Adobe XD 49[.]0[.]12 (x64) Multilingual[.]iso

Sharing

Copy URL Twitter E-mail

General

Target

Adobe XD 49.0.12 (x64) Multilingual.iso
Size

365.3MB
MD5

afa2819f8c2cec9d5a6f18892f7ea6bd
SHA1

ebe1afb92dd507b56bdb66fa483dca1425b8890d
SHA256

0f46627489a9ca4b1ca639e10d8bf90270de6258a8c93ddf32ad8c9090a45c33
SHA512

e506458c465a497371c7efcc41aa3d0bb849d38d3a84e246afb973c6d829e2565c00c44d57adf4a753f333a04e254ace555d58c8ed0eaf41827821006624bb47
SSDEEP

6291456:otdDGTprEGURf4hsIKjvJBNM3gbgnqCm4lUnBIyB7YTC4ZyeZRREMWH6JRMybLEV:otdDkprEFyGIK2GgnqfwC4ZHfP82RFPv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack009/1/SupportAssets/XD_sp.exe

Files

Adobe XD 49.0.12 (x64) Multilingual.iso
.iso
out.iso
.iso
.DS_Store
Set-up.exe
.exe windows:5 windows x86 arch:x86

26d1142062053486e607ffede8dd675c

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f7:6e:43:21:65:de:2c:31:59:69:12:b6:b7:08:7f:d3:6d:8f:a3:c7:d6:0c:47:55:1f:e6:a0:57:20:da:d4:43
Signer

Actual PE Digest

f7:6e:43:21:65:de:2c:31:59:69:12:b6:b7:08:7f:d3:6d:8f:a3:c7:d6:0c:47:55:1f:e6:a0:57:20:da:d4:43

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Set-up.pdb

Imports

comctl32

InitCommonControlsEx

shlwapi

PathIsUNCW
PathIsRelativeW
PathRemoveBackslashW
PathIsNetworkPathW
PathStripPathW
UrlIsW
SHGetValueW
UrlEscapeW
PathFindFileNameW
PathRemoveFileSpecW
PathRemoveExtensionW
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW
PathAppendW
PathIsDirectoryW
PathRenameExtensionW
PathIsSystemFolderW
PathFileExistsA
PathAddBackslashW
PathIsRootW
PathStripToRootW

shell32

SHCreateDirectoryExW
ord51
SHGetKnownFolderPath
ShellExecuteW
ShellExecuteExW
SHGetSpecialFolderLocation
SHBrowseForFolderW
ord680
SHGetMalloc
SHGetFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW
SHGetSpecialFolderPathW
CommandLineToArgvW

kernel32

FindNextFileW
WaitForMultipleObjects
CreateFileW
CreateEventW
SetEvent
ResetEvent
GetOverlappedResult
ReadDirectoryChangesW
MultiByteToWideChar
WideCharToMultiByte
GetFileSizeEx
FindClose
GetFileAttributesW
SetFileAttributesW
DeleteFileW
GetLocalTime
GetTimeFormatW
GetDateFormatW
GetCurrentProcess
DeviceIoControl
GetTempPathW
GetVersionExW
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
RaiseException
LoadLibraryW
GetProcAddress
CreateProcessW
GetModuleHandleW
FreeLibrary
InitializeCriticalSectionEx
DecodePointer
MulDiv
GetModuleFileNameW
TerminateProcess
RemoveDirectoryW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CopyFileW
GetExitCodeProcess
ReadFile
SetLastError
lstrlenW
LocalAlloc
GetDiskFreeSpaceExW
GetCurrentDirectoryW
SetCurrentDirectoryW
MoveFileExW
GetFileSize
lstrcpyW
lstrcmpiW
lstrcmpW
GetDriveTypeW
GetFullPathNameW
HeapSize
HeapReAlloc
HeapDestroy
GlobalAlloc
GlobalLock
GlobalUnlock
GetSystemDirectoryW
SetDllDirectoryW
GetStdHandle
AttachConsole
FreeConsole
GetConsoleWindow
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
LeaveCriticalSection
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
CreateFileMappingA
LockFileEx
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SizeofResource
LockResource
LoadResource
FindResourceW
GlobalFree
VerSetConditionMask
FindFirstFileW
GetUserDefaultLCID
LCMapStringW
DuplicateHandle
ProcessIdToSessionId
TerminateThread
CreateThread
FindResourceExW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultUILanguage
SetNamedPipeHandleState
CreateNamedPipeW
ConnectNamedPipe
CreateDirectoryW
ReleaseSemaphore
OpenSemaphoreW
CreateSemaphoreW
GetTimeZoneInformation
VirtualFree
VirtualAlloc
QueryPerformanceFrequency
GetCurrentThread
SetFilePointerEx
ResumeThread
SetThreadPriority
EnterCriticalSection
CompareStringW
GetCPInfo
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetExitCodeThread
SwitchToThread
GetModuleHandleExW
QueueUserWorkItem
IsProcessorFeaturePresent
LoadLibraryExA
VirtualQuery
VirtualProtect
GetCurrentProcessId
GetCurrentThreadId
OpenMutexW
CloseHandle
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetProcessHeap
HeapAlloc
HeapFree
LocalFree
GetLastError
FormatMessageW
GetLocaleInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedPopEntrySList
InterlockedPushEntrySList
FlushInstructionCache
CreateTimerQueue
SignalObjectAndWait
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
DeleteCriticalSection
RegisterWaitForSingleObject
UnregisterWait
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
SetStdHandle
WriteConsoleW
ExitProcess
GetConsoleCP
GetConsoleMode
IsValidLocale
EnumSystemLocalesW
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetACP
VerifyVersionInfoW
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSection
SetEnvironmentVariableW
GetFullPathNameA

user32

CharNextW
BringWindowToTop
TranslateAcceleratorW
GetClassNameW
SetCapture
GetDlgItem
GetParent
RegisterWindowMessageW
ReleaseCapture
SetForegroundWindow
InvalidateRect
GetForegroundWindow
GetSysColor
AttachThreadInput
IsChild
DestroyAcceleratorTable
ClientToScreen
RedrawWindow
InvalidateRgn
IsWindow
SetFocus
ScreenToClient
FillRect
GetFocus
GetWindow
IsIconic
BeginPaint
EndPaint
GetWindowTextW
GetSystemMetrics
GetMessageW
DefWindowProcW
GetWindowLongW
DestroyWindow
SetWindowPos
CreateWindowExW
SendMessageW
RegisterClassExW
GetActiveWindow
DispatchMessageW
CreateAcceleratorTableW
SetWindowTextW
CallWindowProcW
GetWindowTextLengthW
GetWindowThreadProcessId
wsprintfW
PostThreadMessageW
TranslateMessage
LoadCursorW
SetWindowLongW
PostQuitMessage
GetDesktopWindow
GetClassInfoExW
GetDC
MessageBoxW
ShowWindow
GetAsyncKeyState
ReleaseDC
PostMessageW
UnregisterClassW
GetClientRect
EnumWindows
MoveWindow
GetShellWindow
LoadImageW
SystemParametersInfoW
EnableMenuItem
LoadIconW
GetSystemMenu
GetClassLongW
AppendMenuW
SetClassLongW
GetWindowRect

gdi32

DeleteDC
GetObjectW
DeleteObject
CreateSolidBrush
GetDeviceCaps
SelectObject
CreateCompatibleBitmap
GetStockObject
BitBlt
CreateCompatibleDC

advapi32

SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetTokenInformation
CreateWellKnownSid
LookupPrivilegeValueW
OpenProcessToken
RegFlushKey
RegCloseKey
RegDeleteKeyExW
RegCreateKeyExW
RegSetValueExW
LookupAccountSidW
RegOpenKeyExW
RegEnumValueW
EqualSid
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
DuplicateTokenEx
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegQueryValueExW
GetUserNameW
CredWriteW
CredReadW
CredDeleteW
CredFree
CredEnumerateW
AdjustTokenPrivileges

ole32

CoCreateGuid
CoAddRefServerProcess
OleRun
CoUninitialize
CoInitialize
CLSIDFromString
CreateStreamOnHGlobal
CLSIDFromProgID
CoGetClassObject
CoCreateInstance
StringFromGUID2
OleInitialize
OleUninitialize
OleLockRunning
CoTaskMemAlloc
CoTaskMemFree
CoReleaseServerProcess

oleaut32

VariantChangeType
SysAllocStringLen
SysStringLen
SysFreeString
VariantInit
SysAllocString
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
SysAllocStringByteLen
VariantCopy
SysStringByteLen
DispCallFunc
GetErrorInfo
VariantClear

bcrypt

BCryptCloseAlgorithmProvider
BCryptVerifySignature
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptDecrypt
BCryptDestroyKey
BCryptEncrypt
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptCreateHash
BCryptHashData
BCryptFinishHash
BCryptGetProperty

crypt32

CertGetIssuerCertificateFromStore
CertGetNameStringW
CryptProtectData
CryptUnprotectData
CryptStringToBinaryW
CertOpenStore
CertFindCertificateInStore
CertFreeCertificateContext
CertCreateCertificateContext
CryptHashCertificate2
CryptImportPublicKeyInfoEx2
CertVerifySubjectCertificateContext
CertAddCertificateContextToStore
CertCloseStore

secur32

GetUserNameExW

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperGetProvSignerFromChain

Sections

.text
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 907KB - Virtual size: 906KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/.DS_Store
packages/AAM/IPC/IPC.pima
.zip
AdobeIPCBroker.exe
.exe windows:6 windows x86 arch:x86

b78757e60c78fbd8d0549e7a1e0d29a1

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/10/2018, 00:00

Not After

03/11/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43
Signer

Actual PE Digest

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdobeIPCBroker.pdb

Imports

ws2_32

htonl
getsockopt
ioctlsocket
connect
closesocket
listen
getsockname
bind
WSAGetLastError
WSASetLastError
WSAStartup
getservbyname
getservbyport
gethostbyname
gethostbyaddr
socket
send
select
recv
ntohs
inet_ntoa
inet_addr
htons
__WSAFDIsSet

kernel32

GetModuleFileNameW
EnterCriticalSection
LeaveCriticalSection
GetLastError
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreW
FindFirstFileW
FindNextFileW
InitializeCriticalSectionEx
FindClose
RaiseException
DecodePointer
ReleaseMutex
CreateMutexA
Sleep
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetVersionExA
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
CreateMutexW
FreeLibrary
CreateProcessW
GetProcAddress
CloseHandle
LoadLibraryA
MultiByteToWideChar
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
InitializeCriticalSection
GetThreadPriority
HeapSize
HeapFree
WriteConsoleW
GetProcessHeap
SetEnvironmentVariableA
GetOEMCP
IsValidCodePage
FindNextFileA
SwitchToThread
FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentVariableW
GetCurrentProcessId
ReadFile
WriteFile
ConnectNamedPipe
GetOverlappedResult
OpenProcess
QueryFullProcessImageNameW
GetNamedPipeServerProcessId
GetLocalTime
GetCurrentThread
GetTickCount
GetEnvironmentStringsW
SetStdHandle
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateFileW
FlushFileBuffers
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
SetEndOfFile
SetFilePointerEx
UnlockFile
GetTempPathW
DuplicateHandle
PeekNamedPipe
CreateNamedPipeW
SetEvent
ResetEvent
CreateEventW
GetCurrentProcess
SetThreadPriority
HeapReAlloc
VirtualAlloc
VirtualFree
GetModuleHandleExW
LoadLibraryExW
WaitForMultipleObjects
GetNamedPipeInfo
LocalAlloc
LocalReAlloc
LocalFree
FormatMessageW
LCMapStringW
SetFilePointer
RtlCaptureStackBackTrace
TerminateProcess
GlobalAlloc
GlobalFree
GetSystemTimeAsFileTime
WaitForSingleObjectEx
GetModuleHandleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
QueryPerformanceCounter
IsDebuggerPresent
GetStartupInfoW
WideCharToMultiByte
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CompareStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedPushEntrySList
GetDriveTypeW
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
CreateThread
ExitThread
FreeLibraryAndExitThread
GetTimeZoneInformation
ExitProcess
GetCommandLineA
GetACP
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetFullPathNameA
HeapAlloc
FindFirstFileExA

user32

SetWindowLongW
RegisterClassW
CreateWindowExW
SetTimer
KillTimer
TranslateMessage
DispatchMessageW
PostMessageW
PostQuitMessage
DestroyWindow
MsgWaitForMultipleObjectsEx
GetWindowLongW
GetShellWindow
EnumWindows
GetWindowThreadProcessId
DefWindowProcW
PeekMessageW

advapi32

GetUserNameW
RegCloseKey
CreateProcessWithTokenW
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExW
RegQueryValueExW

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
OleRun
CoUninitialize

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

shell32

ShellExecuteExW
SHCreateDirectoryExW
CommandLineToArgvW

Sections

.text
Size: 748KB - Virtual size: 747KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 596B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/AdobeIPCBrokerCustomHook.exe
.exe windows:6 windows x86 arch:x86

85aa1a3ec9a324deb93be1db280c6b57

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

26/10/2018, 00:00

Not After

03/11/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Systems Incorporated,OU=Adobe Systems,O=Adobe Systems Incorporated,L=San Jose,ST=California,C=US,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

Issuer

CN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

12/01/2016, 00:00

Not After

11/01/2031, 23:59

Subject

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

Issuer

CN=Symantec SHA256 TimeStamping CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

02/01/2017, 00:00

Not After

01/04/2028, 23:59

Subject

CN=Symantec SHA256 TimeStamping Signer - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54
Signer

Actual PE Digest

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdobeIPCBrokerCustomHook.pdb

Imports

shlwapi

PathAppendW

kernel32

RaiseException
HeapSize
TerminateProcess
GetTempPathW
OpenProcess
CreateToolhelp32Snapshot
Sleep
Process32NextW
Process32FirstW
CloseHandle
CreateFileW
ReadConsoleW
WriteConsoleW
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
RtlUnwind
SetEndOfFile
GetLastError
FreeLibrary
LoadLibraryExW
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
WriteFile
GetCommandLineA
GetCommandLineW
GetACP
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadFile
SetFilePointerEx
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle

user32

FindWindowExW
PostMessageW

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/AAM/IPC/IPC.pimx
packages/AAM/IPC/IPC.sig
.xml
packages/ADC/Core/Core.pima
.zip
AdobePIM.dll
.dll windows:5 windows x86 arch:x86

bad4069efbb0fea858e33d102d409210

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93
Signer

Actual PE Digest

ec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCCore\build\x64\main\ccd-core\build\msvs_win32\Release\x86\sym\PIM\PIM\AdobePIM.pdb

Imports

kernel32

GetCurrentProcessId
CreateSemaphoreW
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
ReleaseSemaphore
MultiByteToWideChar
GetTempPathW
CreateDirectoryW
GetDateFormatW
GetTimeFormatW
GetLocalTime
GetCommandLineW
GetExitCodeProcess
lstrcmpW
lstrcmpiW
CopyFileW
CreateProcessW
LocalFree
ResetEvent
CreateThread
CloseHandle
OpenSemaphoreW
Process32FirstW
GetDiskFreeSpaceExW
ReleaseMutex
SetEvent
Process32NextW
Sleep
CreateEventW
CreateToolhelp32Snapshot
SetFileAttributesW
OpenProcess
GetVersionExW
LocalAlloc
WaitForSingleObject
FindClose
RemoveDirectoryW
TerminateProcess
FindNextFileW
FindFirstFileW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
EnumSystemLocalesW
IsValidLocale
ExitProcess
GetTimeZoneInformation
GetModuleHandleExW
ExitThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
FreeLibraryAndExitThread
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
QueryPerformanceFrequency
GetLocaleInfoW
CompareStringW
InitializeCriticalSectionEx
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetExitCodeThread
SwitchToThread
GetStringTypeW
GetCurrentProcess
GetFileSizeEx
lstrlenW
GetACP
SetFilePointerEx
GlobalFree
ResumeThread
TerminateThread
SetThreadPriority
GetCurrentThread
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
FindResourceW
MoveFileExW
GlobalAlloc
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetLastError
DuplicateHandle
ProcessIdToSessionId
FindResourceExW
lstrcpyW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultLCID
LCMapStringW
FileTimeToSystemTime
OpenMutexW
VirtualFree
VirtualAlloc
GetUserDefaultUILanguage

user32

wsprintfW
GetWindowThreadProcessId
GetShellWindow
EnumWindows

advapi32

CryptAcquireContextW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupAccountSidW
CreateWellKnownSid
EqualSid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
SetSecurityDescriptorDacl
RegCloseKey
RegDeleteKeyExW
AllocateAndInitializeSid
SetEntriesInAclW
RegCreateKeyExW
RegSetValueExW
FreeSid
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash

shell32

SHGetKnownFolderPath
ord680
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteExW
SHCreateDirectoryExW
SHCreateItemFromParsingName
SHGetSpecialFolderPathW
CommandLineToArgvW
ord51

ole32

OleRun
CLSIDFromProgID
StringFromGUID2
CoCreateGuid
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitializeEx
CoInitialize
CLSIDFromString
CoTaskMemFree

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantClear
GetErrorInfo
VariantCopy
SysStringLen
VariantChangeType

msi

ord145
ord74
ord147

winhttp

WinHttpSendRequest
WinHttpSetCredentials
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpOpen
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpReadData
WinHttpSetTimeouts

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcessModules

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

shlwapi

PathFileExistsW
PathIsDirectoryW
PathRenameExtensionW
PathAppendW
PathRemoveBackslashW
PathStripPathW
PathAppendA
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
PathIsRootW
PathIsSystemFolderW
PathIsDirectoryEmptyW
PathIsDirectoryA
PathRemoveFileSpecA
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain

bcrypt

BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData

Exports

Exports

AAMIU_Uninstall
AAMIU_getDeploymentValidationStatus
AAMIU_preInstallPropertySet
pim_createLibraryRef
pim_freeLibraryRef
pim_freeLiraryRef
pim_freeString
pim_getAppletAndPackageInfo
pim_getAppletRegistrationInfo
pim_getAppletRelationshipInfo
pim_getCurrentCCVersion
pim_getCurrentPackagesVersion
pim_getInstallStatus
pim_getInstalledPackagesInfo
pim_launchACCCUninstallerExecutableAsAdmin
pim_selfUpdateCheck
pim_selfUpdateCheckWithData
pim_selfUpdateCheckWithDataV2
pim_startWorkflow
pim_startWorkflowWithData
pim_syncFromPathToACF
pim_syncFromPathToPath
pim_syncUSFToACF
pim_uninstallAAMFromAAMCleanerTool
pim_uninstallAAMUsingAAMCleanerTool
pim_uninstallACCC64FromACCCCleanerTool
pim_uninstallACCCFromACCCCleanerTool
pim_uninstallADC64UsingADCCleanerTool
pim_uninstallADCUsingADCCleanerTool

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Core.dll
.dll windows:5 windows x86 arch:x86

04e432f5160fb7636a27371c9f8ba2fe

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

27:c3:9d:9f:07:59:71:d1:b9:c5:41:17:3d:c5:40:f8:18:55:ab:a4:a0:14:17:ad:29:f9:06:ff:60:3f:a6:e3
Signer

Actual PE Digest

27:c3:9d:9f:07:59:71:d1:b9:c5:41:17:3d:c5:40:f8:18:55:ab:a4:a0:14:17:ad:29:f9:06:ff:60:3f:a6:e3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCCore\build\x64\main\ccd-core\build\msvs_win32\Release\x86\sym\Core\Core\Core.pdb

Imports

kernel32

WaitNamedPipeW
ConnectNamedPipe
Sleep
DisconnectNamedPipe
CreateFileW
CreateNamedPipeW
WriteFile
ReadFile
DeleteCriticalSection
GetThreadId
DecodePointer
CreateThread
RaiseException
CloseHandle
GetLastError
GetCurrentThreadId
WaitForSingleObject
InitializeCriticalSectionEx
WriteConsoleW
SetEndOfFile
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
EnumSystemLocalesW
IsValidLocale
ExitProcess
GetTimeZoneInformation
GetModuleHandleExW
ExitThread
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryW
GetProcAddress
FreeLibrary
FindFirstFileW
FindNextFileW
GetModuleFileNameW
GetTempPathW
FindClose
GetFileAttributesW
SetFileAttributesW
DeleteFileW
LocalFree
MoveFileExW
lstrcmpW
FlushFileBuffers
ReleaseSemaphore
CreateMutexW
ReleaseMutex
MultiByteToWideChar
WideCharToMultiByte
SetFilePointer
HeapFree
SetLastError
GetCurrentProcess
TerminateProcess
DuplicateHandle
OpenProcess
HeapSize
CreateToolhelp32Snapshot
CreateEventW
Process32NextW
SetEvent
TerminateThread
Process32FirstW
HeapReAlloc
ResetEvent
HeapAlloc
GetCurrentProcessId
GetProcessHeap
CreateProcessW
GetModuleHandleW
lstrcpyW
GetThreadTimes
QueryFullProcessImageNameW
GetVersionExW
VerSetConditionMask
VerifyVersionInfoW
GetUserDefaultLCID
LCMapStringW
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
OpenMutexW
GetUserDefaultLangID
GetUserDefaultUILanguage
TryEnterCriticalSection
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
GetStringTypeW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
QueryPerformanceCounter
EncodePointer
CompareStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
FreeLibraryAndExitThread
GetModuleHandleA
LoadLibraryExW
VirtualAlloc
VirtualProtect
VirtualFree

user32

LoadCursorW
SetCursor
GetMessageW
CreateDialogParamW
PostMessageW
SendMessageW
ShowWindow
DispatchMessageW
TranslateMessage
PostThreadMessageW

advapi32

AdjustTokenPrivileges
GetTokenInformation
GetUserNameW
ConvertSidToStringSidW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
LookupPrivilegeValueW
LookupAccountSidW
OpenProcessToken

shell32

SHCreateDirectoryExW
ShellExecuteW
SHGetSpecialFolderPathW
ord51

ole32

CoUninitialize
StringFromGUID2
CoInitialize
CoCreateGuid
CoCreateInstance

wtsapi32

WTSUnRegisterSessionNotification
WTSRegisterSessionNotification

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathIsDirectoryW
PathRemoveExtensionW
PathAddExtensionW
PathAppendW
PathFileExistsW
PathRemoveFileSpecW
PathRenameExtensionW

oleaut32

VariantClear

Exports

Exports

finalize
initialize
processMessage

Sections

.text
Size: 606KB - Virtual size: 605KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 161KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/ADC/Core/Core.pimx
packages/ADC/Core/Core.sig
.xml
packages/ADC/HDBox/HDBox.pima
.zip
Adobe Update Helper.exe
.exe windows:5 windows x86 arch:x86

afc76a8e8265f1b8dc2d9dde4c6006a3

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1f:92:1d:f1:15:1e:24:4c:ba:dc:19:1f:92:e3:f6:fe:77:47:41:f5:2e:a4:fd:67:7a:16:ec:d4:a8:fc:9c:96
Signer

Actual PE Digest

1f:92:1d:f1:15:1e:24:4c:ba:dc:19:1f:92:e3:f6:fe:77:47:41:f5:2e:a4:fd:67:7a:16:ec:d4:a8:fc:9c:96

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\UpdateURIHandler\UpdateURIHandler\Adobe Update Helper.pdb

Imports

kernel32

lstrcmpW
GetCurrentProcess
WaitForSingleObject
GetProcAddress
CreateProcessW
GetModuleHandleW
GetVersionExW
GetFileSize
UnmapViewOfFile
CreateFileA
CreateFileMappingW
MapViewOfFile
Sleep
GetUserDefaultLCID
LoadLibraryA
LCMapStringW
FreeLibrary
MoveFileExW
LocalFree
CloseHandle
DeleteFileW
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
FindClose
GetTempPathW
GetModuleFileNameW
RemoveDirectoryW
FindNextFileW
SetLastError
FindFirstFileW
ReadFile
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
WriteConsoleW
GetConsoleCP
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetCommandLineW
GetCommandLineA
ExitProcess
GetStdHandle
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetTimeZoneInformation
GetFileType
LoadLibraryExW
RtlUnwind
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetLocaleInfoW
CompareStringW
SizeofResource
GetFullPathNameW
WriteFile
LockResource
LoadResource
FindResourceW
FlushFileBuffers
GetUserDefaultLangID
GetUserDefaultUILanguage
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
SetFilePointer
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
HeapFree
TerminateProcess
OpenProcess
HeapSize
CreateEventW
SetEvent
GlobalAlloc
GlobalFree
HeapReAlloc
CreateThread
ResetEvent
HeapAlloc
HeapDestroy
GetProcessHeap
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryW
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
SetEndOfFile
UnlockFileEx
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
WaitForSingleObjectEx
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
QueryPerformanceCounter
GetTickCount
GetStringTypeW
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer

user32

GetWindowThreadProcessId
AllowSetForegroundWindow
GetShellWindow
MessageBoxW
EnumWindows

advapi32

EqualSid
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
DuplicateTokenEx
FreeSid
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

SHCreateDirectoryExW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetSpecialFolderPathW
SHGetFolderLocation

ole32

CoCreateInstance
StringFromGUID2
CLSIDFromProgID
OleRun
CoCreateGuid
CoTaskMemFree
CoInitialize
CLSIDFromString
CoUninitialize

oleaut32

SysStringLen
SysFreeString
SysAllocString
GetErrorInfo
VariantClear

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

wininet

InternetCanonicalizeUrlW

shlwapi

PathIsSystemFolderW
PathIsDirectoryW
PathFindFileNameW
PathFileExistsW
PathIsRootW
PathAppendW
PathRenameExtensionW
PathRemoveFileSpecW
PathFileExistsA
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW

Sections

.text
Size: 972KB - Virtual size: 972KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRClient.dll
.dll windows:6 windows x86 arch:x86

e85acdc65f4a1f62f6ed3dfa469bd2cf

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

fc:2e:89:cc:38:15:aa:ac:27:c6:a1:e6:8a:26:35:84:61:93:56:85:08:72:40:1e:e6:b1:49:3b:ba:99:95:ee
Signer

Actual PE Digest

fc:2e:89:cc:38:15:aa:ac:27:c6:a1:e6:8a:26:35:84:61:93:56:85:08:72:40:1e:e6:b1:49:3b:ba:99:95:ee

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\Win32\Release\CRClient.pdb

Imports

dbghelp

StackWalk64
SymGetModuleBase64
SymFunctionTableAccess64
SymInitialize
SymGetModuleInfo64
SymFromAddr

kernel32

GetCurrentProcess
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
FindResourceExW
GetModuleHandleW
CloseHandle
CreateThread
WaitForSingleObject
GetModuleFileNameW
FreeLibrary
ReadFile
GetCurrentThreadId
ReadProcessMemory
TerminateProcess
GetCurrentProcessId
TerminateThread
OpenThread
GetThreadId
GetProcessId
K32GetModuleFileNameExW
SuspendThread
GetThreadContext
ResumeThread
VirtualProtect
LocaleNameToLCID
WerRegisterRuntimeExceptionModule
WerUnregisterRuntimeExceptionModule
WideCharToMultiByte
VerSetConditionMask
VerifyVersionInfoW
CreateProcessW
CreateNamedPipeW
WriteFile
FlushFileBuffers
DisconnectNamedPipe
CreateFileW
GetFileAttributesExW
CreateEventW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WaitForSingleObjectEx
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LoadLibraryW
GetProcAddress
DeleteCriticalSection
InitializeCriticalSectionEx
WriteProcessMemory
GetLastError
RaiseException
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
ConnectNamedPipe
IsDebuggerPresent

user32

IsHungAppWindow
DisableProcessWindowsGhosting
MessageBoxW
GetWindowTextW
GetWindowTextLengthW
ReleaseDC
DrawIconEx
GetSysColor
GetDC
SetFocus
GetDlgCtrlID
IsDlgButtonChecked
PostMessageW
ShowWindow
GetSystemMenu
EnableMenuItem
EnableWindow
CheckDlgButton
IsWindowVisible
EndDialog
GetWindow
SetWindowTextW
SetDlgItemTextW
SetWindowPos
OffsetRect
CopyRect
GetDesktopWindow
GetKeyState
GetDlgItem
GetWindowLongW
GetParent
SetCursor
LoadCursorW
ReleaseCapture
PtInRect
ClientToScreen
GetWindowRect
SetCapture
InvalidateRect
GetCapture
SendMessageW
SetWindowLongW
CallWindowProcW
GetWindowThreadProcessId
EnumWindows
GetSysColorBrush
SetPropW
RemovePropW
DialogBoxIndirectParamW
GetPropW

gdi32

DeleteDC
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetBkMode
CreateFontIndirectW
GetObjectW
SetTextColor
DeleteObject

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHGetKnownFolderPath
SHCreateDirectoryExW
ord6

ole32

CoTaskMemFree
CoCreateGuid

msvcp140

??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?tolower@?$ctype@D@std@@QBEPBDPADPBD@Z
?tolower@?$ctype@D@std@@QBEDD@Z
??1facet@locale@std@@MAE@XZ
??0facet@locale@std@@IAE@I@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
??1_Locinfo@std@@QAE@XZ
??0_Locinfo@std@@QAE@PBD@Z
_Wcscoll
_Wcsxfrm
?id@?$collate@_W@std@@2V0locale@2@A
?tolower@?$ctype@_W@std@@QBEPB_WPA_WPB_W@Z
?tolower@?$ctype@_W@std@@QBE_W_W@Z
?is@?$ctype@_W@std@@QBE_NF_W@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?read@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@PA_W_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
_Strxfrm
_Strcoll
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
?seekg@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_JH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPBD@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Throw_C_error@std@@YAXH@Z
_Thrd_start
_Thrd_detach
_Mtx_init
_Mtx_lock
_Mtx_unlock
_Cnd_init
_Cnd_wait
_Cnd_signal
_Cnd_destroy
_Mtx_destroy
?_Throw_Cpp_error@std@@YAXH@Z
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?empty@locale@std@@SA?AV12@XZ
?uncaught_exception@std@@YA_NXZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$ctype@_W@std@@2V0locale@2@A
_Cnd_do_broadcast_at_thread_exit
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$ctype@_W@std@@QBE_WD@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
_Thrd_join
_Thrd_id
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE_N_N@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEGXZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
?_Syserror_map@std@@YAPBDH@Z
_Mtx_trylock
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z

shlwapi

PathFileExistsW
PathAppendW

vcruntime140

_set_purecall_handler
wcsstr
strchr
memmove
memset
_CxxThrowException
_except_handler4_common
__std_type_info_destroy_list
__std_exception_destroy
__std_exception_copy
__std_terminate
__CxxFrameHandler3
_get_purecall_handler
memchr
memcpy

api-ms-win-crt-heap-l1-1-0

_set_new_mode
malloc
_recalloc
_callnewh
free
calloc
realloc

api-ms-win-crt-runtime-l1-1-0

_errno
_invalid_parameter_noinfo
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_get_invalid_parameter_handler
_set_invalid_parameter_handler
_initialize_narrow_environment
_set_new_handler
_configure_narrow_argv
signal
_seh_filter_dll
terminate
_invalid_parameter_noinfo_noreturn
_initterm_e

api-ms-win-crt-stdio-l1-1-0

ungetwc
fsetpos
setvbuf
_fseeki64
fflush
fgetpos
fputwc
fwrite
fputc
fread
fgetc
__stdio_common_vswprintf_s
__stdio_common_vswprintf
_get_stream_buffer_pointers
fclose
ungetc
fgetwc

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file

api-ms-win-crt-string-l1-1-0

strtok_s
isspace
tolower
_strdup
wcsnlen
iswspace
wmemcpy_s
strncpy_s

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-convert-l1-1-0

_wtoi
_itoa_s

Exports

Exports

?AddCRCustomData@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?AdobeCrashReporterEnableSignalHandling@@YA_NP6AXHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@ZW4AdobeCrashReporterShowDialogForSignals@@I@Z
?CrashReporterInitialize@@YA_NPAXPBD1111P6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@@Z
?GetCRDialogOptions@@YAHXZ
?GetCRLastErrorCode@@YA?AW4ERROR_CR@@XZ
?SetCRDialogOptions@@YA_NH@Z
?SetCRDialogSaclingFactor@@YA_NW4AdobeCrashReporterScalingFactor@@@Z
?SetCRDialogUserEmail@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetCRDisplayName@@YA_NPBD@Z
?SetCRHighbeamSessionId@@YA_NPBD@Z
?SetCRHighbeamSessionInfo@@YA_NPAXPBG@Z
?SetCRIMSUserGuid@@YA_NPBD_N@Z
?SetCRLocale@@YA_NPBD@Z
?SetCRParentWnd@@YA_NPAX@Z
?SetCRPostHandler@@YA_NP6AXXZ@Z
?SetCRPostHandlerPassingExceptionInfoAndContext@@YA_NP6AXPAU_EXCEPTION_RECORD@@PAU_CONTEXT@@@Z@Z
?SetCRPosthandlerThreadPreference@@YA_N_N@Z
?SetCRPreHandler@@YA_NP6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@Z
?ShowCRDialogOnlyOnFirstCrash@@YA_NXZ
OutOfProcessExceptionEventCallback
OutOfProcessExceptionEventDebuggerLaunchCallback
OutOfProcessExceptionEventSignatureCallback

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRLogTransport.exe
.exe windows:6 windows x86 arch:x86

f65b2f7bb965e14812041bb29c26c996

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:28:23:27:c8:89:1d:c7:f4:96:e6:7e:ff:a7:1d:fd:7b:c4:66:fd:38:f6:df:ba:d2:e6:04:b7:f5:b0:ec:9d
Signer

Actual PE Digest

c6:28:23:27:c8:89:1d:c7:f4:96:e6:7e:ff:a7:1d:fd:7b:c4:66:fd:38:f6:df:ba:d2:e6:04:b7:f5:b0:ec:9d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\CRLogTransport\public\binary\Win\x86\Release\CRLogTransport.pdb

Imports

shlwapi

PathIsDirectoryW
PathFileExistsW

wininet

HttpOpenRequestW
InternetReadFile
InternetQueryOptionW
InternetQueryDataAvailable
InternetSetOptionW
InternetSetStatusCallbackW
InternetOpenW
InternetSetOptionA
InternetCloseHandle
HttpQueryInfoW
InternetConnectW
InternetCrackUrlW
HttpSendRequestW

kernel32

MultiByteToWideChar
WideCharToMultiByte
CompareFileTime
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
DeleteFileW
CloseHandle
GetProcAddress
MoveFileExW
GetFileTime
ReadFile
GetModuleFileNameW
InitializeCriticalSectionEx
Sleep
DeleteCriticalSection
GetSystemTimeAsFileTime
SetEvent
AreFileApisANSI
OutputDebugStringW
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
GetLastError
UnhandledExceptionFilter
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
FormatMessageA
FormatMessageW
LocalFree
SetUnhandledExceptionFilter

shell32

SHGetFolderPathW
SHCreateDirectoryExW

msvcp140

?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAPAD0PAH001@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?_Gndec@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Gnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?pbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXH@Z
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Pnavail@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBE_JXZ
?rdbuf@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_streambuf@DU?$char_traits@D@std@@@2@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?width@ios_base@std@@QAE_J_J@Z
?width@ios_base@std@@QBE_JXZ
?flags@ios_base@std@@QBEHXZ
?bad@ios_base@std@@QBE_NXZ
?fail@ios_base@std@@QBE_NXZ
?good@ios_base@std@@QBE_NXZ
??Bios_base@std@@QBE_NXZ
?always_noconv@codecvt_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
?_Init@locale@std@@CAPAV_Locimp@12@_N@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?is@?$ctype@D@std@@QBE_NFD@Z
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@D@Z
?_Incref@facet@locale@std@@UAEXXZ
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IBEPADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD00@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXPAD0@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
?getline@?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV12@PAD_J@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??7ios_base@std@@QBE_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?tie@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEPAV?$basic_ostream@DU?$char_traits@D@std@@@2@XZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?_Xlength_error@std@@YAXPBD@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDXZ
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPAV123@PAVfacet@23@I@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z

vcruntime140

__CxxFrameHandler3
memmove
memcpy
_except_handler4_common
memchr
memcmp
__std_exception_copy
__std_exception_destroy
memset
__std_terminate
_CxxThrowException
_purecall

api-ms-win-crt-stdio-l1-1-0

_set_fmode
fgetpos
setvbuf
ungetc
__p__commode
__stdio_common_vfprintf
fsetpos
fread
fgetc
_fseeki64
fclose
fflush
fputc
ferror
_get_stream_buffer_pointers
__stdio_common_vsprintf
_wsopen_s
_close
fseek
fopen
ftell
fwrite

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free
_set_new_mode

api-ms-win-crt-string-l1-1-0

strncpy
strlen
strnlen
wcslen
tolower
strncpy_s
strtok_s
wcscmp

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_wrename
_unlock_file

api-ms-win-crt-runtime-l1-1-0

_errno
strerror
_controlfp_s
_invalid_parameter_noinfo
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_getpid
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
exit
_exit
terminate
__p___argc
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
signal

api-ms-win-crt-math-l1-1-0

_fdopen
__setusermatherr
ceil

api-ms-win-crt-time-l1-1-0

_gmtime32_s
_time32
strftime

api-ms-win-crt-utility-l1-1-0

abs
srand
rand

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRWindowsClientService.exe
.exe windows:6 windows x86 arch:x86

69dee0d8a8373479e85bb26fb3c65944

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

95:9b:a0:07:78:8c:d0:02:fe:95:b2:e4:33:d0:ed:82:88:9d:57:12:09:75:06:3b:41:c1:2a:00:51:0c:95:97
Signer

Actual PE Digest

95:9b:a0:07:78:8c:d0:02:fe:95:b2:e4:33:d0:ed:82:88:9d:57:12:09:75:06:3b:41:c1:2a:00:51:0c:95:97

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\Win32\Release\CRWindowsClientService.pdb

Imports

dbghelp

MiniDumpWriteDump

wininet

HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle
InternetOpenW
HttpQueryInfoW

kernel32

RaiseException
GetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetExitCodeProcess
OpenThread
GetExitCodeThread
OpenProcess
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
LocalFree
WriteFile
IsDebuggerPresent
GetCurrentProcess
GetTimeZoneInformation
GlobalMemoryStatusEx
GetSystemInfo
GetLocaleInfoEx
CreateFileW
QueryPerformanceCounter
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
CloseHandle
EnterCriticalSection
OutputDebugStringW
ReadFile

advapi32

RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
RegEnumValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegQueryInfoKeyW

shell32

ShellExecuteW
SHGetKnownFolderPath
SHCreateDirectoryExW
CommandLineToArgvW

ole32

CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateGuid
CoCreateInstance
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
VariantClear

shlwapi

PathAppendW
PathFileExistsW

msvcp140

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JXZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QBEDD@Z
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
_Stat
?_Winerror_map@std@@YAHH@Z
?_Winerror_message@std@@YAKKPADK@Z
?_Syserror_map@std@@YAPBDH@Z
??0_Lockit@std@@QAE@H@Z
??1_Lockit@std@@QAE@XZ
?uncaught_exception@std@@YA_NXZ
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPBD@Z
?_Xout_of_range@std@@YAXPBD@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??Bid@locale@std@@QAEIXZ
?_New_Locimp@_Locimp@locale@std@@CAPAV123@ABV123@@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?empty@locale@std@@SA?AV12@XZ
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QBE_NXZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPA_W3AAPA_W@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PB_W1AAPB_WPAD3AAPAD@Z
?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QAE@I@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MAE@XZ
?widen@?$ctype@_W@std@@QBE_WD@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?good@ios_base@std@@QBE_NXZ
?flags@ios_base@std@@QBEHXZ
?width@ios_base@std@@QBE_JXZ
?width@ios_base@std@@QAE_J_J@Z
?getloc@ios_base@std@@QBE?AVlocale@2@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QBE?AVlocale@2@XZ
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAEG_W@Z
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QAE_JPB_W_J@Z
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEXXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAEXH_N@Z
?rdbuf@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBEPAV?$basic_streambuf@_WU?$char_traits@_W@std@@@2@XZ
?imbue@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE?AVlocale@2@ABV32@@Z
?fill@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WXZ
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QBE_WD@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@_W@Z
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV12@XZ
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$ctype@_W@std@@2V0locale@2@A
?in@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PBD1AAPBDPAD3AAPAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QBEHAAU_Mbstatet@@PAD1AAPAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QBE?AVlocale@2@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEPADXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEXXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAE_JPBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Xinvalid_argument@std@@YAXPBD@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QAE_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAEXXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEPAV12@PAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MAEXABVlocale@2@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ

vcruntime140

__std_terminate
wcsrchr
_except_handler4_common
__std_exception_copy
wcsstr
memset
memmove
memcpy
_CxxThrowException
__CxxFrameHandler3
memchr
__std_exception_destroy

api-ms-win-crt-runtime-l1-1-0

_c_exit
_register_thread_local_exe_atexit_callback
_initialize_wide_environment
_invalid_parameter_noinfo
_errno
exit
_controlfp_s
_configure_wide_argv
_initterm
_invalid_parameter_noinfo_noreturn
terminate
_initterm_e
_set_app_type
_cexit
_exit
_get_wide_winmain_command_line
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_seh_filter_exe

api-ms-win-crt-string-l1-1-0

strncpy_s
wcscspn
wmemcpy_s
iswspace
strtok_s
isspace
strlen
_wcslwr_s
wcsnlen
tolower
toupper
wcsspn

api-ms-win-crt-heap-l1-1-0

_callnewh
free
_set_new_mode
calloc
_recalloc
malloc

api-ms-win-crt-utility-l1-1-0

abs

api-ms-win-crt-stdio-l1-1-0

fputwc
fgetwc
_get_stream_buffer_pointers
fclose
fputc
fflush
ungetc
fgetpos
_set_fmode
fread
fsetpos
_fseeki64
fwrite
__p__commode
__stdio_common_vsprintf
fgetc
__stdio_common_vswprintf_s
setvbuf
__stdio_common_vswprintf
ungetwc

api-ms-win-crt-filesystem-l1-1-0

_wrename
_wremove
_unlock_file
_lock_file

api-ms-win-crt-time-l1-1-0

_localtime64_s
_time64

api-ms-win-crt-convert-l1-1-0

strtol
_wtoi
atoi
_itoa_s

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 49KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDHelper.exe
.exe windows:5 windows x86 arch:x86

4d6a06993c1a980ca38d0d6760d038d4

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:6d:40:49:42:26:49:6b:8c:e2:93:fa:83:08:34:8e:94:60:e2:fe:a7:16:56:79:9e:a4:83:b4:cc:70:c6:b0
Signer

Actual PE Digest

36:6d:40:49:42:26:49:6b:8c:e2:93:fa:83:08:34:8e:94:60:e2:fe:a7:16:56:79:9e:a4:83:b4:cc:70:c6:b0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HDHelper\HDHelper\HDHelper.pdb

Imports

kernel32

lstrcmpW
GetCurrentProcess
WaitForSingleObject
GetModuleHandleW
GetExitCodeProcess
GetVersionExW
Sleep
GetUserDefaultLCID
LCMapStringW
FreeLibrary
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
MoveFileExW
CloseHandle
DeleteFileW
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
FindClose
GetTempPathW
GetModuleFileNameW
FindNextFileW
SetLastError
FindFirstFileW
lstrcmpiW
TlsAlloc
ReadFile
GetProcessHeap
DeleteCriticalSection
LocalFree
GetProcAddress
DecodePointer
HeapAlloc
LoadLibraryW
RaiseException
GetLastError
SwitchToThread
InitializeCriticalSectionAndSpinCount
GetStringTypeW
GetUserDefaultUILanguage
OpenMutexW
ReleaseMutex
LocalAlloc
InitializeCriticalSectionEx
HeapFree
WriteConsoleW
SetEndOfFile
GetConsoleCP
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
ExitProcess
GetStdHandle
GetTimeZoneInformation
GetFileType
LoadLibraryExW
RtlUnwind
GetStartupInfoW
InitializeSListHead
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObjectEx
OutputDebugStringW
CreateMutexW
IsDebuggerPresent
GetCPInfo
GetLocaleInfoW
CompareStringW
WriteFile
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
CreateEventW
VerSetConditionMask
VerifyVersionInfoW
TerminateProcess
OpenProcess
HeapSize
CreateToolhelp32Snapshot
Process32NextW
SetEvent
Process32FirstW
HeapReAlloc
ResetEvent
GetCurrentProcessId
lstrcpyW
SetFilePointer
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetUserDefaultLangID
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
EncodePointer

user32

AllowSetForegroundWindow

advapi32

DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
CreateProcessAsUserW
ConvertStringSidToSidW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
GetTokenInformation
SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
RegGetKeySecurity
RegCloseKey
SetEntriesInAclW
CreateWellKnownSid
RegCreateKeyExW
RegSetKeySecurity
RegSetValueExW
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
LookupAccountSidW

shell32

SHGetSpecialFolderPathW
SHCreateDirectoryExW

ole32

CLSIDFromProgID
OleRun
CoUninitialize
CoCreateInstance
CoInitialize
CLSIDFromString

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantCopy
GetErrorInfo
VariantClear

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

PathStripPathW
PathRenameExtensionW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathAddExtensionW
PathAppendW
PathIsDirectoryW
PathRemoveExtensionW
PathIsFileSpecW

Sections

.text
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDIM.dll
.dll windows:5 windows x86 arch:x86

a9270eafb44873a3b617f5d27d65df2c

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:df:df:20:41:d0:72:9f:77:b4:8f:56:f8:2f:fb:12:f3:2c:bc:b3:da:94:ee:e7:75:76:e3:51:99:b9:ef:88
Signer

Actual PE Digest

20:df:df:20:41:d0:72:9f:77:b4:8f:56:f8:2f:fb:12:f3:2c:bc:b3:da:94:ee:e7:75:76:e3:51:99:b9:ef:88

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HDIM\HDIM\HDIM.pdb

Imports

kernel32

DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionEx
OutputDebugStringW
WriteConsoleW
SetEndOfFile
GetConsoleCP
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
ReadFile
FindFirstFileW
FindNextFileW
WriteFile
GetModuleFileNameW
GetTempPathW
FindClose
CreateFileW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
CloseHandle
LocalFree
MoveFileExW
lstrcmpW
FlushFileBuffers
LoadLibraryW
GetProcAddress
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
SetFilePointer
GetCurrentThreadId
GetCurrentProcess
GetVersionExW
CreateEventW
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
GetUserDefaultLCID
LCMapStringW
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
WaitForSingleObject
ReleaseMutex
OpenMutexW
GetUserDefaultLangID
GetUserDefaultUILanguage
HeapFree
SetLastError
TerminateProcess
HeapSize
SetEvent
HeapReAlloc
ResetEvent
HeapAlloc
GetProcessHeap
GetStringTypeW
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
SetFilePointerEx

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

shlwapi

PathFileExistsW
PathFindFileNameW
PathAppendW
PathIsDirectoryW
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW
PathRenameExtensionW
PathRemoveFileSpecW

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDListW
SHCreateDirectoryExW

ole32

OleRun
CLSIDFromProgID
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitialize
CLSIDFromString

oleaut32

GetErrorInfo
VariantClear
SysFreeString
VariantInit
VariantCopy
SysAllocString

Exports

Exports

ccim_GetInformation
ccim_UserAction
ccim_endWorkflow
ccim_startWorkflow
ccim_startWorkflowWithMode
hdimSetLoggerFnPtr

Sections

.text
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDNative.dll
.dll windows:5 windows x86 arch:x86

1646b404ea3cd0c5c00fd29caff77f4d

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:2c:42:ed:39:e4:26:a4:2e:47:b5:2b:40:f4:76:44:21:d9:06:fa:4a:bf:44:3d:14:19:d3:75:43:e2:ac:c0
Signer

Actual PE Digest

69:2c:42:ed:39:e4:26:a4:2e:47:b5:2b:40:f4:76:44:21:d9:06:fa:4a:bf:44:3d:14:19:d3:75:43:e2:ac:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HDNative\HDNative\HDNative.pdb

Imports

kernel32

DeleteCriticalSection
HeapFree
LoadLibraryW
HeapAlloc
GetProcessHeap
RaiseException
LCMapStringW
FreeLibrary
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
InitializeCriticalSectionEx
GetModuleHandleW
GetProcAddress
GetCurrentProcess
LocalFree
CloseHandle
GetLastError
DecodePointer
CreateFileW
FindClose
GetModuleFileNameW
FindNextFileW
EncodePointer
GetSystemTimeAsFileTime
TlsFree
IsDebuggerPresent
SetLastError
WriteConsoleW
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleMode
SetFilePointerEx
SetStdHandle
GetStdHandle
GetModuleHandleExW
ExitProcess
GetFileType
LoadLibraryExW
InterlockedFlushSList
TlsSetValue
RtlUnwind
OutputDebugStringW
InitializeSListHead
GetCurrentThreadId
QueryPerformanceCounter
GetStartupInfoW
MultiByteToWideChar
WideCharToMultiByte
WriteFile
FlushFileBuffers
CreateEventW
TerminateProcess
HeapSize
HeapReAlloc
GetCurrentProcessId
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue

ole32

CLSIDFromProgID
CoInitialize
CLSIDFromString
CoUninitialize
CoCreateInstance
OleRun

oleaut32

SysFreeString
SysAllocString
VariantClear
GetErrorInfo

shlwapi

PathStripPathW
PathAppendW

Exports

Exports

hdNativeGetProductInstallStatus
hdNativeLaunchProduct
hdNativeSetLoggerFnPtr

Sections

.text
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDPIM.dll
.dll windows:5 windows x86 arch:x86

7030d8fea3753a6d88d193472f65534b

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3d:89:7d:a4:a0:82:0f:fd:eb:27:d0:1f:dd:3c:53:b5:18:5a:85:66:88:a5:d6:27:f4:20:1b:f2:83:87:85:f9
Signer

Actual PE Digest

3d:89:7d:a4:a0:82:0f:fd:eb:27:d0:1f:dd:3c:53:b5:18:5a:85:66:88:a5:d6:27:f4:20:1b:f2:83:87:85:f9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HDPIM\HDPIM\HDPIM.pdb

Imports

kernel32

QueryFullProcessImageNameW
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
OpenProcess
GetUserDefaultLangID
GetCurrentProcess
GetDriveTypeW
lstrcmpW
lstrcmpiW
CopyFileW
GetFileSize
MoveFileExW
LocalFree
SetCurrentDirectoryW
WaitForSingleObject
GetCurrentDirectoryW
CloseHandle
DeleteFileW
CreateDirectoryW
GetTempFileNameW
GetVersionExW
GetDiskFreeSpaceExW
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
LocalAlloc
FindClose
GetTempPathW
GetModuleFileNameW
RemoveDirectoryW
lstrlenW
FindNextFileW
SetLastError
FindFirstFileW
ReadFile
VerifyVersionInfoW
VerSetConditionMask
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
GetFullPathNameW
Sleep
GetExitCodeProcess
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetStdHandle
ExitProcess
GetModuleHandleExW
ExitThread
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetFileInformationByHandle
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
VirtualFree
VirtualAlloc
LoadLibraryExW
FreeLibraryAndExitThread
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
QueryPerformanceFrequency
GetModuleHandleW
CreateProcessW
GetProcAddress
GetLocaleInfoW
CompareStringW
EncodePointer
TlsFree
GetFileSizeEx
FlushFileBuffers
SystemTimeToFileTime
GetFileAttributesExW
CopyFileExW
GetACP
MultiByteToWideChar
WideCharToMultiByte
AreFileApisANSI
HeapCreate
HeapFree
EnterCriticalSection
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateMutexW
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
OutputDebugStringW
CreateFileA
LoadLibraryA
DeleteFileA
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetCurrentProcessId
GetProcessHeap
FreeLibrary
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
GetSystemDirectoryW
SetDllDirectoryW
LCMapStringA
GetStringTypeExA
GetUserDefaultLCID
LCMapStringW
SetFileTime
CreateEventW
GlobalAlloc
GlobalFree
SizeofResource
GetFinalPathNameByHandleW
LockResource
LoadResource
FindResourceW
TerminateProcess
Thread32Next
Thread32First
DuplicateHandle
ProcessIdToSessionId
SetEvent
TerminateThread
CreateThread
FindResourceExW
ResetEvent
lstrcpyW
GetThreadTimes
OpenThread
WaitForMultipleObjects
GetUserDefaultUILanguage
ReleaseMutex
GetCurrentThreadId
GetPhysicallyInstalledSystemMemory
GetLogicalDriveStringsW
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
GetDateFormatW
OpenMutexW
SetFilePointerEx
ResumeThread
SetThreadPriority
GetCurrentThread
GetStringTypeW
WaitForSingleObjectEx
SwitchToThread
GetExitCodeThread
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
InitializeCriticalSectionEx

user32

EnumWindows
GetShellWindow
AllowSetForegroundWindow
GetWindowThreadProcessId
ReleaseDC
GetDesktopWindow
GetDC
LoadStringA
PostMessageW
PostThreadMessageW
wsprintfW

advapi32

CryptAcquireContextW
AllocateAndInitializeSid
FreeSid
RegQueryValueExW
RegDeleteValueW
InitializeSecurityDescriptor
RegSetKeySecurity
RegEnumKeyExW
RegQueryInfoKeyW
RegGetKeySecurity
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
EqualSid
LookupAccountSidW
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
CreateProcessAsUserW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
GetTokenInformation
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
CreateWellKnownSid
RegCloseKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash

shell32

SHCreateDirectoryExW
SHGetFolderPathW
ord75
ord709
SHCreateItemFromParsingName
SHGetKnownFolderPath
SHGetSpecialFolderPathW
ord680
ord51
SHSetLocalizedName
SHGetPathFromIDListW
SHGetFolderLocation

ole32

CoUninitialize
CoInitialize
CoInitializeEx
CoSetProxyBlanket
CLSIDFromProgID
StringFromGUID2
CoCreateGuid
CoCreateInstance
CoInitializeSecurity
CoTaskMemFree
CLSIDFromString
OleRun

oleaut32

VariantInit
SysFreeString
SysStringByteLen
SysAllocStringByteLen
SysAllocString
VariantClear
VariantChangeType
SysStringLen
VariantCopy
SafeArrayAccessData
SafeArrayCreateVector
SysAllocStringLen
SafeArrayUnaccessData
SafeArrayDestroy
GetErrorInfo

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

psapi

GetModuleBaseNameW
GetModuleFileNameExW
GetProcessImageFileNameW
EnumProcessModules

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

winhttp

WinHttpQueryAuthSchemes
WinHttpOpenRequest
WinHttpGetProxyForUrl
WinHttpSetOption
WinHttpSendRequest
WinHttpSetCredentials
WinHttpReceiveResponse
WinHttpCloseHandle
WinHttpOpen
WinHttpAddRequestHeaders
WinHttpQueryDataAvailable
WinHttpQueryHeaders
WinHttpReadData
WinHttpConnect
WinHttpQueryOption
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpGetIEProxyConfigForCurrentUser

shlwapi

PathStripToRootW
PathFileExistsA
PathIsSystemFolderW
PathIsDirectoryEmptyW
PathIsDirectoryW
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW
PathMakePrettyW
PathFindFileNameW
PathAddBackslashW
PathFileExistsW
PathGetCharTypeW
PathIsRootW
PathIsRelativeW
PathIsUNCW
PathStripPathW
PathFindExtensionW
PathIsSameRootW
PathRemoveBackslashW
PathAppendW
PathRenameExtensionW
PathRemoveFileSpecW

crypt32

CertGetIssuerCertificateFromStore
CertGetNameStringW

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain
WinVerifyTrust

gdi32

AddFontResourceW
RemoveFontResourceW
GetDeviceCaps

bcrypt

BCryptOpenAlgorithmProvider
BCryptHashData
BCryptCreateHash
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider

Exports

Exports

hdpimAreUpdatesEnabled
hdpimCheckAndReportConflictingProcess
hdpimCheckForUpdate
hdpimControlProgress
hdpimCreateSession
hdpimDownloadProduct
hdpimGetAvailableUpdateInfo
hdpimGetInstalledProductsList
hdpimGetProductInstallDirIsMoved
hdpimGetProductInstallStatus
hdpimGetProductInstalledVersions
hdpimGetProductLaunchPath
hdpimGetProductReferenceInfo
hdpimInstallProduct
hdpimInstallUpdate
hdpimLaunchProduct
hdpimRepairProduct
hdpimSetLogger
hdpimSetLoggerFnPtr
hdpimTerminateSession
hdpimUnInstallProduct

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 514KB - Virtual size: 514KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDUWP.dll
.dll windows:5 windows x86 arch:x86

9f11f22d7cce56755e4ef8bc3c0e6f1c

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8b:25:f2:a6:f7:21:47:93:5b:76:0c:e0:b2:dd:38:8c:79:16:b5:1f:d6:e4:7c:6a:e6:30:97:ab:40:90:ed:92
Signer

Actual PE Digest

8b:25:f2:a6:f7:21:47:93:5b:76:0c:e0:b2:dd:38:8c:79:16:b5:1f:d6:e4:7c:6a:e6:30:97:ab:40:90:ed:92

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HDUWP\HDUWP\HDUWP.pdb

Imports

kernel32

CloseHandle
CreateEventExW
PackageFullNameFromId
PackageFamilyNameFromId
SetEvent
WaitForSingleObject
AcquireSRWLockShared
FreeLibrary
VirtualQuery
GetProcessHeap
HeapFree
HeapAlloc
GetLastError
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
RaiseException
IsDebuggerPresent
GetProcAddress
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
DecodePointer
ReleaseSRWLockShared

ole32

CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoInitialize
CoTaskMemFree

vccorlib140

?EventSourceGetTargetArrayEvent@Details@Platform@@YGPAXPAXIPBXPA_J@Z
?EventSourceAdd@Details@Platform@@YG?AVEventRegistrationToken@Foundation@Windows@@PAPAXPAUEventLock@12@P$AAVDelegate@2@@Z
?EventSourceRemove@Details@Platform@@YGXPAPAXPAUEventLock@12@VEventRegistrationToken@Foundation@Windows@@@Z
??0OutOfBoundsException@Platform@@Q$AAA@XZ
??0ChangedStateException@Platform@@Q$AAA@XZ
??0OutOfMemoryException@Platform@@Q$AAA@XZ
??0FailureException@Platform@@Q$AAA@XZ
?Allocate@Heap@Details@Platform@@SAPAXI@Z
??0Delegate@Platform@@Q$AAA@XZ
?get@Message@Exception@Platform@@Q$AAAP$AAVString@3@XZ
?GetIidsFn@@YGJHPAKPBU__s_GUID@@PAPAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YGJPAXAAVGuid@Platform@@PAPAX@Z
?EventSourceGetTargetArray@Details@Platform@@YGPAXPAXPAUEventLock@12@@Z
?EventSourceUninitialize@Details@Platform@@YGXPAPAX@Z
?EventSourceInitialize@Details@Platform@@YGXPAPAX@Z
?GetIBoxArrayVtable@Details@Platform@@YGPAXPAX@Z
?AllocateException@Heap@Details@Platform@@SAPAXII@Z
?AlignedFree@Heap@Details@Platform@@SAXPAX@Z
?Free@Heap@Details@Platform@@SAXPAX@Z
?Allocate@Heap@Details@Platform@@SAPAXII@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AAEXXZ
?__abi_WinRTraiseCOMException@@YGXJ@Z
?__abi_WinRTraiseObjectDisposedException@@YGXXZ
?__abi_WinRTraiseDisconnectedException@@YGXXZ
?__abi_WinRTraiseWrongThreadException@@YGXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YGXXZ
?__abi_WinRTraiseChangedStateException@@YGXXZ
?__abi_WinRTraiseOutOfBoundsException@@YGXXZ
?__abi_WinRTraiseInvalidArgumentException@@YGXXZ
?__abi_WinRTraiseOutOfMemoryException@@YGXXZ
?__abi_WinRTraiseAccessDeniedException@@YGXXZ
?__abi_WinRTraiseFailureException@@YGXXZ
?__abi_WinRTraiseOperationCanceledException@@YGXXZ
?__abi_WinRTraiseNullReferenceException@@YGXXZ
?__abi_WinRTraiseInvalidCastException@@YGXXZ
?__abi_WinRTraiseNotImplementedException@@YGXXZ
??0Object@Platform@@Q$AAA@XZ
?__abi_cast_Object_to_String@__abi_details@@YGP$AAVString@Platform@@_NP$AAVObject@3@@Z
?__abi_cast_String_to_Object@__abi_details@@YGP$AAVObject@Platform@@P$AAVString@3@@Z
?__abi_translateCurrentException@@YGJ_N@Z
?EventSourceGetTargetArraySize@Details@Platform@@YGIPAX@Z
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z

api-ms-win-core-winrt-l1-1-0

RoInitialize

api-ms-win-core-winrt-string-l1-1-0

WindowsDuplicateString
WindowsGetStringRawBuffer
WindowsCompareStringOrdinal
WindowsDeleteString
WindowsCreateString

vcruntime140

__std_type_info_destroy_list
memset
__vcrt_GetModuleFileNameW
memcpy
__CxxFrameHandler3
_CxxThrowException
__std_exception_destroy
__std_exception_copy
_except_handler4_common
__vcrt_LoadLibraryExW
memmove

api-ms-win-crt-runtime-l1-1-0

_initialize_onexit_table
_execute_onexit_table
_initterm
_configure_narrow_argv
_initterm_e
_seh_filter_dll
_cexit
_initialize_narrow_environment
_crt_atexit
_register_onexit_function
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-string-l1-1-0

strcat_s
strcpy_s
wcslen
_wcsdup

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-convert-l1-1-0

_wtoi

Exports

Exports

hduwpGetInstalledPackageUsers
hduwpGetPackageFamilyName
hduwpGetPackageFullName
hduwpInstallPackage
hduwpIsPackageInstalledForAnyUser
hduwpIsPackageInstalledForCurrentUser
hduwpIsPackageWithFamilyNameInstalledForCurrentUser
hduwpLaunchPackage
hduwpRegisterPackage
hduwpUninstallPackage

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HDZIP.dll
.dll windows:5 windows x86 arch:x86

67bf0e29ba0de2ac5fe7d0647c4640f6

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

68:18:54:ad:6d:ef:ca:0a:25:92:2e:0b:c9:13:8b:55:ee:b5:0d:ab:22:11:0b:c6:7a:78:43:b0:c8:c3:10:c6
Signer

Actual PE Digest

68:18:54:ad:6d:ef:ca:0a:25:92:2e:0b:c9:13:8b:55:ee:b5:0d:ab:22:11:0b:c6:7a:78:43:b0:c8:c3:10:c6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HDZIP\HDZIP\HDZIP.pdb

Imports

kernel32

CreateSemaphoreW
GetLastError
GetFileSize
VirtualFree
VirtualAlloc
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
InitializeCriticalSection
ReleaseSemaphore
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindNextFileW
GetFullPathNameW
FindFirstFileW
ReadFile
GetFileTime
DosDateTimeToFileTime
CloseHandle
LocalFileTimeToFileTime
Sleep
MultiByteToWideChar
SetFileAttributesW
GetFileAttributesW
CreateFileW
SetFileTime
WriteFile
lstrlenW
CreateDirectoryW
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
InitializeCriticalSectionEx
FormatMessageW
RaiseException
DecodePointer
LocalFree
WideCharToMultiByte
GetModuleFileNameW
GetTempPathW
DeleteFileW
FlushFileBuffers
GetUserDefaultLCID
LCMapStringW
FreeLibrary
GetCurrentProcess
GetProcAddress
GetModuleHandleW
HeapFree
SetLastError
TerminateProcess
HeapSize
HeapReAlloc
CreateThread
HeapAlloc
GetCurrentProcessId
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetStringTypeW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
GetLocaleInfoW
GetCPInfo
OutputDebugStringW
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
SetStdHandle
GetFileType
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
SetFilePointerEx
ExitProcess
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetStdHandle
IsValidLocale
EnumSystemLocalesW
GetFileSizeEx
SetEndOfFile
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA

shlwapi

PathIsDirectoryW
PathFileExistsW
PathAppendW

ole32

StringFromGUID2
CoCreateGuid

oleaut32

VariantClear

Exports

Exports

hdzipCompressFolder
hdzipDecompressFile
hdzipSetLogger

Sections

.text
Size: 250KB - Virtual size: 250KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HUM.dll
.dll windows:5 windows x86 arch:x86

d44ca7a718214fa49ea4056dddb09f71

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:80:57:ae:5a:23:69:17:2c:12:cc:cf:97:f9:d3:bc:54:98:27:eb:66:bd:8c:44:92:d1:6a:75:30:c2:50:c2
Signer

Actual PE Digest

52:80:57:ae:5a:23:69:17:2c:12:cc:cf:97:f9:d3:bc:54:98:27:eb:66:bd:8c:44:92:d1:6a:75:30:c2:50:c2

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HUM\HUM\HUM.pdb

Imports

kernel32

GetVersionExW
UnmapViewOfFile
CreateFileA
CreateFileMappingW
MapViewOfFile
GetUserDefaultLCID
LoadLibraryA
Sleep
FreeLibrary
InitializeCriticalSectionEx
GetModuleHandleW
GetProcAddress
DeleteCriticalSection
GetCurrentProcess
lstrcmpW
lstrcmpiW
GetFileSize
DecodePointer
MoveFileExW
LocalFree
GetUserDefaultUILanguage
OpenMutexW
ReleaseMutex
CreateDirectoryW
WaitForSingleObject
RaiseException
CloseHandle
DeleteFileW
GetLastError
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
LocalAlloc
FindClose
GetTempPathW
GetModuleFileNameW
RemoveDirectoryW
lstrlenW
FindNextFileW
SetLastError
FindFirstFileW
LCMapStringW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetStdHandle
ExitProcess
GetModuleHandleExW
ExitThread
GetTimeZoneInformation
GetFileType
RtlUnwind
InterlockedFlushSList
VirtualFree
MultiByteToWideChar
WideCharToMultiByte
GetFullPathNameW
WriteFile
FlushFileBuffers
CreateEventW
GlobalFree
VerSetConditionMask
VerifyVersionInfoW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LoadLibraryW
GetCurrentProcessId
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
HeapFree
TerminateProcess
OpenProcess
HeapSize
CreateToolhelp32Snapshot
ProcessIdToSessionId
Process32NextW
SetEvent
TerminateThread
Process32FirstW
HeapReAlloc
CreateThread
ResetEvent
HeapAlloc
HeapDestroy
GetProcessHeap
GetThreadTimes
GetUserDefaultLangID
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateMutexW
GetCurrentThreadId
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
WaitForSingleObjectEx
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
QueryPerformanceCounter
GetTickCount
SetFilePointerEx
ResumeThread
SetThreadPriority
GetCurrentThread
GetStringTypeW
SwitchToThread
GetExitCodeThread
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
QueryPerformanceFrequency
CompareStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
FreeLibraryAndExitThread
LoadLibraryExW
VirtualAlloc
ReadFile

user32

wsprintfW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
GetUserNameW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
AdjustTokenPrivileges
LookupPrivilegeValueW
CryptReleaseContext
CryptGetHashParam
CryptDestroyHash
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
OpenProcessToken
CreateWellKnownSid
CryptHashData
CryptCreateHash
CryptAcquireContextW
LookupAccountSidW

shell32

SHGetFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW
SHCreateDirectoryExW
ord680
SHGetSpecialFolderPathW

ole32

CoTaskMemFree
CoCreateGuid
CLSIDFromString
OleRun
CLSIDFromProgID
CoCreateInstance
CoInitialize
StringFromGUID2
CoUninitialize

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpConnect
WinHttpReadData
WinHttpQueryHeaders
WinHttpQueryDataAvailable
WinHttpGetProxyForUrl
WinHttpSetCredentials
WinHttpSendRequest
WinHttpOpenRequest
WinHttpOpen
WinHttpReceiveResponse
WinHttpSetTimeouts
WinHttpQueryAuthSchemes

shlwapi

PathIsDirectoryW
PathIsSystemFolderW
PathAppendW
PathFileExistsA
PathRemoveFileSpecW
PathStripPathW
PathIsRootW
PathAddExtensionW
PathFileExistsW
PathFindFileNameW
PathRenameExtensionW
PathRemoveExtensionW
PathIsFileSpecW

oleaut32

VariantChangeType
SysStringLen
SysAllocString
GetErrorInfo
VariantCopy
VariantInit
SysFreeString
VariantClear

bcrypt

BCryptHashData
BCryptCloseAlgorithmProvider
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptCreateHash

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperProvDataFromStateData
WTHelperGetProvSignerFromChain
WTHelperGetProvCertFromChain

Exports

Exports

humCreateSession
humDownloadProductFFC
humGetAllProducts
humGetLatestApplicableUpdates
humGetLatestProducts
humGetLatestUpdates
humParseProductFFC
humSetLoggerFnPtr
humTerminateSession

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Set-up.exe
.exe windows:5 windows x86 arch:x86

1db03ef829f2b875f24406e682d5a018

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7f:4a:49:2c:73:d3:5e:0a:ef:f0:bd:d2:c2:3a:98:7b:f6:14:52:e1:cf:3f:d4:49:08:36:b1:b7:e7:2f:94:a6
Signer

Actual PE Digest

7f:4a:49:2c:73:d3:5e:0a:ef:f0:bd:d2:c2:3a:98:7b:f6:14:52:e1:cf:3f:d4:49:08:36:b1:b7:e7:2f:94:a6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HDBootStrapper\HDBootStrapper\Set-up.pdb

Imports

kernel32

LCMapStringW
GetCurrentProcessId
GetUserDefaultLangID
GetUserDefaultUILanguage
OpenMutexW
SetWaitableTimer
CreateWaitableTimerW
WaitForMultipleObjects
CancelWaitableTimer
CreateEventW
SetEvent
ResetEvent
GetOverlappedResult
ReadDirectoryChangesW
GetFileSizeEx
GetLocalTime
GetTimeFormatW
GetDateFormatW
ExpandEnvironmentStringsW
DeviceIoControl
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
GetWindowsDirectoryW
InitializeCriticalSection
GetLocaleInfoA
EnumSystemLocalesW
GetACP
GetSystemDirectoryW
ReleaseMutex
CreateMutexW
GetConsoleWindow
FreeConsole
AttachConsole
GetStdHandle
MulDiv
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
HeapSize
InitializeCriticalSectionEx
HeapFree
WideCharToMultiByte
FreeLibrary
LoadLibraryW
Process32FirstW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
ReadConsoleW
GetConsoleMode
GetConsoleCP
IsValidLocale
WriteConsoleW
ExitProcess
ExitThread
SetStdHandle
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetFileType
GetFileInformationByHandle
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
GetUserDefaultLCID
Process32NextW
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
MapViewOfFile
CreateFileMappingW
CreateFileA
UnmapViewOfFile
GetFullPathNameW
Sleep
MultiByteToWideChar
CreateToolhelp32Snapshot
OpenProcess
TerminateProcess
GetExitCodeProcess
GetModuleHandleW
CreateProcessW
GetProcAddress
WaitForSingleObject
GetCurrentProcess
GetDriveTypeW
lstrcmpW
lstrcmpiW
CopyFileW
GetFileSize
MoveFileExW
LocalFree
SetCurrentDirectoryW
GetCurrentDirectoryW
CloseHandle
DeleteFileW
GetDiskFreeSpaceExW
GetLastError
FormatMessageW
GetThreadPriority
SignalObjectAndWait
CreateTimerQueue
LoadLibraryExA
FlushInstructionCache
InterlockedPushEntrySList
InterlockedPopEntrySList
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLocaleInfoW
CompareStringW
GetCPInfo
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
GetModuleHandleExW
QueueUserWorkItem
IsProcessorFeaturePresent
GetExitCodeThread
SwitchToThread
WaitForSingleObjectEx
GetStringTypeW
SetThreadPriority
ResumeThread
SetFilePointerEx
VirtualAlloc
VirtualFree
GetTimeZoneInformation
ConnectNamedPipe
CreateNamedPipeW
SetNamedPipeHandleState
QueryFullProcessImageNameW
lstrcpyW
GetVersionExW
LoadLibraryA
FindResourceExW
TerminateThread
ProcessIdToSessionId
DuplicateHandle
CreateThread
VerifyVersionInfoW
VerSetConditionMask
GlobalFree
FindResourceW
LoadResource
LockResource
SizeofResource
GetCurrentThread
GetThreadTimes
QueryPerformanceFrequency
CreateSemaphoreW
OpenSemaphoreW
ReleaseSemaphore
CreateDirectoryW
TryEnterCriticalSection
GetTickCount
QueryPerformanceCounter
FormatMessageA
GetSystemTimeAsFileTime
LockFileEx
CreateFileMappingA
UnlockFile
ReadFile
HeapCompact
GetSystemInfo
DeleteFileA
OutputDebugStringW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapValidate
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
AreFileApisANSI
FlushFileBuffers
GetSystemTime
SystemTimeToFileTime
WriteFile
GetFileAttributesExW
SetDllDirectoryW
SetFileAttributesW
GetFileAttributesW
CreateFileW
LocalAlloc
FindClose
GetTempPathW
GetModuleFileNameW
RemoveDirectoryW
lstrlenW
FindNextFileW
SetLastError
FindFirstFileW
VirtualProtect

user32

RegisterWindowMessageW
GetParent
GetClassInfoExW
PostQuitMessage
GetDlgItem
GetClientRect
SetWindowLongW
SetCapture
GetClassNameW
LoadCursorW
TranslateMessage
TranslateAcceleratorW
BringWindowToTop
SetClassLongW
AppendMenuW
GetClassLongW
AllowSetForegroundWindow
GetShellWindow
EnumWindows
GetSystemMenu
LoadIconW
EnableMenuItem
SystemParametersInfoW
LoadImageW
PostThreadMessageW
wsprintfW
CharNextW
SetForegroundWindow
CreateAcceleratorTableW
MoveWindow
GetForegroundWindow
GetSysColor
AttachThreadInput
IsChild
DestroyAcceleratorTable
ClientToScreen
RedrawWindow
SetWindowPos
DispatchMessageW
InvalidateRgn
MessageBoxW
SendMessageW
IsWindow
ShowWindow
GetActiveWindow
RegisterClassExW
SetWindowTextW
ScreenToClient
GetDC
GetWindowRect
GetWindowTextW
EndPaint
BeginPaint
IsIconic
CreateWindowExW
ReleaseCapture
SetFocus
FillRect
DestroyWindow
GetFocus
GetWindow
UnregisterClassW
PostMessageW
CallWindowProcW
DefWindowProcW
GetDesktopWindow
GetMessageW
ReleaseDC
InvalidateRect
GetWindowTextLengthW
GetSystemMetrics
GetAsyncKeyState
GetWindowLongW
GetWindowThreadProcessId

gdi32

CreateSolidBrush
DeleteObject
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
DeleteDC
GetObjectW
GetDeviceCaps

advapi32

CryptAcquireContextW
CryptHashData
CryptDestroyHash
CryptGetHashParam
RevertToSelf
ConvertStringSidToSidW
ImpersonateLoggedOnUser
ConvertSidToStringSidW
DuplicateTokenEx
EqualSid
LookupAccountSidW
CryptReleaseContext
RegQueryValueExA
RegDeleteKeyExW
RegEnumValueW
GetUserNameW
CredWriteW
CredReadW
CredEnumerateW
CredFree
CredDeleteW
RegCloseKey
RegFlushKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
SetEntriesInAclW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
OpenProcessToken
GetTokenInformation
CreateWellKnownSid
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid
SetSecurityDescriptorDacl
CryptCreateHash

shell32

SHGetPathFromIDListW
SHGetFolderLocation
SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetMalloc
ord680
SHGetSpecialFolderLocation
ShellExecuteExW
CommandLineToArgvW
ShellExecuteW
SHGetKnownFolderPath
SHCreateDirectoryExW
ord51
SHBrowseForFolderW

ole32

CLSIDFromString
OleLockRunning
OleInitialize
CoUninitialize
OleRun
CoReleaseServerProcess
CoAddRefServerProcess
CoInitializeEx
CoSetProxyBlanket
CreateStreamOnHGlobal
OleUninitialize
CoTaskMemAlloc
CoGetClassObject
CoCreateInstance
StringFromGUID2
CoCreateGuid
CoInitialize
CoTaskMemFree
CLSIDFromProgID

oleaut32

SysAllocStringByteLen
SysStringByteLen
VariantCopy
DispCallFunc
GetErrorInfo
SysFreeString
LoadRegTypeLi
VariantInit
LoadTypeLi
OleCreateFontIndirect
SysAllocString
VariantClear
VariantChangeType
SysStringLen
SysAllocStringLen

iphlpapi

GetAdaptersAddresses

winhttp

WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle
WinHttpAddRequestHeaders
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpQueryOption
WinHttpOpen
WinHttpSetCredentials
WinHttpSetTimeouts
WinHttpQueryHeaders
WinHttpSetStatusCallback
WinHttpReceiveResponse
WinHttpGetIEProxyConfigForCurrentUser
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpCrackUrl

wininet

InternetCanonicalizeUrlW

bcrypt

BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptGetProperty
BCryptVerifySignature
BCryptCloseAlgorithmProvider
BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptHashData
BCryptCreateHash
BCryptDestroyHash
BCryptEncrypt
BCryptDecrypt
BCryptDestroyKey

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

credui

CredUnPackAuthenticationBufferW
CredUIPromptForWindowsCredentialsW

shlwapi

PathFileExistsW
PathFindFileNameW
PathIsRelativeW
PathIsUNCW
PathStripPathW
PathIsRootW
PathAddBackslashW
PathStripToRootW
UrlIsW
SHGetValueW
PathIsSystemFolderW
PathFileExistsA
PathAppendW
PathIsFileSpecW
PathAddExtensionW
PathRemoveExtensionW
UrlEscapeW
PathIsNetworkPathW
PathIsDirectoryW
PathRemoveFileSpecW
PathRenameExtensionW
PathRemoveBackslashW

crypt32

CryptProtectData
CryptUnprotectData
CryptStringToBinaryW
CertOpenStore
CertGetIssuerCertificateFromStore
CertCloseStore
CertAddCertificateContextToStore
CertVerifySubjectCertificateContext
CertGetNameStringW
CertFindCertificateInStore
CryptImportPublicKeyInfoEx2
CryptHashCertificate2
CertCreateCertificateContext
CertFreeCertificateContext

ws2_32

WSAStartup
WSACleanup
getnameinfo

secur32

GetUserNameExW

wintrust

WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WinVerifyTrust
WTHelperGetProvSignerFromChain

msi

ord70
ord113

comctl32

InitCommonControlsEx

Sections

.text
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1003KB - Virtual size: 1002KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 157KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Setup.exe
.exe windows:5 windows x86 arch:x86

72ae2ef51c6a541f168ad13f6d5d2488

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4f:2b:a6:22:3b:8b:d7:3c:70:50:22:56:6f:9c:93:1a:05:d6:61:3d:48:1b:5a:e0:d1:d7:54:68:48:43:06:f1
Signer

Actual PE Digest

4f:2b:a6:22:3b:8b:d7:3c:70:50:22:56:6f:9c:93:1a:05:d6:61:3d:48:1b:5a:e0:d1:d7:54:68:48:43:06:f1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\Setup\Setup\Setup.pdb

Imports

kernel32

SetDllDirectoryW
GetConsoleWindow
DeleteCriticalSection
DecodePointer
FreeConsole
RaiseException
AttachConsole
GetLastError
InitializeCriticalSectionEx
WriteConsoleW
SetEndOfFile
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
SetFilePointerEx
ReadConsoleW
QueryPerformanceFrequency
GetStdHandle
GetConsoleMode
EnumSystemLocalesW
IsValidLocale
GetCommandLineW
GetCurrentProcessId
FindFirstFileW
FindNextFileW
WriteFile
SetFilePointer
GetTempPathW
CreateFileW
GetCurrentThreadId
DeleteFileW
CloseHandle
lstrcmpW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ReadFile
GetFullPathNameW
GetModuleFileNameW
FindClose
GetFileAttributesW
SetFileAttributesW
LocalFree
MoveFileExW
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
Sleep
CreateThread
LoadLibraryW
GetProcAddress
FreeLibrary
GetUserDefaultLangID
GetUserDefaultUILanguage
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
GetCurrentProcess
GetVersionExW
CreateEventW
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetEvent
ResetEvent
GetUserDefaultLCID
LCMapStringW
HeapFree
SetLastError
TerminateProcess
HeapSize
HeapReAlloc
HeapAlloc
GetProcessHeap
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
WaitForSingleObjectEx
InitializeSListHead
QueryPerformanceCounter
GetSystemTimeAsFileTime
IsDebuggerPresent
GetStartupInfoW
GetStringTypeW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
CompareStringW
GetLocaleInfoW
GetCPInfo
RtlUnwind
InterlockedPushEntrySList
LoadLibraryExW
SetStdHandle
GetFileType
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
GetCommandLineA
OutputDebugStringW

user32

SendMessageW
wsprintfW

ole32

CLSIDFromProgID
OleRun
CoTaskMemFree
CoCreateInstance
CLSIDFromString
CoUninitialize
CoInitialize

crclient

?ShowCRDialogOnlyOnFirstCrash@@YA_NXZ
?CrashReporterInitialize@@YA_NPAXPBD1111P6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@@Z
?SetCRDisplayName@@YA_NPBD@Z

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

shlwapi

PathFileExistsW
PathAppendW
PathRemoveFileSpecW
PathFindFileNameW
PathRenameExtensionW
PathIsFileSpecW
PathAddExtensionW
PathIsDirectoryW
PathRemoveExtensionW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
SHGetFolderPathW
SHGetFolderLocation
SHGetSpecialFolderPathW
SHCreateDirectoryExW

oleaut32

GetErrorInfo
VariantCopy
VariantInit
SysFreeString
SysAllocString
SysStringLen
VariantClear

Sections

.text
Size: 419KB - Virtual size: 418KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TokenResolverx64.exe
.exe windows:6 windows x64 arch:x64

5baa56e7c3e406c3a56d258d7bc0f6d7

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8b:8b:aa:6a:91:7c:0c:d6:b0:12:b4:1b:6d:d4:87:38:cc:47:14:db:26:24:7f:53:54:22:54:29:60:d9:f9:0b
Signer

Actual PE Digest

8b:8b:aa:6a:91:7c:0c:d6:b0:12:b4:1b:6d:d4:87:38:cc:47:14:db:26:24:7f:53:54:22:54:29:60:d9:f9:0b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x64\sym\TokenResolver\TokenResolver\TokenResolverx64.pdb

Imports

kernel32

WriteFile
CreateFileW
GetLastError
CloseHandle
WriteConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapReAlloc
HeapSize
SetFilePointerEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
GetModuleFileNameW
HeapFree
HeapAlloc
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
LCMapStringW
GetProcessHeap

shell32

SHGetFolderPathW
SHGetPathFromIDListW
SHGetFolderLocation

ole32

CoTaskMemFree

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Uninstaller.exe
.exe windows:5 windows x86 arch:x86

7877345e635c19e290efc047dfabd726

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:03:5c:22:7b:00:92:b4:11:c9:3c:e1:ba:ab:1c:b2:39:89:ba:e1:bc:b5:72:82:d3:88:51:a2:f6:7e:17:bf
Signer

Actual PE Digest

c6:03:5c:22:7b:00:92:b4:11:c9:3c:e1:ba:ab:1c:b2:39:89:ba:e1:bc:b5:72:82:d3:88:51:a2:f6:7e:17:bf

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\Uninstaller\Uninstaller\Uninstaller.pdb

Imports

kernel32

GetFullPathNameA
SetFilePointer
InitializeCriticalSection
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapCreate
TryEnterCriticalSection
AreFileApisANSI
GetFileAttributesExW
lstrlenW
SystemTimeToFileTime
CreateMutexW
UnmapViewOfFile
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
FlushViewOfFile
CreateFileA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetSystemTime
FormatMessageA
CreateFileMappingW
UnlockFileEx
GetCurrentProcess
CreateEventW
GlobalAlloc
GlobalFree
GetProcAddress
GetModuleHandleW
GetFileAttributesW
ReadFile
GetFullPathNameW
FindNextFileW
WriteFile
GetModuleFileNameW
GetTempPathW
FindClose
CreateFileW
DeleteFileW
GetFileSize
FlushFileBuffers
HeapFree
SetLastError
TerminateProcess
WaitForSingleObject
MapViewOfFile
HeapSize
Sleep
HeapReAlloc
CreateThread
HeapAlloc
HeapDestroy
GetCurrentProcessId
GetProcessHeap
CreateProcessW
MultiByteToWideChar
FormatMessageW
WideCharToMultiByte
LoadLibraryW
FreeLibrary
GetUserDefaultLCID
LoadLibraryA
LCMapStringW
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
EncodePointer
CompareStringW
GetLocaleInfoW
GetCPInfo
IsDebuggerPresent
OutputDebugStringW
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
InitializeSListHead
RtlUnwind
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetStdHandle
GetFileType
IsValidLocale
EnumSystemLocalesW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetTimeZoneInformation
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetFileSizeEx
GetConsoleCP
SetEndOfFile
WriteConsoleW
ExitThread
DeleteCriticalSection
LocalFree
DecodePointer
RaiseException
CloseHandle
GetLastError
InitializeCriticalSectionEx
OpenProcess
CreateNamedPipeW
FreeLibraryAndExitThread

user32

EnumWindows
GetShellWindow
AllowSetForegroundWindow
GetWindowThreadProcessId

advapi32

RegOpenKeyExW
GetTokenInformation
FreeSid
OpenProcessToken
SetEntriesInAclW
AllocateAndInitializeSid
EqualSid
RegQueryValueExW
GetUserNameW
RegCloseKey
GetNamedSecurityInfoW
SetNamedSecurityInfoW
DuplicateTokenEx
AdjustTokenPrivileges
LookupPrivilegeValueW

shell32

SHGetFolderLocation
SHGetSpecialFolderPathW
SHCreateDirectoryExW
SHGetFolderPathW
SHGetPathFromIDListW
CommandLineToArgvW

ole32

CLSIDFromProgID
StringFromGUID2
CoInitialize
CoInitializeEx
CoInitializeSecurity
CoCreateInstance
CoUninitialize
CoCreateGuid
CLSIDFromString
CoTaskMemFree
OleRun

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit
GetErrorInfo
SysStringLen
VariantChangeType

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathFileExistsA
PathAppendW
PathIsDirectoryW
PathStripPathW
PathRemoveBackslashW

Sections

.text
Size: 894KB - Virtual size: 894KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
cr_win_client_config.cfg
customhook/HDCoreCustomHook.exe
.exe windows:5 windows x86 arch:x86

126f6b6fbf02a3c555849d80cf0b9295

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

93:54:2d:32:63:c8:04:2b:a8:c6:dd:73:a5:8d:ef:d5:69:bd:c1:02:0a:1b:11:15:34:37:4f:63:02:8c:2b:ef
Signer

Actual PE Digest

93:54:2d:32:63:c8:04:2b:a8:c6:dd:73:a5:8d:ef:d5:69:bd:c1:02:0a:1b:11:15:34:37:4f:63:02:8c:2b:ef

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\CI\CCHyperdrive\build\x64\main\ccd-hyperdrive\build\msvs_win32\Release\x86\sym\HDBoxCustomHook\HDBoxCustomHook\HDCoreCustomHook.pdb

Imports

kernel32

lstrcmpW
GetCurrentProcess
WaitForSingleObject
GetModuleHandleW
GetVersionExW
CreateFileA
CreateFileMappingW
MapViewOfFile
Sleep
GetUserDefaultLCID
LoadLibraryA
LCMapStringW
FreeLibrary
GetFileSize
MoveFileExW
CloseHandle
DeleteFileW
FormatMessageW
SetFileAttributesW
GetFileAttributesW
CreateFileW
FindClose
GetTempPathW
GetModuleFileNameW
FindNextFileW
SetLastError
FindFirstFileW
ReadFile
SetDllDirectoryW
GetProcessHeap
LocalFree
GetProcAddress
HeapAlloc
LoadLibraryW
GetSystemDirectoryW
LocalAlloc
HeapFree
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
UnmapViewOfFile
InitializeCriticalSectionEx
WriteConsoleW
GetConsoleCP
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
SetFilePointerEx
ReadConsoleW
GetConsoleMode
SetStdHandle
EnumSystemLocalesW
IsValidLocale
GetCommandLineW
GetCommandLineA
GetStdHandle
ExitProcess
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
GetTimeZoneInformation
GetFileType
LoadLibraryExW
RtlUnwind
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetLocaleInfoW
CompareStringW
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
GetFullPathNameW
WriteFile
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcessId
SetFilePointer
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateEventW
VerSetConditionMask
VerifyVersionInfoW
GetFileSizeEx
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
TerminateProcess
HeapSize
SetEvent
HeapReAlloc
CreateThread
ResetEvent
HeapDestroy
GetUserDefaultLangID
GetUserDefaultUILanguage
AreFileApisANSI
TryEnterCriticalSection
HeapCreate
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
SetEndOfFile
UnlockFileEx
HeapValidate
GetTempPathA
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
WaitForSingleObjectEx
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
LockFileEx
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
QueryPerformanceCounter
GetTickCount
GetStringTypeW
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc

advapi32

SetSecurityDescriptorDacl
GetSecurityDescriptorDacl
RegGetKeySecurity
RegCloseKey
RegQueryInfoKeyW
RegDeleteKeyW
SetEntriesInAclW
CreateWellKnownSid
RegCreateKeyExW
RegEnumKeyExW
RegSetKeySecurity
RegSetValueExW
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW

shell32

SHGetFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW
SHCreateDirectoryExW
SHGetSpecialFolderPathW

ole32

StringFromGUID2
CLSIDFromString
OleRun
CLSIDFromProgID
CoCreateInstance
CoUninitialize
CoInitialize
CoTaskMemFree
CoCreateGuid

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

shlwapi

PathAppendW
PathIsDirectoryW
PathFindFileNameW
PathFileExistsW
PathRemoveExtensionW
PathAddExtensionW
PathRemoveFileSpecW
PathFileExistsA
PathRenameExtensionW
PathIsFileSpecW

oleaut32

VariantClear
SysAllocString
SysFreeString
VariantInit
VariantCopy
GetErrorInfo

Sections

.text
Size: 943KB - Virtual size: 943KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 157KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/ADC/HDBox/HDBox.pimx
packages/ADC/HDBox/HDBox.sig
.xml
packages/ADC/IPCBox/IPCBox.pima
.zip
AdobeIPCBroker.exe
.exe windows:6 windows x86 arch:x86

685cb40be36ee3009d23cfffe8ef06a3

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

89:4a:c1:28:97:0c:b1:03:f9:14:50:5c:3b:81:a8:d2:11:8b:24:8e:30:38:c9:ae:aa:b4:20:c5:5d:92:85:1a
Signer

Actual PE Digest

89:4a:c1:28:97:0c:b1:03:f9:14:50:5c:3b:81:a8:d2:11:8b:24:8e:30:38:c9:ae:aa:b4:20:c5:5d:92:85:1a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdobeIPCBroker.pdb

Imports

kernel32

GetProcAddress
LoadLibraryA
GetStdHandle
GetModuleFileNameW
DecodePointer
RaiseException
FindClose
InitializeCriticalSectionEx
FindNextFileW
FindFirstFileW
CreateSemaphoreW
CreateProcessW
lstrcpyW
GlobalFree
SetEvent
CreateEventW
WaitForSingleObject
WaitForMultipleObjects
CreateWaitableTimerW
SetWaitableTimer
SetDllDirectoryW
CloseHandle
GetLastError
FreeLibrary
ReleaseSemaphore
CreateMutexW
GetCommandLineW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetUserDefaultLCID
SwitchToThread
GetLocalTime
DeleteFileW
GetFileAttributesW
ReadFile
WriteFile
ConnectNamedPipe
GetOverlappedResult
Sleep
GetCurrentThread
GetCurrentThreadId
GetTickCount
FreeEnvironmentStringsW
GetEnvironmentVariableW
GetCurrentProcessId
GetSystemInfo
GetCurrentProcess
TerminateProcess
OpenProcess
GlobalAlloc
LocalAlloc
LocalFree
SetStdHandle
GetEnvironmentStringsW
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FlushFileBuffers
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
SetEndOfFile
SetFilePointerEx
UnlockFile
DuplicateHandle
PeekNamedPipe
CreateNamedPipeW
GetNamedPipeInfo
ResetEvent
ReleaseMutex
SetThreadPriority
GetThreadPriority
TlsAlloc
TlsGetValue
TlsSetValue
VirtualAlloc
VirtualFree
GetLocaleInfoW
MapViewOfFile
UnmapViewOfFile
GetModuleHandleExW
LoadLibraryExW
MoveFileExW
RtlCaptureStackBackTrace
LCMapStringW
SetFilePointer
FormatMessageW
LocalReAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
GetModuleFileNameA
GetSystemDirectoryA
GetDynamicTimeZoneInformation
GetConsoleMode
WriteConsoleA
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
WriteConsoleW
GetVersionExW
GetNativeSystemInfo
SetLastError
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
CreateThreadpool
SetThreadpoolThreadMaximum
SetThreadpoolThreadMinimum
CloseThreadpool
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
GetProcessTimes
K32GetProcessMemoryInfo
WakeConditionVariable
LoadLibraryW
QueryPerformanceCounter
FormatMessageA
GetSystemTime
SystemTimeToFileTime
GetProcessHeap
GetFileSize
HeapDestroy
HeapCompact
HeapAlloc
HeapReAlloc
DeleteFileA
WaitForSingleObjectEx
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesA
GetDiskFreeSpaceA
GetTempPathA
HeapSize
HeapValidate
UnlockFileEx
GetFullPathNameA
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
HeapFree
HeapCreate
AreFileApisANSI
TryEnterCriticalSection
GetLocaleInfoEx
QueryPerformanceFrequency
GetExitCodeThread
InitOnceBeginInitialize
InitOnceComplete
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsFree
GetModuleHandleW
GetCPInfo
GetStringTypeW
CompareStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
CreateTimerQueue
SignalObjectAndWait
CreateThread
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
VirtualProtect
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
ExitThread
ResumeThread
GetTimeZoneInformation
GetDriveTypeW
GetFileInformationByHandle
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitProcess
GetCommandLineA
ReadConsoleW
GetConsoleCP
GetDateFormatW
GetTimeFormatW
IsValidLocale
EnumSystemLocalesW
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
WideCharToMultiByte
MultiByteToWideChar
CreateFileMappingW
GetTempPathW

user32

PostMessageW
PostQuitMessage
DestroyWindow
MsgWaitForMultipleObjectsEx
GetWindowLongW
GetShellWindow
EnumWindows
GetWindowThreadProcessId
DispatchMessageW
TranslateMessage
KillTimer
SetTimer
SetWindowLongW
RegisterClassW
CreateWindowExW
DefWindowProcW
PeekMessageW

ole32

CoUninitialize
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoCreateGuid
StringFromGUID2
CoTaskMemFree

oleaut32

SysFreeString
SysAllocString
VariantClear

winhttp

WinHttpQueryHeaders
WinHttpQueryAuthSchemes
WinHttpOpen
WinHttpWriteData
WinHttpCrackUrl
WinHttpSetOption
WinHttpSetCredentials
WinHttpAddRequestHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpQueryDataAvailable
WinHttpConnect
WinHttpSetStatusCallback
WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpReceiveResponse

shlwapi

UrlIsW
PathCreateFromUrlW
PathFileExistsW

crclient

?CrashReporterInitialize@@YA_NPAXPBD1111P6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@@Z

bcrypt

BCryptDestroyHash
BCryptFinishHash
BCryptGetProperty
BCryptCreateHash
BCryptOpenAlgorithmProvider
BCryptHashData

advapi32

OpenProcessToken
AdjustTokenPrivileges
AllocateAndInitializeSid
DuplicateTokenEx
EqualSid
FreeSid
GetLengthSid
GetSidSubAuthority
GetTokenInformation
SetTokenInformation
LookupPrivilegeValueW
CreateProcessWithTokenW
ConvertStringSidToSidW
GetUserNameW
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW

shell32

SHCreateDirectoryExW
SHGetKnownFolderPath
CommandLineToArgvW
ShellExecuteExW

ws2_32

WSASetLastError
gethostbyname
inet_ntoa
getservbyname
getservbyport
gethostbyaddr
htonl
ntohs
bind
closesocket
connect
ioctlsocket
getsockname
getsockopt
htons
listen
recv
select
send
socket
WSAStartup
WSACleanup
WSAGetLastError
__WSAFDIsSet
inet_addr

wininet

DetectAutoProxyUrl

Exports

Exports

UTF8ToHtml
UTF8Toisolat1
__docbDefaultSAXHandler
__htmlDefaultSAXHandler
__oldXMLWDcompatibility
__xmlBufferAllocScheme
__xmlDefaultBufferSize
__xmlDefaultSAXHandler
__xmlDefaultSAXLocator
__xmlDeregisterNodeDefaultValue
__xmlDoValidityCheckingDefaultValue
__xmlErrEncoding
__xmlGenericError
__xmlGenericErrorContext
__xmlGetWarningsDefaultValue
__xmlIndentTreeOutput
__xmlKeepBlanksDefaultValue
__xmlLastError
__xmlLineNumbersDefaultValue
__xmlLoadExtDtdDefaultValue
__xmlOutputBufferCreateFilenameValue
__xmlParserDebugEntities
__xmlParserInputBufferCreateFilenameValue
__xmlParserVersion
__xmlPedanticParserDefaultValue
__xmlRaiseError
__xmlRegisterNodeDefaultValue
__xmlSaveNoEmptyTags
__xmlSimpleError
__xmlStructuredError
__xmlStructuredErrorContext
__xmlSubstituteEntitiesDefaultValue
__xmlTreeIndentString
docbDefaultSAXHandlerInit
emptyExp
forbiddenExp
gudeCancel
gudeClearCache
gudeCreate
gudeDestroy
gudeDownload
gudeDownloadRangeToMemory
gudeDownloadToMemory
gudeDownloadWithSize
gudeErrorString
gudeHTTPStatusString
gudePause
gudeRegisterAddChunkHeaderCallback
gudeRegisterAddHeaderCallback
gudeRegisterAddParametersCallback
gudeRegisterAssertCallback
gudeRegisterCancellationCallback
gudeRegisterChunkErrorRetryCallback
gudeRegisterCompletionCallback
gudeRegisterErrorCallback
gudeRegisterLoggingCallback
gudeRegisterMonitorCallback
gudeRegisterPausedCallback
gudeRegisterProgressCallback
gudeRegisterRequestBodyCallback
gudeRegisterResponseBodyCallback
gudeRegisterResponseHeaderCallback
gudeRegisterSSLCertificatePolicyCallback
gudeRegisterSetServerTypeCallback
gudeRegisterSetTimeoutCallback
gudeRegisterSetTimeoutResourceCallback
gudeRegisterStatusLineCallback
gudeResume
gudeSendRequest
gudeSetLogLevel
gudeSetMultipartUploadThreshold
gudeSetSystemProxyCredentials
gudeSetTargetDataRates
gudeSetWorkerPoolUpperLimit
gudeUpload
gudeUploadFromMemory
gudeVersion
htmlAttrAllowed
htmlAutoCloseTag
htmlCreateFileParserCtxt
htmlCreateMemoryParserCtxt
htmlCreatePushParserCtxt
htmlCtxtReadDoc
htmlCtxtReadFd
htmlCtxtReadFile
htmlCtxtReadIO
htmlCtxtReadMemory
htmlCtxtReset
htmlCtxtUseOptions
htmlDefaultSAXHandlerInit
htmlDocContentDumpFormatOutput
htmlDocContentDumpOutput
htmlDocDump
htmlDocDumpMemory
htmlDocDumpMemoryFormat
htmlElementAllowedHere
htmlElementStatusHere
htmlEncodeEntities
htmlEntityLookup
htmlEntityValueLookup
htmlFreeParserCtxt
htmlGetMetaEncoding
htmlHandleOmittedElem
htmlInitAutoClose
htmlIsAutoClosed
htmlIsBooleanAttr
htmlIsScriptAttribute
htmlNewDoc
htmlNewDocNoDtD
htmlNewParserCtxt
htmlNodeDump
htmlNodeDumpFile
htmlNodeDumpFileFormat
htmlNodeDumpFormatOutput
htmlNodeDumpOutput
htmlNodeStatus
htmlParseCharRef
htmlParseChunk
htmlParseDoc
htmlParseDocument
htmlParseElement
htmlParseEntityRef
htmlParseFile
htmlReadDoc
htmlReadFd
htmlReadFile
htmlReadIO
htmlReadMemory
htmlSAXParseDoc
htmlSAXParseFile
htmlSaveFile
htmlSaveFileEnc
htmlSaveFileFormat
htmlSetMetaEncoding
htmlTagLookup
initGenericErrorDefaultFunc
initdocbDefaultSAXHandler
inithtmlDefaultSAXHandler
initxmlDefaultSAXHandler
inputPop
inputPush
isolat1ToUTF8
namePop
namePush
nodePop
nodePush
valuePop
valuePush
xmlACatalogAdd
xmlACatalogDump
xmlACatalogRemove
xmlACatalogResolve
xmlACatalogResolvePublic
xmlACatalogResolveSystem
xmlACatalogResolveURI
xmlAddAttributeDecl
xmlAddChild
xmlAddChildList
xmlAddDocEntity
xmlAddDtdEntity
xmlAddElementDecl
xmlAddEncodingAlias
xmlAddID
xmlAddNextSibling
xmlAddNotationDecl
xmlAddPrevSibling
xmlAddRef
xmlAddSibling
xmlAllocOutputBuffer
xmlAllocParserInputBuffer
xmlAttrSerializeTxtContent
xmlAutomataCompile
xmlAutomataGetInitState
xmlAutomataIsDeterminist
xmlAutomataNewAllTrans
xmlAutomataNewCountTrans
xmlAutomataNewCountTrans2
xmlAutomataNewCountedTrans
xmlAutomataNewCounter
xmlAutomataNewCounterTrans
xmlAutomataNewEpsilon
xmlAutomataNewNegTrans
xmlAutomataNewOnceTrans
xmlAutomataNewOnceTrans2
xmlAutomataNewState
xmlAutomataNewTransition
xmlAutomataNewTransition2
xmlAutomataSetFinalState
xmlBoolToText
xmlBufContent
xmlBufEnd
xmlBufGetNodeContent
xmlBufNodeDump
xmlBufShrink
xmlBufUse
xmlBufferAdd
xmlBufferAddHead
xmlBufferCCat
xmlBufferCat
xmlBufferContent
xmlBufferCreate
xmlBufferCreateSize
xmlBufferCreateStatic
xmlBufferDetach
xmlBufferDump
xmlBufferEmpty
xmlBufferFree
xmlBufferGrow
xmlBufferLength
xmlBufferResize
xmlBufferSetAllocationScheme
xmlBufferShrink
xmlBufferWriteCHAR
xmlBufferWriteChar
xmlBufferWriteQuotedString
xmlBuildQName
xmlBuildRelativeURI
xmlBuildURI
xmlByteConsumed
xmlCanonicPath
xmlCatalogAdd
xmlCatalogAddLocal
xmlCatalogCleanup
xmlCatalogConvert
xmlCatalogDump
xmlCatalogFreeLocal
xmlCatalogGetDefaults
xmlCatalogGetPublic
xmlCatalogGetSystem
xmlCatalogIsEmpty
xmlCatalogLocalResolve
xmlCatalogLocalResolveURI
xmlCatalogRemove
xmlCatalogResolve
xmlCatalogResolvePublic
xmlCatalogResolveSystem
xmlCatalogResolveURI
xmlCatalogSetDebug
xmlCatalogSetDefaultPrefer
xmlCatalogSetDefaults
xmlCharEncCloseFunc
xmlCharEncFirstLine
xmlCharEncInFunc
xmlCharEncOutFunc
xmlCharInRange
xmlCharStrdup
xmlCharStrndup
xmlCheckFilename
xmlCheckHTTPInput
xmlCheckLanguageID
xmlCheckUTF8
xmlCheckVersion
xmlChildElementCount
xmlCleanupCharEncodingHandlers
xmlCleanupEncodingAliases
xmlCleanupGlobals
xmlCleanupInputCallbacks
xmlCleanupMemory
xmlCleanupOutputCallbacks
xmlCleanupParser
xmlCleanupThreads
xmlClearNodeInfoSeq
xmlClearParserCtxt
xmlConvertSGMLCatalog
xmlCopyAttributeTable
xmlCopyChar
xmlCopyCharMultiByte
xmlCopyDoc
xmlCopyDocElementContent
xmlCopyDtd
xmlCopyElementContent
xmlCopyElementTable
xmlCopyEntitiesTable
xmlCopyEnumeration
xmlCopyError
xmlCopyNamespace
xmlCopyNamespaceList
xmlCopyNode
xmlCopyNodeList
xmlCopyNotationTable
xmlCopyProp
xmlCopyPropList
xmlCreateDocParserCtxt
xmlCreateEntitiesTable
xmlCreateEntityParserCtxt
xmlCreateEnumeration
xmlCreateFileParserCtxt
xmlCreateIOParserCtxt
xmlCreateIntSubset
xmlCreateMemoryParserCtxt
xmlCreatePushParserCtxt
xmlCreateURI
xmlCreateURLParserCtxt
xmlCtxtGetLastError
xmlCtxtReadDoc
xmlCtxtReadFd
xmlCtxtReadFile
xmlCtxtReadIO
xmlCtxtReadMemory
xmlCtxtReset
xmlCtxtResetLastError
xmlCtxtResetPush
xmlCtxtUseOptions
xmlCurrentChar
xmlDOMWrapAdoptNode
xmlDOMWrapCloneNode
xmlDOMWrapFreeCtxt
xmlDOMWrapNewCtxt
xmlDOMWrapReconcileNamespaces
xmlDOMWrapRemoveNode
xmlDebugCheckDocument
xmlDebugDumpAttr
xmlDebugDumpAttrList
xmlDebugDumpDTD
xmlDebugDumpDocument
xmlDebugDumpDocumentHead
xmlDebugDumpEntities
xmlDebugDumpNode
xmlDebugDumpNodeList
xmlDebugDumpOneNode
xmlDebugDumpString
xmlDefaultSAXHandlerInit
xmlDelEncodingAlias
xmlDeregisterNodeDefault
xmlDetectCharEncoding
xmlDictCleanup
xmlDictCreate
xmlDictCreateSub
xmlDictExists
xmlDictFree
xmlDictGetUsage
xmlDictLookup
xmlDictOwns
xmlDictQLookup
xmlDictReference
xmlDictSetLimit
xmlDictSize
xmlDocCopyNode
xmlDocCopyNodeList
xmlDocDump
xmlDocDumpFormatMemory
xmlDocDumpFormatMemoryEnc
xmlDocDumpMemory
xmlDocDumpMemoryEnc
xmlDocFormatDump
xmlDocGetRootElement
xmlDocSetRootElement
xmlDumpAttributeDecl
xmlDumpAttributeTable
xmlDumpElementDecl
xmlDumpElementTable
xmlDumpEntitiesTable
xmlDumpEntityDecl
xmlDumpNotationDecl
xmlDumpNotationTable
xmlElemDump
xmlEncodeEntitiesReentrant
xmlEncodeSpecialChars
xmlErrMemory
xmlEscapeFormatString
xmlExpCtxtNbCons
xmlExpCtxtNbNodes
xmlExpDump
xmlExpExpDerive
xmlExpFree
xmlExpFreeCtxt
xmlExpGetLanguage
xmlExpGetStart
xmlExpIsNillable
xmlExpMaxToken
xmlExpNewAtom
xmlExpNewCtxt
xmlExpNewOr
xmlExpNewRange
xmlExpNewSeq
xmlExpParse
xmlExpRef
xmlExpStringDerive
xmlExpSubsume
xmlFileClose
xmlFileMatch
xmlFileOpen
xmlFileRead
xmlFindCharEncodingHandler
xmlFirstElementChild
xmlFree
xmlFreeAttributeTable
xmlFreeAutomata
xmlFreeCatalog
xmlFreeDoc
xmlFreeDocElementContent
xmlFreeDtd
xmlFreeElementContent
xmlFreeElementTable
xmlFreeEntitiesTable
xmlFreeEnumeration
xmlFreeIDTable
xmlFreeInputStream
xmlFreeMutex
xmlFreeNode
xmlFreeNodeList
xmlFreeNotationTable
xmlFreeNs
xmlFreeNsList
xmlFreeParserCtxt
xmlFreeParserInputBuffer
xmlFreePattern
xmlFreePatternList
xmlFreeProp
xmlFreePropList
xmlFreeRMutex
xmlFreeRefTable
xmlFreeStreamCtxt
xmlFreeTextReader
xmlFreeURI
xmlFreeValidCtxt
xmlGcMemGet
xmlGcMemSetup
xmlGetBufferAllocationScheme
xmlGetCharEncodingHandler
xmlGetCharEncodingName
xmlGetCompressMode
xmlGetDocCompressMode
xmlGetDocEntity
xmlGetDtdAttrDesc
xmlGetDtdElementDesc
xmlGetDtdEntity
xmlGetDtdNotationDesc
xmlGetDtdQAttrDesc
xmlGetDtdQElementDesc
xmlGetEncodingAlias
xmlGetExternalEntityLoader
xmlGetGlobalState
xmlGetID
xmlGetIntSubset
xmlGetLastChild
xmlGetLastError
xmlGetLineNo
xmlGetNoNsProp
xmlGetNodePath
xmlGetNsList
xmlGetNsProp
xmlGetParameterEntity
xmlGetPredefinedEntity
xmlGetProp
xmlGetRefs
xmlGetThreadId
xmlGetUTF8Char
xmlHasFeature
xmlHasNsProp
xmlHasProp
xmlHashAddEntry
xmlHashAddEntry2
xmlHashAddEntry3
xmlHashCopy
xmlHashCreate
xmlHashCreateDict
xmlHashDefaultDeallocator
xmlHashFree
xmlHashLookup
xmlHashLookup2
xmlHashLookup3
xmlHashQLookup
xmlHashQLookup2
xmlHashQLookup3
xmlHashRemoveEntry
xmlHashRemoveEntry2
xmlHashRemoveEntry3
xmlHashScan
xmlHashScan3
xmlHashScanFull
xmlHashScanFull3
xmlHashSize
xmlHashUpdateEntry
xmlHashUpdateEntry2
xmlHashUpdateEntry3
xmlIOFTPClose
xmlIOFTPMatch
xmlIOFTPOpen
xmlIOFTPRead
xmlIOHTTPClose
xmlIOHTTPMatch
xmlIOHTTPOpen
xmlIOHTTPOpenW
xmlIOHTTPRead
xmlIOParseDTD
xmlInitCharEncodingHandlers
xmlInitGlobals
xmlInitMemory
xmlInitNodeInfoSeq
xmlInitParser
xmlInitParserCtxt
xmlInitThreads
xmlInitializeCatalog
xmlInitializeDict
xmlInitializeGlobalState
xmlIsBaseChar
xmlIsBaseCharGroup
xmlIsBlank
xmlIsBlankNode

Sections

.text
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 862KB - Virtual size: 862KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 66KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 176KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRClient.dll
.dll windows:6 windows x86 arch:x86

29e9cbc554c744fa04ee38a3e49e97dd

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:97:20:35:8c:4b:9d:29:7d:48:56:96:01:6c:bd:a2:c3:7e:e3:7f:f7:b4:fb:e7:a3:85:33:c0:ad:80:64:79
Signer

Actual PE Digest

64:97:20:35:8c:4b:9d:29:7d:48:56:96:01:6c:bd:a2:c3:7e:e3:7f:f7:b4:fb:e7:a3:85:33:c0:ad:80:64:79

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\Win32\Release_MT\CRClient.pdb

Imports

dbghelp

StackWalk64
SymGetModuleBase64
SymFunctionTableAccess64
SymFromAddr
SymGetModuleInfo64
SymInitialize

kernel32

GetCurrentProcess
MultiByteToWideChar
LoadResource
LockResource
SizeofResource
FindResourceW
FindResourceExW
GetModuleHandleW
CloseHandle
CreateThread
WaitForSingleObject
GetModuleFileNameW
FreeLibrary
ReadFile
GetCurrentThreadId
ReadProcessMemory
TerminateProcess
GetCurrentProcessId
TerminateThread
OpenThread
GetThreadId
GetProcessId
K32GetModuleFileNameExW
SuspendThread
GetThreadContext
ResumeThread
ConnectNamedPipe
LocaleNameToLCID
WerRegisterRuntimeExceptionModule
WerUnregisterRuntimeExceptionModule
WideCharToMultiByte
VerSetConditionMask
VerifyVersionInfoW
GetTimeZoneInformation
CreateProcessW
CreateNamedPipeW
WriteFile
FlushFileBuffers
DisconnectNamedPipe
CreateFileW
GetFileAttributesExW
GetOEMCP
GetACP
IsValidCodePage
WriteProcessMemory
GetProcAddress
IsValidLocale
GetTimeFormatW
GetDateFormatW
ReadConsoleW
GetConsoleMode
GetConsoleCP
GetFileSizeEx
GetFileType
GetStdHandle
ExitProcess
SetEnvironmentVariableW
GetModuleHandleExW
ExitThread
SetConsoleCtrlHandler
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualFree
VirtualAlloc
GetVersionExW
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
VirtualProtect
SetUnhandledExceptionFilter
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
LoadLibraryW
EnumSystemLocalesW
DecodePointer
DeleteCriticalSection
InitializeCriticalSectionEx
GetLastError
RaiseException
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
GetUserDefaultLCID
SignalObjectAndWait
CreateTimerQueue
InitializeSListHead
GetStartupInfoW
IsProcessorFeaturePresent
UnhandledExceptionFilter
ResetEvent
SetEvent
OutputDebugStringW
IsDebuggerPresent
GetLocaleInfoW
GetStringTypeW
DuplicateHandle
WaitForSingleObjectEx
Sleep
SwitchToThread
GetCurrentThread
GetExitCodeThread
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
QueryPerformanceCounter
QueryPerformanceFrequency
FindClose
FindFirstFileExW
FindNextFileW
SetEndOfFile
SetFilePointerEx
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetCPInfo
CompareStringW
LCMapStringW

user32

SetPropW
RemovePropW
EnumWindows
GetWindowThreadProcessId
IsWindowVisible
IsHungAppWindow
DisableProcessWindowsGhosting
MessageBoxW
GetWindowTextW
GetWindowTextLengthW
ReleaseDC
DrawIconEx
GetSysColor
GetDC
SetFocus
GetDlgCtrlID
IsDlgButtonChecked
PostMessageW
ShowWindow
GetSystemMenu
EnableMenuItem
EnableWindow
CheckDlgButton
GetSysColorBrush
EndDialog
GetWindow
SetWindowTextW
SetDlgItemTextW
SetWindowPos
OffsetRect
CopyRect
GetDesktopWindow
GetKeyState
GetDlgItem
GetWindowLongW
GetParent
SetCursor
LoadCursorW
ReleaseCapture
PtInRect
ClientToScreen
GetWindowRect
SetCapture
InvalidateRect
GetCapture
SendMessageW
SetWindowLongW
CallWindowProcW
GetPropW
DialogBoxIndirectParamW

gdi32

DeleteDC
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SetBkMode
CreateFontIndirectW
GetObjectW
DeleteObject
SetTextColor

advapi32

RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW

shell32

SHCreateDirectoryExW
ord6
SHGetKnownFolderPath

ole32

CoCreateGuid
CoTaskMemFree

shlwapi

PathAppendW
PathFileExistsW

Exports

Exports

?AddCRCustomData@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@I@Z
?AdobeCrashReporterEnableSignalHandling@@YA_NP6AXHV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@ZW4AdobeCrashReporterShowDialogForSignals@@I@Z
?CrashReporterInitialize@@YA_NPAXPBD1111P6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@ZP6AXXZ_NW4AdobeCrashReporterScalingFactor@@@Z
?GetCRDialogOptions@@YAHXZ
?GetCRLastErrorCode@@YA?AW4ERROR_CR@@XZ
?SetCRDialogOptions@@YA_NH@Z
?SetCRDialogSaclingFactor@@YA_NW4AdobeCrashReporterScalingFactor@@@Z
?SetCRDialogUserEmail@@YA_NV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetCRDisplayName@@YA_NPBD@Z
?SetCRHighbeamSessionId@@YA_NPBD@Z
?SetCRHighbeamSessionInfo@@YA_NPAXPBG@Z
?SetCRIMSUserGuid@@YA_NPBD_N@Z
?SetCRLocale@@YA_NPBD@Z
?SetCRParentWnd@@YA_NPAX@Z
?SetCRPostHandler@@YA_NP6AXXZ@Z
?SetCRPostHandlerPassingExceptionInfoAndContext@@YA_NP6AXPAU_EXCEPTION_RECORD@@PAU_CONTEXT@@@Z@Z
?SetCRPosthandlerThreadPreference@@YA_N_N@Z
?SetCRPreHandler@@YA_NP6AIAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z@Z
?ShowCRDialogOnlyOnFirstCrash@@YA_NXZ
OutOfProcessExceptionEventCallback
OutOfProcessExceptionEventDebuggerLaunchCallback
OutOfProcessExceptionEventSignatureCallback

Sections

.text
Size: 585KB - Virtual size: 584KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRLogTransport.exe
.exe windows:6 windows x86 arch:x86

70ac13cda5d9728ade81378aec8b09b7

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5c:58:5e:a0:4f:68:08:c6:e6:12:4d:fe:e8:4d:4c:91:37:10:4e:be:ba:5c:9d:92:64:87:f0:e8:10:eb:ad:52
Signer

Actual PE Digest

5c:58:5e:a0:4f:68:08:c6:e6:12:4d:fe:e8:4d:4c:91:37:10:4e:be:ba:5c:9d:92:64:87:f0:e8:10:eb:ad:52

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\CRLogTransport\public\binary\Win\x86\Release_MT\CRLogTransport.pdb

Imports

shlwapi

PathIsDirectoryW
PathFileExistsW

wininet

InternetConnectW
InternetCloseHandle
HttpSendRequestW
InternetCrackUrlW
InternetSetOptionW
InternetSetOptionA
InternetOpenW
InternetSetStatusCallbackW
InternetQueryDataAvailable
InternetQueryOptionW
HttpOpenRequestW
InternetReadFile
HttpQueryInfoW

kernel32

GetACP
MultiByteToWideChar
WideCharToMultiByte
CompareFileTime
FindFirstFileW
FindNextFileW
FindClose
CreateFileW
FreeEnvironmentStringsW
DeleteFileW
CloseHandle
GetProcAddress
MoveFileExW
FreeLibrary
GetEnvironmentStringsW
GetFileTime
GetLastError
FlushFileBuffers
GetModuleFileNameW
HeapFree
InitializeCriticalSectionEx
HeapSize
Sleep
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
DeleteCriticalSection
GetProcessHeap
GetSystemTimeAsFileTime
WriteFile
GetFileSizeEx
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ReadConsoleW
SetStdHandle
GetTimeZoneInformation
WriteConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
SetEnvironmentVariableW
ReadFile
GetStdHandle
GetModuleHandleExW
ExitProcess
SetConsoleCtrlHandler
FormatMessageW
GetStringTypeW
EnterCriticalSection
LeaveCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
FormatMessageA
LocalFree
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
OutputDebugStringW
RtlUnwind
LoadLibraryExW
GetFileType
GetCommandLineA

shell32

SHCreateDirectoryExW
SHGetFolderPathW

Sections

.text
Size: 396KB - Virtual size: 396KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
CRWindowsClientService.exe
.exe windows:6 windows x86 arch:x86

f59dde8e3179a88f7bec327c2a53d655

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

21:c4:83:90:fc:b8:23:48:38:93:82:24:10:88:04:d6:33:62:26:df:a4:cd:38:48:91:d4:e5:84:47:be:41:dd
Signer

Actual PE Digest

21:c4:83:90:fc:b8:23:48:38:93:82:24:10:88:04:d6:33:62:26:df:a4:cd:38:48:91:d4:e5:84:47:be:41:dd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Users\cruser\workspace\CR-Windows-x86-Client-Builder\Win32\Release_MT\CRWindowsClientService.pdb

Imports

dbghelp

MiniDumpWriteDump

wininet

HttpQueryInfoW
InternetOpenW
HttpSendRequestW
HttpOpenRequestW
InternetConnectW
InternetCloseHandle

kernel32

RaiseException
GetLastError
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetExitCodeProcess
OpenThread
GetExitCodeThread
OpenProcess
FindResourceExW
LoadResource
LockResource
SizeofResource
FindResourceW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
LocalFree
ReadFile
WriteFile
CloseHandle
GetCurrentProcess
GetTimeZoneInformation
GlobalMemoryStatusEx
GetSystemInfo
GetLocaleInfoEx
GetFileAttributesExW
GetCurrentThreadId
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
ReadConsoleW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
DecodePointer
CreateFileW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
WriteConsoleW
InitializeSListHead
RtlUnwind
SetEnvironmentVariableW
GetCurrentProcessId
GetFileSizeEx
GetFileType
GetStdHandle
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
GetStartupInfoW
IsProcessorFeaturePresent
TerminateProcess
DeleteFileW
MoveFileExW
LoadLibraryExW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
FormatMessageW
QueryPerformanceCounter
FindClose
FindFirstFileExW
FindNextFileW
SetEndOfFile
SetFilePointerEx
EncodePointer
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FreeLibrary

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
RegCreateKeyExW
RegQueryValueExW
RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey

shell32

ShellExecuteW
CommandLineToArgvW
SHCreateDirectoryExW
SHGetKnownFolderPath

ole32

CoCreateInstance
CoUninitialize
CoInitializeEx
CoSetProxyBlanket
CoCreateGuid
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
VariantClear

shlwapi

PathAppendW
PathFileExistsW

Sections

.text
Size: 407KB - Virtual size: 406KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
StartupOptions.xml
.xml
cr_win_client_config.cfg
customhook/AdobeIPCBrokerCustomHook.exe
.exe windows:6 windows x86 arch:x86

870810ea1d1d996da7743cf438651939

Code Sign

0c:19:f0:ed:b8:b3:c2:1e:dd:b7:4c:cc:6d:46:50:25
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:2a:cd:4e:53:d7:65:52:bf:7f:31:14:a0:d0:d8:4e:22:db:73:a4:34:04:e0:03:70:9e:81:e2:c3:28:c0:e1
Signer

Actual PE Digest

07:2a:cd:4e:53:d7:65:52:bf:7f:31:14:a0:d0:d8:4e:22:db:73:a4:34:04:e0:03:70:9e:81:e2:c3:28:c0:e1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

AdobeIPCBrokerCustomHook.pdb

Imports

shlwapi

PathAppendW
PathRemoveFileSpecW

kernel32

GetCurrentProcessId
WriteConsoleW
HeapSize
TerminateProcess
GetModuleFileNameW
GetTempPathW
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Sleep
GetLastError
Process32NextW
Process32FirstW
CloseHandle
CreateProcessW
CreateFileW
GetProcessHeap
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
EncodePointer
DecodePointer
MultiByteToWideChar
WideCharToMultiByte
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
SetEndOfFile
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
FreeLibrary
LoadLibraryExW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
GetFileSizeEx
SetFilePointerEx
GetFileType
HeapAlloc
HeapFree
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
ReadConsoleW
HeapReAlloc
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP

user32

FindWindowExW
PostMessageW

shell32

SHGetFolderPathW

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
icudtl.dat
packages/ADC/IPCBox/IPCBox.pimx
packages/ADC/IPCBox/IPCBox.sig
.xml
packages/ADC/LCC/LCC.pima
.zip .ps1 polyglot
IMSLib.dll
.dll windows:5 windows x86 arch:x86

40814f5b7859965691b9179df06ced28

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:b1:c2:37:35:65:92:d1:6e:f8:dc:92:e6:ad:c3:19:de:84:45:fe:8e:e5:9f:2d:1d:d1:7b:1c:72:43:cb:37
Signer

Actual PE Digest

0e:b1:c2:37:35:65:92:d1:6e:f8:dc:92:e6:ad:c3:19:de:84:45:fe:8e:e5:9f:2d:1d:d1:7b:1c:72:43:cb:37

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\builds\AAM\10.0\source\dev\aamcore\target\win\Release\OOBECommon\IMSLib.pdb

Imports

winhttp

WinHttpOpen
WinHttpCrackUrl
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSetCredentials
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstanceIdW
CM_Get_DevNode_Status

kernel32

CloseHandle
CreateThread
ResetEvent
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReadFile
SetLastError
GetCurrentProcess
WriteFile
TerminateProcess
GetModuleFileNameW
GetTempPathW
CreateMutexW
FindClose
LocalAlloc
CreateFileW
GetFileAttributesW
GetVersionExW
ReleaseMutex
SetFileAttributesW
Sleep
DeleteFileW
RaiseException
DecodePointer
GetProcAddress
LocalFree
MoveFileExW
GetFileSize
SystemTimeToFileTime
CreateProcessW
GetModuleHandleW
CopyFileW
WideCharToMultiByte
GetSystemTime
FlushFileBuffers
InterlockedDecrement
InterlockedIncrement
ReleaseSemaphore
GetCurrentProcessId
CreateDirectoryW
LoadLibraryW
FreeLibrary
GetLastError
GetTimeFormatW
GetDateFormatW
GlobalFree
QueryPerformanceCounter
GetStdHandle
GetFileType
GetCurrentThreadId
GetModuleHandleA
GetTickCount
LoadLibraryA
GlobalMemoryStatus
FlushConsoleInputBuffer
SetFilePointer
GetFileSizeEx
OpenMutexW
GetFileAttributesExW
CreateSymbolicLinkW
AreFileApisANSI
HeapCreate
HeapFree
GetFullPathNameW
InterlockedCompareExchange
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
OutputDebugStringW
CreateFileA
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
GetTimeZoneInformation
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
MultiByteToWideChar
CreateEventW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjects
GetModuleFileNameA
GetACP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
SetEvent
GetCurrentDirectoryW
SetStdHandle
SetFilePointerEx
ReadConsoleW
GetConsoleCP
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetLocalTime
SetConsoleCtrlHandler
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
VirtualProtect
VirtualFree
VirtualAlloc
LoadLibraryExW
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
EncodePointer
GetStringTypeW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
DuplicateHandle
WaitForSingleObjectEx
GetCurrentThread
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter

user32

MessageBoxA
wsprintfW
GetUserObjectInformationW
GetProcessWindowStation

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
ReportEventA
RegisterEventSourceA
DeregisterEventSource
SetEntriesInAclW
CreateWellKnownSid
SetNamedSecurityInfoW
GetNamedSecurityInfoW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetKnownFolderPath
SHCreateDirectoryExW

ole32

CoSetProxyBlanket
CoUninitialize
CoInitialize
CLSIDFromString
OleRun
CLSIDFromProgID
CoCreateInstance
StringFromGUID2
CoInitializeSecurity
CoInitializeEx
CoCreateGuid

oleaut32

SysStringLen
GetErrorInfo
VariantClear
VariantChangeType
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
VariantInit

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathIsFileSpecW
PathIsDirectoryW
PathRemoveExtensionW
PathAddExtensionW
PathAppendW
PathRenameExtensionW
PathFindFileNameW

Exports

Exports

IMS_EEPLogin
IMS_createRef
IMS_createRefEx
IMS_createRefExWithXMLParams
IMS_createRefForProductVersion
IMS_deregisterClientFromGroup
IMS_fetchAccessToken
IMS_fetchAccessToken2
IMS_fetchAccounts
IMS_fetchContinueToken
IMS_fetchDefaultUserInfoForClientId
IMS_fetchFeatureFlags
IMS_fetchIDPResponseForKey
IMS_fetchReleaseFlag
IMS_fetchUserProfileData
IMS_getDeviceID
IMS_getProxyCredentialsFromIMSLibSession
IMS_logOutUserForClient
IMS_registerClientToGroup
IMS_releaseData
IMS_releaseRef
IMS_revokeDeviceToken
IMS_setProxyCredentials
IMS_setProxyCredentialsInIMSLibSession
IMS_setRetryAfterResponseHandlingData
IMS_setUserAsDefaultForClientId
IMS_storeDeviceTokenAndUserProfile
IMS_storeDeviceTokenAndUserProfileEx

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 442KB - Virtual size: 441KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
P7Native.dll
.dll windows:5 windows x86 arch:x86

cf80743055a2d0100b8134c1b6e3d72a

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:e9:43:e0:fd:85:58:c6:83:d3:9f:d3:21:47:bf:86:3d:43:11:ca:55:d5:4c:89:29:60:ba:55:91:da:97:fa
Signer

Actual PE Digest

05:e9:43:e0:fd:85:58:c6:83:d3:9f:d3:21:47:bf:86:3d:43:11:ca:55:d5:4c:89:29:60:ba:55:91:da:97:fa

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\builds\AAM\10.0\source\dev\aamcore\target\win\Release\P7Native.pdb

Imports

setupapi

CM_Get_DevNode_Status
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstanceIdW

kernel32

GetLastError
FindClose
GetSystemInfo
FindFirstFileW
FindNextFileW
GetVersionExW
DecodePointer
GetProcAddress
LocalAlloc
LocalFree
GetCurrentProcess
TerminateProcess
RaiseException
SetLastError
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseMutex
WaitForSingleObject
Sleep
GetFileSize
WriteFile
ReadFile
FlushFileBuffers
CloseHandle
GetSystemTime
SystemTimeToFileTime
CreateMutexW
CreateEventW
GetModuleFileNameW
GetModuleHandleW
CreateProcessW
GetTempPathW
RemoveDirectoryW
CreateFileW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
CopyFileW
MoveFileExW
MultiByteToWideChar
WideCharToMultiByte
InterlockedIncrement
GetCurrentProcessId
CreateDirectoryW
FreeLibrary
LoadLibraryW
CreateThread
ConnectNamedPipe
SetDllDirectoryW
CreateNamedPipeW
InterlockedDecrement
LeaveCriticalSection
InitializeCriticalSection
GetTickCount
InitializeCriticalSectionAndSpinCount
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
LockFileEx
CreateFileMappingA
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
HeapReAlloc
DeleteFileA
GetVersionExA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapSize
HeapValidate
UnmapViewOfFile
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
InterlockedCompareExchange
GetFullPathNameW
HeapFree
HeapCreate
AreFileApisANSI
GetCurrentThreadId
TryEnterCriticalSection
GetFileSizeEx
lstrlenW
GetACP
CreateSymbolicLinkW
GetLocalTime
GetTimeFormatW
GetDateFormatW
OpenMutexW
CompareStringW
GetStdHandle
GetFileType
GetModuleHandleA
GlobalMemoryStatus
FlushConsoleInputBuffer
ReadConsoleW
SetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetCurrentDirectoryW
GetModuleFileNameA
SetFilePointerEx
GetConsoleCP
FindFirstFileExA
QueryPerformanceCounter
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
TlsFree
TlsSetValue
TlsGetValue
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
TlsAlloc
EncodePointer
EnterCriticalSection
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
SetConsoleCtrlHandler
ExitProcess
GetTimeZoneInformation
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStartupInfoW
LCMapStringW
GetLocaleInfoW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStringTypeW

user32

wsprintfW
GetProcessWindowStation
MessageBoxA
GetUserObjectInformationW

advapi32

RegisterEventSourceA
DeregisterEventSource
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
SetNamedSecurityInfoW
GetNamedSecurityInfoW
SetEntriesInAclW
FreeSid
AllocateAndInitializeSid
CreateWellKnownSid
GetUserNameW
ReportEventA

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW
SHGetKnownFolderPath
SHGetFolderLocation
SHGetPathFromIDListW
SHGetFolderPathW

ole32

CoInitializeEx
CoTaskMemFree
OleRun
CLSIDFromProgID
CoCreateGuid
StringFromGUID2
CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoUninitialize
CLSIDFromString
CoInitialize

oleaut32

SysAllocStringByteLen
SysStringLen
VariantInit
SysFreeString
SysAllocString
VariantCopy
VariantClear
GetErrorInfo

shlwapi

PathFileExistsW
PathIsDirectoryW
PathFindFileNameW
PathIsFileSpecW
PathRemoveFileSpecW
PathStripPathW
PathAppendW
PathRemoveBackslashW
PathRemoveExtensionW
PathAddExtensionW
PathRenameExtensionW
StrToIntExA

Exports

Exports

finalizeApplet
freeMemory
initializeApplet
processMessage

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 475KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 644B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VulcanBridge.dll
.dll windows:5 windows x86 arch:x86

7ff1aabf9c9f731022064df0d33b8ed1

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

50:2c:39:5f:99:eb:64:1b:31:34:73:83:88:d9:6e:f3:db:c0:5f:50:a9:3e:c9:89:6e:fb:a7:aa:a2:11:26:96
Signer

Actual PE Digest

50:2c:39:5f:99:eb:64:1b:31:34:73:83:88:d9:6e:f3:db:c0:5f:50:a9:3e:c9:89:6e:fb:a7:aa:a2:11:26:96

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\builds\AAM\10.0\source\dev\aamcore\target\win\Release\VulcanBridge.pdb

Imports

vulcanmessage5

?TYPE_PREFIX@SuiteMessage@api5@vulcan@adobe@@2QBDB
?SetConfig@IVulcanMessageDispatcher@api5@vulcan@adobe@@SA?AW4VulcanMessageErrorCode@@PBD0@Z
?GetInstance@IVulcanMessageDispatcher@api5@vulcan@adobe@@SA?AW4VulcanMessageErrorCode@@PAPAV1234@@Z
?ReleaseInstance@IVulcanMessageDispatcher@api5@vulcan@adobe@@SAXXZ
?SetPayload@SuiteMessage@api5@vulcan@adobe@@QAEXPBD@Z
?SetSource@SuiteMessage@api5@vulcan@adobe@@QAEXABVEndPoint@234@@Z
??1SuiteMessage@api5@vulcan@adobe@@UAE@XZ
??0SuiteMessage@api5@vulcan@adobe@@QAE@PBD@Z
??1EndPoint@api5@vulcan@adobe@@UAE@XZ

kernel32

SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
CreateMutexW
WaitForSingleObject
ReleaseMutex
Sleep
GetLastError
CloseHandle
GetCurrentProcessId
CreateDirectoryW
FlushFileBuffers
GetTempPathW
MultiByteToWideChar
WriteFile
SetFilePointer
CreateFileW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReadFile
GetFileSizeEx
GetLocalTime
GetTimeFormatW
WideCharToMultiByte
GetDateFormatW
OpenMutexW
IsValidCodePage
GetConsoleCP
SetFilePointerEx
HeapSize
SetEndOfFile
InitializeCriticalSectionAndSpinCount
TlsSetValue
FindNextFileA
FindFirstFileExA
FindClose
GetProcessHeap
ReadConsoleW
GetConsoleMode
SetStdHandle
GetFullPathNameW
GetCurrentDirectoryW
GetStringTypeW
EncodePointer
DecodePointer
SetLastError
CreateEventW
TlsAlloc
TlsGetValue
WriteConsoleW
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
RaiseException
RtlUnwind
FreeLibrary
LoadLibraryExW
InterlockedFlushSList
GetDriveTypeW
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
MoveFileExW
GetTimeZoneInformation
HeapAlloc
HeapReAlloc
HeapFree
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
GetStdHandle
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW

user32

wsprintfW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

SHCreateDirectoryExW

shlwapi

PathIsDirectoryW
PathAppendW
PathIsFileSpecW
PathRenameExtensionW
PathRemoveExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathAddExtensionW

Exports

Exports

broadcastVulcanEvent
broadcastVulcanEventForLicenseRefresh
broadcastVulcanEventForSignout

Sections

.text
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VulcanMessage4.dll
.dll windows:5 windows x86 arch:x86

fc5b54b3753cd053154301e29bc8b0a6

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7c:4b:a8:38:2b:fe:ee:56:63:97:ff:03:93:bd:9f:ee:b3:98:80:33:75:43:aa:50:07:62:ed:fa:68:b9:88:d1
Signer

Actual PE Digest

7c:4b:a8:38:2b:fe:ee:56:63:97:ff:03:93:bd:9f:ee:b3:98:80:33:75:43:aa:50:07:62:ed:fa:68:b9:88:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\jenkins_slave_all\workspace\Vulcan_4.0.0\s\w-1\vulcan\4.0.0\projects\native\VulcanMessageLib\Binaries\Win32\Release\VulcanMessage4.pdb

Imports

kernel32

FreeLibrary
WideCharToMultiByte
LoadLibraryW
GetProcAddress
InterlockedIncrement
InterlockedDecrement
EncodePointer
DecodePointer
Sleep
InterlockedExchange
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetLastError
HeapFree
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeW
FindFirstFileExW
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
HeapAlloc
LCMapStringW
MultiByteToWideChar
GetCPInfo
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapSize
GetModuleHandleW
ExitProcess
IsProcessorFeaturePresent
HeapCreate
HeapDestroy
WriteFile
GetStdHandle
GetModuleFileNameW
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
FatalAppExitA
GetFullPathNameW
CloseHandle
GetFileInformationByHandle
PeekNamedPipe
GetFileType
CreateFileW
GetCurrentDirectoryW
SetCurrentDirectoryW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
SetHandleCount
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeW
HeapReAlloc
SetConsoleCtrlHandler
CompareStringW
SetEnvironmentVariableW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointer
SetEndOfFile
GetProcessHeap
ReadFile
GetTimeZoneInformation
GetFullPathNameA
WriteConsoleW
SetEnvironmentVariableA

Exports

Exports

??0EndPoint@api@vulcan@adobe@@QAE@ABV0123@@Z
??0EndPoint@api@vulcan@adobe@@QAE@XZ
??0ErrorMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0ErrorMessage@api@vulcan@adobe@@QAE@XZ
??0GetAppPathMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0GetAppPathMessage@api@vulcan@adobe@@QAE@XZ
??0GetTargetSpecifiersMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0GetTargetSpecifiersMessage@api@vulcan@adobe@@QAE@XZ
??0HostMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0HostMessage@api@vulcan@adobe@@QAE@PBD@Z
??0IVulcanMessageDispatcher@api@vulcan@adobe@@QAE@ABV0123@@Z
??0IVulcanMessageDispatcher@api@vulcan@adobe@@QAE@XZ
??0IVulcanMessageListener@api@vulcan@adobe@@QAE@ABV0123@@Z
??0IVulcanMessageListener@api@vulcan@adobe@@QAE@XZ
??0IsAppInstalledMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0IsAppInstalledMessage@api@vulcan@adobe@@QAE@XZ
??0IsAppRunningMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0IsAppRunningMessage@api@vulcan@adobe@@QAE@XZ
??0LaunchAppMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0LaunchAppMessage@api@vulcan@adobe@@QAE@XZ
??0SuiteMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0SuiteMessage@api@vulcan@adobe@@QAE@PBD@Z
??0VulcanMessage@api@vulcan@adobe@@QAE@ABV0123@@Z
??0VulcanMessage@api@vulcan@adobe@@QAE@XZ
??1EndPoint@api@vulcan@adobe@@UAE@XZ
??1ErrorMessage@api@vulcan@adobe@@UAE@XZ
??1GetAppPathMessage@api@vulcan@adobe@@UAE@XZ
??1GetTargetSpecifiersMessage@api@vulcan@adobe@@UAE@XZ
??1HostMessage@api@vulcan@adobe@@UAE@XZ
??1IVulcanMessageDispatcher@api@vulcan@adobe@@UAE@XZ
??1IsAppInstalledMessage@api@vulcan@adobe@@UAE@XZ
??1IsAppRunningMessage@api@vulcan@adobe@@UAE@XZ
??1LaunchAppMessage@api@vulcan@adobe@@UAE@XZ
??1SuiteMessage@api@vulcan@adobe@@UAE@XZ
??1VulcanMessage@api@vulcan@adobe@@UAE@XZ
??4EndPoint@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4ErrorMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4GetAppPathMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4GetTargetSpecifiersMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4HostMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4IVulcanMessageDispatcher@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4IVulcanMessageListener@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4IsAppInstalledMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4IsAppRunningMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4LaunchAppMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4MessageUtil@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4SuiteMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4VulcanMessage@api@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??8EndPoint@api@vulcan@adobe@@QBE_NABV0123@@Z
??9EndPoint@api@vulcan@adobe@@QBE_NABV0123@@Z
??_7EndPoint@api@vulcan@adobe@@6B@
??_7ErrorMessage@api@vulcan@adobe@@6B@
??_7GetAppPathMessage@api@vulcan@adobe@@6B@
??_7GetTargetSpecifiersMessage@api@vulcan@adobe@@6B@
??_7HostMessage@api@vulcan@adobe@@6B@
??_7IVulcanMessageDispatcher@api@vulcan@adobe@@6B@
??_7IVulcanMessageListener@api@vulcan@adobe@@6B@
??_7IsAppInstalledMessage@api@vulcan@adobe@@6B@
??_7IsAppRunningMessage@api@vulcan@adobe@@6B@
??_7LaunchAppMessage@api@vulcan@adobe@@6B@
??_7SuiteMessage@api@vulcan@adobe@@6B@
??_7VulcanMessage@api@vulcan@adobe@@6B@
?APP_NOT_INSTALLED_ERROR@ErrorMessage@api@vulcan@adobe@@2QBDB
?Clone@ErrorMessage@api@vulcan@adobe@@UBEPAV1234@XZ
?Clone@GetAppPathMessage@api@vulcan@adobe@@UBEPAV1234@XZ
?Clone@GetTargetSpecifiersMessage@api@vulcan@adobe@@UBEPAV1234@XZ
?Clone@HostMessage@api@vulcan@adobe@@UBEPAV1234@XZ
?Clone@IsAppInstalledMessage@api@vulcan@adobe@@UBEPAV1234@XZ
?Clone@IsAppRunningMessage@api@vulcan@adobe@@UBEPAV1234@XZ
?Clone@LaunchAppMessage@api@vulcan@adobe@@UBEPAV1234@XZ
?Clone@SuiteMessage@api@vulcan@adobe@@UBEPAV1234@XZ
?Create@EndPoint@api@vulcan@adobe@@SA?AV1234@PBD@Z
?Create@IVulcanMessageDispatcher@api@vulcan@adobe@@SAPAV1234@PBDPAVIVulcanMessageListener@234@1@Z
?CreateMessage@MessageUtil@api@vulcan@adobe@@SAPAVVulcanMessage@234@PBD@Z
?CreateMessageByType@MessageUtil@api@vulcan@adobe@@SAPAVVulcanMessage@234@PBD@Z
?DESTINATION_UNREACHABLE_ERROR@ErrorMessage@api@vulcan@adobe@@2QBDB
?GetAppId@EndPoint@api@vulcan@adobe@@QBEXPAD@Z
?GetAppId@VulcanMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetAppIdSize@EndPoint@api@vulcan@adobe@@QBEIXZ
?GetAppIdSize@VulcanMessage@api@vulcan@adobe@@QBEIXZ
?GetCmdLine@LaunchAppMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetCmdLineSize@LaunchAppMessage@api@vulcan@adobe@@QBEIXZ
?GetData@ErrorMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetData@GetAppPathMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetData@GetTargetSpecifiersMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetData@HostMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetData@IsAppInstalledMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetData@IsAppRunningMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetData@LaunchAppMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetData@SuiteMessage@api@vulcan@adobe@@UBEXPAD@Z
?GetDataSize@ErrorMessage@api@vulcan@adobe@@UBEIXZ
?GetDataSize@GetAppPathMessage@api@vulcan@adobe@@UBEIXZ
?GetDataSize@GetTargetSpecifiersMessage@api@vulcan@adobe@@UBEIXZ
?GetDataSize@HostMessage@api@vulcan@adobe@@UBEIXZ
?GetDataSize@IsAppInstalledMessage@api@vulcan@adobe@@UBEIXZ
?GetDataSize@IsAppRunningMessage@api@vulcan@adobe@@UBEIXZ
?GetDataSize@LaunchAppMessage@api@vulcan@adobe@@UBEIXZ
?GetDataSize@SuiteMessage@api@vulcan@adobe@@UBEIXZ
?GetDestinationCount@SuiteMessage@api@vulcan@adobe@@QBEIXZ
?GetDestinations@SuiteMessage@api@vulcan@adobe@@QBEXPAVEndPoint@234@@Z
?GetError@ErrorMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetErrorSize@ErrorMessage@api@vulcan@adobe@@QBEIXZ
?GetFault@ErrorMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetFaultSize@ErrorMessage@api@vulcan@adobe@@QBEIXZ
?GetFocus@LaunchAppMessage@api@vulcan@adobe@@QBE_NXZ
?GetId@EndPoint@api@vulcan@adobe@@QBEXPAD@Z
?GetIdSize@EndPoint@api@vulcan@adobe@@QBEIXZ
?GetPayload@HostMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetPayload@SuiteMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetPayloadSize@HostMessage@api@vulcan@adobe@@QBEIXZ
?GetPayloadSize@SuiteMessage@api@vulcan@adobe@@QBEIXZ
?GetResult@GetAppPathMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetResult@GetTargetSpecifiersMessage@api@vulcan@adobe@@QBEXIPAD@Z
?GetResult@IsAppInstalledMessage@api@vulcan@adobe@@QBE_NXZ
?GetResult@IsAppRunningMessage@api@vulcan@adobe@@QBE_NXZ
?GetResult@LaunchAppMessage@api@vulcan@adobe@@QBE_NXZ
?GetResultCount@GetTargetSpecifiersMessage@api@vulcan@adobe@@QBEIXZ
?GetResultSize@GetAppPathMessage@api@vulcan@adobe@@QBEIXZ
?GetResultSize@GetTargetSpecifiersMessage@api@vulcan@adobe@@QBEII@Z
?GetScope@VulcanMessage@api@vulcan@adobe@@QBE?AW4MessageScope@234@XZ
?GetSource@SuiteMessage@api@vulcan@adobe@@QBE?AVEndPoint@234@XZ
?GetTargetSpecifier@GetAppPathMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetTargetSpecifier@IsAppInstalledMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetTargetSpecifier@IsAppRunningMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetTargetSpecifier@LaunchAppMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetTargetSpecifierSize@GetAppPathMessage@api@vulcan@adobe@@QBEIXZ
?GetTargetSpecifierSize@IsAppInstalledMessage@api@vulcan@adobe@@QBEIXZ
?GetTargetSpecifierSize@IsAppRunningMessage@api@vulcan@adobe@@QBEIXZ
?GetTargetSpecifierSize@LaunchAppMessage@api@vulcan@adobe@@QBEIXZ
?GetType@VulcanMessage@api@vulcan@adobe@@QBEXPAD@Z
?GetTypeSize@VulcanMessage@api@vulcan@adobe@@QBEIXZ
?GetXmlSize@EndPoint@api@vulcan@adobe@@QBEIXZ
?GetXmlSize@VulcanMessage@api@vulcan@adobe@@UBEIXZ
?INVALID_ENDPOINT@EndPoint@api@vulcan@adobe@@2V1234@B
?IsHostMessage@HostMessage@api@vulcan@adobe@@SA_NABVVulcanMessage@234@@Z
?IsSuiteMessage@SuiteMessage@api@vulcan@adobe@@SA_NABVVulcanMessage@234@@Z
?SetAppId@EndPoint@api@vulcan@adobe@@QAEXPBD@Z
?SetAppId@MessageUtil@api@vulcan@adobe@@SAXAAVVulcanMessage@234@PBD@Z
?SetCmdLine@LaunchAppMessage@api@vulcan@adobe@@QAEXPBD@Z
?SetData@ErrorMessage@api@vulcan@adobe@@UAEXPBD@Z
?SetData@GetAppPathMessage@api@vulcan@adobe@@UAEXPBD@Z
?SetData@GetTargetSpecifiersMessage@api@vulcan@adobe@@UAEXPBD@Z
?SetData@HostMessage@api@vulcan@adobe@@UAEXPBD@Z
?SetData@IsAppInstalledMessage@api@vulcan@adobe@@UAEXPBD@Z
?SetData@IsAppRunningMessage@api@vulcan@adobe@@UAEXPBD@Z
?SetData@LaunchAppMessage@api@vulcan@adobe@@UAEXPBD@Z
?SetData@SuiteMessage@api@vulcan@adobe@@UAEXPBD@Z
?SetDestination@SuiteMessage@api@vulcan@adobe@@QAEXABVEndPoint@234@@Z
?SetDestinations@SuiteMessage@api@vulcan@adobe@@QAEXPBVEndPoint@234@I@Z
?SetFocus@LaunchAppMessage@api@vulcan@adobe@@QAEX_N@Z
?SetId@EndPoint@api@vulcan@adobe@@QAEXPBD@Z
?SetPayload@HostMessage@api@vulcan@adobe@@QAEXPBD@Z
?SetPayload@HostMessage@api@vulcan@adobe@@QAEXPBDI@Z
?SetPayload@SuiteMessage@api@vulcan@adobe@@QAEXPBD@Z
?SetPayload@SuiteMessage@api@vulcan@adobe@@QAEXPBDI@Z
?SetSource@SuiteMessage@api@vulcan@adobe@@QAEXABVEndPoint@234@@Z
?SetTargetSpecifier@GetAppPathMessage@api@vulcan@adobe@@QAEXPBD@Z
?SetTargetSpecifier@IsAppInstalledMessage@api@vulcan@adobe@@QAEXPBD@Z
?SetTargetSpecifier@IsAppRunningMessage@api@vulcan@adobe@@QAEXPBD@Z
?SetTargetSpecifier@LaunchAppMessage@api@vulcan@adobe@@QAEXPBD@Z
?TYPE@ErrorMessage@api@vulcan@adobe@@2QBDB
?TYPE@GetAppPathMessage@api@vulcan@adobe@@2QBDB
?TYPE@GetTargetSpecifiersMessage@api@vulcan@adobe@@2QBDB
?TYPE@IsAppInstalledMessage@api@vulcan@adobe@@2QBDB
?TYPE@IsAppRunningMessage@api@vulcan@adobe@@2QBDB
?TYPE@LaunchAppMessage@api@vulcan@adobe@@2QBDB
?TYPE_PREFIX@HostMessage@api@vulcan@adobe@@2QBDB
?TYPE_PREFIX@SuiteMessage@api@vulcan@adobe@@2QBDB
?TYPE_PREFIX@VulcanMessage@api@vulcan@adobe@@2QBDB
?ToXml@EndPoint@api@vulcan@adobe@@QBEXPAD@Z
?ToXml@VulcanMessage@api@vulcan@adobe@@UBEXPAD@Z

Sections

.text
Size: 223KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
VulcanMessage5.dll
.dll windows:6 windows x86 arch:x86

9612e1d064f9d31b91613782c931ed6c

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:87:a0:d8:1a:51:0a:04:65:7c:d9:40:c7:65:83:9c:25:01:68:1a:1c:44:a6:e8:f4:da:af:f5:c2:e6:8e:28
Signer

Actual PE Digest

75:87:a0:d8:1a:51:0a:04:65:7c:d9:40:c7:65:83:9c:25:01:68:1a:1c:44:a6:e8:f4:da:af:f5:c2:e6:8e:28

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

VulcanMessage5.pdb

Imports

ws2_32

freeaddrinfo
getaddrinfo
WSAGetLastError
WSACleanup
WSAStartup
socket
shutdown
setsockopt
send
select
recv
listen
htons
getsockopt
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
ntohs
ntohl
htonl

kernel32

FreeEnvironmentStringsW
GetCommandLineW
GetEnvironmentVariableW
GetCurrentProcessId
RtlCaptureStackBackTrace
GetLocalTime
VerSetConditionMask
GetEnvironmentStringsW
GetStdHandle
SetStdHandle
SetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
FlushFileBuffers
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileAttributesExW
GetFileSizeEx
GetFullPathNameW
LockFileEx
ReadFile
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
UnlockFile
WriteFile
GetTempPathW
DuplicateHandle
GetHandleInformation
SetHandleInformation
CreatePipe
ConnectNamedPipe
DisconnectNamedPipe
SetNamedPipeHandleState
PeekNamedPipe
CreateNamedPipeW
WaitNamedPipeW
GetOverlappedResult
DeviceIoControl
SetEvent
ResetEvent
ReleaseMutex
OpenMutexW
CreateEventW
SwitchToThread
GetCurrentProcess
GetExitCodeProcess
SetThreadPriority
GetThreadPriority
TlsAlloc
TlsGetValue
TlsSetValue
CreateProcessW
GlobalMemoryStatusEx
VirtualAlloc
VirtualFree
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FreeLibrary
GetModuleFileNameW
GetModuleHandleExW
GetProcAddress
LoadLibraryExW
PulseEvent
WaitForMultipleObjects
GetNamedPipeInfo
CreateMailslotW
SetDllDirectoryW
CopyFileW
MoveFileExW
CreateHardLinkW
GetComputerNameW
VerifyVersionInfoW
RaiseException
Sleep
GetCurrentThread
GetCurrentThreadId
LocalAlloc
LocalReAlloc
LocalFree
FormatMessageW
LCMapStringW
SetFilePointer
GetSystemTimeAsFileTime
TerminateProcess
OpenProcess
GlobalAlloc
GlobalFree
GetConsoleWindow
HeapFree
HeapReAlloc
HeapAlloc
GetModuleFileNameA
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
OpenSemaphoreW
GetLastError
WaitForSingleObject
CreateMutexW
ReleaseSemaphore
GetFullPathNameA
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetACP
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
SetEnvironmentVariableA
GetProcessHeap
SetConsoleCtrlHandler
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
HeapSize
OutputDebugStringA
OutputDebugStringW
WriteConsoleW
ReadConsoleW
OpenEventW
ExitProcess
FreeLibraryAndExitThread
ResumeThread
ExitThread
CreateThread
WaitForSingleObjectEx
GetModuleHandleW
InitializeSListHead
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
SetLastError
InitializeCriticalSectionAndSpinCount
TlsFree
GetTickCount
CompareStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
GetDriveTypeW
GetFileType
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime

user32

GetWindowThreadProcessId
EnumWindows
GetShellWindow

advapi32

SystemFunction036
CreateProcessWithTokenW
LookupPrivilegeValueW
GetTokenInformation
FreeSid
EqualSid
DuplicateTokenEx
AllocateAndInitializeSid
AdjustTokenPrivileges
OpenProcessToken
SetSecurityInfo
GetSecurityInfo
SetEntriesInAclW
CreateWellKnownSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
StartServiceW
StartServiceCtrlDispatcherW
QueryServiceConfigW
OpenServiceW
OpenSCManagerW
DeleteService
CreateServiceW
ControlService
CloseServiceHandle
ChangeServiceConfigW
RegSetValueExW
RegNotifyChangeKeyValue
RegEnumValueW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
GetUserNameW
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

shell32

ShellExecuteExW
SHCreateDirectoryExW
SHFileOperationW
CommandLineToArgvW

Exports

Exports

??0EndPoint@api5@vulcan@adobe@@QAE@ABV0123@@Z
??0EndPoint@api5@vulcan@adobe@@QAE@XZ
??0ErrorMessage@api5@vulcan@adobe@@QAE@ABV0123@@Z
??0ErrorMessage@api5@vulcan@adobe@@QAE@XZ
??0GetEndPointsMessage@impl@vulcan@adobe@@QAE@ABV0123@@Z
??0GetEndPointsMessage@impl@vulcan@adobe@@QAE@XZ
??0IVulcanMessageDispatcher@api5@vulcan@adobe@@QAE@ABV0123@@Z
??0IVulcanMessageDispatcher@api5@vulcan@adobe@@QAE@XZ
??0IVulcanMessageListener@api5@vulcan@adobe@@QAE@$$QAV0123@@Z
??0IVulcanMessageListener@api5@vulcan@adobe@@QAE@ABV0123@@Z
??0IVulcanMessageListener@api5@vulcan@adobe@@QAE@XZ
??0SuiteMessage@api5@vulcan@adobe@@QAE@ABV0123@@Z
??0SuiteMessage@api5@vulcan@adobe@@QAE@PBD@Z
??0VulcanMessage@api5@vulcan@adobe@@QAE@ABV0123@@Z
??0VulcanMessage@api5@vulcan@adobe@@QAE@XZ
??1EndPoint@api5@vulcan@adobe@@UAE@XZ
??1ErrorMessage@api5@vulcan@adobe@@UAE@XZ
??1GetEndPointsMessage@impl@vulcan@adobe@@UAE@XZ
??1IVulcanMessageDispatcher@api5@vulcan@adobe@@UAE@XZ
??1SuiteMessage@api5@vulcan@adobe@@UAE@XZ
??1VulcanMessage@api5@vulcan@adobe@@UAE@XZ
??4EndPoint@api5@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4ErrorMessage@api5@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4GetEndPointsMessage@impl@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4IVulcanMessageDispatcher@api5@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4IVulcanMessageListener@api5@vulcan@adobe@@QAEAAV0123@$$QAV0123@@Z
??4IVulcanMessageListener@api5@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4MessageUtil@api5@vulcan@adobe@@QAEAAV0123@$$QAV0123@@Z
??4MessageUtil@api5@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4SuiteMessage@api5@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??4VulcanMessage@api5@vulcan@adobe@@QAEAAV0123@ABV0123@@Z
??8EndPoint@api5@vulcan@adobe@@QBE_NABV0123@@Z
??9EndPoint@api5@vulcan@adobe@@QBE_NABV0123@@Z
??_7EndPoint@api5@vulcan@adobe@@6B@
??_7ErrorMessage@api5@vulcan@adobe@@6B@
??_7GetEndPointsMessage@impl@vulcan@adobe@@6B@
??_7IVulcanMessageDispatcher@api5@vulcan@adobe@@6B@
??_7IVulcanMessageListener@api5@vulcan@adobe@@6B@
??_7SuiteMessage@api5@vulcan@adobe@@6B@
??_7VulcanMessage@api5@vulcan@adobe@@6B@
?Clone@ErrorMessage@api5@vulcan@adobe@@UBEPAV1234@XZ
?Clone@GetEndPointsMessage@impl@vulcan@adobe@@UBEPAV1234@XZ
?Clone@SuiteMessage@api5@vulcan@adobe@@UBEPAV1234@XZ
?Create@EndPoint@api5@vulcan@adobe@@SA?AV1234@PBD@Z
?CreateMessage@MessageUtil@api5@vulcan@adobe@@SAPAVVulcanMessage@234@PBD@Z
?CreateMessageByType@MessageUtil@api5@vulcan@adobe@@SAPAVVulcanMessage@234@PBD@Z
?DESTINATION_UNREACHABLE_ERROR@ErrorMessage@api5@vulcan@adobe@@2QBDB
?GetAppId@EndPoint@api5@vulcan@adobe@@QBEXPAD@Z
?GetAppId@VulcanMessage@api5@vulcan@adobe@@QBEXPAD@Z
?GetAppIdSize@EndPoint@api5@vulcan@adobe@@QBEIXZ
?GetAppIdSize@VulcanMessage@api5@vulcan@adobe@@QBEIXZ
?GetAppVersion@EndPoint@api5@vulcan@adobe@@QBEXPAD@Z
?GetAppVersion@VulcanMessage@api5@vulcan@adobe@@QBEXPAD@Z
?GetAppVersionSize@EndPoint@api5@vulcan@adobe@@QBEIXZ
?GetAppVersionSize@VulcanMessage@api5@vulcan@adobe@@QBEIXZ
?GetConfig@IVulcanMessageDispatcher@api5@vulcan@adobe@@SA?AW4VulcanMessageErrorCode@@PAPAD0@Z
?GetData@ErrorMessage@api5@vulcan@adobe@@UBEXPAD@Z
?GetData@GetEndPointsMessage@impl@vulcan@adobe@@UBEXPAD@Z
?GetData@SuiteMessage@api5@vulcan@adobe@@UBEXPAD@Z
?GetDataSize@ErrorMessage@api5@vulcan@adobe@@UBEIXZ
?GetDataSize@GetEndPointsMessage@impl@vulcan@adobe@@UBEIXZ
?GetDataSize@SuiteMessage@api5@vulcan@adobe@@UBEIXZ
?GetDestinationCount@SuiteMessage@api5@vulcan@adobe@@QBEIXZ
?GetDestinations@SuiteMessage@api5@vulcan@adobe@@QBEXPAVEndPoint@234@@Z
?GetError@ErrorMessage@api5@vulcan@adobe@@QBEXPAD@Z
?GetErrorSize@ErrorMessage@api5@vulcan@adobe@@QBEIXZ
?GetFault@ErrorMessage@api5@vulcan@adobe@@QBEXPAD@Z
?GetFaultSize@ErrorMessage@api5@vulcan@adobe@@QBEIXZ
?GetId@EndPoint@api5@vulcan@adobe@@QBEXPAD@Z
?GetIdSize@EndPoint@api5@vulcan@adobe@@QBEIXZ
?GetInstance@IVulcanMessageDispatcher@api5@vulcan@adobe@@SA?AW4VulcanMessageErrorCode@@PAPAV1234@@Z
?GetPayload@SuiteMessage@api5@vulcan@adobe@@QBEXPAD@Z
?GetPayloadSize@SuiteMessage@api5@vulcan@adobe@@QBEIXZ
?GetResult@GetEndPointsMessage@impl@vulcan@adobe@@QBEXPAVEndPoint@api5@34@@Z
?GetResultCount@GetEndPointsMessage@impl@vulcan@adobe@@QBEIXZ
?GetScope@VulcanMessage@api5@vulcan@adobe@@QBE?AW4MessageScope@234@XZ
?GetSource@SuiteMessage@api5@vulcan@adobe@@QBE?AVEndPoint@234@XZ
?GetSourceEndPoint@GetEndPointsMessage@impl@vulcan@adobe@@QBE?AVEndPoint@api5@34@XZ
?GetType@VulcanMessage@api5@vulcan@adobe@@QBEXPAD@Z
?GetTypeSize@VulcanMessage@api5@vulcan@adobe@@QBEIXZ
?GetXmlSize@EndPoint@api5@vulcan@adobe@@QBEIXZ
?GetXmlSize@VulcanMessage@api5@vulcan@adobe@@UBEIXZ
?INVALID_ENDPOINT@EndPoint@api5@vulcan@adobe@@2V1234@B
?IsRefreshEndPoints@GetEndPointsMessage@impl@vulcan@adobe@@QAE_NXZ
?IsSuiteMessage@SuiteMessage@api5@vulcan@adobe@@SA_NABVVulcanMessage@234@@Z
?ReleaseInstance@IVulcanMessageDispatcher@api5@vulcan@adobe@@SAXXZ
?SetAppId@EndPoint@api5@vulcan@adobe@@QAEXPBD@Z
?SetAppId@MessageUtil@api5@vulcan@adobe@@SAXAAVVulcanMessage@234@PBD@Z
?SetAppVersion@EndPoint@api5@vulcan@adobe@@QAEXPBD@Z
?SetAppVersion@MessageUtil@api5@vulcan@adobe@@SAXAAVVulcanMessage@234@PBD@Z
?SetConfig@IVulcanMessageDispatcher@api5@vulcan@adobe@@SA?AW4VulcanMessageErrorCode@@PBD0@Z
?SetData@ErrorMessage@api5@vulcan@adobe@@UAEXPBD@Z
?SetData@GetEndPointsMessage@impl@vulcan@adobe@@UAEXPBD@Z
?SetData@SuiteMessage@api5@vulcan@adobe@@UAEXPBD@Z
?SetDestination@SuiteMessage@api5@vulcan@adobe@@QAEXABVEndPoint@234@@Z
?SetDestinations@SuiteMessage@api5@vulcan@adobe@@QAEXPBVEndPoint@234@I@Z
?SetId@EndPoint@api5@vulcan@adobe@@QAEXPBD@Z
?SetPayload@SuiteMessage@api5@vulcan@adobe@@QAEXPBD@Z
?SetPayload@SuiteMessage@api5@vulcan@adobe@@QAEXPBDI@Z
?SetRefreshEndPoints@GetEndPointsMessage@impl@vulcan@adobe@@QAEXXZ
?SetSource@SuiteMessage@api5@vulcan@adobe@@QAEXABVEndPoint@234@@Z
?TYPE@ErrorMessage@api5@vulcan@adobe@@2QBDB
?TYPE@GetEndPointsMessage@impl@vulcan@adobe@@2QBDB
?TYPE_PREFIX@SuiteMessage@api5@vulcan@adobe@@2QBDB
?TYPE_PREFIX@VulcanMessage@api5@vulcan@adobe@@2QBDB
?ToXml@EndPoint@api5@vulcan@adobe@@QBEXPAD@Z
?ToXml@VulcanMessage@api5@vulcan@adobe@@UBEXPAD@Z

