TwitchDownloaderGUI-1[.]54[.]0-Windows-x64[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

TwitchDownloaderGUI-1.54.0-Windows-x64.zip
Size

127.4MB
MD5

308f5d96bbbba4d5200139e92d03ba80
SHA1

9513177839cea8ba41653f44a29a38221376f29f
SHA256

4b7231e902d2b8bfcf36c818dc2ef9850d31e670c2d066e6ff96586d161c5866
SHA512

fc4a23e9d3148ebcc14d184c66a467799b13322532fe6a668beb14c05a1e16826f09e80d7ac6a296b6fda23f1c0abe0455e0d5f95dd38a92be1f1e0b5eeffd62
SSDEEP

3145728:JE1eFe8FB3g5uvV3Wazts/YFx0MKZYcrpMkVZX9qVeyDM:2klFB3guV79SYoLV+esM

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/TwitchDownloaderWPF.exe
unpack001/ffmpeg.exe

Files

TwitchDownloaderGUI-1.54.0-Windows-x64.zip
.zip
COPYRIGHT.txt
D3DCompiler_47_cor3.dll
.dll windows:10 windows x64 arch:x64

8235041cfd6fffb926142c2c78013446

Code Sign

33:00:00:05:00:27:d6:32:6f:43:73:7b:87:00:00:00:00:05:00
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:11

Not After

31/01/2024, 20:11

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

80:5d:c5:12:35:5e:e1:23:cc:cd:fc:86:0b:c4:64:6d:59:c0:f9:e1:ad:8e:a3:f6:ea:5f:b1:cf:f9:7e:07:c9
Signer

Actual PE Digest

80:5d:c5:12:35:5e:e1:23:cc:cd:fc:86:0b:c4:64:6d:59:c0:f9:e1:ad:8e:a3:f6:ea:5f:b1:cf:f9:7e:07:c9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_47.pdb

Imports

kernel32

WriteFile
FreeLibrary
Sleep
TlsAlloc
TlsSetValue
HeapDestroy
TlsGetValue
TlsFree
GetFullPathNameW
GetFullPathNameA
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
GetSystemInfo
GetProcAddress
LoadLibraryExW
SetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentThreadId
GetStdHandle
GetFileType
GetStartupInfoW
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitializeCriticalSectionAndSpinCount
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleW
GetModuleHandleExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetFilePointerEx
GetStringTypeW
ReadFile
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
RaiseException
FlushFileBuffers
GetConsoleOutputCP
GetConsoleMode
GetModuleFileNameW
ReadConsoleW
HeapSize
HeapReAlloc
WriteConsoleW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
InterlockedFlushSList
EncodePointer
InitializeCriticalSectionEx
RtlPcToFileHeader
LocalAlloc
LocalFree
GetFileSizeEx
GetLastError
CreateFileW
HeapFree
GetProcessHeap
UnmapViewOfFile
GetFileSize
CreateFileMappingW
MapViewOfFile
GetFileAttributesW
SetFileAttributesW
DeleteFileW
SetEndOfFile
DeviceIoControl
MapViewOfFileEx
CreateFileMappingA
ExpandEnvironmentStringsW
HeapAlloc
OutputDebugStringA
CloseHandle
LeaveCriticalSection
EnterCriticalSection
lstrcmpiA
HeapCreate
GetModuleFileNameA
CreateFileA
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
FindClose
FindFirstFileExW
FindNextFileW
GetCommandLineA
GetCommandLineW
GetDriveTypeW
GetCurrentDirectoryW
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
MultiByteToWideChar
SetStdHandle
DisableThreadLibraryCalls

advapi32

CryptDestroyHash
CryptAcquireContextW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
CryptGetHashParam
CryptCreateHash
CryptHashData
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
CryptReleaseContext

rpcrt4

UuidCreate

Exports

Exports

D3DAssemble
D3DCompile
D3DCompile2
D3DCompileFromFile
D3DCompressShaders
D3DCreateBlob
D3DCreateFunctionLinkingGraph
D3DCreateLinker
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DDisassemble11Trace
D3DDisassembleRegion
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DGetTraceInstructionOffsets
D3DLoadModule
D3DPreprocess
D3DReadFileToBlob
D3DReflect
D3DReflectLibrary
D3DReturnFailure1
D3DSetBlobPart
D3DStripShader
D3DWriteBlobToFile
DebugSetMute

Sections

.text
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 916KB - Virtual size: 913KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MonoPosixHelper.dll
.dll windows:6 windows x64 arch:x64

9c5f50f678d576a77719753fbd013f5a

Code Sign

33:00:00:00:bb:b6:77:24:71:4a:20:00:20:00:00:00:00:00:bb
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=AOC+OU=nCipher DSE ESN:0DE8-2DC5-3CA9,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

0b:45:3a:97:05:93:9e:cd:4d:dd:57:33:11:a8:92:9b
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

27/10/2017, 00:00

Not After

24/01/2021, 12:00

Subject

CN=Xamarin Inc.,O=Xamarin Inc.,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:ae:52:9e:e3:dd:35:75:fa:94:95:2d:1b:e5:8f:94:c2:d2:f2:41
Signer

Actual PE Digest

0b:ae:52:9e:e3:dd:35:75:fa:94:95:2d:1b:e5:8f:94:c2:d2:f2:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\j\workspace\build-package-win-mono\2017-10\msvc\build\sgen\x64\bin\Release\MonoPosixHelper.pdb

Imports

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memcpy
memset

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_errno
perror
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm

api-ms-win-crt-stdio-l1-1-0

fflush
fgetc
fgetpos
fgets
__stdio_common_vfprintf
__stdio_common_vsprintf
ungetc
tmpfile
setvbuf
feof
rewind
fsetpos
freopen
fclose
ferror
fopen
fread
fputs
clearerr
__acrt_iob_func
fputc
fwrite
ftell
fseek
setbuf

api-ms-win-crt-heap-l1-1-0

realloc
free
malloc
calloc

api-ms-win-crt-string-l1-1-0

strlen
strcmp

api-ms-win-crt-utility-l1-1-0

srand
rand

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-locale-l1-1-0

___mb_cur_max_func

Exports

Exports

CloseZStream
CreateZStream
Flush
Mono_Posix_FromAccessModes
Mono_Posix_FromConfstrName
Mono_Posix_FromDirectoryNotifyFlags
Mono_Posix_FromErrno
Mono_Posix_FromFcntlCommand
Mono_Posix_FromFilePermissions
Mono_Posix_FromLockType
Mono_Posix_FromLockfCommand
Mono_Posix_FromMlockallFlags
Mono_Posix_FromMmapFlags
Mono_Posix_FromMmapProts
Mono_Posix_FromMountFlags
Mono_Posix_FromMremapFlags
Mono_Posix_FromMsyncFlags
Mono_Posix_FromOpenFlags
Mono_Posix_FromPathconfName
Mono_Posix_FromPollEvents
Mono_Posix_FromPosixFadviseAdvice
Mono_Posix_FromPosixMadviseAdvice
Mono_Posix_FromSeekFlags
Mono_Posix_FromSignum
Mono_Posix_FromSysconfName
Mono_Posix_FromSyslogFacility
Mono_Posix_FromSyslogLevel
Mono_Posix_FromSyslogOptions
Mono_Posix_FromWaitOptions
Mono_Posix_FromXattrFlags
Mono_Posix_Stdlib_BUFSIZ
Mono_Posix_Stdlib_CreateFilePosition
Mono_Posix_Stdlib_DumpFilePosition
Mono_Posix_Stdlib_EOF
Mono_Posix_Stdlib_EXIT_FAILURE
Mono_Posix_Stdlib_EXIT_SUCCESS
Mono_Posix_Stdlib_FILENAME_MAX
Mono_Posix_Stdlib_FOPEN_MAX
Mono_Posix_Stdlib_GetLastError
Mono_Posix_Stdlib_InvokeSignalHandler
Mono_Posix_Stdlib_L_tmpnam
Mono_Posix_Stdlib_MB_CUR_MAX
Mono_Posix_Stdlib_RAND_MAX
Mono_Posix_Stdlib_SIG_DFL
Mono_Posix_Stdlib_SIG_ERR
Mono_Posix_Stdlib_SIG_IGN
Mono_Posix_Stdlib_SetLastError
Mono_Posix_Stdlib_TMP_MAX
Mono_Posix_Stdlib__IOFBF
Mono_Posix_Stdlib__IOLBF
Mono_Posix_Stdlib__IONBF
Mono_Posix_Stdlib_calloc
Mono_Posix_Stdlib_clearerr
Mono_Posix_Stdlib_fclose
Mono_Posix_Stdlib_feof
Mono_Posix_Stdlib_ferror
Mono_Posix_Stdlib_fflush
Mono_Posix_Stdlib_fgetc
Mono_Posix_Stdlib_fgetpos
Mono_Posix_Stdlib_fgets
Mono_Posix_Stdlib_fopen
Mono_Posix_Stdlib_fprintf
Mono_Posix_Stdlib_fputc
Mono_Posix_Stdlib_fputs
Mono_Posix_Stdlib_fread
Mono_Posix_Stdlib_free
Mono_Posix_Stdlib_freopen
Mono_Posix_Stdlib_fseek
Mono_Posix_Stdlib_fsetpos
Mono_Posix_Stdlib_ftell
Mono_Posix_Stdlib_fwrite
Mono_Posix_Stdlib_malloc
Mono_Posix_Stdlib_perror
Mono_Posix_Stdlib_realloc
Mono_Posix_Stdlib_rewind
Mono_Posix_Stdlib_setbuf
Mono_Posix_Stdlib_setvbuf
Mono_Posix_Stdlib_stderr
Mono_Posix_Stdlib_stdin
Mono_Posix_Stdlib_stdout
Mono_Posix_Stdlib_strlen
Mono_Posix_Stdlib_tmpfile
Mono_Posix_Stdlib_ungetc
Mono_Posix_Syscall_L_ctermid
Mono_Posix_Syscall_L_cuserid
Mono_Posix_Syscall_get_at_fdcwd
Mono_Posix_Syscall_get_utime_now
Mono_Posix_Syscall_get_utime_omit
Mono_Posix_ToAccessModes
Mono_Posix_ToConfstrName
Mono_Posix_ToDirectoryNotifyFlags
Mono_Posix_ToErrno
Mono_Posix_ToFcntlCommand
Mono_Posix_ToFilePermissions
Mono_Posix_ToLockType
Mono_Posix_ToLockfCommand
Mono_Posix_ToMlockallFlags
Mono_Posix_ToMmapFlags
Mono_Posix_ToMmapProts
Mono_Posix_ToMountFlags
Mono_Posix_ToMremapFlags
Mono_Posix_ToMsyncFlags
Mono_Posix_ToOpenFlags
Mono_Posix_ToPathconfName
Mono_Posix_ToPollEvents
Mono_Posix_ToPosixFadviseAdvice
Mono_Posix_ToPosixMadviseAdvice
Mono_Posix_ToSeekFlags
Mono_Posix_ToSignum
Mono_Posix_ToSysconfName
Mono_Posix_ToSyslogFacility
Mono_Posix_ToSyslogLevel
Mono_Posix_ToSyslogOptions
Mono_Posix_ToWaitOptions
Mono_Posix_ToXattrFlags
Mono_Unix_VersionString
ReadZStream
WriteZStream
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen2
unzOpenCurrentFile2
unzReadCurrentFile
unztell
zipClose
zipCloseFileInZip
zipOpen2
zipOpenNewFileInZip
zipWriteInFileInZip

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PenImc_cor3.dll
.dll regsvr32 windows:6 windows x64 arch:x64

4093c03428ffebcedcb974ab93290ca8

Code Sign

33:00:00:03:7b:a1:0a:3e:cb:66:e9:01:c0:00:00:00:00:03:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/05/2023, 19:03

Not After

08/05/2024, 19:03

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

30:37:4b:50:e8:4e:47:52:c7:4d:56:88:08:30:15:16:2c:c6:fb:1e:27:8a:08:aa:c0:22:5d:65:d8:66:50:6c
Signer

Actual PE Digest

30:37:4b:50:e8:4e:47:52:c7:4d:56:88:08:30:15:16:2c:c6:fb:1e:27:8a:08:aa:c0:22:5d:65:d8:66:50:6c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\artifacts\bin\PenImc\x64\Release\PenImc_cor3.pdb

Imports

kernel32

SetThreadLocale
DeleteCriticalSection
RaiseException
DecodePointer
EncodePointer
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
WaitForSingleObject
ReleaseMutex
InitializeCriticalSection
CreateEventW
GetCurrentProcessId
OpenEventW
OpenMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetEvent
LocalFree
SignalObjectAndWait
IsWow64Process
GetCurrentProcess
OutputDebugStringW
GetThreadLocale
CreateThread
QueueUserAPC
SetWaitableTimer
CancelWaitableTimer
CreateActCtxW
ActivateActCtx
VerSetConditionMask
LoadLibraryW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsDebuggerPresent
SleepConditionVariableSRW
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
RtlPcToFileHeader
InterlockedFlushSList
CreateMutexW
CloseHandle
GetModuleFileNameW
LoadLibraryExW
FindResourceW
LoadResource
SizeofResource
MultiByteToWideChar
GetLastError
lstrcmpiW
GetModuleHandleW
GetProcAddress
FreeLibrary
CreateWaitableTimerW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
SetLastError
RtlUnwindEx
RtlLookupFunctionEntry
GetCurrentThreadId

user32

GetWindow
GetWindowRect
CallNextHookEx
SetWindowsHookExW
EqualRect
GetParent
GetWindowThreadProcessId
CharNextW
PeekMessageW
MsgWaitForMultipleObjectsEx
IsWindow
UnhookWindowsHookEx
GetSystemMetrics
MonitorFromWindow
GetMonitorInfoW
GetDesktopWindow

advapi32

ConvertSidToStringSidW
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
RegDeleteValueW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteKeyW

shell32

ShellExecuteExW

ole32

CoTaskMemAlloc
CoTaskMemRealloc
CoTaskMemFree
CoLockObjectExternal
StringFromGUID2
CoCreateInstance
CoGetApartmentType

oleaut32

UnRegisterTypeLi
VarUI4FromStr
LoadTypeLi
SysFreeString
RegisterTypeLi
SysStringLen
SysAllocString

api-ms-win-crt-string-l1-1-0

strcpy_s
wcscpy_s
wcscat_s
wcsncmp
wcsncpy_s

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free
realloc
_recalloc
_callnewh

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_invalid_parameter_noinfo
abort
terminate
_initterm
_initterm_e
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_errno
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

rpcrt4

NdrCStdStubBuffer_Release
CStdStubBuffer_Connect
NdrDllCanUnloadNow
CStdStubBuffer_IsIIDSupported
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Disconnect
NdrDllGetClassObject
NdrDllRegisterProxy
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrOleFree
NdrDllUnregisterProxy
IUnknown_AddRef_Proxy
CStdStubBuffer_Invoke

Exports

Exports

CreateResetEvent
DestroyResetEvent
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetLastSystemEventData
GetPenEvent
GetPenEventMultiple
GetProxyDllInfo
LockWispObjectFromGit
RaiseResetEvent
RegisterDllForSxSCOM
UnlockWispObjectFromGit

