Set
Overview
overview
7Static
static
3SecuriteIn...04.exe
windows7-x64
7SecuriteIn...04.exe
windows10-2004-x64
7$PLUGINSDI...ss.dll
windows7-x64
3$PLUGINSDI...ss.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3$PLUGINSDI...oc.dll
windows7-x64
3$PLUGINSDI...oc.dll
windows10-2004-x64
3$PLUGINSDI...gs.dll
windows7-x64
3$PLUGINSDI...gs.dll
windows10-2004-x64
3EasyHook.dll
windows7-x64
1EasyHook.dll
windows10-2004-x64
1EasyHook32.dll
windows7-x64
1EasyHook32.dll
windows10-2004-x64
3EasyHook64.dll
windows7-x64
1EasyHook64.dll
windows10-2004-x64
1cef.js
windows7-x64
1cef.js
windows10-2004-x64
1d3dcompiler_43.dll
windows7-x64
3d3dcompiler_43.dll
windows10-2004-x64
3d3dcompiler_47.dll
windows10-2004-x64
3libEGL.dll
windows7-x64
1libEGL.dll
windows10-2004-x64
1libGLESv2.dll
windows7-x64
1libGLESv2.dll
windows10-2004-x64
1libcef.dll
windows7-x64
1libcef.dll
windows10-2004-x64
1natives_blob.js
windows7-x64
1natives_blob.js
windows10-2004-x64
1pepflashplayer.dll
windows7-x64
1pepflashplayer.dll
windows10-2004-x64
1Static task
static1
2 signatures
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Program.Kuaizip.1.13751.10904.exe
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Program.Kuaizip.1.13751.10904.exe
Resource
win10v2004-20240221-en
windows10-2004-x64
3 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/SkinProgress.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/SkinProgress.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
$PLUGINSDIR/WndProc.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
$PLUGINSDIR/WndProc.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral9
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win7-20240220-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral10
Sample
$PLUGINSDIR/nsDialogs.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral11
Sample
EasyHook.dll
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral12
Sample
EasyHook.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral13
Sample
EasyHook32.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral14
Sample
EasyHook32.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral15
Sample
EasyHook64.dll
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral16
Sample
EasyHook64.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral17
Sample
cef.js
Resource
win7-20240221-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral18
Sample
cef.js
Resource
win10v2004-20240221-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral19
Sample
d3dcompiler_43.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral20
Sample
d3dcompiler_43.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral21
Sample
d3dcompiler_47.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral22
Sample
libEGL.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral23
Sample
libEGL.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral24
Sample
libGLESv2.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral25
Sample
libGLESv2.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral26
Sample
libcef.dll
Resource
win7-20240215-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral27
Sample
libcef.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral28
Sample
natives_blob.js
Resource
win7-20240220-en
windows7-x64
0 signatures
150 seconds
Behavioral task
behavioral29
Sample
natives_blob.js
Resource
win10v2004-20240221-en
windows10-2004-x64
0 signatures
150 seconds
Behavioral task
behavioral30
Sample
pepflashplayer.dll
Resource
win7-20240221-en
windows7-x64
1 signatures
150 seconds
Behavioral task
behavioral31
Sample
pepflashplayer.dll
Resource
win10v2004-20240221-en
windows10-2004-x64
1 signatures
150 seconds
General
-
Target
SecuriteInfo.com.Program.Kuaizip.1.13751.10904.exe
-
Size
32.1MB
-
MD5
a833da32d89cc33f2effba1d3c2287cb
-
SHA1
2d705e9f61f11487a18b2eaf0fe592f7e0af1821
-
SHA256
551ac631a240fbca3e59e93e3527527e8878346e6462908e652495798d032391
-
SHA512
77a3abd0e9952c1f2dd6791d0ac0e8813befd505960454125f3a294b34622a9d2fccdff47e59f9745dc96de72e1b4d3a1fb4c31a1e26b6ed0d6992f949a525e4
-
SSDEEP
393216:iaAmO1SCxlm6SpTbNU8hiPIylxiPIOZkV5mpjQyqZRFclWXSJAhKGhUgDun7TVUy:it1xlwUEylxwIokV5U8yMcaS4Ds9yr5c
Score
3/10
Malware Config
Signatures
-
Unsigned PE 8 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.Program.Kuaizip.1.13751.10904.exe unpack001/$PLUGINSDIR/SkinProgress.dll unpack001/$PLUGINSDIR/System.dll unpack001/$PLUGINSDIR/WndProc.dll unpack001/$PLUGINSDIR/nsDialogs.dll unpack001/EasyHook.dll unpack001/EasyHook32.dll unpack001/EasyHook64.dll -
NSIS installer 2 IoCs
resource yara_rule sample nsis_installer_1 sample nsis_installer_2
Files
-
SecuriteInfo.com.Program.Kuaizip.1.13751.10904.exe.exe windows:4 windows x86 arch:x86
099c0646ea7282d232219f8807883be0
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA
user32
EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow
gdi32
SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject
shell32
SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation
advapi32
RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
comctl32
ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create
ole32
CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance
version
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA
Sections
.text Size: 23KB - Virtual size: 22KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1024B - Virtual size: 107KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 72KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 293KB - Virtual size: 293KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/SkinProgress.dll.dll windows:4 windows x86 arch:x86
df38729be926f91d3390389029adf53b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpyA
GlobalAlloc
GlobalFree
GetModuleHandleA
user32
GetWindowRect
BeginPaint
GetWindowDC
CallWindowProcA
ReleaseDC
EndPaint
GetWindowLongA
GetPropA
SetPropA
SetWindowLongA
RemovePropA
LoadImageA
SendMessageA
gdi32
DeleteDC
BitBlt
CreateCompatibleBitmap
StretchBlt
SelectObject
CreateCompatibleDC
GetObjectA
DeleteObject
Exports
Exports
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 797B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 254B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
2017f2acbdaa42ab3e4adeb8b4c37e7b
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect
user32
wsprintfA
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 784B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 100B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 520B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/WndProc.dll.dll windows:4 windows x86 arch:x86
b3f659d7637a91b4fec12ff9b930080d
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalFree
lstrcpyA
GlobalAlloc
user32
CallWindowProcA
SetWindowLongA
GetPropA
SetPropA
wsprintfA
Exports
Exports
onCallback
Sections
.text Size: 1024B - Virtual size: 934B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 512B - Virtual size: 377B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 20B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 284B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/nsDialogs.dll.dll windows:4 windows x86 arch:x86
1e2884056e655f2b7bc5a904e352fc80
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
lstrcpyA
GetFileAttributesA
lstrcmpiA
MulDiv
lstrlenA
HeapFree
GetCurrentDirectoryA
HeapAlloc
HeapReAlloc
GlobalFree
lstrcpynA
GlobalAlloc
GetProcessHeap
SetCurrentDirectoryA
user32
GetPropA
DestroyWindow
CallWindowProcA
SetCursor
LoadCursorA
RemovePropA
CharPrevA
GetWindowLongA
DrawTextA
GetWindowTextA
GetDlgItem
SetWindowLongA
SetWindowPos
CreateDialogParamA
MapWindowPoints
GetWindowRect
SetPropA
CreateWindowExA
IsWindow
SetTimer
KillTimer
DispatchMessageA
TranslateMessage
GetMessageA
IsDialogMessageA
ShowWindow
wsprintfA
MapDialogRect
GetClientRect
CharNextA
SendMessageA
DrawFocusRect
gdi32
SetTextColor
shell32
SHBrowseForFolderA
SHGetPathFromIDListA
comdlg32
GetSaveFileNameA
GetOpenFileNameA
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show
Sections
.text Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 572B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/simple_bg.bmp
-
$PLUGINSDIR/simple_loading1.bmp
-
$PLUGINSDIR/simple_loading2.bmp
-
EasyHook.dll.dll windows:4 windows x86 arch:x86