Sections

.text
Size: 726KB - Virtual size: 726KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
adobe_licensing_helper.exe
.exe windows:6 windows x86 arch:x86

d7168f8361a1930366bc2aa1e63d92d2

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

62:83:00:da:5f:40:34:cf:28:3a:06:2b:11:6d:fc:c0:a0:70:2c:4f:27:82:62:2f:ea:49:8e:49:b1:eb:6f:cd
Signer

Actual PE Digest

62:83:00:da:5f:40:34:cf:28:3a:06:2b:11:6d:fc:c0:a0:70:2c:4f:27:82:62:2f:ea:49:8e:49:b1:eb:6f:cd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\jenkins\Daily\NGLU\build\master\nglu\public\nglu-bin\Win32\Release_x86\adobe_licensing_helper.pdb

Imports

winhttp

WinHttpQueryDataAvailable
WinHttpCrackUrl
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpSetCredentials
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpOpenRequest
WinHttpReadData
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpAddRequestHeaders
WinHttpOpen

kernel32

FindFirstFileW
FindNextFileW
GetFileSizeEx
FindClose
CreateFileW
GetFileAttributesW
SetFileAttributesW
DeleteFileW
GetFullPathNameW
MultiByteToWideChar
WideCharToMultiByte
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryW
GetProcAddress
FreeLibrary
FormatMessageW
LocalFree
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
DeviceIoControl
GetTempPathW
GetVersionExW
GetSystemDirectoryW
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
RaiseException
GetWindowsDirectoryW
GetModuleHandleW
GetLocalTime
GetTimeFormatW
GetCurrentThreadId
OpenMutexW
CloseHandle
GetLastError
ReleaseMutex
WaitForSingleObject
CreateMutexW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
SetFilePointerEx
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
GetACP
GetCommandLineW
GetCommandLineA
WriteFile
GetStdHandle
ExitProcess
GetModuleHandleExW
HeapReAlloc
GetTimeZoneInformation
ReadFile
GetFileType
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
SetStdHandle
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
SetEndOfFile
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
WriteConsoleW
ReleaseSemaphore
VirtualProtect
VirtualFree
HeapSize
GetDateFormatW
VirtualAlloc
LoadLibraryExW
TryEnterCriticalSection
GetStringTypeW
QueryPerformanceCounter
QueryPerformanceFrequency
EncodePointer
DecodePointer
IsProcessorFeaturePresent
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentThread
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA

advapi32

CredDeleteW
CredFree
CredReadW
CredWriteW
GetUserNameW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyExW
RegCloseKey
CredEnumerateW

shell32

SHGetKnownFolderPath
SHCreateDirectoryExW

ole32

CoCreateGuid
CoInitialize
CoTaskMemFree

shlwapi

UrlEscapeW
PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathRenameExtensionW
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW
PathAppendW
PathIsDirectoryW

bcrypt

BCryptEncrypt
BCryptOpenAlgorithmProvider
BCryptVerifySignature
BCryptGetProperty
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptDecrypt
BCryptDestroyKey
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData

crypt32

CryptHashCertificate2
CertCreateCertificateContext
CryptImportPublicKeyInfoEx2
CertVerifySubjectCertificateContext
CertAddCertificateContextToStore
CertCloseStore
CertOpenStore
CryptStringToBinaryW
CryptUnprotectData
CryptProtectData
CertFreeCertificateContext
CertFindCertificateInStore

secur32

GetUserNameExW

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 544KB - Virtual size: 544KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
adobe_oobelib.dll
.dll windows:5 windows x86 arch:x86

26768dd142f6638c6ddfe8b87168ade0

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

83:46:82:d2:34:54:5a:40:4f:fd:c8:e9:88:3a:b8:cb:d6:8f:d5:17:80:15:88:b7:40:de:60:b9:62:ce:ed:cb
Signer

Actual PE Digest

83:46:82:d2:34:54:5a:40:4f:fd:c8:e9:88:3a:b8:cb:d6:8f:d5:17:80:15:88:b7:40:de:60:b9:62:ce:ed:cb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

adobe_oobelib.pdb

Imports

winhttp

WinHttpOpen
WinHttpReadData
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSetStatusCallback
WinHttpConnect
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpCloseHandle
WinHttpOpenRequest
WinHttpCrackUrl
WinHttpQueryHeaders
WinHttpReceiveResponse
WinHttpSetCredentials
WinHttpSendRequest
WinHttpAddRequestHeaders

iphlpapi

GetIfTable

setupapi

SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
CM_Get_DevNode_Status
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
SetupDiGetDeviceRegistryPropertyW

shlwapi

PathIsDirectoryW
PathRemoveBackslashW
PathStripPathW
PathFileExistsW
PathFindFileNameW
PathAddExtensionW
PathIsFileSpecW
PathAppendW
PathRenameExtensionW
PathRemoveFileSpecW
PathRemoveExtensionW

kernel32

DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
Sleep
LockFileEx
UnlockFileEx
GetFileSize
WriteFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
CloseHandle
CreateSemaphoreW
LoadLibraryW
GetModuleFileNameA
CreateProcessW
SetEnvironmentVariableA
CreateFileW
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
SwitchToThread
CreateThread
ResumeThread
GetModuleFileNameW
WideCharToMultiByte
ReadFile
GetSystemTime
SystemTimeToFileTime
SetFileAttributesW
GetFileAttributesW
DeleteFileW
GlobalFree
DecodePointer
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
RaiseException
InitializeCriticalSectionAndSpinCount
GetComputerNameExW
InterlockedIncrement
InterlockedDecrement
SetEvent
OpenEventW
GetVersionExW
WaitForMultipleObjects
CreateEventW
GetTimeZoneInformation
OutputDebugStringA
GetTempPathW
GetEnvironmentVariableA
QueryPerformanceFrequency
QueryPerformanceCounter
TryEnterCriticalSection
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentThread
FindClose
FindFirstFileW
FindNextFileW
GetLocalTime
GetTimeFormatW
GetDateFormatW
CreateDirectoryW
TzSpecificLocalTimeToSystemTime
CreateMutexW
ReleaseMutex
OpenMutexW
LocalAlloc
GetUserDefaultLangID
GetUserDefaultUILanguage
GetModuleHandleW
ResetEvent
InitializeCriticalSection
Process32NextW
Process32FirstW
AreFileApisANSI
HeapCreate
GetFullPathNameW
InterlockedCompareExchange
GetDiskFreeSpaceW
LockFile
GetFullPathNameA
UnmapViewOfFile
HeapValidate
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
GetSystemInfo
HeapCompact
UnlockFile
CreateFileMappingA
GetSystemTimeAsFileTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
GetTickCount
GetStdHandle
GetFileType
GetModuleHandleA
GlobalMemoryStatus
WriteConsoleW
lstrlenW
CopyFileW
GetACP
CreateSymbolicLinkW
SetLastError
TerminateProcess
MoveFileExW
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
LoadLibraryExW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetStartupInfoW
GetLastError
LocalFree
GetProcAddress
FreeLibrary
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
SetConsoleCtrlHandler
GetConsoleMode
ReadConsoleInputA
SetConsoleMode
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleCP
ReadConsoleW
CreateToolhelp32Snapshot
SetFilePointerEx
GetCurrentDirectoryW
SetStdHandle
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
SetFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileSizeEx
FlushConsoleInputBuffer
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
GetStringTypeW

user32

GetProcessWindowStation
MessageBoxA
GetUserObjectInformationW
wsprintfW

advapi32

ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegQueryValueExA
RegOpenKeyA
RegDeleteKeyA
RegCreateKeyA
RegDeleteKeyW
SetSecurityInfo
SetNamedSecurityInfoW
GetNamedSecurityInfoW
CreateWellKnownSid
EqualSid
GetTokenInformation
OpenThreadToken
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
SetEntriesInAclW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
FreeSid
AllocateAndInitializeSid

shell32

SHCreateDirectoryExW
SHGetFolderPathW
SHGetPathFromIDListW
SHGetFolderLocation
SHGetKnownFolderPath

ole32

CoUninitialize
CoInitializeEx
CoInitializeSecurity
CoSetProxyBlanket
CoCreateInstance
CoInitialize
CoTaskMemFree

oleaut32

VariantClear
SysFreeString
SysAllocString
SysStringLen
SysAllocStringByteLen

Exports

Exports

Adobe_OOBELib_Activate
Adobe_OOBELib_ActivateForLEIDs
Adobe_OOBELib_BackDoorUpgradeCheck
Adobe_OOBELib_CalculateVC
Adobe_OOBELib_CheckForUpgradeOnline
Adobe_OOBELib_CheckSubscriptionMode
Adobe_OOBELib_CheckSubscriptionValidity
Adobe_OOBELib_CheckSubscriptionValidityOnline
Adobe_OOBELib_CheckWFType
Adobe_OOBELib_CheckforUpgrade
Adobe_OOBELib_CleanUpCachePCD
Adobe_OOBELib_CreateRef
Adobe_OOBELib_Deactivate
Adobe_OOBELib_DeactivateLicense
Adobe_OOBELib_DeactivateLicenseForSerial
Adobe_OOBELib_DeactivateLicensesForUser
Adobe_OOBELib_DisAssociateAll
Adobe_OOBELib_EncryptDecryptSerial
Adobe_OOBELib_EnumerateKeys
Adobe_OOBELib_Generate_OffLineExcpType1_ReqCode
Adobe_OOBELib_GetAdobeId
Adobe_OOBELib_GetChallengeString_UpgradeCheck
Adobe_OOBELib_GetCredentialsForProxy
Adobe_OOBELib_GetCurrentLicenseState
Adobe_OOBELib_GetDetailedActiveLicenseInfo
Adobe_OOBELib_GetDetailedLicenseStatus
Adobe_OOBELib_GetDetailedLicenseStatusEx
Adobe_OOBELib_GetDetailedLicenseStatusExForLEIDs
Adobe_OOBELib_GetEntitlement
Adobe_OOBELib_GetEntitlementsForLEIDS
Adobe_OOBELib_GetLicenseStatus
Adobe_OOBELib_GetLicenseStatusEx
Adobe_OOBELib_GetPackagePoolDetailsForPool
Adobe_OOBELib_GetPackagePoolsForAdminForOrg
Adobe_OOBELib_GetRefID
Adobe_OOBELib_GetSerialInfo
Adobe_OOBELib_GetServiceClaimData
Adobe_OOBELib_GetValueforKeyInSubDomain
Adobe_OOBELib_Get_LegacySeatID
Adobe_OOBELib_Get_OffLineExcpType1_ReqCode
Adobe_OOBELib_Get_ProductLine
Adobe_OOBELib_Get_SeatID
Adobe_OOBELib_Getversion
Adobe_OOBELib_ISOTaggingAtInstall
Adobe_OOBELib_IsLicenseAgreementAccepted
Adobe_OOBELib_LaunchPurchaseWorkFlow
Adobe_OOBELib_LoadActivationGraceLicense
Adobe_OOBELib_LoadDBCSLicenseAndActivate
Adobe_OOBELib_LoadOfflineGraceLicense
Adobe_OOBELib_LoadOnlineTrial
Adobe_OOBELib_LoadTrial
Adobe_OOBELib_ProcessExceptionFile
Adobe_OOBELib_Process_file
Adobe_OOBELib_ProtectedContentCheck
Adobe_OOBELib_QueryLicenses
Adobe_OOBELib_QueryLicensesForUser
Adobe_OOBELib_Record_EulaOnline
Adobe_OOBELib_ReducedTrialSLConfigDownload
Adobe_OOBELib_ReleaseRef
Adobe_OOBELib_RememberAdobeID
Adobe_OOBELib_RemoveKeyInSubDomainInCache
Adobe_OOBELib_RemoveLastLoggedInUser
Adobe_OOBELib_Remove_payload
Adobe_OOBELib_RetrieveLEIDForSerial
Adobe_OOBELib_Retrieve_SerialNumber
Adobe_OOBELib_Retrieve_SerialNumberEx
Adobe_OOBELib_Retryactivation
Adobe_OOBELib_SaveAdobeId
Adobe_OOBELib_SetAdobeId
Adobe_OOBELib_SetAdobeIdExtProfile
Adobe_OOBELib_SetAppXMLData
Adobe_OOBELib_SetCallerID
Adobe_OOBELib_SetClaimStatus
Adobe_OOBELib_SetClaimStatusEx
Adobe_OOBELib_SetCredentialsForProxy
Adobe_OOBELib_SetLEID
Adobe_OOBELib_SetLicenseAgreementInformation
Adobe_OOBELib_SetSerialTypeForSerial
Adobe_OOBELib_SetUniversalCookie
Adobe_OOBELib_SetValueforKeyInSubDomainInCache
Adobe_OOBELib_Set_Eula
Adobe_OOBELib_Set_EulaOnline
Adobe_OOBELib_Set_InstallLocale
Adobe_OOBELib_Set_serialnumber
Adobe_OOBELib_SuppressRegSerialNag
Adobe_OOBELib_SuppressRegistrationNag
Adobe_OOBELib_Suppress_Eula
Adobe_OOBELib_Suppress_Registration
Adobe_OOBELib_UnregisterSerials
Adobe_OOBELib_UpdateLastLoggedInUser
Adobe_OOBELib_UpdateUserSpecificIdentity
Adobe_OOBELib_UpdateUserSpecificLicensing
Adobe_OOBELib_UpgradeCheck
Adobe_OOBELib_UpgradeDoneAtInstallTime
Adobe_OOBELib_ValidateSerialOnline
Adobe_OOBELib_Validate_SerialNumber
Adobe_OOBELib_Verify_OffLineExcpType1_ServerResponseCode
GetAsnVersion
IAL_ActivateLicense
IAL_CheckSubscription
IAL_CloseSession
IAL_CreateSession
IAL_DeactivateLicense
IAL_GetAULData
IAL_GetEntitledSerialData
IAL_GetEntitlementsForLEIDS
IAL_GetLEIDForSerial
IAL_GetPackagePoolData
IAL_GetPackagePools
IAL_GetSLConfigData
IAL_GetType2aOfflineException
IAL_GetVersion
IAL_SendAppUsageData
IAL_SendEnrolTrialRequest
IAL_SetCaller
IAL_SetEULAStatus
IAL_SetLicensingLEID
IAL_SetLoggingMethod
IAL_SetProxyDetails
IAL_ValidateSerial
asnInst_InstallerProductInfo_constructor
asnInst_getAsnProductInfo
asnInst_getAsnProductInfoInMem
asn_exit
asn_info
asn_init
asn_makePrivate
asn_makePrivateEx

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 614KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
adobe_upgrade.dll
.dll windows:6 windows x86 arch:x86

73cafe1c9aec216b9d6bcc04fd6c7570

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:ef:df:67:f7:3a:0e:75:f1:44:fc:9d:0f:3d:f2:0b:1e:31:e4:f7:bc:13:62:6d:a8:28:8c:80:73:24:08:73
Signer

Actual PE Digest

ec:ef:df:67:f7:3a:0e:75:f1:44:fc:9d:0f:3d:f2:0b:1e:31:e4:f7:bc:13:62:6d:a8:28:8c:80:73:24:08:73

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

adobe_upgrade.pdb

Imports

winhttp

WinHttpCrackUrl
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSetCredentials
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpReceiveResponse
WinHttpOpen
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpQueryDataAvailable

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDevsW
SetupDiGetDeviceInstanceIdW
CM_Get_DevNode_Status
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList

iphlpapi

GetIfTable

shlwapi

PathStripPathW
PathRemoveBackslashW
PathRemoveBackslashA
SHDeleteEmptyKeyA
SHDeleteKeyA
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
PathRemoveExtensionW
PathAddExtensionW
PathRenameExtensionW
PathIsDirectoryW
PathAppendW
PathIsFileSpecW

kernel32

GetCurrentProcess
GetLastError
CloseHandle
lstrcmpA
lstrcpyA
lstrcatA
lstrlenA
CreateProcessA
GetStdHandle
GetFileType
WriteFile
GetCurrentThreadId
GetModuleHandleA
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GlobalMemoryStatus
FlushConsoleInputBuffer
QueryPerformanceFrequency
GetThreadTimes
GetCurrentThread
WideCharToMultiByte
OutputDebugStringA
LoadLibraryW
GetModuleFileNameW
GetTempPathW
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReleaseSemaphore
WaitForSingleObject
CreateDirectoryW
FindFirstFileW
FindNextFileW
FindClose
GetFileAttributesW
CreateSemaphoreW
SetFilePointer
CreateFileW
ReadFile
SetEndOfFile
UnlockFileEx
LocalAlloc
SetFileAttributesW
LocalFree
LockFileEx
GetFileSize
FlushFileBuffers
GetFileSizeEx
GetLocalTime
GetTimeFormatW
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
Sleep
GetUserDefaultLangID
GetUserDefaultUILanguage
GetVersionExW
GetModuleHandleW
WaitForMultipleObjects
GetConsoleMode
SetEvent
GlobalFree
ResetEvent
HeapFree
LoadLibraryA
HeapSize
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
HeapReAlloc
RaiseException
HeapAlloc
DecodePointer
HeapDestroy
GetProcessHeap
AreFileApisANSI
HeapCreate
GetFullPathNameW
InterlockedCompareExchange
GetDiskFreeSpaceW
LockFile
GetFullPathNameA
UnmapViewOfFile
HeapValidate
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
DeleteFileW
GetSystemInfo
HeapCompact
UnlockFile
CreateFileMappingA
SystemTimeToFileTime
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
WriteConsoleW
GetComputerNameExW
OpenSemaphoreW
ResumeThread
CreateThread
SwitchToThread
lstrcmpW
lstrlenW
CopyFileW
CopyFileExW
GetVolumeInformationW
GetACP
GetCurrentDirectoryA
SetCurrentDirectoryW
SetCurrentDirectoryA
SetEnvironmentVariableW
SetEnvironmentVariableA
GetDriveTypeW
LoadLibraryExW
InterlockedFlushSList
GetProcAddress
FreeLibrary
GetEnvironmentVariableA
GetCurrentDirectoryW
ExitProcess
GetModuleHandleExW
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
InitializeCriticalSectionAndSpinCount
SetFileTime
TzSpecificLocalTimeToSystemTime
MoveFileExW
GetTimeZoneInformation
ExitThread
SetConsoleCtrlHandler
FreeLibraryAndExitThread
GetModuleFileNameA
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleCP
SetFilePointerEx
ReadConsoleW
SetStdHandle
HeapQueryInformation
FindFirstFileExA
FindFirstFileExW
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
CreateEventW
MapViewOfFile
InterlockedPushEntrySList
RtlUnwind
GetCPInfo
GetLocaleInfoW
LCMapStringW
CompareStringW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SetLastError
EncodePointer
GetStringTypeW
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InitializeSListHead

user32

GetUserObjectInformationW
MessageBoxA
GetDC
ReleaseDC
wsprintfW
UnregisterClassW
GetProcessWindowStation

gdi32

GetObjectA
GetDIBits
GetDeviceCaps
DeleteObject
CreateCompatibleBitmap

advapi32

GetNamedSecurityInfoW
LookupPrivilegeValueW
GetUserNameW
SetSecurityDescriptorDacl
AllocateAndInitializeSid
SetEntriesInAclW
FreeSid
InitializeSecurityDescriptor
SetSecurityInfo
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
ReportEventA
RegisterEventSourceA
DeregisterEventSource
RegUnLoadKeyA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegLoadKeyA
RegFlushKey
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
SetNamedSecurityInfoW

shell32

SHGetFolderPathW
SHCreateDirectoryExW
SHGetFolderLocation
SHGetPathFromIDListW

ole32

CoCreateInstance
CoSetProxyBlanket
CoInitializeSecurity
CoInitializeEx
CoUninitialize
CoTaskMemFree

oleaut32

SetErrorInfo
CreateErrorInfo
SysFreeString
SysAllocString
VariantChangeType
VariantInit
GetErrorInfo
VariantClear
SysAllocStringByteLen
SysStringLen

Exports

Exports

AULAcceptsChallengeResponse
AULCloseSession
AULGetChallengeString
AULGetQualifyingSerialNumbers
AULGetUpgradeStatus
AULIsQualifyingSerialNumberForAnyProduct
AULIsQualifyingSerialNumberForProduct
AULNeedsUpgradeCheck
AULNextProduct
AULOpenSession
AULSetQualifyingSerialNumbers
AULSetUpgradeScenario
GetAsnVersion
asnInst_InstallerProductInfo_constructor
asnInst_getAsnProductInfo
asnInst_getAsnProductInfoInMem
asn_exit
asn_info
asn_init
asn_makePrivate
asn_makePrivateEx

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 587KB - Virtual size: 586KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dispatchtable.xml
.xml
imshelper.dll
.dll windows:6 windows x86 arch:x86

de8433e29ed52f73c31170103caee46b

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9b:8f:81:13:5d:b8:56:aa:10:8b:cf:0f:c2:e4:a4:e8:66:8b:62:17:30:89:0b:cb:45:4a:84:a1:69:45:dc:c4
Signer

Actual PE Digest

9b:8f:81:13:5d:b8:56:aa:10:8b:cf:0f:c2:e4:a4:e8:66:8b:62:17:30:89:0b:cb:45:4a:84:a1:69:45:dc:c4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\jenkins\Daily\NGLU\build\master\nglu\public\nglu-lib\Win32\Release_x86\imshelper.pdb

Imports

winhttp

WinHttpQueryDataAvailable
WinHttpCrackUrl
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpSetCredentials
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpOpenRequest
WinHttpReadData
WinHttpQueryHeaders
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpReceiveResponse

kernel32

GetFileSizeEx
FindClose
CreateFileW
GetFileAttributesW
SetFileAttributesW
FormatMessageW
LocalFree
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
DeviceIoControl
GetTempPathW
GetVersionExW
GetSystemDirectoryW
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
RaiseException
LoadLibraryW
GetWindowsDirectoryW
GetProcAddress
CreateProcessW
GetModuleHandleW
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
GetTimeFormatW
GetDateFormatW
GetCurrentThreadId
OpenMutexW
CloseHandle
GetLastError
ReleaseMutex
WaitForSingleObject
CreateMutexW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
SetStdHandle
ReadConsoleW
GetACP
SetFilePointerEx
FlushFileBuffers
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
WriteFile
GetModuleFileNameA
ExitProcess
GetModuleHandleExW
HeapReAlloc
GetTimeZoneInformation
ReadFile
GetFileType
RtlUnwind
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEndOfFile
WriteConsoleW
HeapSize
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
VirtualProtect
VirtualFree
TryEnterCriticalSection
GetStringTypeW
QueryPerformanceCounter
QueryPerformanceFrequency
EncodePointer
DecodePointer
IsProcessorFeaturePresent
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentThread
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetEvent
ResetEvent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
LoadLibraryExW
VirtualAlloc

advapi32

CredDeleteW
CredFree
CredReadW
CredWriteW
GetUserNameW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyExW
RegCloseKey
CredEnumerateW

shell32

SHGetKnownFolderPath
SHCreateDirectoryExW

ole32

CoTaskMemFree
CoCreateGuid

shlwapi

UrlEscapeW
PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathRenameExtensionW
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW
PathAppendW
PathIsDirectoryW

bcrypt

BCryptEncrypt
BCryptOpenAlgorithmProvider
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptDecrypt
BCryptDestroyKey
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData
BCryptGetProperty

crypt32

CertCloseStore
CryptProtectData
CryptUnprotectData

secur32

GetUserNameExW

Exports

Exports

GetNGLDeviceIdentifier
GetNGLDeviceIdentifierForOSUser

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 477KB - Virtual size: 477KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64/IMSLib.dll
.dll windows:5 windows x64 arch:x64

c2cfc0d770494af182b48ab55e9c13fd

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

31/01/2019, 00:00

Not After

03/02/2021, 12:00

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1e:41:96:5a:3e:58:ec:d1:c9:dc:39:d5:95:76:ae:49:a6:c8:08:78:42:9e:0c:8a:a2:47:65:b7:13:1a:94:f5
Signer

Actual PE Digest

1e:41:96:5a:3e:58:ec:d1:c9:dc:39:d5:95:76:ae:49:a6:c8:08:78:42:9e:0c:8a:a2:47:65:b7:13:1a:94:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\builds\AAM\10.0\source\dev\aamcore\target\win64\Release\OOBECommon\IMSLib.pdb

Imports

winhttp

WinHttpOpen
WinHttpCrackUrl
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSetCredentials
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpReceiveResponse
WinHttpQueryDataAvailable
WinHttpAddRequestHeaders
WinHttpQueryHeaders
WinHttpReadData
WinHttpOpenRequest
WinHttpSetOption
WinHttpCloseHandle

setupapi

SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiGetClassDevsW
SetupDiGetDeviceRegistryPropertyW
SetupDiGetDeviceInstanceIdW
CM_Get_DevNode_Status

kernel32

CloseHandle
CreateThread
ResetEvent
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
ReadFile
SetLastError
GetCurrentProcess
WriteFile
TerminateProcess
GetModuleFileNameW
GetTempPathW
CreateMutexW
FindClose
LocalAlloc
CreateFileW
GetFileAttributesW
GetVersionExW
ReleaseMutex
SetFileAttributesW
Sleep
DeleteFileW
RaiseException
DecodePointer
GetProcAddress
LocalFree
MoveFileExW
GetFileSize
SystemTimeToFileTime
CreateProcessW
GetModuleHandleW
CopyFileW
WideCharToMultiByte
GetSystemTime
FlushFileBuffers
ReleaseSemaphore
GetCurrentProcessId
CreateDirectoryW
LoadLibraryW
FreeLibrary
SetEvent
GetTimeFormatW
GetDateFormatW
QueryPerformanceCounter
GetStdHandle
GetFileType
GetCurrentThreadId
GetTickCount
GlobalMemoryStatus
LoadLibraryA
FlushConsoleInputBuffer
SetFilePointer
GetFileSizeEx
OpenMutexW
GetFileAttributesExW
CreateSymbolicLinkW
AreFileApisANSI
HeapCreate
HeapFree
GetFullPathNameW
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
GetFullPathNameA
SetEndOfFile
UnlockFileEx
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
OutputDebugStringW
CreateFileA
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
GetTimeZoneInformation
SetConsoleMode
ReadConsoleInputA
GetConsoleMode
GetLastError
MultiByteToWideChar
CreateEventW
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
GlobalFree
GetModuleFileNameA
GetACP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
WaitForMultipleObjects
ReadConsoleW
SetFilePointerEx
GetCurrentDirectoryW
SetStdHandle
GetConsoleCP
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
GetLocalTime
SetConsoleCtrlHandler
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
VirtualProtect
VirtualFree
VirtualAlloc
LoadLibraryExW
GetModuleHandleA
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
CreateTimerQueue
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
IsProcessorFeaturePresent
RtlPcToFileHeader
EncodePointer
GetStringTypeW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
DuplicateHandle
WaitForSingleObjectEx
GetCurrentThread
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter

user32

MessageBoxW
wsprintfW
GetUserObjectInformationW
GetProcessWindowStation

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW
GetUserNameW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
SetEntriesInAclW
CreateWellKnownSid
SetNamedSecurityInfoW
GetNamedSecurityInfoW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW
SHGetKnownFolderPath
SHCreateDirectoryExW

ole32

CoSetProxyBlanket
CoUninitialize
CoInitialize
CLSIDFromString
OleRun
CLSIDFromProgID
CoCreateInstance
StringFromGUID2
CoInitializeSecurity
CoInitializeEx
CoCreateGuid

oleaut32

SysStringLen
GetErrorInfo
VariantClear
VariantChangeType
VariantCopy
SysAllocString
SysAllocStringByteLen
SysFreeString
VariantInit

shlwapi

PathRemoveFileSpecW
PathFileExistsW
PathIsFileSpecW
PathIsDirectoryW
PathRemoveExtensionW
PathAddExtensionW
PathAppendW
PathRenameExtensionW
PathFindFileNameW

Exports

Exports

IMS_EEPLogin
IMS_createRef
IMS_createRefEx
IMS_createRefExWithXMLParams
IMS_createRefForProductVersion
IMS_deregisterClientFromGroup
IMS_fetchAccessToken
IMS_fetchAccessToken2
IMS_fetchAccounts
IMS_fetchContinueToken
IMS_fetchDefaultUserInfoForClientId
IMS_fetchFeatureFlags
IMS_fetchIDPResponseForKey
IMS_fetchReleaseFlag
IMS_fetchUserProfileData
IMS_getDeviceID
IMS_getProxyCredentialsFromIMSLibSession
IMS_logOutUserForClient
IMS_registerClientToGroup
IMS_releaseData
IMS_releaseRef
IMS_revokeDeviceToken
IMS_setProxyCredentials
IMS_setProxyCredentialsInIMSLibSession
IMS_setRetryAfterResponseHandlingData
IMS_setUserAsDefaultForClientId
IMS_storeDeviceTokenAndUserProfile
IMS_storeDeviceTokenAndUserProfileEx

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 631KB - Virtual size: 631KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64/imshelper.dll
.dll windows:6 windows x64 arch:x64

7f02d4e63fb017a7d8cfeab1db2420be

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b3:d0:39:28:f2:83:e0:2e:8c:e7:d0:18:e7:a3:5a:8b:8a:81:15:ec:c1:46:3c:4d:59:fd:9a:2c:2e:2b:4a:23
Signer

Actual PE Digest

b3:d0:39:28:f2:83:e0:2e:8c:e7:d0:18:e7:a3:5a:8b:8a:81:15:ec:c1:46:3c:4d:59:fd:9a:2c:2e:2b:4a:23

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

E:\jenkins\Daily\NGLU\build\master\nglu\public\nglu-lib\x64\Release_x64\imshelper.pdb

Imports

winhttp

WinHttpQueryDataAvailable
WinHttpCrackUrl
WinHttpConnect
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpSetCredentials
WinHttpSendRequest
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpOpenRequest
WinHttpReadData
WinHttpQueryHeaders
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpReceiveResponse

kernel32

GetFileSizeEx
FindClose
CreateFileW
GetFileAttributesW
SetFileAttributesW
FormatMessageW
LocalFree
HeapFree
HeapAlloc
GetProcessHeap
GetCurrentProcess
DeviceIoControl
GetTempPathW
GetVersionExW
GetSystemDirectoryW
GetComputerNameExW
FileTimeToSystemTime
GetNativeSystemInfo
RaiseException
LoadLibraryW
GetWindowsDirectoryW
GetProcAddress
CreateProcessW
GetModuleHandleW
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
GetLocalTime
GetTimeFormatW
GetDateFormatW
CloseHandle
GetLastError
ReleaseMutex
WaitForSingleObject
CreateMutexW
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetCurrentProcessId
SetStdHandle
ReadConsoleW
GetCurrentThreadId
GetACP
SetFilePointerEx
FlushFileBuffers
GetStdHandle
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
WriteFile
GetModuleFileNameA
ExitProcess
GetModuleHandleExW
HeapReAlloc
GetTimeZoneInformation
ReadFile
GetFileType
RtlUnwindEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WriteConsoleW
HeapSize
SetEndOfFile
InterlockedPushEntrySList
InterlockedPopEntrySList
ReleaseSemaphore
OpenMutexW
VirtualProtect
VirtualFree
TryEnterCriticalSection
GetStringTypeW
QueryPerformanceCounter
QueryPerformanceFrequency
RtlPcToFileHeader
EncodePointer
DecodePointer
IsProcessorFeaturePresent
DuplicateHandle
WaitForSingleObjectEx
Sleep
GetCurrentThread
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
SetEvent
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
CreateTimerQueue
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetThreadTimes
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
LoadLibraryExW
VirtualAlloc

advapi32

CredDeleteW
CredEnumerateW
CredReadW
CredWriteW
GetUserNameW
RegQueryValueExW
RegEnumValueW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteKeyExW
RegCloseKey
CredFree

shell32

SHGetKnownFolderPath
SHCreateDirectoryExW

ole32

CoTaskMemFree
CoCreateGuid

shlwapi

UrlEscapeW
PathRemoveExtensionW
PathFindFileNameW
PathRemoveFileSpecW
PathRenameExtensionW
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW
PathAppendW
PathIsDirectoryW

bcrypt

BCryptEncrypt
BCryptOpenAlgorithmProvider
BCryptGenerateSymmetricKey
BCryptSetProperty
BCryptDecrypt
BCryptDestroyKey
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData
BCryptGetProperty

crypt32

CertCloseStore
CryptUnprotectData
CryptProtectData

secur32

GetUserNameExW

Exports

Exports

GetNGLDeviceIdentifier
GetNGLDeviceIdentifierForOSUser

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 752KB - Virtual size: 751KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/ADC/LCC/LCC.pimx
packages/ADC/LCC/LCC.sig
.xml
packages/ADC/Runtime/Runtime.pima
.zip
customhook/RuntimeCustomHook.exe
.exe windows:5 windows x86 arch:x86

81764398f901ad8a8602ad6f62c7b111

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:0b:30:68:f8:80:c5:6e:35:0e:3a:5c:c1:93:63:53:f3:be:89:1b:c7:92:6f:b2:ce:aa:81:8e:a7:e2:8d:11
Signer

Actual PE Digest

0d:0b:30:68:f8:80:c5:6e:35:0e:3a:5c:c1:93:63:53:f3:be:89:1b:c7:92:6f:b2:ce:aa:81:8e:a7:e2:8d:11

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\jenkins\CI\CCDevAssist\build\x64\main\dev-assist\build\msvs_win32\Release\x86\sym\RuntimeCustomHook\RuntimeCustomHook\RuntimeCustomHook.pdb

Imports

msi

ord113

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathIsDirectoryW
PathAppendW
PathRemoveExtensionW
PathRemoveFileSpecW
PathFindFileNameW
PathFileExistsW
PathAddExtensionW
PathIsFileSpecW
PathRenameExtensionW

kernel32

FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
SetEnvironmentVariableW
SetStdHandle
GetConsoleCP
SetEndOfFile
WriteConsoleW
FreeEnvironmentStringsW
GetCurrentProcessId
FindFirstFileW
FindNextFileW
WriteFile
SetFilePointer
GetTempPathW
CreateFileW
GetCurrentThreadId
GetLastError
DeleteFileW
CloseHandle
lstrcmpW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
InitializeCriticalSectionEx
RaiseException
DecodePointer
GetCurrentProcess
GetVersionExW
CreateEventW
GetProcAddress
LocalFree
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
ReadFile
GetModuleFileNameW
FindClose
GetFileAttributesW
SetFileAttributesW
MoveFileExW
FlushFileBuffers
HeapFree
SetLastError
TerminateProcess
WaitForSingleObject
HeapSize
SetEvent
HeapReAlloc
ResetEvent
HeapAlloc
GetProcessHeap
CreateProcessW
GetExitCodeProcess
GetFileSizeEx
MultiByteToWideChar
FileTimeToSystemTime
GetLocalTime
GetTimeFormatW
SystemTimeToFileTime
WideCharToMultiByte
GetDateFormatW
CreateMutexW
ReleaseMutex
OpenMutexW
GetUserDefaultLangID
FreeLibrary
SetFilePointerEx
GetUserDefaultLCID
LCMapStringW
GetUserDefaultUILanguage
GetStringTypeW
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
GetLocaleInfoW
GetCPInfo
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
OutputDebugStringW
RtlUnwind
LoadLibraryExW
GetTimeZoneInformation
ExitProcess
GetModuleHandleExW
GetStdHandle
GetCommandLineA
GetCommandLineW
GetFileType
IsValidLocale
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

oleaut32

VariantClear

Sections

.text
Size: 258KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/vc10/32bit/vcredist_x86.exe
.exe windows:5 windows x86 arch:x86

a1f6f100bff4507a3332f3f0cdfc24f5

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

20:22:7a:17:90:1b:2a:6f:c1:d5:a2:03:b9:20:57:e2:74:a5:ca:ce:d6:b2:4b:b0:fc:e4:cb:90:1b:1a:08:db
Signer

Actual PE Digest

20:22:7a:17:90:1b:2a:6f:c1:d5:a2:03:b9:20:57:e2:74:a5:ca:ce:d6:b2:4b:b0:fc:e4:cb:90:1b:1a:08:db

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

sfxcab.pdb

Imports

msvcrt

__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_adjust_fdiv
_exit
_c_exit
strncpy
strstr
_strlwr
strrchr
_stricmp
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_snprintf
sprintf
strchr
_strnicmp
_vsnprintf

advapi32

InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
GetLengthSid
InitiateSystemShutdownA
InitializeSecurityDescriptor

kernel32

CreateThread
GetFileSize
ExpandEnvironmentStringsA
CreateProcessA
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
LocalFileTimeToFileTime
SetFileTime
SetEndOfFile
CreateEventA
QueryDosDeviceA
GetDiskFreeSpaceA
GetSystemTime
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetProcessHeap
CopyFileA
SetFileAttributesA
DosDateTimeToFileTime
SetEvent
GetVersionExA
ReadFile
SetFilePointer
MoveFileExA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTickCount
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
DeviceIoControl
CreateFileA
GetDriveTypeA
HeapFree
FormatMessageA
LeaveCriticalSection
DeleteFileA
EnterCriticalSection
TerminateProcess
WaitForMultipleObjects
CreateEventW
FindFirstFileA
Sleep
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
HeapAlloc
SetLastError
WriteFile
MoveFileA
ExitProcess
DeleteCriticalSection
FlushFileBuffers
WaitForSingleObject
OpenEventA
GetCurrentProcess
GetFileAttributesA
GetCommandLineA
GetModuleFileNameA
FindClose
FindNextFileA
SystemTimeToFileTime

user32

SendDlgItemMessageA
SendMessageA
DialogBoxParamA
MessageBoxA
SetParent
EndDialog
LoadStringA
ShowWindow

ntdll

NtOpenProcessToken
NtAdjustPrivilegesToken
NtClose
NtShutdownSystem

comctl32

ord17

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8.5MB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
customhook/vc10/64bit/vcredist_x64.exe
.exe windows:5 windows x86 arch:x86

a1f6f100bff4507a3332f3f0cdfc24f5

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:77:e0:d0:19:1e:d3:5a:9d:2f:c9:c1:a3:b2:0f:f1:4d:07:80:0c:6c:c5:de:a8:be:c7:5f:c6:f7:ea:59:29
Signer

Actual PE Digest

00:77:e0:d0:19:1e:d3:5a:9d:2f:c9:c1:a3:b2:0f:f1:4d:07:80:0c:6c:c5:de:a8:be:c7:5f:c6:f7:ea:59:29

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

sfxcab.pdb

Imports

msvcrt

__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_adjust_fdiv
_exit
_c_exit
strncpy
strstr
_strlwr
strrchr
_stricmp
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_snprintf
sprintf
strchr
_strnicmp
_vsnprintf

advapi32

InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
GetLengthSid
InitiateSystemShutdownA
InitializeSecurityDescriptor

kernel32

CreateThread
GetFileSize
ExpandEnvironmentStringsA
CreateProcessA
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
LocalFileTimeToFileTime
SetFileTime
SetEndOfFile
CreateEventA
QueryDosDeviceA
GetDiskFreeSpaceA
GetSystemTime
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetProcessHeap
CopyFileA
SetFileAttributesA
DosDateTimeToFileTime
SetEvent
GetVersionExA
ReadFile
SetFilePointer
MoveFileExA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTickCount
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
DeviceIoControl
CreateFileA
GetDriveTypeA
HeapFree
FormatMessageA
LeaveCriticalSection
DeleteFileA
EnterCriticalSection
TerminateProcess
WaitForMultipleObjects
CreateEventW
FindFirstFileA
Sleep
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
HeapAlloc
SetLastError
WriteFile
MoveFileA
ExitProcess
DeleteCriticalSection
FlushFileBuffers
WaitForSingleObject
OpenEventA
GetCurrentProcess
GetFileAttributesA
GetCommandLineA
GetModuleFileNameA
FindClose
FindNextFileA
SystemTimeToFileTime

user32

SendDlgItemMessageA
SendMessageA
DialogBoxParamA
MessageBoxA
SetParent
EndDialog
LoadStringA
ShowWindow

ntdll

NtOpenProcessToken
NtAdjustPrivilegesToken
NtClose
NtShutdownSystem

comctl32

ord17

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9.8MB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
customhook/vc12/32bit/vcredist_x86.exe
.exe windows:5 windows x86 arch:x86

33c6db41ca15b47cfcec52de6c2ab2b7

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

51:3c:0e:d0:e9:29:66:d4:05:e1:26:24:9d:da:d9:c0:63:79:c5:68:38:c7:69:c5:25:f3:62:ab:0e:b8:a4:f6
Signer

Actual PE Digest

51:3c:0e:d0:e9:29:66:d4:05:e1:26:24:9d:da:d9:c0:63:79:c5:68:38:c7:69:c5:25:f3:62:ab:0e:b8:a4:f6

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

E:\delivery\Dev\wix36_dev11\build\ship\x86\x86\burn.pdb

Imports

kernel32

CopyFileExW
MapViewOfFile
CreateFileMappingW
CreateMutexW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
ResetEvent
SetEndOfFile
DeleteFileW
GetThreadLocale
UnmapViewOfFile
GetFullPathNameW
GetTempFileNameW
CreateDirectoryW
GetLocalTime
SetFilePointer
GetComputerNameW
CreateFileA
GetProcessHeap
GetModuleHandleA
CopyFileW
MoveFileExW
GlobalFree
GlobalAlloc
GetFileSizeEx
GetCurrentDirectoryW
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
RaiseException
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FormatMessageW
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
CompareStringW
InitializeCriticalSection
CloseHandle
LocalFree
ReleaseMutex
GetVersionExW
GetProcessId
ReadFile
CreateNamedPipeW
ConnectNamedPipe
SetNamedPipeHandleState
lstrlenW
WaitForSingleObject
OpenProcess
CreateFileW
SetFilePointerEx
lstrlenA
RemoveDirectoryW
GetFileAttributesW
ExpandEnvironmentStringsW
VerifyVersionInfoW
VerSetConditionMask
GetTempPathW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GetVolumePathNameW
GetWindowsDirectoryW
GetSystemDefaultLangID
GetUserDefaultLangID
GetDateFormatW
GetSystemTime
LoadLibraryW
InterlockedCompareExchange
GetExitCodeThread
CreateThread
SetEvent
WaitForMultipleObjects
CreateEventW
ProcessIdToSessionId
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
GetExitCodeProcess
SetThreadExecutionState
FlushFileBuffers

msi

ord171
ord45
ord137
ord125
ord17
ord8
ord141
ord238
ord190
ord88
ord90
ord173
ord111
ord70
ord169
ord118
ord115
ord116
ord205

shell32

SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW

rpcrt4

UuidCreate

wininet

HttpQueryInfoW
InternetCrackUrlW
InternetSetOptionW
InternetConnectW
InternetCloseHandle
InternetOpenW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetErrorDlg
InternetReadFile
HttpSendRequestW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
CryptCATAdminCalcHashFromFileHandle

crypt32

CertGetCertificateContextProperty
CryptHashPublicKeyInfo

gdi32

DeleteDC
DeleteObject
GetObjectW
CreateCompatibleDC
SelectObject
StretchBlt

cabinet

ord23
ord22
ord20

advapi32

CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
SetNamedSecurityInfoW
AllocateAndInitializeSid
CheckTokenMembership
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
InitializeSecurityDescriptor
SetEntriesInAclA
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegOpenKeyExW
GetTokenInformation
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
ChangeServiceConfigW
DecryptFileW
SetEntriesInAclW
InitializeAcl
CreateWellKnownSid
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
QueryServiceConfigW

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

ole32

CLSIDFromProgID
CoInitializeSecurity
CoTaskMemFree
CoCreateInstance
CoInitialize
CoInitializeEx
CoUninitialize
StringFromGUID2

user32

LoadBitmapW
IsWindow
PostMessageW
PeekMessageW
GetMessageW
GetWindowLongW
SetWindowLongW
DefWindowProcW
UnregisterClassW
DispatchMessageW
TranslateMessage
IsDialogMessageW
CreateWindowExW
RegisterClassW
MsgWaitForMultipleObjects
LoadCursorW
PostQuitMessage
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
PostThreadMessageW
MessageBoxW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/vc12/64bit/vcredist_x64.exe
.exe windows:5 windows x86 arch:x86

33c6db41ca15b47cfcec52de6c2ab2b7

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:21:a8:7f:5a:3b:9a:0a:03:ac:c7:ff:64:14:0d:fb:d7:83:d6:35:6f:b3:45:b4:6a:5d:07:98:a0:f2:ce:30
Signer

Actual PE Digest

f9:21:a8:7f:5a:3b:9a:0a:03:ac:c7:ff:64:14:0d:fb:d7:83:d6:35:6f:b3:45:b4:6a:5d:07:98:a0:f2:ce:30

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

E:\delivery\Dev\wix36_dev11\build\ship\x86\x86\burn.pdb

Imports

kernel32

CopyFileExW
MapViewOfFile
CreateFileMappingW
CreateMutexW
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
ResetEvent
SetEndOfFile
DeleteFileW
GetThreadLocale
UnmapViewOfFile
GetFullPathNameW
GetTempFileNameW
CreateDirectoryW
GetLocalTime
SetFilePointer
GetComputerNameW
CreateFileA
GetProcessHeap
GetModuleHandleA
CopyFileW
MoveFileExW
GlobalFree
GlobalAlloc
GetFileSizeEx
GetCurrentDirectoryW
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
RaiseException
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FormatMessageW
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
GetModuleFileNameW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
VirtualFree
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW
GetTimeZoneInformation
CompareStringW
InitializeCriticalSection
CloseHandle
LocalFree
ReleaseMutex
GetVersionExW
GetProcessId
ReadFile
CreateNamedPipeW
ConnectNamedPipe
SetNamedPipeHandleState
lstrlenW
WaitForSingleObject
OpenProcess
CreateFileW
SetFilePointerEx
lstrlenA
RemoveDirectoryW
GetFileAttributesW
ExpandEnvironmentStringsW
VerifyVersionInfoW
VerSetConditionMask
GetTempPathW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GetVolumePathNameW
GetWindowsDirectoryW
GetSystemDefaultLangID
GetUserDefaultLangID
GetDateFormatW
GetSystemTime
LoadLibraryW
InterlockedCompareExchange
GetExitCodeThread
CreateThread
SetEvent
WaitForMultipleObjects
CreateEventW
ProcessIdToSessionId
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
GetExitCodeProcess
SetThreadExecutionState
FlushFileBuffers

msi

ord171
ord45
ord137
ord125
ord17
ord8
ord141
ord238
ord190
ord88
ord90
ord173
ord111
ord70
ord169
ord118
ord115
ord116
ord205

shell32

SHGetFolderPathW
ShellExecuteExW
CommandLineToArgvW

rpcrt4

UuidCreate

wininet

HttpQueryInfoW
InternetCrackUrlW
InternetSetOptionW
InternetConnectW
InternetCloseHandle
InternetOpenW
HttpAddRequestHeadersW
HttpOpenRequestW
InternetErrorDlg
InternetReadFile
HttpSendRequestW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
CryptCATAdminCalcHashFromFileHandle

crypt32

CertGetCertificateContextProperty
CryptHashPublicKeyInfo

gdi32

DeleteDC
DeleteObject
GetObjectW
CreateCompatibleDC
SelectObject
StretchBlt

cabinet

ord23
ord22
ord20

advapi32

CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
SetNamedSecurityInfoW
AllocateAndInitializeSid
CheckTokenMembership
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegQueryInfoKeyW
RegSetValueExW
InitializeSecurityDescriptor
SetEntriesInAclA
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
SetSecurityDescriptorDacl
RegOpenKeyExW
GetTokenInformation
OpenSCManagerW
OpenServiceW
QueryServiceStatus
CloseServiceHandle
ChangeServiceConfigW
DecryptFileW
SetEntriesInAclW
InitializeAcl
CreateWellKnownSid
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
RegCloseKey
ConvertStringSecurityDescriptorToSecurityDescriptorW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
QueryServiceConfigW

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

ole32

CLSIDFromProgID
CoInitializeSecurity
CoTaskMemFree
CoCreateInstance
CoInitialize
CoInitializeEx
CoUninitialize
StringFromGUID2

user32

LoadBitmapW
IsWindow
PostMessageW
PeekMessageW
GetMessageW
GetWindowLongW
SetWindowLongW
DefWindowProcW
UnregisterClassW
DispatchMessageW
TranslateMessage
IsDialogMessageW
CreateWindowExW
RegisterClassW
MsgWaitForMultipleObjects
LoadCursorW
PostQuitMessage
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
PostThreadMessageW
MessageBoxW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

Sections

.text
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/vc13/32bit/vcredist_x86.exe
.exe windows:5 windows x86 arch:x86

8e2588a9cf43886de3449dfff03137b6

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

52:23:3d:61:a3:c7:a5:8d:8d:8c:82:da:a0:4b:34:8f:7b:f4:1d:29:40:64:85:23:a9:3c:34:b5:c4:85:42:3f
Signer

Actual PE Digest

52:23:3d:61:a3:c7:a5:8d:8d:8c:82:da:a0:4b:34:8f:7b:f4:1d:29:40:64:85:23:a9:3c:34:b5:c4:85:42:3f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

E:\delivery\Dev\wix37\build\ship\x86\burn.pdb

Imports

gdiplus

GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromResource
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipAlloc

advapi32

QueryServiceConfigW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
GetUserNameW
InitiateSystemShutdownExW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
DecryptFileW
ChangeServiceConfigW
ControlService
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegQueryInfoKeyW
RegSetValueExW
SetEntriesInAclA
SetSecurityDescriptorGroup
RegOpenKeyExW
GetTokenInformation
CheckTokenMembership
AllocateAndInitializeSid
FreeSid
LookupAccountNameW
SetNamedSecurityInfoW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

user32

GetMessageW
PeekMessageW
PostMessageW
IsWindow
PostQuitMessage
GetWindowLongW
SetWindowLongW
DefWindowProcW
UnregisterClassW
DispatchMessageW
TranslateMessage
IsDialogMessageW
MsgWaitForMultipleObjects
WaitForInputIdle
LoadCursorW
BeginPaint
EndPaint
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
ReleaseDC
MessageBoxW
PostThreadMessageW
RegisterClassW
CreateWindowExW

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

gdi32

GetDeviceCaps
CreateDCW

shell32

ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx
StringFromGUID2
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCurrentProcess
InitializeCriticalSection
TlsFree
DeleteCriticalSection
CloseHandle
TlsGetValue
Sleep
GetLastError
ReleaseMutex
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetVersionExW
GetModuleHandleW
ReadFile
SetFilePointerEx
CreateFileW
GetCurrentProcessId
GetProcessId
WriteFile
ConnectNamedPipe
SetNamedPipeHandleState
lstrlenW
CompareStringW
LocalFree
CreateNamedPipeW
WaitForSingleObject
OpenProcess
lstrlenA
RemoveDirectoryW
GetFileAttributesW
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetProcAddress
VerifyVersionInfoW
VerSetConditionMask
GetComputerNameW
GetTempPathW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GetVolumePathNameW
HeapAlloc
GetSystemDefaultLangID
GetUserDefaultLangID
GetDateFormatW
GetSystemTime
InterlockedExchange
LoadLibraryW
InterlockedCompareExchange
GetExitCodeThread
CreateThread
SetEvent
WaitForMultipleObjects
CreateEventW
ProcessIdToSessionId
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
HeapSetInformation
MapViewOfFile
CreateFileMappingW
CreateMutexW
SetEndOfFile
ResetEvent
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
GetSystemTimeAsFileTime
VirtualFree
VirtualAlloc
DeleteFileW
GetThreadLocale
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GlobalAlloc
IsProcessorFeaturePresent
GetTickCount
QueryPerformanceCounter
HeapCreate
SetLastError
EncodePointer
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
GlobalFree
MoveFileExW
CopyFileW
GetFileSizeEx
GetModuleHandleA
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
LCMapStringW
MultiByteToWideChar
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetLocalTime
UnmapViewOfFile
IsDebuggerPresent
DuplicateHandle
HeapFree
FormatMessageW
GetTempFileNameW
GetWindowsDirectoryW
CompareStringA
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
DecodePointer
ExitProcess
SetUnhandledExceptionFilter
GetStartupInfoW
GetCommandLineW
GetFullPathNameW
CreateDirectoryW
GetProcessHeap

cabinet

ord22
ord20
ord23

crypt32

CertGetCertificateContextProperty
CryptHashPublicKeyInfo

msi

ord88
ord17
ord125
ord116
ord115
ord118
ord8
ord171
ord205
ord45
ord137
ord141
ord238
ord190
ord169
ord90
ord173
ord111
ord70

rpcrt4

UuidCreate

wininet

InternetCloseHandle
HttpAddRequestHeadersW
HttpOpenRequestW
InternetErrorDlg
InternetReadFile
HttpSendRequestW
InternetSetOptionW
InternetOpenW
HttpQueryInfoW
InternetCrackUrlW
InternetConnectW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
CryptCATAdminCalcHashFromFileHandle

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/vc13/64bit/vcredist_x64.exe
.exe windows:5 windows x86 arch:x86

8e2588a9cf43886de3449dfff03137b6

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d2:15:be:d8:35:8b:b3:7c:e3:4d:4d:50:1d:e6:91:02:c5:a1:a4:0d:b3:8f:12:4d:59:61:61:e5:59:2d:0e:e7
Signer

Actual PE Digest

d2:15:be:d8:35:8b:b3:7c:e3:4d:4d:50:1d:e6:91:02:c5:a1:a4:0d:b3:8f:12:4d:59:61:61:e5:59:2d:0e:e7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

E:\delivery\Dev\wix37\build\ship\x86\burn.pdb

Imports

gdiplus

GdiplusShutdown
GdiplusStartup
GdipDeleteGraphics
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGetImageWidth
GdipGetImageHeight
GdipCreateBitmapFromResource
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipAlloc

advapi32

QueryServiceConfigW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
RegDeleteValueW
RegQueryValueExW
GetUserNameW
InitiateSystemShutdownExW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
DecryptFileW
ChangeServiceConfigW
ControlService
CloseServiceHandle
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegQueryInfoKeyW
RegSetValueExW
SetEntriesInAclA
SetSecurityDescriptorGroup
RegOpenKeyExW
GetTokenInformation
CheckTokenMembership
AllocateAndInitializeSid
FreeSid
LookupAccountNameW
SetNamedSecurityInfoW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorOwner

user32

GetMessageW
PeekMessageW
PostMessageW
IsWindow
PostQuitMessage
GetWindowLongW
SetWindowLongW
DefWindowProcW
UnregisterClassW
DispatchMessageW
TranslateMessage
IsDialogMessageW
MsgWaitForMultipleObjects
WaitForInputIdle
LoadCursorW
BeginPaint
EndPaint
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
ReleaseDC
MessageBoxW
PostThreadMessageW
RegisterClassW
CreateWindowExW

oleaut32

VariantClear
VariantInit
SysAllocString
SysFreeString

gdi32

GetDeviceCaps
CreateDCW

shell32

ShellExecuteExW
SHGetFolderPathW
CommandLineToArgvW

ole32

CoTaskMemFree
CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx
StringFromGUID2
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCurrentProcess
InitializeCriticalSection
TlsFree
DeleteCriticalSection
CloseHandle
TlsGetValue
Sleep
GetLastError
ReleaseMutex
TlsSetValue
TlsAlloc
GetCurrentThreadId
GetVersionExW
GetModuleHandleW
ReadFile
SetFilePointerEx
CreateFileW
GetCurrentProcessId
GetProcessId
WriteFile
ConnectNamedPipe
SetNamedPipeHandleState
lstrlenW
CompareStringW
LocalFree
CreateNamedPipeW
WaitForSingleObject
OpenProcess
lstrlenA
RemoveDirectoryW
GetFileAttributesW
ExpandEnvironmentStringsW
LeaveCriticalSection
EnterCriticalSection
FreeLibrary
GetProcAddress
VerifyVersionInfoW
VerSetConditionMask
GetComputerNameW
GetTempPathW
GetSystemDirectoryW
GetSystemWow64DirectoryW
GetVolumePathNameW
HeapAlloc
GetSystemDefaultLangID
GetUserDefaultLangID
GetDateFormatW
GetSystemTime
InterlockedExchange
LoadLibraryW
InterlockedCompareExchange
GetExitCodeThread
CreateThread
SetEvent
WaitForMultipleObjects
CreateEventW
ProcessIdToSessionId
InterlockedIncrement
InterlockedDecrement
GetStringTypeW
SetFileAttributesW
FindClose
FindNextFileW
FindFirstFileW
CreateProcessW
SetCurrentDirectoryW
GetCurrentDirectoryW
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
HeapSetInformation
MapViewOfFile
CreateFileMappingW
CreateMutexW
SetEndOfFile
ResetEvent
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CreateFileA
GetSystemTimeAsFileTime
VirtualFree
VirtualAlloc
DeleteFileW
GetThreadLocale
GetTimeZoneInformation
TerminateProcess
UnhandledExceptionFilter
SystemTimeToTzSpecificLocalTime
SystemTimeToFileTime
GlobalAlloc
IsProcessorFeaturePresent
GetTickCount
QueryPerformanceCounter
HeapCreate
SetLastError
EncodePointer
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
GetEnvironmentStringsW
GlobalFree
MoveFileExW
CopyFileW
GetFileSizeEx
GetModuleHandleA
RaiseException
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
RtlUnwind
SetFilePointer
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
LCMapStringW
MultiByteToWideChar
SetStdHandle
WriteConsoleW
FlushFileBuffers
GetLocalTime
UnmapViewOfFile
IsDebuggerPresent
DuplicateHandle
HeapFree
FormatMessageW
GetTempFileNameW
GetWindowsDirectoryW
CompareStringA
FreeEnvironmentStringsW
GetModuleFileNameW
GetStdHandle
DecodePointer
ExitProcess
SetUnhandledExceptionFilter
GetStartupInfoW
GetCommandLineW
GetFullPathNameW
CreateDirectoryW
GetProcessHeap

cabinet

ord22
ord20
ord23

crypt32

CertGetCertificateContextProperty
CryptHashPublicKeyInfo

msi

ord88
ord17
ord125
ord116
ord115
ord118
ord8
ord171
ord205
ord45
ord137
ord141
ord238
ord190
ord169
ord90
ord173
ord111
ord70

rpcrt4

UuidCreate

wininet

InternetCloseHandle
HttpAddRequestHeadersW
HttpOpenRequestW
InternetErrorDlg
InternetReadFile
HttpSendRequestW
InternetSetOptionW
InternetOpenW
HttpQueryInfoW
InternetCrackUrlW
InternetConnectW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
CryptCATAdminCalcHashFromFileHandle

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

Sections

.text
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/vc14/32bit/vcredist_x86.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

21:d4:b9:bd:a7:f7:ee:4d:d0:f6:e5:35:f9:9e:d0:e3:d9:a1:26:8f:f7:e5:f2:de:4f:3d:a1:f8:5d:47:ca:87
Signer

Actual PE Digest

21:d4:b9:bd:a7:f7:ee:4d:d0:f6:e5:35:f9:9e:d0:e3:d9:a1:26:8f:f7:e5:f2:de:4f:3d:a1:f8:5d:47:ca:87

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/vc14/64bit/vcredist_x64.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

c6:32:0e:29:cf:fc:33:a9:b6:f8:2b:5a:de:e5:56:c9:58:1c:d1:62:52:15:4b:2f:76:6c:36:ac:4f:90:23:2f
Signer

Actual PE Digest

c6:32:0e:29:cf:fc:33:a9:b6:f8:2b:5a:de:e5:56:c9:58:1c:d1:62:52:15:4b:2f:76:6c:36:ac:4f:90:23:2f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
customhook/vc14/winarm64bit/VCredist_arm64.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f6:d5:80:6e:83:38:95:ab:2c:74:d4:57:68:06:aa:28:90:cf:31:c2:60:3f:15:e0:64:7f:34:3d:6d:05:33:b7
Signer

Actual PE Digest

f6:d5:80:6e:83:38:95:ab:2c:74:d4:57:68:06:aa:28:90:cf:31:c2:60:3f:15:e0:64:7f:34:3d:6d:05:33:b7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
packages/ADC/Runtime/Runtime.pimx
packages/ADC/Runtime/Runtime.sig
.xml
packages/ApplicationInfo.xml
.xml
products/.DS_Store
products/Driver.xml
.xml
products/SPRK/UWPAssets.zip
.zip
1/AEPlugin/AEXD.aex
.dll windows:6 windows x64 arch:x64

03f77437221c69b6f966ac72645c5c44

Code Sign

04:c7:b4:2b:6d:d5:c2:79:95:84:f2:e8:96:4d:2b:e2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:79:2d:a4:37:08:82:c7:af:8b:3a:d1:93:a7:38:7d:89:47:7e:96:bd:42:31:90:18:28:46:77:e9:09:5f:08
Signer

Actual PE Digest

64:79:2d:a4:37:08:82:c7:af:8b:3a:d1:93:a7:38:7d:89:47:7e:96:bd:42:31:90:18:28:46:77:e9:09:5f:08

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Jenkins\workspace\WebPA\ae-xd\master-2\AEXD\Win\AEXD\x64\Release\AEXD.pdb

Imports

vulcanmessage5

?ReleaseInstance@IVulcanMessageDispatcher@api5@vulcan@adobe@@SAXXZ
??0EndPoint@api5@vulcan@adobe@@QEAA@AEBV0123@@Z
?GetInstance@IVulcanMessageDispatcher@api5@vulcan@adobe@@SA?AW4VulcanMessageErrorCode@@PEAPEAV1234@@Z
??1EndPoint@api5@vulcan@adobe@@UEAA@XZ
?GetIdSize@EndPoint@api5@vulcan@adobe@@QEBA_KXZ
?GetId@EndPoint@api5@vulcan@adobe@@QEBAXPEAD@Z
?GetAppIdSize@EndPoint@api5@vulcan@adobe@@QEBA_KXZ
?GetAppId@EndPoint@api5@vulcan@adobe@@QEBAXPEAD@Z
?GetAppVersionSize@EndPoint@api5@vulcan@adobe@@QEBA_KXZ
?GetAppVersion@EndPoint@api5@vulcan@adobe@@QEBAXPEAD@Z
?GetTypeSize@VulcanMessage@api5@vulcan@adobe@@QEBA_KXZ
?GetType@VulcanMessage@api5@vulcan@adobe@@QEBAXPEAD@Z
?GetAppIdSize@VulcanMessage@api5@vulcan@adobe@@QEBA_KXZ
?GetAppId@VulcanMessage@api5@vulcan@adobe@@QEBAXPEAD@Z
?GetAppVersionSize@VulcanMessage@api5@vulcan@adobe@@QEBA_KXZ
?GetAppVersion@VulcanMessage@api5@vulcan@adobe@@QEBAXPEAD@Z
??0SuiteMessage@api5@vulcan@adobe@@QEAA@PEBD@Z
??1SuiteMessage@api5@vulcan@adobe@@UEAA@XZ
?SetSource@SuiteMessage@api5@vulcan@adobe@@QEAAXAEBVEndPoint@234@@Z
?GetPayloadSize@SuiteMessage@api5@vulcan@adobe@@QEBA_KXZ
?GetPayload@SuiteMessage@api5@vulcan@adobe@@QEBAXPEAD@Z
?SetPayload@SuiteMessage@api5@vulcan@adobe@@QEAAXPEBD@Z
??1IVulcanMessageListener@api5@vulcan@adobe@@UEAA@XZ
??0IVulcanMessageListener@api5@vulcan@adobe@@QEAA@XZ
?SetConfig@IVulcanMessageDispatcher@api5@vulcan@adobe@@SA?AW4VulcanMessageErrorCode@@PEBD0@Z

api-ms-win-core-path-l1-1-0

PathAllocCombine
PathCchRemoveFileSpec

kernel32

GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
GetCurrentThreadId
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
RtlLookupFunctionEntry
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
FindNextFileW
GetFileAttributesW
RemoveDirectoryW
GetTempPathW
GetLastError
LocalFree
CopyFileW
MoveFileExW
InitializeSListHead

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

msvcp140

?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?_Throw_C_error@std@@YAXH@Z
?_Xbad_alloc@std@@YAXXZ
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?uncaught_exception@std@@YA_NXZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?_BADOFF@std@@3_JB
??0_Lockit@std@@QEAA@H@Z
??1_Lockit@std@@QEAA@XZ
?_Xinvalid_argument@std@@YAXPEBD@Z
_Getcoll
_Strcoll
_Strxfrm
??0_Locinfo@std@@QEAA@PEBD@Z
??1_Locinfo@std@@QEAA@XZ
??Bid@locale@std@@QEAA_KXZ
??0facet@locale@std@@IEAA@_K@Z
??1facet@locale@std@@MEAA@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?always_noconv@codecvt_base@std@@QEBA_NXZ
?tolower@?$ctype@D@std@@QEBADD@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
?id@?$ctype@D@std@@2V0locale@2@A
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?id@?$collate@D@std@@2V0locale@2@A
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Locimp_Addfac@_Locimp@locale@std@@CAXPEAV123@PEAVfacet@23@_K@Z
??0codecvt_base@std@@QEAA@_K@Z
??1codecvt_base@std@@UEAA@XZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?do_encoding@codecvt_base@std@@MEBAHXZ
?do_max_length@codecvt_base@std@@MEBAHXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
_Xtime_get_ticks
_Thrd_sleep
_Mtx_init_in_situ
_Mtx_destroy_in_situ
_Mtx_lock
_Mtx_unlock

vcruntime140

_purecall
__std_type_info_destroy_list
__vcrt_InitializeCriticalSectionEx
__CxxFrameHandler3
_CxxThrowException
memmove
memcpy
memset
__std_terminate
memcmp
__std_exception_copy
__std_exception_destroy
memchr
strchr
__RTDynamicCast
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
terminate
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_wassert
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_invalid_parameter_noinfo
_cexit
_errno

api-ms-win-crt-heap-l1-1-0

free
_callnewh
realloc
malloc

api-ms-win-crt-environment-l1-1-0

_wdupenv_s

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_wfullpath
_unlock_file
_wstat64i32

api-ms-win-crt-math-l1-1-0

cos
sin
hypot
sqrt
fmod
atan
asin
ceil
acos
atan2

api-ms-win-crt-convert-l1-1-0

strtod
strtoull

api-ms-win-crt-stdio-l1-1-0

fclose
fflush
fgetc
fgetpos
fputc
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
_get_stream_buffer_pointers

Exports

Exports

AEXDEntryPoint

Sections

.text
Size: 432KB - Virtual size: 432KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 142KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 338B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 777B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 283B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1/SparklerApp/Dependencies/x64/Microsoft.NET.Native.Framework.2.2.appx
.appx
1/SparklerApp/Dependencies/x64/Microsoft.NET.Native.Runtime.2.2.appx
.appx
1/SparklerApp/Dependencies/x64/Microsoft.UI.Xaml.2.5.appx
.appx
1/SparklerApp/Dependencies/x64/Microsoft.VCLibs.x64.14.00.Desktop.appx
.appx
1/SparklerApp/Dependencies/x64/Microsoft.VCLibs.x64.14.00.appx
.appx
1/SparklerApp/SparklerApp.appx
.appx
1/SparklerApp/SparklerApp_49.0.12.14_x64.cer
1/SupportAssets/CSDKConfigurator.exe
.exe windows:6 windows x64 arch:x64

e40fdd928c9d8322b19345e11e99ccf5

Code Sign

04:c7:b4:2b:6d:d5:c2:79:95:84:f2:e8:96:4d:2b:e2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ea:e3:38:2f:07:64:2f:ef:b0:d7:4d:c0:2f:7a:f7:1c:3a:13:e8:7e:9a:83:71:59:a8:8b:06:44:e0:75:9c:1b
Signer

Actual PE Digest

ea:e3:38:2f:07:64:2f:ef:b0:d7:4d:c0:2f:7a:f7:1c:3a:13:e8:7e:9a:83:71:59:a8:8b:06:44:e0:75:9c:1b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Jenkins\workspace\xd\buildSupport\HyperDrive\CSDKConfigurator\x64\Release\CSDKConfigurator.pdb

Imports

shlwapi

PathFileExistsW
PathRemoveFileSpecW

api-ms-win-core-path-l1-1-0

PathCchAddBackslash
PathCchRemoveFileSpec
PathCchAppend

kernel32

WaitForSingleObject
LocalAlloc
OpenProcess
SetFileAttributesW
DeleteFileW
DecodePointer
LocalFree
InitializeCriticalSectionEx
GetProcessHeap
GetExitCodeProcess
LoadLibraryW
GetProcAddress
FreeLibrary
LoadLibraryExW
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
ReleaseSRWLockExclusive
CreateEventW
GetModuleFileNameW
GetCurrentProcess
HeapFree
WideCharToMultiByte
CopyFileW
RaiseException
CloseHandle
GetLastError
GetFileAttributesW
CreateFileW
FindClose
WriteFile
FindNextFileW
FindFirstFileW
CreateDirectoryW
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
AcquireSRWLockExclusive
DeleteCriticalSection
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
WaitForSingleObjectEx
ResetEvent
SetEvent
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

user32

GetShellWindow
EnumWindows
GetWindowThreadProcessId

advapi32

GetAce
IsValidSid
LookupPrivilegeValueW
GetSecurityDescriptorSacl
AdjustTokenPrivileges
SetEntriesInAclW
CreateWellKnownSid
SetNamedSecurityInfoW
GetNamedSecurityInfoW
OpenProcessToken
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DuplicateTokenEx
RegQueryValueExW
GetTokenInformation
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegCopyTreeW
RegGetValueW

shell32

SHFileOperationW
SHGetFolderPathW

ole32

CoGetContextToken
CoInitializeEx
CoTaskMemFree
CoInitializeSecurity
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoUninitialize

vccorlib140

?GetIBoxVtable@Details@Platform@@YAPEAXPEAX@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?get@Message@Exception@Platform@@QE$AAAPE$AAVString@3@XZ
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?GetTypeCode@Type@Platform@@SA?AW4TypeCode@2@PE$AAV12@@Z
?Free@Heap@Details@Platform@@SAXPEAX@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
?__abi_ObjectToString@__abi_details@@YAPE$AAVString@Platform@@PE$AAVObject@3@_N@Z
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?CreateValue@Details@Platform@@YAPE$AAVObject@2@W4TypeCode@2@PEBX@Z
?__abi_cast_String_to_Object@__abi_details@@YAPE$AAVObject@Platform@@PE$AAVString@3@@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
??0Object@Platform@@QE$AAA@XZ
??0Delegate@Platform@@QE$AAA@XZ
?__abi_make_type_id@@YAPE$AAVType@Platform@@AEBU__abi_type_descriptor@@@Z
?InitializeData@Details@Platform@@YAJH@Z
?UninitializeData@Details@Platform@@YAXH@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?__abi_WinRTraiseNotImplementedException@@YAXXZ
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?GetCmdArguments@Details@Platform@@YAPEAPEA_WPEAH@Z

msvcp140

?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAPEA_WXZ
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Addfac@_Locimp@locale@std@@AEAAXPEAVfacet@23@_K@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?in@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEA_W3AEAPEA_W@Z
?out@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEB_W1AEAPEB_WPEAD3AEAPEAD@Z
?unshift@?$codecvt@_WDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
??0?$codecvt@_WDU_Mbstatet@@@std@@QEAA@_K@Z
?_Getcat@?$codecvt@_WDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??1?$codecvt@_WDU_Mbstatet@@@std@@MEAA@XZ
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
??4?$_Yarn@D@std@@QEAAAEAV01@PEBD@Z
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@PEBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?uncaught_exception@std@@YA_NXZ
?id@?$ctype@_W@std@@2V0locale@2@A
?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z
_Xtime_get_ticks
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAA_JPEB_W_J@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?sputc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAG_W@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Osfx@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV01@K@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?widen@?$ctype@_W@std@@QEBA_WD@Z
??Bid@locale@std@@QEAA_KXZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_IsNonBlockingThread@_Task_impl_base@details@Concurrency@@SA_NXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_init_in_situ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_New_Locimp@_Locimp@locale@std@@CAPEAV123@AEBV123@@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEB_WHH@Z
?id@?$ctype@D@std@@2V0locale@2@A
?_XGetLastError@std@@YAXXZ
?id@?$codecvt@_WDU_Mbstatet@@@std@@2V0locale@2@A
?__ExceptionPtrToBool@@YA_NPEBX@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_init_in_situ
_Cnd_wait
_Mtx_unlock
_Cnd_broadcast
_Cnd_destroy_in_situ
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
?getloc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEBA?AVlocale@2@XZ
?_Init@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAAXXZ
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?clear@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z

api-ms-win-core-winrt-error-l1-1-0

RoFailFastWithErrorContext
SetRestrictedErrorInfo

api-ms-win-core-winrt-string-l1-1-0

WindowsConcatString
WindowsDuplicateString
WindowsDeleteString
WindowsGetStringRawBuffer
WindowsCompareStringOrdinal
WindowsCreateStringReference
WindowsCreateString

vcruntime140

memmove
__C_specific_handler
_CxxThrowException
memcpy
memset
_purecall
wcsrchr
__std_terminate
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3

api-ms-win-crt-heap-l1-1-0

_set_new_mode
malloc
_callnewh
free

api-ms-win-crt-string-l1-1-0

_wcsicmp
wcsncmp
wcscat_s
wcscpy_s
wcslen

api-ms-win-crt-time-l1-1-0

_ctime64_s

api-ms-win-crt-runtime-l1-1-0

_initterm_e
exit
_exit
_set_app_type
_initterm
_get_narrow_winmain_command_line
_invalid_parameter_noinfo_noreturn
_configure_narrow_argv
_initialize_onexit_table
_cexit
terminate
_c_exit
_crt_atexit
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_register_onexit_function
_initialize_narrow_environment
_errno

api-ms-win-crt-stdio-l1-1-0

fwrite
ungetc
fsetpos
fread
_fseeki64
_get_stream_buffer_pointers
setvbuf
fgetc
ungetwc
fputwc
fclose
fflush
fputc
fgetwc
_set_fmode
__p__commode
fgetpos

api-ms-win-crt-convert-l1-1-0

wcstol

api-ms-win-crt-filesystem-l1-1-0

_lock_file
_unlock_file

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 189KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1/SupportAssets/CSDKConfiguratorHelper.exe
.exe windows:6 windows x64 arch:x64

ede66cae26032bdad9117afc9c6f212f

Code Sign

04:c7:b4:2b:6d:d5:c2:79:95:84:f2:e8:96:4d:2b:e2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ca:33:a1:47:b4:3d:25:6d:6b:8b:5c:af:23:eb:49:c4:e5:a2:25:5e:27:91:3b:77:40:b4:19:0e:ca:45:35:43
Signer

Actual PE Digest

ca:33:a1:47:b4:3d:25:6d:6b:8b:5c:af:23:eb:49:c4:e5:a2:25:5e:27:91:3b:77:40:b4:19:0e:ca:45:35:43

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Jenkins\workspace\xd\buildSupport\HyperDrive\CSDKConfigurator\x64\Release\CSDKConfiguratorHelper.pdb

Imports

ole32

CoGetContextToken
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoTaskMemFree

vccorlib140

?__abi_WinRTraiseObjectDisposedException@@YAXXZ
?__abi_WinRTraiseInvalidCastException@@YAXXZ
?__abi_WinRTraiseNotImplementedException@@YAXXZ
??0Delegate@Platform@@QE$AAA@XZ
??0Object@Platform@@QE$AAA@XZ
?GetIBoxArrayVtable@Details@Platform@@YAPEAXPEAX@Z
?GetObjectContext@Details@Platform@@YAPEAUIUnknown@@XZ
?ReleaseInContextImpl@Details@Platform@@YAJPEAUIUnknown@@0@Z
?Allocate@Heap@Details@Platform@@SAPEAX_K0@Z
?Free@Heap@Details@Platform@@SAXPEAX@Z
?AlignedFree@Heap@Details@Platform@@SAXPEAX@Z
?ReleaseTarget@ControlBlock@Details@Platform@@AEAAXXZ
?ReCreateException@Exception@Platform@@SAPE$AAV12@H@Z
?__abi_WinRTraiseDisconnectedException@@YAXXZ
?__abi_WinRTraiseFailureException@@YAXXZ
?__abi_WinRTraiseOperationCanceledException@@YAXXZ
?__abi_WinRTraiseAccessDeniedException@@YAXXZ
?__abi_WinRTraiseInvalidArgumentException@@YAXXZ
?__abi_WinRTraiseClassNotRegisteredException@@YAXXZ
?__abi_WinRTraiseCOMException@@YAXJ@Z
?__abi_translateCurrentException@@YAJ_N@Z
?__abi_WinRTraiseNullReferenceException@@YAXXZ
?__abi_WinRTraiseChangedStateException@@YAXXZ
?__abi_WinRTraiseOutOfBoundsException@@YAXXZ
?__abi_WinRTraiseWrongThreadException@@YAXXZ
?__abi_WinRTraiseOutOfMemoryException@@YAXXZ
?InitializeData@Details@Platform@@YAJH@Z
?GetActivationFactoryByPCWSTR@@YAJPEAXAEAVGuid@Platform@@PEAPEAX@Z
?GetIidsFn@@YAJHPEAKPEBU__s_GUID@@PEAPEAVGuid@Platform@@@Z
?UninitializeData@Details@Platform@@YAXH@Z
?GetProxyImpl@Details@Platform@@YAJPEAUIUnknown@@AEBU_GUID@@0PEAPEAU3@@Z
?GetCmdArguments@Details@Platform@@YAPEAPEA_WPEAH@Z

msvcp140

?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Schedule_chore@details@Concurrency@@YAHPEAU_Threadpool_chore@12@@Z
?_IsNonBlockingThread@_Task_impl_base@details@Concurrency@@SA_NXZ
?_LogCancelTask@_TaskEventLogger@details@Concurrency@@QEAAXXZ
?_LogScheduleTask@_TaskEventLogger@details@Concurrency@@QEAAX_N@Z
?_Release_chore@details@Concurrency@@YAXPEAU_Threadpool_chore@12@@Z
?ReportUnhandledError@_ExceptionHolder@details@Concurrency@@AEAAXXZ
?_Capture@_ContextCallback@details@Concurrency@@AEAAXXZ
?_Reset@_ContextCallback@details@Concurrency@@AEAAXXZ
?_CallInContext@_ContextCallback@details@Concurrency@@QEBAXV?$function@$$A6AXXZ@std@@_N@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
_Cnd_init_in_situ
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?_Xbad_function_call@std@@YAXXZ
?_Throw_C_error@std@@YAXH@Z
?_Xlength_error@std@@YAXPEBD@Z
?_XGetLastError@std@@YAXXZ
?__ExceptionPtrToBool@@YA_NPEBX@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
_Mtx_init_in_situ
_Cnd_wait
_Mtx_unlock
_Cnd_broadcast
_Cnd_destroy_in_situ

api-ms-win-core-winrt-error-l1-1-0

RoFailFastWithErrorContext
SetRestrictedErrorInfo

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsCreateString
WindowsDeleteString
WindowsDuplicateString

vcruntime140

_CxxThrowException
__C_specific_handler
memset
memmove
__std_terminate
_purecall
__std_exception_copy
__std_exception_destroy
__CxxFrameHandler3

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free
_set_new_mode

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_configure_narrow_argv
_set_app_type
_get_narrow_winmain_command_line
_initterm
_initterm_e
exit
_exit
terminate
_c_exit
_register_thread_local_exe_atexit_callback
_seh_filter_exe
_invalid_parameter_noinfo_noreturn

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

kernel32

ReleaseSRWLockExclusive
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
CloseHandle
LoadLibraryExW
GetProcAddress
AcquireSRWLockExclusive
DecodePointer

Sections

.text
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1/SupportAssets/PluginCleanup.exe
.exe windows:6 windows x64 arch:x64

a540bec10fdb6ae5af9afe1db6e89fc3

Code Sign

04:c7:b4:2b:6d:d5:c2:79:95:84:f2:e8:96:4d:2b:e2
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Adobe Inc.,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:3a:67:47:dc:5a:48:0f:72:12:80:46:58:11:e3:c8:8d:61:d4:73:e2:16:91:8f:d0:1a:42:6d:b7:1d:5e:b1
Signer

Actual PE Digest

25:3a:67:47:dc:5a:48:0f:72:12:80:46:58:11:e3:c8:8d:61:d4:73:e2:16:91:8f:d0:1a:42:6d:b7:1d:5e:b1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Jenkins\workspace\xd\buildSupport\HyperDrive\PluginCleanup\x64\Release\PluginCleanup.pdb

Imports

kernel32

GetLastError
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
SetFilePointerEx
AreFileApisANSI
CloseHandle
MultiByteToWideChar
WideCharToMultiByte
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
GetCPInfo
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
RtlPcToFileHeader
RaiseException
FreeLibrary
LoadLibraryExW
SetEnvironmentVariableW
RemoveDirectoryW
DeleteFileW
GetStdHandle
WriteFile
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapReAlloc
HeapFree
HeapAlloc
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileType
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
GetFileSizeEx
ReadConsoleW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetProcessHeap
HeapSize
WriteConsoleW
RtlUnwind

Sections

.text
Size: 170KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
1/SupportAssets/XD_sp.exe
.exe windows:5 windows x86 arch:x86

fcf1390e9ce472c7270447fc5c61a0c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\Projects\WinRAR\sfx\build\sfxrar32\Release\sfxrar.pdb

Imports

kernel32

GetLastError
SetLastError
FormatMessageW
GetCurrentProcess
DeviceIoControl
SetFileTime
CloseHandle
CreateDirectoryW
RemoveDirectoryW
CreateFileW
DeleteFileW
CreateHardLinkW
GetShortPathNameW
GetLongPathNameW
MoveFileW
GetFileType
GetStdHandle
WriteFile
ReadFile
FlushFileBuffers
SetEndOfFile
SetFilePointer
SetFileAttributesW
GetFileAttributesW
FindClose
FindFirstFileW
FindNextFileW
GetVersionExW
GetCurrentDirectoryW
GetFullPathNameW
FoldStringW
GetModuleFileNameW
GetModuleHandleW
FindResourceW
FreeLibrary
GetProcAddress
GetCurrentProcessId
ExitProcess
SetThreadExecutionState
Sleep
LoadLibraryW
GetSystemDirectoryW
CompareStringW
AllocConsole
FreeConsole
AttachConsole
WriteConsoleW
GetProcessAffinityMask
CreateThread
SetThreadPriority
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
ReleaseSemaphore
WaitForSingleObject
CreateEventW
CreateSemaphoreW
GetSystemTime
SystemTimeToTzSpecificLocalTime
TzSpecificLocalTimeToSystemTime
SystemTimeToFileTime
FileTimeToLocalFileTime
LocalFileTimeToFileTime
FileTimeToSystemTime
GetCPInfo
IsDBCSLeadByte
MultiByteToWideChar
WideCharToMultiByte
GlobalAlloc
LockResource
GlobalLock
GlobalUnlock
GlobalFree
LoadResource
SizeofResource
SetCurrentDirectoryW
GetExitCodeProcess
GetLocalTime
GetTickCount
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetCommandLineW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
GetTempPathW
MoveFileExW
GetLocaleInfoW
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapSize
SetStdHandle
GetProcessHeap
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
LoadLibraryExA
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
TerminateProcess
RtlUnwind
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
GetModuleHandleExW
GetModuleFileNameA
GetACP
HeapFree
HeapAlloc
HeapReAlloc
GetStringTypeW
LCMapStringW
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
DecodePointer

gdiplus

GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
UWPAssets.pimx
.xml
products/SPRK/application.json
.js
resources/.DS_Store
resources/AdobePIM.dll
.dll windows:5 windows x86 arch:x86

bad4069efbb0fea858e33d102d409210

Code Sign

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

20/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=AAM 256,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93
Signer

Actual PE Digest

ec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\jenkins\CI\CCCore\build\x64\main\ccd-core\build\msvs_win32\Release\x86\sym\PIM\PIM\AdobePIM.pdb

Imports

kernel32

GetCurrentProcessId
CreateSemaphoreW
AreFileApisANSI
ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
ReleaseSemaphore
MultiByteToWideChar
GetTempPathW
CreateDirectoryW
GetDateFormatW
GetTimeFormatW
GetLocalTime
GetCommandLineW
GetExitCodeProcess
lstrcmpW
lstrcmpiW
CopyFileW
CreateProcessW
LocalFree
ResetEvent
CreateThread
CloseHandle
OpenSemaphoreW
Process32FirstW
GetDiskFreeSpaceExW
ReleaseMutex
SetEvent
Process32NextW
Sleep
CreateEventW
CreateToolhelp32Snapshot
SetFileAttributesW
OpenProcess
GetVersionExW
LocalAlloc
WaitForSingleObject
FindClose
RemoveDirectoryW
TerminateProcess
FindNextFileW
FindFirstFileW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
WriteConsoleW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
GetConsoleCP
ReadConsoleW
GetConsoleMode
GetFileType
GetStdHandle
EnumSystemLocalesW
IsValidLocale
ExitProcess
GetTimeZoneInformation
GetModuleHandleExW
ExitThread
RtlUnwind
InterlockedFlushSList
InterlockedPushEntrySList
LoadLibraryExW
FreeLibraryAndExitThread
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
QueryPerformanceFrequency
GetLocaleInfoW
CompareStringW
InitializeCriticalSectionEx
EncodePointer
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
CreateMutexW
InitializeCriticalSectionAndSpinCount
GetExitCodeThread
SwitchToThread
GetStringTypeW
GetCurrentProcess
GetFileSizeEx
lstrlenW
GetACP
SetFilePointerEx
GlobalFree
ResumeThread
TerminateThread
SetThreadPriority
GetCurrentThread
SizeofResource
GetModuleFileNameW
LockResource
LoadResource
FindResourceW
MoveFileExW
GlobalAlloc
VerSetConditionMask
GetModuleHandleW
VerifyVersionInfoW
SetLastError
DuplicateHandle
ProcessIdToSessionId
FindResourceExW
lstrcpyW
GetThreadTimes
QueryFullProcessImageNameW
GetUserDefaultLangID
GetUserDefaultLCID
LCMapStringW
FileTimeToSystemTime
OpenMutexW
VirtualFree
VirtualAlloc
GetUserDefaultUILanguage

user32

wsprintfW
GetWindowThreadProcessId
GetShellWindow
EnumWindows

advapi32

CryptAcquireContextW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
GetNamedSecurityInfoW
SetNamedSecurityInfoW
LookupAccountSidW
CreateWellKnownSid
EqualSid
GetTokenInformation
DuplicateTokenEx
GetUserNameW
ConvertSidToStringSidW
ImpersonateLoggedOnUser
ConvertStringSidToSidW
RevertToSelf
CryptReleaseContext
SetSecurityDescriptorDacl
RegCloseKey
RegDeleteKeyExW
AllocateAndInitializeSid
SetEntriesInAclW
RegCreateKeyExW
RegSetValueExW
FreeSid
InitializeSecurityDescriptor
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
CryptGetHashParam
CryptDestroyHash
CryptHashData
CryptCreateHash

shell32

SHGetKnownFolderPath
ord680
SHGetFolderLocation
SHGetFolderPathW
SHGetPathFromIDListW
ShellExecuteExW
SHCreateDirectoryExW
SHCreateItemFromParsingName
SHGetSpecialFolderPathW
CommandLineToArgvW
ord51

ole32

OleRun
CLSIDFromProgID
StringFromGUID2
CoCreateGuid
CoInitializeSecurity
CoSetProxyBlanket
CoUninitialize
CoCreateInstance
CoInitializeEx
CoInitialize
CLSIDFromString
CoTaskMemFree

oleaut32

VariantInit
SysFreeString
SysAllocString
VariantClear
GetErrorInfo
VariantCopy
SysStringLen
VariantChangeType

msi

ord145
ord74
ord147

winhttp

WinHttpSendRequest
WinHttpSetCredentials
WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpOpen
WinHttpGetProxyForUrl
WinHttpQueryAuthSchemes
WinHttpGetIEProxyConfigForCurrentUser
WinHttpCloseHandle
WinHttpSetOption
WinHttpReadData
WinHttpSetTimeouts

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

psapi

GetProcessImageFileNameW
GetModuleFileNameExW
EnumProcessModules

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

shlwapi

PathFileExistsW
PathIsDirectoryW
PathRenameExtensionW
PathAppendW
PathRemoveBackslashW
PathStripPathW
PathAppendA
PathFindFileNameW
PathRemoveFileSpecW
PathFileExistsA
PathIsRootW
PathIsSystemFolderW
PathIsDirectoryEmptyW
PathIsDirectoryA
PathRemoveFileSpecA
PathRemoveExtensionW
PathAddExtensionW
PathIsFileSpecW

crypt32

CertGetNameStringW

wintrust

WinVerifyTrust
WTHelperGetProvSignerFromChain
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain

bcrypt

BCryptOpenAlgorithmProvider
BCryptFinishHash
BCryptDestroyHash
BCryptCloseAlgorithmProvider
BCryptCreateHash
BCryptHashData

Exports

Exports

AAMIU_Uninstall
AAMIU_getDeploymentValidationStatus
AAMIU_preInstallPropertySet
pim_createLibraryRef
pim_freeLibraryRef
pim_freeLiraryRef
pim_freeString
pim_getAppletAndPackageInfo
pim_getAppletRegistrationInfo
pim_getAppletRelationshipInfo
pim_getCurrentCCVersion
pim_getCurrentPackagesVersion
pim_getInstallStatus
pim_getInstalledPackagesInfo
pim_launchACCCUninstallerExecutableAsAdmin
pim_selfUpdateCheck
pim_selfUpdateCheckWithData
pim_selfUpdateCheckWithDataV2
pim_startWorkflow
pim_startWorkflowWithData
pim_syncFromPathToACF
pim_syncFromPathToPath
pim_syncUSFToACF
pim_uninstallAAMFromAAMCleanerTool
pim_uninstallAAMUsingAAMCleanerTool
pim_uninstallACCC64FromACCCCleanerTool
pim_uninstallACCCFromACCCCleanerTool
pim_uninstallADC64UsingADCCleanerTool
pim_uninstallADCUsingADCCleanerTool

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 366KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
resources/Config.xml
.xml
resources/content/.DS_Store
resources/content/images/appIcon.png
.png
resources/content/images/appIcon2x.png
.png

Sharing

General

Malware Config

Signatures

Files

26d1142062053486e607ffede8dd675c

Code Sign

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6dCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

f7:6e:43:21:65:de:2c:31:59:69:12:b6:b7:08:7f:d3:6d:8f:a3:c7:d6:0c:47:55:1f:e6:a0:57:20:da:d4:43Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

comctl32

shlwapi

shell32

kernel32

user32

gdi32

advapi32

ole32

oleaut32

bcrypt

crypt32

secur32

wintrust

Sections

.text Size: 3.4MB - Virtual size: 3.4MB

.rdata Size: 907KB - Virtual size: 906KB

.data Size: 135KB - Virtual size: 160KB

.rsrc Size: 2.6MB - Virtual size: 2.6MB

.reloc Size: 198KB - Virtual size: 197KB

b78757e60c78fbd8d0549e7a1e0d29a1

Code Sign

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2fCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12Certificate

Extended Key Usages

Key Usages

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6Certificate

Extended Key Usages

Key Usages

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

kernel32

user32

advapi32

ole32

oleaut32

shell32

Sections

.text Size: 748KB - Virtual size: 747KB

.rdata Size: 197KB - Virtual size: 196KB

.data Size: 17KB - Virtual size: 33KB

.gfids Size: 1024B - Virtual size: 596B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 46KB - Virtual size: 46KB

.reloc Size: 44KB - Virtual size: 44KB

85aa1a3ec9a324deb93be1db280c6b57

06:f2:4d:9f:4d:b0:7b:d7:ec:ad:06:7f:5e:e2:6c:29
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

f7:6e:43:21:65:de:2c:31:59:69:12:b6:b7:08:7f:d3:6d:8f:a3:c7:d6:0c:47:55:1f:e6:a0:57:20:da:d4:43
Signer

.text
Size: 3.4MB - Virtual size: 3.4MB

.rdata
Size: 907KB - Virtual size: 906KB

.data
Size: 135KB - Virtual size: 160KB

.rsrc
Size: 2.6MB - Virtual size: 2.6MB

.reloc
Size: 198KB - Virtual size: 197KB

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

ac:7d:c4:d6:78:b5:cd:0d:da:54:a6:bd:90:ba:4d:9e:d0:98:05:62:5d:95:08:08:69:0a:ff:f1:ac:cd:d5:43
Signer

.text
Size: 748KB - Virtual size: 747KB

.rdata
Size: 197KB - Virtual size: 196KB

.data
Size: 17KB - Virtual size: 33KB

.gfids
Size: 1024B - Virtual size: 596B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 46KB - Virtual size: 46KB

.reloc
Size: 44KB - Virtual size: 44KB

0a:28:51:e5:f0:ff:db:46:e2:c9:cb:66:10:e6:51:2f
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

7b:05:b1:d4:49:68:51:44:f7:c9:89:d2:9c:19:9d:12
Certificate

54:58:f2:aa:d7:41:d6:44:bc:84:a9:7b:a0:96:52:e6
Certificate

45:89:c1:a8:6a:c2:59:11:0f:f3:d0:dd:de:2c:9f:61:14:dd:37:fb:38:82:82:1c:83:5d:79:6e:28:bc:74:54
Signer

.text
Size: 118KB - Virtual size: 118KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 4KB - Virtual size: 7KB

.gfids
Size: 512B - Virtual size: 512B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 8KB

05:35:93:bf:71:f7:48:1b:9f:b7:6b:cb:4e:cc:f5:78
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

ec:cc:74:af:3f:ff:e1:cd:b7:59:c9:19:0e:52:ca:a8:49:7b:fe:33:5c:94:8a:f7:0d:ba:cb:7d:44:1f:28:93
Signer

.text
Size: 1.6MB - Virtual size: 1.6MB

.rdata
Size: 366KB - Virtual size: 366KB