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 197B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PresentationNative_cor3.dll
.dll windows:6 windows x64 arch:x64

a09c9abadde79aec9926dc99ee900a1a

Code Sign

33:00:00:03:7c:c9:f6:bc:ed:07:59:ae:08:00:00:00:00:03:7c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/05/2023, 19:03

Not After

08/05/2024, 19:03

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a0:62:73:7e:7b:14:1f:99:e1:78:16:2b:22:a2:48:aa:a8:77:18:e8:0e:ec:7e:e3:f2:78:f2:f9:58:26:ea:2a
Signer

Actual PE Digest

a0:62:73:7e:7b:14:1f:99:e1:78:16:2b:22:a2:48:aa:a8:77:18:e8:0e:ec:7e:e3:f2:78:f2:f9:58:26:ea:2a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\artifacts\bin\PresentationNative\x64\Release\PresentationNative_cor3.pdb

Imports

kernel32

UnhandledExceptionFilter
GetCurrentThread
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
TerminateThread
GetProcAddress
VerSetConditionMask
FreeLibrary
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
OutputDebugStringW
DeleteCriticalSection
DisableThreadLibraryCalls
LoadLibraryW
InitializeCriticalSection
InitializeCriticalSectionEx
GlobalDeleteAtom
DebugBreak
OutputDebugStringA
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
LeaveCriticalSection
EnterCriticalSection
InterlockedFlushSList
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
RaiseException
EncodePointer
SetLastError
GetLastError

ntdll

RtlLookupFunctionEntry
DbgPrompt
RtlPcToFileHeader
RtlUnwindEx
DbgPrintEx
RtlCaptureContext
DbgBreakPoint
RtlVirtualUnwind
NtQuerySystemInformation

api-ms-win-crt-runtime-l1-1-0

terminate
abort
_cexit
_crt_atexit
_execute_onexit_table
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc

api-ms-win-crt-string-l1-1-0

strcpy_s
iswpunct
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

user32

GetAncestor
FindWindowExW
SetWindowLongPtrW
SetWindowLongW
SetScrollPos
SetFocus
MapWindowPoints
GetWindowTextLengthW
GetWindowTextW
GetWindowLongPtrW
GetWindowLongW
GetWindow
GetKeyboardLayoutList
GetParent
GetMenuBarInfo
EnableWindow

gdi32

GetTextExtentPoint32W

ole32

CoTaskMemFree
CoCreateInstance

oleaut32

SysAllocString
VariantInit
VariantChangeType
VariantClear

Exports

Exports

CreateDocContext
CreateInstalledObjectsInfo
CreateTextAnalysisSink
CreateTextAnalysisSource
DestroyDocContext
DestroyInstalledObjectsInfo
EnableWindowWrapper
FindWindowExWrapper
FsAddFigureObstacle
FsClearUpdateInfoInPage
FsClearUpdateInfoInSubpage
FsClearUpdateInfoInSubtrack
FsClearUpdateInfoInTableSrv
FsCommitFilledRectangle
FsCompareSubpages
FsCompareSubtrack
FsCompareTableSrv
FsCreateDocContext
FsCreateDummyFootnoteRejector
FsCreatePageBottomless
FsCreatePageFinite
FsCreateSubpageBottomless
FsCreateSubpageFinite
FsDestroyDocContext
FsDestroyFootnoteRejector
FsDestroyPage
FsDestroyPageBreakRecord
FsDestroySubpage
FsDestroySubpageBreakRecord
FsDestroySubtrack
FsDestroySubtrackBreakRecord
FsDestroyTableSrv
FsDestroyTableSrvBreakRecord
FsDuplicateGeometry
FsDuplicatePageBreakRecord
FsDuplicateSubpageBreakRecord
FsDuplicateSubtrackBreakRecord
FsDuplicateTableSrvBreakRecord
FsFAllFootnotesAllowed
FsFFootnoteAllowed
FsFormatSubtrackBottomless
FsFormatSubtrackFinite
FsFormatTableSrvBottomless
FsFormatTableSrvFinite
FsGetClientHandle
FsGetColumnRectangle
FsGetEmptySpaces
FsGetFigureObstacleData
FsGetFloaterFsimethods
FsGetIntervals
FsGetMaxNumberEmptySpaces
FsGetMaxNumberIntervals
FsGetNextTick
FsGetNumberSubpageFootnotes
FsGetNumberSubtrackFootnotes
FsGetPageRectangle
FsGetShiftOffset
FsGetSubpageColumnBalancingInfo
FsGetSubpageFootnoteInfo
FsGetSubtrackColumnBalancingInfo
FsGetSubtrackFootnoteInfo
FsGetTableObjFsimethods
FsGetTableSrvColumnBalancingInfo
FsGetTableSrvFootnoteInfo
FsGetTableSrvNumberFootnotes
FsJustifySubpage
FsQueryAttachedObjectList
FsQueryCompositeColumnDetails
FsQueryCompositeColumnFootnoteList
FsQueryDcpLineVariantsFromCachedTextPara
FsQueryEndnoteColumnDetails
FsQueryFigureObjectDetails
FsQueryFloaterDetails
FsQueryFootnoteColumnDetails
FsQueryFootnoteColumnTrackList
FsQueryHeightDefinedColumnSpanAreaList
FsQueryLineCompositeElementList
FsQueryLineListComposite
FsQueryLineListSingle
FsQueryPageDetails
FsQueryPageFootnoteColumnList
FsQueryPageSectionList
FsQuerySectionBasicColumnList
FsQuerySectionCompositeColumnList
FsQuerySectionDetails
FsQuerySectionEndnoteColumnList
FsQuerySegmentDefinedColumnSpanAreaList
FsQuerySubpageBasicColumnList
FsQuerySubpageDetails
FsQuerySubpageHeightDefinedColumnSpanAreaList
FsQuerySubpageSegmentDefinedColumnSpanAreaList
FsQuerySubtrackDetails
FsQuerySubtrackParaList
FsQueryTableObjCellList
FsQueryTableObjDetails
FsQueryTableObjFigureCountWord
FsQueryTableObjFigureListWord
FsQueryTableObjRowDetails
FsQueryTableObjRowList
FsQueryTableObjTableProperDetails
FsQueryTableSrvCellList
FsQueryTableSrvRowDetails
FsQueryTableSrvRowList
FsQueryTableSrvTableDetails
FsQueryTextDetails
FsQueryTrackDetails
FsQueryTrackParaList
FsRegisterFloatObstacle
FsReleaseGeometry
FsResolveOverlap
FsRestoreGeometry
FsShiftSubtrackVertical
FsSynchronizeBottomlessSubtrack
FsTransferDisplayInfoSubpage
FsTransferDisplayInfoSubtrack
FsTransferDisplayInfoTableSrv
FsTransformBbox
FsTransformPoint
FsTransformRectangle
FsTransformVector
FsUpdateBottomlessPage
FsUpdateBottomlessSubpage
FsUpdateBottomlessSubtrack
FsUpdateBottomlessTableSrv
FsUpdateFinitePage
GetAncestorWrapper
GetFloaterHandlerInfo
GetKeyboardLayoutListWrapper
GetMenuBarInfoWrapper
GetNumberSubstitutionList
GetParentWrapper
GetScriptAnalysisList
GetTableObjHandlerInfo
GetTextExtentPoint32Wrapper
GetWindowLongPtrWrapper
GetWindowLongWrapper
GetWindowTextLengthWrapper
GetWindowTextWrapper
GetWindowWrapper
GlobalDeleteAtomWrapper
IsPrintPackageTargetSupported
IsStartXpsPrintJobSupported
IsWindows10OrGreater
IsWindows10RS1OrGreater
IsWindows10RS2OrGreater
IsWindows10RS3OrGreater
IsWindows10RS4OrGreater
IsWindows10RS5OrGreater
IsWindows10TH1OrGreater
IsWindows10TH2OrGreater
IsWindows7OrGreater
IsWindows7SP1OrGreater
IsWindows8OrGreater
IsWindows8Point1OrGreater
IsWindowsServer
IsWindowsVistaOrGreater
IsWindowsVistaSP1OrGreater
IsWindowsVistaSP2OrGreater
IsWindowsXPOrGreater
IsWindowsXPSP1OrGreater
IsWindowsXPSP2OrGreater
IsWindowsXPSP3OrGreater
LateBoundStartXpsPrintJob
LoAcquireBreakRecord
LoAcquirePenaltyModule
LoCloneBreakRecord
LoCreateBreaks
LoCreateContext
LoCreateLine
LoCreateParaBreakingSession
LoDestroyContext
LoDisplayLine
LoDisposeBreakRecord
LoDisposeLine
LoDisposeParaBreakingSession
LoDisposePenaltyModule
LoEnumLine
LoGetEscString
LoGetPenaltyModuleInternalHandle
LoQueryLineCpPpoint
LoQueryLinePointPcp
LoRelievePenaltyResource
LoSetBreaking
LoSetDoc
LoSetTabs
LocbkGetObjectHandlerInfo
MILGetClassificationTables
MapWindowPointsWrapper
NlCreateHyphenator
NlDestroyHyphenator
NlGetClassObject
NlHyphenate
NlLoad
NlUnload
PrintToPackageTarget
SetFocusWrapper
SetScrollPosWrapper
SetWindowLongPtrWrapper
SetWindowLongWrapper

Sections

.text
Size: 947KB - Virtual size: 946KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
THIRD-PARTY-LICENSES.txt
Themes/Dark.xaml
Themes/Light.xaml
Themes/README.txt
TwitchDownloaderWPF.dll.config
TwitchDownloaderWPF.exe
.exe windows:6 windows x64 arch:x64

bd570ded433309fe3759b368b0ec3e8c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\_work\1\s\artifacts\obj\coreclr\windows.x64.Release\Corehost.Static\singlefilehost.pdb

Imports

kernel32

MultiByteToWideChar
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleW
FlushInstructionCache
RtlLookupFunctionEntry
RtlDeleteFunctionTable
InterlockedPushEntrySList
InterlockedFlushSList
InitializeSListHead
GetTickCount64
DuplicateHandle
QueueUserAPC
WaitForSingleObjectEx
SetThreadPriority
GetThreadPriority
ResumeThread
GetCurrentThreadId
Sleep
TlsAlloc
GetCurrentThread
CreateThread
WaitForMultipleObjectsEx
SignalObjectAndWait
RtlCaptureContext
SetThreadStackGuarantee
VirtualQuery
GetStdHandle
WideCharToMultiByte
GetConsoleOutputCP
MapViewOfFileEx
UnmapViewOfFile
GetStringTypeExW
SetEvent
GetCurrentProcessorNumber
GlobalMemoryStatusEx
CreateIoCompletionPort
PostQueuedCompletionStatus
SleepEx
GetQueuedCompletionStatus
InterlockedPopEntrySList
GetCurrentProcessorNumberEx
ExitProcess
CreateMemoryResourceNotification
GetProcessAffinityMask
SetThreadIdealProcessorEx
GetThreadIdealProcessorEx
GetLargePageMinimum
VirtualUnlock
GetLogicalProcessorInformation
SetThreadGroupAffinity
SetThreadAffinityMask
IsProcessInJob
QueryInformationJobObject
K32GetProcessMemoryInfo
VirtualAlloc
VirtualFree
VirtualProtect
SwitchToThread
CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
GetFileSize
GetEnvironmentVariableW
SetEnvironmentVariableW
CreateEventW
ResetEvent
CreateSemaphoreExW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
GetThreadContext
SuspendThread
SetThreadContext
GetEnabledXStateFeatures
InitializeContext
RtlRestoreContext
SetXStateFeaturesMask
RtlInstallFunctionTableCallback
GetSystemDefaultLCID
GetUserDefaultLCID
RtlUnwind
LoadLibraryExW
HeapAlloc
HeapFree
GetProcessHeap
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
FormatMessageW
OutputDebugStringA
GetACP
LCMapStringEx
LocalFree
VerSetConditionMask
VerifyVersionInfoW
FindClose
GetEnvironmentVariableA
GetModuleFileNameW
FindNextFileW
QueryThreadCycleTime
VirtualAllocExNuma
GetNumaProcessorNodeEx
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
GetThreadGroupAffinity
GetSystemTimes
GetSystemTimeAsFileTime
CreateFileMappingW
CreateProcessW
GetCPInfo
CreateFileW
GetFileAttributesExW
GetTempPathW
GetCurrentDirectoryW
FindFirstFileExW
GetFullPathNameW
OpenProcess
LoadLibraryExA
OpenEventW
ExitThread
HeapReAlloc
CreateNamedPipeA
WaitForMultipleObjects
DisconnectNamedPipe
CreateFileA
CancelIoEx
GetOverlappedResult
ConnectNamedPipe
FlushFileBuffers
MapViewOfFile
GetActiveProcessorGroupCount
GetSystemTime
SetConsoleCtrlHandler
GetLocaleInfoEx
GetUserDefaultLocaleName
RtlAddFunctionTable
CreateDirectoryW
RemoveDirectoryW
GetFileSizeEx
LoadLibraryA
IsWow64Process
EncodePointer
DecodePointer
InitializeCriticalSectionAndSpinCount
AddVectoredExceptionHandler
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
RaiseFailFastException
FreeLibrary
RaiseException
WaitForSingleObject
TlsSetValue
TlsGetValue
GetSystemInfo
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WriteFile
GetProcessTimes
GetCommandLineW
ReadFile
SetFilePointer
GetProcAddress
GetModuleHandleExW
SetErrorMode
CloseHandle
GetCurrentProcess
FlushProcessWriteBuffers
SetLastError
GetLastError
OutputDebugStringW
DebugBreak
GetStringTypeW
RtlVirtualUnwind
IsProcessorFeaturePresent
RtlUnwindEx
TlsFree
RtlPcToFileHeader
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
GetExitCodeThread
CreateFileMappingA

advapi32

RegGetValueW
SetKernelObjectSecurity
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
EventRegister
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
SetThreadToken
RevertToSelf
OpenThreadToken
EventWriteTransfer
EventWrite

ole32

CoTaskMemAlloc
CoTaskMemFree
CoWaitForMultipleHandles
IIDFromString
CLSIDFromProgID
CoGetMarshalSizeMax
CoCreateGuid
CoUnmarshalInterface
CoGetObjectContext
CoGetContextToken
CoInitializeEx
CoGetClassObject
CoCreateFreeThreadedMarshaler
CreateStreamOnHGlobal
StringFromGUID2
CoMarshalInterface
CoRegisterInitializeSpy
CoUninitialize
CoRevokeInitializeSpy
CoReleaseMarshalData

oleaut32

GetRecordInfoFromTypeInfo
SafeArraySetRecordInfo
SafeArrayAllocData
SafeArrayGetElemsize
SysStringByteLen
SysAllocStringByteLen
SafeArrayCreateVector
SafeArrayPutElement
LoadRegTypeLi
CreateErrorInfo
VariantInit
VariantClear
SafeArrayAllocDescriptorEx
VariantChangeType
SafeArrayGetVartype
LoadTypeLibEx
QueryPathOfRegTypeLi
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetDim
SysAllocStringLen
SysStringLen
SysAllocString
SetErrorInfo
GetErrorInfo
SysFreeString
VariantChangeTypeEx
VarCyFromDec