dae02f32a21e03ce65412f6e56942daa
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
d:\37work\pc_code\gamebox\gamebox_dual\04代码\ThirdLibrary\Backup\EasyHook_SRC\EasyHook\obj\netfx3.5-Release\EasyHook.pdb
Imports
mscoree
_CorDllMain
Sections
.text Size: 50KB - Virtual size: 49KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 1000B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
EasyHook32.dll.dll windows:5 windows x86 arch:x86
7b3b12ec5d4e8348e8bcab2c0454059c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D:\37work\pc_code\gamebox\gamebox_dual\04代码\ThirdLibrary\Backup\EasyHook_SRC\Build\netfx3.5-Release\x86\EasyHook32.pdb
Imports
psapi
EnumProcessModules
GetModuleInformation
kernel32
TlsFree
GetCurrentThreadId
GetSystemInfo
GetLastError
GetCurrentProcess
GetProcAddress
GetModuleFileNameA
GetFullPathNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
SetEvent
GetModuleHandleW
LoadLibraryW
GetModuleHandleA
CloseHandle
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
DeleteCriticalSection
GetThreadContext
SetThreadContext
WaitForSingleObject
OpenProcess
Thread32First
ReadProcessMemory
Thread32Next
VirtualAllocEx
OpenThread
CreateEventW
CreateToolhelp32Snapshot
DuplicateHandle
TlsAlloc
SuspendThread
ResumeThread
TlsGetValue
CreateProcessW
CreateRemoteThread
TlsSetValue
WideCharToMultiByte
TerminateProcess
lstrlenW
SetLastError
GetExitCodeThread
Module32FirstW
WaitForMultipleObjects
Module32NextW
GetCurrentProcessId
FatalAppExitW
GetModuleFileNameW
CreateFileW
HeapAlloc
HeapFree
IsBadReadPtr
InitializeCriticalSection
Sleep
LeaveCriticalSection
EnterCriticalSection
VirtualProtect
VirtualQuery
GetVersionExW
SetStdHandle
OutputDebugStringW
LoadLibraryA
HeapCreate
HeapDestroy
FreeLibrary
WriteConsoleW
SetEndOfFile
WriteProcessMemory
InterlockedExchange
LCMapStringW
EncodePointer
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
GetStdHandle
GetFileType
GetStartupInfoW
GetProcessHeap
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WriteFile
RtlUnwind
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
HeapReAlloc
LoadLibraryExW
ReadFile
ReadConsoleW
GetStringTypeW
advapi32
StartServiceW
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
OpenProcessToken
ole32
CoTaskMemFree
CoTaskMemAlloc
Exports
Exports
?GetRemoteModuleExportDirectory@@YGHPAXPAUHINSTANCE__@@PAU_IMAGE_EXPORT_DIRECTORY@@U_IMAGE_DOS_HEADER@@U_IMAGE_NT_HEADERS@@@Z
_DbgAttachDebugger@0
_DbgDetachDebugger@0
_DbgGetProcessIdByHandle@8
_DbgGetThreadIdByHandle@8
_DbgHandleToObjectName@16
_DbgIsAvailable@0
_DbgIsEnabled@0
_GacCreateContext@0
_GacInstallAssembly@16
_GacReleaseContext@4
_GacUninstallAssembly@16
_HookCompleteInjection@4
_LhBarrierBeginStackTrace@4
_LhBarrierCallStackTrace@12
_LhBarrierEndStackTrace@4
_LhBarrierGetAddressOfReturnAddress@4
_LhBarrierGetCallback@4
_LhBarrierGetCallingModule@4
_LhBarrierGetReturnAddress@4
_LhBarrierPointerToModule@8
_LhEnumModules@12
_LhGetHookBypassAddress@8
_LhInstallHook@16
_LhIsThreadIntercepted@12
_LhSetExclusiveACL@12
_LhSetGlobalExclusiveACL@8
_LhSetGlobalInclusiveACL@8
_LhSetInclusiveACL@12
_LhUninstallAllHooks@0
_LhUninstallHook@4
_LhUpdateModuleInformation@0
_LhWaitForPendingRemovals@0
_ReleaseTestFuncHookResults@8
_RhCreateAndInject@36
_RhCreateStealthRemoteThread@16
_RhGetProcessToken@8
_RhInjectLibrary@28
_RhInstallDriver@8
_RhInstallSupportDriver@0
_RhIsAdministrator@0
_RhIsX64Process@8
_RhIsX64System@0
_RhWakeUpProcess@0
_RtlCreateSuspendedProcess@20
_RtlGetLastError@0
_RtlGetLastErrorString@0
_RtlGetLastErrorStringCopy@0
_RtlInstallService@12
_TestFuncHooks@24
Sections
.text Size: 109KB - Virtual size: 108KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 60KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 78KB - Virtual size: 98KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
EasyHook64.dll.dll windows:6 windows x64 arch:x64
7c733a77800d92600b3d036b64da29bb
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\projects\easyhook\Build\netfx3.5-Release\x64\EasyHook64.pdb
Imports
psapi
EnumProcessModules
GetModuleInformation
kernel32
TlsFree
GetCurrentThreadId
VirtualFree
VirtualAlloc
GetSystemInfo
GetLastError
GetCurrentProcess
GetProcAddress
GetModuleFileNameA
LoadLibraryW
GetCurrentProcessId
GetFullPathNameW
GetEnvironmentVariableW
SetEnvironmentVariableW
SetEvent
GetModuleHandleW
GetModuleHandleA
CloseHandle
InitializeCriticalSectionEx
RaiseException
DecodePointer
DeleteCriticalSection
GetThreadContext
SetThreadContext
WaitForSingleObject
OpenProcess
Thread32First
ReadProcessMemory
Thread32Next
VirtualAllocEx
OpenThread
TlsAlloc
CreateToolhelp32Snapshot
DuplicateHandle
WriteProcessMemory
SuspendThread
ResumeThread
TlsGetValue
CreateProcessW
CreateRemoteThread
TlsSetValue
WideCharToMultiByte
TerminateProcess
lstrlenW
SetLastError
GetExitCodeThread
Module32FirstW
WaitForMultipleObjects
Module32NextW
FatalAppExitW
GetModuleFileNameW
CreateFileW
HeapAlloc
HeapFree
IsBadReadPtr
InitializeCriticalSection
Sleep
LeaveCriticalSection
EnterCriticalSection
VirtualProtect
GetVersionExW
RtlPcToFileHeader
SetStdHandle
OutputDebugStringW
LoadLibraryA
HeapCreate
HeapDestroy
FreeLibrary
WriteConsoleW
SetEndOfFile
CreateEventW
LCMapStringW
EncodePointer
GetCommandLineA
IsDebuggerPresent
IsProcessorFeaturePresent
ExitProcess
GetModuleHandleExW
AreFileApisANSI
MultiByteToWideChar
RtlUnwindEx
GetStdHandle
GetFileType
GetStartupInfoW
GetProcessHeap
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
WriteFile
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
HeapReAlloc
LoadLibraryExW
ReadFile
ReadConsoleW
GetStringTypeW
advapi32
StartServiceW
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
OpenProcessToken
ole32
CoTaskMemFree
CoTaskMemAlloc
Exports
Exports
?GetRemoteModuleExportDirectory@@YAHPEAXPEAUHINSTANCE__@@PEAU_IMAGE_EXPORT_DIRECTORY@@U_IMAGE_DOS_HEADER@@U_IMAGE_NT_HEADERS64@@@Z
DbgAttachDebugger
DbgDetachDebugger
DbgGetProcessIdByHandle
DbgGetThreadIdByHandle
DbgHandleToObjectName
DbgIsAvailable
DbgIsEnabled
GacCreateContext
GacInstallAssembly
GacReleaseContext
GacUninstallAssembly
HookCompleteInjection
LhBarrierBeginStackTrace
LhBarrierCallStackTrace
LhBarrierEndStackTrace
LhBarrierGetAddressOfReturnAddress
LhBarrierGetCallback
LhBarrierGetCallingModule
LhBarrierGetReturnAddress
LhBarrierPointerToModule
LhEnumModules
LhGetHookBypassAddress
LhInstallHook
LhIsThreadIntercepted
LhSetExclusiveACL
LhSetGlobalExclusiveACL
LhSetGlobalInclusiveACL
LhSetInclusiveACL
LhUninstallAllHooks
LhUninstallHook
LhUpdateModuleInformation
LhWaitForPendingRemovals
ReleaseTestFuncHookResults
RhCreateAndInject
RhCreateStealthRemoteThread
RhGetProcessToken
RhInjectLibrary
RhInstallDriver
RhInstallSupportDriver
RhIsAdministrator
RhIsX64Process
RhIsX64System
RhWakeUpProcess
RtlCreateSuspendedProcess
RtlGetLastError
RtlGetLastErrorString
RtlGetLastErrorStringCopy
RtlInstallService
TestFuncHooks
Sections
.text Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 79KB - Virtual size: 79KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 85KB - Virtual size: 112KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
cef.pak.js
-
cef_100_percent.pak
-
cef_200_percent.pak
-
d3dcompiler_43.dll.dll windows:6 windows x86 arch:x86
6ba7b0e4e74a8eea96dca4fffc88b859
Code Sign
2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate
IssuerCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft CorporationNot Before22/08/2007, 22:31Not After25/08/2012, 07:00SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:01:cf:3e:00:00:00:00:00:0fCertificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07/12/2009, 22:40Not After07/03/2011, 22:40SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate
IssuerCN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft CorporationNot Before16/09/2006, 01:04Not After15/09/2019, 07:00SubjectCN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:05:a2:30:00:00:00:00:00:08Certificate
IssuerCN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before25/07/2008, 19:01Not After25/07/2013, 19:11SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
a0:dc:fd:f1:04:c6:f9:25:f4:de:ed:83:b3:1b:1c:9e:4a:d1:be:fbSigner
Actual PE Digesta0:dc:fd:f1:04:c6:f9:25:f4:de:ed:83:b3:1b:1c:9e:4a:d1:be:fbDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D3DCompiler_43.pdb
Imports
