D:\imxyviMapper-main2\x64\Release\map.pdb
Static task
static1
1 signatures
General
-
Target
Severe.zip
-
Size
7.0MB
-
MD5
c49c69a0f0b1c24218f0374f163826a2
-
SHA1
6b5c7b5c20f922300612900a6907911ffdaeb17b
-
SHA256
ea62b044689bb6d2f747e17637ad24347a2a0a75364dfc72d6927f5e43e42b54
-
SHA512
e8b5bce996ceb20328282cda253ed67040c90967f98d29859edaf2f2da963adb5d1e5b54219fb5b16308b474a807302829dfff498ff2f9cf1a5799a83aa43c5e
-
SSDEEP
196608:dXywSqdATIUHCoa/9Zc5sqw2XdGCG24TCvUZaMM:dXY4eiqxGCG/C8aMM
Score
3/10
Malware Config
Signatures
-
Unsigned PE 5 IoCs
Checks for missing Authenticode signature.
resource unpack001/build.dll unpack001/crack.exe unpack001/map.exe unpack001/v2/auth/authenticator.exe unpack001/v2/auth/runtime.dll
Files
-
Severe.zip.zip
-
Place v2 folder here.lnk.lnk
-
README.txt
-
build.dll.dll windows:6 windows x64 arch:x64
e06a54c6d4f7793f56f33c91fd8e5214
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
winmm
PlaySoundA
version
GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
advapi32
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
GetTokenInformation
AddAccessAllowedAce
GetLengthSid
SetSecurityInfo
InitializeAcl
OpenProcessToken
RegSetValueExA
IsValidSid
RegCreateKeyExA
LookupPrivilegeValueA
RegGetValueA
RegOpenKeyA
RegCloseKey
AdjustTokenPrivileges
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
normaliz
IdnToAscii
wldap32
ord46
ord211
ord217
ord143
ord60
ord45
ord50
ord22
ord26
ord27
ord32
ord33
ord35
ord79
ord30
ord200
ord301
ord41
crypt32
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CertOpenStore
CryptStringToBinaryA
PFXImportCertStore
CryptDecodeObjectEx
CertAddCertificateContextToStore
CertFindExtension
CertGetNameStringA
CryptQueryObject
CertCreateCertificateChainEngine
CertFreeCertificateChainEngine
CertGetCertificateChain
CertFreeCertificateChain
ws2_32
htons
WSAIoctl
ntohs
__WSAFDIsSet
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
send
WSACleanup
closesocket
WSASend
select
shutdown
WSASetLastError
WSASocketW
getaddrinfo
WSAStartup
connect
WSARecv
getsockopt
freeaddrinfo
ioctlsocket
setsockopt
WSAGetLastError
socket
accept
bind
getsockname
htonl
listen
recv
recvfrom
sendto
getpeername
gethostname
WSAWaitForMultipleEvents
d3d11
D3D11CreateDeviceAndSwapChain
d3dcompiler_43
D3DCompile
kernel32
EnumSystemLocalesW
FlushFileBuffers
SetStdHandle
GetTimeZoneInformation
CreateProcessW
HeapSize
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
GetConsoleOutputCP
ReadConsoleW
GetConsoleMode
GetModuleFileNameW
SetFilePointerEx
FreeLibraryAndExitThread
ExitThread
CreateThread
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
LoadLibraryExW
RtlUnwind
InterlockedFlushSList
RtlUnwindEx
InitializeSListHead
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetStringTypeW
SleepConditionVariableSRW
WakeAllConditionVariable
SetEndOfFile
MultiByteToWideChar
GlobalAlloc
GlobalFree
GlobalLock
WideCharToMultiByte
GlobalUnlock
ReadFile
Process32First
SetWaitableTimer
TlsSetValue
SetLastError
EnterCriticalSection
SetConsoleTitleA
GetCurrentProcess
GetStdHandle
WriteFile
SetCurrentConsoleFontEx
TerminateProcess
WaitForMultipleObjects
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetQueuedCompletionStatus
CreateMutexA
GetModuleHandleA
OpenProcess
SetCurrentDirectoryA
PostQueuedCompletionStatus