user32

MessageBoxW
LoadStringW

shell32

ShellExecuteW

api-ms-win-crt-string-l1-1-0

_strnicmp
iswupper
towlower
isalpha
isdigit
wcstok_s
strnlen
iswascii
towupper
wcscat_s
strncmp
wcscpy_s
strcspn
strcpy_s
strlen
isupper
strcmp
_wcsnicmp
_wcsdup
wcsncpy_s
_wcsicmp
islower
tolower
strtok_s
isspace
_strdup
__strncnt
wcsncat_s
strncat_s
_stricmp
iswspace
wcsnlen
strncpy_s
wcsncmp
strcat_s

api-ms-win-crt-stdio-l1-1-0

__p__commode
__stdio_common_vfwprintf
__stdio_common_vswprintf_s
_putws
_set_fmode
fwrite
fseek
_wfopen
fclose
fputws
fputwc
_get_stream_buffer_pointers
_wfsopen
ftell
__stdio_common_vfprintf
_fileno
__stdio_common_vsprintf_s
_fseeki64
__acrt_iob_func
fflush
_dup
_setmode
setvbuf
__stdio_common_vswprintf
fread
fsetpos
ungetc
fgetpos
fgetc
fputc
fgets
__stdio_common_vsscanf
__stdio_common_vsnprintf_s
_flushall
__stdio_common_vsnwprintf_s
fputs
fopen

api-ms-win-crt-runtime-l1-1-0

terminate
_wcserror
_beginthreadex
_invalid_parameter_noinfo_noreturn
_controlfp_s
abort
exit
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_invalid_parameter_noinfo
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
_exit
_errno
__p___argc
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback

api-ms-win-crt-convert-l1-1-0

_atoi64
atol
_wtoi
strtoull
_ltow_s
strtoul
wcstoul
_wcstoui64
_itow_s

api-ms-win-crt-heap-l1-1-0

free
malloc
_set_new_mode
calloc
realloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

cosf
cos
ceilf
ceil
atanf
atan2f
atan2
atan
asinf
asin
coshf
acos
exp
powf
expf
log2
atanh
acosh
ilogb
cbrt
asinh
asinhf
ilogbf
atanhf
cbrtf
acoshf
log2f
pow
floor
floorf
_copysign
_isnan
_finite
modf
modff
_fdopen
fma
fmaf
_copysignf
_isnanf
fmod
fmodf
cosh
log
log10
frexp
log10f
logf
sin
__setusermatherr
sinf
sinh
sinhf
sqrt
sqrtf
tan
tanf
tanh
acosf
tanhf

api-ms-win-crt-time-l1-1-0

_time64
wcsftime
_gmtime64_s

api-ms-win-crt-locale-l1-1-0

___lc_codepage_func
___mb_cur_max_func
localeconv
_unlock_locales
___lc_locale_name_func
setlocale
__pctype_func
_lock_locales
_configthreadlocale

api-ms-win-crt-filesystem-l1-1-0

_wremove
_wrename
_lock_file
_unlock_file

Exports

Exports

CLRJitAttachState
DotNetRuntimeInfo
MetaDataGetDispenser
g_CLREngineMetrics

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CLR_UEF
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Section
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
WebView2Loader.dll
.dll windows:5 windows x64 arch:x64

aaa8a1994a594e4746a652eda600aebf

Code Sign

33:00:00:03:3c:2b:0a:49:d9:d2:91:7e:ac:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ca:59:82:ff:b2:dc:cf:5d:df:9e:93:df:f1:ad:a5:af:78:13:df:0c:16:4b:81:de:ff:47:33:4d:1e:1b:11:d9
Signer

Actual PE Digest

ca:59:82:ff:b2:dc:cf:5d:df:9e:93:df:f1:ad:a5:af:78:13:df:0c:16:4b:81:de:ff:47:33:4d:1e:1b:11:d9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\e\src\out\Release_x64\WebView2Loader.dll.pdb

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
RaiseException
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

CompareBrowserVersions
CreateCoreWebView2Environment
CreateCoreWebView2EnvironmentWithOptions
GetAvailableCoreWebView2BrowserVersionString

Sections

.text
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ffmpeg.exe
.exe windows:4 windows x64 arch:x64

b0d936c4d52a4f9bd1e561ab66b77b02

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptGetProvParam
CryptReleaseContext
CryptSetHashParam
CryptSetProvParam
CryptSignHashA
DeregisterEventSource
GetUserNameA
InitializeSecurityDescriptor
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegisterEventSourceW
ReportEventW
SetSecurityDescriptorDacl
SystemFunction036

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

crypt32

CertCloseStore
CertDeleteCertificateFromStore
CertEnumCRLsInStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
PFXImportCertStore

gdi32

BitBlt
ChoosePixelFormat
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
DescribePixelFormat
EnumFontFamiliesW
ExtTextOutW
GetDIBColorTable
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetICMProfileW
GetObjectA
GetPixelFormat
GetStockObject
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextFaceW
GetTextMetricsW
Rectangle
SelectObject
SetBkMode
SetDeviceGammaRamp
SetPixelFormat
SetTextColor
SwapBuffers

imm32

ImmAssociateContext
ImmGetCandidateListW
ImmGetCompositionStringW
ImmGetContext
ImmGetIMEFileNameA
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionStringW
ImmSetCompositionWindow

iphlpapi

GetAdaptersAddresses
if_indextoname
if_nametoindex

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
AreFileApisANSI
CancelIo
CancelIoEx
CloseHandle
CompareStringA
ConvertFiberToThread
ConvertThreadToFiberEx
CreateDirectoryW
CreateEventA
CreateEventW
CreateFiberEx
CreateFileA
CreateFileMappingA
CreateFileW
CreateMutexA
CreateSemaphoreA
CreateSemaphoreW
CreateThread
DeleteCriticalSection
DeleteFiber
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileA
FindFirstFileExW
FindFirstFileW
FindNextFileW
FormatMessageA
FormatMessageW
FreeLibrary
GetACP
GetCommandLineW
GetComputerNameA
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetEnvironmentVariableW
GetFileAttributesA
GetFileAttributesExA
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFinalPathNameByHandleA
GetFullPathNameA
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocaleInfoA
GetLongPathNameA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetNumaNodeProcessorMaskEx
GetOverlappedResult
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessTimes
GetStdHandle
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetTempPathA
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
GetTickCount64
GetTimeZoneInformation
GetVersion
GetWindowsDirectoryA
GlobalAlloc
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
HeapAlloc
HeapFree
HeapReAlloc
InitOnceBeginInitialize
InitOnceComplete
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
IsDBCSLeadByteEx
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
K32GetProcessMemoryInfo
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExA
MoveFileExW
MulDiv
MultiByteToWideChar
OpenFileMappingA
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleA
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetConsoleMode
SetConsoleTextAttribute
SetDllDirectoryA
SetEnvironmentVariableA
SetErrorMode
SetEvent
SetFilePointer
SetFilePointerEx
SetHandleInformation
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadErrorMode
SetThreadExecutionState
SetThreadGroupAffinity
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SleepConditionVariableCS
SuspendThread
SwitchToFiber
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnmapViewOfFile
UnregisterWait
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualLock
VirtualProtect
VirtualQuery
VirtualUnlock
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
__C_specific_handler
lstrcmpiW

msvcrt

___lc_codepage_func
___mb_cur_max_func
__argv
__getmainargs
__initenv
__iob_func
__set_app_type
__setusermatherr
_access
_aligned_free
_aligned_malloc
_aligned_realloc
_access
_amsg_exit
_assert
_beginthreadex
_cexit
_chmod
_close
_close
_commode
_dup
_dup2
_endthreadex
_errno
_exit
_fdopen
_filelengthi64
_fileno
_fileno
_findclose
_findfirst64
_findnext64
_fmode
_fstat64
_ftime64
_fullpath
_get_osfhandle
_getch
_getcwd
_getmaxstdio
_getpid
_gmtime64
_hypot
_i64toa
_initterm
_isatty
_isctype
_itoa
_kbhit
_localtime64
_lock
_locking
_lseeki64
_ltoa
_mbsrchr
_mkdir
_mkdir
_mktime64
_onexit
_open
_open
_open_osfhandle
_read
_read
_rmdir
_rmdir
_nextafter
_setjmp
_setmaxstdio
_setmode
_setmode
_sopen
_stat64
_strdup
_strdup
_stricmp
_strlwr
_strnicmp
_strrev
_strtoi64
_strtoui64
_strtoui64
_strupr
_time64
_ui64toa
_ultoa
_unlink
_unlock
_unlink
_vscprintf
_vsnprintf
_vsnwprintf
_waccess
_wassert
_wcsdup
_wcsicmp
_wcsnicmp
_wfindfirst64
_wfindnext64
_wfopen
_wfullpath
_wgetenv
_wmkdir
_wopen
_wrename
_write
_wrmdir
_wsopen
_wstat64
_wunlink
abort
acos
asin
atan
atof
atoi
bsearch
calloc
clock
fseek
cosh
div
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fopen_s
fprintf
fputc
fputs
fread
free
fsetpos
ftell
fwrite
getc
getchar
getenv
getwc
isalnum
isalpha
iscntrl
isgraph
islower
isprint
ispunct
isspace
isupper
iswctype
isxdigit
localeconv
log10
longjmp
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
perror
printf
putc
puts
putwc
qsort
raise
rand
realloc
rename
rewind
setlocale
setvbuf
signal
sinh
sprintf
srand
strcat
strchr
strcmp
strcoll
strcpy
strcpy_s
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strncpy_s
strpbrk
strrchr
strspn
strstr
strtok
strtok_s
strtol
strtoul
strxfrm
tan
tanh
tolower
toupper
towlower
towupper
vfprintf
ungetc
ungetwc
wcscat
wcscmp
wcscoll
wcscpy
wcscpy_s
wcsftime
wcslen
wcsncmp
wcsrchr
wcsstr
wcstombs
wcstombs_s
wcstoul
wcsxfrm

ncrypt

NCryptDecrypt
NCryptDeleteKey
NCryptFreeObject
NCryptGetProperty
NCryptOpenKey
NCryptOpenStorageProvider
NCryptSignHash

ole32

CLSIDFromString
CoCreateInstance
CoGetMalloc
CoInitialize
CoInitializeEx
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateBindCtx
OleLoadFromStream
OleSaveToStream
PropVariantClear
StringFromGUID2

oleaut32

OleCreatePropertyFrame
SysFreeString

setupapi

CM_Get_Device_IDA
CM_Get_Parent
CM_Locate_DevNodeA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA

shell32

CommandLineToArgvW
DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconExW
SHGetFolderPathW
SHGetSpecialFolderPathA
ShellExecuteW

shlwapi

SHCreateStreamOnFileA

user32

AdjustWindowRectEx
AttachThreadInput
BeginPaint
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CloseClipboard
CopyIcon
CopyImage
CreateIconFromResource
CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcA
DefWindowProcW
DestroyCursor
DestroyIcon
DestroyWindow
DialogBoxIndirectParamW
DispatchMessageA
DispatchMessageW
DrawIcon
DrawTextW
EmptyClipboard
EndDialog
EndPaint
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
FillRect
FindWindowW
FlashWindowEx
FrameRect
GetAsyncKeyState
GetClassInfoExW
GetClientRect
GetClipCursor
GetClipboardData
GetClipboardSequenceNumber
GetCursorInfo
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetMenu
GetMessageExtraInfo
GetMessageW
GetMonitorInfoW
GetParent
GetProcessWindowStation
GetPropW
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetSystemMetrics
GetUpdateRect
GetUserObjectInformationW
GetWindowLongPtrA
GetWindowLongPtrW
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
IntersectRect
InvalidateRect
IsClipboardFormatAvailable
IsIconic
KillTimer
LoadCursorA
LoadCursorW
LoadIconW
MapVirtualKeyW
MessageBoxA
MessageBoxW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
OpenClipboard
PeekMessageA
PeekMessageW
PostMessageW
PostThreadMessageW
PtInRect
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationW
RegisterRawInputDevices
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendMessageA
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetPropW
SetTimer
SetWindowLongPtrA
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
ToUnicode
TrackMouseEvent
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UnregisterDeviceNotification
ValidateRect

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

avicap32

capCreateCaptureWindowA
capGetDriverDescriptionA

winmm

timeBeginPeriod
timeEndPeriod
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetErrorTextW
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
WSAEventSelect
WSAGetLastError
WSAGetOverlappedResult
WSAIoctl
WSARecvFrom
WSAResetEvent
WSASendTo
WSASetLastError
WSASocketA
WSAStartup
WSAStringToAddressA
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyaddr
gethostbyname
gethostname
getnameinfo
getpeername
getservbyname
getservbyport
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