msvcrt
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
_initterm
_XcptFilter
_CxxThrowException
memset
memcpy
isxdigit
atof
setlocale
_strdup
_mbstrlen
modf
isalnum
_isnan
ceil
_finite
strrchr
_clearfp
_controlfp
_strnicmp
_fpclass
_purecall
strncmp
isspace
strstr
getenv
_stricmp
memmove
qsort
isalpha
toupper
atoi
isdigit
tolower
free
malloc
??2@YAPAXI@Z
??3@YAXPAX@Z
strchr
_vsnprintf
_errno
__CxxFrameHandler
floor
_CIfmod
_CItanh
_CItan
_CIsinh
_CIsin
_CIlog
_CIpow
_CIexp
_CIsqrt
_CIcosh
_CIcos
_CIatan2
_CIatan
_CIasin
_CIacos
gdi32
DeleteObject
kernel32
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
UnmapViewOfFile
CloseHandle
DeleteCriticalSection
InitializeCriticalSection
VirtualFree
GetLastError
SetUnhandledExceptionFilter
WideCharToMultiByte
GetFullPathNameA
HeapCreate
OutputDebugStringA
LoadLibraryA
GetModuleHandleA
lstrcmpiA
TlsFree
TlsGetValue
HeapDestroy
TlsSetValue
InterlockedExchange
TlsAlloc
Sleep
InterlockedCompareExchange
FreeLibrary
GetSystemInfo
GetProcAddress
VirtualAlloc
GetProcessHeap
HeapFree
HeapAlloc
DisableThreadLibraryCalls
MultiByteToWideChar
GetVersion
Exports
Exports
D3DAssemble
D3DCompile
D3DCompressShaders
D3DCreateBlob
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DPreprocess
D3DReflect
D3DReturnFailure1
D3DStripShader
DebugSetMute
Sections
.text Size: 1.9MB - Virtual size: 1.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 16KB - Virtual size: 31KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 968B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 56KB - Virtual size: 55KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
d3dcompiler_47.dll.dll windows:10 windows x86 arch:x86
99126746275ab6fc777f4f36380f7d97
Code Sign
33:00:00:00:ae:ec:3f:ad:b6:8b:b9:2d:d2:00:00:00:00:00:aeCertificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before03/05/2016, 17:13Not After03/08/2017, 17:13SubjectCN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:0a:2c:79:ae:d7:79:7b:a6:ac:00:01:00:00:01:0aCertificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before04/06/2015, 17:42Not After04/09/2016, 17:42SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:33:26:1a:00:00:00:00:00:31Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before31/08/2010, 22:19Not After31/08/2020, 22:29SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03/04/2007, 12:53Not After03/04/2021, 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:00:ef:d8:87:2e:35:a3:82:8a:2f:00:00:00:00:00:efCertificate
IssuerCN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before28/10/2015, 20:31Not After28/01/2017, 20:31SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0c:52:4c:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before06/07/2010, 20:40Not After06/07/2025, 20:50SubjectCN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
c1:a8:61:fb:f0:a4:ce:53:1e:59:10:ed:76:23:f7:0b:44:aa:8a:4f:31:1a:dd:7f:bf:4c:bb:c8:cd:50:eb:b6Signer
Actual PE Digestc1:a8:61:fb:f0:a4:ce:53:1e:59:10:ed:76:23:f7:0b:44:aa:8a:4f:31:1a:dd:7f:bf:4c:bb:c8:cd:50:eb:b6Digest Algorithmsha256PE Digest Matchestruee2:e6:6e:ca:23:7a:71:9c:64:c4:6b:aa:f3:1d:19:17:65:59:f8:feSigner
Actual PE Digeste2:e6:6e:ca:23:7a:71:9c:64:c4:6b:aa:f3:1d:19:17:65:59:f8:feDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
D3DCompiler_47.pdb
Imports
msvcrt
__dllonexit
_unlock
_lock
??1type_info@@UAE@XZ
_initterm
_amsg_exit
_XcptFilter
_callnewh
_isnan
__isascii
_clearfp
_controlfp
_strdup
_mbstrlen
_purecall
_vsnwprintf
strtoul
isxdigit
atof
strchr
setlocale
strnlen
modf
strrchr
tolower
_finite
_fpclass
memmove
strncmp
strncpy_s
isspace
wcsncmp
wcsncpy_s
_wcsicmp
memcpy
memset
fclose
bsearch
qsort
strcat_s
_onexit
_CxxThrowException
_snwprintf_s
__unDName
fread
fseek
_wfsopen
wcstoul
_fileno
sscanf_s
_filelengthi64
towlower
_wcsnicmp
_wsplitpath_s
wcscpy_s
wcsncat_s
wcsrchr
swprintf_s
_wmakepath_s
time
_wcsdup
_wgetenv
_wfullpath
_chsize_s
_close
_read
_write
_lseeki64
_get_osfhandle
_open_osfhandle
wcscat_s
ftell
_mbscmp
_memicmp
toupper
_atoi64
_errno
strtod
_strtoui64
?terminate@@YAXXZ
_except_handler4_common
strstr
malloc
_strnicmp
atoi
isdigit
isalpha
strcpy_s
memcpy_s
isalnum
getenv
free
_stricmp
sprintf_s
_vsnprintf
_wsopen
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
__CxxFrameHandler3
_ftol2
_ftol2_sse
ceil
floor
advapi32
RegOpenKeyExW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegQueryValueExW
kernel32
MapViewOfFileEx
SetFilePointer
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
DeviceIoControl
SetFilePointerEx
SetEndOfFile
GetFileType
DeleteFileW
FlushViewOfFile
SetFileAttributesW
GetFileAttributesW
SetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
LocalFree
LocalAlloc
LoadLibraryExW
GetProcAddress
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
lstrcmpiA
HeapCreate
GetEnvironmentVariableA
GetModuleFileNameA
LCMapStringW
DisableThreadLibraryCalls
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
FreeLibrary
VirtualFree
VirtualAlloc
GetSystemInfo
CreateFileW
GetLastError
GetFileSizeEx
ReadFile
CloseHandle
Sleep
TlsAlloc
TlsSetValue
HeapDestroy
TlsGetValue
TlsFree
GetFullPathNameW
GetFullPathNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
CreateFileA
rpcrt4
UuidCreate
Exports
Exports
D3DAssemble
D3DCompile
D3DCompile2
D3DCompileFromFile
D3DCompressShaders
D3DCreateBlob
D3DCreateFunctionLinkingGraph
D3DCreateLinker
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DDisassemble11Trace
D3DDisassembleRegion
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DGetTraceInstructionOffsets
D3DLoadModule
D3DPreprocess
D3DReadFileToBlob
D3DReflect
D3DReflectLibrary
D3DReturnFailure1
D3DSetBlobPart
D3DStripShader
D3DWriteBlobToFile
DebugSetMute
Sections
.text Size: 3.4MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 25KB - Virtual size: 57KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 124KB - Virtual size: 123KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
devtools_resources.pak
-
icudtl.dat
-
libEGL.dll.dll windows:5 windows x86 arch:x86
1f1ea96193635656f86269a5cfe486d0
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
08:4f:f1:81:0e:4a:94:25:bf:80:e3:b8:bc:ae:ab:42Certificate
IssuerCN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before17/04/2017, 00:00Not After17/04/2019, 23:59SubjectCN=上海硬通网络科技有限公司,OU=IT,O=上海硬通网络科技有限公司,L=Shanghai,ST=Shanghai,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before10/12/2013, 00:00Not After09/12/2023, 23:59SubjectCN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
f5:f7:35:00:69:d2:4c:f6:a5:f8:1b:ca:4e:da:ec:1a:0a:44:3d:4fSigner
Actual PE Digestf5:f7:35:00:69:d2:4c:f6:a5:f8:1b:ca:4e:da:ec:1a:0a:44:3d:4fDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\cef3\source\chromium\src\out\Release\libEGL.dll.pdb
Imports
libglesv2
?ReleaseDeviceANGLE@egl@@YGIPAX@Z
?CreateDeviceANGLE@egl@@YGPAXHPAXPBH@Z
?DestroyImageKHR@egl@@YGIPAX0@Z
?CreateImageKHR@egl@@YGPAXPAX0I0PBH@Z
?QueryDeviceStringEXT@egl@@YGPBDPAXH@Z
?QueryDeviceAttribEXT@egl@@YGIPAXHPAH@Z
?QueryDisplayAttribEXT@egl@@YGIPAXHPAH@Z
?GetPlatformDisplayEXT@egl@@YGPAXIPAXPBH@Z
?PostSubBufferNV@egl@@YGIPAX0HHHH@Z
?QuerySurfacePointerANGLE@egl@@YGIPAX0HPAPAX@Z
?WaitSync@egl@@YGIPAX0H@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?GetPlatformDisplay@egl@@YGPAXIPAXPBH@Z
?DestroyImage@egl@@YGIPAX0@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?GetSyncAttrib@egl@@YGIPAX0HPAH@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?DestroySync@egl@@YGIPAX0@Z
?CreateSync@egl@@YGPAXPAXIPBH@Z
?GetCurrentContext@egl@@YGPAXXZ
?WaitClient@egl@@YGIXZ
?ReleaseThread@egl@@YGIXZ
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?QueryAPI@egl@@YGIXZ
?BindAPI@egl@@YGII@Z
?SwapInterval@egl@@YGIPAXH@Z
?SurfaceAttrib@egl@@YGIPAX0HH@Z
?ReleaseTexImage@egl@@YGIPAX0H@Z
?BindTexImage@egl@@YGIPAX0H@Z
?WaitNative@egl@@YGIH@Z
?WaitGL@egl@@YGIXZ
?Terminate@egl@@YGIPAX@Z
?SwapBuffers@egl@@YGIPAX0@Z
?QuerySurface@egl@@YGIPAX0HPAH@Z
?QueryString@egl@@YGPBDPAXH@Z
?QueryContext@egl@@YGIPAX0HPAH@Z
?MakeCurrent@egl@@YGIPAX000@Z
?Initialize@egl@@YGIPAXPAH1@Z
?GetProcAddress@egl@@YGP6AXXZPBD@Z
?GetError@egl@@YGHXZ
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetCurrentSurface@egl@@YGPAXH@Z
?GetCurrentDisplay@egl@@YGPAXXZ