CreateToolhelp32Snapshot
CreateEventW
Sleep
FormatMessageW
GetTickCount64
K32GetModuleFileNameExA
GetLastError
CreateFileA
SetEvent
GetSystemDirectoryA
TerminateThread
LoadLibraryA
IsValidLocale
DeleteFileA
Process32Next
CloseHandle
QueueUserAPC
CreateWaitableTimerA
GetProcAddress
LocalFree
DeleteCriticalSection
GetConsoleWindow
SleepEx
TlsGetValue
CreateProcessA
K32EnumProcessModules
TlsFree
FormatMessageA
CreateIoCompletionPort
GetTickCount
AllocConsole
MulDiv
VirtualQueryEx
GetExitCodeProcess
DeleteFileW
InitOnceExecuteOnce
GetFileSizeEx
HeapAlloc
HeapReAlloc
HeapFree
GetProcessHeap
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
QueryPerformanceCounter
InitializeCriticalSectionEx
QueryPerformanceFrequency
FreeLibrary
MoveFileExA
WaitForSingleObjectEx
GetEnvironmentVariableA
GetFileType
PeekNamedPipe
GetCurrentProcessId
VerSetConditionMask
VerifyVersionInfoW
GetModuleHandleW
SetThreadExecutionState
InitializeCriticalSection
GetModuleHandleExW
GetCurrentThreadId
TryAcquireSRWLockExclusive
GetFileInformationByHandleEx
MoveFileExW
AreFileApisANSI
SetFileInformationByHandle
GetFullPathNameW
GetFileInformationByHandle
GetFileAttributesExW
FindNextFileW
FindFirstFileExW
FindFirstFileW
FindClose
CreateFileW
CreateDirectoryW
GetCurrentDirectoryW
GetLocaleInfoEx
RaiseException
RtlPcToFileHeader
EncodePointer
DecodePointer
LCMapStringEx
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsAlloc
GetTimeFormatW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW
WaitForSingleObject
user32
DestroyIcon
LoadImageW
CreateIconIndirect
SystemParametersInfoW
MonitorFromWindow
GetMonitorInfoW
GetRawInputData
RegisterRawInputDevices
RegisterDeviceNotificationW
UnregisterDeviceNotification
UnregisterClassW
ToUnicode
ChangeDisplaySettingsExW
EnumDisplaySettingsW
EnumDisplaySettingsExW
EnumDisplayDevicesW
LoadCursorW
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetCursorPos
SetCursor
SetCursorPos
AdjustWindowRectEx
GetClientRect
SetWindowTextW
RemovePropW
GetPropW
SetPropW
GetSystemMetrics
MsgWaitForMultipleObjects
ReleaseCapture
SetCapture
MapVirtualKeyW
GetKeyState
GetClassLongPtrW
SetWindowLongW
GetWindowLongW
PtInRect
OffsetRect
SetRect
EnumDisplayMonitors
GetActiveWindow
WindowFromPoint
IsZoomed
BringWindowToTop
IsIconic
IsWindowVisible
SetWindowPlacement
GetWindowPlacement
FlashWindow
SetLayeredWindowAttributes
GetLayeredWindowAttributes
DestroyWindow
CreateWindowExW
RegisterClassExW
DefWindowProcW
WaitMessage
PostMessageW
SendMessageW
GetMessageTime
PeekMessageW
DispatchMessageW
TranslateMessage
TrackMouseEvent
GetWindowRect
GetDC
SetWindowPos
CallNextHookEx
ShowWindow
SetWindowLongA
SetWindowsHookExA
GetWindowLongA
SetWindowDisplayAffinity
MapVirtualKeyA
MessageBoxA
EnumDisplaySettingsA
GetForegroundWindow
MoveWindow
UnhookWindowsHookEx
mouse_event
GetWindowDisplayAffinity
GetDesktopWindow
FindWindowA
UpdateWindow
SetForegroundWindow
ReleaseDC
SendInput
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetAsyncKeyState
ScreenToClient
ClipCursor
SetFocus
ClientToScreen
gdi32
CreateBitmap
SwapBuffers
SetPixelFormat
DescribePixelFormat
ChoosePixelFormat
SetDeviceGammaRamp
GetDeviceGammaRamp
DeleteDC
CreateDCW
CreateDIBSection
DeleteObject
CreateRectRgn
GetDeviceCaps
shell32
DragFinish
DragQueryPoint