FT_Activate_Size
FT_Add_Default_Modules
FT_Add_Module
FT_Angle_Diff
FT_Atan2
FT_Attach_File
FT_Attach_Stream
FT_Bitmap_Blend
FT_Bitmap_Convert
FT_Bitmap_Copy
FT_Bitmap_Done
FT_Bitmap_Embolden
FT_Bitmap_Init
FT_Bitmap_New
FT_CeilFix
FT_Cos
FT_DivFix
FT_Done_Face
FT_Done_FreeType
FT_Done_Glyph
FT_Done_Library
FT_Done_MM_Var
FT_Done_Size
FT_Error_String
FT_Face_GetCharVariantIndex
FT_Face_GetCharVariantIsDefault
FT_Face_GetCharsOfVariant
FT_Face_GetVariantSelectors
FT_Face_GetVariantsOfChar
FT_Face_Properties
FT_FloorFix
FT_Get_Advance
FT_Get_Advances
FT_Get_BDF_Charset_ID
FT_Get_BDF_Property
FT_Get_CMap_Format
FT_Get_CMap_Language_ID
FT_Get_Char_Index
FT_Get_Charmap_Index
FT_Get_Color_Glyph_ClipBox
FT_Get_Color_Glyph_Layer
FT_Get_Color_Glyph_Paint
FT_Get_Colorline_Stops
FT_Get_Default_Named_Instance
FT_Get_First_Char
FT_Get_Font_Format
FT_Get_Glyph
FT_Get_Glyph_Name
FT_Get_Kerning
FT_Get_MM_Blend_Coordinates
FT_Get_MM_Var
FT_Get_MM_WeightVector
FT_Get_Module
FT_Get_Multi_Master
FT_Get_Name_Index
FT_Get_Next_Char
FT_Get_PS_Font_Info
FT_Get_PS_Font_Private
FT_Get_PS_Font_Value
FT_Get_Paint
FT_Get_Paint_Layers
FT_Get_Postscript_Name
FT_Get_Renderer
FT_Get_Sfnt_LangTag
FT_Get_Sfnt_Name
FT_Get_Sfnt_Name_Count
FT_Get_Sfnt_Table
FT_Get_SubGlyph_Info
FT_Get_Track_Kerning
FT_Get_Transform
FT_Get_TrueType_Engine_Type
FT_Get_Var_Axis_Flags
FT_Get_Var_Blend_Coordinates
FT_Get_Var_Design_Coordinates
FT_Get_X11_Font_Format
FT_GlyphSlot_Own_Bitmap
FT_Glyph_Copy
FT_Glyph_Get_CBox
FT_Glyph_Stroke
FT_Glyph_StrokeBorder
FT_Glyph_To_Bitmap
FT_Glyph_Transform
FT_Has_PS_Glyph_Names
FT_Init_FreeType
FT_Library_SetLcdFilter
FT_Library_SetLcdFilterWeights
FT_Library_SetLcdGeometry
FT_Library_Version
FT_List_Add
FT_List_Finalize
FT_List_Find
FT_List_Insert
FT_List_Iterate
FT_List_Remove
FT_List_Up
FT_Load_Char
FT_Load_Glyph
FT_Load_Sfnt_Table
FT_Matrix_Invert
FT_Matrix_Multiply
FT_MulDiv
FT_MulFix
FT_New_Face
FT_New_Glyph
FT_New_Library
FT_New_Memory_Face
FT_New_Size
FT_Open_Face
FT_Outline_Check
FT_Outline_Copy
FT_Outline_Decompose
FT_Outline_Done
FT_Outline_Embolden
FT_Outline_EmboldenXY
FT_Outline_GetInsideBorder
FT_Outline_GetOutsideBorder
FT_Outline_Get_Bitmap
FT_Outline_Get_CBox
FT_Outline_Get_Orientation
FT_Outline_New
FT_Outline_Render
FT_Outline_Reverse
FT_Outline_Transform
FT_Outline_Translate
FT_Palette_Data_Get
FT_Palette_Select
FT_Palette_Set_Foreground_Color
FT_Property_Get
FT_Property_Set
FT_Reference_Face
FT_Reference_Library
FT_Remove_Module
FT_Render_Glyph
FT_Request_Size
FT_RoundFix
FT_Select_Charmap
FT_Select_Size
FT_Set_Char_Size
FT_Set_Charmap
FT_Set_Debug_Hook
FT_Set_Default_Log_Handler
FT_Set_Default_Properties
FT_Set_Log_Handler
FT_Set_MM_Blend_Coordinates
FT_Set_MM_Design_Coordinates
FT_Set_MM_WeightVector
FT_Set_Named_Instance
FT_Set_Pixel_Sizes
FT_Set_Renderer
FT_Set_Transform
FT_Set_Var_Blend_Coordinates
FT_Set_Var_Design_Coordinates
FT_Sfnt_Table_Info
FT_Sin
FT_Stream_OpenLZW
FT_Stroker_BeginSubPath
FT_Stroker_ConicTo
FT_Stroker_CubicTo
FT_Stroker_Done
FT_Stroker_EndSubPath
FT_Stroker_Export
FT_Stroker_ExportBorder
FT_Stroker_GetBorderCounts
FT_Stroker_GetCounts
FT_Stroker_LineTo
FT_Stroker_New
FT_Stroker_ParseOutline
FT_Stroker_Rewind
FT_Stroker_Set
FT_Tan
FT_Trace_Set_Default_Level
FT_Trace_Set_Level
FT_Vector_From_Polar
FT_Vector_Length
FT_Vector_Polarize
FT_Vector_Rotate
FT_Vector_Transform
FT_Vector_Unit
TT_New_Context
TT_RunIns
gme_ay_type
gme_clear_playlist
gme_delete
gme_enable_accuracy
gme_equalizer
gme_free_info
gme_gbs_type
gme_gym_type
gme_hes_type
gme_identify_extension
gme_identify_file
gme_identify_header
gme_ignore_silence
gme_kss_type
gme_load_custom
gme_load_data
gme_load_file
gme_multi_channel
gme_mute_voice
gme_mute_voices
gme_new_emu
gme_new_emu_multi_channel
gme_nsf_type
gme_nsfe_type
gme_open_data
gme_open_file
gme_play
gme_sap_type
gme_seek
gme_seek_samples
gme_set_autoload_playback_limit
gme_set_equalizer
gme_set_fade
gme_set_stereo_depth
gme_set_tempo
gme_set_user_cleanup
gme_set_user_data
gme_spc_type
gme_start_track
gme_tell
gme_tell_samples
gme_track_count
gme_track_ended
gme_track_info
gme_type
gme_type_extension
gme_type_list
gme_type_multitrack
gme_type_system
gme_user_data
gme_vgm_type
gme_vgz_type
gme_voice_count
gme_voice_name
gme_warning
gme_wrong_file_type

Sections

.text
Size: 63.9MB - Virtual size: 63.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11.4MB - Virtual size: 11.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 912KB - Virtual size: 912KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 24.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libHarfBuzzSharp.dll
.dll windows:6 windows x64 arch:x64

164178bd1f2a5f6973ff302292cd2ebc

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/03/2023, 18:43

Not After

14/03/2024, 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

90:14:ab:47:7e:c6:57:e6:96:b8:0f:93:45:ba:d3:10:42:2e:ca:80:be:a6:20:89:28:c0:19:9d:1c:ce:bc:43
Signer

Actual PE Digest

90:14:ab:47:7e:c6:57:e6:96:b8:0f:93:45:ba:d3:10:42:2e:ca:80:be:a6:20:89:28:c0:19:9d:1c:ce:bc:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\native\windows\libHarfBuzzSharp\bin\x64\Release\libHarfBuzzSharp.pdb

Imports

kernel32

CreateFileW
UnmapViewOfFile
CloseHandle
GetFileSize
CreateFileMappingW
MapViewOfFile
WriteConsoleW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetCurrentProcessId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
GetACP
HeapFree
CompareStringW
LCMapStringW
GetStdHandle
GetFileType
HeapReAlloc
ReadFile
GetConsoleMode
ReadConsoleW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
GetProcessHeap
GetStringTypeW
FlushFileBuffers
WriteFile
GetConsoleCP
SetStdHandle
SetFilePointerEx
HeapSize
SetEndOfFile

Exports

Exports

hb_aat_layout_feature_type_get_name_id
hb_aat_layout_feature_type_get_selector_infos
hb_aat_layout_get_feature_types
hb_aat_layout_has_positioning
hb_aat_layout_has_substitution
hb_aat_layout_has_tracking
hb_blob_copy_writable_or_fail
hb_blob_create
hb_blob_create_from_file
hb_blob_create_from_file_or_fail
hb_blob_create_or_fail
hb_blob_create_sub_blob
hb_blob_destroy
hb_blob_get_data
hb_blob_get_data_writable
hb_blob_get_empty
hb_blob_get_length
hb_blob_get_user_data
hb_blob_is_immutable
hb_blob_make_immutable
hb_blob_reference
hb_blob_set_user_data
hb_buffer_add
hb_buffer_add_codepoints
hb_buffer_add_latin1
hb_buffer_add_utf16
hb_buffer_add_utf32
hb_buffer_add_utf8
hb_buffer_allocation_successful
hb_buffer_append
hb_buffer_clear_contents
hb_buffer_create
hb_buffer_create_similar
hb_buffer_deserialize_glyphs
hb_buffer_deserialize_unicode
hb_buffer_destroy
hb_buffer_diff
hb_buffer_get_cluster_level
hb_buffer_get_content_type
hb_buffer_get_direction
hb_buffer_get_empty
hb_buffer_get_flags
hb_buffer_get_glyph_infos
hb_buffer_get_glyph_positions
hb_buffer_get_invisible_glyph
hb_buffer_get_language
hb_buffer_get_length
hb_buffer_get_not_found_glyph
hb_buffer_get_replacement_codepoint
hb_buffer_get_script
hb_buffer_get_segment_properties
hb_buffer_get_unicode_funcs
hb_buffer_get_user_data
hb_buffer_guess_segment_properties
hb_buffer_has_positions
hb_buffer_normalize_glyphs
hb_buffer_pre_allocate
hb_buffer_reference
hb_buffer_reset
hb_buffer_reverse
hb_buffer_reverse_clusters
hb_buffer_reverse_range
hb_buffer_serialize
hb_buffer_serialize_format_from_string
hb_buffer_serialize_format_to_string
hb_buffer_serialize_glyphs
hb_buffer_serialize_list_formats
hb_buffer_serialize_unicode
hb_buffer_set_cluster_level
hb_buffer_set_content_type
hb_buffer_set_direction
hb_buffer_set_flags
hb_buffer_set_invisible_glyph
hb_buffer_set_language
hb_buffer_set_length
hb_buffer_set_message_func
hb_buffer_set_not_found_glyph
hb_buffer_set_replacement_codepoint
hb_buffer_set_script
hb_buffer_set_segment_properties
hb_buffer_set_unicode_funcs
hb_buffer_set_user_data
hb_color_get_alpha
hb_color_get_blue
hb_color_get_green
hb_color_get_red
hb_color_line_get_color_stops
hb_color_line_get_extend
hb_direction_from_string
hb_direction_to_string
hb_draw_close_path
hb_draw_cubic_to
hb_draw_funcs_create
hb_draw_funcs_destroy
hb_draw_funcs_get_empty
hb_draw_funcs_get_user_data
hb_draw_funcs_is_immutable
hb_draw_funcs_make_immutable
hb_draw_funcs_reference
hb_draw_funcs_set_close_path_func
hb_draw_funcs_set_cubic_to_func
hb_draw_funcs_set_line_to_func
hb_draw_funcs_set_move_to_func
hb_draw_funcs_set_quadratic_to_func
hb_draw_funcs_set_user_data
hb_draw_line_to
hb_draw_move_to
hb_draw_quadratic_to
hb_face_builder_add_table
hb_face_builder_create
hb_face_builder_sort_tables
hb_face_collect_nominal_glyph_mapping
hb_face_collect_unicodes
hb_face_collect_variation_selectors
hb_face_collect_variation_unicodes
hb_face_count
hb_face_create
hb_face_create_for_tables
hb_face_destroy
hb_face_get_empty
hb_face_get_glyph_count
hb_face_get_index
hb_face_get_table_tags
hb_face_get_upem
hb_face_get_user_data
hb_face_is_immutable
hb_face_make_immutable
hb_face_reference
hb_face_reference_blob
hb_face_reference_table
hb_face_set_glyph_count
hb_face_set_index
hb_face_set_upem
hb_face_set_user_data
hb_feature_from_string
hb_feature_to_string
hb_font_add_glyph_origin_for_direction
hb_font_changed
hb_font_create
hb_font_create_sub_font
hb_font_destroy
hb_font_draw_glyph
hb_font_funcs_create
hb_font_funcs_destroy
hb_font_funcs_get_empty
hb_font_funcs_get_user_data
hb_font_funcs_is_immutable
hb_font_funcs_make_immutable
hb_font_funcs_reference
hb_font_funcs_set_draw_glyph_func
hb_font_funcs_set_font_h_extents_func
hb_font_funcs_set_font_v_extents_func
hb_font_funcs_set_glyph_contour_point_func
hb_font_funcs_set_glyph_extents_func
hb_font_funcs_set_glyph_from_name_func
hb_font_funcs_set_glyph_func
hb_font_funcs_set_glyph_h_advance_func
hb_font_funcs_set_glyph_h_advances_func
hb_font_funcs_set_glyph_h_kerning_func
hb_font_funcs_set_glyph_h_origin_func
hb_font_funcs_set_glyph_name_func
hb_font_funcs_set_glyph_shape_func
hb_font_funcs_set_glyph_v_advance_func
hb_font_funcs_set_glyph_v_advances_func
hb_font_funcs_set_glyph_v_kerning_func
hb_font_funcs_set_glyph_v_origin_func
hb_font_funcs_set_nominal_glyph_func
hb_font_funcs_set_nominal_glyphs_func
hb_font_funcs_set_paint_glyph_func
hb_font_funcs_set_user_data
hb_font_funcs_set_variation_glyph_func
hb_font_get_empty
hb_font_get_extents_for_direction
hb_font_get_face
hb_font_get_glyph
hb_font_get_glyph_advance_for_direction
hb_font_get_glyph_advances_for_direction
hb_font_get_glyph_contour_point
hb_font_get_glyph_contour_point_for_origin
hb_font_get_glyph_extents
hb_font_get_glyph_extents_for_origin
hb_font_get_glyph_from_name
hb_font_get_glyph_h_advance
hb_font_get_glyph_h_advances
hb_font_get_glyph_h_kerning
hb_font_get_glyph_h_origin
hb_font_get_glyph_kerning_for_direction
hb_font_get_glyph_name
hb_font_get_glyph_origin_for_direction
hb_font_get_glyph_shape
hb_font_get_glyph_v_advance
hb_font_get_glyph_v_advances
hb_font_get_glyph_v_kerning
hb_font_get_glyph_v_origin
hb_font_get_h_extents
hb_font_get_nominal_glyph
hb_font_get_nominal_glyphs
hb_font_get_parent
hb_font_get_ppem
hb_font_get_ptem
hb_font_get_scale
hb_font_get_serial
hb_font_get_synthetic_bold
hb_font_get_synthetic_slant
hb_font_get_user_data
hb_font_get_v_extents
hb_font_get_var_coords_design
hb_font_get_var_coords_normalized
hb_font_get_var_named_instance
hb_font_get_variation_glyph
hb_font_glyph_from_string
hb_font_glyph_to_string
hb_font_is_immutable
hb_font_make_immutable
hb_font_paint_glyph
hb_font_reference
hb_font_set_face
hb_font_set_funcs
hb_font_set_funcs_data
hb_font_set_parent
hb_font_set_ppem
hb_font_set_ptem
hb_font_set_scale
hb_font_set_synthetic_bold
hb_font_set_synthetic_slant
hb_font_set_user_data
hb_font_set_var_coords_design
hb_font_set_var_coords_normalized
hb_font_set_var_named_instance
hb_font_set_variation
hb_font_set_variations
hb_font_subtract_glyph_origin_for_direction
hb_glyph_info_get_glyph_flags
hb_language_from_string
hb_language_get_default
hb_language_matches
hb_language_to_string
hb_map_allocation_successful
hb_map_clear
hb_map_copy
hb_map_create
hb_map_del
hb_map_destroy
hb_map_get
hb_map_get_empty
hb_map_get_population
hb_map_get_user_data
hb_map_has
hb_map_hash
hb_map_is_empty
hb_map_is_equal
hb_map_keys
hb_map_next
hb_map_reference
hb_map_set
hb_map_set_user_data
hb_map_update
hb_map_values
hb_ot_color_glyph_get_layers
hb_ot_color_glyph_has_paint
hb_ot_color_glyph_reference_png
hb_ot_color_glyph_reference_svg
hb_ot_color_has_layers
hb_ot_color_has_paint
hb_ot_color_has_palettes
hb_ot_color_has_png
hb_ot_color_has_svg
hb_ot_color_palette_color_get_name_id
hb_ot_color_palette_get_colors
hb_ot_color_palette_get_count
hb_ot_color_palette_get_flags
hb_ot_color_palette_get_name_id
hb_ot_font_set_funcs
hb_ot_layout_collect_features
hb_ot_layout_collect_lookups
hb_ot_layout_feature_get_characters
hb_ot_layout_feature_get_lookups
hb_ot_layout_feature_get_name_ids
hb_ot_layout_feature_with_variations_get_lookups
hb_ot_layout_get_attach_points
hb_ot_layout_get_baseline
hb_ot_layout_get_baseline_with_fallback
hb_ot_layout_get_glyph_class
hb_ot_layout_get_glyphs_in_class
hb_ot_layout_get_horizontal_baseline_tag_for_script
hb_ot_layout_get_ligature_carets
hb_ot_layout_get_size_params
hb_ot_layout_has_glyph_classes
hb_ot_layout_has_positioning
hb_ot_layout_has_substitution
hb_ot_layout_language_find_feature
hb_ot_layout_language_get_feature_indexes
hb_ot_layout_language_get_feature_tags
hb_ot_layout_language_get_required_feature
hb_ot_layout_language_get_required_feature_index
hb_ot_layout_lookup_collect_glyphs
hb_ot_layout_lookup_get_glyph_alternates
hb_ot_layout_lookup_get_optical_bound
hb_ot_layout_lookup_substitute_closure
hb_ot_layout_lookup_would_substitute
hb_ot_layout_lookups_substitute_closure
hb_ot_layout_script_find_language
hb_ot_layout_script_get_language_tags
hb_ot_layout_script_select_language
hb_ot_layout_script_select_language2
hb_ot_layout_table_choose_script
hb_ot_layout_table_find_feature_variations
hb_ot_layout_table_find_script
hb_ot_layout_table_get_feature_tags
hb_ot_layout_table_get_lookup_count
hb_ot_layout_table_get_script_tags
hb_ot_layout_table_select_script
hb_ot_math_get_constant
hb_ot_math_get_glyph_assembly
hb_ot_math_get_glyph_italics_correction
hb_ot_math_get_glyph_kerning
hb_ot_math_get_glyph_kernings
hb_ot_math_get_glyph_top_accent_attachment
hb_ot_math_get_glyph_variants
hb_ot_math_get_min_connector_overlap
hb_ot_math_has_data
hb_ot_math_is_glyph_extended_shape
hb_ot_meta_get_entry_tags
hb_ot_meta_reference_entry
hb_ot_metrics_get_position
hb_ot_metrics_get_position_with_fallback
hb_ot_metrics_get_variation
hb_ot_metrics_get_x_variation
hb_ot_metrics_get_y_variation
hb_ot_name_get_utf16
hb_ot_name_get_utf32
hb_ot_name_get_utf8
hb_ot_name_list_names
hb_ot_shape_glyphs_closure
hb_ot_shape_plan_collect_lookups
hb_ot_tag_from_language
hb_ot_tag_to_language
hb_ot_tag_to_script
hb_ot_tags_from_script
hb_ot_tags_from_script_and_language
hb_ot_tags_to_script_and_language
hb_ot_var_find_axis
hb_ot_var_find_axis_info
hb_ot_var_get_axes
hb_ot_var_get_axis_count
hb_ot_var_get_axis_infos
hb_ot_var_get_named_instance_count
hb_ot_var_has_data
hb_ot_var_named_instance_get_design_coords
hb_ot_var_named_instance_get_postscript_name_id
hb_ot_var_named_instance_get_subfamily_name_id
hb_ot_var_normalize_coords
hb_ot_var_normalize_variations
hb_paint_color
hb_paint_custom_palette_color
hb_paint_funcs_create
hb_paint_funcs_destroy
hb_paint_funcs_get_empty
hb_paint_funcs_get_user_data
hb_paint_funcs_is_immutable
hb_paint_funcs_make_immutable
hb_paint_funcs_reference
hb_paint_funcs_set_color_func
hb_paint_funcs_set_custom_palette_color_func
hb_paint_funcs_set_image_func
hb_paint_funcs_set_linear_gradient_func
hb_paint_funcs_set_pop_clip_func
hb_paint_funcs_set_pop_group_func
hb_paint_funcs_set_pop_transform_func
hb_paint_funcs_set_push_clip_glyph_func
hb_paint_funcs_set_push_clip_rectangle_func
hb_paint_funcs_set_push_group_func
hb_paint_funcs_set_push_transform_func
hb_paint_funcs_set_radial_gradient_func
hb_paint_funcs_set_sweep_gradient_func
hb_paint_funcs_set_user_data
hb_paint_image
hb_paint_linear_gradient
hb_paint_pop_clip
hb_paint_pop_group
hb_paint_pop_transform
hb_paint_push_clip_glyph
hb_paint_push_clip_rectangle
hb_paint_push_group
hb_paint_push_transform
hb_paint_radial_gradient
hb_paint_sweep_gradient
hb_script_from_iso15924_tag
hb_script_from_string
hb_script_get_horizontal_direction
hb_script_to_iso15924_tag
hb_segment_properties_equal
hb_segment_properties_hash
hb_segment_properties_overlay
hb_set_add
hb_set_add_range
hb_set_add_sorted_array
hb_set_allocation_successful
hb_set_clear
hb_set_copy
hb_set_create
hb_set_del
hb_set_del_range
hb_set_destroy
hb_set_get_empty
hb_set_get_max
hb_set_get_min
hb_set_get_population
hb_set_get_user_data
hb_set_has
hb_set_hash
hb_set_intersect
hb_set_invert
hb_set_is_empty
hb_set_is_equal
hb_set_is_inverted
hb_set_is_subset
hb_set_next
hb_set_next_many
hb_set_next_range
hb_set_previous
hb_set_previous_range
hb_set_reference
hb_set_set
hb_set_set_user_data
hb_set_subtract
hb_set_symmetric_difference
hb_set_union
hb_shape
hb_shape_full
hb_shape_list_shapers
hb_shape_plan_create
hb_shape_plan_create2
hb_shape_plan_create_cached
hb_shape_plan_create_cached2
hb_shape_plan_destroy
hb_shape_plan_execute
hb_shape_plan_get_empty
hb_shape_plan_get_shaper
hb_shape_plan_get_user_data
hb_shape_plan_reference
hb_shape_plan_set_user_data
hb_style_get_value
hb_subset_input_create_or_fail
hb_subset_input_destroy
hb_subset_input_get_flags
hb_subset_input_get_user_data
hb_subset_input_glyph_set
hb_subset_input_keep_everything
hb_subset_input_old_to_new_glyph_mapping
hb_subset_input_pin_axis_location
hb_subset_input_pin_axis_to_default
hb_subset_input_reference
hb_subset_input_set
hb_subset_input_set_flags
hb_subset_input_set_user_data
hb_subset_input_unicode_set
hb_subset_or_fail
hb_subset_plan_create_or_fail
hb_subset_plan_destroy
hb_subset_plan_execute_or_fail
hb_subset_plan_get_user_data
hb_subset_plan_new_to_old_glyph_mapping
hb_subset_plan_old_to_new_glyph_mapping
hb_subset_plan_reference
hb_subset_plan_set_user_data
hb_subset_plan_unicode_to_old_glyph_mapping
hb_subset_preprocess
hb_tag_from_string
hb_tag_to_string
hb_unicode_combining_class
hb_unicode_compose
hb_unicode_decompose
hb_unicode_decompose_compatibility
hb_unicode_eastasian_width
hb_unicode_funcs_create
hb_unicode_funcs_destroy
hb_unicode_funcs_get_default
hb_unicode_funcs_get_empty
hb_unicode_funcs_get_parent
hb_unicode_funcs_get_user_data
hb_unicode_funcs_is_immutable
hb_unicode_funcs_make_immutable
hb_unicode_funcs_reference
hb_unicode_funcs_set_combining_class_func
hb_unicode_funcs_set_compose_func
hb_unicode_funcs_set_decompose_compatibility_func
hb_unicode_funcs_set_decompose_func
hb_unicode_funcs_set_eastasian_width_func
hb_unicode_funcs_set_general_category_func
hb_unicode_funcs_set_mirroring_func
hb_unicode_funcs_set_script_func
hb_unicode_funcs_set_user_data
hb_unicode_general_category
hb_unicode_mirroring
hb_unicode_script
hb_variation_from_string
hb_variation_to_string
hb_version
hb_version_atleast

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 250KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libMonoPosixHelper.dll
.dll windows:4 windows x64 arch:x64

74297f3084f7c9d92773723399240fb4

Code Sign

33:00:00:00:c1:09:f8:02:41:bb:4d:aa:dc:00:00:00:00:00:c1
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=AOC+OU=nCipher DSE ESN:12E7-3064-6112,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

0b:45:3a:97:05:93:9e:cd:4d:dd:57:33:11:a8:92:9b
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

27/10/2017, 00:00

Not After

24/01/2021, 12:00

Subject

CN=Xamarin Inc.,O=Xamarin Inc.,L=San Francisco,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c9:76:c7:c1:bb:72:3c:ea:8a:50:3a:8b:da:ac:2a:bf:2d:7d:c0:88
Signer

Actual PE Digest

c9:76:c7:c1:bb:72:3c:ea:8a:50:3a:8b:da:ac:2a:bf:2d:7d:c0:88

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FindClose
FindFirstFileW
FindNextFileW
FormatMessageW
FreeLibrary
GetACP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentVariableW
GetFileAttributesW
GetLastError
GetLocaleInfoA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
LocalFree
QueryPerformanceCounter
QueryPerformanceFrequency
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEnvironmentVariableW
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__iob_func
__mb_cur_max
__setusermatherr
_access
_amsg_exit
_close
_errno
_fstat64
_getcwd
_initterm
_lock
_onexit
_open
_read
_time64
_unlink
_unlock
_vsnprintf
_wmkdir
_wmktemp
_wopen
abort
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
freopen
fseek
fsetpos
ftell
fwrite
isspace
isxdigit
malloc
memcpy
memmove
memset
perror
printf
qsort
rand
realloc
rename
rewind
setbuf
setvbuf
signal
sprintf
srand
strcat
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
tmpfile
tolower
ungetc
vfprintf
vprintf
vsprintf
wcscat
wcschr
wcscmp
wcscpy
wcslen

