win_01[.]08[.]04[.]05[.]zip

Resubmissions

27/02/2024, 15:28

240227-swfnasce29 4

27/02/2024, 15:27

240227-sv3fnscg8x 1

Sharing

Copy URL Twitter E-mail

General

Target

win_01.08.04.05.zip
Size

6.5MB
MD5

d12f1ebc59708c0c26f7ed6894c2da61
SHA1

afb7dd77217b7716f3cc9688eda480d2e030cd4c
SHA256

a8cd01b4170ff846cd6f5e74d62ea9332ab5780ab3a7d4b9c99a1a4f2fd8abd2
SHA512

443a28ee6b3c52387ca86f7fea0ce05906dcbd85977d3d5759b1155d6e809a01113fe1e1af9b3e294f64b7386ca99b4688455a87ece622a909295bdbf2ff5bed
SSDEEP

98304:p2Ds7JGW9JZu1nM3BLHq55LIOV2rpFWDPPX8s/gIH9dMOuKTB6QeNqB5b+Rl+8yN:p2Ds0MrZK5LVLT/su4OBre1R+gm7iK

Score

1^/10

Malware Config

Signatures

Files

win_01.08.04.05.zip
.zip
BambuSource.dll
.dll regsvr32 windows:6 windows x64 arch:x64

53a7d39356f2b5c0e55c09522e8cd073

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:20:92:95:a5:4b:18:84:66:ad:74:78
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

26/12/2022, 08:11

Not After

10/02/2026, 10:12

Subject

SERIALNUMBER=91440300MA5GFQKC9F,CN=Shenzhen Tuozhu Technology Co.\, Ltd.,O=Shenzhen Tuozhu Technology Co.\, Ltd.,STREET=前海深港合作区前湾一路1号A栋201室（入驻深圳市前海商务秘书有限公司）,L=Shenzhen,ST=Guangdong,C=CN,1.3.6.1.4.1.311.60.2.1.1=#13085348454e5a48454e,1.3.6.1.4.1.311.60.2.1.2=#13094755414e47444f4e47,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

47:bf:c8:ad:98:49:24:30:61:8b:34:c7:21:98:a6:29:43:66:81:7a:89:c2:c4:7a:3e:92:61:36:1e:ed:36:01
Signer

Actual PE Digest

47:bf:c8:ad:98:49:24:30:61:8b:34:c7:21:98:a6:29:43:66:81:7a:89:c2:c4:7a:3e:92:61:36:1e:ed:36:01

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\bambu-studio\release_networking\player\build\Release\BambuSource.pdb

Imports

crypt32

CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertEnumCertificatesInStore
CertGetIntendedKeyUsage
CertOpenSystemStoreA
CertCloseStore

wldap32

ord143
ord217
ord46
ord301
ord211
ord27
ord32
ord60
ord22
ord30
ord79
ord35
ord33
ord26
ord200
ord41
ord50

winmm

timeGetTime
timeSetEvent

kernel32

CreateDirectoryExW
OutputDebugStringW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Sleep
CreateMutexW
CreateEventW
GetCurrentProcessId
GetCurrentThreadId
WideCharToMultiByte
lstrcpyW
WaitForSingleObject
MultiByteToWideChar
CreateFileW
CloseHandle
GetLastError
GetOverlappedResult
CancelIo
TryEnterCriticalSection
WaitForMultipleObjects
CreateThread
GetSystemTime
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ReadDirectoryChangesW
FreeLibrary
GetModuleFileNameW
GetModuleHandleExA
GetProcAddress
LoadLibraryW
FormatMessageW
GetModuleHandleExW
LoadResource
LockResource
SizeofResource
FindResourceW
GetTickCount
SetWaitableTimer
ExitThread
GetSystemTimeAsFileTime
CreateWaitableTimerA
FormatMessageA
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
QueryPerformanceCounter
InitializeCriticalSectionEx
QueryPerformanceFrequency
GetSystemDirectoryA
GetModuleHandleA
LoadLibraryA
SetLastError
CompareFileTime
GetEnvironmentVariableA
SleepEx
MoveFileExA
WaitForSingleObjectEx
GetStdHandle
GetFileInformationByHandleEx
ReadFile
MoveFileExW
VerSetConditionMask
VerifyVersionInfoW
InitializeSRWLock
ReleaseSRWLockShared
AcquireSRWLockShared
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
WriteFile
GetModuleHandleW
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
VirtualLock
GetEnvironmentVariableW
GetACP
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
FindClose
FindFirstFileW
FindNextFileW
SystemTimeToFileTime
GetVersion
SetEvent
ResetEvent
CreateSemaphoreW
GetCurrentThread
SetThreadPriority
GetThreadPriority
GetVersionExW
DuplicateHandle
ReleaseSemaphore
GetCurrentProcess
lstrcmpW
GetModuleFileNameA
lstrlenA
lstrlenW
DisableThreadLibraryCalls
SetErrorMode
lstrcmpiA
DeviceIoControl
AreFileApisANSI
GetTempPathW
SetFileTime
SetFilePointerEx
SetFileInformationByHandle
SetFileAttributesW
SetEndOfFile
GetFullPathNameW
GetFinalPathNameByHandleW
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
GetDiskFreeSpaceExW
FindFirstFileExW
CreateDirectoryW
GetCurrentDirectoryW
SetCurrentDirectoryW
LocalFree
CopyFileW
PeekNamedPipe
VirtualQuery
CreateSymbolicLinkW
InitializeCriticalSectionAndSpinCount
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
RaiseException
GetStartupInfoW
InitializeSListHead
HeapAlloc
HeapFree
GetProcessHeap
CreateHardLinkW
GetFileType

user32

SetWindowLongPtrW
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
DefWindowProcW
CreateDialogParamW
SetWindowLongW
GetQueueStatus
PostThreadMessageW
DispatchMessageW
RegisterWindowMessageW
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
GetWindowLongPtrW
GetWindowLongW
MsgWaitForMultipleObjects
InvalidateRect
SendMessageCallbackW
PeekMessageW
SendDlgItemMessageW
IsWindowVisible
GetClientRect
CopyRect
SetRectEmpty
SetRect
ShowWindow
MoveWindow
DestroyWindow

ole32

CoCreateInstance
CreateItemMoniker
GetRunningObjectTable
CoTaskMemAlloc
CoUninitialize
CoFreeUnusedLibraries
CoInitialize
CoTaskMemFree
StringFromGUID2

oleaut32

SysFreeString
SysAllocString

advapi32

CryptAcquireContextA
RegSetValueExW
RegSetValueW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
CryptReleaseContext
CryptGetHashParam
CryptCreateHash
CryptHashData
CryptDestroyHash
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptGenRandom
RegCloseKey
RegCreateKeyW

msvcp140

?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
_Thrd_detach
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
_Mbrtowc
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?_Throw_Cpp_error@std@@YAXH@Z
_Cnd_do_broadcast_at_thread_exit
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
_Query_perf_counter
_Query_perf_frequency
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
?_Throw_C_error@std@@YAXH@Z
_Tolower
_Toupper
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getctype@_Locinfo@std@@QEBA?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
??0ctype_base@std@@QEAA@_K@Z
??1ctype_base@std@@UEAA@XZ
?clear@ios_base@std@@QEAAXH_N@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??1ios_base@std@@UEAA@XZ
?_Addstd@ios_base@std@@SAXPEAV12@@Z
??0ios_base@std@@IEAA@XZ
?_Init@ios_base@std@@IEAAXXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Xtime_get_ticks
_Thrd_join
_Thrd_id
_Cnd_init_in_situ
_Cnd_destroy_in_situ
_Cnd_wait
_Cnd_broadcast

ws2_32

freeaddrinfo
getaddrinfo
send
recv
htonl
getsockname
WSAIoctl
WSACleanup
recvfrom
ntohs
WSAGetLastError
WSASetLastError
socket
sendto
inet_pton
WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAResetEvent
WSASetEvent
inet_addr
listen
setsockopt
WSAWaitForMultipleEvents
shutdown
select
getservbyport
htons
getsockopt
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
gethostbyname
gethostbyaddr
inet_ntoa
gethostname
WSAStartup
getpeername
getservbyname

iphlpapi

SendARP

bcrypt

BCryptGenRandom

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__vcrt_LoadLibraryExW
__vcrt_GetModuleFileNameW
__std_type_info_destroy_list
__current_exception_context
__current_exception
__C_specific_handler_noexcept
__C_specific_handler
wcsstr
wcschr
wcsrchr
strrchr
memcmp
memmove
_CxxThrowException
__std_exception_destroy
__std_exception_copy
strchr
__std_terminate
_purecall
strstr
memset
memcpy
memchr

api-ms-win-crt-convert-l1-1-0

atoi
strtoll
_wtoi
strtoull
strtod
wcstombs
strtoul
strtol

api-ms-win-crt-stdio-l1-1-0

_wfopen
ftell
_fileno
ferror
__stdio_common_vsprintf_s
_lseeki64
fopen
setvbuf
ungetc
__stdio_common_vfprintf_p
_open
fwrite
puts
_fseeki64
__stdio_common_vfwprintf
__stdio_common_vfwprintf_s
__stdio_common_vfwprintf_p
__stdio_common_vfwscanf
__stdio_common_vsnwprintf_s
__stdio_common_vswprintf_p
__stdio_common_vswscanf
__stdio_common_vfprintf_s
__stdio_common_vfprintf
__stdio_common_vfscanf
__stdio_common_vsnprintf_s
__stdio_common_vsprintf_p
fflush
fputs
fsetpos
fread
__stdio_common_vsscanf
fclose
__stdio_common_vswprintf_s
fputc
fgetpos
fgetc
__acrt_iob_func
__stdio_common_vswprintf
_get_stream_buffer_pointers
_read
_write
__stdio_common_vsprintf
fseek
_close
fgets
feof
_setmode

api-ms-win-crt-runtime-l1-1-0

_errno
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_cexit
_initterm
_register_onexit_function
_beginthreadex
_invalid_parameter_noinfo_noreturn
terminate
_crt_at_quick_exit
_wassert
__sys_errlist
__sys_nerr
_crt_atexit
abort
exit
signal
strerror
_initterm_e
_execute_onexit_table
_initialize_onexit_table
raise
strerror_s
_exit

api-ms-win-crt-heap-l1-1-0

malloc
calloc
_callnewh
realloc
free

api-ms-win-crt-string-l1-1-0

wcsncpy_s
strncmp
isdigit
isspace
_strdup
strcat_s
strspn
strpbrk
strcspn
strncpy_s
strcpy_s
isalnum
strnlen
strncat
strncpy
strlen
tolower
strcpy
toupper
strcmp
_strnicmp

api-ms-win-crt-utility-l1-1-0

rand
bsearch
qsort
srand

api-ms-win-crt-time-l1-1-0

strftime
_get_daylight
_time64
_get_timezone
_localtime64_s
_gmtime64_s
_gmtime64
_tzset

api-ms-win-crt-filesystem-l1-1-0

remove
_fstat64
_unlink
_stat64
rename
_access
_unlock_file
_lock_file
_stat64i32

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-math-l1-1-0

_fdopen
_dclass

api-ms-win-crt-locale-l1-1-0

setlocale
___lc_codepage_func

Exports

Exports

Bambu_Close
Bambu_Create
Bambu_Deinit
Bambu_Destroy
Bambu_FreeLogMsg
Bambu_GetDuration
Bambu_GetLastErrorMsg
Bambu_GetStreamCount
Bambu_GetStreamInfo
Bambu_Init
Bambu_Open
Bambu_ReadSample
Bambu_RecvMessage
Bambu_Seek
Bambu_SendMessage
Bambu_SetLogger
Bambu_StartStream
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer
IOTC_WakeUp_DeInitEx
IOTC_WakeUp_Get_SleepPacketEx
IOTC_WakeUp_Init
IOTC_WakeUp_Setup_Auto_WakeUp
IOTC_WakeUp_WakeDevice
LocalServer_Accept
LocalServer_Create
LocalServer_Destroy
LocalTunnel_Close
LocalTunnel_Create
LocalTunnel_Destroy
LocalTunnel_GetLastError
LocalTunnel_GetLastErrorMsg
LocalTunnel_Open
LocalTunnel_Read
LocalTunnel_Write
_json_c_strerror
json_c_object_sizeof
json_c_set_serialization_double_format
json_c_shallow_copy_default
json_object_array_add
json_object_array_bsearch
json_object_array_del_idx
json_object_array_get_idx
json_object_array_length
json_object_array_put_idx
json_object_array_shrink
json_object_array_sort
json_object_deep_copy
json_object_double_to_json_string
json_object_equal
json_object_free_userdata
json_object_from_fd
json_object_from_fd_ex
json_object_from_file
json_object_get
json_object_get_array
json_object_get_boolean
json_object_get_double
json_object_get_int
json_object_get_int64
json_object_get_object
json_object_get_string
json_object_get_string_len
json_object_get_type
json_object_get_uint64
json_object_get_userdata
json_object_int_inc
json_object_is_type
json_object_iter_begin
json_object_iter_end
json_object_iter_equal
json_object_iter_init_default
json_object_iter_next
json_object_iter_peek_name
json_object_iter_peek_value
json_object_new_array
json_object_new_array_ext
json_object_new_boolean
json_object_new_double
json_object_new_double_s
json_object_new_int
json_object_new_int64
json_object_new_null
json_object_new_object
json_object_new_string
json_object_new_string_len
json_object_new_uint64
json_object_object_add
json_object_object_add_ex
json_object_object_del
json_object_object_get
json_object_object_get_ex
json_object_object_length
json_object_put
json_object_set_boolean
json_object_set_double
json_object_set_int
json_object_set_int64
json_object_set_serializer
json_object_set_string
json_object_set_string_len
json_object_set_uint64
json_object_set_userdata
json_object_to_fd
json_object_to_file
json_object_to_file_ext
json_object_to_json_string
json_object_to_json_string_ext
json_object_to_json_string_length
json_object_userdata_to_json_string
json_parse_double
json_parse_int64
json_parse_uint64
json_tokener_error_desc
json_tokener_free
json_tokener_get_error
json_tokener_get_parse_end
json_tokener_new
json_tokener_new_ex
json_tokener_parse
json_tokener_parse_ex
json_tokener_parse_verbose
json_tokener_reset
json_tokener_set_flags
json_type_to_name
json_util_get_last_err
printbuf_free
printbuf_memappend
printbuf_memset
printbuf_new
printbuf_reset
sprintbuf

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 160KB - Virtual size: 4.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 214KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bambu_networking.dll
.dll windows:6 windows x64 arch:x64

b692dec6c0d1e3c638869776ce0ba2d9

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:20:92:95:a5:4b:18:84:66:ad:74:78
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

26/12/2022, 08:11

Not After

10/02/2026, 10:12

Subject

SERIALNUMBER=91440300MA5GFQKC9F,CN=Shenzhen Tuozhu Technology Co.\, Ltd.,O=Shenzhen Tuozhu Technology Co.\, Ltd.,STREET=前海深港合作区前湾一路1号A栋201室（入驻深圳市前海商务秘书有限公司）,L=Shenzhen,ST=Guangdong,C=CN,1.3.6.1.4.1.311.60.2.1.1=#13085348454e5a48454e,1.3.6.1.4.1.311.60.2.1.2=#13094755414e47444f4e47,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

24:28:0f:13:55:99:8e:c7:fc:e6:26:87:7e:ed:61:c8:e6:a7:bf:b5:cc:e6:03:1e:90:ee:70:e0:93:69:65:3a
Signer

Actual PE Digest

24:28:0f:13:55:99:8e:c7:fc:e6:26:87:7e:ed:61:c8:e6:a7:bf:b5:cc:e6:03:1e:90:ee:70:e0:93:69:65:3a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\bambu-studio\release_networking\networking\build\Release\bambu_networking.pdb

Imports

iphlpapi

GetAdaptersAddresses

crypt32

CertOpenSystemStoreA
CertGetIntendedKeyUsage
CertGetEnhancedKeyUsage
CertFreeCertificateContext
CertEnumCertificatesInStore
CertOpenStore
CertDuplicateCertificateContext
CryptBinaryToStringA
CryptStringToBinaryA
CryptBinaryToStringW
CertGetNameStringW
CertGetCertificateContextProperty
CertFindCertificateInStore
CertCloseStore

rpcrt4

UuidCreate

advapi32

ReportEventW
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptAcquireContextW
RegisterEventSourceW
DeregisterEventSource
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptEnumProvidersW
CryptAcquireContextA
CryptSignHashW

bcrypt

BCryptOpenAlgorithmProvider
BCryptGenRandom
BCryptCloseAlgorithmProvider

ws2_32

shutdown
send
WSACleanup
WSAGetLastError
getaddrinfo
freeaddrinfo
__WSAFDIsSet
ioctlsocket
getpeername
recv
connect
WSASend
WSAAddressToStringW
getsockopt
ntohs
inet_pton
getsockname
WSASetLastError
WSAIoctl
accept
listen
gethostname
inet_ntoa
gethostbyaddr
gethostbyname
select
closesocket
getservbyname
getservbyport
bind
htonl
htons
inet_addr
recvfrom
sendto
setsockopt
socket
WSAStartup
inet_ntop

kernel32

CreateEventW
InitializeCriticalSectionAndSpinCount
IsProcessorFeaturePresent
TerminateProcess
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetStartupInfoW
GetCurrentProcess
IsDebuggerPresent
DisableThreadLibraryCalls
CreateWaitableTimerA
GetLogicalProcessorInformation
ResumeThread
SetWaitableTimer
OpenEventA
WaitForMultipleObjectsEx
ReleaseSemaphore
ResetEvent
AreFileApisANSI
MoveFileExW
CopyFileExW
CreateDirectoryExW
GetWindowsDirectoryW
DeviceIoControl
SetFileTime
SetFilePointerEx
SetFileAttributesW
SetEndOfFile
RemoveDirectoryW
GetFullPathNameW
GetFileTime
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesW
GetDiskFreeSpaceExW
FlushFileBuffers
DeleteFileW
CreateFileW
CreateDirectoryW
GetStdHandle
GetFileAttributesA
WriteFile
GetLastError
Sleep
GetCurrentProcessId
GetCurrentThreadId
GetDynamicTimeZoneInformation
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
FormatMessageW
WideCharToMultiByte
LocalFree
CreateEventA
SetEvent
CloseHandle
GetProcessHeap
HeapAlloc
HeapFree
QueryPerformanceCounter
QueryPerformanceFrequency
MultiByteToWideChar
FreeLibrary
GetModuleFileNameW
GetModuleHandleExA
GetProcAddress
LoadLibraryW
FileTimeToLocalFileTime
Wow64DisableWow64FsRedirection
GetModuleHandleA
LocalAlloc
FileTimeToSystemTime
InitOnceExecuteOnce
CreateMutexA
GetTickCount64
ReleaseMutex
WaitForSingleObject
CreateThread
ExitThread
FindClose
FindFirstFileA
FindNextFileA
SetLastError
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SleepEx
GetSystemDirectoryA
LoadLibraryA
GetTickCount
MoveFileExA
WaitForSingleObjectEx
CompareFileTime
GetSystemTimeAsFileTime
GetEnvironmentVariableA
VerSetConditionMask
VerifyVersionInfoA
GetSystemTime
SystemTimeToFileTime
GetModuleHandleExW
GetEnvironmentVariableW
SetConsoleMode
ReadConsoleA
ReadConsoleW
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
VirtualAlloc
VirtualProtect
VirtualFree
VirtualLock
SwitchToFiber
DeleteFiber
CreateFiberEx
FindFirstFileW
FindNextFileW
FormatMessageA
GetFileType
GetModuleHandleW
GetACP
ConvertFiberToThread
ConvertThreadToFiberEx
SetCurrentDirectoryW
GetCurrentDirectoryW

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW

msvcp140

_Cnd_timedwait
_Cnd_wait
_Cnd_init_in_situ
_Mtx_current_owns
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?do_length@?$codecvt@_WDU_Mbstatet@@@std@@MEBAHAEAU_Mbstatet@@PEBD1_K@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?id@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?get@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AEAVios_base@2@AEAHPEAUtm@@PEBD4@Z
?get@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?write@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?_Winerror_map@std@@YAHH@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
_Xtime_get_ticks
_Thrd_join
_Thrd_id
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock
_Cnd_destroy_in_situ
_Cnd_signal
?_Throw_C_error@std@@YAXH@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
?_Syserror_map@std@@YAPEBDH@Z
_Mbrtowc
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_W_Getdays@_Locinfo@std@@QEBAPEBGXZ
?_W_Getmonths@_Locinfo@std@@QEBAPEBGXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?id@?$numpunct@D@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
_Thrd_detach
_Cnd_do_broadcast_at_thread_exit
?always_noconv@codecvt_base@std@@QEBA_NXZ
?widen@?$ctype@D@std@@QEBADD@Z
?narrow@?$ctype@D@std@@QEBADDD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?exceptions@ios_base@std@@QEAAXH@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?read@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@PEAD_J@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@_JH@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
_Query_perf_counter
_Query_perf_frequency
?_Xinvalid_argument@std@@YAXPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?toupper@?$ctype@D@std@@QEBADD@Z
_Cnd_broadcast

wintrust

WTHelperProvDataFromStateData
WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain

vcruntime140

_purecall
__std_terminate
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memchr
memmove
memset
__std_type_info_name
wcsrchr
strstr
strchr
strrchr
wcsstr
__RTDynamicCast
__current_exception
__current_exception_context
__C_specific_handler
__std_type_info_destroy_list
memcpy
memcmp
__std_type_info_compare

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-time-l1-1-0

_localtime64
_gmtime64
__timezone
_localtime64_s
_ftime64
_mktime64
_time64
strftime
_utime64
_gmtime64_s

api-ms-win-crt-heap-l1-1-0

_callnewh
realloc
calloc
malloc
free

api-ms-win-crt-stdio-l1-1-0

_open
_close
_write
_read
fseek
ftell
_get_osfhandle
_get_stream_buffer_pointers
fgetc
feof
__stdio_common_vsnprintf_s
fgetpos
_fsopen
__stdio_common_vsscanf
fopen
fputc
fgets
_lseeki64
_fileno
fopen_s
fputs
__stdio_common_vswprintf_s
fsetpos
ferror
_setmode
clearerr
setbuf
setvbuf
__stdio_common_vfprintf
_wfopen
ungetc
_ftelli64
__stdio_common_vsprintf
_fseeki64
__stdio_common_vsprintf_s
freopen_s
__stdio_common_vswprintf
fclose
fread
__acrt_iob_func
fwrite
fflush

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_access
_fstat64i32
_rmdir
_stat64i32
_unlock_file
_chmod
_stat64
remove
_lock_file
_mkdir
rename
_unlink

api-ms-win-crt-runtime-l1-1-0

_exit
_initialize_onexit_table
_beginthreadex
raise
strerror
_initialize_narrow_environment
_execute_onexit_table
strerror_s
signal
_invalid_parameter_noinfo_noreturn
_errno
_crt_atexit
_crt_at_quick_exit
_register_onexit_function
_cexit
_configure_narrow_argv
_initterm
__sys_nerr
_seh_filter_dll
terminate
_initterm_e

api-ms-win-crt-math-l1-1-0

_dclass
_fdsign
_ldsign
_dsign
ceilf
_fdclass
powf
_ldclass

api-ms-win-crt-string-l1-1-0

strncpy_s
strcat_s
strcpy_s
strpbrk
strspn
strcspn
tolower
strtok
_strnicmp
strnlen
isdigit
strncpy
strncmp
strcmp
_strdup
isspace
isprint
wcscpy_s
wcsncpy_s
wcscat_s
isxdigit

api-ms-win-crt-locale-l1-1-0

setlocale
localeconv

api-ms-win-crt-convert-l1-1-0

strtod
atoi
wcstombs
strtoll
strtoull
strtof
strtoul
strtol

api-ms-win-crt-utility-l1-1-0

srand
qsort
rand

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-multibyte-l1-1-0

_mbspbrk

Exports

Exports

bambu_network_bind
bambu_network_build_login_cmd
bambu_network_build_login_info
bambu_network_build_logout_cmd
bambu_network_change_user
bambu_network_check_debug_consistent
bambu_network_check_user_report
bambu_network_check_user_task_report
bambu_network_connect_printer
bambu_network_connect_server
bambu_network_create_agent
bambu_network_del_rating_picture_oss
bambu_network_delete_setting
bambu_network_destroy_agent
bambu_network_disconnect_printer
bambu_network_get_bambulab_host
bambu_network_get_camera_url
bambu_network_get_design_staffpick
bambu_network_get_model_instance_id
bambu_network_get_model_mall_detail_url
bambu_network_get_model_mall_home_url
bambu_network_get_model_mall_rating
bambu_network_get_model_publish_url
bambu_network_get_model_rating_id
bambu_network_get_my_message
bambu_network_get_my_profile
bambu_network_get_oss_config
bambu_network_get_printer_firmware
bambu_network_get_setting_list
bambu_network_get_setting_list2
bambu_network_get_slice_info
bambu_network_get_studio_info_url
bambu_network_get_subtask
bambu_network_get_subtask_info
bambu_network_get_task_plate_index
bambu_network_get_user_avatar
bambu_network_get_user_id
bambu_network_get_user_info
bambu_network_get_user_name
bambu_network_get_user_nickanme
bambu_network_get_user_presets
bambu_network_get_user_print_info
bambu_network_get_user_selected_machine
bambu_network_get_version
bambu_network_init_log
bambu_network_is_server_connected
bambu_network_is_user_login
bambu_network_modify_printer_name
bambu_network_put_model_mall_rating
bambu_network_put_rating_picture_oss
bambu_network_put_setting
bambu_network_query_bind_status
bambu_network_refresh_connection
bambu_network_request_bind_ticket
bambu_network_request_setting_id
bambu_network_send_message
bambu_network_send_message_to_printer
bambu_network_set_cert_file
bambu_network_set_config_dir
bambu_network_set_country_code
bambu_network_set_extra_http_header
bambu_network_set_get_country_code_fn
bambu_network_set_on_http_error_fn
bambu_network_set_on_local_connect_fn
bambu_network_set_on_local_message_fn
bambu_network_set_on_message_fn
bambu_network_set_on_printer_connected_fn
bambu_network_set_on_server_connected_fn
bambu_network_set_on_ssdp_msg_fn
bambu_network_set_on_subscribe_failure_fn
bambu_network_set_on_user_login_fn
bambu_network_set_queue_on_main_fn
bambu_network_set_user_selected_machine
bambu_network_start
bambu_network_start_discovery
bambu_network_start_local_print
bambu_network_start_local_print_with_record
bambu_network_start_print
bambu_network_start_publish
bambu_network_start_send_gcode_to_sdcard
bambu_network_start_subscribe
bambu_network_stop_subscribe
bambu_network_track_enable
bambu_network_track_event
bambu_network_track_get_property
bambu_network_track_header
bambu_network_track_update_property
bambu_network_unbind
bambu_network_user_logout

Sections

.text
Size: 4.2MB - Virtual size: 4.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 606KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 237KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
live555.dll
.dll windows:6 windows x64 arch:x64

658197cee164303a76ab33eb3f0d0314

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19/09/2018, 00:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28/07/2020, 00:00

Not After

18/03/2029, 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28/07/2020, 00:00

Not After

28/07/2030, 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:20:92:95:a5:4b:18:84:66:ad:74:78
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

26/12/2022, 08:11

Not After

10/02/2026, 10:12

Subject

SERIALNUMBER=91440300MA5GFQKC9F,CN=Shenzhen Tuozhu Technology Co.\, Ltd.,O=Shenzhen Tuozhu Technology Co.\, Ltd.,STREET=前海深港合作区前湾一路1号A栋201室（入驻深圳市前海商务秘书有限公司）,L=Shenzhen,ST=Guangdong,C=CN,1.3.6.1.4.1.311.60.2.1.1=#13085348454e5a48454e,1.3.6.1.4.1.311.60.2.1.2=#13094755414e47444f4e47,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

06/04/2022, 07:44

Not After

08/05/2033, 07:44

Subject

CN=Globalsign TSA for Advanced - G4,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20/06/2018, 00:00

Not After

10/12/2034, 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

20/02/2019, 00:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:00:00:00:00:01:21:58:53:08:a2
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

18/03/2009, 10:00

Not After

18/03/2029, 10:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2c:c2:82:57:17:b8:61:71:e5:78:2b:37:04:da:82:a8:30:d4:10:dc:e9:c1:6c:c8:bf:19:66:53:a8:16:27:d0
Signer

Actual PE Digest

2c:c2:82:57:17:b8:61:71:e5:78:2b:37:04:da:82:a8:30:d4:10:dc:e9:c1:6c:c8:bf:19:66:53:a8:16:27:d0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\bambu-studio\release_networking\player\build\Release\live555.pdb

Imports

ws2_32

shutdown
getservbyname
getservbyport
gethostbyaddr
closesocket
select
inet_ntoa
inet_addr
gethostbyname
WSASetLastError
recv
connect
send
listen
accept
WSACleanup
WSAStartup
inet_ntop
inet_pton
freeaddrinfo
getaddrinfo
htons
gethostname
setsockopt
sendto
__WSAFDIsSet
recvfrom
socket
WSAGetLastError
ntohs
bind
ioctlsocket
getsockname
getsockopt
htonl
ntohl

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
InitializeSListHead
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
GetStartupInfoW
SystemTimeToFileTime
GetSystemTime
ReadConsoleW
ReadConsoleA
SetConsoleMode
GetConsoleMode
FindNextFileW
FindFirstFileW
FindClose
LoadLibraryA
FreeLibrary
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetACP
WideCharToMultiByte
GetEnvironmentVariableW
VirtualLock
VirtualFree
VirtualProtect
VirtualAlloc
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetLastError
SetLastError
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStdHandle
GetFileType
WriteFile
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
GetSystemInfo

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

advapi32

DeregisterEventSource
ReportEventW
RegisterEventSourceW

msvcp140

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Mtx_destroy_in_situ
_Mtx_init_in_situ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?_Xlength_error@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ

bcrypt

BCryptGenRandom

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
__current_exception_context
__C_specific_handler
memchr
memcmp
wcsstr
strrchr
__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
__std_exception_copy
strstr
strchr
__std_terminate
memset
memmove
_purecall
memcpy

api-ms-win-crt-runtime-l1-1-0

_initterm
terminate
signal
_initterm_e
_seh_filter_dll
_initialize_narrow_environment
exit
_invalid_parameter_noinfo_noreturn
_initialize_onexit_table
_cexit
_register_onexit_function
perror
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
abort
strerror_s
_errno
_exit
_configure_narrow_argv
raise

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
fgets
fseek
ftell
setvbuf
putc
fwrite
fclose
fgetc
__stdio_common_vfprintf
__acrt_iob_func
fflush
fputs
rewind
fread
__stdio_common_vsprintf_s
_wfopen
clearerr
__stdio_common_vsprintf
_fileno
ferror
__stdio_common_vsscanf
fopen
_telli64
_lseeki64
_setmode
feof

api-ms-win-crt-string-l1-1-0

strcat_s
strcpy_s
isspace
_strdup
isxdigit
_strnicmp
strncpy_s
strcspn
strcmp
toupper
isdigit
tolower
strncpy
strncmp
strspn

api-ms-win-crt-time-l1-1-0

strftime
_ftime64
_ctime64
_gmtime64_s
_time64
_gmtime64

api-ms-win-crt-filesystem-l1-1-0

_stat64i32

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-convert-l1-1-0

strtol
strtoul
atoi

api-ms-win-crt-heap-l1-1-0

calloc
free
_callnewh
realloc
malloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

Live555Tunnel_Close
Live555Tunnel_Create
Live555Tunnel_Destroy
Live555Tunnel_FreeBuffer
Live555Tunnel_GetLastError
Live555Tunnel_GetLastErrorMsg
Live555Tunnel_Loop
Live555Tunnel_Open
Live555Tunnel_SetBlockCallback
Live555Tunnel_SetLogger

Sections

.text
Size: 2.8MB - Virtual size: 2.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 193KB - Virtual size: 193KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

53a7d39356f2b5c0e55c09522e8cd073

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

0b:20:92:95:a5:4b:18:84:66:ad:74:78Certificate

Extended Key Usages

Key Usages

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1dCertificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fcCertificate

Key Usages

04:00:00:00:00:01:21:58:53:08:a2Certificate

Key Usages

47:bf:c8:ad:98:49:24:30:61:8b:34:c7:21:98:a6:29:43:66:81:7a:89:c2:c4:7a:3e:92:61:36:1e:ed:36:01Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

crypt32

wldap32

winmm

kernel32

user32

ole32

oleaut32

advapi32

msvcp140

ws2_32

iphlpapi

bcrypt

vcruntime140_1

vcruntime140

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-locale-l1-1-0

Exports

Exports

Sections

.text Size: 3.5MB - Virtual size: 3.5MB

.rdata Size: 1.2MB - Virtual size: 1.2MB

.data Size: 160KB - Virtual size: 4.2MB

.pdata Size: 214KB - Virtual size: 214KB

.rsrc Size: 97KB - Virtual size: 97KB

.reloc Size: 44KB - Virtual size: 44KB

b692dec6c0d1e3c638869776ce0ba2d9

Code Sign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

0b:20:92:95:a5:4b:18:84:66:ad:74:78Certificate

Extended Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

0b:20:92:95:a5:4b:18:84:66:ad:74:78
Certificate

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

47:bf:c8:ad:98:49:24:30:61:8b:34:c7:21:98:a6:29:43:66:81:7a:89:c2:c4:7a:3e:92:61:36:1e:ed:36:01
Signer

.text
Size: 3.5MB - Virtual size: 3.5MB

.rdata
Size: 1.2MB - Virtual size: 1.2MB

.data
Size: 160KB - Virtual size: 4.2MB

.pdata
Size: 214KB - Virtual size: 214KB

.rsrc
Size: 97KB - Virtual size: 97KB

.reloc
Size: 44KB - Virtual size: 44KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

0b:20:92:95:a5:4b:18:84:66:ad:74:78
Certificate

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate

24:28:0f:13:55:99:8e:c7:fc:e6:26:87:7e:ed:61:c8:e6:a7:bf:b5:cc:e6:03:1e:90:ee:70:e0:93:69:65:3a
Signer

.text
Size: 4.2MB - Virtual size: 4.2MB

.rdata
Size: 1.3MB - Virtual size: 1.3MB

.data
Size: 88KB - Virtual size: 606KB

.pdata
Size: 237KB - Virtual size: 237KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 44KB - Virtual size: 43KB

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

0b:20:92:95:a5:4b:18:84:66:ad:74:78
Certificate

01:c2:9c:7a:f4:7a:a6:02:58:0e:af:32:b1:23:b1:1d
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

01:f2:40:42:40:ce:fd:22:db:e9:6c:71:fc
Certificate

04:00:00:00:00:01:21:58:53:08:a2
Certificate