DragQueryFileW
SHGetFolderPathA
ShellExecuteA
DragAcceptFiles
ole32
CoInitializeEx
PropVariantClear
CoCreateInstance
CoUninitialize
CoInitialize
imm32
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmSetCandidateWindow
d3dx11_43
D3DX11CreateShaderResourceViewFromMemory
bcrypt
BCryptGenRandom
Sections
.text Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 620KB - Virtual size: 619KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2.5MB - Virtual size: 2.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 99KB - Virtual size: 99KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 15KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
crack.exe.exe windows:0 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
EinTim Size: 3.4MB - Virtual size: 3.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
EinTim Size: 79KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
map.exe.exe windows:6 windows x64 arch:x64
a7bace81137260f32e1e4475918c2b5c
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
kernel32
CloseHandle
GetConsoleWindow
CreateFileA
GetLocaleInfoEx
GetCurrentProcess
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
LoadLibraryExA
VirtualAlloc
DeviceIoControl
FormatMessageA
VirtualFree
CreateFileW
GetFileAttributesW
GetFullPathNameW
GetTempPathW
AreFileApisANSI
GetLastError
GetModuleHandleW
MultiByteToWideChar
WideCharToMultiByte
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
LocalFree
user32
MessageBoxA
ShowWindow
advapi32
LookupPrivilegeValueW
AdjustTokenPrivileges
RegSetValueExA
OpenProcessToken
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyA
msvcp140
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??Bid@locale@std@@QEAA_KXZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xbad_function_call@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBA_JXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Throw_Cpp_error@std@@YAXH@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Cnd_do_broadcast_at_thread_exit
_Thrd_id
_Thrd_join
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAPEAD0PEAH001@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Winerror_map@std@@YAHH@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
ntdll
RtlInitAnsiString
RtlAnsiStringToUnicodeString
RtlInitUnicodeString
NtQuerySystemInformation
RtlGetVersion
dbghelp
ImageDirectoryEntryToData
ImageNtHeader
ImageRvaToVa
vcruntime140_1
__CxxFrameHandler4
vcruntime140
_CxxThrowException
__C_specific_handler
__current_exception_context
__std_exception_destroy
memchr
memcmp
memmove
__current_exception
memset
__std_exception_copy
memcpy
api-ms-win-crt-runtime-l1-1-0
_register_thread_local_exe_atexit_callback
_beginthreadex
_c_exit
_set_app_type
_seh_filter_exe
_cexit
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
__p___argv
__p___argc
_exit
abort
_get_initial_narrow_environment
terminate
_initterm_e
system
_initterm
_invalid_parameter_noinfo_noreturn
exit
api-ms-win-crt-heap-l1-1-0
_callnewh
_set_new_mode
malloc
free
api-ms-win-crt-string-l1-1-0
_stricmp
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-stdio-l1-1-0
fwrite
ungetc
fsetpos
fread
fgetc
fgetpos
fclose
fflush
fputc
_fseeki64
__p__commode
_get_stream_buffer_pointers
_set_fmode
setvbuf
api-ms-win-crt-utility-l1-1-0
rand