psapi

EnumProcessModules

Exports

Exports

CloseZStream
CreateZStream
Flush
Mono_Posix_FromAccessModes
Mono_Posix_FromAtFlags
Mono_Posix_FromConfstrName
Mono_Posix_FromDirectoryNotifyFlags
Mono_Posix_FromEpollEvents
Mono_Posix_FromEpollFlags
Mono_Posix_FromErrno
Mono_Posix_FromFcntlCommand
Mono_Posix_FromFilePermissions
Mono_Posix_FromLockType
Mono_Posix_FromLockfCommand
Mono_Posix_FromMessageFlags
Mono_Posix_FromMlockallFlags
Mono_Posix_FromMmapFlags
Mono_Posix_FromMmapProts
Mono_Posix_FromMountFlags
Mono_Posix_FromMremapFlags
Mono_Posix_FromMsyncFlags
Mono_Posix_FromOpenFlags
Mono_Posix_FromPathconfName
Mono_Posix_FromPollEvents
Mono_Posix_FromPosixFadviseAdvice
Mono_Posix_FromPosixMadviseAdvice
Mono_Posix_FromRealTimeSignum
Mono_Posix_FromSeekFlags
Mono_Posix_FromShutdownOption
Mono_Posix_FromSignum
Mono_Posix_FromSockaddrType
Mono_Posix_FromSysconfName
Mono_Posix_FromSyslogFacility
Mono_Posix_FromSyslogLevel
Mono_Posix_FromSyslogOptions
Mono_Posix_FromUnixAddressFamily
Mono_Posix_FromUnixSocketControlMessage
Mono_Posix_FromUnixSocketFlags
Mono_Posix_FromUnixSocketOptionName
Mono_Posix_FromUnixSocketProtocol
Mono_Posix_FromUnixSocketType
Mono_Posix_FromWaitOptions
Mono_Posix_FromXattrFlags
Mono_Posix_SIGRTMAX
Mono_Posix_SIGRTMIN
Mono_Posix_Stdlib_BUFSIZ
Mono_Posix_Stdlib_CreateFilePosition
Mono_Posix_Stdlib_DumpFilePosition
Mono_Posix_Stdlib_EOF
Mono_Posix_Stdlib_EXIT_FAILURE
Mono_Posix_Stdlib_EXIT_SUCCESS
Mono_Posix_Stdlib_FILENAME_MAX
Mono_Posix_Stdlib_FOPEN_MAX
Mono_Posix_Stdlib_GetLastError
Mono_Posix_Stdlib_InvokeSignalHandler
Mono_Posix_Stdlib_L_tmpnam
Mono_Posix_Stdlib_MB_CUR_MAX
Mono_Posix_Stdlib_RAND_MAX
Mono_Posix_Stdlib_SIG_DFL
Mono_Posix_Stdlib_SIG_ERR
Mono_Posix_Stdlib_SIG_IGN
Mono_Posix_Stdlib_SetLastError
Mono_Posix_Stdlib_TMP_MAX
Mono_Posix_Stdlib__IOFBF
Mono_Posix_Stdlib__IOLBF
Mono_Posix_Stdlib__IONBF
Mono_Posix_Stdlib_calloc
Mono_Posix_Stdlib_clearerr
Mono_Posix_Stdlib_fclose
Mono_Posix_Stdlib_feof
Mono_Posix_Stdlib_ferror
Mono_Posix_Stdlib_fflush
Mono_Posix_Stdlib_fgetc
Mono_Posix_Stdlib_fgetpos
Mono_Posix_Stdlib_fgets
Mono_Posix_Stdlib_fopen
Mono_Posix_Stdlib_fprintf
Mono_Posix_Stdlib_fputc
Mono_Posix_Stdlib_fputs
Mono_Posix_Stdlib_fread
Mono_Posix_Stdlib_free
Mono_Posix_Stdlib_freopen
Mono_Posix_Stdlib_fseek
Mono_Posix_Stdlib_fsetpos
Mono_Posix_Stdlib_ftell
Mono_Posix_Stdlib_fwrite
Mono_Posix_Stdlib_malloc
Mono_Posix_Stdlib_perror
Mono_Posix_Stdlib_realloc
Mono_Posix_Stdlib_rewind
Mono_Posix_Stdlib_setbuf
Mono_Posix_Stdlib_setvbuf
Mono_Posix_Stdlib_stderr
Mono_Posix_Stdlib_stdin
Mono_Posix_Stdlib_stdout
Mono_Posix_Stdlib_strlen
Mono_Posix_Stdlib_tmpfile
Mono_Posix_Stdlib_ungetc
Mono_Posix_Syscall_L_ctermid
Mono_Posix_Syscall_L_cuserid
Mono_Posix_ToAccessModes
Mono_Posix_ToAtFlags
Mono_Posix_ToConfstrName
Mono_Posix_ToDirectoryNotifyFlags
Mono_Posix_ToEpollEvents
Mono_Posix_ToEpollFlags
Mono_Posix_ToErrno
Mono_Posix_ToFcntlCommand
Mono_Posix_ToFilePermissions
Mono_Posix_ToLockType
Mono_Posix_ToLockfCommand
Mono_Posix_ToMessageFlags
Mono_Posix_ToMlockallFlags
Mono_Posix_ToMmapFlags
Mono_Posix_ToMmapProts
Mono_Posix_ToMountFlags
Mono_Posix_ToMremapFlags
Mono_Posix_ToMsyncFlags
Mono_Posix_ToOpenFlags
Mono_Posix_ToPathconfName
Mono_Posix_ToPollEvents
Mono_Posix_ToPosixFadviseAdvice
Mono_Posix_ToPosixMadviseAdvice
Mono_Posix_ToSeekFlags
Mono_Posix_ToShutdownOption
Mono_Posix_ToSignum
Mono_Posix_ToSockaddrType
Mono_Posix_ToSysconfName
Mono_Posix_ToSyslogFacility
Mono_Posix_ToSyslogLevel
Mono_Posix_ToSyslogOptions
Mono_Posix_ToUnixAddressFamily
Mono_Posix_ToUnixSocketControlMessage
Mono_Posix_ToUnixSocketFlags
Mono_Posix_ToUnixSocketOptionName
Mono_Posix_ToUnixSocketProtocol
Mono_Posix_ToUnixSocketType
Mono_Posix_ToWaitOptions
Mono_Posix_ToXattrFlags
Mono_Unix_VersionString
ReadZStream
WriteZStream
_dist_code
_length_code
_tr_align
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
adler32_combine64
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
deflate
deflateBound
deflateCopy
deflateEnd
deflateInit2_
deflateInit_
deflateParams
deflatePrime
deflateReset
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
eg_getdtablesize
eg_utf8_to_utf16_with_nuls
fclose_file_func
ferror_file_func
fill_fopen_filefunc
fopen_file_func
fread_file_func
fseek_file_func
ftell_file_func
fwrite_file_func
g_utf8_jump_table
get_crc_table
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCopy
inflateEnd
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflate_copyright
inflate_fast
inflate_table
mkstemp
monoeg_ascii_strcasecmp
monoeg_ascii_strup
monoeg_ascii_toupper
monoeg_assertion_message
monoeg_g_array_append_vals
monoeg_g_array_free
monoeg_g_array_insert_vals
monoeg_g_array_new
monoeg_g_array_remove_index
monoeg_g_array_remove_index_fast
monoeg_g_array_set_size
monoeg_g_array_sized_new
monoeg_g_ascii_strdown
monoeg_g_ascii_strncasecmp
monoeg_g_ascii_tolower
monoeg_g_ascii_xdigit_value
monoeg_g_build_path
monoeg_g_byte_array_append
monoeg_g_byte_array_free
monoeg_g_byte_array_new
monoeg_g_byte_array_set_size
monoeg_g_calloc
monoeg_g_clear_error
monoeg_g_convert
monoeg_g_convert_error_quark
monoeg_g_dir_close
monoeg_g_dir_open
monoeg_g_dir_read_name
monoeg_g_dir_rewind
monoeg_g_direct_equal
monoeg_g_direct_hash
monoeg_g_ensure_directory_exists
monoeg_g_error_free
monoeg_g_error_new
monoeg_g_file_error_from_errno
monoeg_g_file_error_quark
monoeg_g_file_get_contents
monoeg_g_file_open_tmp
monoeg_g_file_set_contents
monoeg_g_file_test
monoeg_g_filename_from_uri
monoeg_g_filename_from_utf8
monoeg_g_filename_to_uri
monoeg_g_find_program_in_path
monoeg_g_fprintf
monoeg_g_free
monoeg_g_get_charset
monoeg_g_get_current_dir
monoeg_g_get_current_time
monoeg_g_get_home_dir
monoeg_g_get_prgname
monoeg_g_get_tmp_dir
monoeg_g_get_user_name
monoeg_g_getenv
monoeg_g_hasenv
monoeg_g_hash_table_destroy
monoeg_g_hash_table_find
monoeg_g_hash_table_foreach
monoeg_g_hash_table_foreach_remove
monoeg_g_hash_table_foreach_steal
monoeg_g_hash_table_get_keys
monoeg_g_hash_table_get_values
monoeg_g_hash_table_insert_replace
monoeg_g_hash_table_iter_init
monoeg_g_hash_table_iter_next
monoeg_g_hash_table_lookup
monoeg_g_hash_table_lookup_extended
monoeg_g_hash_table_new
monoeg_g_hash_table_new_full
monoeg_g_hash_table_print_stats
monoeg_g_hash_table_remove
monoeg_g_hash_table_remove_all
monoeg_g_hash_table_size
monoeg_g_hash_table_steal
monoeg_g_iconv
monoeg_g_iconv_close
monoeg_g_iconv_open
monoeg_g_int_equal
monoeg_g_int_hash
monoeg_g_list_alloc
monoeg_g_list_append
monoeg_g_list_concat
monoeg_g_list_copy
monoeg_g_list_delete_link
monoeg_g_list_find
monoeg_g_list_find_custom
monoeg_g_list_first
monoeg_g_list_foreach
monoeg_g_list_free
monoeg_g_list_free_1
monoeg_g_list_index
monoeg_g_list_insert_before
monoeg_g_list_insert_sorted
monoeg_g_list_last
monoeg_g_list_length
monoeg_g_list_nth
monoeg_g_list_nth_data
monoeg_g_list_prepend
monoeg_g_list_remove
monoeg_g_list_remove_all
monoeg_g_list_remove_link
monoeg_g_list_reverse
monoeg_g_list_sort
monoeg_g_locale_from_utf8
monoeg_g_locale_to_utf8
monoeg_g_log
monoeg_g_log_set_always_fatal
monoeg_g_log_set_fatal_mask
monoeg_g_logv
monoeg_g_markup_parse_context_end_parse
monoeg_g_markup_parse_context_free
monoeg_g_markup_parse_context_new
monoeg_g_markup_parse_context_parse
monoeg_g_mem_set_vtable
monoeg_g_memdup
monoeg_g_mkdtemp
monoeg_g_module_build_path
monoeg_g_module_close
monoeg_g_module_error
monoeg_g_module_open
monoeg_g_module_symbol
monoeg_g_path_get_basename
monoeg_g_path_get_dirname
monoeg_g_path_is_absolute
monoeg_g_pattern_match_string
monoeg_g_pattern_spec_free
monoeg_g_pattern_spec_new
monoeg_g_print
monoeg_g_printerr
monoeg_g_printf
monoeg_g_propagate_error
monoeg_g_ptr_array_add
monoeg_g_ptr_array_foreach
monoeg_g_ptr_array_free
monoeg_g_ptr_array_new
monoeg_g_ptr_array_remove
monoeg_g_ptr_array_remove_fast
monoeg_g_ptr_array_remove_index
monoeg_g_ptr_array_remove_index_fast
monoeg_g_ptr_array_set_size
monoeg_g_ptr_array_sized_new
monoeg_g_ptr_array_sort
monoeg_g_ptr_array_sort_with_data
monoeg_g_qsort_with_data
monoeg_g_queue_foreach
monoeg_g_queue_free
monoeg_g_queue_is_empty
monoeg_g_queue_new
monoeg_g_queue_pop_head
monoeg_g_queue_push_head
monoeg_g_queue_push_tail
monoeg_g_set_error
monoeg_g_set_prgname
monoeg_g_setenv
monoeg_g_shell_parse_argv
monoeg_g_shell_quote
monoeg_g_shell_unquote
monoeg_g_slist_alloc
monoeg_g_slist_append
monoeg_g_slist_concat
monoeg_g_slist_copy
monoeg_g_slist_delete_link
monoeg_g_slist_find
monoeg_g_slist_find_custom
monoeg_g_slist_foreach
monoeg_g_slist_free
monoeg_g_slist_free_1
monoeg_g_slist_index
monoeg_g_slist_insert_before
monoeg_g_slist_insert_sorted
monoeg_g_slist_last
monoeg_g_slist_length
monoeg_g_slist_nth
monoeg_g_slist_nth_data
monoeg_g_slist_prepend
monoeg_g_slist_remove
monoeg_g_slist_remove_all
monoeg_g_slist_remove_link
monoeg_g_slist_reverse
monoeg_g_slist_sort
monoeg_g_snprintf
monoeg_g_spaced_primes_closest
monoeg_g_spawn_async_with_pipes
monoeg_g_spawn_command_line_sync
monoeg_g_sprintf
monoeg_g_stpcpy
monoeg_g_str_equal
monoeg_g_str_has_prefix
monoeg_g_str_has_suffix
monoeg_g_str_hash
monoeg_g_strchomp
monoeg_g_strchug
monoeg_g_strconcat
monoeg_g_strdelimit
monoeg_g_strdown
monoeg_g_strdup_printf
monoeg_g_strdup_vprintf
monoeg_g_strdupv
monoeg_g_strerror
monoeg_g_strescape
monoeg_g_strfreev
monoeg_g_string_append
monoeg_g_string_append_c
monoeg_g_string_append_len
monoeg_g_string_append_printf
monoeg_g_string_append_unichar
monoeg_g_string_append_vprintf
monoeg_g_string_erase
monoeg_g_string_free
monoeg_g_string_insert
monoeg_g_string_new
monoeg_g_string_new_len
monoeg_g_string_prepend
monoeg_g_string_printf
monoeg_g_string_set_size
monoeg_g_string_sized_new
monoeg_g_string_truncate
monoeg_g_strjoin
monoeg_g_strjoinv
monoeg_g_strlcpy
monoeg_g_strndup
monoeg_g_strnfill
monoeg_g_strreverse
monoeg_g_strsplit
monoeg_g_strsplit_set
monoeg_g_strv_length
monoeg_g_timer_destroy
monoeg_g_timer_elapsed
monoeg_g_timer_new
monoeg_g_timer_start
monoeg_g_timer_stop
monoeg_g_ucs4_to_utf16
monoeg_g_ucs4_to_utf8
monoeg_g_unichar_case
monoeg_g_unichar_isxdigit
monoeg_g_unichar_to_utf8
monoeg_g_unichar_tolower
monoeg_g_unichar_totitle
monoeg_g_unichar_toupper
monoeg_g_unichar_type
monoeg_g_unichar_xdigit_value
monoeg_g_unsetenv
monoeg_g_usleep
monoeg_g_utf16_to_ucs4
monoeg_g_utf16_to_utf8
monoeg_g_utf8_get_char
monoeg_g_utf8_offset_to_pointer
monoeg_g_utf8_pointer_to_offset
monoeg_g_utf8_strdown
monoeg_g_utf8_strlen
monoeg_g_utf8_strup
monoeg_g_utf8_to_ucs4_fast
monoeg_g_utf8_to_utf16
monoeg_g_utf8_validate
monoeg_g_vasprintf
monoeg_g_win32_getlocale
monoeg_log_default_handler
monoeg_log_set_default_handler
monoeg_malloc
monoeg_malloc0
monoeg_realloc
monoeg_set_print_handler
monoeg_set_printerr_handler
monoeg_try_malloc
monoeg_try_realloc
monoeg_unichar_break_type
monoeg_unichar_isspace
monoeg_utf8_find_prev_char
monoeg_utf8_get_char_validated
monoeg_utf8_prev_char
monoeg_utf8_to_ucs4
my_charset
uncompress
unzClose
unzCloseCurrentFile
unzGetCurrentFileInfo
unzGetFilePos
unzGetGlobalComment
unzGetGlobalInfo
unzGetLocalExtrafield
unzGetOffset
unzGoToFilePos
unzGoToFirstFile
unzGoToNextFile
unzLocateFile
unzOpen
unzOpen2
unzOpenCurrentFile
unzOpenCurrentFile2
unzOpenCurrentFile3
unzOpenCurrentFilePassword
unzReadCurrentFile
unzSetOffset
unzStringFileNameCompare
unz_copyright
unzeof

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 356B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 700KB - Virtual size: 699KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 272KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/92
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libSkiaSharp.dll
.dll windows:6 windows x64 arch:x64

ffe661c0b06e35c1f2a6559c922e2926

Code Sign

33:00:00:03:4e:b5:3c:7a:c1:84:6f:eb:2b:00:00:00:00:03:4e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/03/2023, 18:43

Not After

14/03/2024, 18:43

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9a:cd:b4:e0:3b:b1:c5:58:dd:37:d4:23:af:05:bc:b3:ab:09:1d:e0:a7:fc:33:60:28:fd:1c:59:27:a2:03:a1
Signer

Actual PE Digest

9a:cd:b4:e0:3b:b1:c5:58:dd:37:d4:23:af:05:bc:b3:ab:09:1d:e0:a7:fc:33:60:28:fd:1c:59:27:a2:03:a1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\externals\skia\out\windows\x64\libSkiaSharp.pdb

Imports

ole32

CoCreateGuid
CoCreateInstance

fontsub

CreateFontPackage

user32

SystemParametersInfoW

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
CompareStringW
CreateEventW
CreateFileMappingA
CreateFileW
CreateSemaphoreA
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTime
GetSystemTimeAsFileTime
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

KeepSkiaCSymbols
gr_backendrendertarget_delete
gr_backendrendertarget_get_backend
gr_backendrendertarget_get_gl_framebufferinfo
gr_backendrendertarget_get_height
gr_backendrendertarget_get_samples
gr_backendrendertarget_get_stencils
gr_backendrendertarget_get_width
gr_backendrendertarget_is_valid
gr_backendrendertarget_new_gl
gr_backendrendertarget_new_metal
gr_backendrendertarget_new_vulkan
gr_backendtexture_delete
gr_backendtexture_get_backend
gr_backendtexture_get_gl_textureinfo
gr_backendtexture_get_height
gr_backendtexture_get_width
gr_backendtexture_has_mipmaps
gr_backendtexture_is_valid
gr_backendtexture_new_gl
gr_backendtexture_new_metal
gr_backendtexture_new_vulkan
gr_direct_context_abandon_context
gr_direct_context_dump_memory_statistics
gr_direct_context_flush
gr_direct_context_flush_and_submit
gr_direct_context_free_gpu_resources
gr_direct_context_get_resource_cache_limit
gr_direct_context_get_resource_cache_usage
gr_direct_context_is_abandoned
gr_direct_context_make_gl
gr_direct_context_make_gl_with_options
gr_direct_context_make_metal
gr_direct_context_make_metal_with_options
gr_direct_context_make_vulkan
gr_direct_context_make_vulkan_with_options
gr_direct_context_perform_deferred_cleanup
gr_direct_context_purge_unlocked_resources
gr_direct_context_purge_unlocked_resources_bytes
gr_direct_context_release_resources_and_abandon_context
gr_direct_context_reset_context
gr_direct_context_set_resource_cache_limit
gr_direct_context_submit
gr_glinterface_assemble_gl_interface
gr_glinterface_assemble_gles_interface
gr_glinterface_assemble_interface
gr_glinterface_assemble_webgl_interface
gr_glinterface_create_native_interface
gr_glinterface_has_extension
gr_glinterface_unref
gr_glinterface_validate
gr_recording_context_get_backend
gr_recording_context_get_max_surface_sample_count_for_color_type
gr_recording_context_unref
gr_vk_extensions_delete
gr_vk_extensions_has_extension
gr_vk_extensions_init
gr_vk_extensions_new
sk_3dview_apply_to_canvas
sk_3dview_destroy
sk_3dview_dot_with_normal
sk_3dview_get_matrix
sk_3dview_new
sk_3dview_restore
sk_3dview_rotate_x_degrees
sk_3dview_rotate_x_radians
sk_3dview_rotate_y_degrees
sk_3dview_rotate_y_radians
sk_3dview_rotate_z_degrees
sk_3dview_rotate_z_radians
sk_3dview_save
sk_3dview_translate
sk_bitmap_destructor
sk_bitmap_erase
sk_bitmap_erase_rect
sk_bitmap_extract_alpha
sk_bitmap_extract_subset
sk_bitmap_get_addr
sk_bitmap_get_addr_16
sk_bitmap_get_addr_32
sk_bitmap_get_addr_8
sk_bitmap_get_byte_count
sk_bitmap_get_info
sk_bitmap_get_pixel_color
sk_bitmap_get_pixel_colors
sk_bitmap_get_pixels
sk_bitmap_get_row_bytes
sk_bitmap_install_mask_pixels
sk_bitmap_install_pixels
sk_bitmap_install_pixels_with_pixmap
sk_bitmap_is_immutable
sk_bitmap_is_null
sk_bitmap_make_shader
sk_bitmap_new
sk_bitmap_notify_pixels_changed
sk_bitmap_peek_pixels
sk_bitmap_ready_to_draw
sk_bitmap_reset
sk_bitmap_set_immutable
sk_bitmap_set_pixels
sk_bitmap_swap
sk_bitmap_try_alloc_pixels
sk_bitmap_try_alloc_pixels_with_flags
sk_canvas_clear
sk_canvas_clear_color4f
sk_canvas_clip_path_with_operation
sk_canvas_clip_rect_with_operation
sk_canvas_clip_region
sk_canvas_clip_rrect_with_operation
sk_canvas_concat
sk_canvas_destroy
sk_canvas_discard
sk_canvas_draw_annotation
sk_canvas_draw_arc
sk_canvas_draw_atlas
sk_canvas_draw_circle
sk_canvas_draw_color
sk_canvas_draw_color4f
sk_canvas_draw_drawable
sk_canvas_draw_drrect
sk_canvas_draw_image
sk_canvas_draw_image_lattice
sk_canvas_draw_image_nine
sk_canvas_draw_image_rect
sk_canvas_draw_line
sk_canvas_draw_link_destination_annotation
sk_canvas_draw_named_destination_annotation
sk_canvas_draw_oval
sk_canvas_draw_paint
sk_canvas_draw_patch
sk_canvas_draw_path
sk_canvas_draw_picture
sk_canvas_draw_point
sk_canvas_draw_points
sk_canvas_draw_rect
sk_canvas_draw_region
sk_canvas_draw_round_rect
sk_canvas_draw_rrect
sk_canvas_draw_simple_text
sk_canvas_draw_text_blob
sk_canvas_draw_url_annotation
sk_canvas_draw_vertices
sk_canvas_flush
sk_canvas_get_device_clip_bounds
sk_canvas_get_local_clip_bounds
sk_canvas_get_save_count
sk_canvas_get_total_matrix
sk_canvas_is_clip_empty
sk_canvas_is_clip_rect
sk_canvas_new_from_bitmap
sk_canvas_quick_reject
sk_canvas_reset_matrix
sk_canvas_restore
sk_canvas_restore_to_count
sk_canvas_rotate_degrees
sk_canvas_rotate_radians
sk_canvas_save
sk_canvas_save_layer
sk_canvas_scale
sk_canvas_set_matrix
sk_canvas_skew
sk_canvas_translate
sk_codec_destroy
sk_codec_get_encoded_format
sk_codec_get_frame_count
sk_codec_get_frame_info
sk_codec_get_frame_info_for_index
sk_codec_get_info
sk_codec_get_origin
sk_codec_get_pixels
sk_codec_get_repetition_count
sk_codec_get_scaled_dimensions
sk_codec_get_scanline_order
sk_codec_get_scanlines
sk_codec_get_valid_subset
sk_codec_incremental_decode
sk_codec_min_buffered_bytes_needed
sk_codec_new_from_data
sk_codec_new_from_stream
sk_codec_next_scanline
sk_codec_output_scanline
sk_codec_skip_scanlines
sk_codec_start_incremental_decode
sk_codec_start_scanline_decode
sk_color4f_from_color
sk_color4f_to_color
sk_color_get_bit_shift
sk_color_premultiply
sk_color_premultiply_array
sk_color_unpremultiply
sk_color_unpremultiply_array
sk_colorfilter_new_color_matrix
sk_colorfilter_new_compose
sk_colorfilter_new_high_contrast
sk_colorfilter_new_lighting
sk_colorfilter_new_luma_color
sk_colorfilter_new_mode
sk_colorfilter_new_table
sk_colorfilter_new_table_argb
sk_colorfilter_unref
sk_colorspace_equals
sk_colorspace_gamma_close_to_srgb
sk_colorspace_gamma_is_linear
sk_colorspace_icc_profile_delete
sk_colorspace_icc_profile_get_buffer
sk_colorspace_icc_profile_get_to_xyzd50
sk_colorspace_icc_profile_new
sk_colorspace_icc_profile_parse
sk_colorspace_is_numerical_transfer_fn
sk_colorspace_is_srgb
sk_colorspace_make_linear_gamma
sk_colorspace_make_srgb_gamma
sk_colorspace_new_icc
sk_colorspace_new_rgb
sk_colorspace_new_srgb
sk_colorspace_new_srgb_linear
sk_colorspace_primaries_to_xyzd50
sk_colorspace_ref
sk_colorspace_to_profile
sk_colorspace_to_xyzd50
sk_colorspace_transfer_fn_eval
sk_colorspace_transfer_fn_invert
sk_colorspace_transfer_fn_named_2dot2
sk_colorspace_transfer_fn_named_hlg
sk_colorspace_transfer_fn_named_linear
sk_colorspace_transfer_fn_named_pq
sk_colorspace_transfer_fn_named_rec2020
sk_colorspace_transfer_fn_named_srgb
sk_colorspace_unref
sk_colorspace_xyz_concat
sk_colorspace_xyz_invert
sk_colorspace_xyz_named_adobe_rgb
sk_colorspace_xyz_named_display_p3
sk_colorspace_xyz_named_rec2020
sk_colorspace_xyz_named_srgb
sk_colorspace_xyz_named_xyz
sk_colortable_count
sk_colortable_new
sk_colortable_read_colors
sk_colortable_unref
sk_colortype_get_default_8888
sk_compatpaint_clone
sk_compatpaint_delete
sk_compatpaint_get_font
sk_compatpaint_get_text_align
sk_compatpaint_get_text_encoding
sk_compatpaint_make_font
sk_compatpaint_new
sk_compatpaint_new_with_font
sk_compatpaint_reset
sk_compatpaint_set_text_align
sk_compatpaint_set_text_encoding
sk_data_get_bytes
sk_data_get_data
sk_data_get_size
sk_data_new_empty
sk_data_new_from_file
sk_data_new_from_stream
sk_data_new_subset
sk_data_new_uninitialized
sk_data_new_with_copy
sk_data_new_with_proc
sk_data_ref
sk_data_unref
sk_document_abort
sk_document_begin_page
sk_document_close
sk_document_create_pdf_from_stream
sk_document_create_pdf_from_stream_with_metadata
sk_document_create_xps_from_stream
sk_document_end_page
sk_document_unref
sk_drawable_draw
sk_drawable_get_bounds
sk_drawable_get_generation_id
sk_drawable_new_picture_snapshot
sk_drawable_notify_drawing_changed
sk_drawable_unref
sk_dynamicmemorywstream_copy_to
sk_dynamicmemorywstream_destroy
sk_dynamicmemorywstream_detach_as_data
sk_dynamicmemorywstream_detach_as_stream
sk_dynamicmemorywstream_new
sk_dynamicmemorywstream_write_to_stream
sk_filestream_destroy
sk_filestream_is_valid
sk_filestream_new
sk_filewstream_destroy
sk_filewstream_is_valid
sk_filewstream_new
sk_font_break_text
sk_font_delete
sk_font_get_edging
sk_font_get_hinting
sk_font_get_metrics
sk_font_get_path
sk_font_get_paths
sk_font_get_pos
sk_font_get_scale_x
sk_font_get_size
sk_font_get_skew_x
sk_font_get_typeface
sk_font_get_widths_bounds
sk_font_get_xpos
sk_font_is_baseline_snap
sk_font_is_embedded_bitmaps
sk_font_is_embolden
sk_font_is_force_auto_hinting
sk_font_is_linear_metrics
sk_font_is_subpixel
sk_font_measure_text
sk_font_measure_text_no_return
sk_font_new
sk_font_new_with_values
sk_font_set_baseline_snap
sk_font_set_edging
sk_font_set_embedded_bitmaps
sk_font_set_embolden
sk_font_set_force_auto_hinting
sk_font_set_hinting
sk_font_set_linear_metrics
sk_font_set_scale_x
sk_font_set_size
sk_font_set_skew_x
sk_font_set_subpixel
sk_font_set_typeface
sk_font_text_to_glyphs
sk_font_unichar_to_glyph
sk_font_unichars_to_glyphs
sk_fontmgr_count_families
sk_fontmgr_create_default
sk_fontmgr_create_from_data
sk_fontmgr_create_from_file
sk_fontmgr_create_from_stream
sk_fontmgr_create_styleset
sk_fontmgr_get_family_name
sk_fontmgr_match_face_style
sk_fontmgr_match_family
sk_fontmgr_match_family_style
sk_fontmgr_match_family_style_character
sk_fontmgr_ref_default
sk_fontmgr_unref
sk_fontstyle_delete
sk_fontstyle_get_slant
sk_fontstyle_get_weight
sk_fontstyle_get_width
sk_fontstyle_new
sk_fontstyleset_create_empty
sk_fontstyleset_create_typeface
sk_fontstyleset_get_count
sk_fontstyleset_get_style
sk_fontstyleset_match_style
sk_fontstyleset_unref
sk_graphics_dump_memory_statistics
sk_graphics_get_font_cache_count_limit
sk_graphics_get_font_cache_count_used
sk_graphics_get_font_cache_limit
sk_graphics_get_font_cache_point_size_limit
sk_graphics_get_font_cache_used
sk_graphics_get_resource_cache_single_allocation_byte_limit
sk_graphics_get_resource_cache_total_byte_limit
sk_graphics_get_resource_cache_total_bytes_used
sk_graphics_init
sk_graphics_purge_all_caches
sk_graphics_purge_font_cache
sk_graphics_purge_resource_cache
sk_graphics_set_font_cache_count_limit
sk_graphics_set_font_cache_limit
sk_graphics_set_font_cache_point_size_limit
sk_graphics_set_resource_cache_single_allocation_byte_limit
sk_graphics_set_resource_cache_total_byte_limit
sk_image_encode
sk_image_encode_specific
sk_image_get_alpha_type
sk_image_get_color_type
sk_image_get_colorspace
sk_image_get_height
sk_image_get_unique_id
sk_image_get_width
sk_image_is_alpha_only
sk_image_is_lazy_generated
sk_image_is_texture_backed
sk_image_is_valid
sk_image_make_non_texture_image
sk_image_make_raster_image
sk_image_make_shader
sk_image_make_subset
sk_image_make_texture_image
sk_image_make_with_filter
sk_image_make_with_filter_legacy
sk_image_new_from_adopted_texture
sk_image_new_from_bitmap
sk_image_new_from_encoded
sk_image_new_from_picture
sk_image_new_from_texture
sk_image_new_raster
sk_image_new_raster_copy
sk_image_new_raster_copy_with_pixmap
sk_image_new_raster_data
sk_image_peek_pixels
sk_image_read_pixels
sk_image_read_pixels_into_pixmap
sk_image_ref
sk_image_ref_encoded
sk_image_scale_pixels
sk_image_unref
sk_imagefilter_croprect_destructor
sk_imagefilter_croprect_get_flags
sk_imagefilter_croprect_get_rect
sk_imagefilter_croprect_new
sk_imagefilter_croprect_new_with_rect
sk_imagefilter_new_alpha_threshold
sk_imagefilter_new_arithmetic
sk_imagefilter_new_blur
sk_imagefilter_new_color_filter
sk_imagefilter_new_compose
sk_imagefilter_new_dilate
sk_imagefilter_new_displacement_map_effect
sk_imagefilter_new_distant_lit_diffuse
sk_imagefilter_new_distant_lit_specular
sk_imagefilter_new_drop_shadow
sk_imagefilter_new_drop_shadow_only
sk_imagefilter_new_erode
sk_imagefilter_new_image_source
sk_imagefilter_new_image_source_default
sk_imagefilter_new_magnifier
sk_imagefilter_new_matrix
sk_imagefilter_new_matrix_convolution
sk_imagefilter_new_merge
sk_imagefilter_new_offset
sk_imagefilter_new_paint
sk_imagefilter_new_picture
sk_imagefilter_new_picture_with_croprect
sk_imagefilter_new_point_lit_diffuse
sk_imagefilter_new_point_lit_specular
sk_imagefilter_new_spot_lit_diffuse
sk_imagefilter_new_spot_lit_specular
sk_imagefilter_new_tile
sk_imagefilter_new_xfermode
sk_imagefilter_unref
sk_jpegencoder_encode
sk_manageddrawable_new
sk_manageddrawable_set_procs
sk_manageddrawable_unref
sk_managedstream_destroy
sk_managedstream_new
sk_managedstream_set_procs
sk_managedtracememorydump_delete
sk_managedtracememorydump_new
sk_managedtracememorydump_set_procs
sk_managedwstream_destroy
sk_managedwstream_new
sk_managedwstream_set_procs
sk_mask_alloc_image
sk_mask_compute_image_size
sk_mask_compute_total_image_size
sk_mask_free_image
sk_mask_get_addr
sk_mask_get_addr_1
sk_mask_get_addr_32
sk_mask_get_addr_8
sk_mask_get_addr_lcd_16
sk_mask_is_empty
sk_maskfilter_new_blur
sk_maskfilter_new_blur_with_flags
sk_maskfilter_new_clip
sk_maskfilter_new_gamma
sk_maskfilter_new_shader
sk_maskfilter_new_table
sk_maskfilter_ref
sk_maskfilter_unref
sk_matrix44_as_col_major
sk_matrix44_as_row_major
sk_matrix44_destroy
sk_matrix44_determinant
sk_matrix44_equals
sk_matrix44_get
sk_matrix44_get_type
sk_matrix44_invert
sk_matrix44_map2
sk_matrix44_map_scalars
sk_matrix44_new
sk_matrix44_new_concat
sk_matrix44_new_copy
sk_matrix44_new_identity
sk_matrix44_new_matrix
sk_matrix44_post_concat
sk_matrix44_post_scale
sk_matrix44_post_translate
sk_matrix44_pre_concat
sk_matrix44_pre_scale
sk_matrix44_pre_translate
sk_matrix44_preserves_2d_axis_alignment
sk_matrix44_set
sk_matrix44_set_3x3_row_major
sk_matrix44_set_col_major
sk_matrix44_set_concat
sk_matrix44_set_identity
sk_matrix44_set_rotate_about_degrees
sk_matrix44_set_rotate_about_radians

Sections

.text
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 62B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
vcruntime140_cor3.dll
.dll windows:6 windows x64 arch:x64

7f07fd94e5bb907093556781cc464017

Code Sign

33:00:00:00:e7:1a:a6:e3:0b:5e:b4:0a:54:00:00:00:00:00:e7
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/02/2023, 22:33

Not After

31/01/2024, 22:33

Subject

CN=Microsoft Windows Software Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:14:9d:fb:c3:1f:1f:63:c3:10:00:00:00:00:00:14
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01/05/2013, 20:44

Not After

01/05/2028, 20:54

Subject

CN=Microsoft Windows Third Party Component CA 2013,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:03:3e:63:3a:86:bf:41:73:d7:e0:00:00:00:00:03:3e
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/02/2023, 20:10

Not After

31/01/2024, 20:10

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d0:81:eb:5a:0d:8f:4e:84:7c:f6:eb:16:5a:a3:58:4b:06:a7:17:39:d7:bd:e1:ac:86:78:b7:2c:ec:df:23:4e
Signer

Actual PE Digest

d0:81:eb:5a:0d:8f:4e:84:7c:f6:eb:16:5a:a3:58:4b:06:a7:17:39:d7:bd:e1:ac:86:78:b7:2c:ec:df:23:4e

Digest Algorithm

sha256

PE Digest Matches

true

d0:81:eb:5a:0d:8f:4e:84:7c:f6:eb:16:5a:a3:58:4b:06:a7:17:39:d7:bd:e1:ac:86:78:b7:2c:ec:df:23:4e
Signer

Actual PE Digest

d0:81:eb:5a:0d:8f:4e:84:7c:f6:eb:16:5a:a3:58:4b:06:a7:17:39:d7:bd:e1:ac:86:78:b7:2c:ec:df:23:4e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
wpfgfx_cor3.dll
.dll windows:6 windows x64 arch:x64

0ffe1d6b391ac96c6f9104a5c1661105

Code Sign

33:00:00:03:7b:a1:0a:3e:cb:66:e9:01:c0:00:00:00:00:03:7b
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/05/2023, 19:03

Not After

08/05/2024, 19:03

Subject

CN=.NET,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

22:d4:1d:16:59:6f:a0:b9:b1:12:c4:d0:ae:67:1b:bf:51:8e:ac:37:12:a8:51:89:55:75:79:e4:2b:c7:a1:4d
Signer

Actual PE Digest

22:d4:1d:16:59:6f:a0:b9:b1:12:c4:d0:ae:67:1b:bf:51:8e:ac:37:12:a8:51:89:55:75:79:e4:2b:c7:a1:4d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\artifacts\bin\wpfgfx\x64\Release\wpfgfx_cor3.pdb

Imports

kernel32

WaitForSingleObject
CloseHandle
CreateEventW
CreateThread
GetCurrentThreadId
ResetEvent
TryEnterCriticalSection
MulDiv
QueryPerformanceCounter
Sleep
FindResourceW
LoadResource
LockResource
GlobalUnlock
QueryPerformanceFrequency
InitializeSListHead
InterlockedPushEntrySList
QueryDepthSList
InterlockedFlushSList
SleepEx
RtlCaptureStackBackTrace
IsDebuggerPresent
ExitProcess
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
TerminateThread
GetCurrentThread
GetCurrentProcessId
SetThreadPriority
LoadLibraryExW
FindClose
FindFirstFileW
GetSystemDirectoryW
SystemTimeToFileTime
LoadLibraryA
LoadLibraryExA
DebugBreak
GetModuleFileNameW
FreeLibrary
OutputDebugStringW
LoadLibraryW
LeaveCriticalSection
EnterCriticalSection
SetEvent
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
GetLastError
GetVersionExW
DisableThreadLibraryCalls
IsProcessorFeaturePresent
TryAcquireSRWLockExclusive
GetLocaleInfoEx
LocalFree
FormatMessageA
GetSystemTimeAsFileTime
SleepConditionVariableSRW
TerminateProcess
GetCurrentProcess
WakeAllConditionVariable
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
RaiseException
EncodePointer
VirtualAlloc
VirtualFree
CreateFileMappingW
MapViewOfFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemInfo
VirtualProtect
VirtualQuery
GetModuleHandleW
UnmapViewOfFile
SizeofResource
GetTickCount
WaitForMultipleObjects
GetProcAddress
VerSetConditionMask

advapi32

AllocateLocallyUniqueId
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
GetTraceLoggerHandle
TraceMessage
TraceEvent
UnregisterTraceGuids

ntdll

RtlFindClearBitsAndSet
RtlClearBits
RtlCaptureContext
RtlSetBits
RtlInitializeBitMap
NtQuerySystemInformation
RtlInterlockedFlushSList
DbgPrintEx
DbgPrompt
DbgBreakPoint
RtlUnwindEx
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlPcToFileHeader

user32

GetMonitorInfoW
GetDC
GetWindowDC
MonitorFromWindow
SetLayeredWindowAttributes
WindowFromDC
GetWindowRect
SystemParametersInfoW
EnumDisplaySettingsW
GetWindowLongW
InvalidateRect
ScreenToClient
UpdateLayeredWindow
IsWindow
PeekMessageW
TranslateMessage
DispatchMessageW
MsgWaitForMultipleObjects
GetDesktopWindow
RegisterWindowMessageW
PostMessageW
ReleaseDC
EnumDisplayMonitors
GetClientRect
GetParent
ClientToScreen
IsRectEmpty
OffsetRect
SetRect
IntersectRect
EqualRect
GetGuiResources
EnumDisplayDevicesW

gdi32

CreatePalette
GetSystemPaletteEntries
SelectPalette
GetDIBits
RealizePalette
OffsetRgn
GetRandomRgn
SetLayout
CreateCompatibleBitmap
GetRgnBox
SetRectRgn
CreateRectRgn
GetRegionData
RectInRegion
CombineRgn
CreateRectRgnIndirect
SelectObject
CreateDIBSection
DeleteObject
CreateICW
GetDeviceCaps
DeleteDC
BitBlt
CreateCompatibleDC

ole32

CoInitialize
CoCreateInstance
PropVariantClear
CoTaskMemAlloc
PropVariantCopy
CoTaskMemFree
CoUninitialize

oleaut32

SysFreeString
VariantInit
VariantClear
SysAllocString

d3dcompiler_47_cor3

D3DCompile

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo_noreturn
_execute_onexit_table
abort
terminate
_crt_atexit
_cexit
_initterm
_seh_filter_dll
_configure_narrow_argv
_initterm_e
_initialize_onexit_table
_register_onexit_function
_initialize_narrow_environment

api-ms-win-crt-convert-l1-1-0

_wtoi

api-ms-win-crt-math-l1-1-0

_isnan
_finite
fmodf
cos
fmod
floorf
cosf
tan
exp
atan2f
nextafterf
logf
ceilf
modf
pow
sin
sinf
sqrt
sqrtf
floor
_copysign

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

wcsncmp
strcpy_s

api-ms-win-crt-utility-l1-1-0

qsort

Exports

Exports

GetNextPerfElementId
IWICColorContext_GetExifColorSpace_Proxy
IWICColorContext_GetProfileBytes_Proxy
IWICColorContext_GetType_Proxy
InteropDeviceBitmap_AddDirtyRect
InteropDeviceBitmap_Create
InteropDeviceBitmap_Detach
InteropDeviceBitmap_GetAsSoftwareBitmap
MIL3DCalcProjected2DBounds
MILAddRef
MILCreateEventProxy
MILCreateFactory
MILCreateStreamFromStreamDescriptor
MILFactoryCreateBitmapRenderTarget
MILFactoryCreateMediaPlayer
MILFactoryCreateSWRenderTargetForBitmap
MILIStreamWrite
MILLoadResource
MILMediaCanPause
MILMediaClose
MILMediaGetBufferingProgress
MILMediaGetDownloadProgress
MILMediaGetMediaLength
MILMediaGetNaturalHeight
MILMediaGetNaturalWidth
MILMediaGetPosition
MILMediaHasAudio
MILMediaHasVideo
MILMediaIsBuffering
MILMediaNeedUIFrameUpdate
MILMediaOpen
MILMediaProcessExitHandler
MILMediaSetBalance
MILMediaSetIsScrubbingEnabled
MILMediaSetPosition
MILMediaSetRate
MILMediaSetVolume
MILMediaShutdown
MILMediaStop
MILQueryInterface
MILRelease
MILRenderTargetBitmapClear
MILRenderTargetBitmapGetBitmap
MILSwDoubleBufferedBitmapAddDirtyRect
MILSwDoubleBufferedBitmapCreate
MILSwDoubleBufferedBitmapGetBackBuffer
MILSwDoubleBufferedBitmapProtectBackBuffer
MILUpdateSystemParametersInfo
MilChannel_AppendCommandData
MilChannel_BeginCommand
MilChannel_CloseBatch
MilChannel_CommitChannel
MilChannel_EndCommand
MilChannel_GetMarshalType
MilChannel_SetNotificationWindow
MilChannel_SetReceiveBroadcastMessages
MilCompositionEngine_DeinitializePartitionManager
MilCompositionEngine_EnterCompositionEngineLock
MilCompositionEngine_ExitCompositionEngineLock
MilCompositionEngine_GetComposedEventId
MilCompositionEngine_InitializePartitionManager
MilCompositionEngine_UpdateSchedulerSettings
MilComposition_PeekNextMessage
MilComposition_SyncFlush
MilComposition_WaitForNextMessage
MilConnection_CreateChannel
MilConnection_DestroyChannel
MilContent_AttachToHwnd
MilContent_DetachFromHwnd
MilGlyphRun_GetGlyphOutline
MilGlyphRun_ReleasePathGeometryData
MilPlayer_Create
MilPlayer_Process
MilResource_CreateCWICWrapperBitmap
MilResource_CreateOrAddRefOnChannel
MilResource_DuplicateHandle
MilResource_GetRefCountOnChannel
MilResource_ReleaseOnChannel
MilResource_SendCommand
MilResource_SendCommandBitmapSource
MilResource_SendCommandMedia
MilUtility_ArcToBezier
MilUtility_CopyPixelBuffer
MilUtility_GeometryGetArea
MilUtility_GetPointAtLengthFraction
MilUtility_GetTileBrushMapping
MilUtility_PathGeometryBounds
MilUtility_PathGeometryCombine
MilUtility_PathGeometryFlatten
MilUtility_PathGeometryHitTest
MilUtility_PathGeometryHitTestPathGeometry
MilUtility_PathGeometryOutline
MilUtility_PathGeometryWiden
MilUtility_PolygonBounds
MilUtility_PolygonHitTest
MilVersionCheck
MilVisualTarget_AttachToHwnd
MilVisualTarget_DetachFromHwnd
RenderOptions_ForceSoftwareRenderingModeForProcess
RenderOptions_IsSoftwareRenderingForcedForProcess
SetMilPerfInstrumentationFlags
WgxConnection_Create
WgxConnection_Disconnect
WgxConnection_SameThreadPresent
WgxConnection_ShouldForceSoftwareForGraphicsStreamClient

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 345KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8235041cfd6fffb926142c2c78013446

Code Sign

33:00:00:05:00:27:d6:32:6f:43:73:7b:87:00:00:00:00:05:00Certificate

Extended Key Usages

61:0c:52:4c:00:00:00:00:00:03Certificate

Key Usages

80:5d:c5:12:35:5e:e1:23:cc:cd:fc:86:0b:c4:64:6d:59:c0:f9:e1:ad:8e:a3:f6:ea:5f:b1:cf:f9:7e:07:c9Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

advapi32

rpcrt4

Exports

Exports

Sections

.text Size: 3.6MB - Virtual size: 3.6MB

.rdata Size: 916KB - Virtual size: 913KB

.data Size: 64KB - Virtual size: 100KB

.pdata Size: 128KB - Virtual size: 127KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 36KB - Virtual size: 34KB

9c5f50f678d576a77719753fbd013f5a

Code Sign

33:00:00:00:bb:b6:77:24:71:4a:20:00:20:00:00:00:00:00:bbCertificate

Extended Key Usages

0b:45:3a:97:05:93:9e:cd:4d:dd:57:33:11:a8:92:9bCertificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

0b:ae:52:9e:e3:dd:35:75:fa:94:95:2d:1b:e5:8f:94:c2:d2:f2:41Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 26KB - Virtual size: 25KB

.data Size: 512B - Virtual size: 1KB

.pdata Size: 2KB - Virtual size: 1KB

.gfids Size: 512B - Virtual size: 16B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 100B

4093c03428ffebcedcb974ab93290ca8

Code Sign

33:00:00:03:7b:a1:0a:3e:cb:66:e9:01:c0:00:00:00:00:03:7bCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

30:37:4b:50:e8:4e:47:52:c7:4d:56:88:08:30:15:16:2c:c6:fb:1e:27:8a:08:aa:c0:22:5d:65:d8:66:50:6cSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

33:00:00:05:00:27:d6:32:6f:43:73:7b:87:00:00:00:00:05:00
Certificate

61:0c:52:4c:00:00:00:00:00:03
Certificate

80:5d:c5:12:35:5e:e1:23:cc:cd:fc:86:0b:c4:64:6d:59:c0:f9:e1:ad:8e:a3:f6:ea:5f:b1:cf:f9:7e:07:c9
Signer

.text
Size: 3.6MB - Virtual size: 3.6MB

.rdata
Size: 916KB - Virtual size: 913KB

.data
Size: 64KB - Virtual size: 100KB

.pdata
Size: 128KB - Virtual size: 127KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 36KB - Virtual size: 34KB

33:00:00:00:bb:b6:77:24:71:4a:20:00:20:00:00:00:00:00:bb
Certificate

0b:45:3a:97:05:93:9e:cd:4d:dd:57:33:11:a8:92:9b
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

0b:ae:52:9e:e3:dd:35:75:fa:94:95:2d:1b:e5:8f:94:c2:d2:f2:41
Signer

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 26KB - Virtual size: 25KB

.data
Size: 512B - Virtual size: 1KB

.pdata
Size: 2KB - Virtual size: 1KB

.gfids
Size: 512B - Virtual size: 16B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 100B

33:00:00:03:7b:a1:0a:3e:cb:66:e9:01:c0:00:00:00:00:03:7b
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

30:37:4b:50:e8:4e:47:52:c7:4d:56:88:08:30:15:16:2c:c6:fb:1e:27:8a:08:aa:c0:22:5d:65:d8:66:50:6c
Signer

.text
Size: 81KB - Virtual size: 80KB

.orpc
Size: 512B - Virtual size: 197B

.rdata
Size: 39KB - Virtual size: 38KB

.data
Size: 3KB - Virtual size: 5KB

.pdata
Size: 6KB - Virtual size: 5KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 1KB - Virtual size: 1KB

33:00:00:03:7c:c9:f6:bc:ed:07:59:ae:08:00:00:00:00:03:7c
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

a0:62:73:7e:7b:14:1f:99:e1:78:16:2b:22:a2:48:aa:a8:77:18:e8:0e:ec:7e:e3:f2:78:f2:f9:58:26:ea:2a
Signer

.text
Size: 947KB - Virtual size: 946KB

.rdata
Size: 195KB - Virtual size: 195KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 47KB - Virtual size: 47KB

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB