DocCloud[.]zip[.]zip

DocCloud.zip.zip

.zip

Password: infected

DocCloud.zip

.zip

Esl/Aiod.dll

.dll windows:6 windows x64 arch:x64

Password: infected

1617abc63b58a25baa901c2b1d07d8c9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0d:1a:34:0f:78:d7:d0:00:e0:89:fd:ba:ad:65:22:df
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

03/11/2023, 00:00

Not After

04/11/2025, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Acrobat DC,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

fc:d0:22:6c:32:2d:74:9c:60:e7:01:a6:90:fa:4a:a1:2e:d4:25:5e:de:07:24:cd:5b:3a:44:70:ef:e2:ee:fb
Signer

Actual PE Digest

fc:d0:22:6c:32:2d:74:9c:60:e7:01:a6:90:fa:4a:a1:2e:d4:25:5e:de:07:24:cd:5b:3a:44:70:ef:e2:ee:fb

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

D:\T\Acrobat\Installers\Aiod\Release_x64\Aiod.pdb

Imports

msi

ord205

ord70

ord16

ord96

ord72

ord116

ord158

ord211

ord14

ord111

ord131

ord8

ord92

ord113

ord145

ord115

ord139

ord58

ord47

ord103

ord74

ord49

ord167

ord118

ord125

ord17

ord160

ord159

ord32

shlwapi

SHDeleteEmptyKeyW

SHCopyKeyW

SHDeleteKeyW

version

VerQueryValueW

GetFileVersionInfoW

GetFileVersionInfoSizeW

kernel32

FindNextFileW

GetFullPathNameW

ReadFile

RemoveDirectoryW

SetFileAttributesW

SetFilePointer

CloseHandle

GetLastError

HeapAlloc

HeapFree

GetProcessHeap

WaitForSingleObject

GetCurrentProcess

GetCurrentProcessId

TerminateProcess

ProcessIdToSessionId

OpenProcess

GetWindowsDirectoryW

FreeLibrary

GetModuleHandleW

GetProcAddress

LoadLibraryW

LocalAlloc

LocalFree

FormatMessageW

lstrcmpW

FindFirstFileW

lstrcpyW

lstrcatW

lstrlenW

CopyFileW

MoveFileExW

GetUserDefaultUILanguage

CreateToolhelp32Snapshot

Process32FirstW

Process32NextW

GetSystemDirectoryW

lstrcmpiW

GetCommandLineW

SetLastError

GetExitCodeProcess

CreateProcessW

GetSystemTime

MoveFileW

SystemTimeToFileTime

WideCharToMultiByte

VerSetConditionMask

VerifyVersionInfoW

GetShortPathNameW

GetCurrentDirectoryW

SetCurrentDirectoryW

SetEnvironmentVariableW

GetDriveTypeW

FindClose

DeleteFileW

CreateFileW

ExitProcess

GetModuleHandleExW

GetModuleFileNameW

GetCurrentThread

GetStdHandle

GetFileType

MultiByteToWideChar

GetDateFormatW

RtlUnwind

GetTimeFormatW

CompareStringW

LCMapStringW

GetLocaleInfoW

IsValidLocale

GetUserDefaultLCID

EnumSystemLocalesW

IsValidCodePage

GetACP

GetOEMCP

GetCPInfo

GetCommandLineA

GetEnvironmentStringsW

FreeEnvironmentStringsW

SetConsoleCtrlHandler

GetStringTypeW

GetFileSizeEx

SetFilePointerEx

SetStdHandle

GetTimeZoneInformation

HeapSize

HeapReAlloc

FlushFileBuffers

WriteFile

GetConsoleOutputCP

GetConsoleMode

ReadConsoleW

OutputDebugStringW

WriteConsoleW

lstrcpynW

FileTimeToSystemTime

SystemTimeToTzSpecificLocalTime

FindFirstFileExW

LoadLibraryExW

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsProcessorFeaturePresent

QueryPerformanceCounter

GetCurrentThreadId

GetSystemTimeAsFileTime

InitializeSListHead

IsDebuggerPresent

GetStartupInfoW

RtlUnwindEx

RtlPcToFileHeader

RaiseException

InterlockedPushEntrySList

InterlockedFlushSList

EncodePointer

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

InitializeCriticalSectionAndSpinCount

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

user32

GetSystemMetrics

wsprintfW

advapi32

RegCloseKey

RegUnLoadKeyW

RegLoadKeyW

RegEnumValueW

RegEnumKeyW

RegDeleteValueW

RegDeleteKeyExW

RegCreateKeyW

CryptDestroyHash

CryptHashData

CryptCreateHash

CryptGetHashParam

CryptReleaseContext

CryptAcquireContextW

RegSetValueExW

RegFlushKey

RegDeleteKeyW

RegQueryInfoKeyW

ConvertSidToStringSidW

SetNamedSecurityInfoW

GetNamedSecurityInfoW

SetEntriesInAclW

OpenSCManagerW

EnumServicesStatusExW

CloseServiceHandle

RegQueryValueExW

RegOpenKeyExW

RegOpenKeyA

RegEnumKeyExW

RegCreateKeyExW

CreateProcessWithTokenW

LookupPrivilegeValueW

LookupAccountSidW

GetTokenInformation

FreeSid

EqualSid

DuplicateTokenEx

AllocateAndInitializeSid

AdjustTokenPrivileges

OpenProcessToken

CreateProcessAsUserW

ole32

CoCreateInstance

CLSIDFromString

CoInitializeEx

Exports

AcrobatMaintenanceRemove

AddAsianLanguageSupport

AddChineseSLanguageSupport

AddChineseTLanguageSupport

AddEBookSupport

AddExtendedLanguageSupport

AddFeature

AddFeatureEx

AddJapaneseLanguageSupport

AddKoreanLanguageSupport

AddPDFMaker

AddPDFMakerEx

ApplyUpdates

ApplyUpdatesEx

ApplyUpdatesExRD

CaptureDistillerSettingsEx

CreateAcroUserSettings

FileRenameShortToLong

IsBrowserIntegrated

MaintenanceRepair

MigrateUserRegistry

MigrateUserRegistryEx

ReaderMaintenanceRemove

RemoveFeature

RemoveFeatureEx

RemoveUpdates

RemoveUpdatesEx

RemoveUpdatesExRD

SetShortNameFixUp

SetupUpdaterForReboot

TurnOffPDFMakerIOD

TurnOnPDFMakerIOD

UpdateCache

ValidateInstaller

Sections

.text
Size: 539KB - Virtual size: 538KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

PDFPrevHndlr.dll

.dll regsvr32 windows:6 windows x64 arch:x64

Password: infected

fa32d17e65a7b88daa998c4cd864aa48

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

04:52:96:f8:fc:d8:29:a7:5d:c9:42:94:f5:a4:15:a4
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

29/04/2022, 00:00

Not After

01/05/2024, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Acrobat DC,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

92:01:c7:c6:dc:5a:a4:d7:66:93:9c:9c:c9:78:22:95:5a:dc:d1:17:26:16:e8:e6:8a:3b:f0:0c:ba:c3:b8:20
Signer

Actual PE Digest

92:01:c7:c6:dc:5a:a4:d7:66:93:9c:9c:c9:78:22:95:5a:dc:d1:17:26:16:e8:e6:8a:3b:f0:0c:ba:c3:b8:20

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

D:\T\BuildResults\bin\Release_x64\PDFPrevHndlr.pdb

Imports

version

GetFileVersionInfoW

VerQueryValueW

GetFileVersionInfoSizeW

kernel32

SetLastError

ConnectNamedPipe

DisconnectNamedPipe

SetNamedPipeHandleState

TransactNamedPipe

CreateNamedPipeW

WaitNamedPipeW

InitializeCriticalSection

EnterCriticalSection

LeaveCriticalSection

DeleteCriticalSection

SetEvent

ResetEvent

WaitForSingleObject

CreateMutexW

CreateEventW

GetCurrentProcess

GetCurrentProcessId

CreateThread

GetModuleHandleW

GetProcAddress

GetVolumeInformationW

OpenMutexW

Sleep

GetTickCount

lstrlenW

OutputDebugStringA

RaiseException

InitializeCriticalSectionEx

ReleaseMutex

CreateFileMappingW

MapViewOfFile

UnmapViewOfFile

FreeLibrary

ReadFile

GetModuleHandleExW

LoadLibraryExW

LoadResource

SizeofResource

FindResourceW

LoadLibraryW

CreateActCtxW

ActivateActCtx

DeactivateActCtx

FindActCtxSectionStringW

QueryActCtxW

MultiByteToWideChar

EncodePointer

DecodePointer

GetThreadLocale

SetThreadLocale

TerminateProcess

SetCurrentDirectoryW

GetCurrentDirectoryW

FindClose

FindFirstFileW

CreateProcessW

GetSystemDirectoryW

GlobalSize

GlobalUnlock

GlobalLock

FormatMessageW

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsProcessorFeaturePresent

IsDebuggerPresent

QueryPerformanceCounter

GetSystemTimeAsFileTime

WriteFile

GetFileType

CreateFileW

VerifyVersionInfoW

lstrcmpiW

LocalFree

GetCurrentThreadId

GetLastError

CloseHandle

VerSetConditionMask

InitializeSListHead

RtlVirtualUnwind

RtlLookupFunctionEntry

GetModuleFileNameW

OutputDebugStringW

RtlCaptureContext

user32

EqualRect

IsRectEmpty

WaitForInputIdle

MsgWaitForMultipleObjects

PeekMessageW

SetParent

TranslateMessage

GetKeyState

GetFocus

SetFocus

SetWindowPos

IsWindow

PostMessageW

CharNextW

GetParent

CopyRect

DispatchMessageW

advapi32

OpenProcessToken

GetTokenInformation

ConvertSidToStringSidW

ConvertStringSecurityDescriptorToSecurityDescriptorW

RegCloseKey

RegCreateKeyExW

RegDeleteKeyW

RegDeleteValueW

RegEnumKeyExW

RegOpenKeyExW

RegQueryInfoKeyW

RegSetValueExW

RegQueryValueExW

ole32

CoMarshalInterface

GetHGlobalFromStream

CreateStreamOnHGlobal

CoCreateInstance

CoTaskMemFree

CoTaskMemRealloc

CoTaskMemAlloc

StringFromGUID2

oleaut32

UnRegisterTypeLi

RegisterTypeLi

LoadTypeLi

SysStringLen

SysFreeString

SysAllocString

VarUI4FromStr

msvcp140

?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z

?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z

?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ

?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ

?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ

?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z

?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z

?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ

??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UEAA@XZ

??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z

??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z

??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ

?clear@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z

??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ

?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ

?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z

??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ

??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ

?_Xout_of_range@std@@YAXPEBD@Z

?_Xlength_error@std@@YAXPEBD@Z

?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ

rpcrt4

UuidCreate

CStdStubBuffer_DebugServerQueryInterface

CStdStubBuffer_DebugServerRelease

UuidToStringW

NdrCStdStubBuffer_Release

NdrDllGetClassObject

NdrDllCanUnloadNow

NdrDllRegisterProxy

CStdStubBuffer_CountRefs

CStdStubBuffer_IsIIDSupported

CStdStubBuffer_Invoke

CStdStubBuffer_Disconnect

CStdStubBuffer_Connect

CStdStubBuffer_AddRef

CStdStubBuffer_QueryInterface

NdrOleFree

NdrOleAllocate

IUnknown_Release_Proxy

IUnknown_AddRef_Proxy

IUnknown_QueryInterface_Proxy

NdrDllUnregisterProxy

RpcStringFreeW

vcruntime140

__std_type_info_destroy_list

memset

__std_terminate

memcpy

memmove

__std_exception_copy

__std_exception_destroy

_CxxThrowException

memcmp

_purecall

wcsstr

__C_specific_handler

wcsrchr

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_initterm

_cexit

_invalid_parameter_noinfo

_initterm_e

_invalid_parameter_noinfo_noreturn

_crt_atexit

_execute_onexit_table

_register_onexit_function

_initialize_onexit_table

_errno

_seh_filter_dll

_configure_narrow_argv

_initialize_narrow_environment

api-ms-win-crt-string-l1-1-0

wcsncpy_s

towlower

wcstok_s

wcscat_s

wcslen

_wcsicmp

wcscpy_s

api-ms-win-crt-heap-l1-1-0

_recalloc

_callnewh

malloc

free

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf

__stdio_common_vswprintf_s

__stdio_common_vsnwprintf_s

api-ms-win-crt-utility-l1-1-0

srand

rand

rand_s

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-crt-convert-l1-1-0

_wtof

_wtol

Exports

DllCanUnloadNow

DllGetClassObject

DllRegisterServer

DllUnregisterServer

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.orpc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

PDFSigQFormalRep.pdf

.pdf

Password: infected

RTC.der

Resource/CMap/Identity-H

Resource/CMap/Identity-V

Resource/CMap/UCS2-GBK-EUC

Resource/CMap/UniKS-UTF16-H

Resource/CMap/UniKS-UTF16-V

Resource/Font/AdobePIStd.otf

Resource/Font/CourierStd-Bold.otf

Resource/Font/CourierStd-BoldOblique.otf

Resource/Font/CourierStd-Oblique.otf

Resource/Font/CourierStd.otf

Resource/Font/MinionPro-Bold.otf

Resource/Font/MinionPro-BoldIt.otf

Resource/Font/MinionPro-It.otf

Resource/Font/MinionPro-Regular.otf

Resource/Font/MyriadPro-Bold.otf

Resource/Font/MyriadPro-BoldIt.otf

Resource/Font/MyriadPro-It.otf

Resource/Font/MyriadPro-Regular.otf

Resource/Font/Pfm/SY______.PFM

Resource/Font/Pfm/zx______.pfm

Resource/Font/Pfm/zy______.pfm

Resource/Font/SY______.PFB

Resource/Font/ZX______.PFB

Resource/Font/ZY______.PFB

Resource/SaslPrep/SaslPrepProfile_norm_bidi.spp

Resource/TypeSupport/Unicode/ICU/icudt26l.dat

Resource/TypeSupport/Unicode/Mappings/Adobe/symbol.txt

Resource/TypeSupport/Unicode/Mappings/Adobe/zdingbat.txt

Resource/TypeSupport/Unicode/Mappings/Mac/CENTEURO.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/CORPCHAR.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/CROATIAN.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/CYRILLIC.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/GREEK.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/ICELAND.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/ROMAN.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/ROMANIAN.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/SYMBOL.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/TURKISH.TXT

Resource/TypeSupport/Unicode/Mappings/Mac/UKRAINE.TXT

Resource/TypeSupport/Unicode/Mappings/win/CP1250.TXT

Resource/TypeSupport/Unicode/Mappings/win/CP1251.TXT

Resource/TypeSupport/Unicode/Mappings/win/CP1252.TXT

Resource/TypeSupport/Unicode/Mappings/win/CP1253.TXT

Resource/TypeSupport/Unicode/Mappings/win/CP1254.TXT

Resource/TypeSupport/Unicode/Mappings/win/CP1257.TXT

Resource/TypeSupport/Unicode/Mappings/win/CP1258.TXT

ScCore.dll

.dll windows:6 windows x64 arch:x64

Password: infected

4a57a768f07e6debe1e3b1c4553488bb

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0d:1a:34:0f:78:d7:d0:00:e0:89:fd:ba:ad:65:22:df
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

03/11/2023, 00:00

Not After

04/11/2025, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Acrobat DC,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

22:aa:b6:23:ab:c4:6e:e6:4f:d9:55:fa:7a:6f:a3:e2:af:63:f5:49:8f:e2:b3:80:d3:67:3b:87:94:75:c3:54
Signer

Actual PE Digest

22:aa:b6:23:ab:c4:6e:e6:4f:d9:55:fa:7a:6f:a3:e2:af:63:f5:49:8f:e2:b3:80:d3:67:3b:87:94:75:c3:54

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

ScCore.pdb

Imports

kernel32

VirtualQuery

GetModuleFileNameW

GetModuleHandleExW

GetProcAddress

LoadLibraryW

MulDiv

CreateActCtxW

ActivateActCtx

DeactivateActCtx

FindActCtxSectionStringW

QueryActCtxW

CreateFileW

FindClose

FindFirstFileW

FindNextFileW

GetFileAttributesW

GetFileAttributesExW

GetFullPathNameW

GetLogicalDrives

SetEndOfFile

SetFileAttributesW

SetFilePointerEx

CloseHandle

InitializeCriticalSectionEx

DeleteCriticalSection

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSectionAndSpinCount

SetEvent

SetLastError

CreateEventA

GetCurrentProcessId

GetLocaleInfoA

Sleep

ResumeThread

QueryPerformanceCounter

QueryPerformanceFrequency

GetSystemTimeAsFileTime

GetTickCount

GetTimeZoneInformation

TlsAlloc

TlsGetValue

TlsSetValue

TlsFree

MultiByteToWideChar

WideCharToMultiByte

GetCPInfo

ResetEvent

WaitForSingleObjectEx

CreateEventW

GetModuleHandleW

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

IsProcessorFeaturePresent

IsDebuggerPresent

InitializeSListHead

GetCurrentThreadId

GetLastError

WaitForSingleObject

OutputDebugStringA

OutputDebugStringW

user32

GetDC

ReleaseDC

SetWindowTextW

MessageBoxW

SetWindowLongA

SetWindowsHookExA

UnhookWindowsHookEx

CallNextHookEx

RegisterWindowMessageA

AttachThreadInput

GetActiveWindow

IsWindowEnabled

KillTimer

SetForegroundWindow

GetWindowTextA

GetWindowLongPtrA

GetParent

FindWindowA

EnumWindows

GetClassNameA

GetWindowThreadProcessId

GetWindow

EndDialog

SystemParametersInfoA

DialogBoxParamW

PostMessageA

SendMessageA

SetTimer

GetFocus

SetFocus

GetDlgItemTextW

SetDlgItemTextW

GetForegroundWindow

GetDlgItem

gdi32

CreateFontIndirectA

GetDeviceCaps

EnumFontFamiliesExA

shell32

SHGetMalloc

SHCreateItemFromParsingName

ShellExecuteExW

SHGetPathFromIDListW

SHGetSpecialFolderLocation

ole32

CoInitialize

CoTaskMemFree

CoCreateInstance

vcruntime140

__std_type_info_destroy_list

memmove

memcmp

_purecall

__std_terminate

__CxxFrameHandler3

memset

__std_exception_copy

__std_exception_destroy

_CxxThrowException

memcpy

strchr

__RTDynamicCast

__C_specific_handler

api-ms-win-crt-heap-l1-1-0

free

_callnewh

malloc

realloc

api-ms-win-crt-stdio-l1-1-0

fflush

feof

__acrt_iob_func

__stdio_common_vfprintf

fclose

clearerr

_fseeki64

_ftelli64

fwrite

__stdio_common_vsprintf

ferror

_wfopen

fread

fgetc

api-ms-win-crt-math-l1-1-0

_fpclass

modf

floor

log10

pow

ceil

sqrt

_fdclass

fmod

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table

_register_onexit_function

_initialize_onexit_table

_errno

_initialize_narrow_environment

_configure_narrow_argv

_seh_filter_dll

_fpreset

terminate

_initterm_e

_beginthreadex

_initterm

_cexit

_crt_atexit

api-ms-win-crt-environment-l1-1-0

_wgetcwd

getenv

api-ms-win-crt-filesystem-l1-1-0

_wchdir

_wrename

_wremove

_wmkdir

_wrmdir

api-ms-win-crt-string-l1-1-0

tolower

iswalpha

towupper

isdigit

toupper

wcsncpy

towlower

isalnum

api-ms-win-crt-time-l1-1-0

_tzset

_localtime64

api-ms-win-crt-convert-l1-1-0

strtoul

strtod

Exports

??0Allocator@ScCore@@QEAA@XZ

??0Array@ScCore@@QEAA@AEBV01@@Z

??0Array@ScCore@@QEAA@I@Z

??0Array@ScCore@@QEAA@XZ

??0BasicArray@ScCore@@IEAA@XZ

??0Broadcaster@ScCore@@QEAA@AEBV01@@Z

??0Broadcaster@ScCore@@QEAA@XZ

??0Callbacks@ScCore@@QEAA@AEBV01@@Z

??0Callbacks@ScCore@@QEAA@XZ

??0ClassInfo@ScCore@@QEAA@XZ

??0Cloneable@ScCore@@QEAA@XZ

??0Context@ScCore@@IEAA@XZ

??0ConversionTuple@ScCore@@QEAA@AEBV01@@Z

??0ConversionTuple@ScCore@@QEAA@II_N@Z

??0ConversionTuple@ScCore@@QEAA@XZ

??0CriticalSection@ScCore@@QEAA@PEAVLock@1@@Z

??0DataMessage@ScCore@@QEAA@H@Z

??0DataMessage@ScCore@@QEAA@HAEBVString@1@@Z

??0DataMessage@ScCore@@QEAA@HAEBVVariant@1@@Z

??0DataMessage@ScCore@@QEAA@HH@Z

??0DataMessage@ScCore@@QEAA@HN@Z

??0DataMessage@ScCore@@QEAA@HPEAVLiveObject@1@@Z

??0DataMessage@ScCore@@QEAA@HPEBD@Z

??0DataMessage@ScCore@@QEAA@HPEBG@Z

??0DataMessage@ScCore@@QEAA@H_N@Z

??0DialogModality@ScCore@@QEAA@XZ

??0Dictionary@ScCore@@QEAA@AEBVString@1@H@Z

??0Dictionary@ScCore@@QEAA@AEBVString@1@_NH@Z

??0Dictionary@ScCore@@QEAA@H@Z

??0Encoder@ScCore@@QEAA@XZ

??0Error@ScCore@@QEAA@AEBV01@@Z

??0Error@ScCore@@QEAA@HAEBVString@1@_N@Z

??0Error@ScCore@@QEAA@XZ

??0ErrorInfo@ScCore@@AEAA@AEBV01@@Z

??0ErrorInfo@ScCore@@AEAA@HAEBVString@1@PEBVCloneable@1@_N@Z

??0ErrorInfo@ScCore@@AEAA@HAEBVVariant@1@PEBVCloneable@1@@Z

??0Event@ScCore@@QEAA@XZ

??0File@ScCore@@QEAA@AEBV01@@Z

??0File@ScCore@@QEAA@AEBVFileSpec@1@@Z

??0FileFilter@ScCore@@QEAA@AEBVString@1@@Z

??0FileFilter@ScCore@@QEAA@XZ

??0FileSpec@ScCore@@IEAA@PEAVSpecData@1@@Z

??0FileSpec@ScCore@@QEAA@AEBV01@@Z

??0FileSpec@ScCore@@QEAA@AEBV01@AEBVString@1@@Z

??0FileSpec@ScCore@@QEAA@AEBVString@1@_N@Z

??0FileSpec@ScCore@@QEAA@XZ

??0FileWrapper@ScCore@@QEAA@AEBV01@@Z

??0FileWrapper@ScCore@@QEAA@AEBVFileSpec@1@@Z

??0FileWrapper@ScCore@@QEAA@AEBVString@1@_N@Z

??0FileWrapper@ScCore@@QEAA@XZ

??0Folder@ScCore@@QEAA@AEBV01@@Z

??0Folder@ScCore@@QEAA@AEBVFileSpec@1@@Z

??0HashTable@ScCore@@QEAA@AEBV01@@Z

??0HashTable@ScCore@@QEAA@XZ

??0Heap@ScCore@@AEAA@AEBV01@@Z

??0Heap@ScCore@@QEAA@XZ

??0Listener@ScCore@@QEAA@AEBV01@@Z

??0Listener@ScCore@@QEAA@XZ

??0LiveArray@ScCore@@QEAA@AEBVArray@1@PEBDH_N@Z

??0LiveArray@ScCore@@QEAA@PEBDH_N@Z

??0LiveBase@ScCore@@IEAA@XZ

??0LiveCollection@ScCore@@QEAA@PEBDH_N@Z

??0LiveComponent@ScCore@@IEAA@XZ

??0LiveMessage@ScCore@@QEAA@AEBVLiveObject@1@HAEAVSimpleArray@1@@Z

??0LiveMessage@ScCore@@QEAA@AEBVLiveObject@1@HHAEBVArray@1@PEAVError@1@@Z

??0LiveMessage@ScCore@@QEAA@AEBVLiveObject@1@HHAEBVVariant@1@PEAVError@1@@Z

??0LiveMessage@ScCore@@QEAA@AEBVLiveObject@1@HHPEAVError@1@@Z

??0LiveObject@ScCore@@QEAA@AEBVString@1@_N@Z

??0LiveObject@ScCore@@QEAA@PEBD_N@Z

??0LivePropertyManager@ScCore@@QEAA@PEBULivePropertyInfo@1@@Z

??0LivePropertyManager@ScCore@@QEAA@XZ

??0Localizer@ScCore@@QEAA@XZ

??0Lock@ScCore@@QEAA@XZ

??0LockRef@ScCore@@QEAA@PEAVLock@1@@Z

??0Lockable@ScCore@@QEAA@AEBV01@@Z

??0Lockable@ScCore@@QEAA@XZ

??0Message@ScCore@@QEAA@H@Z

??0ParamInfo@ScCore@@QEAA@XZ

??0Point@ScCore@@QEAA@AEBV01@@Z

??0Point@ScCore@@QEAA@NN@Z

??0Point@ScCore@@QEAA@XZ

??0Rect@ScCore@@QEAA@AEBV01@@Z

??0Rect@ScCore@@QEAA@AEBVPoint@1@0@Z

??0Rect@ScCore@@QEAA@NNNN@Z

??0Rect@ScCore@@QEAA@XZ

??0Refcountable@ScCore@@IEAA@XZ

??0RegExp@ScCore@@QEAA@AEBV01@@Z

??0RegExp@ScCore@@QEAA@AEBVString@1@H@Z

??0RegExp@ScCore@@QEAA@XZ

??0Root@ScCore@@QEAA@XZ

??0ServiceInfo@ScCore@@QEAA@XZ

??0SimpleArray@ScCore@@QEAA@AEBV01@@Z

??0SimpleArray@ScCore@@QEAA@XZ

??0SparseArray@ScCore@@QEAA@AEBV01@@Z

??0SparseArray@ScCore@@QEAA@XZ

??0String@ScCore@@QEAA@AEBV01@@Z

??0String@ScCore@@QEAA@PEBD@Z

??0String@ScCore@@QEAA@PEBDPEBVEncoder@1@@Z

??0String@ScCore@@QEAA@PEBGH@Z

??0String@ScCore@@QEAA@PEBIH@Z

??0String@ScCore@@QEAA@XZ

??0Thread@ScCore@@QEAA@XZ

??0TypeInfo@ScCore@@QEAA@XZ

??0UnitConverter@ScCore@@QEAA@XZ

??0UnitConverterTable@ScCore@@QEAA@XZ

??0UnitValue@ScCore@@QEAA@AEBV01@@Z

??0UnitValue@ScCore@@QEAA@AEBVString@1@@Z

??0UnitValue@ScCore@@QEAA@I@Z

??0UnitValue@ScCore@@QEAA@IN@Z

??0UnitValue@ScCore@@QEAA@XZ

??0Variant@ScCore@@QEAA@AEAVLiveObject@1@H@Z

??0Variant@ScCore@@QEAA@AEBV01@@Z

??0Variant@ScCore@@QEAA@AEBVArray@1@@Z

??0Variant@ScCore@@QEAA@AEBVFileSpec@1@@Z

??0Variant@ScCore@@QEAA@AEBVPoint@1@@Z

??0Variant@ScCore@@QEAA@AEBVRect@1@@Z

??0Variant@ScCore@@QEAA@AEBVRegExp@1@@Z

??0Variant@ScCore@@QEAA@AEBVString@1@@Z

??0Variant@ScCore@@QEAA@AEBVUnitValue@1@@Z

??0Variant@ScCore@@QEAA@H@Z

??0Variant@ScCore@@QEAA@HAEBVString@1@PEAVRoot@1@@Z

??0Variant@ScCore@@QEAA@N@Z

??0Variant@ScCore@@QEAA@PEAVLiveObject@1@H@Z

??0Variant@ScCore@@QEAA@PEBD@Z

??0Variant@ScCore@@QEAA@PEBDPEAVEncoder@1@@Z

??0Variant@ScCore@@QEAA@PEBG@Z

??0Variant@ScCore@@QEAA@PEBV01@@Z

??0Variant@ScCore@@QEAA@XZ

??0Variant@ScCore@@QEAA@_N@Z

??0WeakRefBase@ScCore@@IEAA@XZ

??0XML@ScCore@@QEAA@AEBVString@1@@Z

??0XML@ScCore@@QEAA@AEBVString@1@AEBV01@@Z

??0XML@ScCore@@QEAA@H@Z

??0XML@ScCore@@QEAA@HAEBVString@1@@Z

??1Allocator@ScCore@@UEAA@XZ

??1ArgumentsMessage@ScCore@@UEAA@XZ

??1Array@ScCore@@UEAA@XZ

??1BasicArray@ScCore@@MEAA@XZ

??1Broadcaster@ScCore@@QEAA@XZ

??1Callbacks@ScCore@@UEAA@XZ

??1ClassInfo@ScCore@@UEAA@XZ

??1Cloneable@ScCore@@UEAA@XZ

??1Context@ScCore@@IEAA@XZ

??1CriticalSection@ScCore@@QEAA@XZ

??1DataMessage@ScCore@@UEAA@XZ

??1DialogModality@ScCore@@QEAA@XZ

??1Dictionary@ScCore@@UEAA@XZ

??1Encoder@ScCore@@UEAA@XZ

??1Error@ScCore@@QEAA@XZ

??1ErrorInfo@ScCore@@AEAA@XZ

??1Event@ScCore@@QEAA@XZ

??1File@ScCore@@UEAA@XZ

??1FileFilter@ScCore@@UEAA@XZ

??1FileSpec@ScCore@@QEAA@XZ

??1FileWrapper@ScCore@@UEAA@XZ

??1Folder@ScCore@@QEAA@XZ

??1HashTable@ScCore@@QEAA@XZ

??1Listener@ScCore@@UEAA@XZ

??1LiveArray@ScCore@@UEAA@XZ

??1LiveBase@ScCore@@MEAA@XZ

??1LiveCollection@ScCore@@UEAA@XZ

??1LiveComponent@ScCore@@MEAA@XZ

??1LiveMessage@ScCore@@UEAA@XZ

??1LiveObject@ScCore@@MEAA@XZ

??1LivePropertyManager@ScCore@@UEAA@XZ

??1Localizer@ScCore@@UEAA@XZ

??1Lock@ScCore@@QEAA@XZ

??1LockRef@ScCore@@QEAA@XZ

??1Lockable@ScCore@@QEAA@XZ

??1Message@ScCore@@UEAA@XZ

??1ParamInfo@ScCore@@UEAA@XZ

??1Refcountable@ScCore@@MEAA@XZ

??1RegExp@ScCore@@QEAA@XZ

??1Root@ScCore@@UEAA@XZ

??1ServiceInfo@ScCore@@UEAA@XZ

??1SimpleArray@ScCore@@QEAA@XZ

??1SparseArray@ScCore@@QEAA@XZ

??1String@ScCore@@QEAA@XZ

??1Thread@ScCore@@UEAA@XZ

??1TypeInfo@ScCore@@UEAA@XZ

??1UnitConverter@ScCore@@MEAA@XZ

??1Variant@ScCore@@QEAA@XZ

??1WeakRefBase@ScCore@@IEAA@XZ

??1XML@ScCore@@EEAA@XZ

??2Heap@ScCore@@SAPEAX_K@Z

??2Heap@ScCore@@SAPEAX_KPEAX@Z

??2Heap@ScCore@@SAPEAX_KPEBDH@Z

??3Heap@ScCore@@SAXPEAX0@Z

??3Heap@ScCore@@SAXPEAX@Z

??3Heap@ScCore@@SAXPEAXPEBDH@Z

??4Array@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Array@ScCore@@QEAAAEAV01@H@Z

??4Broadcaster@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Callbacks@ScCore@@QEAAAEAV01@AEBV01@@Z

??4ConversionTuple@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Dialogs@ScCore@@QEAAAEAV01@$$QEAV01@@Z

??4Dialogs@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Error@ScCore@@QEAAAEAV01@AEBV01@@Z

??4File@ScCore@@QEAAAEAV01@AEBV01@@Z

??4FileSpec@ScCore@@QEAAAEAV01@AEBV01@@Z

??4FileUtils@ScCore@@QEAAAEAV01@$$QEAV01@@Z

??4FileUtils@ScCore@@QEAAAEAV01@AEBV01@@Z

??4FileWrapper@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Folder@ScCore@@AEAAAEAV01@AEBV01@@Z

??4Globals@ScCore@@QEAAAEAU01@$$QEAU01@@Z

??4Globals@ScCore@@QEAAAEAU01@AEBU01@@Z

??4HashTable@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Heap@ScCore@@AEAAAEAV01@AEBV01@@Z

??4InitTerm@ScCore@@QEAAAEAV01@$$QEAV01@@Z

??4InitTerm@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Listener@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Lockable@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Point@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Rect@ScCore@@QEAAAEAV01@AEBV01@@Z

??4RegExp@ScCore@@QEAAAEAV01@AEBV01@@Z

??4SimpleArray@ScCore@@QEAAAEAV01@AEBV01@@Z

??4SparseArray@ScCore@@QEAAAEAV01@AEBV01@@Z

??4String@ScCore@@QEAAAEAV01@AEBV01@@Z

??4String@ScCore@@QEAAAEAV01@D@Z

??4String@ScCore@@QEAAAEAV01@G@Z

??4String@ScCore@@QEAAAEAV01@PEBD@Z

??4String@ScCore@@QEAAAEAV01@PEBG@Z

??4String@ScCore@@QEAAAEAV01@PEBI@Z

??4Time@ScCore@@QEAAAEAV01@$$QEAV01@@Z

??4Time@ScCore@@QEAAAEAV01@AEBV01@@Z

??4UnicodeUtils@ScCore@@QEAAAEAV01@$$QEAV01@@Z

??4UnicodeUtils@ScCore@@QEAAAEAV01@AEBV01@@Z

??4UnitValue@ScCore@@QEAAAEAV01@AEBV01@@Z

??4UnitValue@ScCore@@QEAAAEAV01@AEBVString@1@@Z

??4Variant@ScCore@@QEAAAEAV01@AEAVLiveObject@1@@Z

??4Variant@ScCore@@QEAAAEAV01@AEBV01@@Z

??4Variant@ScCore@@QEAAAEAV01@AEBVArray@1@@Z

??4Variant@ScCore@@QEAAAEAV01@AEBVFileSpec@1@@Z

??4Variant@ScCore@@QEAAAEAV01@AEBVPoint@1@@Z

??4Variant@ScCore@@QEAAAEAV01@AEBVRect@1@@Z

??4Variant@ScCore@@QEAAAEAV01@AEBVRegExp@1@@Z

??4Variant@ScCore@@QEAAAEAV01@AEBVString@1@@Z

??4Variant@ScCore@@QEAAAEAV01@AEBVUnitValue@1@@Z

??4Variant@ScCore@@QEAAAEAV01@H@Z

??4Variant@ScCore@@QEAAAEAV01@I@Z

??4Variant@ScCore@@QEAAAEAV01@N@Z

??4Variant@ScCore@@QEAAAEAV01@PEAVLiveObject@1@@Z

??4Variant@ScCore@@QEAAAEAV01@PEBD@Z

??4Variant@ScCore@@QEAAAEAV01@PEBG@Z

??4Variant@ScCore@@QEAAAEAV01@_N@Z

??8Array@ScCore@@QEBA_NAEBV01@@Z

??8FileSpec@ScCore@@QEBA_NAEBV01@@Z

??8HashTable@ScCore@@QEBA_NAEBV01@@Z

??8LiveObject@ScCore@@UEBA_NAEBV01@@Z

??8Point@ScCore@@QEBA_NAEBV01@@Z

??8Rect@ScCore@@QEBA_NAEBV01@@Z

??8SimpleArray@ScCore@@QEBA_NAEBV01@@Z

??8SparseArray@ScCore@@QEBA_NAEBV01@@Z

??8String@ScCore@@QEBA_NAEBV01@@Z

??8String@ScCore@@QEBA_NPEBD@Z

??8String@ScCore@@QEBA_NPEBG@Z

??8UnitValue@ScCore@@QEBA_NAEBV01@@Z

??8Variant@ScCore@@QEBA_NAEBV01@@Z

??8XML@ScCore@@QEBA_NAEBV01@@Z

??9Array@ScCore@@QEBA_NAEBV01@@Z

??9FileSpec@ScCore@@QEBA_NAEBV01@@Z

??9HashTable@ScCore@@QEBA_NAEBV01@@Z

??9Point@ScCore@@QEBA_NAEBV01@@Z

??9Rect@ScCore@@QEBA_NAEBV01@@Z

??9SimpleArray@ScCore@@QEBA_NAEBV01@@Z

??9SparseArray@ScCore@@QEBA_NAEBV01@@Z

??9String@ScCore@@QEBA_NAEBV01@@Z

??9String@ScCore@@QEBA_NPEBD@Z

??9String@ScCore@@QEBA_NPEBG@Z

??9UnitValue@ScCore@@QEBA_NAEBV01@@Z

??9Variant@ScCore@@QEBA_NAEBV01@@Z

??9XML@ScCore@@QEBA_NAEBV01@@Z

??AArray@ScCore@@QEAAAEAVVariant@1@I@Z

??ABasicArray@ScCore@@QEBAAEBVVariant@1@I@Z

??AHashTable@ScCore@@QEBA_JAEBVString@1@@Z

??ASimpleArray@ScCore@@QEAAAEA_JH@Z

??ASimpleArray@ScCore@@QEBA_JH@Z

??ASparseArray@ScCore@@QEBA_J_J@Z

??BString@ScCore@@QEBAPEBGXZ

??HString@ScCore@@QEBA?AV01@AEBV01@@Z

??HString@ScCore@@QEBA?AV01@D@Z

??HString@ScCore@@QEBA?AV01@G@Z

??HString@ScCore@@QEBA?AV01@PEBD@Z

??HString@ScCore@@QEBA?AV01@PEBG@Z

??MFileSpec@ScCore@@QEBA_NAEBV01@@Z

??MString@ScCore@@QEBA_NAEBV01@@Z

??MString@ScCore@@QEBA_NPEBD@Z

??MString@ScCore@@QEBA_NPEBG@Z

??MUnitValue@ScCore@@QEBA_NAEBV01@@Z

??MVariant@ScCore@@QEBAHAEBV01@@Z

??NString@ScCore@@QEBA_NAEBV01@@Z

??NString@ScCore@@QEBA_NPEBD@Z

??NString@ScCore@@QEBA_NPEBG@Z

??OString@ScCore@@QEBA_NAEBV01@@Z

??OString@ScCore@@QEBA_NPEBD@Z

??OString@ScCore@@QEBA_NPEBG@Z

??PString@ScCore@@QEBA_NAEBV01@@Z

??PString@ScCore@@QEBA_NPEBD@Z

??PString@ScCore@@QEBA_NPEBG@Z

??YArray@ScCore@@QEAAAEAV01@AEAV01@@Z

??YArray@ScCore@@QEAAAEAV01@AEAVFileSpec@1@@Z

??YArray@ScCore@@QEAAAEAV01@AEAVLiveObject@1@@Z

??YArray@ScCore@@QEAAAEAV01@AEBVPoint@1@@Z

??YArray@ScCore@@QEAAAEAV01@AEBVRect@1@@Z

??YArray@ScCore@@QEAAAEAV01@AEBVString@1@@Z

??YArray@ScCore@@QEAAAEAV01@AEBVVariant@1@@Z

??YArray@ScCore@@QEAAAEAV01@H@Z

??YArray@ScCore@@QEAAAEAV01@N@Z

??YArray@ScCore@@QEAAAEAV01@PEAVLiveObject@1@@Z

??YArray@ScCore@@QEAAAEAV01@PEBD@Z

??YArray@ScCore@@QEAAAEAV01@_N@Z

??YHashTable@ScCore@@QEAAAEAV01@AEBV01@@Z

??YSimpleArray@ScCore@@QEAAAEAV01@AEBV01@@Z

??YSimpleArray@ScCore@@QEAAAEAV01@_J@Z

??YSparseArray@ScCore@@QEAAAEAV01@AEBV01@@Z

??YString@ScCore@@QEAAAEAV01@AEBV01@@Z

??YString@ScCore@@QEAAAEAV01@D@Z

??YString@ScCore@@QEAAAEAV01@G@Z

??YString@ScCore@@QEAAAEAV01@PEBD@Z

??YString@ScCore@@QEAAAEAV01@PEBG@Z

??ZSimpleArray@ScCore@@QEAAAEAV01@_J@Z

??_7Allocator@ScCore@@6B@

??_7Array@ScCore@@6B@

??_7BasicArray@ScCore@@6B@

??_7Callbacks@ScCore@@6B@

??_7ClassInfo@ScCore@@6B@

??_7Cloneable@ScCore@@6B@

??_7DataMessage@ScCore@@6B@

??_7Dictionary@ScCore@@6B@

??_7Encoder@ScCore@@6B@

??_7File@ScCore@@6B@

??_7FileFilter@ScCore@@6B@

??_7FileWrapper@ScCore@@6B@

??_7Listener@ScCore@@6B@

??_7LiveArray@ScCore@@6BListener@1@@

??_7LiveArray@ScCore@@6BLiveBase@1@@

??_7LiveBase@ScCore@@6B@

??_7LiveCollection@ScCore@@6BListener@1@@

??_7LiveCollection@ScCore@@6BLiveBase@1@@

??_7LiveComponent@ScCore@@6B@

??_7LiveMessage@ScCore@@6B@

??_7LiveObject@ScCore@@6BListener@1@@

??_7LiveObject@ScCore@@6BLiveBase@1@@

??_7LivePropertyManager@ScCore@@6B@

??_7Localizer@ScCore@@6B@

??_7Message@ScCore@@6B@

??_7ParamInfo@ScCore@@6B@

??_7Refcountable@ScCore@@6B@

??_7ServiceInfo@ScCore@@6B@

??_7Thread@ScCore@@6B@

??_7TypeInfo@ScCore@@6B@

??_7UnitConverter@ScCore@@6B@

??_7XML@ScCore@@6B@

??_FDictionary@ScCore@@QEAAXXZ

??_FLiveArray@ScCore@@QEAAXXZ

??_FLiveCollection@ScCore@@QEAAXXZ

??_FLiveObject@ScCore@@QEAAXXZ

??_FXML@ScCore@@QEAAXXZ

??_UHeap@ScCore@@SAPEAX_K@Z

??_UHeap@ScCore@@SAPEAX_KPEBDH@Z

??_VHeap@ScCore@@SAXPEAX@Z

??_VHeap@ScCore@@SAXPEAXPEBDH@Z

?DebugAlert@ScCore@@YAXPEBD0H@Z

?ScGetErrorMsg@@YAXHAEAVString@ScCore@@@Z

?ScGetTopWindow@@YAPEAUHWND__@@XZ

?acquire@Lock@ScCore@@QEAAXXZ

?add@Encoder@ScCore@@SAXAEBV12@@Z

?add@UnitConverterTable@ScCore@@SAHQEAPEBVConversionTuple@2@IAEBVUnitConverter@2@@Z

?add@XML@ScCore@@QEAAPEAV12@AEBVString@2@0@Z

?add@XML@ScCore@@QEAAPEAV12@AEBVString@2@@Z

?add@XML@ScCore@@QEAAPEAV12@AEBVString@2@AEBV12@_N@Z

?addAlias@Encoder@ScCore@@SA_NAEBV12@PEBD@Z

?addAlias@Encoder@ScCore@@SA_NPEBD0@Z

?addComponent@LiveObject@ScCore@@UEAAHAEAVLiveComponent@2@@Z

?addFactory@LiveObject@ScCore@@SAHAEAV12@H@Z

?addListener@Broadcaster@ScCore@@QEAAXAEAVListener@2@H@Z

?addRef@Refcountable@ScCore@@QEBAXXZ

?addSubDictionary@Dictionary@ScCore@@QEAAXAEAV12@@Z

?addTable@Dictionary@ScCore@@UEAAXAEBULivePropertyInfo@2@PEBD1@Z

?addTables@Dictionary@ScCore@@UEAAXPEBULivePropertyInfos@2@@Z

?adjust@String@ScCore@@QEAAXH@Z

?alert@Dialogs@ScCore@@SAXAEBVString@2@0@Z

?alert@Dialogs@ScCore@@SAXAEBVString@2@0_N@Z

?alert@Dialogs@ScCore@@SAXAEBVString@2@@Z

?allocMem@Allocator@ScCore@@UEAAPEAX_KPEBDH@Z

?ancestors_r@XML@ScCore@@QEBAPEAV12@_N@Z

?appToFront@FileUtils@ScCore@@SAXXZ

?append@SimpleArray@ScCore@@QEAAXAEBV12@@Z

?append@SimpleArray@ScCore@@QEAAX_J@Z

?append@String@ScCore@@QEAAXAEBV12@@Z

?append@String@ScCore@@QEAAXD@Z

?append@String@ScCore@@QEAAXG@Z

?append@String@ScCore@@QEAAXPEBDH@Z

?append@String@ScCore@@QEAAXPEBGH@Z

?apply@LiveObject@ScCore@@UEBAHAEAV12@HAEBVArray@2@AEAVVariant@2@PEAVError@2@@Z

?arrayIsEqual@XML@ScCore@@CA_NAEBV?$TISimpleArray@VXML@ScCore@@@2@0_N@Z

?asElementNode@XML@ScCore@@QEAAPEAV12@XZ

?asElementNode@XML@ScCore@@QEBAPEBV12@XZ

?assign@WeakRefBase@ScCore@@IEAAPEAVRefcountable@2@PEAV32@@Z

?atExit@InitTerm@ScCore@@SAXP6AXXZ@Z

?attrsAreEqual@XML@ScCore@@CA_NAEBV?$TISimpleArray@VXML@ScCore@@@2@0_N@Z

?attrsToString@XML@ScCore@@AEBAXAEAVString@2@PEAX@Z

?broadcast@Broadcaster@ScCore@@QEBA_NAEAVMessage@2@@Z

?broadcast@Broadcaster@ScCore@@QEBA_NH@Z

?call@LiveComponent@ScCore@@UEAAHAEAVLiveObject@2@HAEBVArray@2@AEAVVariant@2@PEAVError@2@@Z

?call@LiveObject@ScCore@@QEAAHAEBVString@2@AEAVVariant@2@PEAVError@2@@Z

?call@LiveObject@ScCore@@QEAAHAEBVString@2@AEBVArray@2@AEAVVariant@2@PEAVError@2@@Z

?call@LiveObject@ScCore@@QEAAHAEBVString@2@AEBVArray@2@PEAVError@2@@Z

?call@LiveObject@ScCore@@QEAAHAEBVString@2@PEAVError@2@@Z

?call@LiveObject@ScCore@@QEAAHH@Z

?call@LiveObject@ScCore@@QEAAHHAEAVVariant@2@@Z

?call@LiveObject@ScCore@@QEAAHHAEBVArray@2@@Z

?call@LiveObject@ScCore@@UEAAHHAEBVArray@2@AEAVVariant@2@PEAVError@2@@Z

?canInvoke@LiveObject@ScCore@@QEBA_NAEBVString@2@@Z

?caseConvert@Localizer@ScCore@@SA?AVString@2@AEBV32@_N@Z

?changePath@FileSpec@ScCore@@QEAA_NAEBVString@2@@Z

?changePath@FileWrapper@ScCore@@QEAA_NAEBVString@2@@Z

?checkError@FileWrapper@ScCore@@AEBA_NH@Z

?checkSymbolSyntax@XML@ScCore@@SA_NAEBVString@2@@Z

?chooseFile@FileSpec@ScCore@@QEAA_NAEBVString@2@_NPEBV32@PEAVFileFilter@2@PEAVArray@2@@Z

?chooseFolder@FileSpec@ScCore@@QEAA_NAEBVString@2@@Z

?chooseSaveFile@FileSpec@ScCore@@QEAA_NAEBVString@2@PEBV32@PEAVFileFilter@2@@Z

?clear@SimpleArray@ScCore@@QEAAXXZ

?clear@String@ScCore@@QEAAXXZ

?clone@FileWrapper@ScCore@@UEBAHPEAPEAVCloneable@2@_N@Z

?clone@LiveObject@ScCore@@UEBAHPEAPEAV12@_N@Z

?cloneContent@LiveObject@ScCore@@IEBAHAEAV12@_N@Z

?close@File@ScCore@@UEAAHXZ

?close@FileWrapper@ScCore@@QEAA_NXZ

?cmp@Point@ScCore@@QEBAHAEBV12@@Z

?cmp@Rect@ScCore@@QEBAHAEBV12@@Z

?cmp@String@ScCore@@QEBAHAEBV12@@Z

?cmp@String@ScCore@@QEBAHPEBD@Z

?cmp@String@ScCore@@QEBAHPEBG@Z

?cmp@UnitValue@ScCore@@QEBAHAEBV12@@Z

?colorPicker@Dialogs@ScCore@@SAHH@Z

?combine@Rect@ScCore@@QEAA_NAEBV12@0@Z

?compare@Localizer@ScCore@@SAHAEBVString@2@0@Z

?compare@Variant@ScCore@@QEBAHAEBV12@@Z

?confirm@Dialogs@ScCore@@SA_NAEBVString@2@0_N@Z

?confirm@Dialogs@ScCore@@SA_NAEBVString@2@_N@Z

?contains@XML@ScCore@@QEBA_NAEBV12@_N@Z

?convert@UnitConverterTable@ScCore@@SAHAEBVUnitValue@2@IAEANPEAVError@2@@Z

?convert@UnitConverterTable@ScCore@@SAHAEBVUnitValue@2@IAEAV32@PEAVError@2@@Z

?convert@UnitValue@ScCore@@QEAA_NI@Z

?convert@UnitValue@ScCore@@QEBA_NIAEAV12@@Z

?convert@Variant@ScCore@@QEAAXW4VariantType@2@@Z

?convertDataTypeToString@TypeInfo@ScCore@@SAPEBDW4VariantType@2@@Z

?convertLF@String@ScCore@@QEAAHW4CRLFEncoding@12@@Z

?convertToBase@UnitConverterTable@ScCore@@SAHAEBVUnitValue@2@AEAV32@PEAVError@2@@Z

?convertToBase@UnitValue@ScCore@@QEAAHXZ

?convertToBase@UnitValue@ScCore@@QEBAHAEAV12@@Z

?copy@FileWrapper@ScCore@@QEBA_NAEBVString@2@@Z

?copy@SimpleArray@ScCore@@QEBA?AV12@HH@Z

?copy@XML@ScCore@@AEBAPEAV12@PEBV12@0_N@Z

?copyArray@XML@ScCore@@CAPEAV?$TISimpleArray@VXML@ScCore@@@2@PEBV12@PEBV32@@Z

?copyTo@File@ScCore@@UEBAHAEBVFileSpec@2@@Z

?copy_r@XML@ScCore@@QEBAPEAV12@_N@Z

?create@Folder@ScCore@@QEAAHXZ

?create@LiveObject@ScCore@@SAHPEAPEAV12@AEBVString@2@H@Z

?create@LiveObject@ScCore@@SAHPEAPEAV12@HH@Z

?createAlias@FileSpec@ScCore@@QEAAHAEBVString@2@_N@Z

?createAlias@FileWrapper@ScCore@@QEAA_NAEBVString@2@_N@Z

?createCaptureList@RegExp@ScCore@@QEBAPEAVCapture@2@XZ

?createIDForName@LiveObject@ScCore@@UEAAHAEBVString@2@AEAHH@Z

?createLocal@LiveObject@ScCore@@UEAAHPEAPEAV12@AEBVString@2@H@Z

?createLock@Lockable@ScCore@@QEAAXXZ

?createProperty@LiveObject@ScCore@@MEAAPEAVLiveProperty@2@AEBVString@2@HI@Z

?decode@FileWrapper@ScCore@@SAXAEBVString@2@AEAV32@@Z

?decode@String@ScCore@@QEAAHPEBDHPEBVEncoder@2@@Z

?decode@String@ScCore@@QEAAHPEBI@Z

?decodeURI@String@ScCore@@QEAA_NXZ

?decrement@Lock@ScCore@@SAHAEAH@Z

?defineError@Error@ScCore@@SAXHAEBVString@2@PEBD@Z

?defineIDForName@LiveObject@ScCore@@UEAAHAEBVString@2@HH@Z

?deleteAt@Array@ScCore@@QEAAXI@Z

?deleteByIndex@LiveCollection@ScCore@@UEAAHI@Z

?deleteByIndex@LiveComponent@ScCore@@UEAAHAEAVLiveObject@2@I@Z

?deleteDynamicProperties@LiveObject@ScCore@@UEAAX_N@Z

?deleteID@LiveObject@ScCore@@UEAAHH@Z

?descendants_r@XML@ScCore@@QEBAPEAV12@XZ

?doErase@Variant@ScCore@@IEAAXXZ

?doGetDouble@Variant@ScCore@@IEBANXZ

?doIsFinite@Variant@ScCore@@IEBA_NXZ

?doIsMinus0@Variant@ScCore@@IEBA_NXZ

?doIsNaN@Variant@ScCore@@IEBA_NXZ

?doSetNumAttrs@Variant@ScCore@@IEBAXXZ

?doToString@Variant@ScCore@@IEBAXH@Z

?emptyString@String@ScCore@@SAAEBV12@XZ

?enableUI@InitTerm@ScCore@@SAX_N@Z

?encode@FileWrapper@ScCore@@SAXAEBVString@2@AEAV32@@Z

?encode@String@ScCore@@QEBAHAEAPEBDAEAHPEBVEncoder@2@@Z

?encode@String@ScCore@@QEBAPEBDPEBVEncoder@2@@Z

?encodeURI@String@ScCore@@QEAA_NPEBD@Z

?encodeURI@String@ScCore@@QEAA_NPEBG@Z

?encodeUtf32@String@ScCore@@QEBAPEBIXZ

?enumerate@ClassInfo@ScCore@@UEBAHAEAVSimpleArray@2@H@Z

?enumerate@LiveCollection@ScCore@@UEBAHAEAVSimpleArray@2@H@Z

?enumerate@LiveComponent@ScCore@@UEBAHAEBVLiveObject@2@AEAVSimpleArray@2@H@Z

?enumerate@LiveObject@ScCore@@UEBAHAEAVSimpleArray@2@H@Z

Sections

.text
Size: 400KB - Virtual size: 399KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

pe.dll

.dll windows:6 windows x64 arch:x64

Password: infected

ac0859548f5c53e0e3579baeff9163c3

Code Sign

01:1f:39:a2:26:1a:99:3d:d1:51:76:da:6f:e4:fb:ea
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Acrobat DC,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

ce:3f:49:57:ee:7b:32:e9:cb:2f:e7:df:81:22:db:fe:cd:2d:98:9f:4d:8d:71:18:ef:e9:f6:d1:c2:1c:a9:d4
Signer

Actual PE Digest

ce:3f:49:57:ee:7b:32:e9:cb:2f:e7:df:81:22:db:fe:cd:2d:98:9f:4d:8d:71:18:ef:e9:f6:d1:c2:1c:a9:d4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

pe.pdb

Imports

vcruntime140

__std_type_info_destroy_list

__C_specific_handler

memset

memcpy

strstr

strrchr

strchr

api-ms-win-crt-stdio-l1-1-0

fclose

fgets

fopen

fseek

fread

__stdio_common_vsprintf

__stdio_common_vsscanf

__stdio_common_vfprintf

api-ms-win-crt-math-l1-1-0

sinh

tanh

log10

exp

log

tan

atan

sqrt

atan2

fmod

ceil

asin

sin

pow

floor

cos

cosh

acos

api-ms-win-crt-convert-l1-1-0

atof

atoi

api-ms-win-crt-string-l1-1-0

strncat

isalnum

strpbrk

strncpy

strspn

isspace

isdigit

strcmp

toupper

strncmp

tolower

api-ms-win-crt-utility-l1-1-0

bsearch

qsort

api-ms-win-crt-heap-l1-1-0

malloc

free

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-filesystem-l1-1-0

_access

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv

_initialize_narrow_environment

_initterm_e

_execute_onexit_table

_cexit

_initterm

_seh_filter_dll

_initialize_onexit_table

kernel32

DisableThreadLibraryCalls

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

SetUnhandledExceptionFilter

GetCurrentProcess

TerminateProcess

IsProcessorFeaturePresent

QueryPerformanceCounter

IsDebuggerPresent

InitializeSListHead

RtlCaptureContext

GetSystemTimeAsFileTime

GetCurrentThreadId

GetCurrentProcessId

Exports

pe_adjhcs_array

pe_adjhcs_clone

pe_adjhcs_coordsys

pe_adjhcs_del

pe_adjhcs_eq

pe_adjhcs_from_string

pe_adjhcs_htmethod

pe_adjhcs_name

pe_adjhcs_new

pe_adjhcs_p

pe_adjhcs_status

pe_adjhcs_to_coordsys

pe_adjhcs_to_string

pe_adjhcs_to_string_ext

pe_adjhcs_unit

pe_array_clone

pe_array_del

pe_array_eq

pe_array_from_string

pe_array_htmethod_default

pe_array_name

pe_array_name_set

pe_array_new

pe_array_num_values

pe_array_p

pe_array_status

pe_array_to_string

pe_array_to_string_ext

pe_array_values_copy

pe_array_values_pointer

pe_array_values_set

pe_auth_r

pe_authority_authcode

pe_authority_clone

pe_authority_del

pe_authority_eq

pe_authority_from_string

pe_authority_name

pe_authority_new

pe_authority_p

pe_authority_status

pe_authority_to_string

pe_authority_to_string_ext

pe_authority_version

pe_beta_to_phi

pe_cart_to_curv

pe_chi_to_phi

pe_coordsys_authority

pe_coordsys_authority_set

pe_coordsys_clone

pe_coordsys_del

pe_coordsys_eq

pe_coordsys_from_prjfile

pe_coordsys_from_prjstring

pe_coordsys_from_string

pe_coordsys_name

pe_coordsys_p

pe_coordsys_status

pe_coordsys_to_adjhcs

pe_coordsys_to_prjfile

pe_coordsys_to_prjstring

pe_coordsys_to_string

pe_coordsys_to_string_ext

pe_coordsys_vertcs_to_prjfile

pe_coordsys_vertcs_to_prjstring

pe_curv_to_cart

pe_datahome_setdir

pe_datahome_setfunc

pe_datum_authority

pe_datum_authority_set

pe_datum_clone

pe_datum_del

pe_datum_eq

pe_datum_from_string

pe_datum_name

pe_datum_new

pe_datum_p

pe_datum_spheroid

pe_datum_status

pe_datum_to_string

pe_datum_to_string_ext

pe_delta

pe_delta_center

pe_eq

pe_eta_to_phi

pe_factory

pe_factory_angular_unit_codelist

pe_factory_code

pe_factory_codelist_del

pe_factory_coderanges_angular_unit

pe_factory_coderanges_check

pe_factory_coderanges_datum

pe_factory_coderanges_geogcs

pe_factory_coderanges_geogtran

pe_factory_coderanges_htmethod

pe_factory_coderanges_linear_unit

pe_factory_coderanges_method

pe_factory_coderanges_parameter

pe_factory_coderanges_primem

pe_factory_coderanges_projcs

pe_factory_coderanges_projection

pe_factory_coderanges_spheroid

pe_factory_coderanges_unit

pe_factory_coderanges_vdatum

pe_factory_coderanges_vertcs

pe_factory_datum

pe_factory_datum_codelist

pe_factory_defstring_to_int

pe_factory_geogcs

pe_factory_geogcs_codelist

pe_factory_geogtran

pe_factory_geogtran_codelist

pe_factory_htmethod

pe_factory_htmethod_codelist

pe_factory_int_to_defstring

pe_factory_linear_unit_codelist

pe_factory_method

pe_factory_method_codelist

pe_factory_parameter

pe_factory_parameter_codelist

pe_factory_primem

pe_factory_primem_codelist

pe_factory_projcs

pe_factory_projcs_codelist

pe_factory_projection

pe_factory_projection_codelist

pe_factory_spheroid

pe_factory_spheroid_codelist

pe_factory_unit

pe_factory_vdatum

pe_factory_vdatum_codelist

pe_factory_vertcs

pe_factory_vertcs_codelist

pe_generate_horizon

pe_geodesic_coordinate

pe_geodesic_distance

pe_geog1_to_geog2

pe_geog2_to_geog1

pe_geog_to_georef

pe_geog_to_mgrs

pe_geog_to_mgrs_extended

pe_geog_to_proj

pe_geogcs_authority

pe_geogcs_authority_set

pe_geogcs_clone

pe_geogcs_datum

pe_geogcs_del

pe_geogcs_eq

pe_geogcs_from_string

pe_geogcs_name

pe_geogcs_new

pe_geogcs_p

pe_geogcs_primem

pe_geogcs_status

pe_geogcs_to_string

pe_geogcs_to_string_ext

pe_geogcs_unit

pe_geogtran_authority

pe_geogtran_authority_set

pe_geogtran_clone

pe_geogtran_del

pe_geogtran_eq

pe_geogtran_from_string

pe_geogtran_geogcs1

pe_geogtran_geogcs2

pe_geogtran_isconstloaded

pe_geogtran_load_constants

pe_geogtran_method

pe_geogtran_name

pe_geogtran_new

pe_geogtran_p

pe_geogtran_parameters

pe_geogtran_status

pe_geogtran_to_string

pe_geogtran_to_string_ext

pe_geogtran_unload_constants

pe_georef_to_geog

pe_geoxyzcs_authority

pe_geoxyzcs_authority_set

pe_geoxyzcs_clone

pe_geoxyzcs_del

pe_geoxyzcs_eq

pe_geoxyzcs_from_string

pe_geoxyzcs_geogcs

pe_geoxyzcs_name

pe_geoxyzcs_new

pe_geoxyzcs_p

pe_geoxyzcs_status

pe_geoxyzcs_to_string

pe_geoxyzcs_to_string_ext

pe_geoxyzcs_unit

pe_horizon_del

pe_horizon_gcs_raster_generate

pe_horizon_pcs_generate

pe_horizon_pcs_raster_generate

pe_htmethod_authority

pe_htmethod_authority_set

pe_htmethod_clone

pe_htmethod_del

pe_htmethod_eq

pe_htmethod_forward

pe_htmethod_from_string

pe_htmethod_inverse

pe_htmethod_name

pe_htmethod_new

pe_htmethod_p

pe_htmethod_status

pe_htmethod_to_string

pe_htmethod_to_string_ext

pe_hvcoordsys_clone

pe_hvcoordsys_coordsys

pe_hvcoordsys_del

pe_hvcoordsys_eq

pe_hvcoordsys_from_prjfile

pe_hvcoordsys_from_prjstring

pe_hvcoordsys_from_string

pe_hvcoordsys_name

pe_hvcoordsys_new

pe_hvcoordsys_p

pe_hvcoordsys_status

pe_hvcoordsys_to_prjfile

pe_hvcoordsys_to_prjstring

pe_hvcoordsys_to_string

pe_hvcoordsys_to_string_ext

pe_hvcoordsys_vertcs

pe_hvdatum_authority

pe_hvdatum_authority_set

pe_hvdatum_clone

pe_hvdatum_del

pe_hvdatum_eq

pe_hvdatum_from_string

pe_hvdatum_name

pe_hvdatum_p

pe_hvdatum_status

pe_hvdatum_to_string

pe_hvdatum_to_string_ext

pe_m

pe_memalloc

pe_memdealloc

pe_method_authority

pe_method_authority_set

pe_method_clone

pe_method_del

pe_method_eq

pe_method_forward

pe_method_from_string

pe_method_inverse

pe_method_name

pe_method_new

pe_method_p

pe_method_status

pe_method_to_string

pe_method_to_string_ext

pe_mgrs_to_geog

pe_mgrs_to_geog_extended

pe_mu_to_phi

pe_n

pe_objedithome_setdir

pe_objedithome_setfunc

pe_parameter_authority

pe_parameter_authority_set

pe_parameter_clone

pe_parameter_del

pe_parameter_eq

pe_parameter_from_string

pe_parameter_index

pe_parameter_method_defaults

pe_parameter_name

pe_parameter_name_set

pe_parameter_new

pe_parameter_p

pe_parameter_projection_defaults

pe_parameter_status

pe_parameter_to_string

pe_parameter_to_string_ext

pe_parameter_value

pe_parameter_value_set

pe_pcsinfo_del

pe_pcsinfo_generate

pe_phi_to_beta

pe_phi_to_chi

pe_phi_to_eta

pe_phi_to_mu

pe_phi_to_phig

pe_phig_to_phi

pe_predefined_angular_unit

pe_predefined_datum

pe_predefined_geogcs

pe_predefined_geogtran

pe_predefined_htmethod

pe_predefined_linear_unit

pe_predefined_method

pe_predefined_parameter

pe_predefined_primem

pe_predefined_projcs

pe_predefined_projection

pe_predefined_spheroid

pe_predefined_vdatum

pe_predefined_vertcs

pe_primem_authority

pe_primem_authority_set

pe_primem_clone

pe_primem_del

pe_primem_eq

pe_primem_from_string

pe_primem_longitude

pe_primem_name

pe_primem_new

pe_primem_p

pe_primem_status

pe_primem_to_string

pe_primem_to_string_ext

pe_proj_to_geog

pe_proj_to_geog_center

pe_projcs_authority

pe_projcs_authority_set

pe_projcs_clone

pe_projcs_clone_alterunits

pe_projcs_del

pe_projcs_eq

pe_projcs_eqnn

pe_projcs_from_string

pe_projcs_geogcs

pe_projcs_isconstloaded

pe_projcs_load_constants

pe_projcs_name

pe_projcs_new

pe_projcs_p

pe_projcs_parameters

pe_projcs_projection

pe_projcs_status

pe_projcs_to_string

pe_projcs_to_string_ext

pe_projcs_unit

pe_projcs_unload_constants

pe_projection_authority

pe_projection_authority_set

pe_projection_clone

pe_projection_del

pe_projection_eq

pe_projection_forward

pe_projection_from_string

pe_projection_horizon

pe_projection_horizon_gcs_raster

pe_projection_horizon_pcs

pe_projection_horizon_pcs_raster

pe_projection_inverse

pe_projection_name

pe_projection_new

pe_projection_p

pe_projection_status

pe_projection_to_string

pe_projection_to_string_ext

pe_q

pe_q90

pe_rect_r

pe_spheroid_authority

pe_spheroid_authority_set

pe_spheroid_axis

pe_spheroid_clone

pe_spheroid_del

pe_spheroid_eq

pe_spheroid_flattening

pe_spheroid_from_string

pe_spheroid_name

pe_spheroid_new

pe_spheroid_p

pe_spheroid_status

pe_spheroid_to_string

pe_spheroid_to_string_ext

pe_table_del

pe_unit_authority

pe_unit_authority_set

pe_unit_clone

pe_unit_del

pe_unit_eq

pe_unit_factor

pe_unit_from_string

pe_unit_name

pe_unit_new

pe_unit_p

pe_unit_status

pe_unit_to_string

pe_unit_to_string_ext

pe_vdatum_authority

pe_vdatum_authority_set

pe_vdatum_clone

pe_vdatum_del

pe_vdatum_eq

pe_vdatum_from_string

pe_vdatum_name

pe_vdatum_new

pe_vdatum_p

pe_vdatum_status

pe_vdatum_to_string

pe_vdatum_to_string_ext

pe_version

pe_version_string

pe_vertcs_authority

pe_vertcs_authority_set

pe_vertcs_clone

pe_vertcs_clone_alterunits

pe_vertcs_del

pe_vertcs_eq

pe_vertcs_from_prjfile

pe_vertcs_from_prjstring

pe_vertcs_from_string

pe_vertcs_hvdatum

pe_vertcs_name

pe_vertcs_new

pe_vertcs_p

pe_vertcs_parameters

pe_vertcs_status

pe_vertcs_to_string

pe_vertcs_to_string_ext

pe_vertcs_unit

pe_w

pe_zunit_from_prjfile

pe_zunit_from_prjstring

Sections

.text
Size: 891KB - Virtual size: 890KB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 663KB - Virtual size: 663KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

pmd.cer

rt3d.dll

.dll windows:6 windows x64 arch:x64

Password: infected

3dc7ed1ee61c38efac74635d0ea2c252

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0d:1a:34:0f:78:d7:d0:00:e0:89:fd:ba:ad:65:22:df
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

03/11/2023, 00:00

Not After

04/11/2025, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Acrobat DC,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature

KeyUsageCertSign

KeyUsageCRLSign

b2:3e:f1:49:8b:90:6b:79:f9:80:02:36:4f:3f:d5:5b:87:15:76:e0:6d:04:f9:3d:17:b1:ef:fb:9d:a8:c9:72
Signer

Actual PE Digest

b2:3e:f1:49:8b:90:6b:79:f9:80:02:36:4f:3f:d5:5b:87:15:76:e0:6d:04:f9:3d:17:b1:ef:fb:9d:a8:c9:72

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE

IMAGE_FILE_LARGE_ADDRESS_AWARE

IMAGE_FILE_DLL

PDB Paths

D:\T\BuildResults\obj\x64\a3dRT\Release\rt3d.pdb

Imports

extendscript

?executeStaticXML@DebugAPI@ScScript@@SAPEAVXML@ScCore@@AEBV34@AEAVError@4@@Z

?executeXML@DebugAPI@ScScript@@QEAAPEAVXML@ScCore@@AEBV34@AEAVError@4@@Z

?getProfilerData@DebugAPI@ScScript@@QEAAXPEAV?$TSimpleArray@VProfilerData@ScScript@@@ScCore@@_N@Z

?command@DebugAPI@ScScript@@QEAAXW4Cmd@12@_N@Z

?getSourceLine@DebugAPI@ScScript@@QEBAHXZ

?getSourceFileID@DebugAPI@ScScript@@QEBAHXZ

?getScript@DebugAPI@ScScript@@QEBAPEAVScript@2@XZ

?setContextLevel@DebugAPI@ScScript@@QEAAXH@Z

?getStackDepth@DebugAPI@ScScript@@QEBAHXZ

?setIncludePath@ParserAPI@ScScript@@QEBAXAEBVString@ScCore@@@Z

?findEngine@Engine@ScScript@@SAPEAV12@AEBVString@ScCore@@@Z

?getName@Engine@ScScript@@QEBAAEBVString@ScCore@@XZ

?getID@Engine@ScScript@@QEBAIXZ

?getAll@Engine@ScScript@@SAXAEAV?$TSimpleArray@VEngine@ScScript@@@ScCore@@@Z

??1Debugger@ScScript@@UEAA@XZ

??0Debugger@ScScript@@QEAA@XZ

?getSymbol@DataPool@ScScript@@QEBA?AVString@ScCore@@H@Z

?get@DataPool@ScScript@@SAAEAV12@XZ

?errorMessage@ScriptContainer@ScScript@@SA?AVString@ScCore@@AEBVError@4@@Z

?execute@ScriptContainer@ScScript@@QEAAHAEAVEngine@2@H@Z

?compile@ScriptContainer@ScScript@@QEAAHAEBVFileSpec@ScCore@@_NP6A_N0@Z@Z

??1ScriptContainer@ScScript@@UEAA@XZ

??0ScriptContainer@ScScript@@QEAA@_N@Z

?invalidateClassAll@Engine@ScScript@@SAXAEBVString@ScCore@@@Z

?init@InitTerm@ScScript@@SAXXZ

?getIncludePath@ParserAPI@ScScript@@QEBAAEBVString@ScCore@@XZ

?getCurrent@Engine@ScScript@@SAPEAV12@XZ

?getClassObject@Callback@ScScript@@UEAAPEAVLiveObject@ScCore@@AEAVEngine@2@AEBVString@4@AEAI@Z

?engineNotify@Callback@ScScript@@UEAAXAEAVEngine@2@H_J@Z

?getGlobalObject@LiveObjectAPI@ScScript@@QEBAAEAVLiveObject@ScCore@@XZ

?setDebugLevel@Engine@ScScript@@QEAAXH@Z

?setCallback@Engine@ScScript@@QEAAXPEAVCallback@2@@Z

?setName@Engine@ScScript@@QEAA_NAEBVString@ScCore@@@Z

?createEngine@Engine@ScScript@@SAPEAV12@W4Type@12@@Z

??1Callback@ScScript@@UEAA@XZ

??0Callback@ScScript@@QEAA@XZ

?runtimeError@Callback@ScScript@@UEAAXAEAVEngine@2@@Z

?isValidClassName@Callback@ScScript@@UEAA_NAEAVEngine@2@AEBVString@ScCore@@@Z

?undefinedError@Callback@ScScript@@UEAA_NAEAVEngine@2@AEBVVariant@ScCore@@1AEAV45@@Z

?leaveDebugMode@Callback@ScScript@@UEAAXAEAVEngine@2@_N@Z

?enterDebugMode@Callback@ScScript@@UEAAXAEAVEngine@2@@Z

?garbageCollecting@Callback@ScScript@@UEAA_NAEAVEngine@2@@Z

?running@Callback@ScScript@@UEAAXAEAVEngine@2@@Z

?exit@InitTerm@ScScript@@SAXXZ

?setProfilingLevel@Engine@ScScript@@QEAAXH@Z

sccore

?removeComponent@LiveObject@ScCore@@UEAAHAEAVLiveComponent@2@@Z

?call@LiveObject@ScCore@@QEAAHAEBVString@2@AEBVArray@2@AEAVVariant@2@PEAVError@2@@Z

?put@LiveObject@ScCore@@QEAAHAEBVString@2@AEBVVariant@2@HPEAVError@2@@Z

??0LiveObject@ScCore@@QEAA@AEBVString@1@_N@Z

?setString@Variant@ScCore@@QEAAXPEBDPEAVEncoder@2@@Z

?isInteger@Variant@ScCore@@QEBA_NXZ

?remove@SparseArray@ScCore@@QEAA_J_J@Z

?set@SparseArray@ScCore@@QEAAX_J0@Z

?find@SparseArray@ScCore@@QEBA_J_J@Z

?localizedCompare@Localizer@ScCore@@MEBAHAEBVString@2@0@Z

?localizedCaseConvert@Localizer@ScCore@@MEBA_NAEAVString@2@_N@Z

?localizeText@Localizer@ScCore@@MEBA_NAEAVString@2@@Z

?getLocale@Localizer@ScCore@@MEBA_NAEAVString@2@@Z

?getErrorMsg@Localizer@ScCore@@MEBA_NHAEAVString@2@@Z

?get@Callbacks@ScCore@@SAPEAV12@XZ

?eof@File@ScCore@@UEBA_NXZ

?setLength@Array@ScCore@@QEAAXI@Z

??YSimpleArray@ScCore@@QEAAAEAV01@AEBV01@@Z

?setSize@SimpleArray@ScCore@@QEAAXH@Z

?get@Context@ScCore@@SAAEAV12@XZ

ScAtomicInc

?getArray@Variant@ScCore@@QEBA_NAEAVArray@2@@Z

?getClassInfo@LiveObject@ScCore@@UEBAPEBVClassInfo@2@H@Z

?setInteger@Variant@ScCore@@QEAAXI@Z

??4String@ScCore@@QEAAAEAV01@AEBV01@@Z

??4String@ScCore@@QEAAAEAV01@PEBD@Z

?revalidate@LiveBase@ScCore@@UEAAXXZ

?reset@LiveComponent@ScCore@@UEAAXXZ

?putLength@LiveComponent@ScCore@@UEAAHAEAVLiveObject@2@I@Z

?putByIndex@LiveComponent@ScCore@@UEAAHAEAVLiveObject@2@IAEBVVariant@2@PEAVError@2@@Z

?clone@LiveObject@ScCore@@UEBAHPEAPEAV12@_N@Z

?release@Refcountable@ScCore@@UEBAXXZ

?addComponent@LiveObject@ScCore@@UEAAHAEAVLiveComponent@2@@Z

??8LiveObject@ScCore@@UEBA_NAEBV01@@Z

?registerProperty@LivePropertyManager@ScCore@@QEAAXPEBDHH0@Z

??1LivePropertyManager@ScCore@@UEAA@XZ

??0LivePropertyManager@ScCore@@QEAA@XZ

?call@LiveObject@ScCore@@UEAAHHAEBVArray@2@AEAVVariant@2@PEAVError@2@@Z

?getIDForName@LiveObject@ScCore@@UEBAHAEBVString@2@AEAHAEAW4InfoType@2@H@Z

??0LiveObject@ScCore@@QEAA@PEBD_N@Z

??1LiveObject@ScCore@@MEAA@XZ

??ABasicArray@ScCore@@QEBAAEBVVariant@1@I@Z

?encode@String@ScCore@@QEBAPEBDPEBVEncoder@2@@Z

??0String@ScCore@@QEAA@XZ

?getObjectProperties@Variant@ScCore@@QEBAHAEAV?$THashTable@VVariant@ScCore@@@2@HPEAVError@2@@Z

?compare@Variant@ScCore@@QEBAHAEBV12@@Z

?getString@Variant@ScCore@@QEBAAEBVString@2@XZ

?toString@Variant@ScCore@@QEBA?AVString@2@XZ

?notify@LiveObject@ScCore@@UEAA_NAEAVMessage@2@@Z

?invalidate@LiveObject@ScCore@@UEAAXXZ

?initialize@LiveObject@ScCore@@UEAAHAEBVArray@2@PEAVError@2@@Z

?hasOperators@LiveObject@ScCore@@UEBA_NXZ

?put@LiveComponent@ScCore@@UEAAHAEAVLiveObject@2@HAEBVVariant@2@PEAVError@2@@Z

??2Heap@ScCore@@SAPEAX_K@Z

??3Heap@ScCore@@SAXPEAX@Z

??0SimpleArray@ScCore@@QEAA@XZ

?getType@LiveObject@ScCore@@UEBA?AW4InfoType@2@H@Z

?getNameForID@LiveObject@ScCore@@UEBAHHAEAVString@2@H@Z

?getErrorText@LiveBase@ScCore@@UEBAHAEAVString@2@HPEBV32@@Z

?getAs@LiveObject@ScCore@@UEBAPEBXH@Z

?getAs@LiveObject@ScCore@@UEAAPEAXH@Z

?enumerate@LiveObject@ScCore@@UEBAHAEAVSimpleArray@2@H@Z

?cmp@String@ScCore@@QEBAHPEBG@Z

?removeAt@Array@ScCore@@QEAAXII@Z

?decode@String@ScCore@@QEAAHPEBDHPEBVEncoder@2@@Z

??YArray@ScCore@@QEAAAEAV01@AEBVVariant@1@@Z

?invoke@LiveObject@ScCore@@QEBAHAEBVString@2@AEBVArray@2@PEAVError@2@@Z

?setArray@Variant@ScCore@@QEAAXAEBVArray@2@@Z

??0Error@ScCore@@QEAA@XZ

??1Error@ScCore@@QEAA@XZ

?deleteID@LiveObject@ScCore@@UEAAHH@Z

?getErrorText@LiveBase@ScCore@@UEBAHAEAVString@2@HH_N@Z

?getData@LiveObject@ScCore@@UEBAPEAVRoot@2@XZ

?apply@LiveObject@ScCore@@UEBAHAEAV12@HAEBVArray@2@AEAVVariant@2@PEAVError@2@@Z

?deleteDynamicProperties@LiveObject@ScCore@@UEAAX_N@Z

?getClassName@LiveObject@ScCore@@UEBAAEBVString@2@XZ

?defineIDForName@LiveObject@ScCore@@UEAAHAEBVString@2@HH@Z

?createLocal@LiveObject@ScCore@@UEAAHPEAPEAV12@AEBVString@2@H@Z

?toUpper@String@ScCore@@QEAA_NXZ

?createIDForName@LiveObject@ScCore@@UEAAHAEBVString@2@AEAHH@Z

?readln@File@ScCore@@UEAAHAEAVString@2@@Z

??1Localizer@ScCore@@UEAA@XZ

?erase@HashTable@ScCore@@QEAAXXZ

?strip@String@ScCore@@QEAAXXZ

?replaceAll@String@ScCore@@QEAAHAEBV12@0H@Z

?invoke@LiveObject@ScCore@@QEBAHAEBVString@2@AEAVVariant@2@PEAVError@2@@Z

?canInvoke@LiveObject@ScCore@@QEBA_NAEBVString@2@@Z

?remove@HashTable@ScCore@@QEAA_JAEBVString@2@_N@Z

?split@String@ScCore@@QEAA?AV12@AEBV12@@Z

?getType@LivePropertyManager@ScCore@@UEBA?AW4InfoType@2@H@Z

?getServiceInfo@LivePropertyManager@ScCore@@UEBAPEBVServiceInfo@2@HH@Z

?getServiceInfo@LivePropertyManager@ScCore@@UEBAPEBVServiceInfo@2@AEBVString@2@H@Z

?getNameForID@LivePropertyManager@ScCore@@UEBAHHAEAVString@2@H@Z

?getIDForName@LivePropertyManager@ScCore@@UEBAHAEBVString@2@AEAHAEAW4InfoType@2@H@Z

?getConstructor@LivePropertyManager@ScCore@@UEBAPEBVServiceInfo@2@H@Z

?enumerate@LivePropertyManager@ScCore@@UEBAHAEAVSimpleArray@2@H@Z

?getCurrentDir@FileUtils@ScCore@@SAHAEAVFileSpec@2@@Z

?getFileSpec@Variant@ScCore@@QEBAPEBVFileSpec@2@XZ

?find@String@ScCore@@QEBAHGH_N@Z

??1XML@ScCore@@EEAA@XZ

?toXMLString@XML@ScCore@@QEBA?AVString@2@H@Z

?toString@XML@ScCore@@QEBA?AVString@2@H@Z

?insert@XML@ScCore@@QEAA_NAEBV12@H_N@Z

?add@XML@ScCore@@QEAAPEAV12@AEBVString@2@@Z

??1SimpleArray@ScCore@@QEAA@XZ

?indexOf@SimpleArray@ScCore@@QEBAH_J@Z

?add@XML@ScCore@@QEAAPEAV12@AEBVString@2@0@Z

?put@XML@ScCore@@QEAAPEAV12@AEBVString@2@0@Z

?getText@XML@ScCore@@QEBA?AVString@2@AEBV32@@Z

?getInteger@XML@ScCore@@QEBAHAEBVString@2@@Z

?getBool@XML@ScCore@@QEBA_NAEBVString@2@@Z

?get_r@XML@ScCore@@QEBAPEAV12@AEBVString@2@H@Z

?isIndexable@LiveComponent@ScCore@@UEBA_NXZ

?isGeneric@LiveComponent@ScCore@@UEBA_NH@Z

?invalidate@LiveBase@ScCore@@UEAAXXZ

?hasOperators@LiveComponent@ScCore@@UEBA_NXZ

?getType@LiveComponent@ScCore@@UEBA?AW4InfoType@2@AEBVLiveObject@2@H@Z

?getServiceInfo@LiveComponent@ScCore@@UEBAPEBVServiceInfo@2@AEBVLiveObject@2@HH@Z

?getNameForID@LiveComponent@ScCore@@UEBAHAEBVLiveObject@2@HAEAVString@2@H@Z

?getLength@LiveComponent@ScCore@@UEBAHAEBVLiveObject@2@AEAI@Z

?getBool@Variant@ScCore@@QEBA_NXZ

?getChild@XML@ScCore@@QEBAPEAV12@H@Z

?length@XML@ScCore@@QEBAHXZ

?setName@XML@ScCore@@QEAA_NAEBVString@2@@Z

?getIDForName@LiveComponent@ScCore@@UEBAHAEBVLiveObject@2@AEBVString@2@AEAHAEAW4InfoType@2@H@Z

?getByIndex@LiveComponent@ScCore@@UEBAHAEBVLiveObject@2@IAEAVVariant@2@PEAVError@2@@Z

?getAs@LiveBase@ScCore@@UEBAPEBXH@Z

?getAs@LiveBase@ScCore@@UEAAPEAXH@Z

??0XML@ScCore@@QEAA@HAEBVString@1@@Z

??0XML@ScCore@@QEAA@AEBVString@1@@Z

??0XML@ScCore@@QEAA@H@Z

?parse@XML@ScCore@@SAPEAV12@AEBVString@2@AEAHAEAVError@2@_N33@Z

?sleep@Thread@ScCore@@SAXI@Z

?seek@File@ScCore@@UEAAH_JH@Z

?read@File@ScCore@@UEAAH_JAEAVString@2@@Z

?open@File@ScCore@@UEAAHAEBVString@2@II@Z

?setEncoding@File@ScCore@@QEAAXAEBVString@2@@Z

?getEncoding@File@ScCore@@QEBAAEBVString@2@XZ

??1File@ScCore@@UEAA@XZ

??0File@ScCore@@QEAA@AEBVFileSpec@1@@Z

?getStartupDir@FileUtils@ScCore@@SAHAEAVFileSpec@2@@Z

?resolve@FileSpec@ScCore@@QEBAHAEAV12@@Z

?watol@UnicodeUtils@ScCore@@SAHPEBG@Z

?getUTCTime@Time@ScCore@@SANXZ

?getTicks@Time@ScCore@@SAIXZ

?getSystem@Encoder@ScCore@@SAAEBV12@XZ

?getFullText@Error@ScCore@@QEBAXAEAVString@2@@Z

?push@Error@ScCore@@QEAAXHAEBVString@2@PEBVCloneable@2@_N@Z

?push@Error@ScCore@@QEAAXHPEBVCloneable@2@@Z

??4Error@ScCore@@QEAAAEAV01@AEBV01@@Z

?isValidObject@Variant@ScCore@@QEBA_NXZ

?erase@String@ScCore@@QEAAXXZ

?erase@String@ScCore@@QEAAXHH@Z

?ncmp@String@ScCore@@QEBAHAEBV12@H@Z

?cmp@String@ScCore@@QEBAHAEBV12@@Z

?find@String@ScCore@@QEBAHPEBDH_N@Z

?split@String@ScCore@@QEAA?AV12@PEBD@Z

?replace@String@ScCore@@QEAAHPEBD0H@Z

?print@String@ScCore@@QEAAXPEBDZZ

?substr@String@ScCore@@QEBA?AV12@HH@Z

??1SparseArray@ScCore@@QEAA@XZ

??0SparseArray@ScCore@@QEAA@XZ

?remove@SimpleArray@ScCore@@QEAAX_J@Z

?enumerate@LiveComponent@ScCore@@UEBAHAEBVLiveObject@2@AEAVSimpleArray@2@H@Z

?deleteByIndex@LiveComponent@ScCore@@UEAAHAEAVLiveObject@2@I@Z

?call@LiveComponent@ScCore@@UEAAHAEAVLiveObject@2@HAEBVArray@2@AEAVVariant@2@PEAVError@2@@Z

?get@LiveComponent@ScCore@@UEBAHAEBVLiveObject@2@HAEAVVariant@2@PEAVError@2@@Z

?insert@SimpleArray@ScCore@@QEAAX_JH@Z

??4SimpleArray@ScCore@@QEAAAEAV01@AEBV01@@Z

??1Root@ScCore@@UEAA@XZ

??1LiveComponent@ScCore@@MEAA@XZ

??0LiveComponent@ScCore@@IEAA@XZ

?setInteger@Variant@ScCore@@QEAAXH@Z

?encode@String@ScCore@@QEBAHAEAPEBDAEAHPEBVEncoder@2@@Z

?get@LiveObject@ScCore@@QEAAHAEBVString@2@AEAVVariant@2@PEAVError@2@@Z

?getInteger@Variant@ScCore@@QEBAHXZ

?isDefined@Variant@ScCore@@QEBA_NXZ

?test@FileFilter@ScCore@@UEBA_NAEBVFileSpec@2@@Z

??0String@ScCore@@QEAA@AEBV01@@Z

?registerProperty@LivePropertyManager@ScCore@@QEAAXAEBULivePropertyInfo@2@@Z

?iterate@Folder@ScCore@@QEAAHAEAVFileFilter@2@H@Z

??1Folder@ScCore@@QEAA@XZ

??0Folder@ScCore@@QEAA@AEBVFileSpec@1@@Z

?removeFactory@LiveObject@ScCore@@SAXAEBVString@2@@Z

??0Array@ScCore@@QEAA@I@Z

??0LivePropertyManager@ScCore@@QEAA@PEBULivePropertyInfo@1@@Z

?put@LiveObject@ScCore@@UEAAHHAEBVVariant@2@PEAVError@2@@Z

?getSpecialDir@FileUtils@ScCore@@SAHHAEAVFileSpec@2@@Z

?getAttributes@FileSpec@ScCore@@QEBAFPEAH0@Z

?getName@FileSpec@ScCore@@QEBA?AVString@2@XZ

?getAbsoluteURI@FileSpec@ScCore@@QEBA?AVString@2@_N@Z

?get@LiveObject@ScCore@@UEBAHHAEAVVariant@2@PEAVError@2@@Z

?changePath@FileSpec@ScCore@@QEAA_NAEBVString@2@@Z

?setPath@FileSpec@ScCore@@QEAA_NAEBVString@2@_N@Z

?setString@Variant@ScCore@@QEAAXPEBG@Z

?setString@Variant@ScCore@@QEAAXPEBD@Z

?setError@LiveBase@ScCore@@QEBAHHHPEAVError@2@_N@Z

??0FileSpec@ScCore@@QEAA@AEBV01@@Z

?addFactory@LiveObject@ScCore@@SAHAEAV12@H@Z

??AArray@ScCore@@QEAAAEAVVariant@1@I@Z

?insertAt@Array@ScCore@@QEAAXII@Z

??1Array@ScCore@@UEAA@XZ

??0Array@ScCore@@QEAA@XZ

?toString@Variant@ScCore@@QEBAXAEAVString@2@@Z

??0Variant@ScCore@@QEAA@HAEBVString@1@PEAVRoot@1@@Z

??0Variant@ScCore@@QEAA@PEBD@Z

??YString@ScCore@@QEAAAEAV01@PEBD@Z

??0String@ScCore@@QEAA@PEBGH@Z

?getDouble@Variant@ScCore@@QEBANXZ

??0Variant@ScCore@@QEAA@XZ

?getEncodedLength@String@ScCore@@SAHXZ

?valueOf@LiveObject@ScCore@@UEBAXAEAVVariant@2@@Z

?toString@LiveObject@ScCore@@UEBAXAEAVString@2@@Z

?setData@LiveObject@ScCore@@UEAAXPEAVRoot@2@@Z

??0FileSpec@ScCore@@QEAA@AEBVString@1@_N@Z

?revalidate@LiveObject@ScCore@@UEAAXXZ

??1FileFilter@ScCore@@UEAA@XZ

?reset@LiveObject@ScCore@@UEAAXXZ

??0FileFilter@ScCore@@QEAA@AEBVString@1@@Z

??1Variant@ScCore@@QEAA@XZ

??0Variant@ScCore@@QEAA@PEBV01@@Z

?getKeys@HashTable@ScCore@@QEBAXAEAV?$TSimpleArray@$$CBVString@ScCore@@@2@@Z

?getData@HashTable@ScCore@@QEBAXAEAVSimpleArray@2@@Z

??1HashTable@ScCore@@QEAA@XZ

??0HashTable@ScCore@@QEAA@XZ

??YString@ScCore@@QEAAAEAV01@AEBV01@@Z

?replaceAll@String@ScCore@@QEAAHAEBV12@PEBDH@Z

?append@String@ScCore@@QEAAXPEBDH@Z

??0String@ScCore@@QEAA@PEBD@Z

?exit@InitTerm@ScCore@@SAXXZ

?init@InitTerm@ScCore@@SAXXZ

?getUtf8@Encoder@ScCore@@SAAEBV12@XZ

??4Variant@ScCore@@QEAAAEAV01@AEBV01@@Z

?setString@Variant@ScCore@@QEAAXAEBVString@2@@Z

?setDouble@Variant@ScCore@@QEAAXN@Z

?setBool@Variant@ScCore@@QEAAX_N@Z

?getLiveObject@Variant@ScCore@@QEBAPEAVLiveObject@2@XZ

?setLiveObject@Variant@ScCore@@QEAAXPEAVLiveObject@2@H@Z

?setNull@Variant@ScCore@@QEAAXXZ

?cmp@String@ScCore@@QEBAHPEBD@Z

??1String@ScCore@@QEAA@XZ

??0String@ScCore@@QEAA@PEBDPEBVEncoder@1@@Z

??ASimpleArray@ScCore@@QEAAAEA_JH@Z

?removeAt@SimpleArray@ScCore@@QEAA_JH@Z

?append@SimpleArray@ScCore@@QEAAX_J@Z

?ncmp@String@ScCore@@QEBAHPEBDH@Z

?toLower@String@ScCore@@QEAA_NXZ

?find@HashTable@ScCore@@QEBA_JAEBVString@2@_N@Z

?set@HashTable@ScCore@@QEAAAEBVString@2@AEBV32@_J_N@Z

?forEach@HashTable@ScCore@@QEAAXP6A_NAEBVString@2@PEA_J_J@Z2@Z

?setFileSpec@Variant@ScCore@@QEAAXAEBVFileSpec@2@@Z

??0Array@ScCore@@QEAA@AEBV01@@Z

?atExit@InitTerm@ScCore@@SAXP6AXXZ@Z

?initData@FileSpec@ScCore@@AEAAXXZ

??1FileSpec@ScCore@@QEAA@XZ

?getPath@FileSpec@ScCore@@QEBA?AVString@2@XZ

?emptyString@String@ScCore@@SAAEBV12@XZ

?replaceAll@String@ScCore@@QEAAHPEBD0H@Z

?split@String@ScCore@@QEAA?AV12@D@Z

??8String@ScCore@@QEBA_NAEBV01@@Z

??YString@ScCore@@QEAAAEAV01@D@Z

??0Lock@ScCore@@QEAA@XZ

??1Lock@ScCore@@QEAA@XZ

?getNextID@LiveBase@ScCore@@SAHXZ

?doErase@Variant@ScCore@@IEAAXXZ

?doGetDouble@Variant@ScCore@@IEBANXZ

?doToString@Variant@ScCore@@IEBAXH@Z

?scanDouble@Variant@ScCore@@SANAEBVString@2@HPEAV32@@Z

??0Variant@ScCore@@QEAA@AEBVString@1@@Z

??0Variant@ScCore@@QEAA@AEAVLiveObject@1@H@Z

?setLiveObject@Variant@ScCore@@QEAAXAEAVLiveObject@2@H@Z

??YArray@ScCore@@QEAAAEAV01@AEBVString@1@@Z

??YArray@ScCore@@QEAAAEAV01@AEAVLiveObject@1@@Z

?addListener@Broadcaster@ScCore@@QEAAXAEAVListener@2@H@Z

?removeListener@Broadcaster@ScCore@@QEAAXAEAVListener@2@H@Z

?getFactory@LiveObject@ScCore@@SAPEAV12@AEBVString@2@H@Z

??0Error@ScCore@@QEAA@AEBV01@@Z

?get@Encoder@ScCore@@SAPEBV12@PEBD@Z

?push@Localizer@ScCore@@SAXAEBV12@@Z

?remove@Localizer@ScCore@@SA_NAEBV12@@Z

?createProperty@LiveObject@ScCore@@MEAAPEAVLiveProperty@2@AEBVString@2@HI@Z

shlwapi

UrlGetLocationW

UrlGetPartW

UrlIsW

wininet

InternetCrackUrlW

a3dutils

ct_InitInstance

kernel32

GetShortPathNameW

GetTempFileNameW

SetEndOfFile

SetFilePointer

GetTempPathW

GetTempPathA

GetTempFileNameA

LoadResource

LockResource

SizeofResource

FindResourceW

GetShortPathNameA

GlobalAlloc

GlobalReAlloc

GlobalSize

GlobalUnlock

GetFileTime

GlobalFree

FindNextFileA

ResetEvent

WaitForSingleObjectEx

CreateEventW

RtlCaptureContext

RtlLookupFunctionEntry

RtlVirtualUnwind

UnhandledExceptionFilter

SetUnhandledExceptionFilter

IsProcessorFeaturePresent

IsDebuggerPresent

QueryPerformanceCounter

InitializeSListHead

GetFileSize

GetFileAttributesW

GetFileAttributesA

GetDriveTypeW

FlushFileBuffers

FindFirstFileW

VerSetConditionMask

GetSystemInfo

VerifyVersionInfoW

GetModuleHandleA

LoadLibraryExA

LoadLibraryExW

FileTimeToLocalFileTime

GetLogicalDriveStringsW

FormatMessageW

FileTimeToSystemTime

GetDateFormatA

GetDateFormatW

GetTimeFormatA

GetTimeFormatW

lstrlenW

GetTickCount

CreateFileW

DeleteFileW

FindFirstFileA

GlobalLock

SetErrorMode

GetMailslotInfo

CreateMailslotA

WriteFile

ReadFile

CreateFileA

RaiseException

GetLocaleInfoA

LocalFree

GetSystemTimeAsFileTime

OpenProcess

CreateProcessW

GetExitCodeProcess

GetCurrentProcessId

FindNextFileW

MultiByteToWideChar

WideCharToMultiByte

GetCurrentProcess

TerminateProcess

GetModuleHandleW

GetProcAddress

OutputDebugStringA

GetLastError

SetLastError

GetSystemDirectoryA

FreeLibrary

GetModuleFileNameW

GetModuleHandleExW

LoadLibraryA

LoadLibraryW

CreateActCtxW

ActivateActCtx

DeactivateActCtx

FindActCtxSectionStringW

QueryActCtxW

CloseHandle

EnterCriticalSection

LeaveCriticalSection

InitializeCriticalSectionAndSpinCount

DeleteCriticalSection

SetEvent

WaitForSingleObject

CreateEventA

Sleep

GetCurrentThreadId

ResumeThread

GetStdHandle

GetCommandLineW

DeleteFileA

FindClose

user32

GetWindow

SystemParametersInfoA

FindWindowW

GetWindowThreadProcessId

GetTopWindow

GetDC

GetWindowLongPtrA

ReleaseDC

GetWindowLongA

InvalidateRect

SetForegroundWindow

GetForegroundWindow

DefWindowProcW

RegisterClassW

RegisterWindowMessageA

CreateWindowExW

SendMessageW

MessageBoxW

DestroyWindow

MoveWindow

GetUpdateRect

SetPropW

IsWindowEnabled

IsIconic

GetDlgItem

SetDlgItemTextA

GetDesktopWindow

SetDlgItemTextW

GetDlgItemTextW

SendDlgItemMessageW

CreateIcon

DestroyIcon

GetPropW

FillRect

IsRectEmpty

LoadImageA

GetSysColorBrush

GetAsyncKeyState

DrawTextA

SetParent

AllowSetForegroundWindow

AttachThreadInput

ShowWindow

OffsetRect

DrawTextW

EnumThreadWindows

gdi32

CreateDIBSection

GetObjectW

CreateSolidBrush

GetClipBox

CreateCompatibleDC

DeleteDC

GetClipRgn

GetDIBits

GetRgnBox

IntersectClipRect

SelectClipRgn

SelectObject

CreateFontIndirectW

SetTextColor

SetBkMode

SetBkColor

GetStockObject

Ellipse

CreatePen

CreateFontIndirectA

PatBlt

GetObjectA

SetDIBitsToDevice

CreateCompatibleBitmap

DeleteObject

advapi32

RegCloseKey

RegOpenKeyExW

RegQueryValueExW

RegCreateKeyExW

RegSetValueExW

CryptAcquireContextA

CryptReleaseContext

CryptGetHashParam

CryptGenRandom

CryptCreateHash

CryptHashData

CryptDestroyHash

RegQueryValueExA

RegOpenKeyExA

RegDeleteValueA

RegDeleteKeyA

RegCreateKeyExA

RegSetValueExA

shell32

CommandLineToArgvW

ShellExecuteA

ole32

CoCreateInstance

CoUninitialize

CoInitialize

msvcp140

?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z

?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ

?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z

?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z

?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ

??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z

??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ

??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ

?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ

?gbump@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXH@Z

??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ

?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z

??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ

?_Xout_of_range@std@@YAXPEBD@Z

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

_purecall

__std_terminate

memcpy

memmove

memset

__std_exception_copy

__std_exception_destroy

_CxxThrowException

wcschr

wcsrchr

wcsstr

__RTDynamicCast

__C_specific_handler

__std_type_info_destroy_list

__current_exception_context

__current_exception

strrchr

strchr

__CxxFrameHandler3

strstr

memcmp

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_exit

_invalid_parameter_noinfo_noreturn

_fpreset

_errno

terminate

_initterm_e

_initterm

_cexit

_crt_atexit

_execute_onexit_table

_register_onexit_function

_initialize_onexit_table

_initialize_narrow_environment

_configure_narrow_argv

_seh_filter_dll

_beginthreadex

api-ms-win-crt-string-l1-1-0

tolower

toupper

wcslen

strtok

wcspbrk

wcscat_s

wcscpy_s

_strnicmp

_wcsnicmp

strcat

wcsncpy

wcsncmp

wcscmp

wcscpy

wcscat

strnlen

_stricmp

strncmp

strlen

strcmp

strncpy

_wcsicmp

strncat

strcpy

wcscspn

api-ms-win-crt-math-l1-1-0

sqrtf

lround

round

log

acos

atan2

exp

pow

sin

tan

fmodf

floorf

atan2f

cosf

sinf

asin

atan

log10

ceil

sqrt

acosf

fmod

powf

floor

fabs

cos

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func

__stdio_common_vfprintf

__stdio_common_vsprintf

__stdio_common_vswscanf

__stdio_common_vsnprintf_s

__stdio_common_vsscanf

fclose

fopen

__stdio_common_vsprintf_s

__stdio_common_vswprintf

api-ms-win-crt-heap-l1-1-0

realloc

calloc

malloc

free

_callnewh

api-ms-win-crt-utility-l1-1-0

abs

srand

qsort

rand

api-ms-win-crt-convert-l1-1-0

atol

strtol

strtod

wcstod

atoi

atof

strtoul

wcstol

api-ms-win-crt-time-l1-1-0

_time64

strftime

_localtime64

_difftime64

api-ms-win-crt-filesystem-l1-1-0

_access

winmm

timeGetTime

Exports

??0ANGLEAXIS@@QEAA@AEBUMATRIX3D@@@Z

??0ANGLEAXIS@@QEAA@AEBUPOINT3D@@@Z

??0ANGLEAXIS@@QEAA@AEBUQUAT@@@Z

??0CREATESCENESTRUCT@@QEAA@XZ

??0DRIVER3D@@QEAA@XZ

??0MATRIX3D@@QEAA@PEBMH@Z

??0MATRIX3D@@QEAA@PEBNH@Z

??0POINT3D@@QEAA@AEBUQUAT@@@Z

??0QUAT@@QEAA@AEBUANGLEAXIS@@@Z

??0QUAT@@QEAA@AEBUMATRIX3D@@@Z

??0QUAT@@QEAA@AEBUPOINT3D@@@Z

??0QUAT@@QEAA@MAEAU0@0H@Z

??0RENDER@@QEAA@PEBU0@PEAVe3_CONTEXT@@@Z

??0TSPRITE@@QEAA@PEAVTSCENE3D@@@Z

??0e3_COLLECTION@@IEAA@HH@Z

??0e3_FILEITERATOR@@QEAA@PEBGPEAGI@Z

??0e3_GAPI@@QEAA@XZ

??0e3_GENERIC@@IEAA@XZ

??0e3_LAYER@@IEAA@XZ

??0e3_LOD@@IEAA@PEAVe3_SCENE@@@Z

??0e3_MAINRANGE@@QEAA@XZ

??0e3_MODIFIER@@QEAA@XZ

??0e3_NODE@@IEAA@PEAVe3_SCENE@@@Z

??0e3_OBJECT@@IEAA@XZ

??0e3_PARAM@@AEAA@XZ

??0e3_PDVNodeControler@@QEAA@PEAVe3_NODE@@@Z

??0e3_RANGE@@QEAA@XZ

??0e3_REFSOURCE@@QEAA@XZ

??0e3_RENDERABLE2@@QEAA@XZ

??0e3_SORTEDCOLLECTION@@IEAA@P6AHQEAX0_K@ZHH@Z

??0e3_STREAM@@IEAA@XZ

??0e3_STRING@@QEAA@AEBV0@@Z

??0e3_interface@@QEAA@XZ

??0matrix3d@@QEAA@AEBUMATRIX3D@@@Z

??1TSPRITE@@MEAA@XZ

??1e3_BASECONTROL@@QEAA@XZ

??1e3_COLLECTION@@MEAA@XZ

??1e3_FILEITERATOR@@QEAA@XZ

??1e3_GAPI@@QEAA@XZ

??1e3_GENERIC@@IEAA@XZ

??1e3_LAYER@@IEAA@XZ

??1e3_LOD@@IEAA@XZ

??1e3_MAINRANGE@@QEAA@XZ

??1e3_MODIFIER@@IEAA@XZ

??1e3_NODE@@IEAA@XZ

??1e3_OBJECT@@IEAA@XZ

??1e3_PDVNodeControler@@QEAA@XZ

??1e3_RANGE@@QEAA@XZ

??1e3_REFSOURCE@@IEAA@XZ

??1e3_RENDERABLE2@@IEAA@XZ

??1e3_STREAM@@IEAA@XZ

??1e3_STRING@@QEAA@XZ

??4e3_STRING@@QEAAAEAV0@AEBV0@@Z

??D@YA?AUQUAT@@AEBU0@0@Z

??K@YA?AUQUAT@@AEBU0@0@Z

??YBOX3D@@QEAAAEAU0@AEBU0@@Z

??YBOX3D@@QEAAAEAU0@AEBUPOINT3D@@@Z

?ABS@POINT3D@@QEAAXXZ

?ABS@_point3d@@QEAAXXZ

?ActivateRange@e3_BASECONTROL@@UEAA_NPEAVe3_RANGE@@@Z

?ActivateRange@e3_GENERIC@@UEAA_NPEAVe3_MAINRANGE@@@Z

?ActivateRange@e3_MODIFIER@@UEAA_NPEAVe3_MAINRANGE@@@Z

?ActivateRange@e3_NODE@@UEAA_NPEAVe3_MAINRANGE@@@Z

?Add@BOX3D@@QEAAXAEBU1@@Z

?Add@BOX3D@@QEAAXAEBUPOINT3D@@@Z

?Add@e3_LAYER@@UEAA_NPEAVe3_NODE@@@Z

?Add@e3_STRING@@QEAA_NAEBV1@@Z

?Add@e3_STRING@@QEAA_NG@Z

?Add@e3_STRING@@QEAA_NPEBD@Z

?Add@e3_STRING@@QEAA_NPEBG@Z

?AddAnchor@TSPRITE@@UEAAPEAUE3MARKANCHOR@@XZ

?AddChild@e3_LOD@@UEAA_NPEAVe3_NODE@@@Z

?AddChild@e3_NODE@@UEAA_NPEAV1@@Z

?AddController@e3_GENERIC@@UEAAPEAVe3_BASECONTROL@@W4e3_PROPERTIES@@@Z

?AddController@e3_GENERIC@@UEAA_NPEAVe3_BASECONTROL@@@Z

?AddKnot@TSPRITE@@UEAAPEAUE3MARKNOT@@XZ

?AddLine@TSPRITE@@UEAAPEAUE3MLINE@@XZ

?AddModifier@e3_NODE@@UEAA_NPEBD@Z

?AddNotifyCALLBACK@e3_GAPI@@UEAA_NP6A_K_K000@Z@Z

?AddRange@e3_BASECONTROL@@UEAAPEAVe3_RANGE@@PEAVe3_MAINRANGE@@@Z

?AddRef@e3_interface@@UEAAIXZ

?AddRefTarget@e3_REFSOURCE@@UEAA_NPEAVe3_REFTARGET@@@Z

?AddSlashA@e3_GAPI@@UEAAXPEAD@Z

?AddSlashW@e3_GAPI@@UEAAXPEAG@Z

?AddStep@e3_VIEWPORT@@UEAAPEAVe3_VIEWPORTSTEP@@H@Z

?AffineCompose@MATRIX3D@@QEAAXAEBUAFFINEPARTS@@@Z

?AffineDecompose@MATRIX3D@@QEBAXAEAUAFFINEPARTS@@@Z

?Animate@e3_GENERIC@@UEAAIMI@Z

?Animate@e3_MODIFIER@@UEAAIMI@Z

?Animate@e3_NODE@@UEAAIMI@Z

?ApplyToNode@e3_LAYER@@EEAA?AW4E3RESULT@@PEAVe3_NODE@@@Z

?ApplyToNodes@e3_LAYER@@UEAA?AW4E3RESULT@@XZ

?ApplyTransform@TSPRITE@@UEAA_NPEAVe3_NODE@@AEBUE3_TRANSFORMINFO@@@Z

?At@e3_COLLECTION@@UEAAPEAX_J@Z

?AtDelete@e3_COLLECTION@@UEAA_N_J@Z

?AtFree@e3_COLLECTION@@UEAA_N_J@Z

?AtInsert@e3_COLLECTION@@UEAA_N_JPEAX@Z

?AtPut@e3_COLLECTION@@UEAA_N_JPEAX@Z

?AtoW@@YAXPEBDPEAG@Z

?AtoWex@@YAHPEBDPEAGH@Z

?BaryCoords@e3_GAPI@@UEAA?AUPOINT3D@@AEBU2@000@Z

?BeginPicturesCache@@YAXXZ

?CanReadChunk@e3_STREAM@@UEAA_NXZ

?CastObject@e3_NODE@@UEAAPEAVe3_OBJECT@@W4e3_TYPE@@@Z

?ChildsDraw@e3_LOD@@MEAA?AW4E3RESULT@@PEAVe3_VIEWPORT@@PEBUMATRIX3D@@PEAVe3_CONTEXT@@@Z

?ChildsDraw@e3_NODE@@MEAA?AW4E3RESULT@@PEAVe3_VIEWPORT@@PEBUMATRIX3D@@PEAVe3_CONTEXT@@@Z

?ChildsHitTest@e3_LOD@@MEAAXPEAUe3_HITTEST@@PEBUMATRIX3D@@@Z

?ChildsHitTest@e3_NODE@@MEAAXPEAUe3_HITTEST@@PEBUMATRIX3D@@@Z

?ChooseDriver@@YA_NPEAPEAVDRIVER3D@@PEBD@Z

?ChooseLOD@e3_LOD@@UEAAPEAVe3_NODE@@I@Z

?Clone@e3_GENERIC@@UEAAPEAV1@I@Z

?Clone@e3_LAYER@@UEAAPEAVe3_GENERIC@@I@Z

?Clone@e3_NODE@@UEAAPEAVe3_GENERIC@@I@Z

?Clone@e3_PARAM@@UEAAPEAV1@I@Z

?CloseChunk@e3_STREAM@@UEAA_NXZ

?CmpNameExW@@YAHPEBG0@Z

?CmpPatternAndName@@YAHPEBG0@Z

?Compare@RENDER@@QEAA_NAEAU1@_N@Z

?Compare@TSPRITE@@UEAA_NPEAVe3_GENERIC@@I@Z

?Compare@e3_GENERIC@@UEAA_NPEAV1@I@Z

?Compare@e3_GUID@@QEBA_NAEBU1@@Z

?Compare@e3_STRING@@QEBAHAEBV1@@Z

?Compare@e3_STRING@@QEBAHPEBG@Z

?CompareNoCase@e3_STRING@@QEBAHAEBV1@@Z

?ConvertEx@TSPRITE@@UEAA?AW4E3RESULT@@PEAUe3_CONVERT@@PEAVe3_CONTEXT@@@Z

?ConvertEx@e3_OBJECT@@UEAA?AW4E3RESULT@@PEAUe3_CONVERT@@PEAVe3_CONTEXT@@@Z

?ConvertEx@e3_SUBD@@UEAA?AW4E3RESULT@@PEAUe3_CONVERT@@PEAVe3_CONTEXT@@@Z

?CopyTo@e3_STREAM@@UEAA_JPEAV1@_J1@Z

?CorrectHitItems@TSPRITE@@IEAAXAEAGAEAH@Z

?Create@TSCENE3D@@SA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVFILETYPE@@PEAPEAV1@IPEAUCREATESCENESTRUCT@@@Z

?Create@e3_ARRAY2D@@SAPEAV1@PEAVe3_MEM@@@Z

?Create@e3_ARRAY3D@@SAPEAV1@PEAVe3_MEM@@@Z

?Create@e3_COLLECTION@@SAPEAV1@HH@Z

?Create@e3_INFO_LIST@@SAPEAV1@XZ

?Create@e3_LAYER@@SAPEAV1@XZ

?Create@e3_LOD@@SAPEAV1@PEAVe3_SCENE@@@Z

?Create@e3_MEM@@SAPEAV1@XZ

?Create@e3_NODE@@SAPEAV1@PEAVe3_SCENE@@@Z

?Create@e3_PARAM@@SAPEAV1@XZ

?Create@e3_SCENE@@SAPEAV1@PEAX@Z

?Create@e3_SORTEDCOLLECTION@@SAPEAV1@P6AHQEAX0_K@ZHH@Z

?Create@e3_STACK@@SAPEAU1@H@Z

?Create@e3_TCB@@SAPEAV1@XZ

?Create@e3_VBUFFER@@SAPEAV1@XZ

?CreateARRAY2D@e3_GAPI@@UEAAPEAVe3_ARRAY2D@@XZ

?CreateARRAY3D@e3_GAPI@@UEAAPEAVe3_ARRAY3D@@XZ

?CreateChild@e3_NODE@@UEAAPEAV1@IPEBD0@Z

?CreateCollection@e3_GAPI@@UEAAPEAVe3_COLLECTION@@XZ

?CreateExtension@e3_GAPI@@UEAAPEAVe3_EXTENSION@@PEBD@Z

?CreateFrom@e3_NODE@@UEAA_NPEAX0@Z

?CreateFrom@e3_SCENE@@UEAA_NPEAX0@Z

?CreateFromMemory@e3_STREAM@@SAPEAV1@PEAX_K@Z

?CreateMEM@e3_GAPI@@UEAAPEAVe3_MEM@@H@Z

?CreateParams@e3_GAPI@@UEAAPEAVe3_PARAM@@XZ

?CreatePicture@e3_GAPI@@UEAAPEAVe3_PICTURE@@XZ

?CreateSceneA@e3_GAPI@@UEAAPEAVe3_SCENE@@PEBDPEAVe3_CONTEXT@@PEAUe3_GUID@@I@Z

?CreateSceneEx@e3_GAPI@@UEAAPEAVe3_SCENE@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@PEAUe3_GUID@@I@Z

?CreateSceneW@e3_GAPI@@UEAAPEAVe3_SCENE@@PEBGPEAVe3_CONTEXT@@PEAUe3_GUID@@I@Z

?CreateSortedCollection@e3_GAPI@@UEAAPEAVe3_SORTEDCOLLECTION@@P6AHQEAX0_K@Z@Z

?CreateStreamA@e3_GAPI@@UEAAPEAVe3_STREAM@@PEAUHINSTANCE__@@PEBDI@Z

?CreateStreamW@e3_GAPI@@UEAAPEAVe3_STREAM@@PEAUHINSTANCE__@@PEBGI@Z

?CreateW@e3_STREAM@@SAPEAV1@PEAUHINSTANCE__@@PEBGI@Z

?DecodeNormal@POINT3D@@QEAAXII@Z

?Decompose@MATRIX3D@@QEBA_NPEAUPOINT3D@@000PEAUPOINT4D@@@Z

?Decompose@MATRIX3D@@QEBA_NPEAU_point3d@@000PEAU_point4d@@@Z

?DelRange@e3_BASECONTROL@@UEAA_NPEAVe3_RANGE@@@Z

?Delete@e3_LAYER@@UEAA_NPEAVe3_NODE@@@Z

?DeleteAll@e3_COLLECTION@@UEAAXXZ

?DeleteItem@e3_COLLECTION@@UEAA_NPEAX@Z

?DeleteThis@TSPRITE@@UEAAXXZ

?DeleteThis@e3_COLLECTION@@MEAAXXZ

?DeleteThis@e3_LAYER@@MEAAXXZ

?DeleteThis@e3_LOD@@EEAAXXZ

?DeleteThis@e3_MAINRANGE@@EEAAXXZ

?DeleteThis@e3_NODE@@EEAAXXZ

?DeleteThis@e3_RANGE@@EEAAXXZ

?DeleteThis@e3_STACK@@MEAAXXZ

?DeleteThis@e3_VIEWPORT@@EEAAXXZ

?DestroyGeometryCache@e3_OBJECT@@UEAA_NI@Z

?Det@MATRIX3D@@QEBANXZ

?Dialog@e3_OBJECT@@UEAA_NPEAVe3_IODIALOG@@@Z

?Done@e3_STRING@@QEAAXXZ

?DoneRescale@@YA_NPEAUPIXWEIGHT@@@Z

?Draw@e3_NODE@@UEAA?AW4E3RESULT@@PEAVe3_VIEWPORT@@PEBUMATRIX3D@@PEAVe3_CONTEXT@@@Z

?DrawAxis@e3_NODE@@EEAAXPEAVe3_VIEWPORT@@PEBUMATRIX3D@@I@Z

?DrawSelection@e3_NODE@@EEAAXPEAVe3_VIEWPORT@@PEBUMATRIX3D@@11PEAVe3_CONTEXT@@@Z

?DrawSpriteLineMarker@TSPRITE@@IEAA_NPEAVe3_VIEWPORT@@IPEAUPOINT3D@@1AEBU3@2@Z

?EnableDuplicates@e3_SORTEDCOLLECTION@@UEAA_N_N@Z

?EncodeNormal@POINT3D@@QEBAII@Z

?EndPicturesCache@@YAXXZ

?Enum@e3_NODE@@UEAA_NIP6AHPEAV1@_K@Z1@Z

?EnumEx@e3_LOD@@UEAA_NIPEBUMATRIX3D@@P6AHPEAVe3_NODE@@PEAU2@2_K@Z3@Z

?EnumEx@e3_NODE@@UEAA_NIPEBUMATRIX3D@@P6AHPEAV1@PEAU2@2_K@Z3@Z

?EnumExtensions@e3_GAPI@@UEAAPEAVe3_COLLECTION@@H@Z

?Equal@MATRIX3D@@QEBA_NAEBU1@N@Z

?EvaluateMesh@TSPRITE@@UEAAPEAVe3_RENDERABLE@@IPEAVe3_CONTEXT@@@Z

?EvaluateMesh@e3_OBJECT@@UEAAPEAVe3_RENDERABLE@@IPEAVe3_CONTEXT@@@Z

?EvaluateMesh@e3_RENDERABLE2@@UEAAPEAVe3_RENDERABLE@@IPEAVe3_CONTEXT@@@Z

?FaceABCD@e3_GAPI@@UEAAXPEBUPOINT3D@@00AEAM111@Z

?FaceNormal@e3_GAPI@@UEAAXPEBUPOINT3D@@00AEAM11@Z

?FillMaterials@e3_OBJECT@@UEAAXPEAPEAVe3_MATERIAL@@@Z

?FillObjectDialog@TSPRITE@@UEAA_NPEAVe3_IODIALOG@@@Z

?Flip@MATRIX3D@@QEAAXXZ

?Flip@QUAT@@QEAAXXZ

?Flip@e3_OBJECT@@UEAAII@Z

?FlipBytes@e3_GAPI@@UEAA_NPEAXHH@Z

?FlushGeometryCache@e3_NODE@@UEAA_NI@Z

?FlushGeometryCache@e3_OBJECT@@UEAA_NI@Z

?FreeAll@e3_COLLECTION@@UEAAXXZ

?FreeAllPDV@e3_SCENE@@UEAAXXZ

?FreeCameraPDV@e3_NODE@@UEAAXXZ

?FreeItem@e3_COLLECTION@@UEAA_NPEAX@Z

?FreePDV@e3_NODE@@UEAAXPEAX@Z

?FreePDV@e3_NODE@@UEAAXXZ

?FreePDV@e3_SCENE@@UEAAXPEAX@Z

?FromStr@e3_GUID@@QEAA_NPEBD@Z

?FromStr@e3_GUID@@QEAA_NPEBG@Z

?Func2d@FILETYPE@@QEAA_KIPEAVe3_STREAM@@PEAVe3_PICTURE@@PEAVe3_interface@@@Z

?Func3d@FILETYPE@@QEAA_KIPEAVe3_STREAM@@PEAVe3_SCENE@@PEAVe3_interface@@@Z

?FuncArc@FILETYPE@@QEAA_KI_K0@Z

?FuncV@FILETYPE@@QEAA_KIPEAUe3_VIDEOINFO@@PEAVe3_interface@@@Z

?Get@e3_STREAM@@UEAAPEAVe3_REFSOURCE@@PEAVe3_CONTEXT@@@Z

?Get@e3_STRING@@QEBAHPEADH@Z

?Get@e3_STRING@@QEBAHPEAGH@Z

?GetAngleByXY@@YANNN@Z

?GetBillboardMatrix@e3_NODE@@UEAA_NPEAUMATRIX3D@@@Z

?GetBinaryMode@e3_STREAM@@UEAA?AW4E3_STREAM_BINARY_MODE@@XZ

?GetBoundingBox@e3_NODE@@UEAA_NPEAUBOX3D@@PEBUMATRIX3D@@PEAVe3_CONTEXT@@I@Z

?GetBoundingBox@e3_OBJECT@@UEAA_NPEAUBOX3D@@PEBUMATRIX3D@@PEAVe3_CONTEXT@@@Z

?GetBoundingBox@e3_RENDERABLE2@@UEAA_NPEAUBOX3D@@PEBUMATRIX3D@@PEAVe3_CONTEXT@@@Z

?GetBuffer@e3_STRING@@QEBAPEBGXZ

?GetByNameA@e3_COLLECTION@@UEAAPEAVe3_GENERIC@@PEBDH@Z

?GetByNameW@e3_COLLECTION@@UEAAPEAVe3_GENERIC@@PEBGH@Z

?GetCStr@e3_STRING@@QEBAPEBGXZ

?GetCameraPDVNodeCount@e3_NODE@@UEAAI_N@Z

?GetController@e3_GENERIC@@UEAAPEAVe3_BASECONTROL@@W4e3_PROPERTIES@@@Z

?GetCount@e3_PARAM@@UEAAHXZ

?GetCurrentChunkID@e3_STREAM@@UEAAGXZ

?GetCurrentChunkSize@e3_STREAM@@UEAA_JXZ

?GetDisplayNameA@e3_GENERIC@@UEAAHPEADH@Z

?GetDisplayNameA@e3_LAYER@@UEAAHPEADH@Z

?GetDisplayNameA@e3_NODE@@UEAAHPEADH@Z

?GetDisplayNameA@e3_OBJECT@@UEAAHPEADH@Z

?GetDisplayNameW@e3_GENERIC@@UEAAHPEAGH@Z

?GetEulerAngles@MATRIX3D@@QEBA?AUPOINT3D@@H@Z

?GetEulerAngles@QUAT@@QEAA?AUPOINT3D@@H@Z

?GetExtension@e3_GAPI@@UEAAPEAUe3_EXT00@@PEBD@Z

?GetExtensionInfo@e3_GAPI@@UEAAPEBGPEBDPEAI@Z

?GetFaceGroup@e3_OBJECT@@UEAAPEAVe3_COLLECTION@@AEAI@Z

?GetFileINFO@@YAPEAVFILETYPE@@AEBUe3_GUID@@I@Z

?GetFileIcon@@YAHAEAUe3_GUID@@@Z

?GetFileName@e3_FILEITERATOR@@QEAAPEBGXZ

?GetFileNameA@e3_STREAM@@UEAA_NPEADHI@Z

?GetFileNameW@e3_STREAM@@UEAA_NPEAGHI@Z

?GetFileSize@e3_FILEITERATOR@@QEAAJXZ

?GetFileTime@e3_FILEITERATOR@@QEAA_NAEAU_FILETIME@@@Z

?GetFileTime@e3_STREAM@@UEAA?AW4E3RESULT@@AEAU_FILETIME@@@Z

?GetFileType@e3_GAPI@@UEAA?AUe3_GUID@@PEBG@Z

?GetFileTypeByExt@@YAPEAVFILETYPE@@PEBD0PEAUFTINFO@@@Z

?GetFileTypeByExt@@YAPEAVFILETYPE@@PEBG0PEAUFTINFO@@@Z

?GetFileTypeByFullName@e3_GAPI@@UEAA?AUe3_GUID@@PEBG@Z

?GetFileTypeByIndex@e3_GAPI@@UEAA_NHPEAUe3_FILETYPE@@@Z

?GetFileTypeEx@e3_GAPI@@UEAA?AUe3_GUID@@PEBG@Z

?GetFileTypeInfo@e3_GAPI@@UEAA_NPEBUe3_GUID@@PEAUe3_FILETYPE@@@Z

?GetFileTypeName@@YAPEBGAEAUe3_GUID@@@Z

?GetFont@TSPRITE@@UEAA_NPEAUtagLOGFONTW@@@Z

?GetFullFileName@e3_FILEITERATOR@@QEAAXPEAG@Z

?GetHANDLE@e3_STREAM@@UEAAPEAXXZ

?GetHQRenderSize@@YAXPEAVe3_RENDER@@AEAH11PEAVe3_SCENE@@@Z

?GetHandler@TSPRITE@@UEAAHPEAD@Z

?GetImageList@e3_GAPI@@UEAA_KH@Z

?GetInterfaceName@TSPRITE@@UEAAPEBDXZ

?GetInterfaceName@e3_LAYER@@UEAAPEBDXZ

?GetInterfaceName@e3_LOD@@UEAAPEBDXZ

?GetInterfaceName@e3_MAINRANGE@@UEAAPEBDXZ

?GetInterfaceName@e3_NODE@@UEAAPEBDXZ

?GetInterfaceName@e3_PARAM@@UEAAPEBDXZ

?GetInterfaceName@e3_STREAM@@UEAAPEBDXZ

?GetInterfaceName@e3_VIEWPORT@@UEAAPEBDXZ

?GetInterfaceVersion@e3_EXTENSION@@UEAAHXZ

?GetLANG@e3_GAPI@@UEAA_KPEAUHINSTANCE__@@@Z

?GetLinesBBox@TSPRITE@@UEAA_NAEAUBOX3D@@@Z

?GetMatrix@e3_NODE@@UEAA_NPEAUMATRIX3D@@_N@Z

?GetMemoryBase@e3_STREAM@@UEAAPEAXXZ

?GetNameA@e3_GENERIC@@UEAAHPEADH@Z

?GetNamePrefix@TSPRITE@@UEAAPEBDXZ

?GetNamePrefix@e3_OBJECT@@UEAAPEBDXZ

?GetNameW@e3_GENERIC@@UEAAHPEAGH@Z

?GetNext@e3_FILEITERATOR@@QEAA_NXZ

?GetNextCameraPDVNode@e3_NODE@@UEAAPEAV1@AEAI_N@Z

?GetNodesForPDV@e3_SCENE@@UEAAPEAVe3_COLLECTION@@PEAX@Z

?GetNumberOfFaces@e3_RENDERABLE2@@UEAAIPEAVe3_CONTEXT@@@Z

?GetNumberOfObjects@e3_NODE@@UEAAHW4e3_TYPE@@@Z

?GetNumberOfPoints@e3_OBJECT@@UEAAIPEAVe3_CONTEXT@@@Z

?GetNumberOfPoints@e3_RENDERABLE2@@UEAAIPEAVe3_CONTEXT@@@Z

?GetNumberOfWidgets@e3_MODIFIER@@UEAAHXZ

?GetObjectTable@e3_STREAM@@UEAAPEAVe3_COLLECTION@@XZ

?GetObjectsList@e3_NODE@@UEAAHPEAVe3_COLLECTION@@W4e3_TYPE@@@Z

?GetPDVNode@e3_NODE@@UEAAPEAVe3_PDVNode@@PEAX@Z

?GetParam@e3_EXTENSION@@UEAA_KH_KW4e3_VALUETYPE@@@Z

?GetParam@e3_GENERIC@@UEAA_KH_KW4e3_VALUETYPE@@@Z

?GetParam@e3_NODE@@UEAA_KH_KW4e3_VALUETYPE@@@Z

?GetParam@e3_VIEWPORT@@UEAA_KH_KW4e3_VALUETYPE@@@Z

?GetPathFromFileA@e3_GAPI@@UEAA_NPEBDPEAD@Z

?GetPathFromFileW@e3_GAPI@@UEAA_NPEBGPEAG@Z

?GetPicture@@YAHPEAPEAVTPicture@@PEBGPEAUe3_GUID@@PEAVe3_CONTEXT@@I@Z

?GetPlugin@e3_GAPI@@UEAAPEAVe3_PLUGIN@@PEAUHINSTANCE__@@@Z

?GetPlugin@e3_GAPI@@UEAAPEAVe3_PLUGIN@@PEBG@Z

?GetPluginInfo@e3_GAPI@@UEAA_KPEAUHINSTANCE__@@H@Z

?GetPoint@e3_OBJECT@@UEAA?AUPOINT3D@@I@Z

?GetPropNameA@e3_GAPI@@UEAAHW4e3_PROPERTIES@@PEADH@Z

?GetPropNameW@e3_GAPI@@UEAAHW4e3_PROPERTIES@@PEAGH@Z

?GetRange@e3_BASECONTROL@@UEAAPEAVe3_RANGE@@PEAVe3_MAINRANGE@@@Z

?GetRequiredCache@e3_OBJECT@@UEAAIW4RENDER_MODE@@I@Z

?GetRightAngle@@YA?AUPOINT3D@@AEAUMATRIX3D@@U1@_N@Z

?GetRoll@e3_NODE@@UEAAMXZ

?GetRotate@MATRIX3D@@QEBAXAEAUANGLEAXIS@@@Z

?GetRotate@MATRIX3D@@QEBAXAEAUPOINT3D@@@Z

?GetRotate@MATRIX3D@@QEBAXAEAUQUAT@@@Z

?GetRotate@MATRIX3D@@QEBAXAEAU_point3d@@@Z

?GetScale@MATRIX3D@@QEBA?AUPOINT3D@@XZ

?GetSiblingFile@e3_GAPI@@UEAA_NPEBG0PEAG@Z

?GetSize@e3_STACK@@UEAA_KXZ

?GetStatus@e3_STREAM@@UEAAHXZ

?GetSysHeapObject@e3_GAPI@@UEAAPEAVe3_HEAP@@XZ

?GetType@TSPRITE@@UEAA?AW4e3_TYPE@@XZ

?GetType@e3_LAYER@@UEAA?AW4e3_TYPE@@XZ

?GetType@e3_LOD@@UEAA?AW4e3_TYPE@@XZ

?GetType@e3_MODIFIER@@UEAA?AW4e3_TYPE@@XZ

?GetType@e3_NODE@@UEAA?AW4e3_TYPE@@XZ

?GetType@e3_RENDERABLE2@@UEAA?AW4e3_TYPE@@XZ

?GetTypeByName@@YAPEAVFILETYPE@@PEBG@Z

?GetUsedMaterialsList@e3_MODIFIER@@UEAA_NPEAVe3_COLLECTION@@I@Z

?GetVersion@e3_GAPI@@UEAAII@Z

?GetVersion@e3_STREAM@@UEAAIXZ

?GetWidget@e3_MODIFIER@@UEAAPEAVe3_NODE@@H@Z

?GetWidgetMatrix@TSPRITE@@UEAA_NPEAVe3_NODE@@AEAUMATRIX3D@@@Z

?GetWorldMatrix@e3_NODE@@UEAA_NPEAUMATRIX3D@@I@Z

?HitTest@TSPRITE@@UEAA_NPEAUe3_HITTEST@@PEBUMATRIX3D@@@Z

?HitTest@e3_NODE@@UEAAXPEAUe3_HITTEST@@PEBUMATRIX3D@@@Z

?HitTest@e3_OBJECT@@UEAA_NPEAUe3_HITTEST@@PEBUMATRIX3D@@@Z

?HitTest@e3_RENDERABLE2@@UEAA_NPEAUe3_HITTEST@@PEBUMATRIX3D@@@Z

?IdentityMatrix@MATRIX3D@@QEAAXXZ

?IndexOf@e3_COLLECTION@@UEAA_JPEAX@Z

?IndexOf@e3_SORTEDCOLLECTION@@UEAA_JPEAX@Z

?Init@RENDER@@QEAAXPEAVe3_CONTEXT@@@Z

?Init@e3_GENERIC@@QEAAXH@Z

?InitLanguage@e3_GAPI@@UEAA_NPEAUHINSTANCE__@@PEBG11@Z

?Insert@e3_COLLECTION@@UEAA_JPEAX@Z

?Insert@e3_SORTEDCOLLECTION@@UEAA_JPEAX@Z

?InvalidateBoundingBox@e3_NODE@@UEAA_NXZ

?Invert@MATRIX3D@@QEAAXAEBU1@@Z

?Invert@MATRIX3D@@QEAAXXZ

?Invert@QUAT@@QEAAXXZ

?Invoke@e3_EXTENSION@@UEAA?AW4E3RESULT@@HPEAVe3_PARAM@@PEAVe3_CONTEXT@@@Z

?IsEOF@e3_STREAM@@UEAA_NXZ

?IsEmpty@e3_STACK@@UEAA_NXZ

?IsEnabled@FILETYPE@@QEAA_NXZ

?IsFileOfThisType@FILETYPE@@QEAA_NPEBG0@Z

?IsFlipped@MATRIX3D@@QEBA_NXZ

?IsFolder@e3_FILEITERATOR@@QEAA_NXZ

?IsIdentity@MATRIX3D@@QEBA_NN@Z

?IsIndexValid@e3_COLLECTION@@UEAA_N_J@Z

?IsMaterialUsed@e3_MODIFIER@@UEAAIPEAVe3_MATERIAL@@I@Z

?IsNull@e3_GUID@@QEBA_NXZ

?IsNumeric@e3_STRING@@QEBA_NXZ

?IsReadOnly@e3_FILEITERATOR@@QEAA_NXZ

?IsTypeOf@TSPRITE@@UEAA_NPEBD@Z

?IsTypeOf@TSPRITE@@UEAA_NW4e3_TYPE@@@Z

?IsTypeOf@e3_EXTENSION@@UEAA_NPEBD@Z

?IsTypeOf@e3_GENERIC@@UEAA_NPEBD@Z

?IsTypeOf@e3_GENERIC@@UEAA_NW4e3_TYPE@@@Z

?IsTypeOf@e3_LAYER@@UEAA_NPEBD@Z

?IsTypeOf@e3_LAYER@@UEAA_NW4e3_TYPE@@@Z

?IsTypeOf@e3_LOD@@UEAA_NPEBD@Z

?IsTypeOf@e3_LOD@@UEAA_NW4e3_TYPE@@@Z

?IsTypeOf@e3_MAINRANGE@@UEAA_NPEBD@Z

?IsTypeOf@e3_MODIFIER@@UEAA_NPEBD@Z

?IsTypeOf@e3_MODIFIER@@UEAA_NW4e3_TYPE@@@Z

?IsTypeOf@e3_NODE@@UEAA_NPEBD@Z

?IsTypeOf@e3_NODE@@UEAA_NW4e3_TYPE@@@Z

?IsTypeOf@e3_OBJECT@@UEAA_NPEBD@Z

?IsTypeOf@e3_REFSOURCE@@UEAA_NPEBD@Z

?IsTypeOf@e3_REFTARGET@@UEAA_NPEBD@Z

?IsTypeOf@e3_RENDERABLE2@@UEAA_NPEBD@Z

?IsTypeOf@e3_RENDERABLE2@@UEAA_NW4e3_TYPE@@@Z

?IsTypeOf@e3_RENDERABLE@@UEAA_NPEBD@Z

?IsTypeOf@e3_SPRITEHELPER@@UEAA_NPEBD@Z

?IsTypeOf@e3_STREAM@@UEAA_NPEBD@Z

?IsTypeOf@e3_VIEWPORT@@UEAA_NPEBD@Z

?LGetString@e3_GAPI@@UEAAPEBG_KH@Z

?LGetStringEx@e3_GAPI@@UEAAPEBG_KHPEBG@Z

?Length@POINT2D@@QEBAMXZ

?Length@POINT3D@@QEBAMXZ

?Length@QUAT@@QEAAMXZ

?Length@_point3d@@QEBANXZ

?Length@e3_STRING@@QEBAHXZ

?Limit@POINT3D@@QEAAXMM@Z

?Limit@_point3d@@QEAAXNN@Z

?Load@FILETYPE@@QEAA_NXZ

?Load@MATRIX3D@@QEAA?AW4E3RESULT@@PEAVe3_STREAM@@@Z

?Load@POINT3D@@QEAA?AW4E3RESULT@@PEAVe3_STREAM@@@Z

?Load@TSPRITE@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_GENERIC@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_GUID@@QEAA?AW4E3RESULT@@PEAVe3_STREAM@@@Z

?Load@e3_LAYER@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_LOD@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_MAINRANGE@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_MODIFIER@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_NODE@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_OBJECT@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_PARAM@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_REFSOURCE@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_SKIN@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?Load@e3_STRING@@QEAA?AW4E3RESULT@@PEAVe3_STREAM@@@Z

?Load@e3_SUBD@@UEAA?AW4E3RESULT@@PEAVe3_STREAM@@PEAVe3_CONTEXT@@@Z

?LoadCache@e3_GAPI@@UEAA_NPEBG0@Z

?LoadFiletypeConfig@e3_GAPI@@UEAA_NPEAVe3_STREAM@@@Z

?LoadPlugin@e3_GAPI@@UEAA_NPEBG0@Z

?MarkCameraPDV@e3_NODE@@UEAAXXZ

?MovePDVToCameraNode@e3_NODE@@UEAA_NPEAV1@PEAX@Z

?MovePDVToCameraNode@e3_SCENE@@UEAA_NPEAVe3_NODE@@PEAX@Z

?MoveTo@MATRIX3D@@QEAAXAEBUPOINT3D@@@Z

?NewChunk@e3_STREAM@@MEAA_NXZ

?NewChunk@e3_STREAM@@UEAA_NG@Z

?NoRotate@MATRIX3D@@QEAAXXZ

?NoScale@MATRIX3D@@QEAAXXZ

?NoTranslate@MATRIX3D@@QEAAXXZ

?Normalize@POINT3D@@QEAAXXZ

?Normalize@QUAT@@QEAAXXZ

?Normalize@_point3d@@QEAAXXZ

?Notify@e3_REFSOURCE@@UEAA_KI_K@Z

?NotifyChildsAboutTMChange@e3_NODE@@EEAAXXZ

?Offset@MATRIX3D@@QEAAXAEBUPOINT3D@@@Z

?OnError@e3_GAPI@@UEAA?AW4E3RESULT@@W42@@Z

?OnNotify@e3_LAYER@@UEAA_KPEAVe3_REFSOURCE@@I_K@Z

?OnNotify@e3_NODE@@UEAA_KPEAVe3_REFSOURCE@@I_K@Z

?OnNotify@e3_REFTARGET@@UEAA_KPEAVe3_REFSOURCE@@I_K@Z

?OnNotify@e3_VIEWPORT@@UEAA_KPEAVe3_REFSOURCE@@I_K@Z

?OpenChunk@e3_STREAM@@UEAAGPEA_J@Z

?Optimize@e3_BASECONTROL@@UEAA_NI@Z

?PaintLine@e3_VIEWPORT@@QEAAXPEAUPOINT3D@@0K@Z

?PointTransform@MATRIX3D@@QEBA?AUPOINT3D@@AEBU2@@Z

?PointTransform@MATRIX3D@@QEBA?AU_point3d@@AEBU2@@Z

?Pop@e3_STACK@@UEAA_NPEAXH@Z

?PostConvert@TSPRITE@@UEAA_NPEAUe3_CONVERT@@@Z

?PostConvert@e3_OBJECT@@UEAA_NPEAUe3_CONVERT@@@Z

?PostConvert@e3_SUBD@@UEAA_NPEAUe3_CONVERT@@@Z

?PostProcess@TSPRITE@@UEAA_NPEAVe3_NODE@@PEAVe3_CONTEXT@@@Z

?PostProcess@e3_MODIFIER@@UEAA_NPEAVe3_NODE@@PEAVe3_CONTEXT@@@Z

?PostProcess@e3_OBJECT@@UEAA_NPEAVe3_NODE@@PEAVe3_CONTEXT@@@Z

?PreRender@e3_OBJECT@@UEAA?AW4E3RESULT@@PEAVe3_VIEWPORT@@PEAVe3_NODE@@PEBUMATRIX3D@@AEAURENDER_SPEC2@@PEAVe3_CONTEXT@@@Z

?PreRender@e3_RENDERABLE2@@UEAA?AW4E3RESULT@@PEAVe3_VIEWPORT@@PEAVe3_NODE@@PEBUMATRIX3D@@AEAURENDER_SPEC2@@PEAVe3_CONTEXT@@@Z

?PreSortFileTypes@@YAPEAVe3_SORTEDCOLLECTION@@PEAVe3_COLLECTION@@@Z

?PrepareRescale@@YAPEAUPIXWEIGHT@@HHAEAH@Z

?PrintA@e3_STREAM@@UEAAHPEBDZZ

?PrintW@e3_STREAM@@UEAAHPEBGZZ

?Push@e3_STACK@@UEAA_NQEAXH@Z

?PushToCameraList@e3_NODE@@UEAA_NPEAVe3_PDVNode@@@Z

?Put@e3_STREAM@@UEAA?AW4E3RESULT@@PEAVe3_REFSOURCE@@PEAVe3_CONTEXT@@G@Z

?QueryAtoWBufSize@@YAHPEBD@Z

?QueryFormatInfo@FILETYPE@@QEAA?AW4E3RESULT@@AEAPEAVe3_XMLNODE@@I@Z

?QueryFormatInfo@e3_GAPI@@UEAA?AW4E3RESULT@@PEAUe3_GUID@@AEAPEAVe3_XMLNODE@@I@Z

?QueryInfo@e3_EXTENSION@@UEAA?AW4E3RESULT@@PEAVe3_XMLNODE@@I@Z

?QueryInfo@e3_GENERIC@@UEAA?AW4E3RESULT@@PEAVe3_XMLNODE@@I@Z

?QueryWtoABufSize@@YAHPEBG@Z

?ReadFloat@e3_STREAM@@UEAAMXZ

?ReadLn@e3_STREAM@@UEAAHPEADH@Z

?ReadLnW@e3_STREAM@@UEAAHPEAGH@Z

?ReadLong@e3_STREAM@@UEAAIXZ

?ReadRegistryColors@@YAXPEBDPEAKPEAVe3_CONTEXT@@@Z

?ReadWord@e3_STREAM@@UEAAGXZ

?RegisterExtension@e3_GAPI@@EEAA_NPEAVe3_PLUGIN@@PEBDIPEBG@Z

?RegisterExtension@e3_GAPI@@UEAA_NPEAUHINSTANCE__@@PEBDIPEBG@Z

?RegisterICON@e3_GAPI@@EEAAH_K0H@Z

?RegisterICON@e3_GAPI@@UEAAHPEAUHINSTANCE__@@PEBGPEBUe3_GUID@@@Z

?RegisterTYPE@e3_GAPI@@UEAAIPEAUe3_FILETYPE@@@Z

?RegisterType@e3_GAPI@@MEAAPEAVFILETYPE@@PEBG0HIAEAUe3_GUID@@@Z

?Release@RENDER@@QEAAXXZ

?Release@e3_interface@@UEAAIXZ

?RemoveChild@e3_LOD@@UEAA_NPEAVe3_NODE@@@Z

?RemoveChild@e3_NODE@@UEAA_NPEAV1@@Z

?RemoveController@e3_GENERIC@@UEAA_NPEAVe3_BASECONTROL@@@Z

?RemoveController@e3_GENERIC@@UEAA_NW4e3_PROPERTIES@@@Z

?RemoveDriver@@YA_NAEAPEAVDRIVER3D@@_N@Z

?RemoveLine@TSPRITE@@UEAA_NPEAUE3MLINE@@@Z

?RemoveNotifyCALLBACK@e3_GAPI@@UEAA_NP6A_K_K000@Z@Z

?RemovePoint@TSPRITE@@UEAA_NPEAUE3MPOINT@@@Z

?RemoveRefTarget@e3_REFSOURCE@@UEAA_NPEAVe3_REFTARGET@@@Z

?RemoveStep@e3_VIEWPORT@@UEAA?AW4E3RESULT@@PEAVe3_VIEWPORTSTEP@@@Z

?Render@TSPRITE@@UEAA?AW4E3RESULT@@PEAVe3_VIEWPORT@@PEAVe3_NODE@@PEAVe3_CONTEXT@@@Z

?Render@e3_OBJECT@@UEAA?AW4E3RESULT@@PEAVe3_VIEWPORT@@PEAVe3_NODE@@PEBUMATRIX3D@@AEAURENDER_SPEC@@PEAVe3_CONTEXT@@@Z

?Render@e3_RENDERABLE2@@UEAA?AW4E3RESULT@@PEAVe3_VIEWPORT@@PEAVe3_NODE@@PEBUMATRIX3D@@AEAURENDER_SPEC@@PEAVe3_CONTEXT@@@Z

?ReplaceMaterials@e3_MODIFIER@@UEAAHXZ

?Reset@e3_STREAM@@UEAA_NXZ

?ResetColor@e3_NODE@@UEAA?AW4E3RESULT@@XZ

?RestoreCameraPDV@e3_NODE@@UEAA_NXZ

?RestorePDV@e3_NODE@@UEAA_NPEAX@Z

?RestorePDV@e3_SCENE@@UEAA_NPEAX@Z

?Rotate@MATRIX3D@@QEAAXAEBUANGLEAXIS@@@Z

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE

IMAGE_SCN_MEM_EXECUTE

IMAGE_SCN_MEM_READ

.rdata
Size: 377KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

IMAGE_SCN_MEM_WRITE

.pdata
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA

IMAGE_SCN_MEM_DISCARDABLE

IMAGE_SCN_MEM_READ

Resubmissions

Sharing

General

Malware Config

Signatures

Files

Password: infected

Password: infected

1617abc63b58a25baa901c2b1d07d8c9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:1a:34:0f:78:d7:d0:00:e0:89:fd:ba:ad:65:22:dfCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

fc:d0:22:6c:32:2d:74:9c:60:e7:01:a6:90:fa:4a:a1:2e:d4:25:5e:de:07:24:cd:5b:3a:44:70:ef:e2:ee:fbSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msi

shlwapi

version

kernel32

user32

advapi32

ole32

Exports

Exports

Sections

.text Size: 539KB - Virtual size: 538KB

.rdata Size: 145KB - Virtual size: 144KB

.data Size: 4KB - Virtual size: 10KB

.pdata Size: 28KB - Virtual size: 28KB

_RDATA Size: 512B - Virtual size: 252B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

Password: infected

fa32d17e65a7b88daa998c4cd864aa48

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

04:52:96:f8:fc:d8:29:a7:5d:c9:42:94:f5:a4:15:a4Certificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

92:01:c7:c6:dc:5a:a4:d7:66:93:9c:9c:c9:78:22:95:5a:dc:d1:17:26:16:e8:e6:8a:3b:f0:0c:ba:c3:b8:20Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

kernel32

user32

advapi32

ole32

oleaut32

msvcp140

rpcrt4

vcruntime140

vcruntime140_1

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:1a:34:0f:78:d7:d0:00:e0:89:fd:ba:ad:65:22:df
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

fc:d0:22:6c:32:2d:74:9c:60:e7:01:a6:90:fa:4a:a1:2e:d4:25:5e:de:07:24:cd:5b:3a:44:70:ef:e2:ee:fb
Signer

.text
Size: 539KB - Virtual size: 538KB

.rdata
Size: 145KB - Virtual size: 144KB

.data
Size: 4KB - Virtual size: 10KB

.pdata
Size: 28KB - Virtual size: 28KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:52:96:f8:fc:d8:29:a7:5d:c9:42:94:f5:a4:15:a4
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

92:01:c7:c6:dc:5a:a4:d7:66:93:9c:9c:c9:78:22:95:5a:dc:d1:17:26:16:e8:e6:8a:3b:f0:0c:ba:c3:b8:20
Signer

.text
Size: 61KB - Virtual size: 60KB

.orpc
Size: 512B - Virtual size: 52B

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 11KB - Virtual size: 11KB

.reloc
Size: 1024B - Virtual size: 620B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:1a:34:0f:78:d7:d0:00:e0:89:fd:ba:ad:65:22:df
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

22:aa:b6:23:ab:c4:6e:e6:4f:d9:55:fa:7a:6f:a3:e2:af:63:f5:49:8f:e2:b3:80:d3:67:3b:87:94:75:c3:54
Signer

.text
Size: 400KB - Virtual size: 399KB

.rdata
Size: 228KB - Virtual size: 227KB

.data
Size: 9KB - Virtual size: 11KB

.pdata
Size: 26KB - Virtual size: 26KB

.rsrc
Size: 23KB - Virtual size: 23KB

.reloc
Size: 4KB - Virtual size: 3KB

01:1f:39:a2:26:1a:99:3d:d1:51:76:da:6f:e4:fb:ea
Certificate