roblox-dissector[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

roblox-dissector.zip
Size

14.1MB
MD5

7c720baf4297486f89463f08b19603e4
SHA1

c4488d7388dff2fc791d0f432ffa28fbd12d9e78
SHA256

7efba305d92eea7fc5b33ef73d6910f0a7b49793c3979148b53da13fc18892fa
SHA512

308c8decf5d4058373cc3840d319d8e94576920d27b471272373d0058d0597eaa03e102c35195eacfdf66101d6361afc7b03c4f4cd1bbefaaca6ef3b601d83da
SSDEEP

393216:AoVmgHq2rBFDp2PUOHJDUcmAd/Huie6JXgOAHTWphEFrDfP:AapB/ZOHJDUcmWmFZQExzP

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/WinDivert.dll
unpack001/roblox-dissector.exe

Files

roblox-dissector.zip
.zip
WinDivert.dll
.dll windows:4 windows x64 arch:x64

0b649f8e17494bb31b47f6e959a1769c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CloseServiceHandle
CreateServiceW
DeleteService
OpenSCManagerW
OpenServiceW
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegSetValueExW
StartServiceW

kernel32

CloseHandle
CreateEventW
CreateFileW
CreateMutexW
DeviceIoControl
GetLastError
GetModuleFileNameW
GetOverlappedResult
HeapAlloc
HeapCreate
HeapDestroy
ReleaseMutex
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WaitForSingleObject

Exports

Exports

WinDivertClose
WinDivertGetParam
WinDivertHelperCalcChecksums
WinDivertHelperCompileFilter
WinDivertHelperDecrementTTL
WinDivertHelperEvalFilter
WinDivertHelperFormatFilter
WinDivertHelperFormatIPv4Address
WinDivertHelperFormatIPv6Address
WinDivertHelperHashPacket
WinDivertHelperHtonIPv6Address
WinDivertHelperHtonIpv6Address
WinDivertHelperHtonl
WinDivertHelperHtonll
WinDivertHelperHtons
WinDivertHelperNtohIPv6Address
WinDivertHelperNtohIpv6Address
WinDivertHelperNtohl
WinDivertHelperNtohll
WinDivertHelperNtohs
WinDivertHelperParseIPv4Address
WinDivertHelperParseIPv6Address
WinDivertHelperParsePacket
WinDivertOpen
WinDivertRecv
WinDivertRecvEx
WinDivertSend
WinDivertSendEx
WinDivertSetParam
WinDivertShutdown

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WinDivert64.sys
.sys windows:10 windows x64 arch:x64

505c54af7fa8f0482014ca4fe5cdd53d

Code Sign

f4:8b:a9:cb:78:dd:96:f2:dc:60:2f:ef:35:68:c9:2a
Certificate

Issuer

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

13/10/2017, 00:00

Not After

12/10/2020, 23:59

Subject

SERIALNUMBER=8313827,CN=Cloudveil Technology Inc.,O=Cloudveil Technology Inc.,POSTALCODE=67107,STREET=100 Ave C,L=Moundridge,ST=Kansas,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13064b616e736173,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

03/12/2014, 00:00

Not After

02/12/2029, 23:59

Subject

CN=COMODO RSA Extended Validation Code Signing CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

01/08/2030, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #1,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:31:94:79:a3:18:f5:52:2d:06:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

05/06/2019, 18:34

Not After

03/06/2020, 18:34

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/10/2014, 20:31

Not After

15/10/2029, 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:28:bf:92:4d:da:52:a7:8d:1d:5e:42:49:58:10:79:54:b9:1b:20:4d:70:75:56:77:34:96:94:0a:13:9c:2e
Signer

Actual PE Digest

22:28:bf:92:4d:da:52:a7:8d:1d:5e:42:49:58:10:79:54:b9:1b:20:4d:70:75:56:77:34:96:94:0a:13:9c:2e

Digest Algorithm

sha256

PE Digest Matches

true

22:28:bf:92:4d:da:52:a7:8d:1d:5e:42:49:58:10:79:54:b9:1b:20:4d:70:75:56:77:34:96:94:0a:13:9c:2e
Signer

Actual PE Digest

22:28:bf:92:4d:da:52:a7:8d:1d:5e:42:49:58:10:79:54:b9:1b:20:4d:70:75:56:77:34:96:94:0a:13:9c:2e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\WinDivert\install\MSVC\amd64\WinDivert64.pdb

Imports

ntoskrnl.exe

ExFreePoolWithTag
MmBuildMdlForNonPagedPool
MmMapLockedPagesSpecifyCache
IoAllocateErrorLogEntry
IoAllocateMdl
IoFreeMdl
IoGetCurrentProcess
IoWriteErrorLogEntry
RtlCopyUnicodeString
ObfReferenceObject
ObfDereferenceObject
KeBugCheckEx
IoGetRequestorProcess
PsGetProcessId
ExUuidCreate
ExAllocatePoolWithTag
KeReleaseInStackQueuedSpinLock
KeAcquireInStackQueuedSpinLock
RtlGetVersion
RtlIntegerToUnicodeString

hal

KeQueryPerformanceCounter

ndis.sys

NdisAllocateNetBufferPool
NdisFreeNetBufferPool
NdisAllocateNetBufferListPool
NdisFreeNetBufferListPool
NdisGetDataBuffer
NdisAdvanceNetBufferDataStart
NdisRetreatNetBufferDataStart

fwpkclnt.sys

FwpsAllocateNetBufferAndNetBufferList0
FwpmFilterDeleteByKey0
FwpmFilterAdd0
FwpmCalloutDeleteByKey0
FwpmCalloutAdd0
FwpmSubLayerDeleteByKey0
FwpmSubLayerAdd0
FwpmTransactionAbort0
FwpmTransactionCommit0
FwpmTransactionBegin0
FwpmEngineClose0
FwpmEngineOpen0
FwpsQueryPacketInjectionState0
FwpsInjectNetworkReceiveAsync0
FwpsInjectForwardAsync0
FwpsInjectNetworkSendAsync0
FwpsCalloutRegister0
FwpsCalloutUnregisterByKey0
FwpsFlowAssociateContext0
FwpsFlowRemoveContext0
FwpsInjectionHandleCreate0
FwpsInjectionHandleDestroy0
FwpsFreeNetBufferList0

wdfldr.sys

WdfVersionBind
WdfVersionBindClass
WdfVersionUnbindClass
WdfVersionUnbind

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
res/app-icon.ico
res/dissectorwindow.ui
.xml
res/instancebrowser.ui
.xml
res/interfaceselector.ui
.xml
res/packetdetailsviewer.ui
.xml
res/propeventviewer.ui
.xml
res/serverstartwidget.ui
.xml
roblox-dissector.exe
.exe windows:6 windows x64 arch:x64

beeaac6f783850e322523b30820cad34

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateIoCompletionPort
CreateThread
CreateWaitableTimerA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FormatMessageA
FreeEnvironmentStringsW
GetConsoleMode
GetEnvironmentStringsW
GetLastError
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatus
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetThreadContext
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MultiByteToWideChar
PostQueuedCompletionStatus
ResumeThread
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetProcessPriorityBoost
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsGetValue
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_assert
_beginthread
_cexit
_commode
_errno
_fmode
_initterm
_lock
_onexit
_unlock
abort
calloc
clock
exit
fflush
fprintf
fputc
free
fwrite
localeconv
malloc
memcmp
memcpy
memmove
memset
qsort
signal
strerror
strlen
strncmp
vfprintf
wcslen

libcairo-gobject-2

cairo_gobject_antialias_get_type
cairo_gobject_content_get_type
cairo_gobject_context_get_type
cairo_gobject_fill_rule_get_type
cairo_gobject_line_cap_get_type
cairo_gobject_line_join_get_type
cairo_gobject_operator_get_type
cairo_gobject_status_get_type
cairo_gobject_surface_get_type
cairo_gobject_surface_type_get_type

libcairo-2

cairo_arc
cairo_arc_negative
cairo_clip
cairo_clip_extents
cairo_clip_preserve
cairo_close_path
cairo_copy_page
cairo_create
cairo_curve_to
cairo_destroy
cairo_device_to_user
cairo_device_to_user_distance
cairo_fill
cairo_fill_extents
cairo_fill_preserve
cairo_font_extents
cairo_format_stride_for_width
cairo_get_antialias
cairo_get_current_point
cairo_get_dash
cairo_get_dash_count
cairo_get_fill_rule
cairo_get_group_target
cairo_get_line_cap
cairo_get_line_join
cairo_get_line_width
cairo_get_matrix
cairo_get_miter_limit
cairo_get_operator
cairo_get_target
cairo_get_tolerance
cairo_identity_matrix
cairo_image_surface_create
cairo_image_surface_create_for_data
cairo_image_surface_create_from_png
cairo_image_surface_get_data
cairo_image_surface_get_height
cairo_image_surface_get_width
cairo_in_clip
cairo_in_fill
cairo_in_stroke
cairo_line_to
cairo_mask_surface
cairo_matrix_init_identity
cairo_matrix_init_rotate
cairo_matrix_init_scale
cairo_matrix_init_translate
cairo_matrix_invert
cairo_matrix_multiply
cairo_matrix_rotate
cairo_matrix_scale
cairo_matrix_transform_distance
cairo_matrix_transform_point
cairo_matrix_translate
cairo_move_to
cairo_new_path
cairo_paint
cairo_paint_with_alpha
cairo_pattern_add_color_stop_rgb
cairo_pattern_add_color_stop_rgba
cairo_pattern_create_for_surface
cairo_pattern_create_linear
cairo_pattern_create_radial
cairo_pattern_create_rgb
cairo_pattern_create_rgba
cairo_pattern_destroy
cairo_pattern_reference
cairo_pattern_status
cairo_pdf_surface_create
cairo_pop_group_to_source
cairo_push_group
cairo_push_group_with_content
cairo_rectangle
cairo_reference
cairo_reset_clip
cairo_restore
cairo_rotate
cairo_save
cairo_scale
cairo_select_font_face
cairo_set_antialias
cairo_set_dash
cairo_set_fill_rule
cairo_set_font_size
cairo_set_line_cap
cairo_set_line_join
cairo_set_line_width
cairo_set_matrix
cairo_set_miter_limit
cairo_set_operator
cairo_set_source
cairo_set_source_rgb
cairo_set_source_rgba
cairo_set_source_surface
cairo_set_tolerance
cairo_show_page
cairo_show_text
cairo_status
cairo_stroke
cairo_stroke_extents
cairo_stroke_preserve
cairo_surface_copy_page
cairo_surface_create_for_rectangle
cairo_surface_create_similar
cairo_surface_destroy
cairo_surface_flush
cairo_surface_get_device_offset
cairo_surface_get_fallback_resolution
cairo_surface_get_mime_data
cairo_surface_get_type
cairo_surface_has_show_text_glyphs
cairo_surface_mark_dirty
cairo_surface_mark_dirty_rectangle
cairo_surface_reference
cairo_surface_set_device_offset
cairo_surface_set_fallback_resolution
cairo_surface_show_page
cairo_surface_status
cairo_surface_write_to_png
cairo_text_extents
cairo_transform
cairo_translate
cairo_user_to_device
cairo_user_to_device_distance

libfontconfig-1

FcConfigAppFontAddFile
FcConfigGetCurrent

libgdk-3-0

gdk_atom_intern
gdk_atom_name
gdk_cairo_set_source_pixbuf
gdk_cursor_get_type
gdk_cursor_new_from_name
gdk_device_get_position
gdk_device_get_type
gdk_device_manager_get_display
gdk_device_manager_get_type
gdk_display_beep
gdk_display_close
gdk_display_device_is_grabbed
gdk_display_flush
gdk_display_get_default
gdk_display_get_default_cursor_size
gdk_display_get_default_group
gdk_display_get_default_screen
gdk_display_get_default_seat
gdk_display_get_event
gdk_display_get_maximal_cursor_size
gdk_display_get_monitor
gdk_display_get_monitor_at_point
gdk_display_get_monitor_at_window
gdk_display_get_n_monitors
gdk_display_get_name
gdk_display_get_primary_monitor
gdk_display_get_type
gdk_display_has_pending
gdk_display_is_closed
gdk_display_notify_startup_complete
gdk_display_open
gdk_display_peek_event
gdk_display_put_event
gdk_display_request_selection_notification
gdk_display_set_double_click_distance
gdk_display_set_double_click_time
gdk_display_supports_clipboard_persistence
gdk_display_supports_cursor_alpha
gdk_display_supports_cursor_color
gdk_display_supports_input_shapes
gdk_display_supports_selection_notification
gdk_display_supports_shapes
gdk_display_sync
gdk_drag_action_get_type
gdk_drag_context_get_type
gdk_drag_context_list_targets
gdk_event_free
gdk_event_get_type
gdk_event_mask_get_type
gdk_event_type_get_type
gdk_frame_clock_begin_updating
gdk_frame_clock_end_updating
gdk_frame_clock_get_current_timings
gdk_frame_clock_get_frame_counter
gdk_frame_clock_get_frame_time
gdk_frame_clock_get_history_start
gdk_frame_clock_get_refresh_info
gdk_frame_clock_get_timings
gdk_frame_clock_get_type
gdk_frame_clock_phase_get_type
gdk_frame_clock_request_phase
gdk_frame_timings_get_complete
gdk_frame_timings_get_frame_counter
gdk_frame_timings_get_frame_time
gdk_frame_timings_get_predicted_presentation_time
gdk_frame_timings_get_presentation_time
gdk_frame_timings_get_refresh_interval
gdk_frame_timings_get_type
gdk_frame_timings_ref
gdk_frame_timings_unref
gdk_gl_context_clear_current
gdk_gl_context_get_current
gdk_gl_context_get_debug_enabled
gdk_gl_context_get_display
gdk_gl_context_get_forward_compatible
gdk_gl_context_get_required_version
gdk_gl_context_get_shared_context
gdk_gl_context_get_type
gdk_gl_context_get_use_es
gdk_gl_context_get_version
gdk_gl_context_get_window
gdk_gl_context_is_legacy
gdk_gl_context_make_current
gdk_gl_context_realize
gdk_gl_context_set_debug_enabled
gdk_gl_context_set_forward_compatible
gdk_gl_context_set_required_version
gdk_gl_context_set_use_es
gdk_gravity_get_type
gdk_keymap_get_caps_lock_state
gdk_keymap_get_for_display
gdk_keymap_get_modifier_state
gdk_keymap_get_num_lock_state
gdk_keymap_get_scroll_lock_state
gdk_keymap_get_type
gdk_keymap_have_bidi_layouts
gdk_keymap_translate_keyboard_state
gdk_keyval_convert_case
gdk_keyval_from_name
gdk_keyval_is_lower
gdk_keyval_is_upper
gdk_keyval_to_lower
gdk_keyval_to_unicode
gdk_keyval_to_upper
gdk_modifier_type_get_type
gdk_monitor_get_display
gdk_monitor_get_geometry
gdk_monitor_get_height_mm
gdk_monitor_get_manufacturer
gdk_monitor_get_model
gdk_monitor_get_refresh_rate
gdk_monitor_get_scale_factor
gdk_monitor_get_subpixel_layout
gdk_monitor_get_type
gdk_monitor_get_width_mm
gdk_monitor_get_workarea
gdk_monitor_is_primary
gdk_pixbuf_get_from_surface
gdk_pixbuf_get_from_window
gdk_rgba_get_type
gdk_rgba_parse
gdk_rgba_to_string
gdk_screen_get_default
gdk_screen_get_display
gdk_screen_get_resolution
gdk_screen_get_rgba_visual
gdk_screen_get_root_window
gdk_screen_get_system_visual
gdk_screen_get_type
gdk_screen_is_composited
gdk_screen_set_resolution
gdk_seat_get_pointer
gdk_set_allowed_backends
gdk_subpixel_layout_get_type
gdk_test_render_sync
gdk_test_simulate_button
gdk_test_simulate_key
gdk_unicode_to_keyval
gdk_visual_get_type
gdk_window_get_device_position
gdk_window_get_height
gdk_window_get_pass_through
gdk_window_get_type
gdk_window_get_width
gdk_window_set_cursor
gdk_window_set_pass_through

libgdk_pixbuf-2.0-0

gdk_colorspace_get_type
gdk_interp_type_get_type
gdk_pixbuf_alpha_mode_get_type
gdk_pixbuf_animation_get_type
gdk_pixbuf_animation_new_from_file
gdk_pixbuf_apply_embedded_orientation
gdk_pixbuf_copy
gdk_pixbuf_flip
gdk_pixbuf_format_get_description
gdk_pixbuf_format_get_extensions
gdk_pixbuf_format_get_license
gdk_pixbuf_format_get_mime_types
gdk_pixbuf_format_get_name
gdk_pixbuf_get_bits_per_sample
gdk_pixbuf_get_byte_length
gdk_pixbuf_get_colorspace
gdk_pixbuf_get_file_info
gdk_pixbuf_get_formats
gdk_pixbuf_get_has_alpha
gdk_pixbuf_get_height
gdk_pixbuf_get_n_channels
gdk_pixbuf_get_option
gdk_pixbuf_get_pixels_with_length
gdk_pixbuf_get_rowstride
gdk_pixbuf_get_type
gdk_pixbuf_get_width
gdk_pixbuf_loader_close
gdk_pixbuf_loader_get_animation
gdk_pixbuf_loader_get_pixbuf
gdk_pixbuf_loader_get_type
gdk_pixbuf_loader_new
gdk_pixbuf_loader_new_with_type
gdk_pixbuf_loader_set_size
gdk_pixbuf_loader_write
gdk_pixbuf_new
gdk_pixbuf_new_from_bytes
gdk_pixbuf_new_from_data
gdk_pixbuf_new_from_file
gdk_pixbuf_new_from_file_at_scale
gdk_pixbuf_new_from_file_at_size
gdk_pixbuf_rotate_simple
gdk_pixbuf_save_utf8
gdk_pixbuf_scale_simple

libgio-2.0-0

g_action_activate
g_action_change_state
g_action_get_enabled
g_action_get_name
g_action_get_parameter_type
g_action_get_state
g_action_get_state_hint
g_action_get_state_type
g_action_get_type
g_action_group_activate_action
g_action_group_change_action_state
g_action_group_get_action_enabled
g_action_group_get_action_parameter_type
g_action_group_get_action_state
g_action_group_get_action_state_hint
g_action_group_get_action_state_type
g_action_group_get_type
g_action_group_has_action
g_action_map_add_action
g_action_map_get_type
g_action_map_lookup_action
g_action_map_remove_action
g_action_name_is_valid
g_application_activate
g_application_get_application_id
g_application_get_dbus_object_path
g_application_get_default
g_application_get_flags
g_application_get_inactivity_timeout
g_application_get_is_busy
g_application_get_is_registered
g_application_get_is_remote
g_application_get_resource_base_path
g_application_get_type
g_application_hold
g_application_id_is_valid
g_application_mark_busy
g_application_new
g_application_quit
g_application_release
g_application_run
g_application_send_notification
g_application_set_application_id
g_application_set_default
g_application_set_flags
g_application_set_inactivity_timeout
g_application_set_resource_base_path
g_application_unmark_busy
g_application_withdraw_notification
g_async_result_get_source_object
g_async_result_get_type
g_async_result_get_user_data
g_async_result_is_tagged
g_async_result_legacy_propagate_error
g_cancellable_get_fd
g_cancellable_get_type
g_cancellable_is_cancelled
g_cancellable_new
g_cancellable_release_fd
g_cancellable_set_error_if_cancelled
g_cancellable_source_new
g_file_get_type
g_file_icon_get_type
g_file_icon_new
g_file_new_for_path
g_keyfile_settings_backend_new
g_list_model_get_item
g_list_model_get_item_type
g_list_model_get_n_items
g_list_model_get_object
g_list_model_get_type
g_list_model_items_changed
g_list_store_append
g_list_store_get_type
g_list_store_insert
g_list_store_insert_sorted
g_list_store_new
g_list_store_remove
g_list_store_sort
g_list_store_splice
g_memory_settings_backend_new
g_menu_append
g_menu_append_item
g_menu_append_section
g_menu_append_submenu
g_menu_freeze
g_menu_get_type
g_menu_insert
g_menu_insert_item
g_menu_insert_section
g_menu_insert_submenu
g_menu_item_get_attribute_value
g_menu_item_get_link
g_menu_item_get_type
g_menu_item_new
g_menu_item_new_from_model
g_menu_item_new_section
g_menu_item_new_submenu
g_menu_item_set_action_and_target_value
g_menu_item_set_attribute_value
g_menu_item_set_detailed_action
g_menu_item_set_label
g_menu_item_set_link
g_menu_item_set_section
g_menu_item_set_submenu
g_menu_model_get_item_link
g_menu_model_get_n_items
g_menu_model_get_type
g_menu_model_is_mutable
g_menu_model_items_changed
g_menu_new
g_menu_prepend
g_menu_prepend_item
g_menu_prepend_section
g_menu_prepend_submenu
g_menu_remove
g_menu_remove_all
g_notification_add_button
g_notification_get_type
g_notification_new
g_notification_set_body
g_notification_set_default_action
g_notification_set_icon
g_notification_set_priority
g_notification_set_title
g_null_settings_backend_new
g_permission_acquire
g_permission_acquire_async
g_permission_acquire_finish
g_permission_get_allowed
g_permission_get_can_acquire
g_permission_get_can_release
g_permission_get_type
g_permission_impl_update
g_permission_release
g_permission_release_async
g_permission_release_finish
g_property_action_get_type
g_property_action_new
g_settings_apply
g_settings_backend_get_default
g_settings_backend_get_type
g_settings_delay
g_settings_get_boolean
g_settings_get_child
g_settings_get_double
g_settings_get_enum
g_settings_get_flags
g_settings_get_has_unapplied
g_settings_get_int
g_settings_get_string
g_settings_get_strv
g_settings_get_type
g_settings_get_uint
g_settings_get_value
g_settings_is_writable
g_settings_list_children
g_settings_new
g_settings_new_full
g_settings_new_with_backend
g_settings_new_with_backend_and_path
g_settings_new_with_path
g_settings_reset
g_settings_revert
g_settings_schema_get_id
g_settings_schema_get_path
g_settings_schema_has_key
g_settings_schema_ref
g_settings_schema_source_get_default
g_settings_schema_source_list_schemas
g_settings_schema_source_lookup
g_settings_schema_source_new_from_directory
g_settings_schema_source_ref
g_settings_schema_source_unref
g_settings_schema_unref
g_settings_set_boolean
g_settings_set_double
g_settings_set_enum
g_settings_set_flags
g_settings_set_int
g_settings_set_string
g_settings_set_strv
g_settings_set_uint
g_settings_sync
g_simple_action_get_type
g_simple_action_group_get_type
g_simple_action_group_new
g_simple_action_new
g_simple_action_new_stateful
g_simple_action_set_enabled
g_simple_action_set_state
g_simple_action_set_state_hint

libglib-2.0-0

g_error_free
g_free
g_get_application_name
g_get_home_dir
g_get_user_cache_dir
g_get_user_config_dir
g_get_user_data_dir
g_get_user_runtime_dir
g_get_user_special_dir
g_idle_source_new
g_list_append
g_list_free
g_list_insert
g_list_length
g_list_nth
g_list_nth_data
g_list_prepend
g_main_context_default
g_main_context_find_source_by_id
g_main_context_iteration
g_main_context_pending
g_main_current_source
g_main_depth
g_malloc0
g_malloc0_n
g_set_application_name
g_slist_append
g_slist_free
g_slist_free_full
g_slist_length
g_source_attach
g_source_destroy
g_source_is_destroyed
g_source_ref
g_source_remove
g_source_unref
g_strfreev
g_timeout_source_new
g_variant_get_boolean
g_variant_get_byte
g_variant_get_int16
g_variant_get_int32
g_variant_get_int64
g_variant_get_objv
g_variant_get_string
g_variant_get_strv
g_variant_get_type
g_variant_get_type_string
g_variant_get_uint16
g_variant_get_uint32
g_variant_get_uint64
g_variant_get_variant
g_variant_is_container
g_variant_is_floating
g_variant_is_of_type
g_variant_new_boolean
g_variant_new_byte
g_variant_new_int16
g_variant_new_int32
g_variant_new_int64
g_variant_new_take_string
g_variant_new_uint16
g_variant_new_uint32
g_variant_new_uint64
g_variant_new_variant
g_variant_print
g_variant_ref
g_variant_ref_sink
g_variant_take_ref
g_variant_type_dup_string
g_variant_type_equal
g_variant_type_free
g_variant_type_is_subtype_of
g_variant_type_new
g_variant_type_string_is_valid
g_variant_unref

libgobject-2.0-0

g_binding_get_flags
g_binding_get_source
g_binding_get_source_property
g_binding_get_target
g_binding_get_target_property
g_binding_get_type
g_binding_unbind
g_cclosure_marshal_VOID__POINTER
g_closure_add_finalize_notifier
g_closure_invalidate
g_closure_new_simple
g_closure_set_marshal
g_object_bind_property
g_object_class_find_property
g_object_force_floating
g_object_get_property
g_object_is_floating
g_object_ref
g_object_ref_sink
g_object_set_property
g_object_unref
g_signal_connect_closure
g_signal_connect_data
g_signal_emitv
g_signal_handler_block
g_signal_handler_disconnect
g_signal_handler_unblock
g_signal_lookup
g_signal_new
g_signal_stop_emission_by_name
g_source_set_closure
g_type_check_instance_cast
g_type_check_is_value_type
g_type_check_value
g_type_depth
g_type_from_name
g_type_fundamental
g_type_is_a
g_type_name
g_type_next_base
g_type_parent
g_value_get_boolean
g_value_get_boxed
g_value_get_double
g_value_get_enum
g_value_get_flags
g_value_get_float
g_value_get_int
g_value_get_int64
g_value_get_long
g_value_get_object
g_value_get_pointer
g_value_get_schar
g_value_get_string
g_value_get_uchar
g_value_get_uint
g_value_get_uint64
g_value_get_ulong
g_value_init
g_value_set_boolean
g_value_set_double
g_value_set_float
g_value_set_instance
g_value_set_int
g_value_set_int64
g_value_set_pointer
g_value_set_schar
g_value_set_string
g_value_set_uchar
g_value_set_uint
g_value_set_uint64
g_value_unset

libgtk-3-0

gtk_about_dialog_add_credit_section
gtk_about_dialog_get_artists
gtk_about_dialog_get_authors
gtk_about_dialog_get_comments
gtk_about_dialog_get_copyright
gtk_about_dialog_get_documenters
gtk_about_dialog_get_license
gtk_about_dialog_get_license_type
gtk_about_dialog_get_logo
gtk_about_dialog_get_logo_icon_name
gtk_about_dialog_get_program_name
gtk_about_dialog_get_translator_credits
gtk_about_dialog_get_type
gtk_about_dialog_get_version
gtk_about_dialog_get_website
gtk_about_dialog_get_website_label
gtk_about_dialog_get_wrap_license
gtk_about_dialog_new
gtk_about_dialog_set_artists
gtk_about_dialog_set_authors
gtk_about_dialog_set_comments
gtk_about_dialog_set_copyright
gtk_about_dialog_set_documenters
gtk_about_dialog_set_license
gtk_about_dialog_set_license_type
gtk_about_dialog_set_logo
gtk_about_dialog_set_logo_icon_name
gtk_about_dialog_set_program_name
gtk_about_dialog_set_translator_credits
gtk_about_dialog_set_version
gtk_about_dialog_set_website
gtk_about_dialog_set_website_label
gtk_about_dialog_set_wrap_license
gtk_accel_flags_get_type
gtk_accel_group_activate
gtk_accel_group_connect
gtk_accel_group_connect_by_path
gtk_accel_group_disconnect
gtk_accel_group_disconnect_key
gtk_accel_group_from_accel_closure
gtk_accel_group_get_is_locked
gtk_accel_group_get_modifier_mask
gtk_accel_group_get_type
gtk_accel_group_lock
gtk_accel_group_new
gtk_accel_group_unlock
gtk_accel_groups_activate
gtk_accel_groups_from_object
gtk_accel_map_add_entry
gtk_accel_map_add_filter
gtk_accel_map_change_entry
gtk_accel_map_get
gtk_accel_map_get_type
gtk_accel_map_load
gtk_accel_map_load_fd
gtk_accel_map_lock_path
gtk_accel_map_lookup_entry
gtk_accel_map_save
gtk_accel_map_save_fd
gtk_accel_map_unlock_path
gtk_accelerator_get_default_mod_mask
gtk_accelerator_get_label
gtk_accelerator_name
gtk_accelerator_parse
gtk_accelerator_set_default_mod_mask
gtk_accelerator_valid
gtk_action_bar_get_center_widget
gtk_action_bar_get_type
gtk_action_bar_new
gtk_action_bar_pack_end
gtk_action_bar_pack_start
gtk_action_bar_set_center_widget
gtk_actionable_get_action_name
gtk_actionable_get_type
gtk_actionable_set_action_name
gtk_actionable_set_detailed_action_name
gtk_adjustment_configure
gtk_adjustment_get_lower
gtk_adjustment_get_minimum_increment
gtk_adjustment_get_page_increment
gtk_adjustment_get_page_size
gtk_adjustment_get_step_increment
gtk_adjustment_get_type
gtk_adjustment_get_upper
gtk_adjustment_get_value
gtk_adjustment_new
gtk_adjustment_set_lower
gtk_adjustment_set_page_increment
gtk_adjustment_set_page_size
gtk_adjustment_set_step_increment
gtk_adjustment_set_upper
gtk_adjustment_set_value
gtk_align_get_type
gtk_app_chooser_button_append_separator
gtk_app_chooser_button_get_heading
gtk_app_chooser_button_get_show_default_item
gtk_app_chooser_button_get_show_dialog_item
gtk_app_chooser_button_get_type
gtk_app_chooser_button_new
gtk_app_chooser_button_set_active_custom_item
gtk_app_chooser_button_set_heading
gtk_app_chooser_button_set_show_default_item
gtk_app_chooser_button_set_show_dialog_item
gtk_app_chooser_dialog_get_heading
gtk_app_chooser_dialog_get_type
gtk_app_chooser_dialog_get_widget
gtk_app_chooser_dialog_new
gtk_app_chooser_dialog_new_for_content_type
gtk_app_chooser_dialog_set_heading
gtk_app_chooser_get_content_type
gtk_app_chooser_get_type
gtk_app_chooser_refresh
gtk_app_chooser_widget_get_default_text
gtk_app_chooser_widget_get_show_all
gtk_app_chooser_widget_get_show_default
gtk_app_chooser_widget_get_show_fallback
gtk_app_chooser_widget_get_show_other
gtk_app_chooser_widget_get_show_recommended
gtk_app_chooser_widget_get_type
gtk_app_chooser_widget_new
gtk_app_chooser_widget_set_default_text
gtk_app_chooser_widget_set_show_all
gtk_app_chooser_widget_set_show_default
gtk_app_chooser_widget_set_show_fallback
gtk_app_chooser_widget_set_show_other
gtk_app_chooser_widget_set_show_recommended
gtk_application_add_window
gtk_application_get_accels_for_action
gtk_application_get_actions_for_accel
gtk_application_get_active_window
gtk_application_get_app_menu
gtk_application_get_menu_by_id
gtk_application_get_menubar
gtk_application_get_type
gtk_application_get_window_by_id
gtk_application_get_windows
gtk_application_inhibit
gtk_application_is_inhibited
gtk_application_list_action_descriptions
gtk_application_new
gtk_application_prefers_app_menu
gtk_application_remove_window
gtk_application_set_accels_for_action
gtk_application_set_app_menu
gtk_application_set_menubar
gtk_application_uninhibit
gtk_application_window_get_help_overlay
gtk_application_window_get_id
gtk_application_window_get_show_menubar
gtk_application_window_get_type
gtk_application_window_new
gtk_application_window_set_help_overlay
gtk_application_window_set_show_menubar
gtk_arrow_placement_get_type
gtk_arrow_type_get_type
gtk_aspect_frame_get_type
gtk_aspect_frame_new
gtk_assistant_add_action_widget
gtk_assistant_append_page
gtk_assistant_commit
gtk_assistant_get_current_page
gtk_assistant_get_n_pages
gtk_assistant_get_nth_page
gtk_assistant_get_page_complete
gtk_assistant_get_page_title
gtk_assistant_get_page_type
gtk_assistant_get_type
gtk_assistant_insert_page
gtk_assistant_new
gtk_assistant_next_page
gtk_assistant_page_type_get_type
gtk_assistant_prepend_page
gtk_assistant_previous_page
gtk_assistant_remove_action_widget
gtk_assistant_remove_page
gtk_assistant_set_current_page
gtk_assistant_set_page_complete
gtk_assistant_set_page_title
gtk_assistant_set_page_type
gtk_assistant_update_buttons_state
gtk_bin_get_child
gtk_bin_get_type
gtk_box_get_center_widget
gtk_box_get_homogeneous
gtk_box_get_spacing
gtk_box_get_type
gtk_box_new
gtk_box_pack_end
gtk_box_pack_start
gtk_box_query_child_packing
gtk_box_reorder_child
gtk_box_set_center_widget
gtk_box_set_child_packing
gtk_box_set_homogeneous
gtk_box_set_spacing
gtk_builder_add_from_file
gtk_builder_add_from_resource
gtk_builder_add_from_string
gtk_builder_connect_signals_full
gtk_builder_get_object
gtk_builder_get_type
gtk_builder_new
gtk_builder_new_from_file
gtk_builder_new_from_resource
gtk_builder_new_from_string
gtk_button_box_get_child_non_homogeneous
gtk_button_box_get_child_secondary
gtk_button_box_get_layout
gtk_button_box_get_type
gtk_button_box_new
gtk_button_box_set_child_non_homogeneous
gtk_button_box_set_child_secondary
gtk_button_box_set_layout
gtk_button_clicked
gtk_button_get_always_show_image
gtk_button_get_event_window
gtk_button_get_image
gtk_button_get_image_position
gtk_button_get_label
gtk_button_get_relief
gtk_button_get_type
gtk_button_get_use_underline
gtk_button_new
gtk_button_new_from_icon_name
gtk_button_new_with_label
gtk_button_new_with_mnemonic
gtk_button_role_get_type
gtk_button_set_always_show_image
gtk_button_set_image
gtk_button_set_image_position
gtk_button_set_label
gtk_button_set_relief
gtk_button_set_use_underline
gtk_buttons_type_get_type
gtk_calendar_clear_marks
gtk_calendar_display_options_get_type
gtk_calendar_get_date
gtk_calendar_get_day_is_marked
gtk_calendar_get_detail_height_rows
gtk_calendar_get_detail_width_chars
gtk_calendar_get_display_options
gtk_calendar_get_type
gtk_calendar_mark_day
gtk_calendar_new
gtk_calendar_select_day
gtk_calendar_select_month
gtk_calendar_set_detail_height_rows
gtk_calendar_set_detail_width_chars
gtk_calendar_set_display_options
gtk_calendar_unmark_day
gtk_cell_area_activate
gtk_cell_area_activate_cell
gtk_cell_area_add
gtk_cell_area_add_focus_sibling
gtk_cell_area_apply_attributes
gtk_cell_area_attribute_connect
gtk_cell_area_attribute_disconnect
gtk_cell_area_attribute_get_column
gtk_cell_area_box_get_spacing
gtk_cell_area_box_get_type
gtk_cell_area_box_new
gtk_cell_area_box_pack_end
gtk_cell_area_box_pack_start
gtk_cell_area_box_set_spacing
gtk_cell_area_cell_get_property
gtk_cell_area_cell_set_property
gtk_cell_area_context_allocate
gtk_cell_area_context_get_allocation
gtk_cell_area_context_get_area
gtk_cell_area_context_get_preferred_height
gtk_cell_area_context_get_preferred_height_for_width
gtk_cell_area_context_get_preferred_width
gtk_cell_area_context_get_preferred_width_for_height
gtk_cell_area_context_get_type
gtk_cell_area_context_push_preferred_height
gtk_cell_area_context_push_preferred_width
gtk_cell_area_context_reset
gtk_cell_area_copy_context
gtk_cell_area_create_context
gtk_cell_area_event
gtk_cell_area_focus
gtk_cell_area_get_cell_allocation
gtk_cell_area_get_cell_at_position
gtk_cell_area_get_current_path_string
gtk_cell_area_get_edited_cell
gtk_cell_area_get_focus_cell
gtk_cell_area_get_focus_from_sibling
gtk_cell_area_get_focus_siblings
gtk_cell_area_get_preferred_height
gtk_cell_area_get_preferred_height_for_width
gtk_cell_area_get_preferred_width
gtk_cell_area_get_preferred_width_for_height
gtk_cell_area_get_type
gtk_cell_area_has_renderer
gtk_cell_area_inner_cell_area
gtk_cell_area_is_activatable
gtk_cell_area_is_focus_sibling
gtk_cell_area_remove
gtk_cell_area_remove_focus_sibling
gtk_cell_area_render
gtk_cell_area_request_renderer
gtk_cell_area_set_focus_cell
gtk_cell_area_stop_editing
gtk_cell_layout_add_attribute
gtk_cell_layout_get_type
gtk_cell_layout_pack_start
gtk_cell_renderer_accel_get_type
gtk_cell_renderer_accel_mode_get_type
gtk_cell_renderer_accel_new
gtk_cell_renderer_combo_get_type
gtk_cell_renderer_combo_new
gtk_cell_renderer_get_type
gtk_cell_renderer_mode_get_type
gtk_cell_renderer_pixbuf_get_type
gtk_cell_renderer_pixbuf_new
gtk_cell_renderer_progress_get_type
gtk_cell_renderer_progress_new
gtk_cell_renderer_spin_get_type
gtk_cell_renderer_spin_new
gtk_cell_renderer_spinner_get_type
gtk_cell_renderer_spinner_new
gtk_cell_renderer_state_get_type
gtk_cell_renderer_text_get_type
gtk_cell_renderer_text_new
gtk_cell_renderer_text_set_fixed_height_from_font
gtk_cell_renderer_toggle_get_activatable
gtk_cell_renderer_toggle_get_active
gtk_cell_renderer_toggle_get_radio
gtk_cell_renderer_toggle_get_type
gtk_cell_renderer_toggle_new
gtk_cell_renderer_toggle_set_activatable
gtk_cell_renderer_toggle_set_active
gtk_cell_renderer_toggle_set_radio
gtk_check_button_get_type
gtk_check_button_new
gtk_check_button_new_with_label
gtk_check_button_new_with_mnemonic
gtk_check_menu_item_get_active
gtk_check_menu_item_get_draw_as_radio
gtk_check_menu_item_get_inconsistent
gtk_check_menu_item_get_type
gtk_check_menu_item_new
gtk_check_menu_item_new_with_label
gtk_check_menu_item_new_with_mnemonic
gtk_check_menu_item_set_active
gtk_check_menu_item_set_draw_as_radio
gtk_check_menu_item_set_inconsistent
gtk_check_menu_item_toggled
gtk_check_version
gtk_clipboard_get
gtk_clipboard_get_for_display
gtk_clipboard_get_type
gtk_clipboard_set_image
gtk_clipboard_set_text
gtk_clipboard_store
gtk_clipboard_wait_for_contents
gtk_clipboard_wait_for_image
gtk_clipboard_wait_for_text
gtk_clipboard_wait_is_image_available
gtk_clipboard_wait_is_rich_text_available
gtk_clipboard_wait_is_target_available
gtk_clipboard_wait_is_text_available
gtk_clipboard_wait_is_uris_available
gtk_color_button_get_title
gtk_color_button_get_type
gtk_color_button_new
gtk_color_button_new_with_rgba
gtk_color_button_set_title
gtk_color_chooser_add_palette
gtk_color_chooser_dialog_get_type
gtk_color_chooser_dialog_new
gtk_color_chooser_get_rgba
gtk_color_chooser_get_type
gtk_color_chooser_get_use_alpha
gtk_color_chooser_set_rgba
gtk_color_chooser_set_use_alpha
gtk_combo_box_get_active
gtk_combo_box_get_active_id
gtk_combo_box_get_active_iter
gtk_combo_box_get_column_span_column
gtk_combo_box_get_entry_text_column
gtk_combo_box_get_has_entry
gtk_combo_box_get_id_column
gtk_combo_box_get_model
gtk_combo_box_get_popup_fixed_width
gtk_combo_box_get_row_span_column
gtk_combo_box_get_type
gtk_combo_box_get_wrap_width
gtk_combo_box_new
gtk_combo_box_new_with_entry
gtk_combo_box_new_with_model
gtk_combo_box_new_with_model_and_entry
gtk_combo_box_popdown
gtk_combo_box_popup
gtk_combo_box_popup_for_device
gtk_combo_box_set_active
gtk_combo_box_set_active_id
gtk_combo_box_set_active_iter
gtk_combo_box_set_column_span_column
gtk_combo_box_set_entry_text_column
gtk_combo_box_set_id_column
gtk_combo_box_set_model
gtk_combo_box_set_popup_fixed_width
gtk_combo_box_set_row_span_column
gtk_combo_box_set_wrap_width
gtk_combo_box_text_append
gtk_combo_box_text_append_text
gtk_combo_box_text_get_active_text
gtk_combo_box_text_get_type
gtk_combo_box_text_insert
gtk_combo_box_text_insert_text
gtk_combo_box_text_new
gtk_combo_box_text_new_with_entry
gtk_combo_box_text_prepend
gtk_combo_box_text_prepend_text
gtk_combo_box_text_remove
gtk_combo_box_text_remove_all
gtk_container_add
gtk_container_check_resize
gtk_container_child_get_property
gtk_container_child_notify
gtk_container_child_set_property
gtk_container_child_type
gtk_container_get_border_width
gtk_container_get_children
gtk_container_get_focus_child
gtk_container_get_focus_hadjustment
gtk_container_get_focus_vadjustment
gtk_container_get_type
gtk_container_propagate_draw
gtk_container_remove
gtk_container_set_border_width
gtk_container_set_focus_child
gtk_container_set_focus_hadjustment
gtk_container_set_focus_vadjustment
gtk_corner_type_get_type
gtk_css_provider_get_named
gtk_css_provider_get_type
gtk_css_provider_load_from_data
gtk_css_provider_load_from_path
gtk_css_provider_load_from_resource
gtk_css_provider_new
gtk_css_provider_to_string
gtk_dest_defaults_get_type
gtk_dialog_add_action_widget
gtk_dialog_add_button
gtk_dialog_flags_get_type
gtk_dialog_get_content_area
gtk_dialog_get_header_bar
gtk_dialog_get_response_for_widget
gtk_dialog_get_type
gtk_dialog_get_widget_for_response
gtk_dialog_new
gtk_dialog_new_with_buttons
gtk_dialog_response
gtk_dialog_run
gtk_dialog_set_default_response
gtk_dialog_set_response_sensitive
gtk_direction_type_get_type
gtk_drag_dest_set
gtk_drag_set_icon_default
gtk_drag_set_icon_name
gtk_drag_set_icon_pixbuf
gtk_drag_set_icon_surface
gtk_drag_set_icon_widget
gtk_drag_source_set
gtk_drawing_area_get_type
gtk_drawing_area_new
gtk_editable_copy_clipboard
gtk_editable_cut_clipboard
gtk_editable_delete_selection
gtk_editable_delete_text
gtk_editable_get_chars
gtk_editable_get_editable
gtk_editable_get_position
gtk_editable_get_selection_bounds
gtk_editable_get_type
gtk_editable_insert_text
gtk_editable_paste_clipboard
gtk_editable_select_region
gtk_editable_set_editable
gtk_editable_set_position
gtk_entry_buffer_delete_text
gtk_entry_buffer_emit_deleted_text
gtk_entry_buffer_emit_inserted_text
gtk_entry_buffer_get_bytes
gtk_entry_buffer_get_length
gtk_entry_buffer_get_max_length
gtk_entry_buffer_get_text
gtk_entry_buffer_get_type
gtk_entry_buffer_insert_text
gtk_entry_buffer_new
gtk_entry_buffer_set_max_length
gtk_entry_buffer_set_text
gtk_entry_completion_get_inline_completion
gtk_entry_completion_get_minimum_key_length
gtk_entry_completion_get_model
gtk_entry_completion_get_popup_completion
gtk_entry_completion_get_popup_set_width
gtk_entry_completion_get_text_column

libintl-8

libintl_bind_textdomain_codeset
libintl_bindtextdomain
libintl_gettext
libintl_setlocale
libintl_textdomain

libpango-1.0-0

pango_alignment_get_type
pango_attr_list_insert
pango_attr_list_new
pango_attr_type_get_type
pango_color_copy
pango_color_free
pango_color_parse
pango_color_to_string
pango_context_new
pango_ellipsize_mode_get_type
pango_extents_to_pixels
pango_font_description_better_match
pango_font_description_copy
pango_font_description_copy_static
pango_font_description_equal
pango_font_description_free
pango_font_description_from_string
pango_font_description_get_family
pango_font_description_get_gravity
pango_font_description_get_set_fields
pango_font_description_get_size
pango_font_description_get_size_is_absolute
pango_font_description_get_stretch
pango_font_description_get_style
pango_font_description_get_type
pango_font_description_get_variant
pango_font_description_get_weight
pango_font_description_hash
pango_font_description_merge
pango_font_description_merge_static
pango_font_description_new
pango_font_description_set_absolute_size
pango_font_description_set_family
pango_font_description_set_family_static
pango_font_description_set_gravity
pango_font_description_set_size
pango_font_description_set_stretch
pango_font_description_set_style
pango_font_description_set_variant
pango_font_description_set_weight
pango_font_description_to_filename
pango_font_description_to_string
pango_font_description_unset_fields
pango_gravity_to_rotation
pango_layout_copy
pango_layout_get_attributes
pango_layout_get_character_count
pango_layout_get_context
pango_layout_get_font_description
pango_layout_get_height
pango_layout_get_indent
pango_layout_get_size
pango_layout_get_tabs
pango_layout_get_text
pango_layout_get_width
pango_layout_get_wrap
pango_layout_is_wrapped
pango_layout_new
pango_layout_set_attributes
pango_layout_set_font_description
pango_layout_set_height
pango_layout_set_indent
pango_layout_set_markup
pango_layout_set_tabs
pango_layout_set_text
pango_layout_set_width
pango_layout_set_wrap
pango_tab_align_get_type
pango_tab_array_copy
pango_tab_array_free
pango_tab_array_get_positions_in_pixels
pango_tab_array_get_size
pango_tab_array_get_tab
pango_tab_array_new
pango_tab_array_resize
pango_tab_array_set_tab
pango_underline_get_type
pango_wrap_mode_get_type

libpangocairo-1.0-0

pango_cairo_create_context
pango_cairo_create_layout
pango_cairo_error_underline_path
pango_cairo_glyph_string_path
pango_cairo_layout_line_path
pango_cairo_layout_path
pango_cairo_show_glyph_item
pango_cairo_show_glyph_string
pango_cairo_show_layout
pango_cairo_show_layout_line
pango_cairo_update_layout

windivert

WinDivertClose
WinDivertGetParam
WinDivertHelperCalcChecksums
WinDivertHelperCompileFilter
WinDivertOpen
WinDivertRecv
WinDivertSend
WinDivertSetParam

Sections

.text
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 335KB - Virtual size: 334KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12.1MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 7.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 333KB - Virtual size: 333KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/35
Size: 553KB - Virtual size: 552KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/51
Size: 9.9MB - Virtual size: 9.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/77
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/89
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/102
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 10.5MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/138
Size: 512B - Virtual size: 34B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b649f8e17494bb31b47f6e959a1769c

Headers

File Characteristics

Imports

advapi32

kernel32

Exports

Exports

Sections

.text Size: 30KB - Virtual size: 29KB

.data Size: 512B - Virtual size: 32B

.rdata Size: 9KB - Virtual size: 8KB

.pdata Size: 1024B - Virtual size: 840B

.xdata Size: 1024B - Virtual size: 800B

.bss Size: - Virtual size: 16B

.edata Size: 1KB - Virtual size: 1KB

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 240B

505c54af7fa8f0482014ca4fe5cdd53d

Code Sign

f4:8b:a9:cb:78:dd:96:f2:dc:60:2f:ef:35:68:c9:2aCertificate

Extended Key Usages

Key Usages

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1Certificate

Extended Key Usages

Key Usages

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08Certificate

Extended Key Usages

Key Usages

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate

Extended Key Usages

Key Usages

33:00:00:00:31:94:79:a3:18:f5:52:2d:06:00:00:00:00:00:31Certificate

Extended Key Usages

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0dCertificate

Key Usages

22:28:bf:92:4d:da:52:a7:8d:1d:5e:42:49:58:10:79:54:b9:1b:20:4d:70:75:56:77:34:96:94:0a:13:9c:2eSigner

22:28:bf:92:4d:da:52:a7:8d:1d:5e:42:49:58:10:79:54:b9:1b:20:4d:70:75:56:77:34:96:94:0a:13:9c:2eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntoskrnl.exe

hal

ndis.sys

fwpkclnt.sys

wdfldr.sys

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 512B - Virtual size: 16KB

.pdata Size: 2KB - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 4B

INIT Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 420B

beeaac6f783850e322523b30820cad34

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

libcairo-gobject-2

libcairo-2

libfontconfig-1

libgdk-3-0

libgdk_pixbuf-2.0-0

libgio-2.0-0

libglib-2.0-0

libgobject-2.0-0

libgtk-3-0

libintl-8

libpango-1.0-0

.text
Size: 30KB - Virtual size: 29KB

.data
Size: 512B - Virtual size: 32B

.rdata
Size: 9KB - Virtual size: 8KB

.pdata
Size: 1024B - Virtual size: 840B

.xdata
Size: 1024B - Virtual size: 800B

.bss
Size: - Virtual size: 16B

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 240B

f4:8b:a9:cb:78:dd:96:f2:dc:60:2f:ef:35:68:c9:2a
Certificate

6d:d4:72:eb:02:ae:04:06:e3:dd:84:3f:5f:e1:45:e1
Certificate

3d:1a:35:72:30:15:82:63:30:d0:13:71:7e:82:41:08
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

33:00:00:00:31:94:79:a3:18:f5:52:2d:06:00:00:00:00:00:31
Certificate

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

22:28:bf:92:4d:da:52:a7:8d:1d:5e:42:49:58:10:79:54:b9:1b:20:4d:70:75:56:77:34:96:94:0a:13:9c:2e
Signer

22:28:bf:92:4d:da:52:a7:8d:1d:5e:42:49:58:10:79:54:b9:1b:20:4d:70:75:56:77:34:96:94:0a:13:9c:2e
Signer

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 512B - Virtual size: 16KB

.pdata
Size: 2KB - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 4B

INIT
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 420B

.text
Size: 8.8MB - Virtual size: 8.8MB

.data
Size: 335KB - Virtual size: 334KB

.rdata
Size: 12.1MB - Virtual size: 12.1MB

.pdata
Size: 50KB - Virtual size: 49KB

.xdata
Size: 40KB - Virtual size: 40KB

.bss
Size: - Virtual size: 7.4MB

.idata
Size: 157KB - Virtual size: 156KB

.CRT
Size: 512B - Virtual size: 104B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

/4
Size: 11KB - Virtual size: 11KB

/19
Size: 333KB - Virtual size: 333KB

/35
Size: 553KB - Virtual size: 552KB

/51
Size: 9.9MB - Virtual size: 9.9MB

/63
Size: 114KB - Virtual size: 114KB

/77
Size: 3.4MB - Virtual size: 3.4MB

/89
Size: 1.9MB - Virtual size: 1.9MB

/102
Size: 110KB - Virtual size: 109KB

/113
Size: 10.5MB - Virtual size: 10.5MB

/124
Size: 2.4MB - Virtual size: 2.4MB

/138
Size: 512B - Virtual size: 34B