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroyContext@egl@@YGIPAX0@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z
kernel32
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
LCMapStringW
HeapSize
OutputDebugStringW
GetStringTypeW
HeapReAlloc
HeapAlloc
RtlUnwind
LoadLibraryExW
GetModuleFileNameW
WriteFile
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCommandLineA
GetCurrentThreadId
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
Exports
Exports
eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformWindowSurface
eglCreateSync
eglCreateWindowSurface
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroySurface
eglDestroySync
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglInitialize
eglMakeCurrent
eglPostSubBufferNV
eglQueryAPI
eglQueryContext
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribEXT
eglQueryString
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReleaseDeviceANGLE
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync
Sections
.text Size: 41KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 22KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
libGLESv2.dll.dll windows:5 windows x86 arch:x86
d965d87567563d5be903d8a8b1ea467c
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
08:4f:f1:81:0e:4a:94:25:bf:80:e3:b8:bc:ae:ab:42Certificate
IssuerCN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before17/04/2017, 00:00Not After17/04/2019, 23:59SubjectCN=上海硬通网络科技有限公司,OU=IT,O=上海硬通网络科技有限公司,L=Shanghai,ST=Shanghai,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before10/12/2013, 00:00Not After09/12/2023, 23:59SubjectCN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
de:2d:b6:7a:c5:fc:65:75:7c:78:2c:d0:bc:cf:57:53:0d:3a:85:40Signer
Actual PE Digestde:2d:b6:7a:c5:fc:65:75:7c:78:2c:d0:bc:cf:57:53:0d:3a:85:40Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\cef3\source\chromium\src\out\Release\libGLESv2.dll.pdb
Imports
kernel32
LoadLibraryW
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
VerSetConditionMask
VerifyVersionInfoW
GetCurrentProcessId
GetTempFileNameA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
Sleep
LoadLibraryA
GetProcAddress
GetModuleHandleW
GetTempPathA
FreeLibrary
SetEndOfFile
CreateFileW
ReadConsoleW
OutputDebugStringW
WriteConsoleW
SetStdHandle
LoadLibraryExW
SetFilePointerEx
ReadFile
FlushFileBuffers
GetModuleFileNameW
GetConsoleMode
GetConsoleCP
WriteFile
CloseHandle
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
HeapFree
HeapAlloc
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapReAlloc
RaiseException
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
GetStartupInfoW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapSize
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameA
GetSystemTimeAsFileTime
gdi32
SwapBuffers
SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
GetPixelFormat
user32
WindowFromDC
DefWindowProcW
RegisterClassA
UnregisterClassA
CreateWindowExA
InvalidateRect
GetWindowThreadProcessId
CreateWindowExW
GetClientRect
IsIconic
LoadCursorA
ReleaseDC
GetDC
DestroyWindow
IsWindow
d3d9
D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_SetMarker
D3DPERF_GetStatus
Direct3DCreate9
Exports
Exports
?ActiveTexture@gl@@YGXI@Z
?AttachShader@gl@@YGXII@Z
?BeginQuery@gl@@YGXII@Z
?BeginQueryEXT@gl@@YGXII@Z
?BeginTransformFeedback@gl@@YGXI@Z
?BindAPI@egl@@YGII@Z
?BindAttribLocation@gl@@YGXIIPBD@Z
?BindBuffer@gl@@YGXII@Z
?BindBufferBase@gl@@YGXIII@Z
?BindBufferRange@gl@@YGXIIIJJ@Z
?BindFramebuffer@gl@@YGXII@Z
?BindRenderbuffer@gl@@YGXII@Z
?BindSampler@gl@@YGXII@Z
?BindTexImage@egl@@YGIPAX0H@Z
?BindTexture@gl@@YGXII@Z
?BindTransformFeedback@gl@@YGXII@Z
?BindVertexArray@gl@@YGXI@Z
?BindVertexArrayOES@gl@@YGXI@Z
?BlendColor@gl@@YGXMMMM@Z
?BlendEquation@gl@@YGXI@Z
?BlendEquationSeparate@gl@@YGXII@Z
?BlendFunc@gl@@YGXII@Z
?BlendFuncSeparate@gl@@YGXIIII@Z
?BlitFramebuffer@gl@@YGXHHHHHHHHII@Z
?BlitFramebufferANGLE@gl@@YGXHHHHHHHHII@Z
?BufferData@gl@@YGXIJPBXI@Z
?BufferSubData@gl@@YGXIJJPBX@Z
?CheckFramebufferStatus@gl@@YGII@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z
?Clear@gl@@YGXI@Z
?ClearBufferfi@gl@@YGXIHMH@Z
?ClearBufferfv@gl@@YGXIHPBM@Z
?ClearBufferiv@gl@@YGXIHPBH@Z
?ClearBufferuiv@gl@@YGXIHPBI@Z
?ClearColor@gl@@YGXMMMM@Z
?ClearDepthf@gl@@YGXM@Z
?ClearStencil@gl@@YGXH@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?ClientWaitSync@gl@@YGIPAU__GLsync@@I_K@Z
?ColorMask@gl@@YGXEEEE@Z
?CompileShader@gl@@YGXI@Z
?CompressedTexImage2D@gl@@YGXIHIHHHHPBX@Z
?CompressedTexImage3D@gl@@YGXIHIHHHHHPBX@Z
?CompressedTexSubImage2D@gl@@YGXIHHHHHIHPBX@Z
?CompressedTexSubImage3D@gl@@YGXIHHHHHHHIHPBX@Z
?CopyBufferSubData@gl@@YGXIIJJJ@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?CopyTexImage2D@gl@@YGXIHIHHHHH@Z
?CopyTexSubImage2D@gl@@YGXIHHHHHHH@Z
?CopyTexSubImage3D@gl@@YGXIHHHHHHHH@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CreateDeviceANGLE@egl@@YGPAXHPAXPBH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?CreateImageKHR@egl@@YGPAXPAX0I0PBH@Z
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreateProgram@gl@@YGIXZ
?CreateShader@gl@@YGII@Z
?CreateSync@egl@@YGPAXPAXIPBH@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?CullFace@gl@@YGXI@Z
?DebugMessageCallbackKHR@gl@@YGXP6GXIIIIHPBDPBX@Z1@Z
?DebugMessageControlKHR@gl@@YGXIIIHPBIE@Z
?DebugMessageInsertKHR@gl@@YGXIIIIHPBD@Z
?DeleteBuffers@gl@@YGXHPBI@Z
?DeleteFencesNV@gl@@YGXHPBI@Z
?DeleteFramebuffers@gl@@YGXHPBI@Z
?DeleteProgram@gl@@YGXI@Z
?DeleteQueries@gl@@YGXHPBI@Z
?DeleteQueriesEXT@gl@@YGXHPBI@Z
?DeleteRenderbuffers@gl@@YGXHPBI@Z
?DeleteSamplers@gl@@YGXHPBI@Z
?DeleteShader@gl@@YGXI@Z
?DeleteSync@gl@@YGXPAU__GLsync@@@Z
?DeleteTextures@gl@@YGXHPBI@Z
?DeleteTransformFeedbacks@gl@@YGXHPBI@Z
?DeleteVertexArrays@gl@@YGXHPBI@Z
?DeleteVertexArraysOES@gl@@YGXHPBI@Z
?DepthFunc@gl@@YGXI@Z
?DepthMask@gl@@YGXE@Z
?DepthRangef@gl@@YGXMM@Z
?DestroyContext@egl@@YGIPAX0@Z
?DestroyImage@egl@@YGIPAX0@Z
?DestroyImageKHR@egl@@YGIPAX0@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroySync@egl@@YGIPAX0@Z
?DetachShader@gl@@YGXII@Z
?Disable@gl@@YGXI@Z
?DisableVertexAttribArray@gl@@YGXI@Z
?DiscardFramebufferEXT@gl@@YGXIHPBI@Z
?DrawArrays@gl@@YGXIHH@Z
?DrawArraysInstanced@gl@@YGXIHHH@Z
?DrawArraysInstancedANGLE@gl@@YGXIHHH@Z
?DrawBuffers@gl@@YGXHPBI@Z
?DrawBuffersEXT@gl@@YGXHPBI@Z
?DrawElements@gl@@YGXIHIPBX@Z
?DrawElementsInstanced@gl@@YGXIHIPBXH@Z
?DrawElementsInstancedANGLE@gl@@YGXIHIPBXH@Z
?DrawRangeElements@gl@@YGXIIIHIPBX@Z
?EGLImageTargetRenderbufferStorageOES@gl@@YGXIPAX@Z
?EGLImageTargetTexture2DOES@gl@@YGXIPAX@Z
?Enable@gl@@YGXI@Z
?EnableVertexAttribArray@gl@@YGXI@Z
?EndQuery@gl@@YGXI@Z
?EndQueryEXT@gl@@YGXI@Z
?EndTransformFeedback@gl@@YGXXZ
?FenceSync_@gl@@YGPAU__GLsync@@II@Z
?Finish@gl@@YGXXZ
?FinishFenceNV@gl@@YGXI@Z
?Flush@gl@@YGXXZ
?FlushMappedBufferRange@gl@@YGXIJJ@Z
?FlushMappedBufferRangeEXT@gl@@YGXIJJ@Z
?FramebufferRenderbuffer@gl@@YGXIIII@Z
?FramebufferTexture2D@gl@@YGXIIIIH@Z
?FramebufferTextureLayer@gl@@YGXIIIHH@Z
?FrontFace@gl@@YGXI@Z
?GenBuffers@gl@@YGXHPAI@Z
?GenFencesNV@gl@@YGXHPAI@Z
?GenFramebuffers@gl@@YGXHPAI@Z
?GenQueries@gl@@YGXHPAI@Z
?GenQueriesEXT@gl@@YGXHPAI@Z
?GenRenderbuffers@gl@@YGXHPAI@Z
?GenSamplers@gl@@YGXHPAI@Z
?GenTextures@gl@@YGXHPAI@Z
?GenTransformFeedbacks@gl@@YGXHPAI@Z
?GenVertexArrays@gl@@YGXHPAI@Z
?GenVertexArraysOES@gl@@YGXHPAI@Z
?GenerateMipmap@gl@@YGXI@Z
?GetActiveAttrib@gl@@YGXIIHPAH0PAIPAD@Z
?GetActiveUniform@gl@@YGXIIHPAH0PAIPAD@Z
?GetActiveUniformBlockName@gl@@YGXIIHPAHPAD@Z
?GetActiveUniformBlockiv@gl@@YGXIIIPAH@Z
?GetActiveUniformsiv@gl@@YGXIHPBIIPAH@Z
?GetAttachedShaders@gl@@YGXIHPAHPAI@Z
?GetAttribLocation@gl@@YGHIPBD@Z
?GetBooleanv@gl@@YGXIPAE@Z
?GetBufferParameteri64v@gl@@YGXIIPA_J@Z
?GetBufferParameteriv@gl@@YGXIIPAH@Z
?GetBufferPointerv@gl@@YGXIIPAPAX@Z
?GetBufferPointervOES@gl@@YGXIIPAPAX@Z
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentContext@egl@@YGPAXXZ
?GetCurrentDisplay@egl@@YGPAXXZ
?GetCurrentSurface@egl@@YGPAXH@Z
?GetDebugMessageLogKHR@gl@@YGIIHPAI000PAHPAD@Z
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetError@egl@@YGHXZ
?GetError@gl@@YGIXZ
?GetFenceivNV@gl@@YGXIIPAH@Z
?GetFloatv@gl@@YGXIPAM@Z
?GetFragDataLocation@gl@@YGHIPBD@Z
?GetFramebufferAttachmentParameteriv@gl@@YGXIIIPAH@Z
?GetGraphicsResetStatusEXT@gl@@YGIXZ
?GetInteger64i_v@gl@@YGXIIPA_J@Z
?GetInteger64v@gl@@YGXIPA_J@Z
?GetIntegeri_v@gl@@YGXIIPAH@Z
?GetIntegerv@gl@@YGXIPAH@Z
?GetInternalformativ@gl@@YGXIIIHPAH@Z
?GetObjectLabelKHR@gl@@YGXIIHPAHPAD@Z
?GetObjectPtrLabelKHR@gl@@YGXPBXHPAHPAD@Z
?GetPlatformDisplay@egl@@YGPAXIPAXPBH@Z
?GetPlatformDisplayEXT@egl@@YGPAXIPAXPBH@Z
?GetPointervKHR@gl@@YGXIPAPAX@Z
?GetProcAddress@egl@@YGP6AXXZPBD@Z
?GetProgramBinary@gl@@YGXIHPAHPAIPAX@Z
?GetProgramBinaryOES@gl@@YGXIHPAHPAIPAX@Z
?GetProgramInfoLog@gl@@YGXIHPAHPAD@Z
?GetProgramiv@gl@@YGXIIPAH@Z
?GetQueryObjectuiv@gl@@YGXIIPAI@Z
?GetQueryObjectuivEXT@gl@@YGXIIPAI@Z
?GetQueryiv@gl@@YGXIIPAH@Z
?GetQueryivEXT@gl@@YGXIIPAH@Z
?GetRenderbufferParameteriv@gl@@YGXIIPAH@Z
?GetSamplerParameterfv@gl@@YGXIIPAM@Z
?GetSamplerParameteriv@gl@@YGXIIPAH@Z
?GetShaderInfoLog@gl@@YGXIHPAHPAD@Z
?GetShaderPrecisionFormat@gl@@YGXIIPAH0@Z
?GetShaderSource@gl@@YGXIHPAHPAD@Z
?GetShaderiv@gl@@YGXIIPAH@Z
?GetString@gl@@YGPBEI@Z
?GetStringi@gl@@YGPBEII@Z
?GetSyncAttrib@egl@@YGIPAX0HPAH@Z
?GetSynciv@gl@@YGXPAU__GLsync@@IHPAH1@Z
?GetTexParameterfv@gl@@YGXIIPAM@Z
?GetTexParameteriv@gl@@YGXIIPAH@Z
?GetTransformFeedbackVarying@gl@@YGXIIHPAH0PAIPAD@Z
?GetTranslatedShaderSourceANGLE@gl@@YGXIHPAHPAD@Z
?GetUniformBlockIndex@gl@@YGIIPBD@Z
?GetUniformIndices@gl@@YGXIHPBQBDPAI@Z
?GetUniformLocation@gl@@YGHIPBD@Z
?GetUniformfv@gl@@YGXIHPAM@Z
?GetUniformiv@gl@@YGXIHPAH@Z
?GetUniformuiv@gl@@YGXIHPAI@Z
?GetVertexAttribIiv@gl@@YGXIIPAH@Z
?GetVertexAttribIuiv@gl@@YGXIIPAI@Z
?GetVertexAttribPointerv@gl@@YGXIIPAPAX@Z
?GetVertexAttribfv@gl@@YGXIIPAM@Z
?GetVertexAttribiv@gl@@YGXIIPAH@Z
?GetnUniformfvEXT@gl@@YGXIHHPAM@Z
?GetnUniformivEXT@gl@@YGXIHHPAH@Z
?Hint@gl@@YGXII@Z
?Initialize@egl@@YGIPAXPAH1@Z
?InsertEventMarkerEXT@gl@@YGXHPBD@Z
?InvalidateFramebuffer@gl@@YGXIHPBI@Z
?InvalidateSubFramebuffer@gl@@YGXIHPBIHHHH@Z
?IsBuffer@gl@@YGEI@Z
?IsEnabled@gl@@YGEI@Z
?IsFenceNV@gl@@YGEI@Z
?IsFramebuffer@gl@@YGEI@Z
?IsProgram@gl@@YGEI@Z
?IsQuery@gl@@YGEI@Z
?IsQueryEXT@gl@@YGEI@Z
?IsRenderbuffer@gl@@YGEI@Z
?IsSampler@gl@@YGEI@Z
?IsShader@gl@@YGEI@Z
?IsSync@gl@@YGEPAU__GLsync@@@Z
?IsTexture@gl@@YGEI@Z
?IsTransformFeedback@gl@@YGEI@Z
?IsVertexArray@gl@@YGEI@Z
?IsVertexArrayOES@gl@@YGEI@Z
?LineWidth@gl@@YGXM@Z
?LinkProgram@gl@@YGXI@Z
?MakeCurrent@egl@@YGIPAX000@Z
?MapBufferOES@gl@@YGPAXII@Z
?MapBufferRange@gl@@YGPAXIJJI@Z
?MapBufferRangeEXT@gl@@YGPAXIJJI@Z
?ObjectLabelKHR@gl@@YGXIIHPBD@Z
?ObjectPtrLabelKHR@gl@@YGXPBXHPBD@Z
?PauseTransformFeedback@gl@@YGXXZ
?PixelStorei@gl@@YGXIH@Z
?PolygonOffset@gl@@YGXMM@Z
?PopDebugGroupKHR@gl@@YGXXZ
?PopGroupMarkerEXT@gl@@YGXXZ
?PostSubBufferNV@egl@@YGIPAX0HHHH@Z
?ProgramBinary@gl@@YGXIIPBXH@Z
?ProgramBinaryOES@gl@@YGXIIPBXH@Z
?ProgramParameteri@gl@@YGXIIH@Z
?PushDebugGroupKHR@gl@@YGXIIHPBD@Z
?PushGroupMarkerEXT@gl@@YGXHPBD@Z
?QueryAPI@egl@@YGIXZ
?QueryContext@egl@@YGIPAX0HPAH@Z
?QueryDeviceAttribEXT@egl@@YGIPAXHPAH@Z
?QueryDeviceStringEXT@egl@@YGPBDPAXH@Z
?QueryDisplayAttribEXT@egl@@YGIPAXHPAH@Z
?QueryString@egl@@YGPBDPAXH@Z
?QuerySurface@egl@@YGIPAX0HPAH@Z
?QuerySurfacePointerANGLE@egl@@YGIPAX0HPAPAX@Z
?ReadBuffer@gl@@YGXI@Z
?ReadPixels@gl@@YGXHHHHIIPAX@Z
?ReadnPixelsEXT@gl@@YGXHHHHIIHPAX@Z
?ReleaseDeviceANGLE@egl@@YGIPAX@Z
?ReleaseShaderCompiler@gl@@YGXXZ
?ReleaseTexImage@egl@@YGIPAX0H@Z
?ReleaseThread@egl@@YGIXZ
?RenderbufferStorage@gl@@YGXIIHH@Z
?RenderbufferStorageMultisample@gl@@YGXIHIHH@Z
?RenderbufferStorageMultisampleANGLE@gl@@YGXIHIHH@Z
?ResumeTransformFeedback@gl@@YGXXZ
?SampleCoverage@gl@@YGXME@Z
?SamplerParameterf@gl@@YGXIIM@Z
?SamplerParameterfv@gl@@YGXIIPBM@Z
?SamplerParameteri@gl@@YGXIIH@Z
?SamplerParameteriv@gl@@YGXIIPBH@Z
?Scissor@gl@@YGXHHHH@Z
?SetFenceNV@gl@@YGXII@Z
?ShaderBinary@gl@@YGXHPBIIPBXH@Z
?ShaderSource@gl@@YGXIHPBQBDPBH@Z
?StencilFunc@gl@@YGXIHI@Z
?StencilFuncSeparate@gl@@YGXIIHI@Z
?StencilMask@gl@@YGXI@Z
?StencilMaskSeparate@gl@@YGXII@Z
?StencilOp@gl@@YGXIII@Z
?StencilOpSeparate@gl@@YGXIIII@Z
?SurfaceAttrib@egl@@YGIPAX0HH@Z
?SwapBuffers@egl@@YGIPAX0@Z
?SwapInterval@egl@@YGIPAXH@Z
?Terminate@egl@@YGIPAX@Z
?TestFenceNV@gl@@YGEI@Z
?TexImage2D@gl@@YGXIHHHHHIIPBX@Z
?TexImage3D@gl@@YGXIHHHHHHIIPBX@Z
?TexParameterf@gl@@YGXIIM@Z
?TexParameterfv@gl@@YGXIIPBM@Z
?TexParameteri@gl@@YGXIIH@Z
?TexParameteriv@gl@@YGXIIPBH@Z
?TexStorage2D@gl@@YGXIHIHH@Z
?TexStorage2DEXT@gl@@YGXIHIHH@Z
?TexStorage3D@gl@@YGXIHIHHH@Z
?TexSubImage2D@gl@@YGXIHHHHHIIPBX@Z
?TexSubImage3D@gl@@YGXIHHHHHHHIIPBX@Z
?TransformFeedbackVaryings@gl@@YGXIHPBQBDI@Z
?Uniform1f@gl@@YGXHM@Z
?Uniform1fv@gl@@YGXHHPBM@Z
?Uniform1i@gl@@YGXHH@Z
?Uniform1iv@gl@@YGXHHPBH@Z
?Uniform1ui@gl@@YGXHI@Z
?Uniform1uiv@gl@@YGXHHPBI@Z
?Uniform2f@gl@@YGXHMM@Z
?Uniform2fv@gl@@YGXHHPBM@Z
?Uniform2i@gl@@YGXHHH@Z
?Uniform2iv@gl@@YGXHHPBH@Z
?Uniform2ui@gl@@YGXHII@Z
?Uniform2uiv@gl@@YGXHHPBI@Z
?Uniform3f@gl@@YGXHMMM@Z
?Uniform3fv@gl@@YGXHHPBM@Z
?Uniform3i@gl@@YGXHHHH@Z
?Uniform3iv@gl@@YGXHHPBH@Z
?Uniform3ui@gl@@YGXHIII@Z
?Uniform3uiv@gl@@YGXHHPBI@Z
?Uniform4f@gl@@YGXHMMMM@Z
?Uniform4fv@gl@@YGXHHPBM@Z
?Uniform4i@gl@@YGXHHHHH@Z
?Uniform4iv@gl@@YGXHHPBH@Z
?Uniform4ui@gl@@YGXHIIII@Z
?Uniform4uiv@gl@@YGXHHPBI@Z
?UniformBlockBinding@gl@@YGXIII@Z
?UniformMatrix2fv@gl@@YGXHHEPBM@Z
?UniformMatrix2x3fv@gl@@YGXHHEPBM@Z
?UniformMatrix2x4fv@gl@@YGXHHEPBM@Z
?UniformMatrix3fv@gl@@YGXHHEPBM@Z
?UniformMatrix3x2fv@gl@@YGXHHEPBM@Z
?UniformMatrix3x4fv@gl@@YGXHHEPBM@Z
?UniformMatrix4fv@gl@@YGXHHEPBM@Z
?UniformMatrix4x2fv@gl@@YGXHHEPBM@Z
?UniformMatrix4x3fv@gl@@YGXHHEPBM@Z
?UnmapBuffer@gl@@YGEI@Z
?UnmapBufferOES@gl@@YGEI@Z
?UseProgram@gl@@YGXI@Z
?ValidateProgram@gl@@YGXI@Z
?VertexAttrib1f@gl@@YGXIM@Z
?VertexAttrib1fv@gl@@YGXIPBM@Z
?VertexAttrib2f@gl@@YGXIMM@Z
?VertexAttrib2fv@gl@@YGXIPBM@Z
?VertexAttrib3f@gl@@YGXIMMM@Z
?VertexAttrib3fv@gl@@YGXIPBM@Z
?VertexAttrib4f@gl@@YGXIMMMM@Z
?VertexAttrib4fv@gl@@YGXIPBM@Z
?VertexAttribDivisor@gl@@YGXII@Z
?VertexAttribDivisorANGLE@gl@@YGXII@Z
?VertexAttribI4i@gl@@YGXIHHHH@Z
?VertexAttribI4iv@gl@@YGXIPBH@Z
?VertexAttribI4ui@gl@@YGXIIIII@Z
?VertexAttribI4uiv@gl@@YGXIPBI@Z
?VertexAttribIPointer@gl@@YGXIHIHPBX@Z
?VertexAttribPointer@gl@@YGXIHIEHPBX@Z
?Viewport@gl@@YGXHHHH@Z
?WaitClient@egl@@YGIXZ
?WaitGL@egl@@YGIXZ
?WaitNative@egl@@YGIH@Z
?WaitSync@egl@@YGIPAX0H@Z
?WaitSync@gl@@YGXPAU__GLsync@@I_K@Z
ANGLEPlatformCurrent
ANGLEPlatformInitialize
ANGLEPlatformShutdown
glActiveTexture
glAttachShader
glBeginQuery
glBeginQueryEXT
glBeginTransformFeedback
glBindAttribLocation
glBindBuffer
glBindBufferBase
glBindBufferRange
glBindFramebuffer
glBindRenderbuffer
glBindSampler
glBindTexture
glBindTransformFeedback
glBindVertexArray
glBindVertexArrayOES
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebuffer
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glClear
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearDepthf
glClearStencil
glClientWaitSync
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexImage3D
glCompressedTexSubImage2D
glCompressedTexSubImage3D
glCopyBufferSubData
glCopyTexImage2D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCreateProgram
glCreateShader
glCullFace
glDebugMessageCallbackKHR
glDebugMessageControlKHR
glDebugMessageInsertKHR
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteProgram
glDeleteQueries
glDeleteQueriesEXT
glDeleteRenderbuffers
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDeleteVertexArraysOES
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDiscardFramebufferEXT
glDrawArrays
glDrawArraysInstanced
glDrawArraysInstancedANGLE
glDrawBuffers
glDrawBuffersEXT
glDrawElements
glDrawElementsInstanced
glDrawElementsInstancedANGLE
glDrawRangeElements
glEGLImageTargetRenderbufferStorageOES
glEGLImageTargetTexture2DOES
glEnable
glEnableVertexAttribArray
glEndQuery
glEndQueryEXT
glEndTransformFeedback
glFenceSync
glFinish
glFinishFenceNV
glFlush
glFlushMappedBufferRange
glFlushMappedBufferRangeEXT
glFramebufferRenderbuffer
glFramebufferTexture2D
glFramebufferTextureLayer
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenQueries
glGenQueriesEXT
glGenRenderbuffers
glGenSamplers
glGenTextures
glGenTransformFeedbacks
glGenVertexArrays
glGenVertexArraysOES
glGenerateMipmap
glGetActiveAttrib
glGetActiveUniform
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformsiv
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferPointerv
glGetBufferPointervOES
glGetDebugMessageLogKHR
glGetError
glGetFenceivNV
glGetFloatv
glGetFragDataLocation
glGetFramebufferAttachmentParameteriv
glGetGraphicsResetStatusEXT
glGetInteger64i_v
glGetInteger64v
glGetIntegeri_v
glGetIntegerv
glGetInternalformativ
glGetObjectLabelKHR
glGetObjectPtrLabelKHR
glGetPointervKHR
glGetProgramBinary
glGetProgramBinaryOES
glGetProgramInfoLog
glGetProgramiv
glGetQueryObjectuiv
glGetQueryObjectuivEXT
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 338KB - Virtual size: 338KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 7KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 52KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
libcef.dll.dll windows:5 windows x86 arch:x86
9d117b5efe02256e602fa880c1a29d0c
Code Sign
7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate
IssuerCN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZANot Before21/12/2012, 00:00Not After30/12/2020, 23:59SubjectCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate
IssuerCN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=USNot Before18/10/2012, 00:00Not After29/12/2020, 23:59SubjectCN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
08:4f:f1:81:0e:4a:94:25:bf:80:e3:b8:bc:ae:ab:42Certificate
IssuerCN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before17/04/2017, 00:00Not After17/04/2019, 23:59SubjectCN=上海硬通网络科技有限公司,OU=IT,O=上海硬通网络科技有限公司,L=Shanghai,ST=Shanghai,C=CNExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before10/12/2013, 00:00Not After09/12/2023, 23:59SubjectCN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
7e:e1:d2:b7:2f:46:e0:d1:8f:4c:39:e2:04:01:15:50:68:3d:cf:16Signer
Actual PE Digest7e:e1:d2:b7:2f:46:e0:d1:8f:4c:39:e2:04:01:15:50:68:3d:cf:16Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
e:\cef3\source\chromium\src\out\Release\libcef.dll.pdb
Imports
version
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
usp10
ScriptStringFree
ScriptFreeCache
ScriptShape
ScriptStringOut
ScriptItemize
ScriptStringAnalyse
psapi
EnumProcessModules
QueryWorkingSet
GetProcessMemoryInfo
shlwapi
PathFindExtensionW
PathRemoveExtensionW
PathFindFileNameW
PathGetCharTypeW
advapi32
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptGetHashParam
CryptSetHashParam
CryptDestroyKey
CryptGenKey
StartTraceW
ControlTraceW
ConvertStringSidToSidW
GetAce
GetKernelObjectSecurity
GetLengthSid
GetSecurityDescriptorSacl
SetKernelObjectSecurity
SetTokenInformation
CreateProcessAsUserW
OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
RegCreateKeyExW
RegQueryValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegEnumKeyExW
RegCloseKey
RegSetValueExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
InitializeAcl
SystemFunction036
RegOpenKeyExA
RegQueryValueExA
ImpersonateAnonymousToken
RevertToSelf
CryptAcquireContextW
OpenTraceW
ProcessTrace
CloseTrace
CryptReleaseContext
CryptGenRandom
SetSecurityInfo
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegDisablePredefinedCache
SetThreadToken
GetSecurityInfo
CopySid
CreateWellKnownSid
CreateRestrictedToken
DuplicateToken
DuplicateTokenEx
EqualSid
LookupPrivilegeValueW
SetEntriesInAclW
gdi32
GetEnhMetaFileBits
GetEnhMetaFileHeader
PlayEnhMetaFile
PlayEnhMetaFileRecord
SetEnhMetaFileBits
CancelDC
CreateDCW
StartDocW
EndDoc
SetAbortProc
RestoreDC
SaveDC
StartPage
EndPage
GetRgnBox
GetDIBits
IntersectClipRect
EnumFontFamiliesExA
CreateFontIndirectA
GetCharWidthW
GetOutlineTextMetricsW
CreateFontA
CreatePen
GetClipBox
GetClipRgn
GetObjectType
LineTo
CloseFigure
FillPath
SelectClipPath
SetMiterLimit
StrokeAndFillPath
StrokePath
WidenPath
MoveToEx
PolyBezierTo
GetTextFaceA
GetRegionData
EqualRgn
ExtEscape
EnumFontFamiliesExW
GetFontData
CreateRectRgn
ExtTextOutW
GetWorldTransform
StretchBlt
CreateBitmap
EnumEnhMetaFile
DeleteEnhMetaFile
CreateEnhMetaFileW
CloseEnhMetaFile
GetTextMetricsW
SetMapMode
GetTextExtentPoint32W
GetStockObject
ModifyWorldTransform
StretchDIBits
SetRectRgn
GetDeviceCaps
CombineRgn
GetTextFaceW
CreateFontW
CreateFontIndirectW
SetDIBitsToDevice
CreateCompatibleBitmap
SetBrushOrgEx
SetArcDirection
SetStretchBltMode
SetROP2
SetGraphicsMode
SetBkMode
SetDCPenColor
SetDCBrushColor
PolyBezier
CreateCompatibleDC
GetCurrentObject
GetObjectW
CreateSolidBrush
DeleteObject
GetBkColor
SelectObject
SetBkColor
PathToRegion
EndPath
SetTextColor
BitBlt
DeleteDC
GdiAlphaBlend
CreateDIBSection
GetGlyphIndicesW
SetTextAlign
GetGlyphOutlineW
AddFontMemResourceEx
GetCharABCWidthsW
GetFontUnicodeRanges
GetTextExtentPointI
BeginPath
AbortPath
SetWorldTransform
SetPolyFillMode
SelectClipRgn
RemoveFontMemResourceEx
ChoosePixelFormat
SetPixelFormat
SwapBuffers
SetDIBits
GetICMProfileW
CreateRectRgnIndirect
ExtCreatePen
GdiFlush
kernel32
OpenFileMappingW
SetEndOfFile
SetFilePointerEx
UnlockFile
LockFile
SetFileTime
FlushFileBuffers
GetFileSizeEx
GetFileInformationByHandle
Process32FirstW
GetProcessId
Process32NextW
CreateToolhelp32Snapshot
FreeLibrary
LoadLibraryW
lstrcmpiA
VirtualProtect
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
GlobalMemoryStatusEx
GetDiskFreeSpaceExW
QueueUserWorkItem
GetUserDefaultLangID
GetSystemDirectoryW
GetWindowsDirectoryW
RegisterWaitForSingleObject
UnregisterWaitEx
GetModuleHandleExA
GetProcessHeaps
HeapUnlock
GetEnvironmentVariableW
HeapWalk
SetEnvironmentVariableW
VirtualQueryEx
GetSystemInfo
SwitchToThread
InitializeCriticalSection
ReleaseSemaphore
ReleaseMutex
CreateMutexW
CreateSemaphoreW
GetTimeZoneInformation
VirtualAlloc
VirtualFree
GetSystemTime
IsWow64Process
GetLocaleInfoW
GetLocaleInfoA
GetNumberFormatW
GetCurrencyFormatW
GetDateFormatW
GetVolumeInformationW
LoadLibraryA
GetThreadLocale
GetGeoInfoW
GetUserGeoID
CreateFileA
GlobalAlloc
GlobalSize
GlobalLock
GlobalUnlock
GlobalFree
GetPrivateProfileStringW
FormatMessageW
CancelIo
LoadLibraryExW
GetComputerNameExW
SetFilePointer
lstrcmpiW
MultiByteToWideChar
GetModuleFileNameA
ConnectNamedPipe
CreateNamedPipeW
WaitNamedPipeW
GetNamedPipeInfo
GetFileSize
WideCharToMultiByte
GetTempFileNameA
GetFileType
GetThreadTimes
GetTempPathA
DeleteFileA
CreateSemaphoreA
GetOverlappedResult
OpenThread
SuspendThread
GetThreadContext
GetLocalTime
InitializeSListHead
InterlockedPopEntrySList
InterlockedPushEntrySList
DecodePointer
SetUnhandledExceptionFilter
CreateRemoteThread
VirtualAllocEx
VirtualFreeEx
RtlCaptureContext
SetNamedPipeHandleState
TransactNamedPipe
LoadResource
SizeofResource
FindResourceW
FlushInstructionCache
SetThreadExecutionState
DefineDosDeviceW
DeviceIoControl
GetUserDefaultLCID
EnumSystemLocalesW
GetDriveTypeW
ClearCommBreak
ClearCommError
EscapeCommFunction
GetCommModemStatus
GetCommState
PurgeComm
SetCommBreak
SetCommMask
SetCommState
SetCommTimeouts
WaitCommEvent
GetACP
FindFirstFileExA
RtlUnwind
GetWindowsDirectoryA
GetSystemDirectoryA
GlobalDeleteAtom
GlobalAddAtomW
SetConsoleCtrlHandler
GetFullPathNameW
AreFileApisANSI
ExitProcess
VerifyVersionInfoW
VerSetConditionMask
VirtualQuery
GetFileAttributesExW
QueryDosDeviceW
RemoveDirectoryW
SetCurrentDirectoryW
CreateFileMappingW
MoveFileW
GetLongPathNameW
GetCurrentDirectoryW
GetTempPathW
ReplaceFileW
GetFileAttributesW
CopyFileW
GetVolumePathNameW
CreateDirectoryW
MoveFileExW
UnmapViewOfFile
SetStdHandle
GetConsoleMode
GetConsoleCP
MapViewOfFile
GetTempFileNameW
ResumeThread
GetCommandLineA
IsProcessorFeaturePresent
EncodePointer
LoadLibraryExA
AttachConsole
GetStdHandle
ReadFile
AssignProcessToJobObject
SetHandleInformation
CreateProcessW
AllocConsole
SetInformationJobObject
TerminateProcess
GetExitCodeProcess
OpenProcess
GetPriorityClass
SetPriorityClass
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
GetVersionExW
GetNativeSystemInfo
QueryPerformanceFrequency
FileTimeToSystemTime
TzSpecificLocalTimeToSystemTime
SearchPathW
GetSystemTimeAsFileTime
QueryPerformanceCounter
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
WaitForMultipleObjects
CreateEventW
DebugBreak
ReadProcessMemory
SignalObjectAndWait
GetProcessHandleCount
CreateJobObjectW
TerminateJobObject
WriteProcessMemory
VirtualProtectEx
ProcessIdToSessionId
QueueUserAPC
CreateWaitableTimerW
SleepEx
QueryInformationJobObject
IsProcessInJob
HeapCompact
WaitForSingleObjectEx
UnlockFileEx
HeapDestroy
GetFileAttributesA
HeapCreate
HeapValidate
LockFileEx
GetDiskFreeSpaceW
CreateFileMappingA
GetDiskFreeSpaceA
CreateEventA
GetProcessAffinityMask
SetConsoleTextAttribute
GetConsoleScreenBufferInfo
GetEnvironmentVariableA
GetSystemPowerStatus
FindCloseChangeNotification
FindFirstChangeNotificationW
RtlCaptureStackBackTrace
LockResource
GetUserDefaultUILanguage
SetEnvironmentVariableA
GetFullPathNameA
OutputDebugStringW
HeapQueryInformation
ResetEvent
SetEvent
CreateThread
DuplicateHandle
ExitThread
FileTimeToLocalFileTime
PeekNamedPipe
IsDebuggerPresent
GetThreadPriority
RaiseException
SetThreadPriority
Sleep
GetCurrentThread
WaitForSingleObject
GetCurrentProcess
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
LocalFree
GetCurrentProcessId
DeleteFileW
CloseHandle
OutputDebugStringA
SetLastError
GetLastError
CreateFileW
WriteFile
FormatMessageA
GetTickCount
HeapSetInformation
GetProcessHeap
HeapFree
HeapReAlloc
HeapAlloc
GetCurrentThreadId
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameW
SetErrorMode
GetProcAddress
GetModuleHandleA
FindNextFileW
FindClose
FindFirstFileExW
FindFirstFileW
ExpandEnvironmentStringsW
SetFileAttributesW
lstrlenW
GetCommandLineW
GetTimeFormatW
HeapSize
UnhandledExceptionFilter
GetStartupInfoW
GetEnvironmentStringsW
FreeEnvironmentStringsW
ReadConsoleW
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
WriteConsoleW
IsValidLocale
CompareStringW
HeapLock
FindNextFileA
LCMapStringW
winspool.drv
DeviceCapabilitiesW
GetPrinterDriverW
EnumPrintersW
OpenPrinterW
ClosePrinter
ord203
DocumentPropertiesW
GetPrinterW
comdlg32
GetSaveFileNameW
PrintDlgExW
GetOpenFileNameW
ole32
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
ReleaseStgMedium
CoCreateGuid
StringFromGUID2
PropVariantClear
CLSIDFromString
CoTaskMemFree
OleInitialize
CoInitialize
CoUninitialize
CreateStreamOnHGlobal
GetHGlobalFromStream
RevokeDragDrop
DoDragDrop
RegisterDragDrop
OleDuplicateData
OleUninitialize
CoInitializeEx
oleaut32
VarUI4FromStr
LoadTypeLi
LoadRegTypeLi
SysStringLen
SysAllocString
SysFreeString
VariantInit
VariantClear
winhttp
WinHttpSetTimeouts
WinHttpCloseHandle
WinHttpOpen
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
userenv
CreateEnvironmentBlock
DestroyEnvironmentBlock
GetProfileType
urlmon
CoInternetCreateSecurityManager
dhcpcsvc
DhcpCApiInitialize
DhcpRequestParams
wtsapi32
WTSUnRegisterSessionNotification
WTSRegisterSessionNotification
comctl32
InitCommonControlsEx
oleacc
CreateStdAccessibleObject
LresultFromObject
AccessibleObjectFromWindow
winmm
midiInUnprepareHeader
midiInPrepareHeader
midiInClose
midiInOpen
midiInGetDevCapsW
midiInGetNumDevs
midiOutGetID
midiOutReset
midiOutLongMsg
midiOutShortMsg
midiOutUnprepareHeader
midiOutPrepareHeader
midiOutClose
midiOutOpen
midiOutGetDevCapsW
midiOutGetNumDevs
waveOutReset
waveOutRestart
midiInAddBuffer
waveOutWrite
waveOutUnprepareHeader
waveOutPrepareHeader
waveOutClose
waveOutOpen
waveInReset
waveInStart
waveInAddBuffer
waveInUnprepareHeader
waveInPrepareHeader
waveInClose
waveInOpen
timeBeginPeriod
timeGetTime
timeEndPeriod
timeKillEvent
waveOutGetDevCapsW
waveInMessage
waveInGetNumDevs
waveOutGetNumDevs
midiInStart
midiInReset
midiInGetID
timeSetEvent
waveOutPause
waveInGetDevCapsW
ws2_32
WSASocketW
ntohs
WSAWaitForMultipleEvents
WSASetEvent
send
WSCEnumProtocols
ioctlsocket
gethostname
accept
bind
closesocket
connect
getsockname
listen
recv
setsockopt
shutdown
WSAGetLastError
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetOverlappedResult
WSAIoctl
WSAResetEvent
WSASend
WSAStartup
WSALookupServiceBeginW
WSALookupServiceNextW
WSALookupServiceEnd
getaddrinfo
freeaddrinfo
socket
getpeername
getsockopt
htonl
recvfrom
sendto
WSARecvFrom
WSASendTo
htons
ntohl
WSASetServiceW
secur32
InitializeSecurityContextA
CompleteAuthToken
QuerySecurityPackageInfoW
FreeContextBuffer
AcquireCredentialsHandleW
DeleteSecurityContext
InitializeSecurityContextW
FreeCredentialsHandle
AcquireCredentialsHandleA
crypt32
CryptSignAndEncodeCertificate
CryptExportPublicKeyInfoEx
CryptAcquireCertificatePrivateKey
CryptDecodeObjectEx
CryptFindOIDInfo
CertOpenStore
CertCloseStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertAddEncodedCertificateToStore
CertAddCertificateContextToStore
CertAddSerializedElementToStore
CertCompareCertificateName
CertGetPublicKeyLength
CryptHashCertificate
CertFindExtension
CertSetCertificateContextProperty
CertGetCertificateContextProperty
CertVerifyTimeValidity
CertGetIntendedKeyUsage
CertOpenSystemStoreW
CertFindChainInStore
CertRDNValueToStrW
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
CertVerifyCertificateChainPolicy
CertCreateCertificateChainEngine
CryptEncodeObjectEx
iphlpapi
IpReleaseAddress
GetInterfaceInfo
CancelIPChangeNotify
NotifyAddrChange
GetAdaptersAddresses
IpRenewAddress
imm32
ImmGetConversionStatus
ImmGetCompositionStringW
ImmSetOpenStatus
ImmAssociateContextEx
ImmReleaseContext
ImmGetContext
ImmDisableTextFrameService
ImmNotifyIME
ImmSetCompositionWindow
ImmSetCandidateWindow
ImmSetConversionStatus
rpcrt4
UuidToStringW
UuidCreateSequential
RpcStringFreeW
Exports
Exports
ClearBreakpadPipeEnvironmentVariable
ClearCrashKeyValueImpl
CrashForException
DumpProcess
DumpProcessWithoutCrash
GetHandleVerifier
InjectDumpForHangDebugging
InjectDumpProcessWithoutCrash
IsSandboxedProcess
SetCrashKeyValueImpl
TerminateProcessWithoutDump
cef_add_cross_origin_whitelist_entry
cef_add_web_plugin_directory
cef_add_web_plugin_path
cef_api_hash
cef_base64decode
cef_base64encode
cef_begin_tracing
cef_binary_value_create
cef_browser_host_create_browser
cef_browser_host_create_browser_sync
cef_clear_cross_origin_whitelist
cef_clear_scheme_handler_factories
cef_command_line_create
cef_command_line_get_global
cef_cookie_manager_create_manager
cef_cookie_manager_get_global_manager
cef_create_url
cef_currently_on
cef_dictionary_value_create
cef_do_message_loop_work
cef_drag_data_create
cef_enable_highdpi_support
cef_end_tracing
cef_execute_process
cef_force_web_plugin_shutdown
cef_format_url_for_security_display
cef_get_current_platform_thread_handle
cef_get_current_platform_thread_id
cef_get_extensions_for_mime_type
cef_get_geolocation
cef_get_mime_type
cef_get_min_log_level
cef_get_path
cef_get_vlog_level
cef_initialize
cef_is_web_plugin_unstable
cef_launch_process
cef_list_value_create
cef_log
cef_now_from_system_trace_time
cef_parse_csscolor
cef_parse_json
cef_parse_jsonand_return_error
cef_parse_url
cef_post_data_create
cef_post_data_element_create
cef_post_delayed_task
cef_post_task
cef_print_settings_create
cef_process_message_create
cef_quit_message_loop
cef_refresh_web_plugins
cef_register_extension
cef_register_scheme_handler_factory
cef_register_web_plugin_crash
cef_remove_cross_origin_whitelist_entry
cef_remove_web_plugin_path
cef_request_context_create_context
cef_request_context_get_global_context
cef_request_create
cef_resource_bundle_get_global
cef_response_create
cef_run_message_loop
cef_set_osmodal_loop
cef_shutdown
cef_stream_reader_create_for_data
cef_stream_reader_create_for_file
cef_stream_reader_create_for_handler
cef_stream_writer_create_for_file
cef_stream_writer_create_for_handler
cef_string_ascii_to_utf16
cef_string_ascii_to_wide
cef_string_list_alloc
cef_string_list_append
cef_string_list_clear
cef_string_list_copy
cef_string_list_free
cef_string_list_size
cef_string_list_value
cef_string_map_alloc
cef_string_map_append
cef_string_map_clear
cef_string_map_find
cef_string_map_free
cef_string_map_key
cef_string_map_size
cef_string_map_value
cef_string_multimap_alloc
cef_string_multimap_append
cef_string_multimap_clear
cef_string_multimap_enumerate
cef_string_multimap_find_count
cef_string_multimap_free
cef_string_multimap_key
cef_string_multimap_size
cef_string_multimap_value
cef_string_userfree_utf16_alloc
cef_string_userfree_utf16_free
cef_string_userfree_utf8_alloc
cef_string_userfree_utf8_free
cef_string_userfree_wide_alloc
cef_string_userfree_wide_free
cef_string_utf16_clear
cef_string_utf16_cmp
cef_string_utf16_set
cef_string_utf16_to_utf8
cef_string_utf16_to_wide
cef_string_utf8_clear
cef_string_utf8_cmp
cef_string_utf8_set
cef_string_utf8_to_utf16
cef_string_utf8_to_wide
cef_string_wide_clear
cef_string_wide_cmp
cef_string_wide_set
cef_string_wide_to_utf16
cef_string_wide_to_utf8
cef_task_runner_get_for_current_thread
cef_task_runner_get_for_thread
cef_time_delta
cef_time_from_doublet
cef_time_from_timet
cef_time_now
cef_time_to_doublet
cef_time_to_timet
cef_trace_counter
cef_trace_counter_id
cef_trace_event_async_begin
cef_trace_event_async_end
cef_trace_event_async_step_into
cef_trace_event_async_step_past
cef_trace_event_begin
cef_trace_event_end
cef_trace_event_instant
cef_translator_test_create
cef_translator_test_object_child_child_create
cef_translator_test_object_child_create
cef_translator_test_object_create
cef_unregister_internal_web_plugin
cef_uridecode
cef_uriencode
cef_urlrequest_create
cef_v8context_get_current_context
cef_v8context_get_entered_context
cef_v8context_in_context
cef_v8stack_trace_get_current
cef_v8value_create_array
cef_v8value_create_bool
cef_v8value_create_date
cef_v8value_create_double
cef_v8value_create_function
cef_v8value_create_int
cef_v8value_create_null
cef_v8value_create_object
cef_v8value_create_string
cef_v8value_create_uint
cef_v8value_create_undefined
cef_value_create
cef_version_info
cef_visit_web_plugin_info
cef_write_json
cef_xml_reader_create
cef_zip_reader_create
create_context_shared
Sections
.text Size: 36.7MB - Virtual size: 36.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 9.1MB - Virtual size: 9.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 188KB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 2B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rodata Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 288B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 52KB - Virtual size: 51KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
locales/en-GB.pak
-
locales/zh-CN.pak
-
natives_blob.bin.js
-
pepflashplayer.dll.dll windows:6 windows x86 arch:x86
a58d8b742dd062b0fc08e89e0fe8d51f
Code Sign
19:1a:32:cb:75:9c:97:b8:cf:ac:11:8d:d5:12:7f:49Certificate
IssuerCN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before04/03/2014, 00:00Not After03/03/2024, 23:59SubjectCN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
4e:a1:e8:9e:15:ea:4f:fa:93:79:84:d8:8f:54:5f:baCertificate
IssuerCN=Symantec Class 3 Extended Validation Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before14/05/2015, 00:00Not After07/05/2017, 23:59SubjectSERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Flash Player,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before12/01/2016, 00:00Not After11/01/2031, 23:59SubjectCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
54:f3:7d:a1:71:67:51:bc:6a:8d:0a:d2:74:b2:8b:13Certificate
IssuerCN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before12/01/2016, 00:00Not After11/04/2027, 23:59SubjectCN=Symantec SHA256 TimeStamping Signer - G1,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
b5:d0:84:44:13:a2:66:fe:22:96:f3:4b:b3:f6:32:fa:b6:06:30:94Signer
Actual PE Digestb5:d0:84:44:13:a2:66:fe:22:96:f3:4b:b3:f6:32:fa:b6:06:30:94Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
E:\r\ws\St_Make\code\products\player\pepper\gypbuild\Release\pepflashplayer.pdb
Imports
crypt32
CryptVerifyMessageSignature
CertFindCertificateInStore
CertVerifySubjectCertificateContext
CertCreateCertificateContext
CertFreeCertificateContext
CertCompareCertificate
CertCloseStore
CryptGetMessageCertificates
shlwapi
ord12
UrlCanonicalizeW
AssocQueryStringW
gdiplus
GdiplusShutdown
GdiplusStartup
GdipFree
GdipDrawImageRect
GdipSetInterpolationMode
GdipDeleteGraphics
GdipCloneImage
GdipDisposeImage
GdipGetImageGraphicsContext
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromStream
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipAlloc
kernel32
DebugBreak
OutputDebugStringA
TlsAlloc
TlsFree
CloseHandle
SetEvent
ResetEvent
WaitForSingleObject
SleepEx
CreateEventW
QueueUserAPC
CreateThread
OpenThread
SetThreadPriority
ExitThread
VirtualQuery
GetFileSizeEx
ReadFile
SetFilePointerEx
WriteFile
GetVersionExW
GetModuleHandleW
GetProcAddress
CreateFileW
GetLastError
ConnectNamedPipe
DisconnectNamedPipe
GetCurrentProcessId
GetTickCount
MultiByteToWideChar
DeleteFileW
GetFileAttributesW
GetFileSize
SetLastError
ReleaseMutex
CreateMutexA
CreateProcessW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
WideCharToMultiByte
CreateDirectoryW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesExW
RemoveDirectoryW
GetSystemTimeAsFileTime
HeapSize
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
HeapFree
GetProcessHeap
GetSystemTime
SystemTimeToFileTime
GetTimeZoneInformation
DecodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
ReleaseSemaphore
TlsSetValue
GetCurrentProcess
GetProcessAffinityMask
FreeLibrary
LoadLibraryA
VirtualAlloc
VirtualFree
CreateEventA
SetWaitableTimer
CancelWaitableTimer
GetCurrentThread
WaitForMultipleObjects
CreateWaitableTimerA
GetDateFormatW
GetTimeFormatW
CompareStringW
RtlCaptureStackBackTrace
GetLocaleInfoW
GetNumberFormatW
GetCurrencyFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapCreate
HeapDestroy
HeapLock
HeapUnlock
HeapWalk
VirtualProtect
IsDebuggerPresent
GetProcessTimes
GlobalMemoryStatusEx
SetSystemTime
GetModuleFileNameA
FileTimeToSystemTime
GetACP
ResumeThread
CreateWaitableTimerW
CreateTimerQueueTimer
DeleteTimerQueueTimer
GetStdHandle
GetFileType
GlobalMemoryStatus
LoadLibraryW
FlushConsoleInputBuffer
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempFileNameW
GetFullPathNameW
CopyFileW
MoveFileExW
FlushFileBuffers
SetEndOfFile
EncodePointer
GetStringTypeW
GetCPInfo
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
GetStartupInfoW
OutputDebugStringW
ExpandEnvironmentStringsA
FormatMessageA
VerifyVersionInfoW
VerSetConditionMask
lstrlenW
lstrcpynW
TlsGetValue
GetCurrentThreadId
SwitchToThread
Sleep
DeleteCriticalSection
LocalFree
LocalAlloc
GetNativeSystemInfo
InterlockedDecrement
InterlockedIncrement
DeviceIoControl
CreateFileA
WriteConsoleW
GetCommandLineW
GetCommandLineA
TryEnterCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
LCMapStringW
GetSystemInfo
GetDriveTypeW
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
CreateSemaphoreW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
GetConsoleCP
CreateProcessA
GetExitCodeProcess
HeapReAlloc
SetConsoleMode
ReadConsoleInputA
SetConsoleCtrlHandler
ReadConsoleW
GetConsoleMode
RtlUnwind
GetModuleFileNameW
LoadLibraryExW
InterlockedFlushSList
SetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
user32
GetDC
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
GetForegroundWindow
WaitForInputIdle
wsprintfW
WindowFromDC
GetClientRect
GetWindowRect
EnumDisplayDevicesA
MonitorFromRect
GetMonitorInfoA
GetMonitorInfoW
EnumDisplayMonitors
GetCursorPos
SetRectEmpty
advapi32
CryptDestroyKey
DeregisterEventSource
RegisterEventSourceW
ReportEventW
SystemFunction036
CryptAcquireContextW
CryptGenRandom
OpenProcessToken
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
IsValidSid
CryptReleaseContext
CryptGenKey
CryptExportKey
CryptEncrypt
CryptImportKey
ole32
CoSetProxyBlanket
CoTaskMemAlloc
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
CoCreateInstance
CoTaskMemFree
shell32
SHCreateDirectoryExW
SHGetFolderPathW
ord165
ShellExecuteExW
ShellExecuteW
oleaut32
SysFreeString
SysStringLen
VariantInit
VariantClear
SysAllocString
gdi32
DeleteObject
DeleteDC
CreateFontIndirectW
CreateCompatibleDC
SelectObject
GetFontData
EnumFontFamiliesExW
CreateDCW
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
ws2_32
htonl
ntohs
WSASetLastError
shutdown
send
select
gethostname
ioctlsocket
WSAIoctl
WSAGetLastError
setsockopt
recv
getsockopt
getsockname
bind
WSACleanup
closesocket
ntohl
htons
psapi
GetProcessMemoryInfo
winmm
timeGetTime
timeSetEvent
timeKillEvent
Exports
Exports
IAEModule_AEModule_PutKernel
IAEModule_IAEKernel_LoadModule
IAEModule_IAEKernel_UnloadModule
PPP_GetInterface
PPP_InitializeBroker
PPP_InitializeModule
PPP_ShutdownBroker
PPP_ShutdownModule
curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_maprintf
curl_mfprintf
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
Sections
.text Size: 12.3MB - Virtual size: 12.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rodata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3.4MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 797KB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 13B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 1024B - Virtual size: 660B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 496KB - Virtual size: 495KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
snapshot_blob.bin