMTAdjustFullscreenGamma
D3DKMTCacheHybridQueryValue
D3DKMTCancelPresents
D3DKMTChangeVideoMemoryReservation
D3DKMTCheckExclusiveOwnership
D3DKMTCheckMonitorPowerState
D3DKMTCheckMultiPlaneOverlaySupport
D3DKMTCheckMultiPlaneOverlaySupport2
D3DKMTCheckMultiPlaneOverlaySupport3
D3DKMTCheckOcclusion
D3DKMTCheckSharedResourceAccess
D3DKMTCheckSinglePlaneForMultiPlaneOverlaySupport
D3DKMTCheckVidPnExclusiveOwnership
D3DKMTCloseAdapter
D3DKMTConfigureSharedResource
D3DKMTConnectDoorbell
D3DKMTCreateAllocation
D3DKMTCreateAllocation2
D3DKMTCreateBundleObject
D3DKMTCreateContext
D3DKMTCreateContextVirtual
D3DKMTCreateDCFromMemory
D3DKMTCreateDevice
D3DKMTCreateDoorbell
D3DKMTCreateHwContext
D3DKMTCreateHwQueue
D3DKMTCreateKeyedMutex
D3DKMTCreateKeyedMutex2
D3DKMTCreateNativeFence
D3DKMTCreateOutputDupl
D3DKMTCreateOverlay
D3DKMTCreatePagingQueue
D3DKMTCreateProtectedSession
D3DKMTCreateSwapChain
D3DKMTCreateSynchronizationObject
D3DKMTCreateSynchronizationObject2
D3DKMTCreateTrackedWorkload
D3DKMTDDisplayEnum
D3DKMTDestroyAllocation
D3DKMTDestroyAllocation2
D3DKMTDestroyContext
D3DKMTDestroyDCFromMemory
D3DKMTDestroyDevice
D3DKMTDestroyDoorbell
D3DKMTDestroyHwContext
D3DKMTDestroyHwQueue
D3DKMTDestroyKeyedMutex
D3DKMTDestroyOutputDupl
D3DKMTDestroyOverlay
D3DKMTDestroyPagingQueue
D3DKMTDestroyProtectedSession
D3DKMTDestroySynchronizationObject
D3DKMTDestroyTrackedWorkload
D3DKMTDispMgrCreate
D3DKMTDispMgrOperation
D3DKMTDispMgrSourceOperation
D3DKMTDispMgrTargetOperation
D3DKMTDisplayPortOperation
D3DKMTDuplicateHandle
D3DKMTEnumAdapters
D3DKMTEnumAdapters2
D3DKMTEnumAdapters3
D3DKMTEnumProcesses
D3DKMTEscape
D3DKMTEvict
D3DKMTExtractBundleObject
D3DKMTFlipOverlay
D3DKMTFlushHeapTransitions
D3DKMTFreeGpuVirtualAddress
D3DKMTGetAllocationPriority
D3DKMTGetAvailableTrackedWorkloadIndex
D3DKMTGetCachedHybridQueryValue
D3DKMTGetContextInProcessSchedulingPriority
D3DKMTGetContextSchedulingPriority
D3DKMTGetDWMVerticalBlankEvent
D3DKMTGetDeviceState
D3DKMTGetDisplayModeList
D3DKMTGetMemoryBudgetTarget
D3DKMTGetMultiPlaneOverlayCaps
D3DKMTGetMultisampleMethodList
D3DKMTGetOverlayState
D3DKMTGetPostCompositionCaps
D3DKMTGetPresentHistory
D3DKMTGetPresentQueueEvent
D3DKMTGetProcessDeviceRemovalSupport
D3DKMTGetProcessList
D3DKMTGetProcessSchedulingPriorityBand
D3DKMTGetProcessSchedulingPriorityClass
D3DKMTGetProperties
D3DKMTGetResourcePresentPrivateDriverData
D3DKMTGetRuntimeData
D3DKMTGetScanLine
D3DKMTGetSetSwapChainMetadata
D3DKMTGetSharedPrimaryHandle
D3DKMTGetSharedResourceAdapterLuid
D3DKMTGetSwapChainSurfacePhysicalAddress
D3DKMTGetTrackedWorkloadStatistics
D3DKMTGetYieldPercentage
D3DKMTInvalidateActiveVidPn
D3DKMTInvalidateCache
D3DKMTLock
D3DKMTLock2
D3DKMTMakeResident
D3DKMTMapGpuVirtualAddress
D3DKMTMarkDeviceAsError
D3DKMTNetDispGetNextChunkInfo
D3DKMTNetDispQueryMiracastDisplayDeviceStatus
D3DKMTNetDispQueryMiracastDisplayDeviceSupport
D3DKMTNetDispStartMiracastDisplayDevice
D3DKMTNetDispStartMiracastDisplayDevice2
D3DKMTNetDispStartMiracastDisplayDeviceEx
D3DKMTNetDispStopMiracastDisplayDevice
D3DKMTNotifyWorkSubmission
D3DKMTOfferAllocations
D3DKMTOpenAdapterFromDeviceName
D3DKMTOpenAdapterFromGdiDisplayName
D3DKMTOpenAdapterFromHdc
D3DKMTOpenAdapterFromLuid
D3DKMTOpenBundleObjectNtHandleFromName
D3DKMTOpenKeyedMutex
D3DKMTOpenKeyedMutex2
D3DKMTOpenKeyedMutexFromNtHandle
D3DKMTOpenNativeFenceFromNtHandle
D3DKMTOpenNtHandleFromName
D3DKMTOpenProtectedSessionFromNtHandle
D3DKMTOpenResource
D3DKMTOpenResource2
D3DKMTOpenResourceFromNtHandle
D3DKMTOpenSwapChain
D3DKMTOpenSyncObjectFromNtHandle
D3DKMTOpenSyncObjectFromNtHandle2
D3DKMTOpenSyncObjectNtHandleFromName
D3DKMTOpenSynchronizationObject
D3DKMTOutputDuplGetFrameInfo
D3DKMTOutputDuplGetMetaData
D3DKMTOutputDuplGetPointerShapeData
D3DKMTOutputDuplPresent
D3DKMTOutputDuplPresentToHwQueue
D3DKMTOutputDuplReleaseFrame
D3DKMTPinDirectFlipResources
D3DKMTPinResources
D3DKMTPollDisplayChildren
D3DKMTPresent
D3DKMTPresentMultiPlaneOverlay
D3DKMTPresentMultiPlaneOverlay2
D3DKMTPresentMultiPlaneOverlay3
D3DKMTPresentRedirected
D3DKMTQueryAdapterInfo
D3DKMTQueryAllocationResidency
D3DKMTQueryClockCalibration
D3DKMTQueryFSEBlock
D3DKMTQueryProcessOfferInfo
D3DKMTQueryProtectedSessionInfoFromNtHandle
D3DKMTQueryProtectedSessionStatus
D3DKMTQueryRemoteVidPnSourceFromGdiDisplayName
D3DKMTQueryResourceInfo
D3DKMTQueryResourceInfoFromNtHandle
D3DKMTQueryStatistics
D3DKMTQueryVidPnExclusiveOwnership
D3DKMTQueryVideoMemoryInfo
D3DKMTReclaimAllocations
D3DKMTReclaimAllocations2
D3DKMTRegisterTrimNotification
D3DKMTRegisterVailProcess
D3DKMTReleaseKeyedMutex
D3DKMTReleaseKeyedMutex2
D3DKMTReleaseProcessVidPnSourceOwners
D3DKMTReleaseSwapChain
D3DKMTRemoveSurfaceFromSwapChain
D3DKMTRender
D3DKMTReserveGpuVirtualAddress
D3DKMTResetTrackedWorkloadStatistics
D3DKMTSetAllocationPriority
D3DKMTSetContextInProcessSchedulingPriority
D3DKMTSetContextSchedulingPriority
D3DKMTSetDisplayMode
D3DKMTSetDisplayPrivateDriverFormat
D3DKMTSetDodIndirectSwapchain
D3DKMTSetFSEBlock
D3DKMTSetGammaRamp
D3DKMTSetHwProtectionTeardownRecovery
D3DKMTSetMemoryBudgetTarget
D3DKMTSetMonitorColorSpaceTransform
D3DKMTSetProcessDeviceRemovalSupport
D3DKMTSetProcessSchedulingPriorityBand
D3DKMTSetProcessSchedulingPriorityClass
D3DKMTSetProperties
D3DKMTSetQueuedLimit
D3DKMTSetStablePowerState
D3DKMTSetStereoEnabled
D3DKMTSetSyncRefreshCountWaitTarget
D3DKMTSetVidPnSourceHwProtection
D3DKMTSetVidPnSourceOwner
D3DKMTSetVidPnSourceOwner1
D3DKMTSetVidPnSourceOwner2
D3DKMTSetYieldPercentage
D3DKMTShareObjects
D3DKMTSharedPrimaryLockNotification
D3DKMTSharedPrimaryUnLockNotification
D3DKMTSignalSynchronizationObject
D3DKMTSignalSynchronizationObject2
D3DKMTSignalSynchronizationObjectFromCpu
D3DKMTSignalSynchronizationObjectFromGpu
D3DKMTSignalSynchronizationObjectFromGpu2
D3DKMTSubmitCommand
D3DKMTSubmitCommandToHwQueue
D3DKMTSubmitPresentBltToHwQueue
D3DKMTSubmitPresentToHwQueue
D3DKMTSubmitSignalSyncObjectsToHwQueue
D3DKMTSubmitWaitForSyncObjectsToHwQueue
D3DKMTTrimProcessCommitment
D3DKMTUnOrderedPresentSwapChain
D3DKMTUnlock
D3DKMTUnlock2
D3DKMTUnpinDirectFlipResources
D3DKMTUnpinResources
D3DKMTUnregisterTrimNotification
D3DKMTUpdateAllocationProperty
D3DKMTUpdateGpuVirtualAddress
D3DKMTUpdateOverlay
D3DKMTUpdateTrackedWorkload
D3DKMTVailConnect
D3DKMTVailDisconnect
D3DKMTVailPromoteCompositionSurface
D3DKMTWaitForIdle
D3DKMTWaitForSynchronizationObject
D3DKMTWaitForSynchronizationObject2
D3DKMTWaitForSynchronizationObjectFromCpu
D3DKMTWaitForSynchronizationObjectFromGpu
D3DKMTWaitForVerticalBlankEvent
D3DKMTWaitForVerticalBlankEvent2
DDCCIGetCapabilitiesString
DDCCIGetCapabilitiesStringLength
DDCCIGetTimingReport
DDCCIGetVCPFeature
DDCCISaveCurrentSettings
DDCCISetVCPFeature
DPtoLP
DdCreateFullscreenSprite
DdDestroyFullscreenSprite
DdEntry0
DdEntry1
DdEntry10
DdEntry11
DdEntry12
DdEntry13
DdEntry14
DdEntry15
DdEntry16
DdEntry17
DdEntry18
DdEntry19
DdEntry2
DdEntry20
DdEntry21
DdEntry22
DdEntry23
DdEntry24
DdEntry25
DdEntry26
DdEntry27
DdEntry28
DdEntry29
DdEntry3
DdEntry30
DdEntry31
DdEntry32
DdEntry33
DdEntry34
DdEntry35
DdEntry36
DdEntry37
DdEntry38
DdEntry39
DdEntry4
DdEntry40
DdEntry41
DdEntry42
DdEntry43
DdEntry44
DdEntry45
DdEntry46
DdEntry47
DdEntry48
DdEntry49
DdEntry5
DdEntry50
DdEntry51
DdEntry52
DdEntry53
DdEntry54
DdEntry55
DdEntry56
DdEntry6
DdEntry7
DdEntry8
DdEntry9
DdNotifyFullscreenSpriteUpdate
DdQueryVisRgnUniqueness
DeleteColorSpace
DeleteDC
DeleteEnhMetaFile
DeleteMetaFile
DeleteObject
DescribePixelFormat
DestroyOPMProtectedOutput
DestroyPhysicalMonitorInternal
DeviceCapabilitiesExA
DeviceCapabilitiesExW
DrawEscape
DwmCreatedBitmapRemotingOutput
Ellipse
EnableEUDC
EndDoc
EndFormPage
EndGdiRendering
EndPage
EndPath
EngAcquireSemaphore
EngAlphaBlend
EngAssociateSurface
EngBitBlt
EngCheckAbort
EngComputeGlyphSet
EngCopyBits
EngCreateBitmap
EngCreateClip
EngCreateDeviceBitmap
EngCreateDeviceSurface
EngCreatePalette
EngCreateSemaphore
EngDeleteClip
EngDeletePalette
EngDeletePath
EngDeleteSemaphore
EngDeleteSurface
EngEraseSurface
EngFillPath
EngFindResource
EngFreeModule
EngGetCurrentCodePage
EngGetDriverName
EngGetPrinterDataFileName
EngGradientFill
EngLineTo
EngLoadModule
EngLockSurface
EngMarkBandingSurface
EngMultiByteToUnicodeN
EngMultiByteToWideChar
EngPaint
EngPlgBlt
EngQueryEMFInfo
EngQueryLocalTime
EngReleaseSemaphore
EngStretchBlt
EngStretchBltROP
EngStrokeAndFillPath
EngStrokePath
EngTextOut
EngTransparentBlt
EngUnicodeToMultiByteN
EngUnlockSurface
EngWideCharToMultiByte
EnumEnhMetaFile
EnumFontFamiliesA
EnumFontFamiliesExA
EnumFontFamiliesExW
EnumFontFamiliesW
EnumFontsA
EnumFontsW
EnumICMProfilesA
EnumICMProfilesW
EnumMetaFile
EnumObjects
EqualRgn
Escape
EudcLoadLinkW
EudcUnloadLinkW
ExcludeClipRect
ExtCreatePen
ExtCreateRegion
ExtEscape
ExtFloodFill
ExtSelectClipRgn
ExtTextOutA
ExtTextOutW
FONTOBJ_cGetAllGlyphHandles
FONTOBJ_cGetGlyphs
FONTOBJ_pQueryGlyphAttrs
FONTOBJ_pfdg
FONTOBJ_pifi
FONTOBJ_pvTrueTypeFontFile
FONTOBJ_pxoGetXform
FONTOBJ_vGetInfo
FillPath
FillRgn
FixBrushOrgEx
FlattenPath
FloodFill
FontIsLinked
FrameRgn
Gdi32DllInitialize
GdiAddFontResourceW

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
kernel32.dll
.dll windows:10 windows x64 arch:x64

9f44b19ce54fbcb3e12c77bd72b0ee39

Code Sign

33:00:00:06:b8:50:40:1d:a7:12:d7:e1:1e:00:00:00:00:06:b8
Certificate

Issuer

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13/07/2023, 22:37

Not After

15/09/2024, 22:37

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Development Root Certificate Authority 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/05/2014, 17:33

Not After

28/05/2029, 17:43

Subject

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

26:2f:2f:94:f1:c7:3a:d9:15:f8:c9:52:7c:c0:dc:fc:7a:9e:ce:e1:c3:a7:50:ab:9c:4b:91:ac:7c:00:13:ea
Signer

Actual PE Digest

26:2f:2f:94:f1:c7:3a:d9:15:f8:c9:52:7c:c0:dc:fc:7a:9e:ce:e1:c3:a7:50:ab:9c:4b:91:ac:7c:00:13:ea

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

kernel32.pdb

Imports

api-ms-win-core-rtlsupport-l1-1-0

RtlCompareMemory
RtlRaiseException
RtlDeleteFunctionTable
RtlUnwindEx
RtlInstallFunctionTableCallback
RtlCaptureContext
RtlAddFunctionTable
RtlVirtualUnwind
RtlPcToFileHeader
RtlUnwind
RtlRestoreContext
RtlLookupFunctionEntry

api-ms-win-core-rtlsupport-l1-2-2

RtlVirtualUnwind2

ntdll

RtlUnicodeStringToInteger
RtlGetUILanguageInfo
EtwEventEnabled
RtlpConvertLCIDsToCultureNames
NtEnumerateKey
RtlIntegerToUnicodeString
RtlTimeToTimeFields
RtlTimeFieldsToTime
RtlUnhandledExceptionFilter
NtTerminateProcess
TpSetPoolStackInformation
TpAllocWait
NtDeleteValueKey
NtSetValueKey
towlower
RtlLCIDToCultureName
RtlSizeHeap
RtlpConvertCultureNamesToLCIDs
NtQueryInstallUILanguage
EtwEventUnregister
EtwEventWrite
EtwEventRegister
RtlPublishWnfStateData
_wcslwr
NtQueryLicenseValue
_wtol
memmove_s
RtlGUIDFromString
sin
TpAllocTimer
TpAllocIoCompletion
TpAllocWork
wcsncmp
wcsncpy
LdrFindResourceEx_U
RtlReadThreadProfilingData
RtlQueryThreadProfiling
RtlEnableThreadProfiling
RtlDisableThreadProfiling
RtlNtStatusToDosErrorNoTeb
NtMapUserPhysicalPagesScatter
RtlDecodeSystemPointer
bsearch
RtlComputeImportTableHash
RtlFindActivationContextSectionGuid
RtlCreateActivationContext
NtMapViewOfSection
RtlDoesFileExists_U
NtUnmapViewOfSection
RtlReleaseActivationContext
LdrResFindResourceDirectory
RtlQueryInformationActivationContext
RtlSetThreadPreferredUILanguages
swprintf_s
RtlImageNtHeaderEx
RtlDetermineDosPathNameType_U
RtlQueryPackageClaims
RtlZombifyActivationContext
RtlSubAuthorityCountSid
RtlActivateActivationContext
RtlpEnsureBufferSize
RtlpApplyLengthFunction
RtlQueryActivationContextApplicationSettings
RtlGetActiveActivationContext
RtlDosPathNameToNtPathName_U_WithStatus
NtCreateSection
DbgPrintEx
RtlGetLengthWithoutLastFullDosOrNtPathElement
RtlGetFullPathName_U
RtlDeactivateActivationContext
TpCallbackMayRunLong
RtlAddRefActivationContext
isdigit
atol
tolower
toupper
RtlUnicodeStringToOemString
CsrAllocateCaptureBuffer
RtlCreateEnvironmentEx
wcsrchr
RtlCreateUnicodeString
RtlDestroyEnvironment
NtQueryVolumeInformationFile
RtlCreateEnvironment
CsrFreeCaptureBuffer
NtQueryEvent
RtlFreeOemString
NtRaiseHardError
RtlGetCurrentDirectory_U
CsrAllocateMessagePointer
RtlFreeAnsiString
RtlEqualUnicodeString
RtlUnicodeStringToAnsiString
RtlExitUserThread
RtlQueryProtectedPolicy
RtlAddIntegrityLabelToBoundaryDescriptor
NtReplacePartitionUnit
NtQueryValueKey
RtlEqualSid
NtOpenThreadToken
EtwEventWriteNoRegistration
RtlFormatCurrentUserKeyPath
RtlInitUnicodeStringEx
NtQueryInformationToken
RtlAcquireSRWLockExclusive
LdrLoadDll
NtSetInformationThread
RtlReleaseSRWLockExclusive
LdrUnloadDll
NtOpenKey
RtlAppendUnicodeToString
RtlSubAuthoritySid
RtlQueryPackageIdentity
RtlWow64LogMessageInEventLogger
RtlExitUserProcess
RtlAppendUnicodeStringToString
LdrGetProcedureAddress
RtlInitializeSid
NtOpenProcessToken
RtlQueryRegistryValuesEx
RtlCompareUnicodeString
RtlxAnsiStringToUnicodeSize
RtlInitAnsiStringEx
RtlAnsiStringToUnicodeString
RtlIsNameLegalDOS8Dot3
RtlGetCurrentProcessorNumberEx
NtWaitForSingleObject
NtCreateEvent
RtlSetSearchPathMode
LdrGetDllDirectory
RtlLockHeap
RtlUnlockHeap
RtlGetUserInfoHeap
_wcsnicmp
strncmp
_strnicmp
RtlCompactHeap
RtlDeregisterSecureMemoryCacheCallback
RtlRegisterSecureMemoryCacheCallback
NtOpenFile
NtFsControlFile
NtClose
LdrAddRefDll
NtQueryInformationFile
wcscpy_s
NtSetInformationFile
RtlGetActiveConsoleId
RtlNtStatusToDosError
RtlDeactivateActivationContextUnsafeFast
RtlActivateActivationContextUnsafeFast
RtlFreeUnicodeString
NtSetInformationDebugObject
DbgUiGetThreadDebugObject
RtlWow64GetThreadSelectorEntry
DbgUiIssueRemoteBreakin
NtSetSystemInformation
RtlGetCurrentTransaction
NtQueryInformationProcess
RtlSetCurrentTransaction
RtlSetLastWin32Error
TpAllocCleanupGroup
TpSimpleTryPost
TpQueryPoolStackInformation
TpSetPoolMinThreads
TpAllocPool
RtlMultiAppendUnicodeStringBuffer
RtlSetLastWin32ErrorAndNtStatusFromNtStatus
RtlGetPersistedStateLocation
CsrVerifyRegion
RtlCharToInteger
RtlInitAnsiString
RtlUpcaseUnicodeChar
RtlUnicodeToMultiByteSize
RtlDestroyAtomTable
NtFindAtom
NtQueryInformationAtom
RtlAddAtomToAtomTable
NtAddAtomEx
NtDeleteAtom
RtlCreateAtomTable
RtlDeleteAtomFromAtomTable
RtlLookupAtomInAtomTable
RtlQueryAtomInAtomTable
RtlDnsHostNameToComputerName
RtlPrefixString
NtFlushKey
_memicmp
RtlxUnicodeStringToAnsiSize
RtlEnterCriticalSection
wcschr
wcsstr
RtlLeaveCriticalSection
NtCreateKey
NtCreateFile
RtlCreateUnicodeStringFromAsciiz
wcsncpy_s
wcscspn
NtCreateJobSet
RtlReleasePrivilege
NtSetInformationJobObject
NtQueryInformationJobObject
NtCreateJobObject
RtlAcquirePrivilege
NtAssignProcessToJobObject
NtTerminateJobObject
NtOpenJobObject
RtlLengthSecurityDescriptor
NtSetEaFile
NtSetSecurityObject
NtQueryEaFile
NtQuerySecurityObject
LdrQueryImageFileKeyOption
LdrOpenImageFileOptionsKey
RtlQueryElevationFlags
NtSetInformationProcess
RtlRaiseStatus
NtQuerySection
NtFreeVirtualMemory
NtWriteFile
NtEnumerateValueKey
RtlEqualString
RtlUnicodeToMultiByteN
strncpy_s
NtUnlockFile
RtlDosPathNameToNtPathName_U
NtReadFile
NtLockFile
RtlCopyUnicodeString
CsrCaptureMessageString
RtlIsTextUnicode
NtAllocateVirtualMemory
RtlGetLongestNtPathLength
RtlPrefixUnicodeString
RtlMultiByteToUnicodeN
RtlMultiByteToUnicodeSize
RtlDosPathNameToRelativeNtPathName_U
RtlReleaseRelativeName
RtlSetIoCompletionCallback
RtlDeregisterWait
RtlRegisterWait
RtlImageDirectoryEntryToData
NtQueryVirtualMemory
RtlCreateBoundaryDescriptor
NtProtectVirtualMemory
RtlGetThreadErrorMode
NtCreateMailslotFile
RtlDestroyQueryDebugBuffer
RtlQueryProcessDebugInformation
RtlCreateQueryDebugBuffer
NtQueryDirectoryFile
strcpy_s
RtlFindActivationContextSectionString
LdrSetDllDirectory
LdrFindResource_U
RtlSwitchedVVI
NtIsSystemResumeAutomatic
NtQueryWnfStateData
NtPowerInformation
NtInitiatePowerAction
NtGetDevicePowerState
NtSetThreadExecutionState
NtSetSystemEnvironmentValueEx
NtQuerySystemEnvironmentValueEx
RtlInitString
NtSetVolumeInformationFile
NtQuerySystemInformationEx
NtDeviceIoControlFile
RtlUnsubscribeWnfStateChangeNotification
RtlSubscribeWnfStateChangeNotification
RtlQueryWnfStateData
strchr
RtlSetEnvironmentStrings
RtlOemStringToUnicodeString
wcscat_s
RtlAllocateAndInitializeSid
RtlQueryEnvironmentVariable_U
NtQueryAttributesFile
RtlFreeSid
strrchr
NtQueryFullAttributesFile
NtQueryInformationThread
TpCaptureCaller
_stricmp
NtSetTimerResolution
NtQueryTimerResolution
RtlGetAppContainerSidType
RtlConvertSidToUnicodeString
RtlSetEnvironmentVariable
RtlGetAppContainerParent
RtlQueryEnvironmentVariable
CsrCaptureMessageMultiUnicodeStringsInPlace
wcsnlen
strcat_s
strnlen
NlsMbCodePageTag
RtlRunOnceExecuteOnce
RtlInitializeCriticalSection
RtlGetThreadPreferredUILanguages
NtReadVirtualMemory
LdrResSearchResource
RtlTryAcquirePebLock
RtlReleasePebLock
RtlEncodeSystemPointer
RtlGetNtSystemRoot
NtWaitForMultipleObjects
NtClearEvent
RtlWerpReportException
DbgPrint
RtlGetDeviceFamilyInfoEnum
RtlHashUnicodeString
RtlReAllocateHeap
NtApphelpCacheControl
RtlGetFullPathName_UEx
ZwClose
ZwOpenFile
ZwOpenKey
ZwEnumerateKey
ZwQueryValueKey
ZwCreateFile
ZwQueryInformationFile
ZwCreateSection
ZwQueryDirectoryFile
RtlNtPathNameToDosPathName
RtlUpcaseUnicodeString
RtlGetNativeSystemInformation
ZwQuerySystemInformation
ZwUnmapViewOfSection
ZwMapViewOfSection
VerSetConditionMask
RtlVerifyVersionInfo
RtlGetVersion
ZwEnumerateValueKey
RtlGetCurrentServiceSessionId
CsrClientCallServer
RtlSetProtectedPolicy
RtlGetSuiteMask
RtlImageNtHeader
LdrDisableThreadCalloutsForDll
RtlInitUnicodeString
RtlSetThreadPoolStartFunc
LdrQueryImageFileExecutionOptions
_vsnwprintf
LdrSetDllManifestProber
RtlCreateSecurityDescriptor
RtlSetGroupSecurityDescriptor
RtlCreateAcl
RtlFreeHeap
RtlAddAccessAllowedAce
RtlSetDaclSecurityDescriptor
NtQuerySystemInformation
RtlAllocateHeap
RtlSetOwnerSecurityDescriptor
_wcsicmp
__C_specific_handler
memmove
__chkstk
_local_unwind
cos
floor
memcmp
memcpy
memset
wcscmp

kernelbase

NlsIsUserDefaultLocale
BaseFormatObjectAttributes
GetVolumeNameForVolumeMountPointW
lstrcmpiW
lstrcmpW
GetRegistryExtensionFlags
KernelBaseGetGlobalData
GlobalFree
LoadStringBaseExW
CompareStringA
GetUnicodeStringToEightBitStringRoutine
GetUnicodeStringToEightBitSizeRoutine
GetNamedPipeAttribute
AppXReleaseAppXContext
ReleasePackagedDataForFile
AppXPostSuccessExtension
GetPackagedDataForFile
AppXPreCreationExtension
AreFileApisANSI
AppContainerLookupMoniker
AppContainerFreeMemory
PrivCopyFileExW
EnumLanguageGroupLocalesW
LocalLock
BasepNotifyTrackingService
MoveFileWithProgressTransactedW
lstrlenW
lstrcpynW
PackageIdFromFullName
GetPackageFullName
GetCurrentPackageFullName
CheckIsMSIXPackage
ClosePackageInfo
AppXGetOSMaxVersionTested
GetPackageTargetPlatformProperty
GetTargetPlatformContext
OpenPackageInfoByFullNameForUser
BasepAdjustObjectAttributesForPrivateNamespace
GetEightBitStringToUnicodeStringRoutine
GetStringTableEntry
CheckGroupPolicyEnabled
OpenRegKey
InternalLcidToName
GetSystemDefaultUILanguage
GetPtrCalDataArray
GetUserOverrideString
GetPtrCalData
Internal_EnumCalendarInfo
Internal_EnumLanguageGroupLocales
Internal_EnumSystemCodePages
Internal_EnumDateFormats
Internal_EnumUILanguages
Internal_EnumSystemLanguageGroups
NlsValidateLocale
Internal_EnumTimeFormats
GetNamedLocaleHashNode
GetUserOverrideWord
GetLocaleInfoHelper
GetCalendar
BaseDllFreeResourceId
BaseDllMapResourceIdW
LocalUnlock
GetStringTypeA
SetFileApisToANSI
BaseGetNamedObjectDirectory
CreateProcessAsUserA
LocalReAlloc
CreateProcessInternalA
lstrcpynA
SetFileApisToOEM
CheckAllowDecryptedRemoteDestinationPolicy
FatalAppExitW
GlobalAlloc
PulseEvent
NotifyMountMgr
FatalAppExitA
EnumSystemLocalesEx
EnumSystemLanguageGroupsW
Sleep
HeapSummary
GetProcAddressForCaller
LCIDToLocaleName
GetSystemDefaultLocaleName
MapViewOfFileExNuma
LocalAlloc
GetEraNameCountedString
lstrlenA
EnumUILanguagesW
GetUserDefaultUILanguage
CreateProcessAsUserW
CreateProcessInternalW
GetUserDefaultLocaleName

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetProcessIdOfThread
SetProcessShutdownParameters
GetProcessId
SetThreadPriority
GetProcessVersion
SuspendThread
SetPriorityClass
TlsSetValue
SetProcessAffinityUpdateMode
GetThreadPriorityBoost
UpdateProcThreadAttribute
CreateRemoteThreadEx
GetStartupInfoW
GetExitCodeProcess
InitializeProcThreadAttributeList
OpenProcessToken
CreateRemoteThread
GetCurrentProcessId
GetCurrentProcess
TerminateThread
ResumeThread
OpenThread
GetExitCodeThread
ProcessIdToSessionId
DeleteProcThreadAttributeList
TlsAlloc
GetThreadPriority
QueueUserAPC
SwitchToThread
SetThreadPriorityBoost
GetPriorityClass
GetThreadId
SetThreadStackGuarantee
GetProcessTimes
CreateProcessW
QueryProcessAffinityUpdateMode
TlsFree
CreateProcessA

api-ms-win-core-processthreads-l1-1-3

SetThreadIdealProcessor
GetProcessInformation
GetProcessShutdownParameters
SetProcessInformation

api-ms-win-core-processthreads-l1-1-2

GetThreadInformation
GetThreadIOPendingFlag
GetProcessPriorityBoost
GetSystemTimes
SetProcessPriorityBoost
SetThreadInformation

api-ms-win-core-processthreads-l1-1-1

GetThreadContext
SetThreadContext
GetProcessHandleCount
FlushInstructionCache
IsProcessorFeaturePresent
OpenProcess
GetProcessMitigationPolicy
SetProcessMitigationPolicy
GetThreadTimes
SetThreadIdealProcessorEx
GetThreadIdealProcessorEx

api-ms-win-core-registry-l1-1-0

RegQueryValueExA
RegSaveKeyExA
RegGetValueA
RegQueryInfoKeyW
RegOpenCurrentUser
RegCreateKeyExA
RegFlushKey
RegCreateKeyExW
RegUnLoadKeyA
RegDeleteKeyExW
RegGetKeySecurity
RegDeleteKeyExA
RegEnumKeyExW
RegSetKeySecurity
RegSaveKeyExW
RegDeleteTreeW
RegLoadMUIStringW
RegSetValueExW
RegNotifyChangeKeyValue
RegDisablePredefinedCacheEx
RegDeleteTreeA
RegLoadAppKeyW
RegSetValueExA
RegCopyTreeW
RegLoadKeyA
RegUnLoadKeyW
RegQueryInfoKeyA
RegLoadKeyW
RegOpenKeyExA
RegRestoreKeyW
RegEnumValueA
RegDeleteValueW
RegRestoreKeyA
RegDeleteValueA
RegEnumValueW
RegQueryValueExW
RegEnumKeyExA
RegLoadMUIStringA
RegOpenKeyExW
RegGetValueW
RegOpenUserClassesRoot
RegCloseKey

api-ms-win-core-heap-l1-1-0

HeapCompact
HeapSetInformation
HeapReAlloc
HeapUnlock
HeapQueryInformation
GetProcessHeaps
HeapFree
HeapAlloc
GetProcessHeap
HeapCreate
HeapLock
HeapWalk
HeapValidate
HeapDestroy

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-memory-l1-1-1

CreateMemoryResourceNotification
GetLargePageMinimum
GetWriteWatch
SetSystemFileCacheSize
VirtualLock
VirtualUnlock
SetProcessWorkingSetSizeEx
CreateFileMappingNumaW
GetSystemFileCacheSize
GetProcessWorkingSetSizeEx
QueryMemoryResourceNotification
GetProcessWorkingSetSize
SetProcessWorkingSetSize
ResetWriteWatch

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile
FlushViewOfFile
VirtualProtectEx
VirtualQuery
OpenFileMappingW
ReadProcessMemory
VirtualFreeEx
WriteProcessMemory
CreateFileMappingW
VirtualProtect
VirtualFree
VirtualAlloc
MapViewOfFile
MapViewOfFileEx
VirtualAllocEx
VirtualQueryEx

api-ms-win-core-memory-l1-1-2

GetMemoryErrorHandlingCapabilities
FreeUserPhysicalPages
AllocateUserPhysicalPages
RegisterBadMemoryNotification
VirtualAllocExNuma
AllocateUserPhysicalPagesNuma
MapUserPhysicalPages
UnregisterBadMemoryNotification

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle
GetHandleInformation
SetHandleInformation

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
WaitForSingleObjectEx
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForMultipleObjectsEx
SleepEx
SetWaitableTimer
SetEvent
ResetEvent
ReleaseSemaphore
CancelWaitableTimer
CreateEventA
CreateEventExA
CreateEventExW
CreateEventW
CreateMutexA
CreateMutexExA
CreateMutexExW
CreateMutexW
CreateSemaphoreExW
ReleaseMutex
CreateWaitableTimerExW
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
OpenEventA
OpenEventW
OpenMutexW
OpenSemaphoreW
OpenWaitableTimerW

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects
CreateSemaphoreW

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce
InitializeSynchronizationBarrier
DeleteSynchronizationBarrier
SignalObjectAndWait
EnterSynchronizationBarrier

api-ms-win-core-file-l1-1-0

GetFullPathNameA
GetFinalPathNameByHandleW
GetFinalPathNameByHandleA
GetFileType
GetFileTime
GetFileSizeEx
FlushFileBuffers
GetFileSize
FindNextVolumeW
GetFileInformationByHandle
GetFileAttributesW
GetFileAttributesExW
GetFileAttributesExA
FindNextFileW
FindNextFileA
FindNextChangeNotification
FindFirstVolumeW
FindFirstFileW
FindFirstFileExW
FindFirstFileExA
FindFirstFileA
FindFirstChangeNotificationW
FindFirstChangeNotificationA
FindCloseChangeNotification
FindClose
FileTimeToLocalFileTime
DeleteVolumeMountPointW
DeleteFileW
DeleteFileA
GetLogicalDriveStringsW
CreateFileW
CreateFileA
CreateDirectoryW
CreateDirectoryA
CompareFileTime
GetVolumePathNameW
LocalFileTimeToFileTime
LockFile
LockFileEx
QueryDosDeviceW
ReadFile
ReadFileEx
ReadFileScatter
RemoveDirectoryA
RemoveDirectoryW
SetEndOfFile
SetFileAttributesA
SetFileAttributesW
SetFileInformationByHandle
SetFilePointer
SetFilePointerEx
SetFileTime
SetFileValidData
UnlockFile
UnlockFileEx
WriteFile
WriteFileEx
WriteFileGather
GetFileAttributesA
GetFullPathNameW
GetTempFileNameW
GetVolumeInformationByHandleW
DefineDosDeviceW
GetVolumeInformationW
GetDriveTypeW
GetDriveTypeA
GetDiskFreeSpaceW
GetDiskFreeSpaceExW
GetDiskFreeSpaceExA
FindVolumeClose
GetDiskFreeSpaceA

api-ms-win-core-file-l1-2-0

GetTempPathW
GetVolumePathNamesForVolumeNameW
CreateFile2

api-ms-win-core-file-l1-2-2

FindNextFileNameW
GetTempFileNameA
GetVolumeInformationA
FindFirstStreamW
FindFirstFileNameW
GetTempPathA

api-ms-win-core-file-l1-2-4

GetTempPath2A
GetTempPath2W

api-ms-win-core-file-l1-2-1

SetFileIoOverlappedRange
GetCompressedFileSizeA
GetCompressedFileSizeW

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-io-l1-1-0

CancelIoEx
GetQueuedCompletionStatusEx
GetOverlappedResult
PostQueuedCompletionStatus
GetQueuedCompletionStatus
CreateIoCompletionPort
DeviceIoControl

api-ms-win-core-io-l1-1-1

CancelIo
CancelSynchronousIo

api-ms-win-core-job-l1-1-0

IsProcessInJob

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueTimer
UnregisterWaitEx
ChangeTimerQueueTimer
DeleteTimerQueue
CreateTimerQueueTimer
DeleteTimerQueueEx
QueueUserWorkItem
CreateTimerQueue

api-ms-win-core-threadpool-private-l1-1-0

RegisterWaitForSingleObjectEx

api-ms-win-core-largeinteger-l1-1-0

MulDiv

api-ms-win-core-libraryloader-l1-2-3

EnumResourceNamesA

api-ms-win-core-libraryloader-l1-2-2

EnumResourceNamesW

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExA
LockResource
GetModuleHandleW
EnumResourceLanguagesExA
FreeLibraryAndExitThread
GetModuleHandleExW
FindStringOrdinal
GetModuleHandleA
GetModuleFileNameA
EnumResourceTypesExA
LoadLibraryExW
GetProcAddress
FreeLibrary
EnumResourceLanguagesExW
SizeofResource
FreeResource
GetModuleHandleExA
EnumResourceTypesExW
EnumResourceNamesExA
EnumResourceNamesExW
LoadResource
GetModuleFileNameW
DisableThreadLibraryCalls
FindResourceExW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW
FindResourceW
LoadLibraryA

api-ms-win-core-libraryloader-l2-1-0

LoadPackagedLibrary

api-ms-win-core-namedpipe-l1-2-2

CallNamedPipeW

api-ms-win-core-namedpipe-l1-1-0

ConnectNamedPipe
WaitNamedPipeW
TransactNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
DisconnectNamedPipe
PeekNamedPipe
GetNamedPipeClientComputerNameW
CreatePipe

api-ms-win-core-namedpipe-l1-2-1

GetNamedPipeHandleStateW

api-ms-win-core-datetime-l1-1-1

GetTimeFormatEx
GetDateFormatEx

api-ms-win-core-datetime-l1-1-0

GetTimeFormatA
GetDateFormatW
GetTimeFormatW
GetDateFormatA

api-ms-win-core-datetime-l1-1-2

GetDurationFormatEx

api-ms-win-core-sysinfo-l1-2-0

GetProductInfo
GetSystemTimePreciseAsFileTime
EnumSystemFirmwareTables
SetSystemTime
GetSystemFirmwareTable
GetNativeSystemInfo
SetComputerNameExW

api-ms-win-core-sysinfo-l1-2-1

SetComputerNameEx2W
GetPhysicallyInstalledSystemMemory
DnsHostnameToComputerNameExW

api-ms-win-core-sysinfo-l1-1-0

GetWindowsDirectoryA
GetLocalTime
GetWindowsDirectoryW
GetVersionExA
GetSystemTimeAsFileTime
GetComputerNameExA
GetLogicalProcessorInformation
GetSystemTime
GetVersion
GetComputerNameExW
GetVersionExW
GetSystemTimeAdjustment
GetLogicalProcessorInformationEx
GetTickCount
SetLocalTime
GetSystemInfo
GlobalMemoryStatusEx

api-ms-win-core-sysinfo-l1-2-3

SetComputerNameW
SetComputerNameExA
SetComputerNameA

api-ms-win-core-timezone-l1-1-0

TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SetDynamicTimeZoneInformation
SetTimeZoneInformation
GetTimeZoneInformationForYear
GetDynamicTimeZoneInformation
FileTimeToSystemTime

api-ms-win-core-localization-l1-2-0

IdnToUnicode
GetFileMUIInfo
SetThreadPreferredUILanguages
FormatMessageA
LocaleNameToLCID
IsValidLanguageGroup
IsValidLocale
IsValidLocaleName
GetCalendarInfoEx
GetCalendarInfoW
GetCPInfoExW
IsValidNLSVersion
GetNLSVersion
SetThreadLocale
GetSystemDefaultLCID
IsDBCSLeadByteEx
FindNLSString
GetCPInfo
LCMapStringA
GetUserDefaultLangID
GetThreadLocale
SetThreadUILanguage
GetLocaleInfoEx
GetThreadPreferredUILanguages
GetFileMUIPath
IdnToAscii
GetLocaleInfoW
IsNLSDefinedString
GetUserPreferredUILanguages
GetSystemPreferredUILanguages
GetUILanguageInfo
GetLocaleInfoA
GetSystemDefaultLangID
GetACP
GetOEMCP
IsValidCodePage
EnumSystemLocalesA
ResolveLocaleName
FormatMessageW
LCMapStringEx
SetCalendarInfoW
ConvertDefaultLocale
GetThreadUILanguage
VerLanguageNameA
GetUserDefaultLCID
VerLanguageNameW
SetProcessPreferredUILanguages
FindNLSStringEx
IsDBCSLeadByte
EnumSystemLocalesW
GetNLSVersionEx
GetProcessPreferredUILanguages
SetLocaleInfoW
LCMapStringW

api-ms-win-core-processsnapshot-l1-1-0

PssQuerySnapshot
PssCaptureSnapshot
PssWalkSnapshot
PssWalkMarkerCreate
PssWalkMarkerSeekToBeginning
PssFreeSnapshot
PssWalkMarkerGetPosition
PssWalkMarkerFree
PssWalkMarkerSetPosition
PssDuplicateSnapshot

api-ms-win-core-processenvironment-l1-1-0

GetCurrentDirectoryW
SetEnvironmentStringsW
SetCurrentDirectoryA
GetCommandLineA
SetStdHandle
FreeEnvironmentStringsW
SetCurrentDirectoryW
GetCurrentDirectoryA
GetEnvironmentStrings
GetEnvironmentVariableW
SearchPathW
FreeEnvironmentStringsA
GetCommandLineW
GetStdHandle
ExpandEnvironmentStringsW
SetEnvironmentVariableW
ExpandEnvironmentStringsA
GetEnvironmentVariableA
SetStdHandleEx
GetEnvironmentStringsW
SetEnvironmentVariableA

api-ms-win-core-processenvironment-l1-2-0

SearchPathA
NeedCurrentDirectoryForExePathA
NeedCurrentDirectoryForExePathW

api-ms-win-core-string-l1-1-0

GetStringTypeW
WideCharToMultiByte
CompareStringEx
MultiByteToWideChar
FoldStringW
CompareStringW
CompareStringOrdinal
GetStringTypeExW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent
OutputDebugStringA

api-ms-win-core-debug-l1-1-1

DebugActiveProcessStop
ContinueDebugEvent
DebugActiveProcess
CheckRemoteDebuggerPresent
WaitForDebugEvent

api-ms-win-core-errorhandling-l1-1-0

SetErrorMode
SetLastError
SetUnhandledExceptionFilter
RaiseException
GetLastError
GetErrorMode
UnhandledExceptionFilter

api-ms-win-core-errorhandling-l1-1-3

GetThreadErrorMode
SetThreadErrorMode

api-ms-win-core-fibers-l1-1-0

FlsFree
FlsAlloc
FlsSetValue
FlsGetValue

api-ms-win-core-util-l1-1-0

Beep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-security-base-l1-1-0

DuplicateToken
CreateWellKnownSid
FreeSid
EqualSid
GetSidSubAuthorityCount
GetSidSubAuthority
InitializeSid
GetTokenInformation
AllocateAndInitializeSid
AccessCheck

api-ms-win-security-base-l1-2-0

SetCachedSigningLevel
CheckTokenMembershipEx
GetCachedSigningLevel
CheckTokenCapability
GetAppContainerAce
AddResourceAttributeAce
AddScopedPolicyIDAce

api-ms-win-security-appcontainer-l1-1-0

GetAppContainerNamedObjectPath

api-ms-win-core-comm-l1-1-0

ClearCommError
SetCommTimeouts
GetCommConfig
GetCommMask
SetCommMask
GetCommProperties
GetCommState
GetCommTimeouts
PurgeComm
SetCommBreak
ClearCommBreak
GetCommModemStatus
SetCommState
SetupComm
TransmitCommChar
WaitCommEvent
EscapeCommFunction
SetCommConfig

api-ms-win-core-realtime-l1-1-0

QueryIdleProcessorCycleTime
QueryIdleProcessorCycleTimeEx
QueryThreadCycleTime
QueryUnbiasedInterruptTime
QueryProcessCycleTime

api-ms-win-core-wow64-l1-1-1

GetSystemWow64Directory2W
IsWow64Process2
GetSystemWow64DirectoryW
GetSystemWow64DirectoryA

api-ms-win-core-wow64-l1-1-0

IsWow64Process
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
Wow64EnableWow64FsRedirection

api-ms-win-core-wow64-l1-1-3

Wow64SuspendThread
Wow64GetThreadContext
Wow64SetThreadContext

api-ms-win-core-systemtopology-l1-1-1

GetNumaProximityNodeEx

api-ms-win-core-systemtopology-l1-1-0

GetNumaHighestNodeNumber
GetNumaNodeProcessorMaskEx

api-ms-win-core-processtopology-l1-1-0

GetThreadGroupAffinity
SetThreadGroupAffinity
GetProcessGroupAffinity

api-ms-win-core-namespace-l1-1-0

CreatePrivateNamespaceW
OpenPrivateNamespaceW
CreateBoundaryDescriptorW
ClosePrivateNamespace
AddSIDToBoundaryDescriptor
DeleteBoundaryDescriptor

api-ms-win-core-file-l2-1-2

CopyFileW
CreateHardLinkA

api-ms-win-core-file-l2-1-0

MoveFileExW
ReplaceFileW
MoveFileWithProgressW
CreateHardLinkW
CopyFile2
CreateSymbolicLinkW
CopyFileExW
GetFileInformationByHandleEx
CreateDirectoryExW
ReadDirectoryChangesW
ReOpenFile

api-ms-win-core-file-l2-1-1

OpenFileById

api-ms-win-core-file-l2-1-3

ReadDirectoryChangesExW

api-ms-win-core-xstate-l2-1-0

GetXStateFeaturesMask
InitializeContext
SetXStateFeaturesMask
GetEnabledXStateFeatures
LocateXStateFeature
CopyContext

api-ms-win-core-xstate-l2-1-1

InitializeContext2

api-ms-win-core-xstate-l2-1-2

EnableProcessOptionalXStateFeatures
GetThreadEnabledXStateFeatures

api-ms-win-core-localization-l2-1-0

GetNumberFormatEx
EnumDateFormatsW
EnumSystemCodePagesW
GetCurrencyFormatEx
EnumTimeFormatsW
EnumTimeFormatsEx
EnumCalendarInfoExEx
EnumCalendarInfoW
EnumDateFormatsExW
EnumDateFormatsExEx
EnumCalendarInfoExW

api-ms-win-core-normalization-l1-1-0

GetStringScripts
VerifyScripts
IdnToNameprepUnicode
NormalizeString
IsNormalizedString

api-ms-win-core-heap-obsolete-l1-1-0

GlobalLock
GlobalUnlock
GlobalHandle
GlobalFlags
GlobalSize
LocalSize
LocalFlags
GlobalReAlloc

api-ms-win-core-fibers-l2-1-0

ConvertThreadToFiber
SwitchToFiber
CreateFiber
DeleteFiber
ConvertFiberToThread

api-ms-win-core-fibers-l2-1-1

ConvertThreadToFiberEx
CreateFiberEx

api-ms-win-core-localization-private-l1-1-0

NlsUpdateSystemLocale
NlsCheckPolicy
NlsUpdateLocale
NlsGetCacheUpdateCount

api-ms-win-core-sidebyside-l1-1-0

AddRefActCtx
ZombifyActCtx
GetCurrentActCtx
ReleaseActCtx
CreateActCtxW
ActivateActCtx
FindActCtxSectionGuid
FindActCtxSectionStringW
DeactivateActCtx
QueryActCtxW
QueryActCtxSettingsW

api-ms-win-core-appcompat-l1-1-0

BaseCleanupAppcompatCacheSupport
BaseCheckAppcompatCacheEx
BaseInitAppcompatCacheSupport
BaseCheckAppcompatCache
BaseFlushAppcompatCache
BaseDumpAppcompatCache
BaseUpdateAppcompatCache

api-ms-win-core-windowserrorreporting-l1-1-1

WerUnregisterExcludedMemoryBlock
WerUnregisterAdditionalProcess
WerRegisterExcludedMemoryBlock
WerUnregisterCustomMetadata
WerRegisterCustomMetadata
WerRegisterAdditionalProcess

api-ms-win-core-windowserrorreporting-l1-1-2

WerUnregisterAppLocalDump
WerRegisterAppLocalDump

api-ms-win-core-windowserrorreporting-l1-1-0

WerRegisterRuntimeExceptionModule
GetApplicationRestartSettings
WerUnregisterRuntimeExceptionModule
WerRegisterFile
WerUnregisterMemoryBlock
WerRegisterMemoryBlock
WerUnregisterFile
GetApplicationRecoveryCallback

api-ms-win-core-windowserrorreporting-l1-1-3

UnregisterApplicationRestart
RegisterApplicationRestart

api-ms-win-core-console-l1-1-0

AllocConsole
WriteConsoleW
SetConsoleMode
SetConsoleCtrlHandler
ReadConsoleW
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleA
ReadConsoleA
ReadConsoleInputA

api-ms-win-core-console-l1-2-0

AttachConsole
FreeConsole
PeekConsoleInputA
PeekConsoleInputW

api-ms-win-core-console-l1-2-1

ResizePseudoConsole
ClosePseudoConsole
CreatePseudoConsole

api-ms-win-core-console-l2-1-0

CreateConsoleScreenBuffer
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FlushConsoleInputBuffer
GenerateConsoleCtrlEvent
GetConsoleCursorInfo
WriteConsoleOutputAttribute
WriteConsoleOutputCharacterA
GetConsoleScreenBufferInfo
GetConsoleScreenBufferInfoEx
WriteConsoleOutputCharacterW
WriteConsoleOutputW
GetLargestConsoleWindowSize
ReadConsoleOutputA
ReadConsoleOutputAttribute
ReadConsoleOutputCharacterA
ReadConsoleOutputW
ScrollConsoleScreenBufferA
ScrollConsoleScreenBufferW
SetConsoleActiveScreenBuffer
SetConsoleCP
SetConsoleCursorInfo
SetConsoleCursorPosition
SetConsoleOutputCP
ReadConsoleOutputCharacterW
WriteConsoleOutputA
WriteConsoleInputW
WriteConsoleInputA
SetConsoleWindowInfo
SetConsoleTextAttribute
SetConsoleScreenBufferSize
SetConsoleScreenBufferInfoEx

api-ms-win-core-console-l2-2-0

GetConsoleTitleA
GetConsoleOriginalTitleW
GetConsoleOriginalTitleA
SetConsoleTitleW
SetConsoleTitleA
GetConsoleTitleW

api-ms-win-core-console-l3-2-0

GetConsoleCommandHistoryLengthW
GetConsoleCommandHistoryLengthA
GetConsoleCommandHistoryA
GetConsoleAliasesW
GetConsoleAliasesLengthW
GetConsoleAliasesLengthA
GetConsoleAliasesA
GetConsoleAliasW
GetConsoleAliasExesW
GetConsoleAliasExesLengthW
GetConsoleAliasExesLengthA
GetConsoleCommandHistoryW
GetConsoleAliasA
ExpungeConsoleCommandHistoryW
ExpungeConsoleCommandHistoryA
AddConsoleAliasW
GetCurrentConsoleFontEx
GetNumberOfConsoleMouseButtons
SetConsoleDisplayMode
GetConsoleDisplayMode
GetConsoleFontSize
SetConsoleHistoryInfo
SetConsoleNumberOfCommandsA
SetConsoleNumberOfCommandsW
SetCurrentConsoleFontEx
GetConsoleHistoryInfo
GetConsoleProcessList
GetConsoleSelectionInfo
GetConsoleWindow
GetConsoleAliasExesA
GetCurrentConsoleFont
AddConsoleAliasA

api-ms-win-core-psapi-l1-1-0

K32QueryWorkingSet
K32InitializeProcessForWsWatch
K32EnumProcesses
K32GetMappedFileNameW
QueryFullProcessImageNameW
K32GetProcessMemoryInfo
K32GetModuleInformation
K32EnumProcessModulesEx
K32GetModuleBaseNameW
K32GetDeviceDriverBaseNameW
K32EnumProcessModules
K32GetPerformanceInfo
K32EnumDeviceDrivers
K32GetDeviceDriverFileNameW
K32GetModuleFileNameExW
K32GetWsChangesEx
K32EnumPageFilesW
K32EmptyWorkingSet
K32GetProcessImageFileNameW
K32QueryWorkingSetEx
K32GetWsChanges

api-ms-win-core-psapi-ansi-l1-1-0

K32GetDeviceDriverBaseNameA
K32GetDeviceDriverFileNameA
K32GetMappedFileNameA
K32GetModuleFileNameExA
QueryFullProcessImageNameA
K32GetModuleBaseNameA
K32GetProcessImageFileNameA
K32EnumPageFilesA

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventSetInformation
EventUnregister
EventRegister

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-appcompat-l1-1-1

BaseReadAppCompatDataForProcess
BaseFreeAppCompatDataForProcess

Exports

Exports

AcquireSRWLockExclusive
AcquireSRWLockShared
ActivateActCtx
ActivateActCtxWorker
ActivatePackageVirtualizationContext
AddAtomA
AddAtomW
AddConsoleAliasA
AddConsoleAliasW
AddDllDirectory
AddIntegrityLabelToBoundaryDescriptor
AddLocalAlternateComputerNameA
AddLocalAlternateComputerNameW
AddRefActCtx
AddRefActCtxWorker
AddResourceAttributeAce
AddSIDToBoundaryDescriptor
AddScopedPolicyIDAce
AddSecureMemoryCacheCallback
AddVectoredContinueHandler
AddVectoredExceptionHandler
AdjustCalendarDate
AllocConsole
AllocateUserPhysicalPages
AllocateUserPhysicalPagesNuma
AppPolicyGetClrCompat
AppPolicyGetCreateFileAccess
AppPolicyGetLifecycleManagement
AppPolicyGetMediaFoundationCodecLoading
AppPolicyGetProcessTerminationMethod
AppPolicyGetShowDeveloperDiagnostic
AppPolicyGetThreadInitializationType
AppPolicyGetWindowingModel
AppXGetOSMaxVersionTested
ApplicationRecoveryFinished
ApplicationRecoveryInProgress
AreFileApisANSI
AreShortNamesEnabled
AssignProcessToJobObject
AttachConsole
BackupRead
BackupSeek
BackupWrite
BaseCheckAppcompatCache
BaseCheckAppcompatCacheEx
BaseCheckAppcompatCacheExWorker
BaseCheckAppcompatCacheWorker
BaseCheckElevation
BaseCleanupAppcompatCacheSupport
BaseCleanupAppcompatCacheSupportWorker
BaseDestroyVDMEnvironment
BaseDllReadWriteIniFile
BaseDumpAppcompatCache
BaseDumpAppcompatCacheWorker
BaseElevationPostProcessing
BaseFlushAppcompatCache
BaseFlushAppcompatCacheWorker
BaseFormatObjectAttributes
BaseFormatTimeOut
BaseFreeAppCompatDataForProcessWorker
BaseGenerateAppCompatData
BaseGetNamedObjectDirectory
BaseInitAppcompatCacheSupport
BaseInitAppcompatCacheSupportWorker
BaseIsAppcompatInfrastructureDisabled
BaseIsAppcompatInfrastructureDisabledWorker
BaseIsDosApplication
BaseQueryModuleData
BaseReadAppCompatDataForProcessWorker
BaseSetLastNTError
BaseThreadInitThunk
BaseUpdateAppcompatCache
BaseUpdateAppcompatCacheWorker
BaseUpdateVDMEntry
BaseVerifyUnicodeString
BaseWriteErrorElevationRequiredEvent
Basep8BitStringToDynamicUnicodeString
BasepAllocateActivationContextActivationBlock
BasepAnsiStringToDynamicUnicodeString
BasepAppContainerEnvironmentExtension
BasepAppXExtension
BasepCheckAppCompat
BasepCheckWebBladeHashes
BasepCheckWinSaferRestrictions
BasepConstructSxsCreateProcessMessage
BasepCopyEncryption
BasepFinishPackageActivation
BasepFinishPackageActivationForSxS
BasepFreeActivationContextActivationBlock
BasepFreeAppCompatData
BasepGetAppCompatData
BasepGetComputerNameFromNtPath
BasepGetExeArchType
BasepGetPackageActivationTokenForFilePath
BasepGetPackageActivationTokenForSxS
BasepGetPackagedAppInfoForFile
BasepInitAppCompatData
BasepIsProcessAllowed
BasepMapModuleHandle
BasepNotifyLoadStringResource
BasepPostSuccessAppXExtension
BasepProcessInvalidImage
BasepQueryAppCompat
BasepQueryModuleChpeSettings
BasepReleaseAppXContext
BasepReleasePackagedAppInfo
BasepReleaseSxsCreateProcessUtilityStruct
BasepReportFault
BasepSetFileEncryptionCompression
Beep
BeginUpdateResourceA
BeginUpdateResourceW
BindIoCompletionCallback
BuildCommDCBA
BuildCommDCBAndTimeoutsA
BuildCommDCBAndTimeoutsW
BuildCommDCBW
BuildIoRingCancelRequest
BuildIoRingFlushFile
BuildIoRingReadFile
BuildIoRingRegisterBuffers
BuildIoRingRegisterFileHandles
BuildIoRingWriteFile
CallNamedPipeA
CallNamedPipeW
CallbackMayRunLong
CancelDeviceWakeupRequest
CancelIo
CancelIoEx
CancelSynchronousIo
CancelThreadpoolIo
CancelTimerQueueTimer
CancelWaitableTimer
CeipIsOptedIn
ChangeTimerQueueTimer
CheckAllowDecryptedRemoteDestinationPolicy
CheckElevation
CheckElevationEnabled
CheckForReadOnlyResource
CheckForReadOnlyResourceFilter
CheckNameLegalDOS8Dot3A
CheckNameLegalDOS8Dot3W
CheckRemoteDebuggerPresent
CheckTokenCapability
CheckTokenMembershipEx
ClearCommBreak
ClearCommError
CloseConsoleHandle
CloseHandle
CloseIoRing
ClosePackageInfo
ClosePrivateNamespace
CloseProfileUserMapping
ClosePseudoConsole
CloseState
CloseThreadpool
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
CloseThreadpoolIo
CloseThreadpoolTimer
CloseThreadpoolWait
CloseThreadpoolWork
CmdBatNotification
CommConfigDialogA
CommConfigDialogW
CompareCalendarDates
CompareFileTime
CompareStringA
CompareStringEx
CompareStringOrdinal
CompareStringW
ConnectNamedPipe
ConsoleMenuControl
ContinueDebugEvent
ConvertCalDateTimeToSystemTime
ConvertDefaultLocale
ConvertFiberToThread
ConvertNLSDayOfWeekToWin32DayOfWeek
ConvertSystemTimeToCalDateTime
ConvertThreadToFiber
ConvertThreadToFiberEx
CopyContext
CopyFile2
CopyFileA
CopyFileExA
CopyFileExW
CopyFileTransactedA
CopyFileTransactedW
CopyFileW
CopyLZFile
CreateActCtxA
CreateActCtxW
CreateActCtxWWorker
CreateBoundaryDescriptorA
CreateBoundaryDescriptorW
CreateConsoleScreenBuffer
CreateDirectoryA
CreateDirectoryExA
CreateDirectoryExW
CreateDirectoryTransactedA
CreateDirectoryTransactedW
CreateDirectoryW
CreateEnclave
CreateEventA
CreateEventExA
CreateEventExW
CreateEventW
CreateFiber
CreateFiberEx
CreateFile2
CreateFileA
CreateFileMappingA
CreateFileMappingFromApp
CreateFileMappingNumaA
CreateFileMappingNumaW
CreateFileMappingW
CreateFileTransactedA
CreateFileTransactedW
CreateFileW
CreateHardLinkA
CreateHardLinkTransactedA
CreateHardLinkTransactedW
CreateHardLinkW
CreateIoCompletionPort
CreateIoRing
CreateJobObjectA
CreateJobObjectW
CreateJobSet
CreateMailslotA
CreateMailslotW
CreateMemoryResourceNotification
CreateMutexA
CreateMutexExA
CreateMutexExW
CreateMutexW
CreateNamedPipeA
CreateNamedPipeW
CreatePackageVirtualizationContext
CreatePipe
CreatePrivateNamespaceA
CreatePrivateNamespaceW
CreateProcessA
CreateProcessAsUserA
CreateProcessAsUserW
CreateProcessInternalA
CreateProcessInternalW
CreateProcessW
CreatePseudoConsole
CreateRemoteThread
CreateRemoteThreadEx
CreateSemaphoreA
CreateSemaphoreExA
CreateSemaphoreExW
CreateSemaphoreW
CreateSymbolicLinkA
CreateSymbolicLinkTransactedA
CreateSymbolicLinkTransactedW
CreateSymbolicLinkW
CreateTapePartition
CreateThread
CreateThreadpool
CreateThreadpoolCleanupGroup
CreateThreadpoolIo
CreateThreadpoolTimer
CreateThreadpoolWait
CreateThreadpoolWork
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
CreateUmsCompletionList
CreateUmsThreadContext
CreateWaitableTimerA
CreateWaitableTimerExA
CreateWaitableTimerExW
CreateWaitableTimerW
CtrlRoutine
DeactivateActCtx
DeactivateActCtxWorker
DeactivatePackageVirtualizationContext
DebugActiveProcess
DebugActiveProcessStop
DebugBreak
DebugBreakProcess
DebugSetProcessKillOnExit
DecodePointer
DecodeSystemPointer
DefineDosDeviceA
DefineDosDeviceW
DelayLoadFailureHook
DeleteAtom
DeleteBoundaryDescriptor
DeleteCriticalSection
DeleteFiber
DeleteFileA
DeleteFileTransactedA
DeleteFileTransactedW
DeleteFileW
DeleteProcThreadAttributeList
DeleteSynchronizationBarrier
DeleteTimerQueue
DeleteTimerQueueEx
DeleteTimerQueueTimer
DeleteUmsCompletionList
DeleteUmsThreadContext
DeleteVolumeMountPointA
DeleteVolumeMountPointW
DequeueUmsCompletionListItems
DeviceIoControl
DisableThreadLibraryCalls
DisableThreadProfiling
DisassociateCurrentThreadFromCallback
DiscardVirtualMemory
DisconnectNamedPipe
DnsHostnameToComputerNameA
DnsHostnameToComputerNameExW
DnsHostnameToComputerNameW
DosDateTimeToFileTime
DosPathToSessionPathA
DosPathToSessionPathW
DuplicateConsoleHandle
DuplicateEncryptionInfoFileExt
DuplicateHandle
DuplicatePackageVirtualizationContext
EnableProcessOptionalXStateFeatures
EnableThreadProfiling
EncodePointer
EncodeSystemPointer
EndUpdateResourceA
EndUpdateResourceW
EnterCriticalSection
EnterSynchronizationBarrier
EnterUmsSchedulingMode
EnumCalendarInfoA
EnumCalendarInfoExA
EnumCalendarInfoExEx
EnumCalendarInfoExW
EnumCalendarInfoW
EnumDateFormatsA
EnumDateFormatsExA
EnumDateFormatsExEx
EnumDateFormatsExW
EnumDateFormatsW
EnumLanguageGroupLocalesA
EnumLanguageGroupLocalesW
EnumResourceLanguagesA
EnumResourceLanguagesExA
EnumResourceLanguagesExW
EnumResourceLanguagesW
EnumResourceNamesA
EnumResourceNamesExA
EnumResourceNamesExW
EnumResourceNamesW
EnumResourceTypesA
EnumResourceTypesExA
EnumResourceTypesExW
EnumResourceTypesW
EnumSystemCodePagesA
EnumSystemCodePagesW
EnumSystemFirmwareTables
EnumSystemGeoID
EnumSystemGeoNames
EnumSystemLanguageGroupsA
EnumSystemLanguageGroupsW
EnumSystemLocalesA
EnumSystemLocalesEx
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsEx
EnumTimeFormatsW
EnumUILanguagesA
EnumUILanguagesW
EnumerateLocalComputerNamesA
EnumerateLocalComputerNamesW
EraseTape
EscapeCommFunction
ExecuteUmsThread
ExitProcess
ExitThread
ExitVDM
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
ExpungeConsoleCommandHistoryA
ExpungeConsoleCommandHistoryW
FatalAppExitA
FatalAppExitW
FatalExit
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FillConsoleOutputAttribute
FillConsoleOutputCharacterA
FillConsoleOutputCharacterW
FindActCtxSectionGuid
FindActCtxSectionGuidWorker
FindActCtxSectionStringA
FindActCtxSectionStringW
FindActCtxSectionStringWWorker
FindAtomA
FindAtomW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileExA
FindFirstFileExW
FindFirstFileNameTransactedW
FindFirstFileNameW
FindFirstFileTransactedA
FindFirstFileTransactedW
FindFirstFileW
FindFirstStreamTransactedW
FindFirstStreamW
FindFirstVolumeA
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNLSString
FindNLSStringEx
FindNextChangeNotification
FindNextFileA
FindNextFileNameW
FindNextFileW
FindNextStreamW
FindNextVolumeA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindPackagesByPackageFamily
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FindStringOrdinal
FindVolumeClose
FindVolumeMountPointClose
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushConsoleInputBuffer
FlushFileBuffers
FlushInstructionCache
FlushProcessWriteBuffers
FlushViewOfFile
FoldStringA
FoldStringW
FormatApplicationUserModelId
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
FreeLibraryWhenCallbackReturns
FreeMemoryJobObject
FreeResource
FreeUserPhysicalPages
GenerateConsoleCtrlEvent
GetACP
GetActiveProcessorCount
GetActiveProcessorGroupCount
GetAppContainerAce
GetAppContainerNamedObjectPath
GetApplicationRecoveryCallback
GetApplicationRecoveryCallbackWorker
GetApplicationRestartSettings
GetApplicationRestartSettingsWorker
GetApplicationUserModelId
GetAtomNameA
GetAtomNameW
GetBinaryType
GetBinaryTypeA
GetBinaryTypeW
GetCPInfo
GetCPInfoExA
GetCPInfoExW
GetCachedSigningLevel
GetCalendarDateFormat
GetCalendarDateFormatEx
GetCalendarDaysInMonth
GetCalendarDifferenceInDays
GetCalendarInfoA
GetCalendarInfoEx
GetCalendarInfoW
GetCalendarMonthsInYear
GetCalendarSupportedDateRange
GetCalendarWeekNumber
GetComPlusPackageInstallStatus
GetCommConfig
GetCommMask
GetCommModemStatus
GetCommProperties
GetCommState
GetCommTimeouts
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeA
GetCompressedFileSizeTransactedA

Sections

.text
Size: 516KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 220KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 4KB - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libgcc_s_seh-1.dll
.dll windows:4 windows x64 arch:x64

8142ee0f45e10ebbff675b18dc67c93c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
RaiseException
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
malloc
memcpy
memset
realloc
strlen
strncmp
vfprintf

libwinpthread-1

pthread_getspecific
pthread_key_create
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_once
pthread_setspecific

Exports

Exports

_GCC_specific_handler
_Unwind_Backtrace
_Unwind_DeleteException
_Unwind_FindEnclosingFunction
_Unwind_ForcedUnwind
_Unwind_GetCFA
_Unwind_GetDataRelBase
_Unwind_GetGR
_Unwind_GetIP
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__absvdi2
__absvsi2
__absvti2
__addtf3
__addvdi3
__addvsi3
__addvti3
__ashlti3
__ashrti3
__bswapdi2
__bswapsi2
__clear_cache
__clrsbdi2
__clrsbti2
__clzdi2
__clzti2
__cmpti2
__ctzdi2
__ctzti2
__divdc3
__divmodti4
__divsc3
__divtc3
__divtf3
__divti3
__divxc3
__emutls_get_address
__emutls_register_common
__enable_execute_stack
__eqtf2
__extenddftf2
__extendsfdf2
__extendsftf2
__extendxftf2
__ffsdi2
__ffsti2
__fixdfti
__fixsfti
__fixtfdi
__fixtfsi
__fixtfti
__fixunsdfdi
__fixunsdfti
__fixunssfdi
__fixunssfti
__fixunstfdi
__fixunstfsi
__fixunstfti
__fixunsxfdi
__fixunsxfti
__fixxfti
__floatditf
__floatsitf
__floattidf
__floattisf
__floattitf
__floattixf
__floatunditf
__floatunsitf
__floatuntidf
__floatuntisf
__floatuntitf
__floatuntixf
__gcc_personality_seh0
__getf2
__gttf2
__letf2
__lshrti3
__lttf2
__modti3
__muldc3
__mulsc3
__multc3
__multf3
__multi3
__mulvdi3
__mulvsi3
__mulvti3
__mulxc3
__negtf2
__negti2
__negvdi2
__negvsi2
__negvti2
__netf2
__paritydi2
__parityti2
__popcountdi2
__popcountti2
__powidf2
__powisf2
__powitf2
__powixf2
__subtf3
__subvdi3
__subvsi3
__subvti3
__truncdfsf2
__trunctfdf2
__trunctfsf2
__trunctfxf2
__ucmpti2
__udivmodti4
__udivti3
__umodti3
__unordtf2

Sections

.text
Size: 90KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 336B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libstdc++-6.dll
.dll windows:4 windows x64 arch:x64

71df0e521674d2a71309d60b125fa94a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libgcc_s_seh-1

_GCC_specific_handler
_Unwind_DeleteException
_Unwind_GetDataRelBase
_Unwind_GetIPInfo
_Unwind_GetLanguageSpecificData
_Unwind_GetRegionStart
_Unwind_GetTextRelBase
_Unwind_RaiseException
_Unwind_Resume
_Unwind_Resume_or_Rethrow
_Unwind_SetGR
_Unwind_SetIP
__divti3
__emutls_get_address
__popcountdi2
__udivmodti4
__udivti3

kernel32

CloseHandle
CreateFileW
CreateHardLinkW
DeleteCriticalSection
DeleteFileW
EnterCriticalSection
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
FormatMessageA
GetCurrentProcess
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetTempPathW
GetTimeZoneInformation
GetVolumeInformationW
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
LocalFree
MoveFileExW
MultiByteToWideChar
RemoveDirectoryW
SetEndOfFile
SetFilePointer
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_aligned_free
_aligned_malloc
_amsg_exit
_assert
_close
_errno
_fdopen
_filelengthi64
_fileno
_findclose
_fileno
_fstat64
_get_osfhandle
_initterm
_lock
_lseeki64
_read
_telli64
_unlock
_wchdir
_wchmod
_wfindfirst64
_wfindnext64
_wfopen
_wfullpath
_wgetcwd
_wmkdir
_wopen
_write
_wstat64
_wutime64
abort
calloc
fclose
fflush
fgetpos
fopen
fputc
fputs
fread
free
fsetpos
fwrite
getc
getenv
getwc
isspace
iswctype
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
putc
putwc
realloc
setlocale
setvbuf
sprintf
strchr
strcmp
strcoll
strerror
strftime
strlen
strncmp
strstr
strtoul
strxfrm
towlower
towupper
ungetwc
ungetc
vfprintf
wcscat
wcscmp
wcscoll
wcscpy
wcsftime
wcslen
wcsxfrm

libwinpthread-1

clock_gettime
nanosleep
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_signal
pthread_cond_wait
pthread_create
pthread_detach
pthread_getspecific
pthread_join
pthread_key_create
pthread_key_delete
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_unlock
pthread_num_processors_np
pthread_once
pthread_rwlock_rdlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_setspecific
sched_yield

Exports

Exports

_Z7fprintfP6_iobufPKcz
_Z7sprintfPcPKcz
_ZGTtNKSt13bad_exception4whatEv
_ZGTtNKSt13bad_exceptionD1Ev
_ZGTtNKSt9exception4whatEv
_ZGTtNKSt9exceptionD1Ev
_ZGVN9__gnu_cxx16bitmap_allocatorIcE13_S_mem_blocksE
_ZGVN9__gnu_cxx16bitmap_allocatorIcE15_S_last_requestE
_ZGVN9__gnu_cxx16bitmap_allocatorIcE6_S_mutE
_ZGVN9__gnu_cxx16bitmap_allocatorIwE13_S_mem_blocksE
_ZGVN9__gnu_cxx16bitmap_allocatorIwE15_S_last_requestE
_ZGVN9__gnu_cxx16bitmap_allocatorIwE6_S_mutE
_ZGVNSt10moneypunctIcLb0EE2idE
_ZGVNSt10moneypunctIcLb1EE2idE
_ZGVNSt10moneypunctIwLb0EE2idE
_ZGVNSt10moneypunctIwLb1EE2idE
_ZGVNSt11__timepunctIcE2idE
_ZGVNSt11__timepunctIwE2idE
_ZGVNSt7__cxx1110moneypunctIcLb0EE2idE
_ZGVNSt7__cxx1110moneypunctIcLb1EE2idE
_ZGVNSt7__cxx1110moneypunctIwLb0EE2idE
_ZGVNSt7__cxx1110moneypunctIwLb1EE2idE
_ZGVNSt7__cxx117collateIcE2idE
_ZGVNSt7__cxx117collateIwE2idE
_ZGVNSt7__cxx118messagesIcE2idE
_ZGVNSt7__cxx118messagesIwE2idE
_ZGVNSt7__cxx118numpunctIcE2idE
_ZGVNSt7__cxx118numpunctIwE2idE
_ZGVNSt7__cxx118time_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7__cxx118time_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt7__cxx119money_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7__cxx119money_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt7__cxx119money_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7__cxx119money_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt7collateIcE2idE
_ZGVNSt7collateIwE2idE
_ZGVNSt7num_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7num_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt7num_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt7num_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt8messagesIcE2idE
_ZGVNSt8messagesIwE2idE
_ZGVNSt8numpunctIcE2idE
_ZGVNSt8numpunctIwE2idE
_ZGVNSt8time_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt8time_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt8time_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt8time_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt9money_getIcSt19istreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt9money_getIwSt19istreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVNSt9money_putIcSt19ostreambuf_iteratorIcSt11char_traitsIcEEE2idE
_ZGVNSt9money_putIwSt19ostreambuf_iteratorIwSt11char_traitsIwEEE2idE
_ZGVZN9__gnu_cxx13__common_poolINS_6__poolELb1EE11_S_get_poolEvE7_S_pool
_ZGVZN9__gnu_cxx9free_list12_M_get_mutexEvE8_S_mutex
_ZGVZN9__gnu_cxx9free_list16_M_get_free_listEvE12_S_free_list
_ZGVZNSt8__detail18__waiter_pool_base6_S_forEPKvE3__w
_ZN10__cxxabiv111__terminateEPFvvE
_ZN10__cxxabiv112__unexpectedEPFvvE
_ZN10__cxxabiv115__forced_unwindD0Ev
_ZN10__cxxabiv115__forced_unwindD1Ev
_ZN10__cxxabiv115__forced_unwindD2Ev
_ZN10__cxxabiv116__enum_type_infoD0Ev
_ZN10__cxxabiv116__enum_type_infoD1Ev
_ZN10__cxxabiv116__enum_type_infoD2Ev
_ZN10__cxxabiv117__array_type_infoD0Ev
_ZN10__cxxabiv117__array_type_infoD1Ev
_ZN10__cxxabiv117__array_type_infoD2Ev
_ZN10__cxxabiv117__class_type_infoD0Ev
_ZN10__cxxabiv117__class_type_infoD1Ev
_ZN10__cxxabiv117__class_type_infoD2Ev
_ZN10__cxxabiv117__pbase_type_infoD0Ev
_ZN10__cxxabiv117__pbase_type_infoD1Ev
_ZN10__cxxabiv117__pbase_type_infoD2Ev
_ZN10__cxxabiv119__foreign_exceptionD0Ev
_ZN10__cxxabiv119__foreign_exceptionD1Ev
_ZN10__cxxabiv119__foreign_exceptionD2Ev
_ZN10__cxxabiv119__pointer_type_infoD0Ev
_ZN10__cxxabiv119__pointer_type_infoD1Ev
_ZN10__cxxabiv119__pointer_type_infoD2Ev
_ZN10__cxxabiv119__terminate_handlerE
_ZN10__cxxabiv120__function_type_infoD0Ev
_ZN10__cxxabiv120__function_type_infoD1Ev
_ZN10__cxxabiv120__function_type_infoD2Ev
_ZN10__cxxabiv120__si_class_type_infoD0Ev
_ZN10__cxxabiv120__si_class_type_infoD1Ev
_ZN10__cxxabiv120__si_class_type_infoD2Ev
_ZN10__cxxabiv120__unexpected_handlerE
_ZN10__cxxabiv121__vmi_class_type_infoD0Ev
_ZN10__cxxabiv121__vmi_class_type_infoD1Ev
_ZN10__cxxabiv121__vmi_class_type_infoD2Ev
_ZN10__cxxabiv123__fundamental_type_infoD0Ev
_ZN10__cxxabiv123__fundamental_type_infoD1Ev
_ZN10__cxxabiv123__fundamental_type_infoD2Ev
_ZN10__cxxabiv129__pointer_to_member_type_infoD0Ev
_ZN10__cxxabiv129__pointer_to_member_type_infoD1Ev
_ZN10__cxxabiv129__pointer_to_member_type_infoD2Ev
_ZN11__gnu_debug19_Safe_iterator_base12_M_get_mutexEv
_ZN11__gnu_debug19_Safe_iterator_base16_M_attach_singleEPNS_19_Safe_sequence_baseEb
_ZN11__gnu_debug19_Safe_iterator_base16_M_detach_singleEv
_ZN11__gnu_debug19_Safe_iterator_base8_M_resetEv
_ZN11__gnu_debug19_Safe_iterator_base9_M_attachEPNS_19_Safe_sequence_baseEb
_ZN11__gnu_debug19_Safe_iterator_base9_M_detachEv
_ZN11__gnu_debug19_Safe_sequence_base12_M_get_mutexEv
_ZN11__gnu_debug19_Safe_sequence_base13_M_detach_allEv
_ZN11__gnu_debug19_Safe_sequence_base16_M_attach_singleEPNS_19_Safe_iterator_baseEb
_ZN11__gnu_debug19_Safe_sequence_base16_M_detach_singleEPNS_19_Safe_iterator_baseE
_ZN11__gnu_debug19_Safe_sequence_base18_M_detach_singularEv
_ZN11__gnu_debug19_Safe_sequence_base22_M_revalidate_singularEv
_ZN11__gnu_debug19_Safe_sequence_base7_M_swapERS0_
_ZN11__gnu_debug19_Safe_sequence_base9_M_attachEPNS_19_Safe_iterator_baseEb
_ZN11__gnu_debug19_Safe_sequence_base9_M_detachEPNS_19_Safe_iterator_baseE
_ZN11__gnu_debug25_Safe_local_iterator_base16_M_attach_singleEPNS_19_Safe_sequence_baseEb
_ZN11__gnu_debug25_Safe_local_iterator_base16_M_detach_singleEv
_ZN11__gnu_debug25_Safe_local_iterator_base9_M_attachEPNS_19_Safe_sequence_baseEb
_ZN11__gnu_debug25_Safe_local_iterator_base9_M_detachEv
_ZN11__gnu_debug30_Safe_unordered_container_base13_M_detach_allEv
_ZN11__gnu_debug30_Safe_unordered_container_base15_M_attach_localEPNS_19_Safe_iterator_baseEb
_ZN11__gnu_debug30_Safe_unordered_container_base15_M_detach_localEPNS_19_Safe_iterator_baseE
_ZN11__gnu_debug30_Safe_unordered_container_base22_M_attach_local_singleEPNS_19_Safe_iterator_baseEb
_ZN11__gnu_debug30_Safe_unordered_container_base22_M_detach_local_singleEPNS_19_Safe_iterator_baseE
_ZN11__gnu_debug30_Safe_unordered_container_base7_M_swapERS0_
_ZN14__gnu_internal12buf_cin_syncE
_ZN14__gnu_internal13buf_cerr_syncE
_ZN14__gnu_internal13buf_cout_syncE
_ZN14__gnu_internal13buf_wcin_syncE
_ZN14__gnu_internal14buf_wcerr_syncE
_ZN14__gnu_internal14buf_wcout_syncE
_ZN14__gnu_internal7buf_cinE
_ZN14__gnu_internal8buf_cerrE
_ZN14__gnu_internal8buf_coutE
_ZN14__gnu_internal8buf_wcinE
_ZN14__gnu_internal9buf_wcerrE
_ZN14__gnu_internal9buf_wcoutE
_ZN14__gnu_internal9get_mutexEh
_ZN14__gnu_parallel9_Settings3getEv
_ZN14__gnu_parallel9_Settings3setERS0_
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEE10deallocateEPcy
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEE14_M_get_optionsEv
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEE14_M_set_optionsENS_11__pool_base5_TuneE
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEE8allocateEyPKv
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEEC1ERKS4_
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEEC1Ev
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEEC2ERKS4_
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEEC2Ev
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEED1Ev
_ZN9__gnu_cxx10__mt_allocIcNS_20__common_pool_policyINS_6__poolELb1EEEED2Ev
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEE10deallocateEPwy
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEE14_M_get_optionsEv
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEE14_M_set_optionsENS_11__pool_base5_TuneE
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEE8allocateEyPKv
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEEC1ERKS4_
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEEC1Ev
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEEC2ERKS4_
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEEC2Ev
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEED1Ev
_ZN9__gnu_cxx10__mt_allocIwNS_20__common_pool_policyINS_6__poolELb1EEEED2Ev
_ZN9__gnu_cxx12__atomic_addEPVii
_ZN9__gnu_cxx12__pool_allocIcE10deallocateEPcy
_ZN9__gnu_cxx12__pool_allocIcE12_S_force_newE
_ZN9__gnu_cxx12__pool_allocIcE7destroyEPc
_ZN9__gnu_cxx12__pool_allocIcE8allocateEyPKv
_ZN9__gnu_cxx12__pool_allocIcE9constructEPcRKc
_ZN9__gnu_cxx12__pool_allocIcEC1ERKS1_
_ZN9__gnu_cxx12__pool_allocIcEC1Ev
_ZN9__gnu_cxx12__pool_allocIcEC2ERKS1_
_ZN9__gnu_cxx12__pool_allocIcEC2Ev
_ZN9__gnu_cxx12__pool_allocIcED1Ev
_ZN9__gnu_cxx12__pool_allocIcED2Ev
_ZN9__gnu_cxx12__pool_allocIwE10deallocateEPwy
_ZN9__gnu_cxx12__pool_allocIwE12_S_force_newE
_ZN9__gnu_cxx12__pool_allocIwE7destroyEPw
_ZN9__gnu_cxx12__pool_allocIwE8allocateEyPKv
_ZN9__gnu_cxx12__pool_allocIwE9constructEPwRKw
_ZN9__gnu_cxx12__pool_allocIwEC1ERKS1_
_ZN9__gnu_cxx12__pool_allocIwEC1Ev
_ZN9__gnu_cxx12__pool_allocIwEC2ERKS1_
_ZN9__gnu_cxx12__pool_allocIwEC2Ev
_ZN9__gnu_cxx12__pool_allocIwED1Ev
_ZN9__gnu_cxx12__pool_allocIwED2Ev
_ZN9__gnu_cxx13__scoped_lockD1Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEE2fdEv
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEE4fileEv
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEE4swapERS3_
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC1EP6_iobufSt13_Ios_Openmodey
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC1EiSt13_Ios_Openmodey
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC1Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC2EP6_iobufSt13_Ios_Openmodey
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC2EiSt13_Ios_Openmodey
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEEC2Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEED0Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEED1Ev
_ZN9__gnu_cxx13stdio_filebufIcSt11char_traitsIcEED2Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEE2fdEv
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEE4fileEv
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEE4swapERS3_
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC1EP6_iobufSt13_Ios_Openmodey
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC1EiSt13_Ios_Openmodey
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC1Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC2EP6_iobufSt13_Ios_Openmodey
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC2EiSt13_Ios_Openmodey
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEEC2Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEED0Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEED1Ev
_ZN9__gnu_cxx13stdio_filebufIwSt11char_traitsIwEED2Ev
_ZN9__gnu_cxx15__concat_size_tEPcyy
_ZN9__gnu_cxx15__snprintf_liteEPcyPKcS0_
_ZN9__gnu_cxx16bitmap_allocatorIcE10deallocateEPcy
_ZN9__gnu_cxx16bitmap_allocatorIcE13_S_block_sizeE
_ZN9__gnu_cxx16bitmap_allocatorIcE13_S_mem_blocksE
_ZN9__gnu_cxx16bitmap_allocatorIcE14_S_refill_poolEv
_ZN9__gnu_cxx16bitmap_allocatorIcE15_S_last_requestE
_ZN9__gnu_cxx16bitmap_allocatorIcE21_S_last_dealloc_indexE
_ZN9__gnu_cxx16bitmap_allocatorIcE25_M_allocate_single_objectEv
_ZN9__gnu_cxx16bitmap_allocatorIcE27_M_deallocate_single_objectEPc
_ZN9__gnu_cxx16bitmap_allocatorIcE6_S_mutE
_ZN9__gnu_cxx16bitmap_allocatorIcE7destroyEPc
_ZN9__gnu_cxx16bitmap_allocatorIcE8allocateEy
_ZN9__gnu_cxx16bitmap_allocatorIcE8allocateEyPKv
_ZN9__gnu_cxx16bitmap_allocatorIcE9constructEPcRKc
_ZN9__gnu_cxx16bitmap_allocatorIcEC1ERKS1_
_ZN9__gnu_cxx16bitmap_allocatorIcEC1Ev
_ZN9__gnu_cxx16bitmap_allocatorIcEC2ERKS1_
_ZN9__gnu_cxx16bitmap_allocatorIcEC2Ev
_ZN9__gnu_cxx16bitmap_allocatorIcED1Ev
_ZN9__gnu_cxx16bitmap_allocatorIcED2Ev
_ZN9__gnu_cxx16bitmap_allocatorIwE10deallocateEPwy
_ZN9__gnu_cxx16bitmap_allocatorIwE13_S_block_sizeE
_ZN9__gnu_cxx16bitmap_allocatorIwE13_S_mem_blocksE
_ZN9__gnu_cxx16bitmap_allocatorIwE14_S_refill_poolEv
_ZN9__gnu_cxx16bitmap_allocatorIwE15_S_last_requestE
_ZN9__gnu_cxx16bitmap_allocatorIwE21_S_last_dealloc_indexE
_ZN9__gnu_cxx16bitmap_allocatorIwE25_M_allocate_single_objectEv
_ZN9__gnu_cxx16bitmap_allocatorIwE27_M_deallocate_single_objectEPw
_ZN9__gnu_cxx16bitmap_allocatorIwE6_S_mutE
_ZN9__gnu_cxx16bitmap_allocatorIwE7destroyEPw
_ZN9__gnu_cxx16bitmap_allocatorIwE8allocateEy
_ZN9__gnu_cxx16bitmap_allocatorIwE8allocateEyPKv
_ZN9__gnu_cxx16bitmap_allocatorIwE9constructEPwRKw
_ZN9__gnu_cxx16bitmap_allocatorIwEC1ERKS1_
_ZN9__gnu_cxx16bitmap_allocatorIwEC1Ev
_ZN9__gnu_cxx16bitmap_allocatorIwEC2ERKS1_
_ZN9__gnu_cxx16bitmap_allocatorIwEC2Ev
_ZN9__gnu_cxx16bitmap_allocatorIwED1Ev
_ZN9__gnu_cxx16bitmap_allocatorIwED2Ev
_ZN9__gnu_cxx17__pool_alloc_base11_S_end_freeE
_ZN9__gnu_cxx17__pool_alloc_base12_M_get_mutexEv
_ZN9__gnu_cxx17__pool_alloc_base12_S_free_listE
_ZN9__gnu_cxx17__pool_alloc_base12_S_heap_sizeE
_ZN9__gnu_cxx17__pool_alloc_base13_S_start_freeE
_ZN9__gnu_cxx17__pool_alloc_base16_M_get_free_listEy
_ZN9__gnu_cxx17__pool_alloc_base17_M_allocate_chunkEyRi
_ZN9__gnu_cxx17__pool_alloc_base9_M_refillEy
_ZN9__gnu_cxx18__common_pool_baseINS_6__poolELb1EE13_S_initializeEv
_ZN9__gnu_cxx18__exchange_and_addEPVii
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE4fileEv
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE4swapERS3_
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE4syncEv
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE5uflowEv
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE6xsgetnEPcx
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE6xsputnEPKcx
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE7seekoffExSt12_Ios_SeekdirSt13_Ios_Openmode
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE7seekposESt4fposIiESt13_Ios_Openmode
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE8overflowEi
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE9pbackfailEi
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEE9underflowEv
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEC1EOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEC1EP6_iobuf
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEC2EOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEC2EP6_iobuf
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEED0Ev
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEED1Ev
_ZN9__gnu_cxx18stdio_sync_filebufIcSt11char_traitsIcEEaSEOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE4fileEv
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE4swapERS3_
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE4syncEv
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE5uflowEv
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE6xsgetnEPwx
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE6xsputnEPKwx
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE7seekoffExSt12_Ios_SeekdirSt13_Ios_Openmode
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE7seekposESt4fposIiESt13_Ios_Openmode
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE8overflowEt
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE9pbackfailEt
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEE9underflowEv
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEC1EOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEC1EP6_iobuf
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEC2EOS3_
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEC2EP6_iobuf
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEED0Ev
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEED1Ev
_ZN9__gnu_cxx18stdio_sync_filebufIwSt11char_traitsIwEEaSEOS3_
_ZN9__gnu_cxx19__function_requiresINS_19_ConvertibleConceptIjjEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_21_InputIteratorConceptIPKcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_21_InputIteratorConceptIPKwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_21_InputIteratorConceptIPcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_21_InputIteratorConceptIPwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_22_OutputIteratorConceptISt19ostreambuf_iteratorIcSt11char_traitsIcEEcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_22_OutputIteratorConceptISt19ostreambuf_iteratorIwSt11char_traitsIwEEwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIPcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIPwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIiEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIjEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIlEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_26_LessThanComparableConceptIxEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptINS_17__normal_iteratorIPKcSsEEEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptINS_17__normal_iteratorIPKwSbIwSt11char_traitsIwESaIwEEEEEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptINS_17__normal_iteratorIPcSsEEEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptINS_17__normal_iteratorIPwSbIwSt11char_traitsIwESaIwEEEEEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptIPKcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptIPKwEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptIPcEEEEvv
_ZN9__gnu_cxx19__function_requiresINS_28_RandomAccessIteratorConceptIPwEEEEvv
_ZN9__gnu_cxx20recursive_init_errorC1Ev
_ZN9__gnu_cxx20recursive_init_errorC2Ev
_ZN9__gnu_cxx20recursive_init_errorD0Ev
_ZN9__gnu_cxx20recursive_init_errorD1Ev
_ZN9__gnu_cxx20recursive_init_errorD2Ev
_ZN9__gnu_cxx24__concurrence_lock_errorD0Ev
_ZN9__gnu_cxx24__concurrence_lock_errorD1Ev
_ZN9__gnu_cxx24__concurrence_wait_errorD0Ev
_ZN9__gnu_cxx24__concurrence_wait_errorD1Ev
_ZN9__gnu_cxx26__aux_require_boolean_exprIbEEvRKT_
_ZN9__gnu_cxx26__concurrence_unlock_errorD0Ev
_ZN9__gnu_cxx26__concurrence_unlock_errorD1Ev
_ZN9__gnu_cxx26__throw_insufficient_spaceEPKcS1_
_ZN9__gnu_cxx27__verbose_terminate_handlerEv
_ZN9__gnu_cxx29__concurrence_broadcast_errorD0Ev
_ZN9__gnu_cxx29__concurrence_broadcast_errorD1Ev
_ZN9__gnu_cxx30__throw_concurrence_lock_errorEv
_ZN9__gnu_cxx32__throw_concurrence_unlock_errorEv
_ZN9__gnu_cxx35__throw_concurrence_broadcast_errorEv
_ZN9__gnu_cxx4ropeIcSaIcEE10_S_min_lenE
_ZN9__gnu_cxx4ropeIcSaIcEE8_S_fetchEPNS_13_Rope_RopeRepIcS1_EEy
_ZN9__gnu_cxx4ropeIwSaIwEE10_S_min_lenE
_ZN9__gnu_cxx4ropeIwSaIwEE8_S_fetchEPNS_13_Rope_RopeRepIwS1_EEy
_ZN9__gnu_cxx6__poolILb0EE10_M_destroyEv
_ZN9__gnu_cxx6__poolILb0EE13_M_initializeEv
_ZN9__gnu_cxx6__poolILb0EE16_M_reclaim_blockEPcy
_ZN9__gnu_cxx6__poolILb0EE16_M_reserve_blockEyy
_ZN9__gnu_cxx6__poolILb1EE10_M_destroyEv
_ZN9__gnu_cxx6__poolILb1EE13_M_initializeEPFvPvE
_ZN9__gnu_cxx6__poolILb1EE13_M_initializeEv
_ZN9__gnu_cxx6__poolILb1EE16_M_get_thread_idEv
_ZN9__gnu_cxx6__poolILb1EE16_M_reclaim_blockEPcy
_ZN9__gnu_cxx6__poolILb1EE16_M_reserve_blockEyy
_ZN9__gnu_cxx6__poolILb1EE21_M_destroy_thread_keyEPv
_ZN9__gnu_cxx8__detail13__lower_boundIPPyyNS_9free_list19_LT_pointer_compareEEET_S6_S6_RKT0_T1_
_ZN9__gnu_cxx8__detail13__mini_vectorIPyE10deallocateEPS2_y
_ZN9__gnu_cxx8__detail13__mini_vectorIPyE5clearEv
_ZN9__gnu_cxx8__detail13__mini_vectorIPyE5eraseEPS2_
_ZN9__gnu_cxx8__detail13__mini_vectorIPyE6insertEPS2_RKS2_
_ZN9__gnu_cxx8__detail13__mini_vectorIPyE8allocateEy
_ZN9__gnu_cxx8__detail13__mini_vectorIPyE8pop_backEv
_ZN9__gnu_cxx8__detail13__mini_vectorIPyE9push_backERKS2_
_ZN9__gnu_cxx8__detail13__mini_vectorIPyEC1Ev
_ZN9__gnu_cxx8__detail13__mini_vectorIPyEC2Ev
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE10deallocateEPS7_y
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE5clearEv
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE5eraseEPS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE6insertEPS7_RKS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE8allocateEy
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE8pop_backEv
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE9push_backERKS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EEC1Ev
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EEC2Ev
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE10deallocateEPS7_y
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE5clearEv
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE5eraseEPS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE6insertEPS7_RKS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE8allocateEy
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE8pop_backEv
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE9push_backERKS7_
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EEC1Ev
_ZN9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EEC2Ev
_ZN9__gnu_cxx9__freeresEv
_ZN9__gnu_cxx9free_list6_M_getEy
_ZN9__gnu_cxx9free_list8_M_clearEv
_ZN9__gnu_cxxeqIPKcNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEEbRKNS_17__normal_iteratorIT_T0_EESE_
_ZN9__gnu_cxxeqIPKcSsEEbRKNS_17__normal_iteratorIT_T0_EES8_
_ZN9__gnu_cxxeqIPKwNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEEEEbRKNS_17__normal_iteratorIT_T0_EESE_
_ZN9__gnu_cxxeqIPKwSbIwSt11char_traitsIwESaIwEEEEbRKNS_17__normal_iteratorIT_T0_EESC_
_ZN9__gnu_cxxeqIPcNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEEbRKNS_17__normal_iteratorIT_T0_EESD_
_ZN9__gnu_cxxeqIPcSsEEbRKNS_17__normal_iteratorIT_T0_EES7_
_ZN9__gnu_cxxeqIPwNSt7__cxx1112basic_stringIwSt11char_traitsIwESaIwEEEEEbRKNS_17__normal_iteratorIT_T0_EESD_
_ZN9__gnu_cxxeqIPwSbIwSt11char_traitsIwESaIwEEEEbRKNS_17__normal_iteratorIT_T0_EESB_
_ZNK10__cxxabiv117__class_type_info10__do_catchEPKSt9type_infoPPvj
_ZNK10__cxxabiv117__class_type_info11__do_upcastEPKS0_PKvRNS0_15__upcast_resultE
_ZNK10__cxxabiv117__class_type_info11__do_upcastEPKS0_PPv
_ZNK10__cxxabiv117__class_type_info12__do_dyncastExNS0_10__sub_kindEPKS0_PKvS3_S5_RNS0_16__dyncast_resultE
_ZNK10__cxxabiv117__class_type_info20__do_find_public_srcExPKvPKS0_S2_
_ZNK10__cxxabiv117__pbase_type_info10__do_catchEPKSt9type_infoPPvj
_ZNK10__cxxabiv117__pbase_type_info15__pointer_catchEPKS0_PPvj
_ZNK10__cxxabiv119__pointer_type_info14__is_pointer_pEv
_ZNK10__cxxabiv119__pointer_type_info15__pointer_catchEPKNS_17__pbase_type_infoEPPvj
_ZNK10__cxxabiv120__function_type_info15__is_function_pEv
_ZNK10__cxxabiv120__si_class_type_info11__do_upcastEPKNS_17__class_type_infoEPKvRNS1_15__upcast_resultE
_ZNK10__cxxabiv120__si_class_type_info12__do_dyncastExNS_17__class_type_info10__sub_kindEPKS1_PKvS4_S6_RNS1_16__dyncast_resultE
_ZNK10__cxxabiv120__si_class_type_info20__do_find_public_srcExPKvPKNS_17__class_type_infoES2_
_ZNK10__cxxabiv121__vmi_class_type_info11__do_upcastEPKNS_17__class_type_infoEPKvRNS1_15__upcast_resultE
_ZNK10__cxxabiv121__vmi_class_type_info12__do_dyncastExNS_17__class_type_info10__sub_kindEPKS1_PKvS4_S6_RNS1_16__dyncast_resultE
_ZNK10__cxxabiv121__vmi_class_type_info20__do_find_public_srcExPKvPKNS_17__class_type_infoES2_
_ZNK10__cxxabiv129__pointer_to_member_type_info15__pointer_catchEPKNS_17__pbase_type_infoEPPvj
_ZNK11__gnu_debug16_Error_formatter10_M_messageENS_13_Debug_msg_idE
_ZNK11__gnu_debug16_Error_formatter10_Parameter14_M_print_fieldEPKS0_PKc
_ZNK11__gnu_debug16_Error_formatter10_Parameter20_M_print_descriptionEPKS0_
_ZNK11__gnu_debug16_Error_formatter13_M_print_wordEPKc
_ZNK11__gnu_debug16_Error_formatter14_M_format_wordIPKcEEvPciS3_T_
_ZNK11__gnu_debug16_Error_formatter14_M_format_wordIPKvEEvPciPKcT_
_ZNK11__gnu_debug16_Error_formatter14_M_format_wordIlEEvPciPKcT_
_ZNK11__gnu_debug16_Error_formatter14_M_format_wordIyEEvPciPKcT_
_ZNK11__gnu_debug16_Error_formatter15_M_print_stringEPKc
_ZNK11__gnu_debug16_Error_formatter17_M_get_max_lengthEv
_ZNK11__gnu_debug16_Error_formatter8_M_errorEv
_ZNK11__gnu_debug19_Safe_iterator_base11_M_singularEv
_ZNK11__gnu_debug19_Safe_iterator_base14_M_can_compareERKS0_
_ZNK11__gnu_debug25_Safe_local_iterator_base16_M_get_containerEv
_ZNK9__gnu_cxx12__pool_allocIcE7addressERKc
_ZNK9__gnu_cxx12__pool_allocIcE7addressERc
_ZNK9__gnu_cxx12__pool_allocIcE8max_sizeEv
_ZNK9__gnu_cxx12__pool_allocIwE7addressERKw
_ZNK9__gnu_cxx12__pool_allocIwE7addressERw
_ZNK9__gnu_cxx12__pool_allocIwE8max_sizeEv
_ZNK9__gnu_cxx16bitmap_allocatorIcE7addressERKc
_ZNK9__gnu_cxx16bitmap_allocatorIcE7addressERc
_ZNK9__gnu_cxx16bitmap_allocatorIcE8max_sizeEv
_ZNK9__gnu_cxx16bitmap_allocatorIwE7addressERKw
_ZNK9__gnu_cxx16bitmap_allocatorIwE7addressERw
_ZNK9__gnu_cxx16bitmap_allocatorIwE8max_sizeEv
_ZNK9__gnu_cxx24__concurrence_lock_error4whatEv
_ZNK9__gnu_cxx24__concurrence_wait_error4whatEv
_ZNK9__gnu_cxx26__concurrence_unlock_error4whatEv
_ZNK9__gnu_cxx29__concurrence_broadcast_error4whatEv
_ZNK9__gnu_cxx8__detail13__mini_vectorIPyE13_M_space_leftEv
_ZNK9__gnu_cxx8__detail13__mini_vectorIPyE3endEv
_ZNK9__gnu_cxx8__detail13__mini_vectorIPyE4backEv
_ZNK9__gnu_cxx8__detail13__mini_vectorIPyE4sizeEv
_ZNK9__gnu_cxx8__detail13__mini_vectorIPyE5beginEv
_ZNK9__gnu_cxx8__detail13__mini_vectorIPyEixEy
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE13_M_space_leftEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE3endEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE4backEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE4sizeEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EE5beginEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIcE12_Alloc_blockES6_EEixEy
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE13_M_space_leftEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE3endEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE4backEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE4sizeEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EE5beginEv
_ZNK9__gnu_cxx8__detail13__mini_vectorISt4pairIPNS_16bitmap_allocatorIwE12_Alloc_blockES6_EEixEy
_ZNKRSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEE3strEv
_ZNKRSt7__cxx1115basic_stringbufIwSt11char_traitsIwESaIwEE3strEv
_ZNKRSt7__cxx1118basic_stringstreamIcSt11char_traitsIcESaIcEE3strEv
_ZNKRSt7__cxx1118basic_stringstreamIwSt11char_traitsIwESaIwEE3strEv
_ZNKRSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEE3strEv
_ZNKRSt7__cxx1119basic_istringstreamIwSt11char_traitsIwESaIwEE3strEv
_ZNKRSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEE3strEv
_ZNKRSt7__cxx1119basic_ostringstreamIwSt11char_traitsIwESaIwEE3strEv
_ZNKSbIwSt11char_traitsIwESaIwEE11_M_disjunctEPKw
_ZNKSbIwSt11char_traitsIwESaIwEE12find_last_ofEPKwy
_ZNKSbIwSt11char_traitsIwESaIwEE12find_last_ofEPKwyy
_ZNKSbIwSt11char_traitsIwESaIwEE12find_last_ofERKS2_y
_ZNKSbIwSt11char_traitsIwESaIwEE12find_last_ofEwy
_ZNKSbIwSt11char_traitsIwESaIwEE13find_first_ofEPKwy
_ZNKSbIwSt11char_traitsIwESaIwEE13find_first_ofEPKwyy
_ZNKSbIwSt11char_traitsIwESaIwEE13find_first_ofERKS2_y
_ZNKSbIwSt11char_traitsIwESaIwEE13find_first_ofEwy
_ZNKSbIwSt11char_traitsIwESaIwEE13get_allocatorEv
_ZNKSbIwSt11char_traitsIwESaIwEE15_M_check_lengthEyyPKc
_ZNKSbIwSt11char_traitsIwESaIwEE16find_last_not_ofEPKwy
_ZNKSbIwSt11char_traitsIwESaIwEE16find_last_not_ofEPKwyy
_ZNKSbIwSt11char_traitsIwESaIwEE16find_last_not_ofERKS2_y
_ZNKSbIwSt11char_traitsIwESaIwEE16find_last_not_ofEwy
_ZNKSbIwSt11char_traitsIwESaIwEE17find_first_not_ofEPKwy
_ZNKSbIwSt11char_traitsIwESaIwEE17find_first_not_ofEPKwyy
_ZNKSbIwSt11char_traitsIwESaIwEE17find_first_not_ofERKS2_y
_ZNKSbIwSt11char_traitsIwESaIwEE17find_first_not_ofEwy
_ZNKSbIwSt11char_traitsIwESaIwEE2atEy
_ZNKSbIwSt11char_traitsIwESaIwEE3endEv
_ZNKSbIwSt11char_traitsIwESaIwEE4_Rep12_M_is_leakedEv
_ZNKSbIwSt11char_traitsIwESaIwEE4_Rep12_M_is_sharedEv
_ZNKSbIwSt11char_traitsIwESaIwEE4backEv
_ZNKSbIwSt11char_traitsIwESaIwEE4cendEv
_ZNKSbIwSt11char_traitsIwESaIwEE4copyEPwyy
_ZNKSbIwSt11char_traitsIwESaIwEE4dataEv
_ZNKSbIwSt11char_traitsIwESaIwEE4findEPKwy
_ZNKSbIwSt11char_traitsIwESaIwEE4findEPKwyy
_ZNKSbIwSt11char_traitsIwESaIwEE4findERKS2_y
_ZNKSbIwSt11char_traitsIwESaIwEE4findEwy
_ZNKSbIwSt11char_traitsIwESaIwEE4rendEv
_ZNKSbIwSt11char_traitsIwESaIwEE4sizeEv
_ZNKSbIwSt11char_traitsIwESaIwEE5beginEv
_ZNKSbIwSt11char_traitsIwESaIwEE5c_strEv
_ZNKSbIwSt11char_traitsIwESaIwEE5crendEv
_ZNKSbIwSt11char_traitsIwESaIwEE5emptyEv
_ZNKSbIwSt11char_traitsIwESaIwEE5frontEv
_ZNKSbIwSt11char_traitsIwESaIwEE5rfindEPKwy
_ZNKSbIwSt11char_traitsIwESaIwEE5rfindEPKwyy
_ZNKSbIwSt11char_traitsIwESaIwEE5rfindERKS2_y
_ZNKSbIwSt11char_traitsIwESaIwEE5rfindEwy
_ZNKSbIwSt11char_traitsIwESaIwEE6_M_repEv

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 345KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 422KB - Virtual size: 422KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libvmime.dll
.dll windows:4 windows x64 arch:x64

9ccad429ef487a57d2dc8583f87feecf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

libgcc_s_seh-1

_Unwind_Resume

libgnutls-30

gnutls_anon_allocate_client_credentials
gnutls_anon_free_client_credentials
gnutls_bye
gnutls_certificate_allocate_credentials
gnutls_certificate_free_credentials
gnutls_certificate_get_peers
gnutls_credentials_set
gnutls_deinit
gnutls_dh_set_prime_bits
gnutls_global_deinit
gnutls_global_init
gnutls_handshake
gnutls_init
gnutls_priority_set_direct
gnutls_record_get_direction
gnutls_record_recv
gnutls_record_send
gnutls_server_name_set
gnutls_strerror
gnutls_transport_set_errno
gnutls_transport_set_errno_function
gnutls_transport_set_ptr
gnutls_transport_set_pull_function
gnutls_transport_set_push_function
gnutls_x509_crt_check_hostname
gnutls_x509_crt_check_issuer
gnutls_x509_crt_deinit
gnutls_x509_crt_export
gnutls_x509_crt_get_activation_time
gnutls_x509_crt_get_dn_by_oid
gnutls_x509_crt_get_expiration_time
gnutls_x509_crt_get_fingerprint
gnutls_x509_crt_get_issuer_dn
gnutls_x509_crt_get_serial
gnutls_x509_crt_get_subject_alt_name
gnutls_x509_crt_get_version
gnutls_x509_crt_import
gnutls_x509_crt_init
gnutls_x509_crt_list_import
gnutls_x509_crt_verify

libgsasl-7

gsasl_callback_hook_get
gsasl_callback_hook_set
gsasl_callback_set
gsasl_client_mechlist
gsasl_client_start
gsasl_client_suggest_mechanism
gsasl_client_support_p
gsasl_decode
gsasl_done
gsasl_encode
gsasl_finish
gsasl_free
gsasl_init
gsasl_property_set
gsasl_step

libicuuc73

UCNV_FROM_U_CALLBACK_STOP_73
UCNV_TO_U_CALLBACK_STOP_73
_ZN6icu_7313UnicodeString19getTerminatedBufferEv
_ZN6icu_7313UnicodeStringC1EPKc
_ZN6icu_7313UnicodeStringD1Ev
u_errorName_73
ucnv_close_73
ucnv_fromUnicode_73
ucnv_getInvalidChars_73
ucnv_getMaxCharSize_73
ucnv_getMinCharSize_73
ucnv_open_73
ucnv_reset_73
ucnv_setFromUCallBack_73
ucnv_setSubstString_73
ucnv_setToUCallBack_73
ucnv_toUnicode_73

kernel32

CloseHandle
CreateDirectoryA
CreateFileA
DeleteCriticalSection
DeleteFileA
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FormatMessageA
GetACP
GetComputerNameExA
GetCurrentProcessId
GetCurrentThreadId
GetFileAttributesA
GetFileSize
GetLastError
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
LocalFree
MoveFileA
ReadFile
SetFilePointer
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WriteFile

msvcrt

__iob_func
_amsg_exit
_gmtime64
_initterm
_localtime64
_lock
_mktime64
_time64
_unlock
abort
calloc
free
fwrite
isalpha
isspace
memcmp
memcpy
memmove
memset
realloc
strlen
strncmp
tolower
vfprintf

libstdc++-6

_ZNKSt13runtime_error4whatEv
_ZNKSt5ctypeIcE13_M_widen_initEv
_ZNKSt6locale2id5_M_idEv
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE13find_first_ofEPKcyy
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEPKcyy
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4findEcy
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE5rfindEPKcyy
_ZNKSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE5rfindEcy
_ZNKSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEE3strEv
_ZNKSt9type_infoeqERKS_
_ZNSi10_M_extractItEERSiRT_
_ZNSi10_M_extractIyEERSiRT_
_ZNSi3getEv
_ZNSi4peekEv
_ZNSi4readEPcx
_ZNSi5seekgExSt12_Ios_Seekdir
_ZNSi5tellgEv
_ZNSi6ignoreEx
_ZNSirsERi
_ZNSo3putEc
_ZNSo5flushEv
_ZNSo5writeEPKcx
_ZNSo9_M_insertImEERSoT_
_ZNSo9_M_insertIyEERSoT_
_ZNSolsEi
_ZNSt12bad_weak_ptrD1Ev
_ZNSt12out_of_rangeC1EPKc
_ZNSt12out_of_rangeD1Ev
_ZNSt13runtime_errorC1EPKc
_ZNSt13runtime_errorC2EPKc
_ZNSt13runtime_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZNSt13runtime_errorD1Ev
_ZNSt13runtime_errorD2Ev
_ZNSt15__exception_ptr13exception_ptr10_M_releaseEv
_ZNSt15__exception_ptr13exception_ptr9_M_addrefEv
_ZNSt16invalid_argumentC1EPKc
_ZNSt16invalid_argumentD1Ev
_ZNSt5ctypeIcE2idE
_ZNSt6locale7classicEv
_ZNSt6localeC1Ev
_ZNSt6localeD1Ev
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_disposeEv
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE10_M_replaceEyyPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE14_M_replace_auxEyyyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE4swapERS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6appendEPKc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE6resizeEyc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE7reserveEy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE8_M_eraseEyy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_appendEPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_assignERKS4_
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_createERyy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9_M_mutateEyyPKcy
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEE9push_backEc
_ZNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEC1EOS4_
_ZNSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEE7_M_syncEPcyy
_ZNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEEC1Ev
_ZNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEED1Ev
_ZNSt8__detail15_List_node_base7_M_hookEPS0_
_ZNSt8__detail15_List_node_base9_M_unhookEv
_ZNSt8ios_baseC2Ev
_ZNSt8ios_baseD2Ev
_ZNSt9bad_allocD1Ev
_ZNSt9basic_iosIcSt11char_traitsIcEE4initEPSt15basic_streambufIcS1_E
_ZNSt9basic_iosIcSt11char_traitsIcEE5clearESt12_Ios_Iostate
_ZNSt9basic_iosIcSt11char_traitsIcEE5imbueERKSt6locale
_ZSt16__ostream_insertIcSt11char_traitsIcEERSt13basic_ostreamIT_T0_ES6_PKS3_x
_ZSt16__throw_bad_castv
_ZSt17__throw_bad_allocv
_ZSt17current_exceptionv
_ZSt17rethrow_exceptionNSt15__exception_ptr13exception_ptrE
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPKSt18_Rb_tree_node_base
_ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base
_ZSt19__throw_logic_errorPKc
_ZSt20__throw_length_errorPKc
_ZSt24__throw_out_of_range_fmtPKcz
_ZSt28_Rb_tree_rebalance_for_erasePSt18_Rb_tree_node_baseRS_
_ZSt28__throw_bad_array_new_lengthv
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_
_ZSt7getlineIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RNSt7__cxx1112basic_stringIS4_S5_T1_EES4_
_ZStrsIcSt11char_traitsIcESaIcEERSt13basic_istreamIT_T0_ES7_RNSt7__cxx1112basic_stringIS4_S5_T1_EE
_ZTTNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEEE
_ZTTNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEEE
_ZTVN10__cxxabiv117__class_type_infoE
_ZTVN10__cxxabiv120__si_class_type_infoE
_ZTVN10__cxxabiv121__vmi_class_type_infoE
_ZTVNSt7__cxx1115basic_stringbufIcSt11char_traitsIcESaIcEEE
_ZTVNSt7__cxx1119basic_istringstreamIcSt11char_traitsIcESaIcEEE
_ZTVNSt7__cxx1119basic_ostringstreamIcSt11char_traitsIcESaIcEEE
_ZTVSt12bad_weak_ptr
_ZTVSt15basic_streambufIcSt11char_traitsIcEE
_ZTVSt9bad_alloc
_ZTVSt9basic_iosIcSt11char_traitsIcEE
_ZdaPv
_ZdlPv
_Znay
_Znwy
__cxa_allocate_exception
__cxa_bad_cast
__cxa_bad_typeid
__cxa_begin_catch
__cxa_end_catch
__cxa_free_exception
__cxa_guard_abort
__cxa_guard_acquire
__cxa_guard_release
__cxa_rethrow
__cxa_throw
__dynamic_cast
__gxx_personality_seh0

ws2_32

WSACleanup
WSAGetLastError
WSAStartup
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyname
getnameinfo
getpeername
htons
inet_addr
ioctlsocket
recv
select
send
shutdown
socket

Exports

Exports

_ZN4utf89unchecked4nextIPKcEEjRT_
_ZN5vmime10exceptions12no_expeditorC1ERKNS_9exceptionE
_ZN5vmime10exceptions12no_expeditorC2ERKNS_9exceptionE
_ZN5vmime10exceptions12no_expeditorD0Ev
_ZN5vmime10exceptions12no_expeditorD1Ev
_ZN5vmime10exceptions12no_expeditorD2Ev
_ZN5vmime10exceptions12no_recipientC1ERKNS_9exceptionE
_ZN5vmime10exceptions12no_recipientC2ERKNS_9exceptionE
_ZN5vmime10exceptions12no_recipientD0Ev
_ZN5vmime10exceptions12no_recipientD1Ev
_ZN5vmime10exceptions12no_recipientD2Ev
_ZN5vmime10exceptions12no_such_partC1ERKNS_9exceptionE
_ZN5vmime10exceptions12no_such_partC2ERKNS_9exceptionE
_ZN5vmime10exceptions12no_such_partD0Ev
_ZN5vmime10exceptions12no_such_partD1Ev
_ZN5vmime10exceptions12no_such_partD2Ev
_ZN5vmime10exceptions12system_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions12system_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions12system_errorD0Ev
_ZN5vmime10exceptions12system_errorD1Ev
_ZN5vmime10exceptions12system_errorD2Ev
_ZN5vmime10exceptions13command_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_S9_RKNS_9exceptionE
_ZN5vmime10exceptions13command_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_S9_RKNS_9exceptionE
_ZN5vmime10exceptions13command_errorD0Ev
_ZN5vmime10exceptions13command_errorD1Ev
_ZN5vmime10exceptions13command_errorD2Ev
_ZN5vmime10exceptions13illegal_stateC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions13illegal_stateC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions13illegal_stateD0Ev
_ZN5vmime10exceptions13illegal_stateD1Ev
_ZN5vmime10exceptions13illegal_stateD2Ev
_ZN5vmime10exceptions13malformed_urlC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions13malformed_urlC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions13malformed_urlD0Ev
_ZN5vmime10exceptions13malformed_urlD1Ev
_ZN5vmime10exceptions13malformed_urlD2Ev
_ZN5vmime10exceptions13net_exceptionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions13net_exceptionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions13net_exceptionD0Ev
_ZN5vmime10exceptions13net_exceptionD1Ev
_ZN5vmime10exceptions13net_exceptionD2Ev
_ZN5vmime10exceptions13no_such_fieldC1ERKNS_9exceptionE
_ZN5vmime10exceptions13no_such_fieldC2ERKNS_9exceptionE
_ZN5vmime10exceptions13no_such_fieldD0Ev
_ZN5vmime10exceptions13no_such_fieldD1Ev
_ZN5vmime10exceptions13no_such_fieldD2Ev
_ZN5vmime10exceptions13not_connectedC1ERKNS_9exceptionE
_ZN5vmime10exceptions13not_connectedC2ERKNS_9exceptionE
_ZN5vmime10exceptions13not_connectedD0Ev
_ZN5vmime10exceptions13not_connectedD1Ev
_ZN5vmime10exceptions13not_connectedD2Ev
_ZN5vmime10exceptions13tls_exceptionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions13tls_exceptionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions13tls_exceptionD0Ev
_ZN5vmime10exceptions13tls_exceptionD1Ev
_ZN5vmime10exceptions13tls_exceptionD2Ev
_ZN5vmime10exceptions14file_not_foundC1ERKNS_7utility4pathERKNS_9exceptionE
_ZN5vmime10exceptions14file_not_foundC2ERKNS_7utility4pathERKNS_9exceptionE
_ZN5vmime10exceptions14file_not_foundD0Ev
_ZN5vmime10exceptions14file_not_foundD1Ev
_ZN5vmime10exceptions14file_not_foundD2Ev
_ZN5vmime10exceptions14sasl_exceptionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions14sasl_exceptionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions14sasl_exceptionD0Ev
_ZN5vmime10exceptions14sasl_exceptionD1Ev
_ZN5vmime10exceptions14sasl_exceptionD2Ev
_ZN5vmime10exceptions15not_a_directoryC1ERKNS_7utility4pathERKNS_9exceptionE
_ZN5vmime10exceptions15not_a_directoryC2ERKNS_7utility4pathERKNS_9exceptionE
_ZN5vmime10exceptions15not_a_directoryD0Ev
_ZN5vmime10exceptions15not_a_directoryD1Ev
_ZN5vmime10exceptions15not_a_directoryD2Ev
_ZN5vmime10exceptions15open_file_errorC1ERKNS_9exceptionE
_ZN5vmime10exceptions15open_file_errorC2ERKNS_9exceptionE
_ZN5vmime10exceptions15open_file_errorD0Ev
_ZN5vmime10exceptions15open_file_errorD1Ev
_ZN5vmime10exceptions15open_file_errorD2Ev
_ZN5vmime10exceptions16connection_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions16connection_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions16connection_errorD0Ev
_ZN5vmime10exceptions16connection_errorD1Ev
_ZN5vmime10exceptions16connection_errorD2Ev
_ZN5vmime10exceptions16folder_not_foundC1ERKNS_9exceptionE
_ZN5vmime10exceptions16folder_not_foundC2ERKNS_9exceptionE
_ZN5vmime10exceptions16folder_not_foundD0Ev
_ZN5vmime10exceptions16folder_not_foundD1Ev
_ZN5vmime10exceptions16folder_not_foundD2Ev
_ZN5vmime10exceptions16invalid_argumentC1ERKNS_9exceptionE
_ZN5vmime10exceptions16invalid_argumentC2ERKNS_9exceptionE
_ZN5vmime10exceptions16invalid_argumentD0Ev
_ZN5vmime10exceptions16invalid_argumentD1Ev
_ZN5vmime10exceptions16invalid_argumentD2Ev
_ZN5vmime10exceptions16invalid_responseC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_RKNS_9exceptionE
_ZN5vmime10exceptions16invalid_responseC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_RKNS_9exceptionE
_ZN5vmime10exceptions16invalid_responseD0Ev
_ZN5vmime10exceptions16invalid_responseD1Ev
_ZN5vmime10exceptions16invalid_responseD2Ev
_ZN5vmime10exceptions16no_such_propertyC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions16no_such_propertyC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions16no_such_propertyD0Ev
_ZN5vmime10exceptions16no_such_propertyD1Ev
_ZN5vmime10exceptions16no_such_propertyD2Ev
_ZN5vmime10exceptions16socket_exceptionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions16socket_exceptionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions16socket_exceptionD0Ev
_ZN5vmime10exceptions16socket_exceptionD1Ev
_ZN5vmime10exceptions16socket_exceptionD2Ev
_ZN5vmime10exceptions16unfetched_objectC1ERKNS_9exceptionE
_ZN5vmime10exceptions16unfetched_objectC2ERKNS_9exceptionE
_ZN5vmime10exceptions16unfetched_objectD0Ev
_ZN5vmime10exceptions16unfetched_objectD1Ev
_ZN5vmime10exceptions16unfetched_objectD2Ev
_ZN5vmime10exceptions17already_connectedC1ERKNS_9exceptionE
_ZN5vmime10exceptions17already_connectedC2ERKNS_9exceptionE
_ZN5vmime10exceptions17already_connectedD0Ev
_ZN5vmime10exceptions17already_connectedD1Ev
_ZN5vmime10exceptions17already_connectedD2Ev
_ZN5vmime10exceptions17illegal_operationC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions17illegal_operationC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions17illegal_operationD0Ev
_ZN5vmime10exceptions17illegal_operationD1Ev
_ZN5vmime10exceptions17illegal_operationD2Ev
_ZN5vmime10exceptions17message_not_foundC1ERKNS_9exceptionE
_ZN5vmime10exceptions17message_not_foundC2ERKNS_9exceptionE
_ZN5vmime10exceptions17message_not_foundD0Ev
_ZN5vmime10exceptions17message_not_foundD1Ev
_ZN5vmime10exceptions17message_not_foundD2Ev
_ZN5vmime10exceptions17no_such_mechanismC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions17no_such_mechanismC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions17no_such_mechanismD0Ev
_ZN5vmime10exceptions17no_such_mechanismD1Ev
_ZN5vmime10exceptions17no_such_mechanismD2Ev
_ZN5vmime10exceptions18charset_conv_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions18charset_conv_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions18charset_conv_errorD0Ev
_ZN5vmime10exceptions18charset_conv_errorD1Ev
_ZN5vmime10exceptions18charset_conv_errorD2Ev
_ZN5vmime10exceptions18no_such_message_idC1ERKNS_9exceptionE
_ZN5vmime10exceptions18no_such_message_idC2ERKNS_9exceptionE
_ZN5vmime10exceptions18no_such_message_idD0Ev
_ZN5vmime10exceptions18no_such_message_idD1Ev
_ZN5vmime10exceptions18no_such_message_idD2Ev
_ZN5vmime10exceptions18unsupported_optionC1ERKNS_9exceptionE
_ZN5vmime10exceptions18unsupported_optionC2ERKNS_9exceptionE
_ZN5vmime10exceptions18unsupported_optionD0Ev
_ZN5vmime10exceptions18unsupported_optionD1Ev
_ZN5vmime10exceptions18unsupported_optionD2Ev
_ZN5vmime10exceptions19folder_already_openC1ERKNS_9exceptionE
_ZN5vmime10exceptions19folder_already_openC2ERKNS_9exceptionE
_ZN5vmime10exceptions19folder_already_openD0Ev
_ZN5vmime10exceptions19folder_already_openD1Ev
_ZN5vmime10exceptions19folder_already_openD2Ev
_ZN5vmime10exceptions19invalid_folder_nameC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions19invalid_folder_nameC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions19invalid_folder_nameD0Ev
_ZN5vmime10exceptions19invalid_folder_nameD1Ev
_ZN5vmime10exceptions19invalid_folder_nameD2Ev
_ZN5vmime10exceptions19no_auth_informationC1ERKNS_9exceptionE
_ZN5vmime10exceptions19no_auth_informationC2ERKNS_9exceptionE
_ZN5vmime10exceptions19no_auth_informationD0Ev
_ZN5vmime10exceptions19no_auth_informationD1Ev
_ZN5vmime10exceptions19no_auth_informationD2Ev
_ZN5vmime10exceptions19no_platform_handlerC1ERKNS_9exceptionE
_ZN5vmime10exceptions19no_platform_handlerC2ERKNS_9exceptionE
_ZN5vmime10exceptions19no_platform_handlerD0Ev
_ZN5vmime10exceptions19no_platform_handlerD1Ev
_ZN5vmime10exceptions19no_platform_handlerD2Ev
_ZN5vmime10exceptions19operation_cancelledC1ERKNS_9exceptionE
_ZN5vmime10exceptions19operation_cancelledC2ERKNS_9exceptionE
_ZN5vmime10exceptions19operation_cancelledD0Ev
_ZN5vmime10exceptions19operation_cancelledD1Ev
_ZN5vmime10exceptions19operation_cancelledD2Ev
_ZN5vmime10exceptions19operation_timed_outC1ERKNS_9exceptionE
_ZN5vmime10exceptions19operation_timed_outC2ERKNS_9exceptionE
_ZN5vmime10exceptions19operation_timed_outD0Ev
_ZN5vmime10exceptions19operation_timed_outD1Ev
_ZN5vmime10exceptions19operation_timed_outD2Ev
_ZN5vmime10exceptions20authentication_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions20authentication_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions20authentication_errorD0Ev
_ZN5vmime10exceptions20authentication_errorD1Ev
_ZN5vmime10exceptions20authentication_errorD2Ev
_ZN5vmime10exceptions20bad_field_value_typeC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions20bad_field_value_typeC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions20bad_field_value_typeD0Ev
_ZN5vmime10exceptions20bad_field_value_typeD1Ev
_ZN5vmime10exceptions20bad_field_value_typeD2Ev
_ZN5vmime10exceptions20filesystem_exceptionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_7utility4pathERKNS_9exceptionE
_ZN5vmime10exceptions20filesystem_exceptionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_7utility4pathERKNS_9exceptionE
_ZN5vmime10exceptions20filesystem_exceptionD0Ev
_ZN5vmime10exceptions20filesystem_exceptionD1Ev
_ZN5vmime10exceptions20filesystem_exceptionD2Ev
_ZN5vmime10exceptions20no_encoder_availableC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions20no_encoder_availableC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions20no_encoder_availableD0Ev
_ZN5vmime10exceptions20no_encoder_availableD1Ev
_ZN5vmime10exceptions20no_encoder_availableD2Ev
_ZN5vmime10exceptions20no_factory_availableC1ERKNS_9exceptionE
_ZN5vmime10exceptions20no_factory_availableC2ERKNS_9exceptionE
_ZN5vmime10exceptions20no_factory_availableD0Ev
_ZN5vmime10exceptions20no_factory_availableD1Ev
_ZN5vmime10exceptions20no_factory_availableD2Ev
_ZN5vmime10exceptions21invalid_property_typeC1ERKNS_9exceptionE
_ZN5vmime10exceptions21invalid_property_typeC2ERKNS_9exceptionE
_ZN5vmime10exceptions21invalid_property_typeD0Ev
_ZN5vmime10exceptions21invalid_property_typeD1Ev
_ZN5vmime10exceptions21invalid_property_typeD2Ev
_ZN5vmime10exceptions23operation_not_supportedC1ERKNS_9exceptionE
_ZN5vmime10exceptions23operation_not_supportedC2ERKNS_9exceptionE
_ZN5vmime10exceptions23operation_not_supportedD0Ev
_ZN5vmime10exceptions23operation_not_supportedD1Ev
_ZN5vmime10exceptions23operation_not_supportedD2Ev
_ZN5vmime10exceptions24authentication_exceptionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions24authentication_exceptionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions24authentication_exceptionD0Ev
_ZN5vmime10exceptions24authentication_exceptionD1Ev
_ZN5vmime10exceptions24authentication_exceptionD2Ev
_ZN5vmime10exceptions25connection_greeting_errorC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions25connection_greeting_errorC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions25connection_greeting_errorD0Ev
_ZN5vmime10exceptions25connection_greeting_errorD1Ev
_ZN5vmime10exceptions25connection_greeting_errorD2Ev
_ZN5vmime10exceptions27partial_fetch_not_supportedC1ERKNS_9exceptionE
_ZN5vmime10exceptions27partial_fetch_not_supportedC2ERKNS_9exceptionE
_ZN5vmime10exceptions27partial_fetch_not_supportedD0Ev
_ZN5vmime10exceptions27partial_fetch_not_supportedD1Ev
_ZN5vmime10exceptions27partial_fetch_not_supportedD2Ev
_ZN5vmime10exceptions29no_digest_algorithm_availableC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions29no_digest_algorithm_availableC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions29no_digest_algorithm_availableD0Ev
_ZN5vmime10exceptions29no_digest_algorithm_availableD1Ev
_ZN5vmime10exceptions29no_digest_algorithm_availableD2Ev
_ZN5vmime10exceptions30socket_not_connected_exceptionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions30socket_not_connected_exceptionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions30socket_not_connected_exceptionD0Ev
_ZN5vmime10exceptions30socket_not_connected_exceptionD1Ev
_ZN5vmime10exceptions30socket_not_connected_exceptionD2Ev
_ZN5vmime10exceptions33illegal_byte_sequence_for_charsetC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions33illegal_byte_sequence_for_charsetC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9exceptionE
_ZN5vmime10exceptions33illegal_byte_sequence_for_charsetD0Ev
_ZN5vmime10exceptions33illegal_byte_sequence_for_charsetD1Ev
_ZN5vmime10exceptions33illegal_byte_sequence_for_charsetD2Ev
_ZN5vmime10libversionB5cxx11Ev
_ZN5vmime10mediaTypes10IMAGE_JPEGE
_ZN5vmime10mediaTypes10TEXT_PLAINE
_ZN5vmime10mediaTypes10VIDEO_MPEGE
_ZN5vmime10mediaTypes11APPLICATIONE
_ZN5vmime10mediaTypes11AUDIO_BASICE
_ZN5vmime10mediaTypes13TEXT_ENRICHEDE
_ZN5vmime10mediaTypes13TEXT_RICHTEXTE
_ZN5vmime10mediaTypes14MESSAGE_RFC822E
_ZN5vmime10mediaTypes14TEXT_DIRECTORYE
_ZN5vmime10mediaTypes15MESSAGE_PARTIALE
_ZN5vmime10mediaTypes15MULTIPART_MIXEDE
_ZN5vmime10mediaTypes16MULTIPART_DIGESTE
_ZN5vmime10mediaTypes16MULTIPART_REPORTE
_ZN5vmime10mediaTypes17MULTIPART_RELATEDE
_ZN5vmime10mediaTypes18MULTIPART_PARALLELE
_ZN5vmime10mediaTypes19TEXT_RFC822_HEADERSE
_ZN5vmime10mediaTypes21MESSAGE_EXTERNAL_BODYE
_ZN5vmime10mediaTypes21MULTIPART_ALTERNATIVEE
_ZN5vmime10mediaTypes23MESSAGE_DELIVERY_STATUSE
_ZN5vmime10mediaTypes24APPLICATION_OCTET_STREAME
_ZN5vmime10mediaTypes32MESSAGE_DISPOSITION_NOTIFICATIONE
_ZN5vmime10mediaTypes4TEXTE
_ZN5vmime10mediaTypes5AUDIOE
_ZN5vmime10mediaTypes5IMAGEE
_ZN5vmime10mediaTypes5VIDEOE
_ZN5vmime10mediaTypes7MESSAGEE
_ZN5vmime10mediaTypes9IMAGE_GIFE
_ZN5vmime10mediaTypes9MULTIPARTE
_ZN5vmime10mediaTypes9TEXT_HTMLE
_ZN5vmime11NULL_STRINGB5cxx11E
_ZN5vmime11addressList12getAddressAtEy
_ZN5vmime11addressList13appendAddressERKSt10shared_ptrINS_7addressEE
_ZN5vmime11addressList13removeAddressERKSt10shared_ptrINS_7addressEE
_ZN5vmime11addressList13removeAddressEy
_ZN5vmime11addressList14getAddressListEv
_ZN5vmime11addressList18getChildComponentsEv
_ZN5vmime11addressList18insertAddressAfterERKSt10shared_ptrINS_7addressEES5_
_ZN5vmime11addressList18insertAddressAfterEyRKSt10shared_ptrINS_7addressEE
_ZN5vmime11addressList18removeAllAddressesEv
_ZN5vmime11addressList19insertAddressBeforeERKSt10shared_ptrINS_7addressEES5_
_ZN5vmime11addressList19insertAddressBeforeEyRKSt10shared_ptrINS_7addressEE
_ZN5vmime11addressList8copyFromERKNS_9componentE
_ZN5vmime11addressList9parseImplERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime11addressListC1ERKS0_
_ZN5vmime11addressListC1Ev
_ZN5vmime11addressListC2ERKS0_
_ZN5vmime11addressListC2Ev
_ZN5vmime11addressListD0Ev
_ZN5vmime11addressListD1Ev
_ZN5vmime11addressListD2Ev
_ZN5vmime11addressListaSERKNS_11mailboxListE
_ZN5vmime11addressListaSERKS0_
_ZN5vmime11copy_vectorISt6vectorISt10shared_ptrINS_4wordEESaIS4_EES6_EEvRKT_RT0_
_ZN5vmime11disposition11addModifierERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11disposition13setActionModeERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11disposition14removeModifierERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11disposition14setSendingModeERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11disposition18getChildComponentsEv
_ZN5vmime11disposition18removeAllModifiersEv
_ZN5vmime11disposition7setTypeERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11disposition8copyFromERKNS_9componentE
_ZN5vmime11disposition9parseImplERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime11dispositionC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_S8_S8_
_ZN5vmime11dispositionC1ERKS0_
_ZN5vmime11dispositionC1Ev
_ZN5vmime11dispositionC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_S8_S8_
_ZN5vmime11dispositionC2ERKS0_
_ZN5vmime11dispositionC2Ev
_ZN5vmime11dispositionD0Ev
_ZN5vmime11dispositionD1Ev
_ZN5vmime11dispositionaSERKS0_
_ZN5vmime11headerField13setValueConstERKSt10shared_ptrIKNS_16headerFieldValueEE
_ZN5vmime11headerField16getGeneratedSizeERKNS_17generationContextE
_ZN5vmime11headerField18getChildComponentsEv
_ZN5vmime11headerField7setNameERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11headerField8copyFromERKNS_9componentE
_ZN5vmime11headerField8getValueEv
_ZN5vmime11headerField8setValueERKNS_16headerFieldValueE
_ZN5vmime11headerField8setValueERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11headerField8setValueERKSt10shared_ptrINS_16headerFieldValueEE
_ZN5vmime11headerField9parseImplERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime11headerField9parseNextERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime11headerFieldC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11headerFieldC1Ev
_ZN5vmime11headerFieldC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11headerFieldC2Ev
_ZN5vmime11headerFieldD0Ev
_ZN5vmime11headerFieldD1Ev
_ZN5vmime11headerFieldD2Ev
_ZN5vmime11headerFieldaSERKS0_
_ZN5vmime11mailboxList12getMailboxAtEy
_ZN5vmime11mailboxList13appendMailboxERKSt10shared_ptrINS_7mailboxEE
_ZN5vmime11mailboxList13removeMailboxERKSt10shared_ptrINS_7mailboxEE
_ZN5vmime11mailboxList13removeMailboxEy
_ZN5vmime11mailboxList14getMailboxListEv
_ZN5vmime11mailboxList18getChildComponentsEv
_ZN5vmime11mailboxList18insertMailboxAfterERKSt10shared_ptrINS_7mailboxEES5_
_ZN5vmime11mailboxList18insertMailboxAfterEyRKSt10shared_ptrINS_7mailboxEE
_ZN5vmime11mailboxList18removeAllMailboxesEv
_ZN5vmime11mailboxList19insertMailboxBeforeERKSt10shared_ptrINS_7mailboxEES5_
_ZN5vmime11mailboxList19insertMailboxBeforeEyRKSt10shared_ptrINS_7mailboxEE
_ZN5vmime11mailboxList8copyFromERKNS_9componentE
_ZN5vmime11mailboxList9parseImplERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime11mailboxListC1ERKS0_
_ZN5vmime11mailboxListC1Ev
_ZN5vmime11mailboxListC2ERKS0_
_ZN5vmime11mailboxListC2Ev
_ZN5vmime11mailboxListD0Ev
_ZN5vmime11mailboxListD1Ev
_ZN5vmime11mailboxListaSERKS0_
_ZN5vmime11noncopyableD0Ev
_ZN5vmime11noncopyableD1Ev
_ZN5vmime11propertySet12findOrCreateERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet13setFromStringERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet13valueToStringINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEES7_RKT_
_ZN5vmime11propertySet13valueToStringIbEENSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKT_
_ZN5vmime11propertySet14removePropertyERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet15getPropertyListEv
_ZN5vmime11propertySet15valueFromStringINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEET_RKS7_
_ZN5vmime11propertySet15valueFromStringIbEET_RKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet19removeAllPropertiesEv
_ZN5vmime11propertySet5parseERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet8property8setValueERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet8property8setValueINSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEEEvRKT_
_ZN5vmime11propertySet8property8setValueIbEEvRKT_
_ZN5vmime11propertySet8propertyC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet8propertyC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
_ZN5vmime11propertySet8propertyC1ERKS1_
_ZN5vmime11propertySet8propertyC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySet8propertyC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES9_
_ZN5vmime11propertySet8propertyC2ERKS1_
_ZN5vmime11propertySet8propertyD0Ev
_ZN5vmime11propertySet8propertyD1Ev
_ZN5vmime11propertySetC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySetC1ERKS0_
_ZN5vmime11propertySetC1Ev
_ZN5vmime11propertySetC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11propertySetC2ERKS0_
_ZN5vmime11propertySetC2Ev
_ZN5vmime11propertySetD0Ev
_ZN5vmime11propertySetD1Ev
_ZN5vmime11propertySetD2Ev
_ZN5vmime11propertySetaSERKS0_
_ZN5vmime11propertySetixERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime11wordEncoder12getNextChunkB5cxx11Ey
_ZN5vmime11wordEncoder16isEncodingNeededERKNS_17generationContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_7charsetESB_
_ZN5vmime11wordEncoder17guessBestEncodingERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_7charsetE
_ZN5vmime11wordEncoderC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_7charsetENS0_8EncodingE
_ZN5vmime11wordEncoderC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_7charsetENS0_8EncodingE
_ZN5vmime11wordEncoderD1Ev
_ZN5vmime12emailAddress12setLocalNameERKNS_4wordE
_ZN5vmime12emailAddress13setDomainNameERKNS_4wordE
_ZN5vmime12emailAddress18getChildComponentsEv
_ZN5vmime12emailAddress8copyFromERKNS_9componentE
_ZN5vmime12emailAddress9parseImplERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime12emailAddressC1EPKc
_ZN5vmime12emailAddressC1ERKNS_4wordES3_
_ZN5vmime12emailAddressC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime12emailAddressC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_
_ZN5vmime12emailAddressC1ERKS0_
_ZN5vmime12emailAddressC1Ev
_ZN5vmime12emailAddressC2EPKc
_ZN5vmime12emailAddressC2ERKNS_4wordES3_
_ZN5vmime12emailAddressC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime12emailAddressC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEES8_
_ZN5vmime12emailAddressC2ERKS0_
_ZN5vmime12emailAddressC2Ev
_ZN5vmime12emailAddressD0Ev
_ZN5vmime12emailAddressD1Ev
_ZN5vmime12emailAddressaSERKS0_
_ZN5vmime12htmlTextPart10setCharsetERKNS_7charsetE
_ZN5vmime12htmlTextPart12setPlainTextERKSt10shared_ptrINS_14contentHandlerEE
_ZN5vmime12htmlTextPart14embeddedObject7cleanIdERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime12htmlTextPart14embeddedObjectC1ERKSt10shared_ptrINS_14contentHandlerEERKNS_8encodingERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9mediaTypeENS1_13ReferenceTypeE
_ZN5vmime12htmlTextPart14embeddedObjectC2ERKSt10shared_ptrINS_14contentHandlerEERKNS_8encodingERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9mediaTypeENS1_13ReferenceTypeE
_ZN5vmime12htmlTextPart14embeddedObjectD0Ev
_ZN5vmime12htmlTextPart14embeddedObjectD1Ev
_ZN5vmime12htmlTextPart17addEmbeddedObjectERKNS_8bodyPartERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEENS0_14embeddedObject13ReferenceTypeE
_ZN5vmime12htmlTextPart17findEmbeddedPartsERKNS_8bodyPartERSt6vectorISt10shared_ptrIS2_ESaIS6_EES9_
_ZN5vmime12htmlTextPart17findPlainTextPartERKNS_8bodyPartES3_S3_
_ZN5vmime12htmlTextPart5parseERKSt10shared_ptrIKNS_8bodyPartEES6_S6_
_ZN5vmime12htmlTextPart7setTextERKSt10shared_ptrINS_14contentHandlerEE
_ZN5vmime12htmlTextPart9addObjectERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEERKNS_9mediaTypeE
_ZN5vmime12htmlTextPart9addObjectERKSt10shared_ptrINS_14contentHandlerEERKNS_8encodingERKNS_9mediaTypeE
_ZN5vmime12htmlTextPart9addObjectERKSt10shared_ptrINS_14contentHandlerEERKNS_9mediaTypeE
_ZN5vmime12htmlTextPartC1Ev
_ZN5vmime12htmlTextPartC2Ev
_ZN5vmime12htmlTextPartD0Ev
_ZN5vmime12htmlTextPartD1Ev
_ZN5vmime12htmlTextPartD2Ev
_ZN5vmime12mailboxField5parseERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime12mailboxFieldC1ERKS0_
_ZN5vmime12mailboxFieldC1Ev
_ZN5vmime12mailboxFieldC2ERKS0_
_ZN5vmime12mailboxFieldC2Ev
_ZN5vmime12mailboxFieldD0Ev
_ZN5vmime12mailboxFieldD1Ev
_ZN5vmime12mailboxGroup12getMailboxAtEy
_ZN5vmime12mailboxGroup13appendMailboxERKSt10shared_ptrINS_7mailboxEE
_ZN5vmime12mailboxGroup13removeMailboxERKSt10shared_ptrINS_7mailboxEE
_ZN5vmime12mailboxGroup13removeMailboxEy
_ZN5vmime12mailboxGroup14getMailboxListEv
_ZN5vmime12mailboxGroup18getChildComponentsEv
_ZN5vmime12mailboxGroup18insertMailboxAfterERKSt10shared_ptrINS_7mailboxEES5_
_ZN5vmime12mailboxGroup18insertMailboxAfterEyRKSt10shared_ptrINS_7mailboxEE
_ZN5vmime12mailboxGroup18removeAllMailboxesEv
_ZN5vmime12mailboxGroup19insertMailboxBeforeERKSt10shared_ptrINS_7mailboxEES5_
_ZN5vmime12mailboxGroup19insertMailboxBeforeEyRKSt10shared_ptrINS_7mailboxEE
_ZN5vmime12mailboxGroup7setNameERKNS_4textE
_ZN5vmime12mailboxGroup8copyFromERKNS_9componentE
_ZN5vmime12mailboxGroup9parseImplERKNS_14parsingContextERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEEyyPy
_ZN5vmime12mailboxGroupC1ERKNS_4textE
_ZN5vmime12mailboxGroupC1ERKS0_
_ZN5vmime12mailboxGroupC1Ev
_ZN5vmime12mailboxGroupC2ERKNS_4textE
_ZN5vmime12mailboxGroupC2ERKS0_
_ZN5vmime12mailboxGroupC2Ev
_ZN5vmime12mailboxGroupD0Ev
_ZN5vmime12mailboxGroupD1Ev
_ZN5vmime12mailboxGroupD2Ev
_ZN5vmime12mailboxGroupaSERKNS_9componentE
_ZN5vmime13encodingTypes16QUOTED_PRINTABLEE
_ZN5vmime13encodingTypes6BASE64E
_ZN5vmime13encodingTypes6BINARYE
_ZN5vmime13encodingTypes8UUENCODEE
_ZN5vmime13encodingTypes9EIGHT_BITE
_ZN5vmime13encodingTypes9SEVEN_BITE
_ZN5vmime13messageParser13findTextPartsERKSt10shared_ptrIKNS_8bodyPartEES6_
_ZN5vmime13messageParser15findAttachmentsERKSt10shared_ptrIKNS_7messageEE
_ZN5vmime13messageParser16findSubTextPartsERKSt10shared_ptrIKNS_8bodyPartEES6_
_ZN5vmime13messageParser5parseERKSt10shared_ptrIKNS_7messageEE
_ZN5vmime13messageParserC1ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime13messageParserC1ERKSt10shared_ptrIKNS_7messageEE
_ZN5vmime13messageParserC2ERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime13messageParserC2ERKSt10shared_ptrIKNS_7messageEE
_ZN5vmime13messageParserD1Ev
_ZN5vmime13messageParserD2Ev
_ZN5vmime13plainTextPart10setCharsetERKNS_7charsetE
_ZN5vmime13plainTextPart5parseERKSt10shared_ptrIKNS_8bodyPartEES6_S6_
_ZN5vmime13plainTextPart7setTextERKSt10shared_ptrINS_14contentHandlerEE
_ZN5vmime13plainTextPartC1Ev
_ZN5vmime13plainTextPartC2Ev
_ZN5vmime13plainTextPartD0Ev
_ZN5vmime13plainTextPartD1Ev
_ZN5vmime13plainTextPartD2Ev
_ZN5vmime14contentHandler11NO_ENCODINGE
_ZN5vmime14contentHandlerD0Ev
_ZN5vmime14contentHandlerD1Ev
_ZN5vmime14contentHandlerD2Ev
_ZN5vmime14fileAttachment11getFileInfoEv
_ZN5vmime14fileAttachment7setDataERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime14fileAttachment7setDataERKSt10shared_ptrINS_14contentHandlerEE
_ZN5vmime14fileAttachment8fileInfo11setFilenameERKNS_4wordE
_ZN5vmime14fileAttachment8fileInfo11setFilenameERKNSt7__cxx1112basic_stringIcSt11char_traitsIcESaIcEEE
_ZN5vmime14fileAttachment8fileInfo11setReadDateERKNS_8datetimeE
_ZN5vmime14fileAttachment8fileInfo15setCreationDateERKNS_8datetimeE
_ZN5vmime14fileAttachment8fileInfo19setModificationDateERKNS_8datetimeE
_ZN5vmime14fileAttachment8fileInfo7setSizeEy

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 524KB - Virtual size: 524KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
msvcrt.dll
.dll windows:10 windows x64 arch:x64

aff8cf12a2b8466dbcfc42ebf371249e

Code Sign

33:00:00:06:b8:50:40:1d:a7:12:d7:e1:1e:00:00:00:00:06:b8
Certificate

Issuer

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13/07/2023, 22:37

Not After

15/09/2024, 22:37

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Development Root Certificate Authority 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/05/2014, 17:33

Not After

28/05/2029, 17:43

Subject

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:54:b6:52:62:20:40:c8:ec:5a:37:f9:e6:6b:e9:77:de:a7:d5:78:4c:8f:f0:d6:1d:3d:45:f4:3c:fd:c9:b2
Signer

Actual PE Digest

d3:54:b6:52:62:20:40:c8:ec:5a:37:f9:e6:6b:e9:77:de:a7:d5:78:4c:8f:f0:d6:1d:3d:45:f4:3c:fd:c9:b2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

msvcrt.pdb

Imports

ntdll

RtlLookupFunctionEntry
RtlUnwind
RtlVirtualUnwind
RtlCaptureContext
RtlUnwindEx
RtlPcToFileHeader

api-ms-win-core-console-l1-1-0

ReadConsoleInputA
ReadConsoleInputW
SetConsoleCtrlHandler
GetConsoleMode
SetConsoleMode
ReadConsoleW
WriteConsoleW
GetNumberOfConsoleInputEvents
GetConsoleCP

api-ms-win-core-console-l1-2-0

PeekConsoleInputA

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW
GetTimeFormatA
GetDateFormatA
GetDateFormatW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringA

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
GetLastError
SetErrorMode
RaiseException

api-ms-win-core-fibers-l1-1-0

FlsFree
FlsSetValue
FlsAlloc
FlsGetValue

api-ms-win-core-file-l1-1-0

LocalFileTimeToFileTime
SetFileTime
ReadFile
FileTimeToLocalFileTime
FindClose
FindFirstFileA
FindNextFileA
GetDiskFreeSpaceW
GetLogicalDrives
FindFirstFileW
FindNextFileW
GetFileAttributesA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
CreateFileW
SetFileInformationByHandle
RemoveDirectoryW
GetDriveTypeW
CreateFileA
GetFileType
SetEndOfFile
FlushFileBuffers
GetFileInformationByHandle
LockFile
UnlockFile
SetFilePointer
WriteFile

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
HeapCreate
HeapDestroy
HeapSetInformation
HeapValidate
HeapCompact
HeapWalk

api-ms-win-core-localization-l1-2-0

GetCPInfo
GetLocaleInfoA
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesA
GetOEMCP
GetACP
IsValidCodePage
GetLocaleInfoW
LCMapStringW

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
GetModuleFileNameA
GetModuleHandleW
GetProcAddress
FreeLibrary
LoadLibraryExW
GetModuleFileNameW

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualProtect
VirtualQuery

api-ms-win-core-namedpipe-l1-1-0

PeekNamedPipe
CreatePipe

api-ms-win-core-processenvironment-l1-1-0

SetCurrentDirectoryA
GetCommandLineW
FreeEnvironmentStringsW
GetCommandLineA
SetEnvironmentVariableA
GetEnvironmentStringsW
GetCurrentDirectoryA
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetStdHandle
SetStdHandle

api-ms-win-core-processthreads-l1-1-0

CreateThread
ResumeThread
CreateProcessW
ExitProcess
GetCurrentProcessId
GetExitCodeProcess
CreateProcessA
ExitThread
SetThreadStackGuarantee
GetStartupInfoW
GetCurrentProcess
GetCurrentThreadId
TerminateProcess
GetCurrentThread

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-string-l1-1-0

GetStringTypeW
WideCharToMultiByte
CompareStringW
MultiByteToWideChar

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
WaitForSingleObject
InitializeCriticalSectionAndSpinCount

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-sysinfo-l1-1-0

GetVersionExW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetLocalTime
SetLocalTime

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer
Beep

kernelbase

GetTimeZoneInformation
SystemTimeToFileTime
FileTimeToSystemTime

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

Exports

Exports

??0__non_rtti_object@@QEAA@AEBV0@@Z
??0__non_rtti_object@@QEAA@PEBD@Z
??0bad_cast@@AAE@PBQBD@Z
??0bad_cast@@AEAA@PEBQEBD@Z
??0bad_cast@@QAE@ABQBD@Z
??0bad_cast@@QEAA@AEBQEBD@Z
??0bad_cast@@QEAA@AEBV0@@Z
??0bad_cast@@QEAA@PEBD@Z
??0bad_typeid@@QEAA@AEBV0@@Z
??0bad_typeid@@QEAA@PEBD@Z
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1__non_rtti_object@@UEAA@XZ
??1bad_cast@@UEAA@XZ
??1bad_typeid@@UEAA@XZ
??1exception@@UEAA@XZ
??1type_info@@UEAA@XZ
??2@YAPEAX_K@Z
??2@YAPEAX_KHPEBDH@Z
??3@YAXPEAX@Z
??4__non_rtti_object@@QEAAAEAV0@AEBV0@@Z
??4bad_cast@@QEAAAEAV0@AEBV0@@Z
??4bad_typeid@@QEAAAEAV0@AEBV0@@Z
??4exception@@QEAAAEAV0@AEBV0@@Z
??8type_info@@QEBAHAEBV0@@Z
??9type_info@@QEBAHAEBV0@@Z
??_7__non_rtti_object@@6B@
??_7bad_cast@@6B@
??_7bad_typeid@@6B@
??_7exception@@6B@
??_Fbad_cast@@QEAAXXZ
??_Fbad_typeid@@QEAAXXZ
??_U@YAPEAX_K@Z
??_U@YAPEAX_KHPEBDH@Z
??_V@YAXPEAX@Z
?_Doraise@bad_cast@@MEBAXXZ
?_Doraise@bad_typeid@@MEBAXXZ
?_inconsistency@@YAXXZ
?_is_exception_typeof@@YAHAEBVtype_info@@PEAU_EXCEPTION_POINTERS@@@Z
?_query_new_handler@@YAP6AH_K@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AH_K@ZP6AH0@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPEAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?before@type_info@@QEBAHAEBV1@@Z
?name@type_info@@QEBAPEBDPEAU__type_info_node@@@Z
?name@type_info@@QEBAPEBDXZ
?raw_name@type_info@@QEBAPEBDXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?terminate@@YAXXZ
?unexpected@@YAXXZ
?what@exception@@UEBAPEBDXZ
_CrtCheckMemory
_CrtDbgBreak
_CrtDbgReport
_CrtDbgReportV
_CrtDbgReportW
_CrtDbgReportWV
_CrtDoForAllClientObjects
_CrtDumpMemoryLeaks
_CrtIsMemoryBlock
_CrtIsValidHeapPointer
_CrtIsValidPointer
_CrtMemCheckpoint
_CrtMemDifference
_CrtMemDumpAllObjectsSince
_CrtMemDumpStatistics
_CrtReportBlockType
_CrtSetAllocHook
_CrtSetBreakAlloc
_CrtSetDbgBlockType
_CrtSetDbgFlag
_CrtSetDumpClient
_CrtSetReportFile
_CrtSetReportHook
_CrtSetReportHook2
_CrtSetReportMode
_CxxThrowException
_Getdays
_Getmonths
_Gettnames
_HUGE
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__CppXcptFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxFrameHandler4
__DestructExceptionObject
__ExceptionPtrAssign
__ExceptionPtrCompare
__ExceptionPtrCopy
__ExceptionPtrCopyException
__ExceptionPtrCreate
__ExceptionPtrCurrentException
__ExceptionPtrDestroy
__ExceptionPtrRethrow
__ExceptionPtrSwap
__ExceptionPtrToBool
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv_init
__mb_cur_max
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__set_app_type
__setlc_active
__setusermatherr
__strncnt
__threadhandle
__threadid
__toascii
__unDName
__unDNameEx
__uncaught_exception
__unguarded_readlc_active
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abs64
_access
_access_s
_acmdln
_aexit_rtn
_aligned_free
_aligned_free_dbg
_aligned_malloc
_aligned_malloc_dbg
_aligned_offset_malloc
_aligned_offset_malloc_dbg
_aligned_offset_realloc
_aligned_offset_realloc_dbg
_aligned_realloc
_aligned_realloc_dbg
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_c_exit
_cabs
_callnewh
_calloc_dbg
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chgsignf
_chmod
_chsize
_chsize_s
_chvalidator
_chvalidator_l
_clearfp
_close
_commit
_commode
_control87
_controlfp
_controlfp_s
_copysign
_copysignf
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crtAssertBusy
_crtBreakAlloc
_crtDbgFlag
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_ctype
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_difftime32
_difftime64
_dstbias
_dup
_dup2
_ecvt
_ecvt_s
_endthread
_endthreadex
_environ
_eof
_errno
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_expand_dbg
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fgetchar
_fgetwchar
_filbuf
_fileinfo
_filelength
_filelengthi64
_fileno
_findclose
_findfirst
_findfirst64
_findfirsti64
_findnext
_findnext64
_findnexti64
_finite
_finitef
_flsbuf
_flushall
_fmode
_fpclass
_fpclassf
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwchar
_free_dbg
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseeki64
_fsopen
_fstat
_fstat64
_fstati64
_ftime
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_fullpath
_fullpath_dbg
_futime
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_current_locale
_get_doserrno
_get_environ
_get_errno
_get_fileinfo
_get_fmode
_get_heap_handle
_get_osfhandle
_get_osplatform
_get_osver
_get_output_format
_get_pgmptr
_get_sbh_threshold
_get_terminate
_get_unexpected
_get_wenviron
_get_winmajor
_get_winminor
_get_winver
_get_wpgmptr
_getch
_getche
_getcwd
_getdcwd
_getdiskfree
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getsystime
_getw
_getwch
_getwche
_getws
_gmtime32
_gmtime32_s
_gmtime64
_gmtime64_s
_heapchk
_heapmin
_heapset
_heapwalk
_hypot
_hypotf
_i64toa
_i64toa_s
_i64tow
_i64tow_s
_initterm
_initterm_e
_invalid_parameter
_iob
_isalnum_l
_isalpha_l
_isatty
_iscntrl_l
_isctype
_isctype_l
_isdigit_l
_isgraph_l
_isleadbyte_l
_islower_l
_ismbbalnum
_ismbbalnum_l
_ismbbalpha
_ismbbalpha_l
_ismbbgraph
_ismbbgraph_l
_ismbbkalnum
_ismbbkalnum_l
_ismbbkana
_ismbbkana_l
_ismbbkprint
_ismbbkprint_l
_ismbbkpunct
_ismbbkpunct_l
_ismbblead
_ismbblead_l
_ismbbprint
_ismbbprint_l
_ismbbpunct
_ismbbpunct_l
_ismbbtrail
_ismbbtrail_l
_ismbcalnum
_ismbcalnum_l
_ismbcalpha
_ismbcalpha_l
_ismbcdigit
_ismbcdigit_l
_ismbcgraph
_ismbcgraph_l
_ismbchira
_ismbchira_l
_ismbckata
_ismbckata_l
_ismbcl0
_ismbcl0_l
_ismbcl1
_ismbcl1_l
_ismbcl2
_ismbcl2_l
_ismbclegal
_ismbclegal_l
_ismbclower
_ismbclower_l
_ismbcprint
_ismbcprint_l
_ismbcpunct
_ismbcpunct_l
_ismbcspace
_ismbcspace_l
_ismbcsymbol
_ismbcsymbol_l
_ismbcupper
_ismbcupper_l
_ismbslead
_ismbslead_l
_ismbstrail
_ismbstrail_l
_isnan
_isnanf
_isprint_l
_isspace_l
_isupper_l
_iswalnum_l
_iswalpha_l
_iswcntrl_l
_iswctype_l
_iswdigit_l
_iswgraph_l
_iswlower_l
_iswprint_l
_iswpunct_l
_iswspace_l
_iswupper_l
_iswxdigit_l
_isxdigit_l
_itoa
_itoa_s
_itow
_itow_s
_j0
_j1
_jn
_kbhit
_lfind
_lfind_s
_local_unwind
_localtime32
_localtime32_s
_localtime64
_localtime64_s
_lock

Sections

.text
Size: 492KB - Virtual size: 489KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

fothk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
shell32.dll
.dll regsvr32 windows:10 windows x64 arch:x64

bab8663acb22205e4eff0934a46ab44b

Code Sign

33:00:00:06:ad:ac:dd:3c:98:83:5e:29:49:00:00:00:00:06:ad
Certificate

Issuer

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13/07/2023, 22:37

Not After

15/09/2024, 22:37

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Development Root Certificate Authority 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/05/2014, 17:33

Not After

28/05/2029, 17:43

Subject

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

da:5c:ae:d2:f2:a2:2d:35:e9:ca:2b:6f:f3:6d:21:13:6b:97:63:35:b2:26:1b:26:af:d5:33:7c:cc:f4:dc:31
Signer

Actual PE Digest

da:5c:ae:d2:f2:a2:2d:35:e9:ca:2b:6f:f3:6d:21:13:6b:97:63:35:b2:26:1b:26:af:d5:33:7c:cc:f4:dc:31

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

shell32.pdb

Imports

msvcp_win

?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
?rdbuf@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_streambuf@GU?$char_traits@G@std@@@2@XZ
?fill@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAGXZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
?tellp@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?width@ios_base@std@@QEAA_J_J@Z
?width@ios_base@std@@QEBA_JXZ
?flags@ios_base@std@@QEBAHXZ
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
?tie@?$basic_ios@GU?$char_traits@G@std@@@std@@QEBAPEAV?$basic_ostream@GU?$char_traits@G@std@@@2@XZ
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?epptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setg@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG00@Z
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
?egptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?pptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?gptr@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?eback@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?setp@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXPEAG0@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
?pbase@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEBAPEAGXZ
?sputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAA_JPEBG_J@Z
?uncaught_exception@std@@YA_NXZ
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Xbad_function_call@std@@YAXXZ
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD0@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?peek@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
_Thrd_yield
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?good@ios_base@std@@QEBA_NXZ
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z

api-ms-win-crt-string-l1-1-0

wcscspn
wcsncmp
strncmp
wcsspn
memset
wcspbrk
wcscmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o_isalpha
_o_isdigit
_o_iswspace
_o_log
_o_logf
_o_malloc
_o_pow
_o_qsort
_o_rand
_o_realloc
_o_sqrt
_o_sqrtf
_o_srand
_o_strncpy_s
_o_strtol
_o_terminate
_o_towlower
_o_wcscat_s
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstok_s
_o_wcstol
_o_wcstoul
memmove
strchr
wcsrchr
__CxxFrameHandler3
__current_exception
__current_exception_context
_o_ceilf
_o_ceil
_o_calloc
_o_abort
_o__wtoi
_o__wcstoui64
_o__wcsnicmp
_o__wcslwr
_o__wcsicmp
_o__ui64tow_s
_o_free
_o__strnicmp
_o__set_errno
_o__seh_filter_dll
_o__resetstkoflw
_o__register_onexit_function
_o__purecall
_o__itow
_o_floorf
_o_floor
_o_expf
_o__invalid_parameter_noinfo_noreturn
_o__invalid_parameter_noinfo
_o__initialize_onexit_table
_o__initialize_narrow_environment
_o__get_errno
_o__execute_onexit_table
_o__errno
_o__difftime64
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf_s
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
wcschr
wcsstr
__C_specific_handler
_o_powf
_CxxThrowException
memcmp
memcpy

api-ms-win-core-heap-l2-1-0

GlobalAlloc
LocalAlloc
LocalReAlloc
GlobalFree
LocalFree

api-ms-win-core-registry-l1-1-0

RegNotifyChangeKeyValue
RegGetValueW
RegSetValueExW
RegDeleteKeyExW
RegQueryValueExW
RegOpenCurrentUser
RegQueryValueExA
RegEnumKeyExW
RegCreateKeyExW
RegQueryInfoKeyA
RegOpenKeyExA
RegDeleteTreeW
RegEnumValueW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegGetKeySecurity

api-ms-win-core-libraryloader-l1-2-0

LockResource
FreeResource
GetModuleHandleExA
LoadLibraryExA
LoadResource
GetModuleHandleExW
GetModuleFileNameW
LoadStringW
LoadStringA
GetModuleFileNameA
LoadLibraryExW
EnumResourceNamesExW
SizeofResource
GetProcAddress
FindStringOrdinal
FreeLibrary
GetModuleHandleW
DisableThreadLibraryCalls
FindResourceExW

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetSystemTime
GetSystemInfo
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetVersionExW
GetSystemDirectoryW
GetWindowsDirectoryW
GlobalMemoryStatusEx
GetLocalTime
GetTickCount
GetComputerNameExW

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
UnmapViewOfFile
VirtualQuery
OpenFileMappingW
VirtualProtect
MapViewOfFile
VirtualFree
WriteProcessMemory
ReadProcessMemory
VirtualAlloc

api-ms-win-core-file-l1-1-0

FindFirstFileExW
GetFullPathNameW
GetShortPathNameW
GetTempFileNameW
GetLongPathNameW
GetFileInformationByHandle
GetFileSize
ReadFile
DefineDosDeviceW
CompareFileTime
FindFirstVolumeW
FindNextFileW
SetFileTime
FindNextVolumeW
CreateFileW
GetFileSizeEx
QueryDosDeviceW
FindVolumeClose
WriteFile
RemoveDirectoryW
SetFileAttributesW
DeleteFileW
SetFilePointerEx
FlushFileBuffers
GetDriveTypeW
SetEndOfFile
GetVolumePathNameW
FindFirstFileW
GetDiskFreeSpaceExW
SetFileInformationByHandle
GetFinalPathNameByHandleW
CreateDirectoryW
GetDiskFreeSpaceW
GetLogicalDrives
GetVolumeInformationW
LocalFileTimeToFileTime
GetFileAttributesExW
FindClose
FileTimeToLocalFileTime
SetFilePointer
GetFileAttributesW

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-libraryloader-l1-2-1

FindResourceW
LoadLibraryW

api-ms-win-core-string-l1-1-0

CompareStringEx
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
CompareStringOrdinal
GetStringTypeExW
CompareStringW

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
EnterCriticalSection
CreateSemaphoreExW
LeaveCriticalSection
InitializeCriticalSection
OpenSemaphoreW
ReleaseSRWLockShared
DeleteCriticalSection
SetEvent
WaitForSingleObjectEx
ReleaseMutex
OpenMutexW
TryAcquireSRWLockShared
TryAcquireSRWLockExclusive
InitializeCriticalSectionEx
AcquireSRWLockExclusive
OpenEventW
ResetEvent
CreateEventExW
AcquireSRWLockShared
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
InitializeSRWLock
CreateMutexW
ReleaseSRWLockExclusive
WaitForSingleObject
WaitForMultipleObjectsEx
CreateEventW
CreateMutexExW

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
RaiseException
SetLastError
GetLastError
SetUnhandledExceptionFilter
SetErrorMode

api-ms-win-core-processthreads-l1-1-0

CreateThread
TlsSetValue
ProcessIdToSessionId
TlsFree
TlsAlloc
GetCurrentProcessId
GetCurrentThread
OpenThread
GetCurrentThreadId
OpenThreadToken
OpenProcessToken
CreateProcessW
ResumeThread
GetThreadPriority
GetProcessId
SetThreadPriority
SetPriorityClass
UpdateProcThreadAttribute
SetThreadToken
GetCurrentProcess
GetThreadId
InitializeProcThreadAttributeList
GetExitCodeThread
DeleteProcThreadAttributeList
CreateProcessAsUserW
GetExitCodeProcess
ExitProcess
TlsGetValue
TerminateProcess

api-ms-win-core-string-l2-1-0

CharLowerW
CharLowerBuffW
CharUpperBuffW
CharPrevW
IsCharAlphaW
CharNextW
CharUpperW

api-ms-win-core-file-l2-1-0

MoveFileExW
ReplaceFileW
CreateHardLinkW
CopyFile2
GetFileInformationByHandleEx

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsA
SetEnvironmentVariableW
GetCommandLineW
GetCurrentDirectoryW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
SearchPathW
SetCurrentDirectoryW

api-ms-win-security-base-l1-1-0

DeleteAce
IsWellKnownSid
DuplicateTokenEx
FreeSid
ImpersonateSelf
RevertToSelf
GetSidIdentifierAuthority
GetSecurityDescriptorGroup
GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSidSubAuthorityCount
GetSidLengthRequired
InitializeSid
GetSidSubAuthority
GetSecurityDescriptorControl
DuplicateToken
SetFileSecurityW
SetSecurityDescriptorOwner
AllocateAndInitializeSid
AddAccessDeniedAceEx
InitializeAcl
AddAccessAllowedAceEx
AddAce
GetAce
GetAclInformation
CopySid
GetLengthSid
IsValidSid
AccessCheck
GetFileSecurityW
CheckTokenMembership
CreateWellKnownSid
EqualSid
GetTokenInformation
SetTokenInformation
GetSecurityDescriptorOwner
AdjustTokenPrivileges

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceExecuteOnce
Sleep
InitOnceComplete

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapReAlloc
HeapDestroy
HeapFree
HeapAlloc

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
SetThreadpoolTimer
CloseThreadpoolWork
WaitForThreadpoolTimerCallbacks
CreateThreadpoolWait
SetThreadpoolWait
CreateThreadpoolTimer
WaitForThreadpoolWaitCallbacks
CreateThreadpoolWork
SubmitThreadpoolWork
TrySubmitThreadpoolCallback
CloseThreadpoolWait

api-ms-win-core-localization-l1-2-0

LCMapStringW
GetUserDefaultLangID
IsValidLocaleName
GetLocaleInfoW
FormatMessageW
GetSystemDefaultLangID
GetThreadLocale
GetSystemDefaultLCID
GetCPInfo
ResolveLocaleName
FindNLSString
GetThreadUILanguage
VerLanguageNameW
GetSystemPreferredUILanguages
IsDBCSLeadByte
GetLocaleInfoEx
LocaleNameToLCID
GetUserPreferredUILanguages
GetACP
GetUserDefaultLCID
FindNLSStringEx
LCMapStringEx

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformationForYear
TzSpecificLocalTimeToSystemTime
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
FileTimeToSystemTime

api-ms-win-core-psapi-l1-1-0

K32GetProcessImageFileNameW
QueryFullProcessImageNameW
K32GetModuleFileNameExW

api-ms-win-core-path-l1-1-0

PathCchAppendEx
PathCchCombineEx
PathCchRemoveExtension
PathAllocCanonicalize
PathCchAddBackslash
PathCchAppend
PathCchStripToRoot
PathCchSkipRoot
PathCchStripPrefix
PathCchCombine
PathCchAddExtension
PathAllocCombine
PathCchCanonicalize
PathCchRenameExtension
PathIsUNCEx
PathCchRemoveFileSpec
PathCchAddBackslashEx
PathCchRemoveBackslash

api-ms-win-core-file-l1-2-0

GetTempPathW
GetVolumePathNamesForVolumeNameW
GetVolumeNameForVolumeMountPointW

api-ms-win-core-io-l1-1-0

CreateIoCompletionPort
GetQueuedCompletionStatus
DeviceIoControl
CancelIoEx
GetOverlappedResult

api-ms-win-core-datetime-l1-1-0

GetDateFormatW

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask
GetSystemTimePreciseAsFileTime
GetNativeSystemInfo
GetProductInfo

api-ms-win-core-string-l2-1-1

SHLoadIndirectString

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW

api-ms-win-core-file-l2-1-2

CopyFileW

api-ms-win-core-file-l1-2-1

GetCompressedFileSizeW

api-ms-win-core-file-l1-2-4

GetTempPath2W

api-ms-win-core-wow64-l1-1-0

Wow64RevertWow64FsRedirection
Wow64DisableWow64FsRedirection

api-ms-win-core-wow64-l1-1-1

Wow64SetThreadDefaultGuestMachine
IsWow64Process2
GetSystemWow64DirectoryW

api-ms-win-core-localization-l1-2-2

LCIDToLocaleName

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent
FlushInstructionCache

api-ms-win-core-realtime-l1-1-0

QueryUnbiasedInterruptTime

api-ms-win-core-localization-l2-1-0

GetNumberFormatEx

api-ms-win-core-io-l1-1-1

CancelSynchronousIo

api-ms-win-core-version-l1-1-0

GetFileVersionInfoSizeExW
GetFileVersionInfoExW
VerQueryValueW

api-ms-win-core-sysinfo-l1-2-3

GetIntegratedDisplaySize

api-ms-win-core-memory-l1-1-1

PrefetchVirtualMemory

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventSetInformation
EventActivityIdControl
EventWriteTransfer

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
UnregisterTraceGuids
GetTraceEnableFlags
RegisterTraceGuidsW
GetTraceEnableLevel

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrCmpNIW
StrCmpNIA
StrCmpNA
StrChrW
StrChrIW
StrCmpNCW
StrDupA
StrToIntA
StrCmpNW
StrCmpW
StrRChrA
StrRChrIA
StrSpnW
StrRChrIW
StrCSpnW
StrTrimW
StrRChrW
StrCmpLogicalW
StrRStrIA
StrRStrIW
StrChrIA
StrStrA
StrDupW
StrChrA
StrStrIA
StrToIntW
StrStrIW
StrCmpNICW
StrToIntExW
StrCmpIW
StrCmpICA
QISearch
StrCmpCW
StrStrW
StrCmpICW
StrPBrkW

api-ms-win-core-string-obsolete-l1-1-0

lstrlenA
lstrcmpiW
lstrlenW
lstrcmpA
lstrcmpW
lstrcmpiA

api-ms-win-core-stringansi-l1-1-0

CharPrevA
CharNextA

api-ms-win-core-heap-obsolete-l1-1-0

LocalSize
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalFlags
GlobalSize

api-ms-win-core-localization-obsolete-l1-2-0

GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetNumberFormatW
EnumUILanguagesW

api-ms-win-core-privateprofile-l1-1-0

GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileSectionW
GetProfileSectionW

api-ms-win-core-atoms-l1-1-0

GlobalAddAtomW
GlobalGetAtomNameW
FindAtomW
GetAtomNameW
GlobalDeleteAtom

api-ms-win-core-shlwapi-legacy-l1-1-0

PathQuoteSpacesW
PathIsUNCW
PathRemoveFileSpecA
PathParseIconLocationW
PathAppendW
PathGetDriveNumberW
PathRemoveBackslashW
PathFileExistsW
PathRemoveFileSpecW
PathGetCharTypeW
PathFindFileNameW
PathCombineW
PathAddBackslashW
PathIsRootA
PathUnquoteSpacesW
PathFindNextComponentW
PathIsUNCServerShareW
PathSkipRootW
PathAppendA
PathIsUNCServerW
PathIsFileSpecW
PathFindExtensionW
SHExpandEnvironmentStringsW
PathIsValidCharW
PathMatchSpecW
SHExpandEnvironmentStringsA
PathStripPathW
IsCharSpaceW
PathStripToRootW
PathIsRootW
PathUnExpandEnvStringsW
PathIsPrefixW
PathIsSameRootW
PathCommonPrefixW
PathIsRelativeW
PathMatchSpecExW
PathRemoveExtensionW
PathGetArgsW
PathRemoveBlanksW

api-ms-win-core-kernel32-legacy-l1-1-0

GetComputerNameW
MulDiv
GetShortPathNameA
SetVolumeLabelW
UnregisterWait
GetSystemPowerStatus
RegisterWaitForSingleObject
WTSGetActiveConsoleSessionId

api-ms-win-core-kernel32-legacy-l1-1-1

PowerCreateRequest
VerifyVersionInfoW
PowerClearRequest
PowerSetRequest

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx
DeleteTimerQueueTimer
CreateTimerQueueTimer
QueueUserWorkItem

api-ms-win-core-kernel32-legacy-l1-1-2

GetBinaryTypeW

api-ms-win-core-url-l1-1-0

PathIsURLW
UrlIsW
PathCreateFromUrlW
ParseURLW
UrlGetPartW
HashData
UrlFixupW
UrlCanonicalizeW
UrlCreateFromPathW
UrlCompareW
UrlEscapeW
UrlApplySchemeW
PathCreateFromUrlAlloc
UrlUnescapeW
UrlUnescapeA

api-ms-win-core-registryuserspecific-l1-1-0

SHRegGetBoolUSValueW
SHRegOpenUSKeyA
SHRegCloseUSKey
SHRegGetUSValueW
SHRegEnumUSKeyW
SHRegOpenUSKeyW
SHRegQueryUSValueW

api-ms-win-core-kernel32-private-l1-1-0

CheckElevationEnabled
CheckElevation

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-sidebyside-l1-1-0

ReleaseActCtx
QueryActCtxW
ActivateActCtx
DeactivateActCtx
CreateActCtxW

api-ms-win-shell-shellcom-l1-1-0

SHCoCreateInstance

kernelbase

GetCurrentPackageInfo
GetPackageFullName
SHLoadIndirectStringInternal
OpenState
OpenStateExplicit
GetStateFolder
CloseState
ParseApplicationUserModelId
PackageNameAndPublisherIdFromFamilyName
GetEffectivePackageStatusForUser
NotifyRedirectedStringChange
GetStagedPackagePathByFullName2
IsMrtResourceRedirectionEnabled
OpenPackageInfoByFullName
GetPackageInfo
ClosePackageInfo
GetSystemAppDataKey
GetPackagesByPackageFamily

user32

UnhookWinEvent
SetWinEventHook
SetSysColors
SetShellWindow
SystemParametersInfoForDpi
DisplayConfigGetDeviceInfo
wsprintfW
UnpackDDElParam
DdeInitializeW
DdeUninitialize
DdeNameService
DdeDisconnect
DdeQueryStringW
DdeFreeStringHandle
DdeCreateStringHandleW
DdeCreateDataHandle
DdeGetLastError
DdeGetData
DdeQueryConvInfo
WaitMessage
LockWindowUpdate
EnumDisplaySettingsW
GetClassLongPtrW
SetShellWindowEx
EnumDisplayMonitors
ord2707
CreateAcceleratorTableW
GetMessageTime
CheckRadioButton
GetDlgItemInt
SetDlgItemInt
ClientToScreen
IsRectEmpty
SetParent
WindowFromPoint
GetSystemMenu
PostThreadMessageW
SetDialogDpiChangeBehavior
IsDialogMessageW
SetCapture
ReleaseCapture
GetCapture
TrackPopupMenuEx
GetClassInfoExW
SetMenuInfo
SetCoalescableTimer
CallNextHookEx
CallWindowProcW
SetScrollPos
ord2705
ShowScrollBar
SetScrollInfo
SetWindowRgn
SetWindowsHookExW
UnhookWindowsHookEx
GetDialogBaseUnits
GetLastInputInfo
SystemParametersInfoA
WinHelpW
CreateWindowExW
FindWindowExW
RegisterWindowMessageA
DrawTextExW
ActivateKeyboardLayout
AdjustWindowRectExForDpi
SubtractRect
CreateWindowIndirect
SetLayeredWindowAttributes
GetWindowDC
GetPointerDevices
SetRectEmpty
DialogBoxParamW
GetDpiForWindow
BroadcastSystemMessageW
GetShellWindow
GetWindowPlacement
MsgWaitForMultipleObjects
EnumChildWindows
CloseClipboard
SetClipboardData
GetClipboardData
OpenClipboard
RedrawWindow
IsWindowEnabled
SetClipboardViewer
TranslateAcceleratorW
CreateMenu
EndMenu
GetMessageExtraInfo
SetGestureConfig
CloseGestureInfoHandle
GetGestureInfo
ChangeClipboardChain
CheckMenuItem
CheckMenuRadioItem
AppendMenuW
SetMessageExtraInfo
NotifyWinEvent
CloseDesktop
OpenInputDesktop
CreateWindowInBand
GetDpiForSystem
GetSystemMetricsForDpi
EndDeferWindowPos
BeginDeferWindowPos
AdjustWindowRect
GetDlgCtrlID
SetDlgItemTextA
MessageBoxW
DeferWindowPos
DestroyAcceleratorTable
CopyAcceleratorTableW
LoadAcceleratorsW
MoveWindow
GetWindowDpiAwarenessContext
SetThreadDpiAwarenessContext
AttachThreadInput
DefWindowProcA
IsWindowUnicode
RegisterShellHookWindow
DeregisterShellHookWindow
SetTaskmanWindow
GetTaskmanWindow
GetClassInfoW
GetWindowTextLengthW
CopyImage
MapDialogRect
GetComboBoxInfo
SetActiveWindow
DrawIconEx
IsProcessDPIAware
GetProcessDefaultLayout
MonitorFromRect
AllowSetForegroundWindow
EnumPropsExW
GetWindowBand
SystemParametersInfoW
IsSETEnabled
EqualRect
GetMenuInfo
MonitorFromWindow
GetAsyncKeyState
ord2521
UpdateLayeredWindow
GetDoubleClickTime
IsChild
UnionRect
EnumDisplayDevicesW
SetWindowCompositionAttribute
RegisterClassExW
GetScrollInfo
GetDesktopWindow
ReleaseDC
GetDC
SendNotifyMessageW
SendMessageTimeoutW
IsIconic
CopyIcon
EnumWindows
GetPropW
RemovePropW
SetPropW
PtInRect
DrawTextW
SetMenuItemInfoW
IsMenu
MessageBeep
GetMenuItemID
SetMenuDefaultItem
ModifyMenuW
GetMenuState
CountClipboardFormats
IsHungAppWindow
GetClipboardOwner
EnableMenuItem
GetMenuStringW
ExitWindowsEx
GetFocus
LoadImageW
SetRect
CopyRect
GetMonitorInfoW
MonitorFromPoint
GetUserObjectInformationW
GetThreadDesktop
GetProcessWindowStation
ChangeWindowMessageFilterEx
RegisterWindowMessageW
TrackPopupMenu
InsertMenuItemW
InsertMenuW
GetWindowThreadProcessId
GetMessagePos
GetMenuItemInfoW
GetMenuItemCount
GetForegroundWindow
GetKeyboardLayout
MapWindowPoints
OffsetRect
IsWindow
WaitForInputIdle
GetMenuDefaultItem
GetLastActivePopup
SwitchToThisWindow
GetCursorPos
RegisterClipboardFormatW
GetWindow
FindWindowW
GetClassNameW
GetAncestor
EnableWindow
MsgWaitForMultipleObjectsEx
PeekMessageW
PostQuitMessage
SetForegroundWindow
ShutdownBlockReasonDestroy
ShutdownBlockReasonCreate
LoadMenuW
GetSubMenu
RemoveMenu
GetParent
IsDlgButtonChecked
CheckDlgButton
DeleteMenu
DestroyMenu
CreatePopupMenu
PostMessageW
SetProcessDPIAware
DispatchMessageW
TranslateMessage
GetMessageW
SetFocus
IsWindowVisible
DrawEdge
GetSysColorBrush
FillRect
EndPaint
BeginPaint
GetUpdateRect
TrackMouseEvent
UpdateWindow
GetWindowRect
DefWindowProcW
RegisterClassW
KillTimer
GetKeyState
InflateRect
AdjustWindowRectEx
DestroyWindow
SetWindowLongW
GetWindowLongW
DrawFocusRect
DrawIcon
GetSysColor
EndDialog
GetWindowLongPtrW
SetWindowLongPtrW
GetWindowTextW
SetWindowPos
GetClientRect
ShowWindow
SetWindowTextW
GetDlgItem
InvalidateRect
LoadCursorW
SetCursor
SetDlgItemTextW
GetDlgItemTextW
SendDlgItemMessageW
ScreenToClient
SendMessageW
LookupIconIdFromDirectory
CreateIconIndirect
GetIconInfo
DestroyIcon
PrivateExtractIconsW
LoadIconW
GetSystemMetrics
IsWinEventHookInstalled
EmptyClipboard
UnregisterPowerSettingNotification
GetCurrentInputMessageSource
AnimateWindow
GetCursor
HideCaret
CreateDialogParamW
WindowFromDC
ChildWindowFromPoint
RegisterPowerSettingNotification
GetClassLongW
AreDpiAwarenessContextsEqual
SetMenu
LockSetForegroundWindow
ShowCaret
GetDisplayConfigBufferSizes
QueryDisplayConfig
IntersectRect
SetTimer

ntdll

RtlAreLongPathsEnabled
RtlQueryResourcePolicy
EtwEventWriteTransfer
RtlInitUnicodeString
RtlPrefixString
NtQueryInformationFile
RtlNtStatusToDosError
NtCreateFile
NtClose
NtFsControlFile
RtlUnicodeStringToOemString
NtSetInformationFile
NtOpenFile
RtlFreeHeap
NtOpenThreadToken
EtwLogTraceEvent
NtQuerySystemInformationEx
RtlCompareUnicodeString
RtlNtStatusToDosErrorNoTeb
RtlInitializeResource
RtlAcquireResourceExclusive
RtlReleaseResource
RtlDeleteResource
RtlAllocateHeap
NtSetInformationToken
NtUnmapViewOfSection
RtlImageNtHeaderEx
NtMapViewOfSection
RtlQueryWnfStateData
RtlGetNtSystemRoot
RtlQueryRegistryValuesEx
RtlCheckRegistryKey
NtQuerySystemInformation
NtQueryObject
RtlIsPartialPlaceholder
NtQueryKey
NtSetSecurityObject
NtQuerySecurityObject
RtlDosPathNameToNtPathName_U
ShipAssert
RtlIsNonEmptyDirectoryReparsePointAllowed
ZwQueryWnfStateData
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlRandomEx
RtlCreateUnicodeString
RtlIsThreadWithinLoaderCallout
RtlCreateServiceSid
RtlLengthRequiredSid
RtlGetNtProductType
EtwUnregisterTraceGuids
EtwRegisterTraceGuidsW
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
NtPowerInformation
WinSqmSetDWORD
NtQueryInformationProcess
NtQueryAttributesFile
RtlDosPathNameToRelativeNtPathName_U
RtlPublishWnfStateData
NtQueryWnfStateData
NtOpenProcessToken
NtQueryInformationToken
RtlDllShutdownInProgress
WinSqmAddToStreamEx
WinSqmAddToStream
NtSetCachedSigningLevel
NtCompareSigningLevels
NtGetCachedSigningLevel
RtlMapGenericMask
WinSqmIncrementDWORD
EtwTraceMessage
EtwEventWrite
EtwEventEnabled
EtwEventActivityIdControl
EtwEventRegister
EtwEventUnregister
EtwEventSetInformation
RtlDestroyEnvironment
RtlSetCurrentEnvironment
RtlCreateEnvironment
NtQueryInformationThread
RtlExpandEnvironmentStrings_U
RtlSetEnvironmentVariable
RtlQueryEnvironmentVariable_U
RtlInitUnicodeStringEx
RtlGetLastNtStatus
RtlFreeUnicodeString
RtlReleaseRelativeName
RtlDosPathNameToRelativeNtPathName_U_WithStatus
NtQueryVolumeInformationFile
RtlDosPathNameToNtPathName_U_WithStatus

gdi32

DeleteObject
GetLayout
SetLayout
GetStockObject
ExcludeClipRect
SetBkMode
SelectObject
SetTextColor
OffsetWindowOrgEx
SetWindowOrgEx
GetObjectW
GetTextExtentPointW
GetDeviceCaps
CreateDIBSection
CreateCompatibleDC
DeleteDC
CreateDCW
GdiAlphaBlend
BitBlt
CreateFontIndirectW
CreateCompatibleBitmap
CreateBitmap
CreateSolidBrush
GetDIBits
StretchBlt
GdiTransparentBlt
GetTextColor
GetCurrentObject
CreatePen
Rectangle
GetTextMetricsW
GetTextExtentPoint32W
SetTextAlign
SetStretchBltMode
PatBlt
MoveToEx
LineTo
CreatePolygonRgn
GetTextAlign
SetMapMode
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
StretchDIBits
GetClipBox
CreateRectRgn
GetClipRgn
IntersectClipRect
SelectClipRgn
LPtoDP
SetMetaFileBitsEx
PlayMetaFile
DeleteMetaFile
GetViewportOrgEx
ExtSelectClipRgn
SetDCBrushColor
CreateRectRgnIndirect
SetBkColor
RestoreDC
SaveDC
CombineRgn
GetRgnBox
GetRegionData
GetWindowOrgEx
GetObjectType
ExtTextOutW
GetDIBColorTable
GetPixel
CreateFontW
GetTextExtentPoint32A
TextOutA

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-job-l2-1-0

CreateJobObjectW
SetInformationJobObject
AssignProcessToJobObject

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

AppCompat_RunDLLW
AssocCreateForClasses
AssocElemCreateForKey
AssocGetDetailsOfPropKey
CDefFolderMenu_Create2
CIDLData_CreateFromIDArray
CStorageItem_GetValidatedStorageItemObject
CallFileCopyHook
CheckEscapesW
CommandLineToArgvW
Control_RunDLL
Control_RunDLLA
Control_RunDLLAsUserW
Control_RunDLLW
CreateStorageItemFromPath_FullTrustCaller
CreateStorageItemFromPath_FullTrustCaller_ForPackage
CreateStorageItemFromPath_PartialTrustCaller
CreateStorageItemFromShellItem_FullTrustCaller
CreateStorageItemFromShellItem_FullTrustCaller_ForPackage
CreateStorageItemFromShellItem_FullTrustCaller_ForPackage_WithProcessHandle
CreateStorageItemFromShellItem_FullTrustCaller_UseImplicitFlagsAndPackage
DAD_AutoScroll
DAD_DragEnterEx
DAD_DragEnterEx2
DAD_DragLeave
DAD_DragMove
DAD_SetDragImage
DAD_ShowDragImage
DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
DllGetVersion
DllInstall
DllRegisterServer
DllUnregisterServer
DoEnvironmentSubstA
DoEnvironmentSubstW
DragAcceptFiles
DragFinish
DragQueryFile
DragQueryFileA
DragQueryFileAorW
DragQueryFileW
DragQueryPoint
DriveType
DuplicateIcon
ExtractAssociatedIconA
ExtractAssociatedIconExA
ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconA
ExtractIconEx
ExtractIconExA
ExtractIconExW
ExtractIconW
FindExecutableA
FindExecutableW
FreeIconList
GetCurrentProcessExplicitAppUserModelID
GetFileNameFromBrowse
GetSystemPersistedStorageItemList
ILAppendID
ILClone
ILCloneFirst
ILCombine
ILCreateFromPath
ILCreateFromPathA
ILCreateFromPathW
ILFindChild
ILFindLastID
ILFree
ILGetNext
ILGetSize
ILIsEqual
ILIsParent
ILLoadFromStreamEx
ILRemoveLastID
ILSaveToStream
InitNetworkAddressControl
InternalExtractIconListA
InternalExtractIconListW
IsDesktopExplorerProcess
IsLFNDrive
IsLFNDriveA
IsLFNDriveW
IsNetDrive
IsProcessAnExplorer
IsUserAnAdmin
LaunchMSHelp_RunDLLW
OpenAs_RunDLL
OpenAs_RunDLLA
OpenAs_RunDLLW
OpenRegStream
Options_RunDLL
Options_RunDLLA
Options_RunDLLW
PathCleanupSpec
PathGetShortPath
PathIsExe
PathIsSlowA
PathIsSlowW
PathMakeUniqueName
PathQualify
PathResolve
PathYetAnotherMakeUniqueName
PickIconDlg
PifMgr_CloseProperties
PifMgr_GetProperties
PifMgr_OpenProperties
PifMgr_SetProperties
PrepareDiscForBurnRunDllW
PrintersGetCommand_RunDLL
PrintersGetCommand_RunDLLA
PrintersGetCommand_RunDLLW
ReadCabinetState
RealDriveType
RealShellExecuteA
RealShellExecuteExA
RealShellExecuteExW
RealShellExecuteW
RegenerateUserEnvironment
RestartDialog
RestartDialogEx
RunAsNewUser_RunDLLW
SHAddDefaultPropertiesByExt
SHAddFromPropSheetExtArray
SHAddToRecentDocs
SHAlloc
SHAppBarMessage
SHAssocEnumHandlers
SHAssocEnumHandlersForProtocolByApplication
SHBindToFolderIDListParent
SHBindToFolderIDListParentEx
SHBindToObject
SHBindToParent
SHBrowseForFolder
SHBrowseForFolderA
SHBrowseForFolderW
SHCLSIDFromString
SHChangeNotification_Lock
SHChangeNotification_Unlock
SHChangeNotify
SHChangeNotifyDeregister
SHChangeNotifyRegister
SHChangeNotifyRegisterThread
SHChangeNotifySuspendResume
SHCloneSpecialIDList
SHCoCreateInstance
SHCoCreateInstanceWorker
SHCreateAssociationRegistration
SHCreateCategoryEnum
SHCreateDataObject
SHCreateDefaultContextMenu
SHCreateDefaultExtractIcon
SHCreateDefaultPropertiesOp
SHCreateDirectory
SHCreateDirectoryExA
SHCreateDirectoryExW
SHCreateDrvExtIcon
SHCreateFileExtractIconW
SHCreateItemFromIDList
SHCreateItemFromParsingName
SHCreateItemFromRelativeName
SHCreateItemInKnownFolder
SHCreateItemWithParent
SHCreateLocalServerRunDll
SHCreateProcessAsUserW
SHCreatePropSheetExtArray
SHCreateQueryCancelAutoPlayMoniker
SHCreateShellFolderView
SHCreateShellFolderViewEx
SHCreateShellItem
SHCreateShellItemArray
SHCreateShellItemArrayFromDataObject
SHCreateShellItemArrayFromIDLists
SHCreateShellItemArrayFromShellItem
SHCreateStdEnumFmtEtc
SHDefExtractIconA
SHDefExtractIconW
SHDestroyPropSheetExtArray
SHDoDragDrop
SHELL32_AddToBackIconTable
SHELL32_AddToFrontIconTable
SHELL32_AreAllItemsAvailable
SHELL32_CCommonPlacesFolder_CreateInstance
SHELL32_CDBurn_CloseSession
SHELL32_CDBurn_DriveSupportedForDataBurn
SHELL32_CDBurn_Erase
SHELL32_CDBurn_GetCDInfo
SHELL32_CDBurn_GetLiveFSDiscInfo
SHELL32_CDBurn_GetStagingPathOrNormalPath
SHELL32_CDBurn_GetTaskInfo
SHELL32_CDBurn_IsBlankDisc
SHELL32_CDBurn_IsBlankDisc2
SHELL32_CDBurn_IsLiveFS
SHELL32_CDBurn_OnDeviceChange
SHELL32_CDBurn_OnEject
SHELL32_CDBurn_OnMediaChange
SHELL32_CDefFolderMenu_Create2
SHELL32_CDefFolderMenu_Create2Ex
SHELL32_CDefFolderMenu_MergeMenu
SHELL32_CDrivesContextMenu_Create
SHELL32_CDrivesDropTarget_Create
SHELL32_CDrives_CreateSFVCB
SHELL32_CFSDropTarget_CreateInstance
SHELL32_CFSFolderCallback_Create
SHELL32_CFillPropertiesTask_CreateInstance
SHELL32_CLibraryDropTarget_CreateInstance
SHELL32_CLocationContextMenu_Create
SHELL32_CLocationFolderUI_CreateInstance
SHELL32_CMountPoint_DoAutorun
SHELL32_CMountPoint_DoAutorunPrompt
SHELL32_CMountPoint_IsAutoRunDriveAndEnabledByPolicy
SHELL32_CMountPoint_ProcessAutoRunFile
SHELL32_CMountPoint_WantAutorunUI
SHELL32_CMountPoint_WantAutorunUIGetReady
SHELL32_CNetFolderUI_CreateInstance
SHELL32_CPL_CategoryIdArrayFromVariant
SHELL32_CPL_IsLegacyCanonicalNameListedUnderKey
SHELL32_CPL_ModifyWowDisplayName
SHELL32_CRecentDocsContextMenu_CreateInstance
SHELL32_CTransferConfirmation_CreateInstance
SHELL32_CallFileCopyHooks
SHELL32_CanDisplayWin8CopyDialog
SHELL32_CloseAutoplayPrompt
SHELL32_CommandLineFromMsiDescriptor
SHELL32_CopySecondaryTiles
SHELL32_CreateConfirmationInterrupt
SHELL32_CreateConflictInterrupt
SHELL32_CreateDefaultOperationDataProvider
SHELL32_CreateFileFolderContextMenu
SHELL32_CreateLinkInfoW
SHELL32_CreateQosRecorder
SHELL32_CreateSharePointView
SHELL32_Create_IEnumUICommand
SHELL32_DestroyLinkInfo
SHELL32_EncryptDirectory
SHELL32_EncryptedFileKeyInfo
SHELL32_EnumCommonTasks
SHELL32_FreeEncryptedFileKeyInfo
SHELL32_GenerateAppID
SHELL32_GetAppIDRoot
SHELL32_GetCommandProviderForFolderType
SHELL32_GetDPIAdjustedLogicalSize
SHELL32_GetDiskCleanupPath
SHELL32_GetFileNameFromBrowse
SHELL32_GetIconOverlayManager
SHELL32_GetLinkInfoData
SHELL32_GetRatingBucket
SHELL32_GetSqmableFileName
SHELL32_GetThumbnailAdornerFromFactory
SHELL32_GetThumbnailAdornerFromFactory2
SHELL32_HandleUnrecognizedFileSystem
SHELL32_IconCacheCreate
SHELL32_IconCacheDestroy
SHELL32_IconCacheHandleAssociationChanged
SHELL32_IconCacheRestore
SHELL32_IconCache_AboutToExtractIcons
SHELL32_IconCache_DoneExtractingIcons
SHELL32_IconCache_ExpandEnvAndSearchPath
SHELL32_IconCache_RememberRecentlyExtractedIconsW
SHELL32_IconOverlayManagerInit
SHELL32_IsGetKeyboardLayoutPresent
SHELL32_IsSystemUpgradeInProgress
SHELL32_IsValidLinkInfo
SHELL32_LegacyEnumSpecialTasksByType
SHELL32_LegacyEnumTasks
SHELL32_LookupBackIconIndex
SHELL32_LookupFrontIconIndex
SHELL32_NormalizeRating
SHELL32_NotifyLinkTrackingServiceOfMove
SHELL32_PifMgr_CloseProperties
SHELL32_PifMgr_GetProperties
SHELL32_PifMgr_OpenProperties
SHELL32_PifMgr_SetProperties
SHELL32_Printers_CreateBindInfo
SHELL32_Printjob_GetPidl
SHELL32_PurgeSystemIcon
SHELL32_RefreshOverlayImages
SHELL32_ResolveLinkInfoW
SHELL32_SHAddSparseIcon
SHELL32_SHCreateByValueOperationInterrupt
SHELL32_SHCreateDefaultContextMenu
SHELL32_SHCreateLocalServer
SHELL32_SHCreateShellFolderView
SHELL32_SHDuplicateEncryptionInfoFile
SHELL32_SHEncryptFile
SHELL32_SHFormatDriveAsync
SHELL32_SHGetThreadUndoManager
SHELL32_SHGetUserNameW
SHELL32_SHIsVirtualDevice
SHELL32_SHLaunchPropSheet
SHELL32_SHLogILFromFSIL
SHELL32_SHOpenWithDialog
SHELL32_SHStartNetConnectionDialogW
SHELL32_SHUICommandFromGUID
SHELL32_SendToMenu_InvokeTargetedCommand
SHELL32_SendToMenu_VerifyTargetedCommand
SHELL32_ShowHideIconOnlyOnDesktop
SHELL32_SimpleRatingToFilterCondition
SHELL32_StampIconForFile
SHELL32_SuspendUndo
SHELL32_TryVirtualDiscImageDriveEject
SHELL32_VerifySaferTrust
SHEmptyRecycleBinA
SHEmptyRecycleBinW
SHEnableServiceObject
SHEnumerateUnreadMailAccountsW
SHEvaluateSystemCommandTemplate
SHExecuteErrorMessageBox
SHExtractIconsW
SHFileOperation
SHFileOperationA
SHFileOperationW
SHFindFiles
SHFind_InitMenuPopup
SHFlushSFCache
SHFormatDrive
SHFree
SHFreeNameMappings
SHGetAttributesFromDataObject
SHGetDataFromIDListA
SHGetDataFromIDListW
SHGetDesktopFolder
SHGetDiskFreeSpaceA
SHGetDiskFreeSpaceExA
SHGetDiskFreeSpaceExW
SHGetDriveMedia
SHGetFileInfo
SHGetFileInfoA
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathAndSubDirA
SHGetFolderPathAndSubDirW
SHGetFolderPathEx
SHGetFolderPathW
SHGetIDListFromObject
SHGetIconOverlayIndexA
SHGetIconOverlayIndexW
SHGetImageList
SHGetInstanceExplorer
SHGetItemFromDataObject
SHGetItemFromObject
SHGetKnownFolderIDList
SHGetKnownFolderItem
SHGetKnownFolderPath
SHGetLocalizedName
SHGetMalloc
SHGetNameFromIDList
SHGetNewLinkInfo
SHGetNewLinkInfoA
SHGetNewLinkInfoW
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetPathFromIDListEx
SHGetPathFromIDListW
SHGetPropertyStoreForWindow
SHGetPropertyStoreFromIDList
SHGetPropertyStoreFromParsingName
SHGetRealIDL
SHGetSetFolderCustomSettings
SHGetSetSettings
SHGetSettings
SHGetSpecialFolderLocation
SHGetSpecialFolderPathA
SHGetSpecialFolderPathW
SHGetStockIconInfo
SHGetTemporaryPropertyForItem
SHGetUnreadMailCountW
SHHandleUpdateImage
SHHelpShortcuts_RunDLL
SHHelpShortcuts_RunDLLA
SHHelpShortcuts_RunDLLW
SHILCreateFromPath
SHInvokePrinterCommandA
SHInvokePrinterCommandW
SHIsFileAvailableOffline
SHLimitInputEdit
SHLoadInProc
SHLoadNonloadedIconOverlayIdentifiers
SHMapPIDLToSystemImageListIndex
SHMultiFileProperties
SHObjectProperties
SHOpenFolderAndSelectItems
SHOpenOrGetFolderView
SHOpenPropSheetW
SHOpenWithDialog
SHParseDisplayName
SHPathPrepareForWriteA
SHPathPrepareForWriteW
SHPropStgCreate
SHPropStgReadMultiple
SHPropStgWriteMultiple
SHQueryRecycleBinA
SHQueryRecycleBinW
SHQueryUserNotificationState
SHRemoveLocalizedName
SHReplaceFromPropSheetExtArray
SHResolveLibrary
SHRestricted
SHSetDefaultProperties
SHSetFolderPathA
SHSetFolderPathW
SHSetInstanceExplorer
SHSetKnownFolderPath
SHSetLocalizedName
SHSetTemporaryPropertyForItem
SHSetUnreadMailCountW
SHShellFolderView_Message
SHShowManageLibraryUI
SHSimpleIDListFromPath
SHStartNetConnectionDialogW
SHTestTokenMembership
SHUpdateImageA
SHUpdateImageW
SHUpdateRecycleBinIcon
SHValidateUNC
SetCurrentProcessExplicitAppUserModelID
SheChangeDirA
SheChangeDirExW
SheGetDirA
SheSetCurDrive
ShellAboutA
ShellAboutW
ShellExec_RunDLL
ShellExec_RunDLLA
ShellExec_RunDLLW
ShellExecuteA
ShellExecuteEx
ShellExecuteExA
ShellExecuteExW
ShellExecuteW
ShellHookProc
ShellMessageBoxA
ShellMessageBoxW
Shell_GetCachedImageIndex
Shell_GetCachedImageIndexA
Shell_GetCachedImageIndexW
Shell_GetImageLists
Shell_MergeMenus
Shell_NotifyIcon
Shell_NotifyIconA
Shell_NotifyIconGetRect
Shell_NotifyIconW
SignalFileOpen
StateRepoNewMenuCache_EnsureCacheAsync
StateRepoNewMenuCache_RebuildCacheAsync
StgMakeUniqueName
StrChrA
StrChrIA
StrChrIW
StrChrW
StrCmpNA
StrCmpNIA
StrCmpNIW
StrCmpNW
StrNCmpA
StrNCmpIA
StrNCmpIW
StrNCmpW
StrRChrA
StrRChrIA
StrRChrIW
StrRChrW
StrRStrA
StrRStrIA
StrRStrIW
StrRStrW
StrStrA
StrStrIA
StrStrIW
StrStrW
UsersLibrariesFolderUI_CreateInstance
WOWShellExecute
WaitForExplorerRestartW
Win32DeleteFile
WriteCabinetState

Sections

.text
Size: 6.5MB - Virtual size: 6.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 308KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
user32.dll
.dll windows:10 windows x64 arch:x64

191edaeb5a872a44ae7c3aae07c9989b

Code Sign

33:00:00:06:ad:ac:dd:3c:98:83:5e:29:49:00:00:00:00:06:ad
Certificate

Issuer

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

13/07/2023, 22:37

Not After

15/09/2024, 22:37

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Development Root Certificate Authority 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/05/2014, 17:33

Not After

28/05/2029, 17:43

Subject

CN=Microsoft Development PCA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e9:2a:92:31:8e:f1:11:c6:d9:72:f7:3a:a7:c8:94:61:e0:9b:dd:6c:04:11:36:ed:3a:03:20:3a:69:19:71:1a
Signer

Actual PE Digest

e9:2a:92:31:8e:f1:11:c6:d9:72:f7:3a:a7:c8:94:61:e0:9b:dd:6c:04:11:36:ed:3a:03:20:3a:69:19:71:1a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

user32.pdb

Imports

win32u

NtUserGetWindowContextHelpId
NtUserSetSysColors
NtUserToUnicodeEx
NtUserLoadKeyboardLayoutEx
NtUserUpdatePerUserImmEnabling
NtUserSetWatermarkStrings
NtUserUpdatePerUserSystemParameters
NtUserEvent
NtUserConvertMemHandle
NtUserCreateLocalMemHandle
NtUserSetWindowsHookEx
NtUserSetWinEventHook
NtUserNotifyWinEvent
NtUserRegisterUserApiHook
NtUserDoInitMessagePumpHook
NtUserDoUninitMessagePumpHook
NtUserDrawCaption
NtUserGetAsyncKeyState
NtUserGetKeyState
NtUserOpenClipboard
NtUserPeekMessage
NtUserSetWindowLong
NtUserTranslateMessage
NtUserSetWindowRgn
NtUserSetWindowRgnEx
NtUserInternalGetWindowText
NtUserInternalGetWindowIcon
NtUserSetWindowStationUser
NtUserSetSystemCursor
NtUserFindExistingCursorIcon
NtUserSetCursorIconDataEx
NtUserDefSetText
NtUserChangeWindowMessageFilter
NtUserModifyWindowTouchCapability
NtUserPaintDesktop
NtUserSetThreadDesktop
NtUserActivateKeyboardLayout
NtUserGetOpenClipboardWindow
NtUserEnableIAMAccess
NtUserHwndQueryRedirectionInfo
NtUserHwndSetRedirectionInfo
NtMITSynthesizeTouchInput
NtMITGetCursorUpdateHandle
NtMITSetLastInputRecipient
NtUserEnableScrollBar
NtUserTestForInteractiveUser
NtUserGetClassName
NtUserSetScrollInfo
NtUserSBGetParms
NtUserUpdateLayeredWindow
NtUserUpdateWindows
NtUserEnableSessionForMMCSS
NtUserDeferredDesktopRotation
NtUserSetCancelRotationDelayHintWindow
NtUserFindWindowEx
NtUserRegisterClassExWOW
NtUserPostThreadMessage
NtUserSetClassLongPtr
NtUserGetClipboardFormatName
NtUserRegisterWindowMessage
NtUserGetKeyNameText
NtUserMapVirtualKeyEx
NtUserEnumDisplayDevices
NtUserGetClassInfoEx
NtUserChangeDisplaySettings
NtUserRemoveProp
NtUserUnregisterClass
NtUserEnumDisplaySettings
NtUserGetAltTabInfo
NtUserSetClassLong
NtUserGetMessage
NtUserGetKeyboardLayoutName
NtUserDrawCaptionTemp
NtUserSetProp
NtUserVkKeyScanEx
NtUserCallMsgFilter
NtUserBroadcastImeShowStatusChange
NtUserSetImeOwnerWindow
NtUserCheckImeShowStatusInThread
NtUserNotifyIMEStatus
NtUserUpdateInputContext
NtUserGetIMEShowStatus
NtUserCountClipboardFormats
NtUserGetPriorityClipboardFormat
NtUserGetClipboardOwner
NtUserGetClipboardSequenceNumber
NtUserGetClipboardViewer
NtUserSetClipboardViewer
NtUserChangeClipboardChain
NtUserAddClipboardFormatListener
NtUserRemoveClipboardFormatListener
NtUserGetUpdatedClipboardFormats
NtUserSetWindowCompositionAttribute
NtUserTranslateAccelerator
NtUserModifyUserStartupInfoFlags
NtUserSetClipboardData
NtUserDrawIconEx
NtUserValidateRgn
NtUserGetUpdateRgn
NtUserGetUpdateRect
NtUserSwitchToThisWindow
NtUserWaitForInputIdle
NtUserThreadMessageQueueAttached
NtUserMsgWaitForMultipleObjectsEx
NtUserSetObjectInformation
NtUserGetWinStationInfo
NtUserCreateWindowStation
NtUserOpenWindowStation
NtUserCreateDesktopEx
NtUserOpenDesktop
NtUserSwitchDesktop
NtUserCreatePopupMenu
NtUserDrawMenuBar
NtUserEnumClipboardFormats
NtUserGetInputDesktop
NtUserGetKeyboardType
NtUserGetUnpredictedMessagePos
NtUserDwmLockScreenUpdates
NtUserGetQueueStatus
NtUserLW_LoadFonts
NtUserNotifyOverlayWindow
NtUserSetShellChangeNotifyHWND
NtUserSetProgmanWindow
NtUserSetTaskmanWindow
NtUserPostQuitMessage
NtUserReplyMessage
NtUserRegisterSystemThread
NtUserSetCaretBlinkTime
NtUserSetDoubleClickTime
NtUserAllowSetForegroundWindow
NtUserLockSetForegroundWindow
NtUserShowOwnedPopups
NtUserShowStartGlass
NtUserSwapMouseButton
NtUserUnhookWindowsHook
NtUserUpdateWindow
NtUserRegisterShellHookWindow
NtUserDeregisterShellHookWindow
NtUserRealizePalette
NtUserUnloadKeyboardLayout
NtUserGetKeyboardLayout
NtUserGetProcessDefaultLayout
NtUserSetProcessDefaultLayout
NtUserCreateWindowEx
NtUserDisableProcessWindowsGhosting
NtUserRegisterGhostWindow
NtUserRegisterSiblingFrostWindow
NtUserGetDpiForMonitor
NtUserGetSendMessageReceiver
NtUserShutdownBlockReasonCreate
NtUserEnableMouseInPointerForThread
NtUserRegisterWindowArrangementCallout
NtUserEnableShellWindowManagementBehavior
NtUserGetWindowTrackInfoAsync
NtUserSetModernAppWindow
NtUserGetModernAppWindow
NtUserSetThreadQueueMergeSetting
NtUserEnableModernAppWindowKeyboardIntercept
NtUserScheduleDispatchNotification
NtUserInitThreadCoreMessagingIocp
NtUserDrainThreadCoreMessagingCompletions
NtUserSetTSFEventState
NtUserForceEnableNumpadTranslation
NtUserSystemParametersInfoForDpi
NtUserCitSetInfo
NtCreateCompositionInputSink
NtUserCreatePalmRejectionDelayZone
NtUserDestroyPalmRejectionDelayZone
NtUserSystemParametersInfo
NtUserGetProp
NtUserGetHDevName
NtUserGetRawInputDeviceInfo
NtUserRegisterLogonProcess
NtUserCreateSystemThreads
NtUserGetCursorPos
NtUserEnableMenuItem
NtUserCallNextHookEx
NtGdiDdDDIEscape
NtUserDisplayConfigGetDeviceInfo
NtUserGetDisplayConfigBufferSizes
NtUserSetDisplayConfig
NtUserQueryDisplayConfig
NtUserDisplayConfigSetDeviceInfo
NtUserFunctionalizeDisplayConfig
NtUserGetMessagePos
NtUserMNDragLeave
NtUserMNDragOver
NtUserDrawMenuBarTemp
NtUserGetSysMenuOffset
NtUserThunkedMenuInfo
NtUserCheckMenuItem
NtUserMinMaximize
NtUserUpdateClientRect
NtUserSetWindowLongPtr
NtUserSetVisible
NtUserClearWindowState
NtUserSetWindowState
NtUserCheckAccessForIntegrityLevel
NtUserArrangeIconicWindows
NtUserScrollWindowEx
NtUserRedrawTitle
NtUserRedrawFrameAndHook
NtUserDeferWindowPosAndBand
NtUserBeginDeferWindowPos
NtUserSetSysMenu
NtUserResetDblClk
NtUserRegisterLPK
NtUserRemoteConnectState
NtUserInitializeClientPfnArrays
NtUserProcessConnect
gDispatchTableValues
NtUserInitAnsiOem
NtUserLoadCursorsAndIcons
NtUserDisableProcessWindowFiltering
NtUserSetProcessUIAccessZorder
NtUserGetRawInputBuffer
NtUserScrollDC
NtUserKillSystemTimer
NtUserSetSystemTimer
NtUserHideCursorNoCapture
NtUserSetCaretPos
NtUserCloseClipboard
NtUserEmptyClipboard
NtUserIsClipboardFormatAvailable
NtUserShowCaret
NtUserCreateCaret
NtUserDestroyCaret
NtUserHideCaret
NtUserGetControlColor
NtUserTransformRect
NtUserTransformPoint
NtUserGetCurrentDpiInfoForWindow
NtUserTraceLoggingSendMixedModeTelemetry
NtUserGetProcessDpiAwarenessContext
NtUserSetProcessDpiAwarenessContext
NtUserSetCursor
NtUserMessageBeep
NtUserSetThreadState
NtUserQueryWindow
NtUserFillWindow
NtUserSetDialogPointer
NtUserZapActiveAndFocus
NtUserSetForegroundWindow
NtUserSetDialogSystemMenu
NtUserSetWindowContextHelpId
NtUserCsDdeUninitialize
NtUserDdeInitialize
NtUserUpdateInstance
NtUserConsoleControl
NtUserSetInformationThread
NtUserPrepareForLogoff
NtUserSetParent
NtUserReleaseDC
NtUserEnableWindow
NtUserPostMessage
NtUserGetTouchInputInfo
NtUserLockCursor
NtUserLinkDpiCursor
NtUserGetRequiredCursorSizes
NtUserGetCursorFrameInfo
NtUserGetIconInfo
NtUserDestroyAcceleratorTable
NtUserReportInertia
NtUserGetHimetricScaleFactorFromPixelLocation
NtUserRegisterEdgy
NtUserRegisterPointerInputTarget
NtUserGetPointerInfoList
NtUserGetCPD
NtUserSetMessageExtraInfo
NtUserValidateTimerCallback
NtUserDispatchMessage
NtUserAutoPromoteMouseInPointer
NtUserGetDManipHookInitFunction
NtUserRedrawFrame
NtUserLoadUserApiHook
NtUserSetMenu
NtUserSetMenuFlagRtoL
NtUserThunkedMenuItemInfo
NtUserCreateMenu
NtUserSetWindowsHookAW
NtUserUnhookWindowsHookEx
NtUserRealWaitMessageEx
NtUserRealInternalGetMessage
NtUserMessageCall
NtUserInjectGesture
NtUserGetGestureExtArgs
NtUserGetGestureInfo
NtUserBuildNameList
NtUserBuildPropList
NtUserBuildHwndList
NtUserGetAtomName
NtUserGetClassIcoCur
NtUserAlterWindowStyle
NtUserSetWindowFNID
NtUserBitBltSysBmp
NtUserGetOemBitmapSize
NtUserGetIconSize
NtUserReleaseCapture
NtUserSetMsgBox
NtUserGetThreadState
NtUserGetDC
NtUserGetControlBrush
NtUserDestroyCursor
NtUserCreateEmptyCursorObject
NtUserSetImeHotKey
NtUserGetImeHotKey
NtUserWindowFromPoint
NtUserWindowFromPhysicalPoint
NtUserWindowFromDC
NtUserWaitMessage
NtUserWaitForRedirectionStartComplete
NtUserWaitAvailableMessageEx
NtUserValidateRect
NtUserUserHandleGrantAccess
NtUserUpdateWindowTrackingInfo
NtUserUpdateWindowInputSinkHints
NtUserUpdateDefaultDesktopThumbnail
NtUserUnregisterUserApiHook
NtUserUnregisterSessionPort
NtUserUnregisterHotKey
NtUserUnlockWindowStation
NtUserUnhookWinEvent
NtUserUndelegateInput
NtUserTrackPopupMenuEx
NtUserTrackMouseEvent
NtUserSoundSentry
NtUserSlicerControl
NtUserDiscardPointerFrameMessages
NtUserSignalRedirectionStartComplete
NtUserShutdownBlockReasonQuery
NtUserShutdownReasonDestroy
NtUserShowWindowAsync
NtUserShowWindow
NtUserShowSystemCursor
NtUserShowScrollBar
NtUserShowCursor
NtUserShellSetWindowPos
NtUserShellRegisterHotKey
NtUserShellMigrateWindow
NtUserShellHandwritingUndelegateInput
NtUserShellHandwritingHandleDelegatedInput
NtUserShellHandwritingDelegateInput
NtUserSetWindowWord
NtUserSetWindowShowState
NtUserSetWindowPos
NtUserSetWindowPlacement
NtUserSetWindowFeedbackSetting
NtUserSetWindowDisplayAffinity
NtUserSetWindowCompositionTransition
NtUserSetWindowBand
NtUserSetThreadInputBlocked
NtUserSetTargetForResourceBrokering
NtUserSetSystemMenu
NtUserSetShellWindowEx
NtSetShellCursorState
NtUserSetProcessWindowStation
NtUserSetProcessRestrictionExemption
NtUserSetProcessMousewheelRoutingMode
NtUserSetProcessLaunchForegroundPolicy
NtUserSetProcessInteractionFlags
NtUserSetPrecisionTouchPadConfiguration
NtSetPointerDeviceInputSpace
NtUserSetMirrorRendering
NtUserSetMenuDefaultItem
NtUserSetMenuContextHelpId
NtUserMagSetContextInformation
NtUserSetMagnificationDesktopMagnifierOffsetsDWMUpdated
NtUserSetLayeredWindowAttributes
NtUserSetKeyboardState
NtUserSetInternalWindowPos
NtUserSetInteractiveCtrlRotationAngle
NtUserSetInteractiveControlFocus
NtUserSetInputServiceState
NtUserSetGestureConfig
NtUserSetFullscreenMagnifierOffsetsDWMUpdated
NtUserSetForegroundWindowForApplication
NtUserSetForegroundRedirectionForActivationObject
NtUserSetFocus
NtUserSetFeatureReportResponse
NtUserSetFallbackForeground
NtUserSetDpiForWindow
NtUserSetDisplayMapping
NtUserSetDisplayAutoRotationPreferences
NtUserSetDialogControlDpiChangeBehavior
NtUserSetDesktopVisualInputSink
NtUserSetDesktopColorTransform
NtUserSetCursorPos
NtSetCursorInputSpace
NtUserSetCoreWindowPartner
NtUserSetCoreWindow
NtUserSetTimer
NtUserSetClassWord
NtUserSetChildWindowNoActivate
NtUserSetCapture
NtUserSetCalibrationData
NtUserSetBrokeredForeground
NtUserSetBridgeWindowChild
NtUserSetAutoRotation
NtUserSetAdditionalForegroundBoostProcesses
NtUserSetActiveWindow
NtUserSetActiveProcessForMonitor
NtUserSetActivationFilter
NtUserSendInteractiveControlHapticsReport
NtUserSendInput
NtUserSendEventMessage
NtUserRestoreWindowDpiChanges
NtUserResolveDesktopForWOW
NtUserRemoveVisualIdentifier
NtUserRemoveMenu
NtUserReleaseDwmHitTestWaiters
NtUserRegisterTouchPadCapable
NtUserRegisterTouchHitTestingWindow
NtUserRegisterTasklist
NtUserRegisterShellPTPListener
NtUserRegisterSessionPort
NtUserRegisterServicesProcess
NtUserRegisterRawInputDevices
NtUserRegisterPointerDeviceNotifications
NtUserRegisterHotKey
NtUserRegisterForTooltipDismissNotification
NtUserRegisterForCustomDockTargets
NtUserRegisterErrorReportingDialog
NtUserRegisterDManipHook
NtUserRegisterBSDRWindow
NtUserRedrawWindow
NtUserRealChildWindowFromPoint
NtRIMUpdateInputObserverRegistration
NtRIMUnregisterForInput
NtRIMSetTestModeStatus
NtRIMSetExtendedDeviceProperty
NtRIMRemoveInputObserver
NtRIMRegisterForInputEx
NtRIMReadInput
NtRIMQueryDevicePath
NtRIMOnTimerNotification
NtRIMOnPnpNotification
NtRIMOnAsyncPnpWorkNotification
NtRIMObserveNextInput
NtRIMGetSourceProcessId
NtRIMGetPhysicalDeviceRect
NtRIMGetDevicePropertiesLockfree
NtRIMGetDeviceProperties
NtRIMGetDevicePreparsedDataLockfree
NtRIMGetDevicePreparsedData
NtRIMFreeInputBuffer
NtRIMEnableMonitorMappingForDevice
NtRIMDeviceIoControl
NtRIMAreSiblingDevices
NtRIMAddInputObserver
NtUserQuerySendMessage
NtUserQueryBSDRWindow
NtUserPromotePointer
NtUserProcessInkFeedbackCommand
NtUserPrintWindow
NtUserPerMonitorDPIPhysicalToLogicalPoint
NtUserPhysicalToLogicalPoint
NtUserPhysicalToLogicalDpiPointForWindow
NtUserPaintMonitor
NtUserPaintMenuBar
NtUserOpenThreadDesktop
NtUserOpenInputDesktop
NtUserNavigateFocus
NtUserMoveWindow
NtUserMenuItemFromPoint
NtMapVisualRelativePoints
NtUserMapPointsByVisualIdentifier
NtUserLogicalToPerMonitorDPIPhysicalPoint
NtUserLogicalToPhysicalPoint
NtUserLogicalToPhysicalDpiPointForWindow
NtUserLockWorkStation
NtUserLockWindowUpdate
NtUserLockWindowStation
NtUserLayoutCompleted
NtUserKillTimer
NtUserIsWindowGDIScaledDpiMessageEnabled
NtUserIsWindowBroadcastingDpiToChildren
NtUserIsTouchWindow
NtUserIsTopLevelWindow
NtUserIsResizeLayoutSynchronizationEnabled
NtIsOneCoreTransformMode
NtUserIsNonClientDpiScalingEnabled
NtUserIsMouseInputEnabled
NtUserIsMouseInPointerEnabled
NtUserIsChildWindowDpiMessageEnabled
NtUserInvalidateRgn
NtUserInvalidateRect
NtUserInteractiveControlQueryUsage
NtInputSpaceRegionFromPoint
NtUserInjectTouchInput
NtUserInjectPointerInput
NtUserInjectMouseInput
NtUserInjectKeyboardInput
NtUserInjectGenericHidInput
NtUserInjectDeviceInput
NtUserInitializeTouchInjection
NtUserInitializePointerDeviceInjectionEx
NtUserInitializePointerDeviceInjection
NtUserInitializeInputDeviceInjection
NtUserInitializeGenericHidInjection
NtUserInheritWindowMonitor

ntdll

__chkstk
memcmp
wcscmp
memcpy
RtlSetLastWin32Error
NlsAnsiCodePage
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
_wtoi
RtlRaiseException
NtYieldExecution
NtDeleteValueKey
NtSetValueKey
NtCreateKey
wcstoul
RtlFreeUnicodeString
RtlCreateUnicodeStringFromAsciiz
NtOpenDirectoryObject
NtSetSecurityObject
NtQuerySecurityObject
NtQueryInformationProcess
wcstol
ZwQueryWnfStateData
wcsncmp
wcsnlen
RtlDeleteHashTable
RtlInitStrongEnumerationHashTable
RtlLookupEntryHashTable
RtlStronglyEnumerateEntryHashTable
strnlen
RtlInsertEntryHashTable
RtlInitEnumerationHashTable
RtlRemoveEntryHashTable
strncmp
RtlEndStrongEnumerationHashTable
RtlCreateHashTable
RtlEndEnumerationHashTable
RtlEnumerateEntryHashTable
RtlQueryPackageClaims
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlCompareUnicodeString
wcsncpy_s
iswspace
qsort
VerSetConditionMask
NtPowerInformation
RtlMultiByteToUnicodeSize
LdrFlushAlternateResourceModules
RtlImageNtHeader
RtlPcToFileHeader
NtRaiseHardError
NtCallbackReturn
wcsncat_s
RtlRetrieveNtUserPfn
RtlInitializeNtUserPfn
_stricmp
RtlGetIntegerAtom
RtlDeleteCriticalSection
RtlResetNtUserPfn
memmove_s
memcpy_s
RtlQueryInformationActiveActivationContext
RtlQueryElevationFlags
NtQuerySystemInformation
RtlInitializeCriticalSection
RtlEqualUnicodeString
LdrQueryImageFileExecutionOptions
isspace
CsrClientConnectToServer
sscanf_s
strrchr
strcpy_s
RtlSizeHeap
RtlGetThreadLangIdByIndex
RtlRunEncodeUnicodeString
RtlRunDecodeUnicodeString
_wcsicmp
RtlReAllocateHeap
RtlNtStatusToDosError
RtlGetActiveConsoleId
CsrFreeCaptureBuffer
wcsrchr
CsrClientCallServer
CsrAllocateMessagePointer
CsrAllocateCaptureBuffer
NtOpenProcessToken
NtOpenThreadToken
RtlFreeSid
RtlAllocateAndInitializeSid
NtQueryInformationToken
NtQueryVirtualMemory
_vsnwprintf
RtlUnicodeToMultiByteSize
RtlIsThreadWithinLoaderCallout
RtlReleaseActivationContext
RtlFindActivationContextSectionString
RtlDeactivateActivationContextUnsafeFast
RtlActivateActivationContextUnsafeFast
RtlUnicodeToMultiByteN
RtlMultiByteToUnicodeN
RtlEnterCriticalSection
RtlLeaveCriticalSection
__C_specific_handler
wcscat_s
wcscpy_s
NtQueryValueKey
NtEnumerateKey
NtClose
NtOpenKey
RtlOpenCurrentUser
RtlUnicodeStringToInteger
RtlInitUnicodeString
swprintf_s
RtlFreeHeap
RtlAllocateHeap
memset
memmove

api-ms-win-core-localization-l1-2-0

GetThreadLocale
ConvertDefaultLocale
IsDBCSLeadByteEx
GetACP
IsDBCSLeadByte
GetSystemDefaultLangID
GetOEMCP
GetCPInfo
FormatMessageW
GetUserDefaultLCID
GetLocaleInfoW
IsValidLocale

api-ms-win-core-registry-l1-1-0

RegEnumValueW
RegDeleteKeyExW
RegGetValueW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegCreateKeyExW

api-ms-win-core-heap-l2-1-0

GlobalAlloc
LocalLock
GlobalFree
LocalUnlock
LocalAlloc
LocalReAlloc
LocalFree

api-ms-win-core-libraryloader-l1-2-0

EnumResourceNamesExW
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleExA
GetModuleFileNameA
GetModuleFileNameW
FreeLibrary
SizeofResource
LoadLibraryExW
GetModuleHandleW
GetModuleHandleExW
GetModuleHandleA
LoadResource
FindResourceExW

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventSetInformation
EventRegister
EventWrite
EventActivityIdControl
EventWriteTransfer

api-ms-win-core-processthreads-l1-1-0

CreateProcessW
GetCurrentProcessId
ExitThread
GetExitCodeThread
CreateThread
GetCurrentThread
GetCurrentProcess
GetCurrentThreadId
TerminateProcess
ProcessIdToSessionId

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
OpenSemaphoreW
ReleaseMutex
CreateSemaphoreExW
WaitForSingleObject
WaitForSingleObjectEx
CreateMutexExW
LeaveCriticalSection
InitializeCriticalSectionEx
EnterCriticalSection
AcquireSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitializeSRWLock
SetEvent
OpenEventW

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringOrdinal
MultiByteToWideChar
FoldStringW
CompareStringW
WideCharToMultiByte

api-ms-win-core-sysinfo-l1-1-0

GetSystemWindowsDirectoryW
GetSystemTimeAsFileTime
GetTickCount
GetSystemDirectoryW
GetVersionExW

api-ms-win-security-base-l1-1-0

CheckTokenMembership
GetTokenInformation

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-errorhandling-l1-1-0

SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-string-l2-1-0

CharUpperBuffW
CharLowerBuffW
CharLowerW
IsCharLowerW
CharPrevW
CharUpperW
IsCharUpperW
IsCharAlphaNumericW
CharNextW
IsCharAlphaW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW
SetCurrentDirectoryW
GetCurrentDirectoryW
SearchPathW

api-ms-win-core-file-l1-1-0

GetFileSize
FindFirstFileW
ReadFile
FindNextFileW
FindClose
GetLogicalDrives
SetFileTime
CreateFileW

api-ms-win-core-processthreads-l1-1-1

GetProcessMitigationPolicy

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolTimer

api-ms-win-core-memory-l1-1-0

CreateFileMappingW
MapViewOfFile
UnmapViewOfFile

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-memory-l1-1-3

SetProcessValidCallTargets

api-ms-win-core-privateprofile-l1-1-0

GetPrivateProfileStringW
WritePrivateProfileStringW

api-ms-win-core-atoms-l1-1-0

AddAtomA
GlobalGetAtomNameA
GlobalAddAtomA
GetAtomNameW
GlobalGetAtomNameW
DeleteAtom
GlobalDeleteAtom
AddAtomW
GlobalAddAtomW
GlobalFindAtomA
GlobalFindAtomW
GetAtomNameA

api-ms-win-core-heap-obsolete-l1-1-0

GlobalSize
GlobalLock
GlobalFlags
GlobalReAlloc
LocalSize
GlobalUnlock
GlobalHandle

api-ms-win-core-string-obsolete-l1-1-0

lstrlenW
lstrlenA
lstrcmpiW

api-ms-win-core-localization-obsolete-l1-2-0

GetStringTypeA

api-ms-win-core-stringansi-l1-1-0

IsCharAlphaA
IsCharAlphaNumericA
CharUpperBuffA
IsCharLowerA
CharPrevExA
CharLowerBuffA
IsCharUpperA
CharPrevA
CharNextExA
CharNextA
CharUpperA
CharLowerA

api-ms-win-core-sidebyside-l1-1-0

QueryActCtxSettingsW

api-ms-win-core-kernel32-private-l1-1-0

RegisterWaitForInputIdle

kernelbase

WTSGetServiceSessionId
LoadStringBaseExW

api-ms-win-core-kernel32-legacy-l1-1-0

MulDiv
FindResourceExA

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

api-ms-win-core-appinit-l1-1-0

LoadAppInitDlls

gdi32

PatBlt
SetBkMode
SelectObject
IntersectClipRect
SetTextAlign
GetTextAlign
GetStockObject
SetBkColor
SetTextColor
GetObjectW
GetBkColor
GetLayout
GdiGetBitmapBitsSize
GetDIBColorTable
GetDeviceCaps
GetMapMode
GetHFONT
ExtSelectClipRgn
GetClipRgn
SetGraphicsMode
GdiPrinterThunk
GdiLoadType1Fonts
GdiAddFontResourceW
GetRgnBox
ExtCreateRegion
GetRegionData
EnableEUDC
TextOutA
GdiReleaseDC
GdiConvertBitmapV5
GdiConvertToDevmodeW
GetClipBox
MirrorRgn
OffsetRgn
CreateRectRgnIndirect
SetRectRgn
CombineRgn
CreateRectRgn
GetBoundsRect
SetLayout
PlayEnhMetaFile
ExcludeClipRect
StretchBlt
Ellipse
CreateEllipticRgn
GetDCOrgEx
GdiTrackHDelete
GdiFixUpHandle
Rectangle
CreatePen
CreateBrushIndirect
PolyPatBlt
SetViewportOrgEx
GetViewportOrgEx
GetCurrentObject
GetTextCharacterExtra
SetTextCharacterExtra
SetLayoutWidth
GdiConvertAndCheckDC
SetBoundsRect
CreateSolidBrush
GdiProcessSetup
GdiDllInitialize
CopyEnhMetaFileW
CopyMetaFileW
SetPaletteEntries
CreatePalette
GetPaletteEntries
DeleteEnhMetaFile
DeleteMetaFile
GetPixel
GetTextCharsetInfo
QueryFontAssocStatus
ExtTextOutA
GetCharWidthInfo
GetCharWidthA
GetTextExtentPointA
GetTextFaceW
GetCharABCWidthsW
GetCharABCWidthsA
SetBrushOrgEx
GetDCDpiScaleValue
GetTextFaceAliasW
EnumFontsW
CreateFontIndirectW
TranslateCharsetInfo
GdiCreateLocalEnhMetaFile
GdiCreateLocalMetaFilePict
GdiConvertEnhMetaFile
GdiConvertMetaFilePict
GetTextColor
GetTextMetricsW
TextOutW
GetWindowExtEx
GetViewportExtEx
GetBkMode
GdiGetCharDimensions
GetTextCharset
GditPopCallerInfo
GditPushCallerInfo
GdiGetCodePage
GetTextExtentPointW
ExtTextOutW
RestoreDC
OffsetWindowOrgEx
SaveDC
GetObjectType
GetDIBits
SetDIBits
SetStretchBltMode
CreateDIBSection
StretchDIBits
CreateCompatibleBitmap
CreateDIBitmap
CreateDCW
GdiTrackHCreate
DeleteDC
BitBlt
CreateCompatibleDC
DeleteObject
CreateBitmap
GdiValidateHandle

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Exports

Exports

ActivateKeyboardLayout
AddClipboardFormatListener
AddVisualIdentifier
AdjustWindowRect
AdjustWindowRectEx
AdjustWindowRectExForDpi
AlignRects
AllowForegroundActivation
AllowSetForegroundWindow
AnimateWindow
AnyPopup
AppendMenuA
AppendMenuW
AreDpiAwarenessContextsEqual
ArrangeIconicWindows
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BlockInput
BringWindowToTop
BroadcastSystemMessage
BroadcastSystemMessageA
BroadcastSystemMessageExA
BroadcastSystemMessageExW
BroadcastSystemMessageW
BuildReasonArray
CalcMenuBar
CalculatePopupWindowPosition
CallMsgFilter
CallMsgFilterA
CallMsgFilterW
CallNextHookEx
CallWindowProcA
CallWindowProcW
CancelShutdown
CascadeChildWindows
CascadeWindows
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
ChangeWindowMessageFilter
ChangeWindowMessageFilterEx
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextA
CharNextExA
CharNextW
CharPrevA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckBannedOneCoreTransformApi
CheckDBCSEnabledExt
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem
CheckProcessForClipboardAccess
CheckProcessSession
CheckRadioButton
CheckWindowThreadDesktop
ChildWindowFromPoint
ChildWindowFromPointEx
CliImmSetHotKey
ClientThreadSetup
ClientToScreen
ClipCursor
CloseClipboard
CloseDesktop
CloseGestureInfoHandle
CloseTouchInputHandle
CloseWindow
CloseWindowStation
ConsoleControl
ControlMagnification
CopyAcceleratorTableA
CopyAcceleratorTableW
CopyIcon
CopyImage
CopyRect
CountClipboardFormats
CreateAcceleratorTableA
CreateAcceleratorTableW
CreateCaret
CreateCursor
CreateDCompositionHwndTarget
CreateDesktopA
CreateDesktopExA
CreateDesktopExW
CreateDesktopW
CreateDialogIndirectParamA
CreateDialogIndirectParamAorW
CreateDialogIndirectParamW
CreateDialogParamA
CreateDialogParamW
CreateIcon
CreateIconFromResource
CreateIconFromResourceEx
CreateIconIndirect
CreateMDIWindowA
CreateMDIWindowW
CreateMenu
CreatePopupMenu
CreateSyntheticPointerDevice
CreateSystemThreads
CreateWindowExA
CreateWindowExW
CreateWindowInBand
CreateWindowInBandEx
CreateWindowIndirect
CreateWindowStationA
CreateWindowStationW
CsrBroadcastSystemMessageExW
CtxInitUser32
DdeAbandonTransaction
DdeAccessData
DdeAddData
DdeClientTransaction
DdeCmpStringHandles
DdeConnect
DdeConnectList
DdeCreateDataHandle
DdeCreateStringHandleA
DdeCreateStringHandleW
DdeDisconnect
DdeDisconnectList
DdeEnableCallback
DdeFreeDataHandle
DdeFreeStringHandle
DdeGetData
DdeGetLastError
DdeGetQualityOfService
DdeImpersonateClient
DdeInitializeA
DdeInitializeW
DdeKeepStringHandle
DdeNameService
DdePostAdvise
DdeQueryConvInfo
DdeQueryNextServer
DdeQueryStringA
DdeQueryStringW
DdeReconnect
DdeSetQualityOfService
DdeSetUserHandle
DdeUnaccessData
DdeUninitialize
DefDlgProcA
DefDlgProcW
DefFrameProcA
DefFrameProcW
DefMDIChildProcA
DefMDIChildProcW
DefRawInputProc
DefWindowProcA
DefWindowProcW
DeferWindowPos
DeferWindowPosAndBand
DelegateInput
DeleteMenu
DeregisterShellHookWindow
DestroyAcceleratorTable
DestroyCaret
DestroyCursor
DestroyDCompositionHwndTarget
DestroyIcon
DestroyMenu
DestroyReasons
DestroySyntheticPointerDevice
DestroyWindow
DialogBoxIndirectParamA
DialogBoxIndirectParamAorW
DialogBoxIndirectParamW
DialogBoxParamA
DialogBoxParamW
DisableProcessWindowsGhosting
DispatchMessageA
DispatchMessageW
DisplayConfigGetDeviceInfo
DisplayConfigSetDeviceInfo
DisplayExitWindowsWarnings
DlgDirListA
DlgDirListComboBoxA
DlgDirListComboBoxW
DlgDirListW
DlgDirSelectComboBoxExA
DlgDirSelectComboBoxExW
DlgDirSelectExA
DlgDirSelectExW
DoSoundConnect
DoSoundDisconnect
DragDetect
DragObject
DrawAnimatedRects
DrawCaption
DrawCaptionTempA
DrawCaptionTempW
DrawEdge
DrawFocusRect
DrawFrame
DrawFrameControl
DrawIcon
DrawIconEx
DrawMenuBar
DrawMenuBarTemp
DrawStateA
DrawStateW
DrawTextA
DrawTextExA
DrawTextExW
DrawTextW
DwmGetDxRgn
DwmGetDxSharedSurface
DwmGetRemoteSessionOcclusionEvent
DwmGetRemoteSessionOcclusionState
DwmKernelShutdown
DwmKernelStartup
DwmLockScreenUpdates
DwmValidateWindow
EditWndProc
EmptyClipboard
EnableMenuItem
EnableMouseInPointer
EnableNonClientDpiScaling
EnableOneCoreTransformMode
EnableScrollBar
EnableSessionForMMCSS
EnableWindow
EndDeferWindowPos
EndDeferWindowPosEx
EndDialog
EndMenu
EndPaint
EndTask
EnterReaderModeHelper
EnumChildWindows
EnumClipboardFormats
EnumDesktopWindows
EnumDesktopsA
EnumDesktopsW
EnumDisplayDevicesA
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsA
EnumDisplaySettingsExA
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumPropsA
EnumPropsExA
EnumPropsExW
EnumPropsW
EnumThreadWindows
EnumWindowStationsA
EnumWindowStationsW
EnumWindows
EqualRect
EvaluateProximityToPolygon
EvaluateProximityToRect
ExcludeUpdateRgn
ExitWindowsEx
FillRect
FindWindowA
FindWindowExA
FindWindowExW
FindWindowW
FlashWindow
FlashWindowEx
FrameRect
FreeDDElParam
FrostCrashedWindow
GetActiveWindow
GetAltTabInfo
GetAltTabInfoA
GetAltTabInfoW
GetAncestor
GetAppCompatFlags
GetAppCompatFlags2
GetAsyncKeyState
GetAutoRotationState
GetAwarenessFromDpiAwarenessContext
GetCIMSSM
GetCapture
GetCaretBlinkTime
GetCaretPos
GetClassInfoA
GetClassInfoExA
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongPtrA
GetClassLongPtrW
GetClassLongW
GetClassNameA
GetClassNameW
GetClassWord
GetClientRect
GetClipCursor
GetClipboardAccessToken
GetClipboardData
GetClipboardFormatNameA
GetClipboardFormatNameW
GetClipboardMetadata
GetClipboardOwner
GetClipboardSequenceNumber
GetClipboardViewer
GetComboBoxInfo
GetCurrentInputMessageSource
GetCursor
GetCursorFrameInfo
GetCursorInfo
GetCursorPos
GetDC
GetDCEx
GetDCompositionHwndBitmap
GetDesktopID
GetDesktopWindow
GetDialogBaseUnits
GetDialogControlDpiChangeBehavior
GetDialogDpiChangeBehavior
GetDisplayAutoRotationPreferences
GetDisplayConfigBufferSizes
GetDlgCtrlID
GetDlgItem
GetDlgItemInt
GetDlgItemTextA
GetDlgItemTextW
GetDoubleClickTime
GetDpiAwarenessContextForProcess
GetDpiForMonitorInternal
GetDpiForSystem
GetDpiForWindow
GetDpiFromDpiAwarenessContext
GetExtendedPointerDeviceProperty
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetGestureConfig
GetGestureExtraArgs
GetGestureInfo
GetGuiResources
GetIconInfo
GetIconInfoExA
GetIconInfoExW
GetInputDesktop
GetInputLocaleInfo
GetInputState
GetInternalWindowPos
GetKBCodePage
GetKeyNameTextA
GetKeyNameTextW
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetKeyboardLayoutNameW
GetKeyboardState
GetKeyboardType
GetLastActivePopup
GetLastInputInfo
GetLayeredWindowAttributes
GetListBoxInfo
GetMagnificationDesktopColorEffect
GetMagnificationDesktopMagnification
GetMagnificationDesktopSamplingMode
GetMagnificationLensCtxInformation
GetMenu
GetMenuBarInfo
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuDefaultItem
GetMenuInfo
GetMenuItemCount
GetMenuItemID
GetMenuItemInfoA
GetMenuItemInfoW
GetMenuItemRect
GetMenuState
GetMenuStringA
GetMenuStringW
GetMessageA
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoA
GetMonitorInfoW
GetMouseMovePointsEx
GetNextDlgGroupItem
GetNextDlgTabItem
GetOpenClipboardWindow
GetParent
GetPhysicalCursorPos
GetPointerCursorId
GetPointerDevice
GetPointerDeviceCursors
GetPointerDeviceInputSpace
GetPointerDeviceOrientation
GetPointerDeviceProperties
GetPointerDeviceRects
GetPointerDevices
GetPointerFrameArrivalTimes
GetPointerFrameInfo
GetPointerFrameInfoHistory
GetPointerFramePenInfo
GetPointerFramePenInfoHistory
GetPointerFrameTimes
GetPointerFrameTouchInfo
GetPointerFrameTouchInfoHistory
GetPointerInfo
GetPointerInfoHistory
GetPointerInputTransform
GetPointerPenInfo
GetPointerPenInfoHistory
GetPointerTouchInfo
GetPointerTouchInfoHistory
GetPointerType
GetPriorityClipboardFormat
GetProcessDefaultLayout
GetProcessDpiAwarenessInternal
GetProcessUIContextInformation
GetProcessWindowStation
GetProgmanWindow
GetPropA
GetPropW
GetQueueStatus
GetRawInputBuffer
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetRawPointerDeviceData
GetReasonTitleFromReasonCode
GetRegisteredRawInputDevices
GetScrollBarInfo
GetScrollInfo
GetScrollPos
GetScrollRange
GetSendMessageReceiver
GetShellChangeNotifyWindow
GetShellWindow
GetSubMenu
GetSysColor
GetSysColorBrush
GetSystemDpiForProcess
GetSystemMenu
GetSystemMetrics
GetSystemMetricsForDpi
GetTabbedTextExtentA
GetTabbedTextExtentW
GetTaskmanWindow
GetThreadDesktop
GetThreadDpiAwarenessContext
GetThreadDpiHostingBehavior
GetTitleBarInfo
GetTopLevelWindow
GetTopWindow
GetTouchInputInfo
GetUnpredictedMessagePos
GetUpdateRect
GetUpdateRgn
GetUpdatedClipboardFormats
GetUserObjectInformationA
GetUserObjectInformationW
GetUserObjectSecurity
GetWinStationInfo
GetWindow
GetWindowBand
GetWindowCompositionAttribute
GetWindowCompositionInfo
GetWindowContextHelpId
GetWindowDC
GetWindowDisplayAffinity
GetWindowDpiAwarenessContext
GetWindowDpiHostingBehavior
GetWindowFeedbackSetting
GetWindowInfo
GetWindowLongA
GetWindowLongPtrA
GetWindowLongPtrW
GetWindowLongW
GetWindowMinimizeRect
GetWindowModuleFileName
GetWindowModuleFileNameA
GetWindowModuleFileNameW
GetWindowPlacement
GetWindowProcessHandle
GetWindowRect
GetWindowRgn

Sections

.text
Size: 592KB - Virtual size: 591KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 4KB - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 932KB - Virtual size: 931KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a1aa8e6380e273c50b16267cd686a857

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

libgcc_s_seh-1

gdi32

kernel32

msvcrt

shell32

libstdc++-6

user32

libvmime

Sections

.text Size: 272KB - Virtual size: 272KB

.data Size: 1KB - Virtual size: 1KB

.rdata Size: 19KB - Virtual size: 19KB

.pdata Size: 22KB - Virtual size: 21KB

.xdata Size: 25KB - Virtual size: 25KB

.bss Size: - Virtual size: 3KB

.idata Size: 16KB - Virtual size: 16KB

.CRT Size: 512B - Virtual size: 96B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1024B - Virtual size: 728B

/4 Size: 2KB - Virtual size: 1KB

/19 Size: 89KB - Virtual size: 89KB

/31 Size: 15KB - Virtual size: 15KB

/45 Size: 38KB - Virtual size: 38KB

/57 Size: 7KB - Virtual size: 7KB

/70 Size: 1KB - Virtual size: 1KB

/81 Size: 10KB - Virtual size: 10KB

/97 Size: 40KB - Virtual size: 40KB

/113 Size: 2KB - Virtual size: 1KB

dc649ce6dc3a3e76d55574e45a065b48

Code Sign

33:00:00:06:ad:ac:dd:3c:98:83:5e:29:49:00:00:00:00:06:adCertificate

Extended Key Usages

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03Certificate

Key Usages

a8:5b:d0:6a:c4:98:7a:6f:82:4e:2f:4e:9f:05:96:c2:4a:0c:28:32:04:38:da:08:ba:fa:f4:fe:08:b7:a5:82Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

ntdll

api-ms-win-eventing-controller-l1-1-0

api-ms-win-eventing-consumer-l1-1-0

api-ms-win-eventing-consumer-l1-1-1

kernelbase

sechost

api-ms-win-service-core-l1-1-0

api-ms-win-service-core-l1-1-1

api-ms-win-service-core-l1-1-2

api-ms-win-service-management-l1-1-0

api-ms-win-service-management-l2-1-0

api-ms-win-service-private-l1-1-4

api-ms-win-service-private-l1-1-2

api-ms-win-service-private-l1-1-3

api-ms-win-service-private-l1-1-0

api-ms-win-service-winsvc-l1-1-0

api-ms-win-core-namedpipe-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-security-base-l1-1-0

api-ms-win-security-base-private-l1-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-registry-l1-1-1

api-ms-win-core-registry-l1-1-2

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-sysinfo-l1-2-0

kernel32

.text
Size: 272KB - Virtual size: 272KB

.data
Size: 1KB - Virtual size: 1KB

.rdata
Size: 19KB - Virtual size: 19KB

.pdata
Size: 22KB - Virtual size: 21KB

.xdata
Size: 25KB - Virtual size: 25KB

.bss
Size: - Virtual size: 3KB

.idata
Size: 16KB - Virtual size: 16KB

.CRT
Size: 512B - Virtual size: 96B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1024B - Virtual size: 728B

/4
Size: 2KB - Virtual size: 1KB

/19
Size: 89KB - Virtual size: 89KB

/31
Size: 15KB - Virtual size: 15KB

/45
Size: 38KB - Virtual size: 38KB

/57
Size: 7KB - Virtual size: 7KB

/70
Size: 1KB - Virtual size: 1KB

/81
Size: 10KB - Virtual size: 10KB

/97
Size: 40KB - Virtual size: 40KB

/113
Size: 2KB - Virtual size: 1KB

33:00:00:06:ad:ac:dd:3c:98:83:5e:29:49:00:00:00:00:06:ad
Certificate

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

a8:5b:d0:6a:c4:98:7a:6f:82:4e:2f:4e:9f:05:96:c2:4a:0c:28:32:04:38:da:08:ba:fa:f4:fe:08:b7:a5:82
Signer

.text
Size: 424KB - Virtual size: 420KB

.rdata
Size: 224KB - Virtual size: 220KB

.data
Size: 12KB - Virtual size: 17KB

.pdata
Size: 20KB - Virtual size: 17KB

.didat
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB

33:00:00:06:ad:ac:dd:3c:98:83:5e:29:49:00:00:00:00:06:ad
Certificate

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

e4:bc:a1:b3:7c:97:83:9f:79:66:ad:28:ab:0e:87:e1:68:4d:93:71:4a:c9:38:a7:37:3d:10:55:52:bd:d2:4a
Signer

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 80KB - Virtual size: 79KB

.data
Size: 4KB - Virtual size: 2KB

.pdata
Size: 4KB - Virtual size: 3KB

.didat
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 984B

.reloc
Size: 4KB - Virtual size: 1KB

33:00:00:06:b8:50:40:1d:a7:12:d7:e1:1e:00:00:00:00:06:b8
Certificate

33:00:00:00:03:c6:f9:b4:c3:ae:be:59:4b:00:00:00:00:00:03
Certificate

26:2f:2f:94:f1:c7:3a:d9:15:f8:c9:52:7c:c0:dc:fc:7a:9e:ce:e1:c3:a7:50:ab:9c:4b:91:ac:7c:00:13:ea
Signer