api-ms-win-crt-filesystem-l1-1-0
_unlock_file
_lock_file
api-ms-win-crt-locale-l1-1-0
___lc_codepage_func
_configthreadlocale
api-ms-win-crt-math-l1-1-0
__setusermatherr
Sections
.text Size: 176KB - Virtual size: 175KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 276B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
spoof/roblox not opening, read this!.rtf.rtf
-
spoof/spoof.exe.exe windows:5 windows x64 arch:x64
d785b34347fd49d2db0e5be38b607572
Code Sign
75:96:c9:55:d4:ce:1e:da:76:01:fe:3f:5f:47:49:9fCertificate
IssuerCN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before05-08-2020 00:00Not After04-11-2023 23:59SubjectCN=Stratesave Systems GmbH in Liquidation,O=Stratesave Systems GmbH in Liquidation,POSTALCODE=8706,STREET=Mühlerain 29,L=Meilen,C=CHExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
39:72:44:3a:f9:22:b7:51:d7:d3:6c:10:dd:31:35:95Certificate
IssuerCN=AAA Certificate Services,O=Comodo CA Limited,L=Salford,ST=Greater Manchester,C=GBNot Before12-03-2019 00:00Not After31-12-2028 23:59SubjectCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02-11-2018 00:00Not After31-12-2030 23:59SubjectCN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02-05-2019 00:00Not After18-01-2038 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
90:39:7f:9a:d2:4a:3a:13:f2:bd:91:5f:08:38:a9:43Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before11-05-2022 00:00Not After10-08-2033 23:59SubjectCN=Sectigo RSA Time Stamping Signer #3,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
ca:af:1f:3b:84:88:f3:9f:dc:a6:1b:e5:3d:1f:e0:5d:70:13:29:dfSigner
Actual PE Digestca:af:1f:3b:84:88:f3:9f:dc:a6:1b:e5:3d:1f:e0:5d:70:13:29:dfDigest Algorithmsha1PE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\tmp\geruest\tabbedsdisplitter-3.0j\x64\Release\chamy64.pdb
Imports
iphlpapi
GetAdaptersAddresses
version
VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW
secur32
LsaFreeReturnBuffer
LsaGetLogonSessionData
LsaEnumerateLogonSessions
crypt32
CertEnumCertificatesInStore
CertCloseStore
CertOpenSystemStoreW
winsta
WinStationEnumerateW
WinStationFreeMemory
WinStationQueryInformationW
kernel32
GetProcessHeap
WriteFile
GetUserDefaultLangID
OpenProcess
GlobalAlloc
GetSystemDirectoryW
WideCharToMultiByte
LoadLibraryW
GetConsoleMode
Sleep
GetConsoleWindow
GetVersionExW
WriteConsoleW
TerminateProcess
ReadFile
GetModuleFileNameW
GetTimeZoneInformation
CreateFileW
lstrcmpW
lstrlenW
SetThreadPriority
GlobalUnlock
GetTempPathW
GetLastError
SetLastError
GetProcAddress
GlobalFree
FindClose
Process32FirstW
AddVectoredExceptionHandler
SetConsoleCtrlHandler
GlobalHandle
Process32NextW
GetProcessShutdownParameters
GetFinalPathNameByHandleW
lstrcatW
FindNextFileW
CreateToolhelp32Snapshot
GetCurrentThreadId
SetProcessShutdownParameters
CloseHandle
DeleteFileW
GetCurrentProcessId
LocalFree
WriteProcessMemory
lstrcpyW
SetFileAttributesW
LCMapStringW
RtlZeroMemory
CreateThread
GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
CreateMutexW
HeapCompact
SetFilePointer
TryEnterCriticalSection
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FreeLibrary
SystemTimeToFileTime
QueryPerformanceCounter
UnlockFile
FlushViewOfFile
LockFile
WaitForSingleObjectEx
OutputDebugStringW
UnlockFileEx
GetSystemTimeAsFileTime
FormatMessageA
InitializeCriticalSection
FormatMessageW
HeapDestroy
LeaveCriticalSection
GetFileAttributesA
HeapCreate
HeapValidate
GetFileAttributesW
MultiByteToWideChar
FlushFileBuffers
HeapSize
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
OutputDebugStringA
GetVersionExA
GetTempPathA
GetSystemTime
AreFileApisANSI
DeleteFileA
ReadConsoleW
SetFilePointerEx
CompareStringW
GetCurrentThread
CreateNamedPipeW
GetTickCount
GetModuleHandleW
ConnectNamedPipe
SleepEx
SetThreadExecutionState
SetEvent
WaitForSingleObject
GlobalLock
HeapFree
GetCurrentProcess
SetUnhandledExceptionFilter
HeapAlloc
CreateProcessW
SetErrorMode
GetDriveTypeW
FindFirstFileW
SetPriorityClass
GetFileSize
GetTempFileNameW
ExitProcess
SetStdHandle
SetEnvironmentVariableW
GetConsoleCP
GetStringTypeW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlUnwindEx
GetCommandLineW
GetFileType
GetStdHandle
GetModuleHandleExW
IsProcessorFeaturePresent
IsDebuggerPresent
LoadLibraryExW
SetEnvironmentVariableA
ExitThread
DecodePointer
EncodePointer
user32
ExitWindowsEx
GetShellWindow
GetWindowThreadProcessId
wsprintfW
ShowWindow
GetSystemMetrics
gdi32
StartPage
MoveToEx
EndPage
GetTextMetricsW
LineTo
TextOutW
SelectObject
SetMapMode
GetTextExtentPointW
advapi32
InitializeSecurityDescriptor
CloseServiceHandle
GetSecurityDescriptorDacl
RegSetValueExW
EnumServicesStatusExW
RegCloseKey
RegLoadKeyW
InitiateSystemShutdownW
EncryptFileW
ConvertSidToStringSidW
RegFlushKey
AbortSystemShutdownW
ControlService
RegisterServiceCtrlHandlerW
FreeSid
OpenProcessToken
CryptAcquireContextW
DeleteService
OpenThreadToken
OpenSCManagerW
StartServiceCtrlDispatcherW
EnumDependentServicesW
GetUserNameW
RevertToSelf
SetEntriesInAclW
QueryServiceStatusEx
SetServiceStatus
AllocateAndInitializeSid
RegDeleteValueW
CredWriteW
DuplicateTokenEx
StartServiceW
LookupAccountSidW
ImpersonateSelf
SetSecurityDescriptorDacl
ConvertStringSidToSidW
SetTokenInformation
OpenServiceW
CreateProcessAsUserW
RegQueryValueExW
CryptReleaseContext
EqualSid
GetTokenInformation
CredReadW
CreateServiceW
ole32
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoCreateInstance
oleaut32
SysAllocString
SysFreeString
ntdll
NtRenameKey
NtShutdownSystem
memchr
NtLoadKey
NtSetThreadExecutionState
NtSetInformationFile
RtlGetVersion
NtCreateKey
RtlUnicodeToMultiByteN
RtlGetSaclSecurityDescriptor
NtQueryInformationFile
vswprintf_s
MD5Update
NtQueryInformationProcess
RtlTimeFieldsToTime
_wcslwr
RtlSetGroupSecurityDescriptor
NtQueryDirectoryFile
RtlGetGroupSecurityDescriptor
NtWaitForSingleObject
RtlSetSaclSecurityDescriptor
strncpy
NtQueryVolumeInformationFile
wcsstr
_wcsicmp
RtlGetControlSecurityDescriptor
NtCreateFile
RtlNtStatusToDosError
NtClose
swprintf_s
NtOpenKeyEx
RtlQueryInformationAcl
RtlSetLastWin32ErrorAndNtStatusFromNtStatus
MD5Init
RtlEqualSid
RtlTimeToTimeFields
swscanf_s
NtQueryPerformanceCounter
RtlGetDaclSecurityDescriptor
RtlLeaveCriticalSection
NtOpenProcessToken
NtCreateSemaphore
toupper
NtQueryInformationToken
NtSetSecurityObject
NtQueryValueKey
NtSetValueKey
wcsncmp
NtSetInformationKey
towupper
NtDeleteKey
NtQueryObject
RtlAllocateAndInitializeSid
RtlMultiByteToUnicodeN
RtlGetOwnerSecurityDescriptor
NtOpenFile
RtlInitializeCriticalSection
RtlCreateUserThread
NtReadFile
NtDuplicateObject
RtlCreateSecurityDescriptor
RtlSetOwnerSecurityDescriptor
strrchr
strcspn
RtlGetAce
wcschr
NtFlushKey
NtEnumerateValueKey
NtAllocateVirtualMemory
towlower
NtDeleteValueKey
NtFsControlFile
RtlInitUnicodeString
RtlSetDaclSecurityDescriptor
RtlFreeSid
NtReleaseSemaphore
_wcsnicmp
NtUnloadKey
NtQueryInformationThread
NtQuerySystemInformation
RtlSetLastWin32Error
NtWriteFile
NtDeviceIoControlFile
strncmp
RtlEnterCriticalSection
memmove
NtQuerySystemTime
NtQuerySecurityObject
NtEnumerateKey
sscanf
sprintf_s
NtFlushBuffersFile
NtGetTickCount
MD5Final
NtDelayExecution
NtQueryKey
RtlAdjustPrivilege
RtlGetLastWin32Error
Sections
.text Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 174KB - Virtual size: 173KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 160KB - Virtual size: 859KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 50KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
v2/auth/authenticator.exe.exe windows:6 windows x64 arch:x64
e1a6267e70d0862e59b0faebb4344f18
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
PeekNamedPipe
WaitForMultipleObjects
GetFileSizeEx
WideCharToMultiByte
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetModuleHandleW
LoadLibraryA
GetProcAddress
FreeLibrary
GetSystemDirectoryA
QueryPerformanceFrequency
VerSetConditionMask
SleepEx
LeaveCriticalSection
EnterCriticalSection
LocalFree
FormatMessageA
SetLastError
GetModuleFileNameA
Sleep
GetFileType
InitializeCriticalSectionEx
GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
MapViewOfFile
GetConsoleWindow
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
ReadFile
GetStdHandle
GetEnvironmentVariableA
MultiByteToWideChar
WaitForSingleObjectEx
MoveFileExA
GetTickCount
QueryPerformanceCounter
DeleteCriticalSection
VerifyVersionInfoA
GetCurrentProcessId
CreateFileMappingA
CloseHandle
Process32Next
CreateFileA
QueryFullProcessImageNameA
GetLastError
K32GetModuleFileNameExA
CreateToolhelp32Snapshot
OpenProcess
GetModuleHandleA
UnmapViewOfFile
CreateMutexA
GetCurrentProcess
VirtualProtect
Process32First
user32
ShowWindow
advapi32
GetLengthSid
AddAccessAllowedAce
SetSecurityInfo
InitializeAcl
OpenProcessToken
RegSetValueExA
IsValidSid
RegCreateKeyExA
RegOpenKeyA
RegCloseKey
CopySid
ConvertSidToStringSidA
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CryptEncrypt
CryptImportKey
CryptDestroyKey
CryptDestroyHash
CryptHashData
CryptCreateHash
GetTokenInformation
msvcp140
_Xtime_get_ticks
_Thrd_detach
_Query_perf_counter
_Thrd_sleep
_Cnd_do_broadcast_at_thread_exit
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Query_perf_frequency
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xbad_function_call@std@@YAXXZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
normaliz
IdnToAscii
wldap32
ord26
ord301
ord200
ord30
ord79
ord35
ord33
ord27
ord143
ord32
ord41
ord50
ord45
ord60
ord211
ord46
ord217
ord22
crypt32
CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertFindExtension
CertAddCertificateContextToStore
CertFreeCertificateChain
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertOpenStore
CertCloseStore
CryptDecodeObjectEx
ws2_32
closesocket
recv
send
ntohl
gethostname
sendto
recvfrom
freeaddrinfo
WSAGetLastError
select
__WSAFDIsSet
ioctlsocket
listen
htonl
accept
WSACleanup
WSAStartup
WSAIoctl
WSASetLastError
setsockopt
socket
bind
ntohs
htons
getsockopt
getsockname
getpeername
connect
getaddrinfo
rpcrt4
RpcStringFreeA
UuidToStringA
UuidCreate
userenv
UnloadUserProfile
vcruntime140_1
__CxxFrameHandler4
vcruntime140
memset
memmove
memcpy
__std_exception_copy
__std_type_info_compare
_purecall
__std_terminate
_CxxThrowException
__current_exception_context
__current_exception
__C_specific_handler
strstr
strrchr
strchr
memchr
__std_exception_destroy
memcmp
api-ms-win-crt-runtime-l1-1-0
_errno
_resetstkoflw
_invalid_parameter_noinfo
terminate
system
_beginthreadex
__sys_nerr
strerror
_wassert
_getpid
_register_thread_local_exe_atexit_callback
_c_exit
__p___argv
exit
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_invalid_parameter_noinfo_noreturn
_get_initial_narrow_environment
_initterm
_initterm_e
_exit
__p___argc
api-ms-win-crt-heap-l1-1-0
realloc
_set_new_mode
_callnewh
calloc
malloc
free
api-ms-win-crt-utility-l1-1-0
srand
qsort
rand
api-ms-win-crt-convert-l1-1-0
strtoull
strtoll
strtod
strtol
atoi
strtoul
api-ms-win-crt-time-l1-1-0
_gmtime64
_time64
api-ms-win-crt-stdio-l1-1-0
_popen
__stdio_common_vsprintf
__acrt_iob_func
_lseeki64
fread
__p__commode
fwrite
_read
_write
fputc
fflush
_close
_open
_set_fmode
fclose
fopen
fputs
__stdio_common_vsscanf
fgets
ftell
fseek
feof
_pclose
api-ms-win-crt-locale-l1-1-0
localeconv
_configthreadlocale
api-ms-win-crt-math-l1-1-0
_dclass
__setusermatherr
api-ms-win-crt-string-l1-1-0
isupper
strspn
tolower
strncpy
strpbrk
strcspn
strcmp
strncmp
_strdup
api-ms-win-crt-filesystem-l1-1-0
_stat64
_access
_unlink
_fstat64
Sections
.text Size: 698KB - Virtual size: 698KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 115KB - Virtual size: 114KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 156KB - Virtual size: 158KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 28KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
v2/auth/runtime.dll.dll windows:6 windows x64 arch:x64
4d2a2ae98fc255472ba6983460521987
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\Users\Tim\source\repos\severe\x64\Release\severe.pdb
Imports
kernel32
GetModuleHandleW
FlushInstructionCache
SetThreadContext
OpenThread
SetLastError
GetLastError
GetSystemTime
SystemTimeToFileTime
GetStdHandle
GetFileType
WriteFile
MultiByteToWideChar
SwitchToFiber
DeleteFiber
CreateFiber
FindClose
FindFirstFileW
FindNextFileW
WideCharToMultiByte
ConvertFiberToThread
GetThreadContext
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetTickCount
GlobalMemoryStatus
GetEnvironmentVariableW
GetConsoleMode
ReadConsoleA
ReadConsoleW
SetConsoleMode
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
HeapAlloc
CloseHandle
HeapReAlloc
Sleep
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
GetCurrentThreadId
Thread32First
Thread32Next
GetCurrentProcess
HeapFree
VirtualProtect
HeapCreate
GetProcAddress
CreateThread
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
GetCurrentProcessId
LoadLibraryA
GetModuleHandleA
VirtualQuery
GetSystemInfo
VirtualAlloc
ConvertThreadToFiber
VirtualFree
InitializeSListHead
user32
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
MessageBoxW
advapi32
CryptCreateHash
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGenRandom
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
DeregisterEventSource
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
msvcp140
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Random_device@std@@YAIXZ
?_Xlength_error@std@@YAXPEBD@Z
?id@?$collate@D@std@@2V0locale@2@A
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_init_in_situ
_Strcoll
_Cnd_do_broadcast_at_thread_exit
_Thrd_sleep
_Cnd_wait
_Thrd_id
_Query_perf_counter
_Xtime_get_ticks
_Thrd_join
_Mtx_unlock
_Cnd_broadcast
_Cnd_destroy_in_situ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?overflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?pbackfail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHH@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?underflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?seekoff@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@_JHH@Z
?seekpos@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA?AV?$fpos@U_Mbstatet@@@2@V32@H@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?good@ios_base@std@@QEBA_NXZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?_Xbad_function_call@std@@YAXXZ
_Cnd_signal
_Thrd_hardware_concurrency
_Cnd_init_in_situ
_Strxfrm
_Query_perf_frequency
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
ws2_32
getpeername
WSAStartup
getaddrinfo
send
select
shutdown
socket
WSASocketW
WSASetLastError
WSACleanup
accept
bind
closesocket
listen
WSAGetLastError
setsockopt
getnameinfo
ioctlsocket
freeaddrinfo
recv
ntohs
crypt32
CertFreeCertificateContext
CertDuplicateCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertOpenStore
CertGetCertificateContextProperty
CertCloseStore
vcruntime140_1
__CxxFrameHandler4
vcruntime140
__std_type_info_destroy_list
_CxxThrowException
__C_specific_handler
__current_exception_context
__current_exception
strrchr
wcsstr
memchr
memmove
memset
memcpy
strchr
__std_terminate
__std_exception_copy
__std_exception_destroy
memcmp
api-ms-win-crt-stdio-l1-1-0
fgetpos
__stdio_common_vfprintf
fgetc
__stdio_common_vsscanf
setvbuf
_wfopen
fopen
__acrt_iob_func
_setmode
ftell
fputs
fseek
ungetc
_fileno
fgets
ferror
feof
fsetpos
fclose
__stdio_common_vsprintf
fread
_fseeki64
fputc
fflush
fwrite
__stdio_common_vswprintf
_get_stream_buffer_pointers
api-ms-win-crt-heap-l1-1-0
_callnewh
free
malloc
realloc
api-ms-win-crt-runtime-l1-1-0
_initterm
_crt_atexit
_initterm_e
strerror_s
_exit
_execute_onexit_table
raise
_register_onexit_function
_initialize_onexit_table
abort
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
signal
_beginthreadex
terminate
_cexit
_errno
api-ms-win-crt-string-l1-1-0
strncmp
_strnicmp
strcmp
isdigit
isspace
_stricmp
strncpy
isxdigit
strspn
strcspn
tolower
api-ms-win-crt-convert-l1-1-0
strtoul
strtoull
strtoll
strtol
atoi
api-ms-win-crt-filesystem-l1-1-0
_access_s
_unlock_file
_lock_file
_stat64i32
api-ms-win-crt-environment-l1-1-0
getenv
api-ms-win-crt-time-l1-1-0
_gmtime64
_time64
api-ms-win-crt-utility-l1-1-0
qsort
Exports
Exports
?dummy@@YAXXZ
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 470KB - Virtual size: 469KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 76KB - Virtual size: 89KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 248B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
EinTim Size: 777KB - Virtual size: 2.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE