GitHub[.]Installer[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

GitHub.Installer.rar
Size

12.8MB
MD5

12abffa7832adfa87d2213c0a46a5665
SHA1

e676d6c93cfe7dccf1b82d3376166955f4f0a47d
SHA256

7ca4c55d1ae02b7fc3247130d5c04ae8cdaf0663d4e8b94dddfae7534138f50d
SHA512

644e74c547e8cf3ba0f2531cb32e5f12fef434a8bafde8cbe703b86d23a07651b04c63f04eb68dd0d9933b53f55a80fa69a1c45c7409945e0cb0cc04e152b430
SSDEEP

393216:K9ERMs/vtj2WCH80qUU91AWNnOlpC0Qx6Yb:J/BCH80pUjO+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack001/[GitHub] Installer/libs/xmlfilter.dll
unpack001/[GitHub] Installer/libs/xmlprovi.dll
unpack001/[GitHub] Installer/libs/xolehlp.dll
unpack001/[GitHub] Installer/x64/3.dll
unpack001/[GitHub] Installer/x64/BluetoothDesktopHandlers.dll
unpack001/[GitHub] Installer/x64/WinFax.dll
unpack001/[GitHub] Installer/x64/WinMsoIrmProtector.dll
unpack001/[GitHub] Installer/x64/WinOpcIrmProtector.dll
unpack001/[GitHub] Installer/x64/WindowsInternal.Shell.CompUiActivation.dll
unpack001/[GitHub] Installer/x64/WindowsIoTCsp.dll
unpack001/[GitHub] Installer/x64/WindowsUpdateElevatedInstaller.exe
unpack001/[GitHub] Installer/x64/blbres.dll
unpack001/[GitHub] Installer/x64/bootux.dll
unpack001/[GitHub] Installer/x64/opengl32.dll
unpack001/[GitHub] Installer/x64/winethc.dll
unpack001/[GitHub] Installer/x64/wininetlui.dll
unpack001/[GitHub] Installer/x64/winlogonext.dll
unpack001/[GitHub] Installer/x64/winml.dll
unpack001/[GitHub] Installer/x64/winnlsres.dll

Files

GitHub.Installer.rar
.rar

Password: 2024
[GitHub] Installer/Installer.exe
.exe windows:4 windows x86 arch:x86

Password: 2024

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:01:94:cd:1e:31:42:20:51:35:d1:c6:36:e4:e9:ba
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

18/10/2022, 00:00

Not After

15/10/2025, 23:59

Subject

CN=NVIDIA Corporation,OU=1-F,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:09:5e:de:a2:12:7e:92:81:cc:00:00:00:00:01:09
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

14/09/2023, 19:14

Not After

04/09/2024, 19:14

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/04/2012, 23:48

Not After

18/04/2027, 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

14:97:40:3d:e7:85:59:88:ee:ae:be:e6:91:dc:1f:98:76:5e:cc:ca:c7:75:66:93:65:0b:7b:14:7b:fe:b1:21
Signer

Actual PE Digest

14:97:40:3d:e7:85:59:88:ee:ae:be:e6:91:dc:1f:98:76:5e:cc:ca:c7:75:66:93:65:0b:7b:14:7b:fe:b1:21

Digest Algorithm

sha256

PE Digest Matches

false

14:97:40:3d:e7:85:59:88:ee:ae:be:e6:91:dc:1f:98:76:5e:cc:ca:c7:75:66:93:65:0b:7b:14:7b:fe:b1:21
Signer

Actual PE Digest

14:97:40:3d:e7:85:59:88:ee:ae:be:e6:91:dc:1f:98:76:5e:cc:ca:c7:75:66:93:65:0b:7b:14:7b:fe:b1:21

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Together.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 388KB - Virtual size: 388KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/libs/xmlfilter.dll
.dll regsvr32 windows:10 windows x64 arch:x64

Password: 2024

9c6c869862163d621c2d7c68bc01df4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XmlFilter.pdb

Imports

msvcrt

??1type_info@@UEAA@XZ
_XcptFilter
_amsg_exit
_lock
_unlock
__dllonexit
_wcsnicmp
_onexit
_callnewh
wcscat_s
memmove
__C_specific_handler
iswspace
_purecall
free
malloc
_CxxThrowException
realloc
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
memcpy
wcsncpy_s
_errno
__CxxFrameHandler3
?terminate@@YAXXZ
wcscpy_s
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
_initterm
memset

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
SizeofResource
GetModuleHandleExW
LoadLibraryExW
GetModuleFileNameA
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleW
FreeLibrary
GetModuleFileNameW
LoadResource

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
InitializeCriticalSection
ReleaseMutex
CreateEventExW
WaitForSingleObjectEx
OpenSemaphoreW
DeleteCriticalSection
CreateSemaphoreExW
SetEvent
WaitForSingleObject
CreateMutexExW

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
RaiseException
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
OutputDebugStringA
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

oleaut32

VariantClear
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysAllocString
SysFreeString

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2

api-ms-win-core-file-l1-1-0

GetFileAttributesW

api-ms-win-shcore-stream-l1-1-0

SHCreateStreamOnFileEx

api-ms-win-core-threadpool-legacy-l1-1-0

QueueUserWorkItem

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-registry-l1-1-0

RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetVersionExA
GetTickCount

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/libs/xmllite.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

d2e0f3f026362c9bf4ba56fa26b36d50

Code Sign

33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:30

Not After

03/03/2021, 18:30

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a9:01:74:45:90:a8:77:4f:3c:2a:45:ca:4e:47:8f:6a:4b:42:bb:2e:a7:06:d1:fd:8a:8b:f2:e6:a8:08:fc:c0
Signer

Actual PE Digest

a9:01:74:45:90:a8:77:4f:3c:2a:45:ca:4e:47:8f:6a:4b:42:bb:2e:a7:06:d1:fd:8a:8b:f2:e6:a8:08:fc:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

PDB Paths

XmlLite.pdb

Imports

msvcrt

_purecall
_callnewh
__C_specific_handler
_initterm
malloc
_XcptFilter
memmove
free
_amsg_exit
_vsnwprintf
memcmp
memcpy
memset

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
GetCurrentProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-localization-l1-2-0

GetCPInfo

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-memory-l1-1-0

VirtualQuery

Exports

Exports

CreateXmlReader
CreateXmlReaderInputWithEncodingCodePage
CreateXmlReaderInputWithEncodingName
CreateXmlWriter
CreateXmlWriterOutputWithEncodingCodePage
CreateXmlWriterOutputWithEncodingName

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/libs/xmlprovi.dll
.dll regsvr32 windows:10 windows x64 arch:x64

Password: 2024

24d8349f9b6586bff7025b9e2cce6bac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

xmlprovi.pdb

Imports

ntdll

wcschr
__C_specific_handler
memcpy

msvcrt

free
malloc
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
__CxxFrameHandler3
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
_callnewh
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ

atl

ord22
ord30
ord18
ord15
ord21
ord16
ord23
ord32

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
lstrlenA
MultiByteToWideChar
lstrlenW
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
TerminateProcess
GetCurrentProcess

rtutils

TracePrintfA
TraceDeregisterW
TraceRegisterExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/libs/xolehlp.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

8c66b484e9dcdd20cbcb519baff6097e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

xolehlp.pdb

Imports

api-ms-win-core-registry-l1-1-0

RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExA
RegQueryValueExW

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
LoadResource
LockResource
GetProcAddress
GetModuleHandleA
LoadStringW
LoadLibraryExA
FreeLibrary
LoadLibraryExW
GetModuleHandleW
DisableThreadLibraryCalls
GetModuleFileNameW

api-ms-win-core-com-l1-1-0

CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoGetObjectContext
CoCreateInstance

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

msvcrt

_wfopen
strchr
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBV0@@Z
??1type_info@@UEAA@XZ
??1exception@@UEAA@XZ
_onexit
__dllonexit
_CxxThrowException
_local_unwind
?terminate@@YAXXZ
memcmp
_unlock
_lock
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
memcpy
??0exception@@QEAA@AEBQEBDH@Z
_callnewh
malloc
free
_vsnprintf
fopen
fflush
fclose
fprintf
fwprintf
__CxxFrameHandler3
_vsnwprintf
_wcsicmp
_stricmp
mbstowcs
wcsrchr
_purecall
_waccess
wcscpy_s
_ultow
memset

ntdll

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlReportException
RtlCaptureContext
RtlNtStatusToDosError

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

TlsFree
TlsGetValue
GetCurrentThreadId
TlsAlloc
GetCurrentProcessId
GetCurrentProcess
GetExitCodeProcess
CreateProcessW
OpenProcessToken
TerminateProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemWindowsDirectoryA
GetTickCount
GetSystemTimeAsFileTime
GetComputerNameExW
GetLocalTime

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineA
ExpandEnvironmentStringsW

api-ms-win-core-file-l1-1-0

SetFileAttributesW
DeleteFileW
CreateFileW
GetFullPathNameW
FindNextFileW
FindFirstFileW
FindClose
CreateDirectoryW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-synch-l1-1-0

ResetEvent
InitializeCriticalSection
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
SetEvent
CreateEventA
WaitForSingleObjectEx
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-security-base-l1-1-0

GetTokenInformation

api-ms-win-core-version-l1-1-0

VerQueryValueW

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

kernel32

UnregisterWaitEx
QueueUserWorkItem

Exports

Exports

DtcGetTransactionManager
DtcGetTransactionManagerC
DtcGetTransactionManagerEx
DtcGetTransactionManagerExA
DtcGetTransactionManagerExW
FreezeLocalTransactionManagers
GetDtcLocaleResourceHandle
ThawLocalTransactionManagers

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/3.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

3743d57b7a85109e8946ad01b46bbecc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

bootux.pdb

Imports

msvcrt

_lock
_initterm
malloc
sqrt
__C_specific_handler
__CxxFrameHandler3
_XcptFilter
free
memset
iscntrl
wcschr
_wtoi
_callnewh
_onexit
memcpy_s
__dllonexit
_amsg_exit
_unlock
memmove
floorf
ceil
_purecall
_vsnwprintf
wcscmp

api-ms-win-shcore-scaling-l1-1-0

GetScaleFactorForDevice

api-ms-win-shcore-thread-l1-1-0

SHCreateThread
SHGetThreadRef

api-ms-win-shcore-comhelpers-l1-1-0

IUnknown_Set

api-ms-win-shcore-stream-l1-1-0

SHCreateStreamOnFileEx

shcore

ord228

shell32

SHFileOperationW
ord47
SHGetFolderPathW

shlwapi

StrCmpW
PathFileExistsW
StrToIntExW
PathFindFileNameW
StrRStrIW
PathGetDriveNumberW
StrCmpIW
ord460
StrChrW
PathFindExtensionW
PathAppendW
PathRemoveFileSpecW

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameA
GetProcAddress
LoadLibraryExW
GetModuleFileNameW
LockResource
FindResourceExW
LoadResource
FreeLibrary
LoadStringW
DisableThreadLibraryCalls

api-ms-win-core-synch-l1-1-0

CreateMutexExW
WaitForSingleObject
ReleaseMutex
OpenSemaphoreW
ReleaseSemaphore
CreateEventExW
CreateSemaphoreExW
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
ReleaseSRWLockShared
WaitForMultipleObjectsEx
CreateEventW
SetEvent
ResetEvent
WaitForSingleObjectEx

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

TlsSetValue
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
TlsFree
TlsAlloc
TlsGetValue

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventWriteTransfer

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceEnableLevel
TraceMessage
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableFlags

api-ms-win-core-file-l1-1-0

GetDriveTypeW
GetLogicalDriveStringsW
CreateFileW
CreateDirectoryW
GetFileAttributesExW
WriteFile
DeleteFileW

api-ms-win-core-path-l1-1-0

PathCchCombine
PathCchAppend

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetWindowsDirectoryW

api-ms-win-core-string-l1-1-0

CompareStringOrdinal
CompareStringEx

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-security-base-l1-1-0

GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCloseKey

api-ms-win-eventing-controller-l1-1-0

StopTraceW
StartTraceW
EnableTraceEx2

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-atoms-l1-1-0

GetAtomNameW

api-ms-win-core-sidebyside-l1-1-0

DeactivateActCtx
CreateActCtxW
ActivateActCtx
ReleaseActCtx

api-ms-win-core-threadpool-legacy-l1-1-0

QueueUserWorkItem

uiautomationcore

UiaRaiseAutomationEvent

gdi32

CreateFontIndirectW
DeleteObject
CreateCompatibleDC
SelectObject
GetDeviceCaps
CreateDIBSection
GetStockObject
StretchDIBits
GetObjectW
DeleteDC

ntdll

WinSqmSetDWORD

ole32

CoInitialize

user32

UpdateWindow
InvalidateRect
FillRect
GetClientRect
SystemParametersInfoW
TranslateMessage
RegisterWindowMessageW
FindWindowW
GetMonitorInfoW
RemovePropW
MonitorFromPoint
DispatchMessageW
GetSystemMetrics
GetMessageW
DrawTextW
SetForegroundWindow
PostQuitMessage
SetPropW
ShowWindow
GetCursorPos
ReleaseDC
MapWindowPoints
GetDC
SetCursor
LoadCursorW
MsgWaitForMultipleObjectsEx
PeekMessageW
GetAncestor
PostMessageW
IsWindow

uxtheme

GetCurrentThemeName

dui70

?ActivateTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@K@Z
?EventFromEventId@Schema@DirectUI@@SA?AW4Event@12@H@Z
?WantEvent@EventManager@DirectUI@@SA_NW4Event@Schema@2@@Z
?FWantAnyEvent@EventManager@DirectUI@@SA_NPEAVElement@2@@Z
?SetX@Element@DirectUI@@QEAAJH@Z
?GetExtent@Element@DirectUI@@QEAAPEBUtagSIZE@@PEAPEAVValue@2@@Z
?SetMargin@Element@DirectUI@@QEAAJHHHH@Z
?GetMargin@Element@DirectUI@@QEAAPEBUtagRECT@@PEAPEAVValue@2@@Z
?_Fill@Element@DirectUI@@IEAAXPEAUHDC__@@KHHHH_N@Z
?SetXMLFromResourceWithTheme@DUIXmlParser@DirectUI@@QEAAJIPEAUHINSTANCE__@@00@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QEAAJPEBGPEAUHINSTANCE__@@1@Z
?SetRootWindowForTheming@DUIXmlParser@DirectUI@@QEAAXPEAUHWND__@@@Z
?GetSheet@DUIXmlParser@DirectUI@@QEAAJPEBGPEAPEAVValue@2@@Z
DuiCreateObject
?AdviseEventRemoved@ElementProvider@DirectUI@@UEAAJHPEAUtagSAFEARRAY@@@Z
?AdviseEventAdded@ElementProvider@DirectUI@@UEAAJHPEAUtagSAFEARRAY@@@Z
?get_FragmentRoot@ElementProvider@DirectUI@@UEAAJPEAPEAUIRawElementProviderFragmentRoot@@@Z
?SetFocus@ElementProvider@DirectUI@@UEAAJXZ
?GetEmbeddedFragmentRoots@ElementProvider@DirectUI@@UEAAJPEAPEAUtagSAFEARRAY@@@Z
?get_BoundingRectangle@ElementProvider@DirectUI@@UEAAJPEAUUiaRect@@@Z
?GetRuntimeId@ElementProvider@DirectUI@@UEAAJPEAPEAUtagSAFEARRAY@@@Z
?Navigate@ElementProvider@DirectUI@@UEAAJW4NavigateDirection@@PEAPEAUIRawElementProviderFragment@@@Z
?ShowContextMenu@ElementProvider@DirectUI@@UEAAJXZ
?get_HostRawElementProvider@ElementProvider@DirectUI@@UEAAJPEAPEAUIRawElementProviderSimple@@@Z
?GetPropertyValue@ElementProvider@DirectUI@@UEAAJHPEAUtagVARIANT@@@Z
?get_ProviderOptions@ElementProvider@DirectUI@@UEAAJPEAW4ProviderOptions@@@Z
?AddRef@ElementProvider@DirectUI@@UEAAKXZ
?QueryInterface@ElementProvider@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?TossElement@ElementProvider@DirectUI@@UEAAXXZ
?GetElement@ElementProvider@DirectUI@@UEAAPEDVElement@2@XZ
??0ElementProvider@DirectUI@@QEAA@XZ
?CreatePatternProvider@Schema@DirectUI@@SAJW4Pattern@12@PEAVElementProvider@2@PEAPEAUIUnknown@@@Z
?IsPatternSupported@ElementProxy@DirectUI@@IEAAJW4Pattern@Schema@2@PEA_N@Z
?Init@ElementProxy@DirectUI@@MEAAXPEAVElement@2@@Z
?DoMethod@ElementProxy@DirectUI@@UEAAJHPEAD@Z
?GetProperty@ElementProxy@DirectUI@@IEAAJPEAUtagVARIANT@@H@Z
??1ElementProvider@DirectUI@@UEAA@XZ
?Release@ElementProvider@DirectUI@@UEAAKXZ
?Init@ElementProvider@DirectUI@@MEAAJPEAVElement@2@PEAVInvokeHelper@2@@Z
??1AutoLock@DirectUI@@QEAA@XZ
??0AutoLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
?DoInvoke@ElementProvider@DirectUI@@IEAAJHZZ
?PatternFromPatternId@Schema@DirectUI@@SA?AW4Pattern@12@H@Z
?GetForegroundColorRef@RichText@DirectUI@@UEAAJPEAK@Z
?GetClassInfoW@RichText@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?OnHosted@RichText@DirectUI@@UEAAXPEAVElement@2@@Z
?Paint@RichText@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnEvent@RichText@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnPropertyChanged@RichText@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
??1RichText@DirectUI@@UEAA@XZ
??0RichText@DirectUI@@QEAA@XZ
?Initialize@RichText@DirectUI@@QEAAJPEAVElement@2@PEAK@Z
?SetDWriteFontCollection@RichText@DirectUI@@QEAAXPEAUIDWriteFontCollection@@@Z
?SetBackgroundColor@Element@DirectUI@@QEAAJK@Z
?SetLineSpacing@RichText@DirectUI@@QEAAJH@Z
?SetConstrainLayout@RichText@DirectUI@@QEAAJH@Z
?SetBaseline@RichText@DirectUI@@QEAAJH@Z
?GetContentAlign@Element@DirectUI@@QEAAHXZ
?SetContentAlign@Element@DirectUI@@QEAAJH@Z
?SetOverhang@Element@DirectUI@@QEAAJ_N@Z
?GetRawValue@Element@DirectUI@@QEAAPEAVValue@2@PEBUPropertyInfo@2@HPEAUUpdateCache@2@@Z
?GetElementScaledInt@Value@DirectUI@@QEAAHPEAVElement@2@@Z
?LineSpacingProp@RichText@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetContentSize@RichText@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?CreateGraphic@Value@DirectUI@@SAPEAV12@PEBGGGPEAUHINSTANCE__@@_N2@Z
?HeightProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetUnset@Value@DirectUI@@SAPEAV12@XZ
?WidthProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetWidth@Element@DirectUI@@QEAAHXZ
?DestroyAll@Element@DirectUI@@QEAAJ_N@Z
??1AccessibleButton@DirectUI@@UEAA@XZ
?OnReceivedDialogFocus@Button@DirectUI@@UEAA_NPEAUIDialogElement@2@@Z
?OnLostDialogFocus@Button@DirectUI@@UEAA_NPEAUIDialogElement@2@@Z
?DefaultAction@Button@DirectUI@@UEAAJXZ
?OnPropertyChanged@AccessibleButton@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
??0AccessibleButton@DirectUI@@QEAA@XZ
?GetClassInfoPtr@AccessibleButton@DirectUI@@SAPEAUIClassInfo@2@XZ
?Initialize@AccessibleButton@DirectUI@@QEAAJPEAVElement@2@PEAK@Z
?Register@AccessibleButton@DirectUI@@SAJXZ
?Create@BorderLayout@DirectUI@@SAJPEAPEAVLayout@2@@Z
?Create@ModernProgressRing@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?IDProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?CreateAtom@Value@DirectUI@@SAPEAV12@G@Z
?Create@FlowLayout@DirectUI@@SAJ_NIIIPEAPEAVLayout@2@@Z
?ClassProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetTreatRightMouseButtonAsLeft@TouchButton@DirectUI@@QEAAJ_N@Z
?SetHandleEnter@TouchButton@DirectUI@@QEAAJ_N@Z
?Create@TouchButton@DirectUI@@SAJIPEAVElement@2@PEAKPEAPEAV32@@Z
?GetHeight@Element@DirectUI@@QEAAHXZ
?PressedProp@TouchButton@DirectUI@@SAPEBUPropertyInfo@2@XZ
?Click@TouchButton@DirectUI@@SA?AVUID@@XZ
?Context@Button@DirectUI@@SA?AVUID@@XZ
?GetBoolFalse@Value@DirectUI@@SAPEAV12@XZ
GetScaleFactor
?GetBorderThickness@Element@DirectUI@@QEAAPEBUtagRECT@@PEAPEAVValue@2@@Z
?OnInput@Button@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?GetPressed@Button@DirectUI@@QEAA_NXZ
?GetCaptured@Button@DirectUI@@QEAA_NXZ
?SetCaptured@Button@DirectUI@@QEAAJ_N@Z
?CreateBool@Value@DirectUI@@SAPEAV12@_N@Z
?PressedProp@Button@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetPressed@Button@DirectUI@@QEAAJ_N@Z
?GetClassInfoPtr@ModernProgressRing@DirectUI@@SAPEAUIClassInfo@2@XZ
?Create@ElementProvider@DirectUI@@SAJPEAVElement@2@PEAVInvokeHelper@2@PEAPEAV12@@Z
?Create@HWNDElementProvider@DirectUI@@SAJPEAVHWNDElement@2@PEAVInvokeHelper@2@PEAPEAV12@@Z
?Find@ElementProviderManager@DirectUI@@SAPEAVElementProvider@2@PEAVElement@2@@Z
?GetInvokeHelper@InvokeManager@DirectUI@@SAJPEAPEAVInvokeHelper@2@@Z
?SetY@Element@DirectUI@@QEAAJH@Z
?Create@VerticalFlowLayout@DirectUI@@SAJ_NIIIPEAPEAVLayout@2@@Z
?LayoutPosProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetAccRole@Element@DirectUI@@QEAAJH@Z
?GetAccName@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?SetPasswordCharacter@TouchEditBase@DirectUI@@QEAAJH@Z
?SetMaxLength@TouchEditBase@DirectUI@@QEAAJH@Z
?Create@TouchEdit2@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?SetLayout@Element@DirectUI@@QEAAJPEAVLayout@2@@Z
?Create@FillLayout@DirectUI@@SAJPEAPEAVLayout@2@@Z
?SetInputScope@TouchEdit2@DirectUI@@QEAAJW4__MIDL___MIDL_itf_inputscope_0000_0000_0001@@@Z
?Enter@TouchEditBase@DirectUI@@SA?AVUID@@XZ
?Paste@TouchEditBase@DirectUI@@SA?AVUID@@XZ
?SetCaretPosition@TouchEdit2@DirectUI@@QEAAJJ@Z
?GetSelection@TouchEdit2@DirectUI@@QEAAJPEAJ0@Z
?GetEncodedContentString@Element@DirectUI@@QEAAJPEAG_K@Z
?KeyWithinProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetIntZero@Value@DirectUI@@SAPEAV12@XZ
?CreateInt@Value@DirectUI@@SAPEAV12@HW4DynamicScaleValue@@@Z
?SetAccDesc@Element@DirectUI@@QEAAJPEBG@Z
?SetAccName@Element@DirectUI@@QEAAJPEBG@Z
UnicodeToMultiByte
?Register@Element@DirectUI@@SAJXZ
?CreateInstance@CSafeElementProxy@@SAJPEAVElement@DirectUI@@PEAPEAV1@@Z
?GetFactory@RichText@DirectUI@@QEAAPEAUIDWriteFactory@@XZ
?Create@RichText@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?GetContentString@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?Add@Element@DirectUI@@QEAAJPEAV12@@Z
?RemoveAll@Element@DirectUI@@QEAAJXZ
?SetEnabled@Element@DirectUI@@QEAAJ_N@Z
?IsRoot@Element@DirectUI@@QEAAHXZ
?SetActive@Element@DirectUI@@QEAAJH@Z
?ContentProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetContentString@Element@DirectUI@@QEAAJPEBG@Z
?SetID@Element@DirectUI@@QEAAJPEBG@Z
?BackgroundProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetBackgroundStdColor@Element@DirectUI@@QEAAJH@Z
?Click@Button@DirectUI@@SA?AVUID@@XZ
?GetClass@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?GetClassInfoPtr@Element@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoW@Element@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?Detach@CSafeElementProxy@@QEAAXXZ
?GetRoot@Element@DirectUI@@QEAAPEAV12@XZ
?GetClassInfoPtr@HWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetChildren@Element@DirectUI@@QEAAPEAV?$DynamicArray@PEAVElement@DirectUI@@$0A@@2@PEAPEAVValue@2@@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?FireEvent@Element@DirectUI@@QEAAXPEAUEvent@2@_N1@Z
??0CritSecLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??1CritSecLock@DirectUI@@QEAA@XZ
?QueryInterface@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?UpdateTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?ActivateTooltip@Element@DirectUI@@MEAAXPEAV12@K@Z
?RemoveTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?GetClassInfoPtr@TouchHWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?CreateString@Value@DirectUI@@SAPEAV12@PEBGPEAUHINSTANCE__@@@Z
?GetStringNull@Value@DirectUI@@SAPEAV12@XZ
??0ClassInfoBase@DirectUI@@QEAA@XZ
??1ClassInfoBase@DirectUI@@UEAA@XZ
?Initialize@ClassInfoBase@DirectUI@@QEAAJPEAUHINSTANCE__@@PEBG_NPEBQEBUPropertyInfo@2@I@Z
?Register@ClassInfoBase@DirectUI@@QEAAJXZ
?ClassExist@ClassInfoBase@DirectUI@@SA_NPEAPEAUIClassInfo@2@PEBQEBUPropertyInfo@2@IPEAU32@PEAUHINSTANCE__@@PEBG_N@Z
?AddRef@ClassInfoBase@DirectUI@@UEAAXXZ
?Release@ClassInfoBase@DirectUI@@UEAAHXZ
?EnumPropertyInfo@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?GetByClassIndex@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?GetPICount@ClassInfoBase@DirectUI@@UEBAIXZ
?GetGlobalIndex@ClassInfoBase@DirectUI@@UEBAIXZ
?GetName@ClassInfoBase@DirectUI@@UEBAPEBGXZ
?IsValidProperty@ClassInfoBase@DirectUI@@UEBA_NPEBUPropertyInfo@2@@Z
?IsSubclassOf@ClassInfoBase@DirectUI@@UEBA_NPEAUIClassInfo@2@@Z
?GetModule@ClassInfoBase@DirectUI@@UEBAPEAUHINSTANCE__@@XZ
?IsGlobal@ClassInfoBase@DirectUI@@UEBA_NXZ
?AddChild@ClassInfoBase@DirectUI@@UEAAXXZ
?RemoveChild@ClassInfoBase@DirectUI@@UEAAXXZ
?GetChildren@ClassInfoBase@DirectUI@@UEBAHXZ
?AssertPIZeroRef@ClassInfoBase@DirectUI@@UEBAXXZ
??0Element@DirectUI@@QEAA@XZ
??1Element@DirectUI@@UEAA@XZ
?Initialize@Element@DirectUI@@QEAAJIPEAV12@PEAK@Z
?GetValue@Element@DirectUI@@QEAAPEAVValue@2@P6APEBUPropertyInfo@2@XZHPEAUUpdateCache@2@@Z
?SetValue@Element@DirectUI@@QEAAJP6APEBUPropertyInfo@2@XZHPEAVValue@2@@Z
?OnGroupChanged@Element@DirectUI@@UEAAXH_N@Z
?OnInput@Element@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?OnKeyFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnDestroy@Element@DirectUI@@UEAAXXZ
?BroadcastEvent@Element@DirectUI@@QEAAXPEAUEvent@2@@Z
?OnEvent@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?AddListener@Element@DirectUI@@QEAAJPEAUIElementListener@2@@Z
?RemoveListener@Element@DirectUI@@QEAAXPEAUIElementListener@2@@Z
?MessageCallback@Element@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?_PostEvent@Element@DirectUI@@AEAAXPEAUEvent@2@H@Z
?GetFactoryLock@Element@DirectUI@@SAPEAU_RTL_CRITICAL_SECTION@@XZ
?GetAccessibleImpl@Element@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?SyncDestroyWindow@NativeHWNDHost@DirectUI@@QEAAXXZ
UnInitThread
UnInitProcessPriv
?Destroy@NativeHWNDHost@DirectUI@@QEAAXXZ
??0NativeHWNDHost@DirectUI@@QEAA@XZ
?Initialize@NativeHWNDHost@DirectUI@@QEAAJPEBG0PEAUHWND__@@PEAUHICON__@@HHHHHHPEAUHINSTANCE__@@I@Z
??1NativeHWNDHost@DirectUI@@UEAA@XZ
?GetAccessibleImpl@HWNDElement@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?GetWindowClassNameAndStyle@HWNDElement@DirectUI@@UEAAXPEAPEBGPEAI@Z
?CreateStyleParser@HWNDElement@DirectUI@@UEAAJPEAPEAVDUIXmlParser@2@@Z
?OnCompositionChanged@HWNDElement@DirectUI@@UEAAXXZ
?OnWmSettingChanged@HWNDElement@DirectUI@@UEAAX_K_J@Z
?OnWmThemeChanged@HWNDElement@DirectUI@@UEAAX_K_J@Z
?OnGetDlgCode@HWNDElement@DirectUI@@UEAAXPEAUtagMSG@@PEA_J@Z
?OnNoChildWithShortcutFound@HWNDElement@DirectUI@@UEAAXPEAUKeyboardEvent@2@@Z
?OnImmersiveColorSchemeChanged@HWNDElement@DirectUI@@UEAAXXZ
?OnThemeChanged@HWNDElement@DirectUI@@UEAAXPEAUThemeChangedEvent@2@@Z
?OnGroupChanged@HWNDElement@DirectUI@@UEAAXH_N@Z
?Host@NativeHWNDHost@DirectUI@@QEAAXPEAVElement@2@@Z
?GetClassInfoPtr@TouchButton@DirectUI@@SAPEAUIClassInfo@2@XZ
StrToID
?GetUiaFocusDelegate@Element@DirectUI@@UEAAPEAV12@XZ
?HandleUiaEventListener@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@@Z
?HandleUiaPropertyListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?HandleUiaDestroyListener@Element@DirectUI@@UEAAXXZ
?GetElementProviderImpl@Element@DirectUI@@UEAAJPEAVInvokeHelper@2@PEAPEAVElementProvider@2@@Z
?GetUIAElementProvider@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?DefaultAction@Element@DirectUI@@UEAAJXZ
?OnUnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?OnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MEAAXHH@Z
?GetImmersiveFocusRectOffsets@Element@DirectUI@@UEAAXPEAUtagRECT@@@Z
?RemoveBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?AddBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?SetKeyFocus@Element@DirectUI@@UEAAXXZ
?EnsureVisible@Element@DirectUI@@UEAA_NHHHH@Z
?GetAdjacent@Element@DirectUI@@UEAAPEAV12@PEAV12@HPEBUNavReference@2@K@Z
?FindDescendent@Element@DirectUI@@QEAAPEAV12@G@Z
?Remove@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?Insert@Element@DirectUI@@UEAAJPEAPEAV12@II@Z
?Add@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?GetContentSize@Element@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?Paint@Element@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnMouseFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?GetContentStringAsDisplayed@Element@DirectUI@@UEAAPEBGPEAPEAVValue@2@@Z
?EndDefer@Element@DirectUI@@QEAAXK@Z
?StartDefer@Element@DirectUI@@QEAAXPEAK@Z
?Destroy@Element@DirectUI@@QEAAJ_N@Z
?Create@Element@DirectUI@@SAJIPEAV12@PEAKPEAPEAV12@@Z
?CreateElement@DUIXmlParser@DirectUI@@QEAAJPEBGPEAVElement@2@1PEAKPEAPEAV32@@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QEAAJIPEAUHINSTANCE__@@0@Z
?Destroy@DUIXmlParser@DirectUI@@QEAAXXZ
?Create@DUIXmlParser@DirectUI@@SAJPEAPEAV12@P6APEAVValue@2@PEBGPEAX@Z2P6AX11H2@Z2@Z
?_OnUIStateChanged@TouchHWNDElement@DirectUI@@MEAAXGG@Z
??1TouchHWNDElement@DirectUI@@UEAA@XZ
??0TouchHWNDElement@DirectUI@@QEAA@XZ
?DismissIHMAsync@TouchHWNDElement@DirectUI@@QEAAJXZ
?OnDestroy@TouchHWNDElement@DirectUI@@UEAAXXZ
?IsMSAAEnabled@TouchHWNDElement@DirectUI@@UEAA_NXZ
?WndProc@TouchHWNDElement@DirectUI@@UEAA_JPEAUHWND__@@I_K_J@Z
?OnPropertyChanged@TouchHWNDElement@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?OnKeyFocusMoved@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@0@Z
?OnEvent@TouchHWNDElement@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnInput@TouchHWNDElement@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?MessageCallback@TouchHWNDElement@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?Initialize@TouchHWNDElement@DirectUI@@QEAAJPEAUHWND__@@_NIPEAVElement@2@PEAK@Z
?SetFlags@TouchHWNDElement@DirectUI@@QEAAJW4TouchHWNDElementFlags@2@0@Z
?GetClassInfoW@TouchHWNDElement@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?RemoveTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@@Z
?CreateHostWindow@NativeHWNDHost@DirectUI@@UEAAPEAUHWND__@@KPEBG0KHHHHPEAU3@PEAUHMENU__@@PEAUHINSTANCE__@@PEAX@Z
?UpdateTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@@Z
?GetHWND@HWNDElement@DirectUI@@UEAAPEAUHWND__@@XZ
?CanSetFocus@HWNDElement@DirectUI@@UEAA_NXZ
?SetFont@Element@DirectUI@@QEAAJPEBG@Z
?SetAccessible@Element@DirectUI@@QEAAJ_N@Z
?SetLayoutPos@Element@DirectUI@@QEAAJH@Z
?SetHeight@Element@DirectUI@@QEAAJH@Z
?SetVisible@Element@DirectUI@@QEAAJ_N@Z
?GetKeyFocused@Element@DirectUI@@UEAA_NXZ
?GetFontQuality@Element@DirectUI@@QEAAHXZ
?GetFontWeight@Element@DirectUI@@QEAAHXZ
?GetFontSize@Element@DirectUI@@QEAAHXZ
?GetFontFace@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?IsContentProtected@Element@DirectUI@@UEAA_NXZ
?IsRTLReading@Element@DirectUI@@UEAA_NXZ
?Release@Value@DirectUI@@QEAAXXZ
InitProcessPriv
InitThread

duser

DeleteHandle
MapGadgetPoints
CreateAction
GetGadgetRect
InvalidateGadget
DUserSendEvent
InitGadgets
DUserPostEvent
DrawGadgetTree

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/BluetoothDesktopHandlers.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

bc6f2fb06806d537e61ddf304b9b96f6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

BluetoothDesktopHandlers.pdb

Imports

msvcrt

_onexit
_XcptFilter
_amsg_exit
__dllonexit
_purecall
_unlock
memmove
bsearch_s
_vsnprintf_s
__CxxFrameHandler3
??1type_info@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
free
malloc
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
??3@YAXPEAX@Z
memcpy_s
_vsnwprintf
_initterm
__C_specific_handler
?terminate@@YAXXZ
??_V@YAXPEAX@Z
_lock
_callnewh
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memset

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleExW
GetModuleHandleW
DisableThreadLibraryCalls
GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

InitializeSRWLock
DeleteCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
CreateSemaphoreExW
ReleaseSemaphore
EnterCriticalSection
LeaveCriticalSection
OpenSemaphoreW
CreateMutexExW
WaitForSingleObjectEx
WaitForSingleObject
InitializeCriticalSectionEx
ReleaseMutex

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

SetLastError
GetLastError
RaiseException
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
TerminateProcess
CreateThread
GetCurrentProcess
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString

api-ms-win-core-string-l1-1-0

CompareStringOrdinal

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-com-l1-1-0

CoInitializeEx
CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoUninitialize

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoInitialize
RoUninitialize

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate
IsErrorPropagationEnabled

api-ms-win-core-winrt-error-l1-1-0

RoTransformError
RoOriginateError

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

GetSetting

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/WinFax.dll
.dll windows:10 windows x64 arch:x64

Password: 2024

7c0bf03190cb1dd5f9c90cf0a8d6a35c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WinFax.pdb

Imports

msvcrt

memset
__C_specific_handler
free
malloc
_initterm
_XcptFilter
_amsg_exit
_vsnwprintf
_wcsicmp
_stricmp
wcscmp

kernel32

TerminateProcess
HeapFree
HeapAlloc
HeapDestroy
GetProcessHeap
LoadLibraryW
GetCurrentProcess
GetComputerNameW
FreeLibrary
GetComputerNameA
OutputDebugStringW
GetVersionExW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
DisableThreadLibraryCalls
GetLastError
SetLastError
GetProcAddress
ResolveDelayLoadedAPI
DelayLoadFailureHook

advapi32

UnregisterTraceGuids
RegSetValueExW
RegOpenKeyExW
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
GetTraceLoggerHandle
TraceMessage
RegCreateKeyExW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW

winspool.drv

ClosePrinter
EnumPrintersW
AddPrinterW
GetPrinterW
SetPrinterW
OpenPrinterW

shell32

SHGetSpecialFolderLocation
SHGetMalloc
SHChangeNotify

Exports

Exports

FaxAbort
FaxAccessCheck
FaxClose
FaxCompleteJobParamsA
FaxCompleteJobParamsW
FaxConnectFaxServerA
FaxConnectFaxServerW
FaxEnableRoutingMethodA
FaxEnableRoutingMethodW
FaxEnumGlobalRoutingInfoA
FaxEnumGlobalRoutingInfoW
FaxEnumJobsA
FaxEnumJobsW
FaxEnumPortsA
FaxEnumPortsW
FaxEnumRoutingMethodsA
FaxEnumRoutingMethodsW
FaxFreeBuffer
FaxGetConfigurationA
FaxGetConfigurationW
FaxGetDeviceStatusA
FaxGetDeviceStatusW
FaxGetJobA
FaxGetJobW
FaxGetLoggingCategoriesA
FaxGetLoggingCategoriesW
FaxGetPageData
FaxGetPortA
FaxGetPortW
FaxGetRoutingInfoA
FaxGetRoutingInfoW
FaxInitializeEventQueue
FaxOpenPort
FaxPrintCoverPageA
FaxPrintCoverPageW
FaxRegisterRoutingExtensionW
FaxRegisterServiceProviderW
FaxSendDocumentA
FaxSendDocumentForBroadcastA
FaxSendDocumentForBroadcastW
FaxSendDocumentW
FaxSetConfigurationA
FaxSetConfigurationW
FaxSetGlobalRoutingInfoA
FaxSetGlobalRoutingInfoW
FaxSetJobA
FaxSetJobW
FaxSetLoggingCategoriesA
FaxSetLoggingCategoriesW
FaxSetPortA
FaxSetPortW
FaxSetRoutingInfoA
FaxSetRoutingInfoW
FaxStartPrintJobA
FaxStartPrintJobW
FaxUnregisterServiceProviderW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/WinMsoIrmProtector.dll
.dll regsvr32 windows:10 windows x64 arch:x64

5ca8c00138c16b571ec0d96535c6b914

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WinMsoIrmProtector.pdb

Imports

msvcrt

_callnewh
??0exception@@QEAA@AEBQEBD@Z
_errno
realloc
_XcptFilter
_lock
??0exception@@QEAA@AEBV0@@Z
_unlock
??1type_info@@UEAA@XZ
memmove
__dllonexit
_onexit
wcscat_s
memcpy
?terminate@@YAXXZ
_CxxThrowException
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
_initterm
_amsg_exit
wcscpy_s
memcpy_s
free
malloc
wcsncpy_s
__C_specific_handler
wcsncmp
_purecall
??_V@YAXPEAX@Z
__CxxFrameHandler3
??3@YAXPEAX@Z
memset

api-ms-win-core-string-l1-1-0

CompareStringW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-com-l1-1-0

CoCreateInstance
CoCreateGuid
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
LoadLibraryExW
LoadResource
GetProcAddress
SizeofResource
GetModuleHandleW
FindResourceExW
GetModuleFileNameW

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
RaiseException

api-ms-win-core-localization-l1-2-0

GetThreadLocale
SetThreadLocale

api-ms-win-core-synch-l1-1-0

LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection

api-ms-win-core-sysinfo-l1-1-0

GetSystemDirectoryW
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-debug-l1-1-0

OutputDebugStringA

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-com-l2-1-1

StgOpenStorage
StgIsStorageILockBytes
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/WinOpcIrmProtector.dll
.dll regsvr32 windows:10 windows x64 arch:x64

f44635c14c6f5e19b66e4d9cfc4086cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WinOpcIrmProtector.pdb

Imports

msvcrt

_callnewh
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
realloc
_initterm
_lock
_amsg_exit
_unlock
??0exception@@QEAA@AEBQEBD@Z
__dllonexit
_onexit
??0exception@@QEAA@AEBV0@@Z
wcscat_s
_XcptFilter
memmove
memcpy
??1exception@@UEAA@XZ
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
_errno
wcscpy_s
memcpy_s
free
malloc
wcsncpy_s
__C_specific_handler
wcsncmp
_purecall
??_V@YAXPEAX@Z
__CxxFrameHandler3
??3@YAXPEAX@Z
memset

api-ms-win-core-string-l1-1-0

CompareStringW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-com-l1-1-0

CoCreateInstance
CoCreateGuid
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
LoadLibraryExW
LoadResource
GetProcAddress
SizeofResource
GetModuleHandleW
FindResourceExW
GetModuleFileNameW

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
RaiseException

api-ms-win-core-localization-l1-2-0

GetThreadLocale
SetThreadLocale

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-debug-l1-1-0

OutputDebugStringA

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-com-l2-1-1

StgIsStorageILockBytes
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/WindowsInternal.Shell.CompUiActivation.dll
.dll windows:10 windows x64 arch:x64

8956979c4ae91af1addac7f1e86f5d95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WindowsInternal.Shell.CompUiActivation.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__callnewh
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o_free
_o_iswspace
_o_malloc
_o_terminate
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
memcpy

api-ms-win-crt-string-l1-1-0

memset

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

OpenSemaphoreW
WaitForSingleObjectEx
CreateSemaphoreExW
CreateMutexExW
ReleaseSemaphore
AcquireSRWLockExclusive
ReleaseMutex
ReleaseSRWLockExclusive
WaitForSingleObject

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
SetLastError
UnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InterlockedFlushSList
InitializeSListHead

msvcp_win

?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsCreateStringReference
WindowsDuplicateString
WindowsDeleteStringBuffer
WindowsDeleteString
WindowsPreallocateStringBuffer
WindowsGetStringRawBuffer
WindowsPromoteStringBuffer

oleaut32

SysStringLen
SysFreeString

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoIncrementMTAUsage
CoTaskMemAlloc
CoGetObjectContext

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo
RoTransformError
GetRestrictedErrorInfo

api-ms-win-core-winrt-error-l1-1-1

RoOriginateLanguageException

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-com-l1-1-1

RoGetAgileReference

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory

Sections

.text
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/WindowsIoTCsp.dll
.dll windows:10 windows x64 arch:x64

0ee969ca372a37aeaa20672d047d3549

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WindowsIoTCSP.pdb

Imports

msvcp110_win

?_Xbad_alloc@std@@YAXXZ

msvcrt

memcpy_s
_wcsicmp
toupper
__C_specific_handler
memmove
free
_amsg_exit
_XcptFilter
_callnewh
malloc
??3@YAXPEAX@Z
__CxxFrameHandler3
_initterm

api-ms-win-core-com-l1-1-0

CoTaskMemFree
CoTaskMemAlloc

oleaut32

VariantInit
SysAllocString

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemInfo
GetTickCount

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegSetValueExW
RegGetValueW
RegCreateKeyExW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA

api-ms-win-eventing-provider-l1-1-0

EventProviderEnabled
EventRegister
EventWriteTransfer
EventSetInformation
EventUnregister

api-ms-win-core-heap-l2-1-0

LocalAlloc

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
ReleaseSRWLockExclusive

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/WindowsManagementServiceWinRt.ProxyStub.dll
.dll windows:10 windows x64 arch:x64

a8ac205b0ceca6373eb1eefdb5bd93ef

Code Sign

33:00:00:03:8d:b0:bf:e1:b0:ca:33:b3:d4:00:00:00:00:03:8d
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

05/05/2022, 19:23

Not After

04/05/2023, 19:23

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:7c:0e:d4:ab:3f:d8:21:d5:ae:f8:b3:8b:df:9b:6f:bd:2a:e2:83:58:e0:f8:84:64:32:55:b7:ab:40:c2:0d
Signer

Actual PE Digest

0e:7c:0e:d4:ab:3f:d8:21:d5:ae:f8:b3:8b:df:9b:6f:bd:2a:e2:83:58:e0:f8:84:64:32:55:b7:ab:40:c2:0d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WindowsManagementServiceWinRt.ProxyStub.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__cexit
_o__configure_narrow_argv
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__seh_filter_dll
memcmp
_o___std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-string-l1-1-0

memset

rpcrt4

NdrStubCall3
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Connect
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
NdrStubForwardingFunction
CStdStubBuffer_Invoke
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrCStdStubBuffer2_Release
CStdStubBuffer_IsIIDSupported
IUnknown_QueryInterface_Proxy

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentProcess
TerminateProcess
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-winrt-string-l1-1-0

HSTRING_UserMarshal
HSTRING_UserSize64
HSTRING_UserFree
HSTRING_UserFree64
HSTRING_UserSize
HSTRING_UserUnmarshal
HSTRING_UserUnmarshal64
HSTRING_UserMarshal64

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient10
ObjectStublessClient9
ObjectStublessClient8
ObjectStublessClient6
NdrProxyForwardingFunction5
NdrProxyForwardingFunction4
CStdStubBuffer2_QueryInterface
ObjectStublessClient7
CStdStubBuffer2_Disconnect
ObjectStublessClient3
CStdStubBuffer2_CountRefs
ObjectStublessClient11
NdrProxyForwardingFunction3
CStdStubBuffer2_Connect

Exports

Exports

DllCanUnloadNow
DllGetClassObject
GetProxyDllInfo

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/WindowsSecurityIcon.png
.png
[GitHub] Installer/x64/WindowsUpdateElevatedInstaller.exe
.exe windows:10 windows x64 arch:x64

464bece13e769d1ab0e5d1a6d49aad1c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

WindowsUpdateElevatedInstaller.pdb

Imports

kernel32

GetModuleFileNameA
CreateSemaphoreExW
HeapFree
SetLastError
ReleaseSemaphore
GetModuleHandleExW
WaitForSingleObject
GetCurrentThreadId
ReleaseMutex
FormatMessageW
GetLastError
OutputDebugStringW
WaitForSingleObjectEx
OpenSemaphoreW
CloseHandle
HeapAlloc
GetProcAddress
CreateMutexExW
GetCurrentProcessId
GetProcessHeap
GetModuleHandleW
DebugBreak
IsDebuggerPresent

api-ms-win-crt-runtime-l1-1-0

_initterm
_c_exit
_register_thread_local_exe_atexit_callback
_initterm_e

api-ms-win-crt-private-l1-1-0

_o___stdio_common_vsnprintf_s
_o___stdio_common_vswprintf
_o__callnewh
_o__cexit
_o__configthreadlocale
_o__configure_wide_argv
_o__crt_atexit
_o__errno
_o__exit
_o__get_initial_wide_environment
_o__initialize_onexit_table
_o__initialize_wide_environment
_o__invalid_parameter_noinfo
_o__register_onexit_function
_o__seh_filter_exe
_o__set_app_type
_o__set_fmode
_o__set_new_mode
_o___std_exception_destroy
_o__wcsicmp
_o_exit
_o_free
_o_malloc
_o_terminate
__C_specific_handler
_o___std_exception_copy
_o___p__commode
_o___p___wargv
_o___p___argc
__CxxFrameHandler4
_CxxThrowException
memcpy

api-ms-win-crt-string-l1-1-0

memset

api-ms-win-core-com-l1-1-0

CoInitializeEx
CoSetProxyBlanket
CoCreateInstance
CoUninitialize

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-registry-l1-1-0

RegGetValueW

msvcp_win

?_Xlength_error@std@@YAXPEBD@Z

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/blbres.dll
.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/bootux.dll
.dll windows:10 windows x64 arch:x64

3743d57b7a85109e8946ad01b46bbecc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

bootux.pdb

Imports

msvcrt

_lock
_initterm
malloc
sqrt
__C_specific_handler
__CxxFrameHandler3
_XcptFilter
free
memset
iscntrl
wcschr
_wtoi
_callnewh
_onexit
memcpy_s
__dllonexit
_amsg_exit
_unlock
memmove
floorf
ceil
_purecall
_vsnwprintf
wcscmp

api-ms-win-shcore-scaling-l1-1-0

GetScaleFactorForDevice

api-ms-win-shcore-thread-l1-1-0

SHCreateThread
SHGetThreadRef

api-ms-win-shcore-comhelpers-l1-1-0

IUnknown_Set

api-ms-win-shcore-stream-l1-1-0

SHCreateStreamOnFileEx

shcore

ord228

shell32

SHFileOperationW
ord47
SHGetFolderPathW

shlwapi

StrCmpW
PathFileExistsW
StrToIntExW
PathFindFileNameW
StrRStrIW
PathGetDriveNumberW
StrCmpIW
ord460
StrChrW
PathFindExtensionW
PathAppendW
PathRemoveFileSpecW

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameA
GetProcAddress
LoadLibraryExW
GetModuleFileNameW
LockResource
FindResourceExW
LoadResource
FreeLibrary
LoadStringW
DisableThreadLibraryCalls

api-ms-win-core-synch-l1-1-0

CreateMutexExW
WaitForSingleObject
ReleaseMutex
OpenSemaphoreW
ReleaseSemaphore
CreateEventExW
CreateSemaphoreExW
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
ReleaseSRWLockShared
WaitForMultipleObjectsEx
CreateEventW
SetEvent
ResetEvent
WaitForSingleObjectEx

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

TlsSetValue
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess
TlsFree
TlsAlloc
TlsGetValue

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventWriteTransfer

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceEnableLevel
TraceMessage
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableFlags

api-ms-win-core-file-l1-1-0

GetDriveTypeW
GetLogicalDriveStringsW
CreateFileW
CreateDirectoryW
GetFileAttributesExW
WriteFile
DeleteFileW

api-ms-win-core-path-l1-1-0

PathCchCombine
PathCchAppend

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetWindowsDirectoryW

api-ms-win-core-string-l1-1-0

CompareStringOrdinal
CompareStringEx

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-security-base-l1-1-0

GetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorGroup

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCloseKey

api-ms-win-eventing-controller-l1-1-0

StopTraceW
StartTraceW
EnableTraceEx2

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-atoms-l1-1-0

GetAtomNameW

api-ms-win-core-sidebyside-l1-1-0

DeactivateActCtx
CreateActCtxW
ActivateActCtx
ReleaseActCtx

api-ms-win-core-threadpool-legacy-l1-1-0

QueueUserWorkItem

uiautomationcore

UiaRaiseAutomationEvent

gdi32

CreateFontIndirectW
DeleteObject
CreateCompatibleDC
SelectObject
GetDeviceCaps
CreateDIBSection
GetStockObject
StretchDIBits
GetObjectW
DeleteDC

ntdll

WinSqmSetDWORD

ole32

CoInitialize

user32

UpdateWindow
InvalidateRect
FillRect
GetClientRect
SystemParametersInfoW
TranslateMessage
RegisterWindowMessageW
FindWindowW
GetMonitorInfoW
RemovePropW
MonitorFromPoint
DispatchMessageW
GetSystemMetrics
GetMessageW
DrawTextW
SetForegroundWindow
PostQuitMessage
SetPropW
ShowWindow
GetCursorPos
ReleaseDC
MapWindowPoints
GetDC
SetCursor
LoadCursorW
MsgWaitForMultipleObjectsEx
PeekMessageW
GetAncestor
PostMessageW
IsWindow

uxtheme

GetCurrentThemeName

dui70

?ActivateTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@K@Z
?EventFromEventId@Schema@DirectUI@@SA?AW4Event@12@H@Z
?WantEvent@EventManager@DirectUI@@SA_NW4Event@Schema@2@@Z
?FWantAnyEvent@EventManager@DirectUI@@SA_NPEAVElement@2@@Z
?SetX@Element@DirectUI@@QEAAJH@Z
?GetExtent@Element@DirectUI@@QEAAPEBUtagSIZE@@PEAPEAVValue@2@@Z
?SetMargin@Element@DirectUI@@QEAAJHHHH@Z
?GetMargin@Element@DirectUI@@QEAAPEBUtagRECT@@PEAPEAVValue@2@@Z
?_Fill@Element@DirectUI@@IEAAXPEAUHDC__@@KHHHH_N@Z
?SetXMLFromResourceWithTheme@DUIXmlParser@DirectUI@@QEAAJIPEAUHINSTANCE__@@00@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QEAAJPEBGPEAUHINSTANCE__@@1@Z
?SetRootWindowForTheming@DUIXmlParser@DirectUI@@QEAAXPEAUHWND__@@@Z
?GetSheet@DUIXmlParser@DirectUI@@QEAAJPEBGPEAPEAVValue@2@@Z
DuiCreateObject
?AdviseEventRemoved@ElementProvider@DirectUI@@UEAAJHPEAUtagSAFEARRAY@@@Z
?AdviseEventAdded@ElementProvider@DirectUI@@UEAAJHPEAUtagSAFEARRAY@@@Z
?get_FragmentRoot@ElementProvider@DirectUI@@UEAAJPEAPEAUIRawElementProviderFragmentRoot@@@Z
?SetFocus@ElementProvider@DirectUI@@UEAAJXZ
?GetEmbeddedFragmentRoots@ElementProvider@DirectUI@@UEAAJPEAPEAUtagSAFEARRAY@@@Z
?get_BoundingRectangle@ElementProvider@DirectUI@@UEAAJPEAUUiaRect@@@Z
?GetRuntimeId@ElementProvider@DirectUI@@UEAAJPEAPEAUtagSAFEARRAY@@@Z
?Navigate@ElementProvider@DirectUI@@UEAAJW4NavigateDirection@@PEAPEAUIRawElementProviderFragment@@@Z
?ShowContextMenu@ElementProvider@DirectUI@@UEAAJXZ
?get_HostRawElementProvider@ElementProvider@DirectUI@@UEAAJPEAPEAUIRawElementProviderSimple@@@Z
?GetPropertyValue@ElementProvider@DirectUI@@UEAAJHPEAUtagVARIANT@@@Z
?get_ProviderOptions@ElementProvider@DirectUI@@UEAAJPEAW4ProviderOptions@@@Z
?AddRef@ElementProvider@DirectUI@@UEAAKXZ
?QueryInterface@ElementProvider@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?TossElement@ElementProvider@DirectUI@@UEAAXXZ
?GetElement@ElementProvider@DirectUI@@UEAAPEDVElement@2@XZ
??0ElementProvider@DirectUI@@QEAA@XZ
?CreatePatternProvider@Schema@DirectUI@@SAJW4Pattern@12@PEAVElementProvider@2@PEAPEAUIUnknown@@@Z
?IsPatternSupported@ElementProxy@DirectUI@@IEAAJW4Pattern@Schema@2@PEA_N@Z
?Init@ElementProxy@DirectUI@@MEAAXPEAVElement@2@@Z
?DoMethod@ElementProxy@DirectUI@@UEAAJHPEAD@Z
?GetProperty@ElementProxy@DirectUI@@IEAAJPEAUtagVARIANT@@H@Z
??1ElementProvider@DirectUI@@UEAA@XZ
?Release@ElementProvider@DirectUI@@UEAAKXZ
?Init@ElementProvider@DirectUI@@MEAAJPEAVElement@2@PEAVInvokeHelper@2@@Z
??1AutoLock@DirectUI@@QEAA@XZ
??0AutoLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
?DoInvoke@ElementProvider@DirectUI@@IEAAJHZZ
?PatternFromPatternId@Schema@DirectUI@@SA?AW4Pattern@12@H@Z
?GetForegroundColorRef@RichText@DirectUI@@UEAAJPEAK@Z
?GetClassInfoW@RichText@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?OnHosted@RichText@DirectUI@@UEAAXPEAVElement@2@@Z
?Paint@RichText@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnEvent@RichText@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnPropertyChanged@RichText@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
??1RichText@DirectUI@@UEAA@XZ
??0RichText@DirectUI@@QEAA@XZ
?Initialize@RichText@DirectUI@@QEAAJPEAVElement@2@PEAK@Z
?SetDWriteFontCollection@RichText@DirectUI@@QEAAXPEAUIDWriteFontCollection@@@Z
?SetBackgroundColor@Element@DirectUI@@QEAAJK@Z
?SetLineSpacing@RichText@DirectUI@@QEAAJH@Z
?SetConstrainLayout@RichText@DirectUI@@QEAAJH@Z
?SetBaseline@RichText@DirectUI@@QEAAJH@Z
?GetContentAlign@Element@DirectUI@@QEAAHXZ
?SetContentAlign@Element@DirectUI@@QEAAJH@Z
?SetOverhang@Element@DirectUI@@QEAAJ_N@Z
?GetRawValue@Element@DirectUI@@QEAAPEAVValue@2@PEBUPropertyInfo@2@HPEAUUpdateCache@2@@Z
?GetElementScaledInt@Value@DirectUI@@QEAAHPEAVElement@2@@Z
?LineSpacingProp@RichText@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetContentSize@RichText@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?CreateGraphic@Value@DirectUI@@SAPEAV12@PEBGGGPEAUHINSTANCE__@@_N2@Z
?HeightProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetUnset@Value@DirectUI@@SAPEAV12@XZ
?WidthProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetWidth@Element@DirectUI@@QEAAHXZ
?DestroyAll@Element@DirectUI@@QEAAJ_N@Z
??1AccessibleButton@DirectUI@@UEAA@XZ
?OnReceivedDialogFocus@Button@DirectUI@@UEAA_NPEAUIDialogElement@2@@Z
?OnLostDialogFocus@Button@DirectUI@@UEAA_NPEAUIDialogElement@2@@Z
?DefaultAction@Button@DirectUI@@UEAAJXZ
?OnPropertyChanged@AccessibleButton@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
??0AccessibleButton@DirectUI@@QEAA@XZ
?GetClassInfoPtr@AccessibleButton@DirectUI@@SAPEAUIClassInfo@2@XZ
?Initialize@AccessibleButton@DirectUI@@QEAAJPEAVElement@2@PEAK@Z
?Register@AccessibleButton@DirectUI@@SAJXZ
?Create@BorderLayout@DirectUI@@SAJPEAPEAVLayout@2@@Z
?Create@ModernProgressRing@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?IDProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?CreateAtom@Value@DirectUI@@SAPEAV12@G@Z
?Create@FlowLayout@DirectUI@@SAJ_NIIIPEAPEAVLayout@2@@Z
?ClassProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetTreatRightMouseButtonAsLeft@TouchButton@DirectUI@@QEAAJ_N@Z
?SetHandleEnter@TouchButton@DirectUI@@QEAAJ_N@Z
?Create@TouchButton@DirectUI@@SAJIPEAVElement@2@PEAKPEAPEAV32@@Z
?GetHeight@Element@DirectUI@@QEAAHXZ
?PressedProp@TouchButton@DirectUI@@SAPEBUPropertyInfo@2@XZ
?Click@TouchButton@DirectUI@@SA?AVUID@@XZ
?Context@Button@DirectUI@@SA?AVUID@@XZ
?GetBoolFalse@Value@DirectUI@@SAPEAV12@XZ
GetScaleFactor
?GetBorderThickness@Element@DirectUI@@QEAAPEBUtagRECT@@PEAPEAVValue@2@@Z
?OnInput@Button@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?GetPressed@Button@DirectUI@@QEAA_NXZ
?GetCaptured@Button@DirectUI@@QEAA_NXZ
?SetCaptured@Button@DirectUI@@QEAAJ_N@Z
?CreateBool@Value@DirectUI@@SAPEAV12@_N@Z
?PressedProp@Button@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetPressed@Button@DirectUI@@QEAAJ_N@Z
?GetClassInfoPtr@ModernProgressRing@DirectUI@@SAPEAUIClassInfo@2@XZ
?Create@ElementProvider@DirectUI@@SAJPEAVElement@2@PEAVInvokeHelper@2@PEAPEAV12@@Z
?Create@HWNDElementProvider@DirectUI@@SAJPEAVHWNDElement@2@PEAVInvokeHelper@2@PEAPEAV12@@Z
?Find@ElementProviderManager@DirectUI@@SAPEAVElementProvider@2@PEAVElement@2@@Z
?GetInvokeHelper@InvokeManager@DirectUI@@SAJPEAPEAVInvokeHelper@2@@Z
?SetY@Element@DirectUI@@QEAAJH@Z
?Create@VerticalFlowLayout@DirectUI@@SAJ_NIIIPEAPEAVLayout@2@@Z
?LayoutPosProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetAccRole@Element@DirectUI@@QEAAJH@Z
?GetAccName@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?SetPasswordCharacter@TouchEditBase@DirectUI@@QEAAJH@Z
?SetMaxLength@TouchEditBase@DirectUI@@QEAAJH@Z
?Create@TouchEdit2@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?SetLayout@Element@DirectUI@@QEAAJPEAVLayout@2@@Z
?Create@FillLayout@DirectUI@@SAJPEAPEAVLayout@2@@Z
?SetInputScope@TouchEdit2@DirectUI@@QEAAJW4__MIDL___MIDL_itf_inputscope_0000_0000_0001@@@Z
?Enter@TouchEditBase@DirectUI@@SA?AVUID@@XZ
?Paste@TouchEditBase@DirectUI@@SA?AVUID@@XZ
?SetCaretPosition@TouchEdit2@DirectUI@@QEAAJJ@Z
?GetSelection@TouchEdit2@DirectUI@@QEAAJPEAJ0@Z
?GetEncodedContentString@Element@DirectUI@@QEAAJPEAG_K@Z
?KeyWithinProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?GetIntZero@Value@DirectUI@@SAPEAV12@XZ
?CreateInt@Value@DirectUI@@SAPEAV12@HW4DynamicScaleValue@@@Z
?SetAccDesc@Element@DirectUI@@QEAAJPEBG@Z
?SetAccName@Element@DirectUI@@QEAAJPEBG@Z
UnicodeToMultiByte
?Register@Element@DirectUI@@SAJXZ
?CreateInstance@CSafeElementProxy@@SAJPEAVElement@DirectUI@@PEAPEAV1@@Z
?GetFactory@RichText@DirectUI@@QEAAPEAUIDWriteFactory@@XZ
?Create@RichText@DirectUI@@SAJPEAVElement@2@PEAKPEAPEAV32@@Z
?GetContentString@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?Add@Element@DirectUI@@QEAAJPEAV12@@Z
?RemoveAll@Element@DirectUI@@QEAAJXZ
?SetEnabled@Element@DirectUI@@QEAAJ_N@Z
?IsRoot@Element@DirectUI@@QEAAHXZ
?SetActive@Element@DirectUI@@QEAAJH@Z
?ContentProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetContentString@Element@DirectUI@@QEAAJPEBG@Z
?SetID@Element@DirectUI@@QEAAJPEBG@Z
?BackgroundProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?SetBackgroundStdColor@Element@DirectUI@@QEAAJH@Z
?Click@Button@DirectUI@@SA?AVUID@@XZ
?GetClass@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?GetClassInfoPtr@Element@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetClassInfoW@Element@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?Detach@CSafeElementProxy@@QEAAXXZ
?GetRoot@Element@DirectUI@@QEAAPEAV12@XZ
?GetClassInfoPtr@HWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetChildren@Element@DirectUI@@QEAAPEAV?$DynamicArray@PEAVElement@DirectUI@@$0A@@2@PEAPEAVValue@2@@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?FireEvent@Element@DirectUI@@QEAAXPEAUEvent@2@_N1@Z
??0CritSecLock@DirectUI@@QEAA@PEAU_RTL_CRITICAL_SECTION@@@Z
??1CritSecLock@DirectUI@@QEAA@XZ
?QueryInterface@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?UpdateTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?ActivateTooltip@Element@DirectUI@@MEAAXPEAV12@K@Z
?RemoveTooltip@Element@DirectUI@@MEAAXPEAV12@@Z
?GetClassInfoPtr@TouchHWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?CreateString@Value@DirectUI@@SAPEAV12@PEBGPEAUHINSTANCE__@@@Z
?GetStringNull@Value@DirectUI@@SAPEAV12@XZ
??0ClassInfoBase@DirectUI@@QEAA@XZ
??1ClassInfoBase@DirectUI@@UEAA@XZ
?Initialize@ClassInfoBase@DirectUI@@QEAAJPEAUHINSTANCE__@@PEBG_NPEBQEBUPropertyInfo@2@I@Z
?Register@ClassInfoBase@DirectUI@@QEAAJXZ
?ClassExist@ClassInfoBase@DirectUI@@SA_NPEAPEAUIClassInfo@2@PEBQEBUPropertyInfo@2@IPEAU32@PEAUHINSTANCE__@@PEBG_N@Z
?AddRef@ClassInfoBase@DirectUI@@UEAAXXZ
?Release@ClassInfoBase@DirectUI@@UEAAHXZ
?EnumPropertyInfo@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?GetByClassIndex@ClassInfoBase@DirectUI@@UEAAPEBUPropertyInfo@2@I@Z
?GetPICount@ClassInfoBase@DirectUI@@UEBAIXZ
?GetGlobalIndex@ClassInfoBase@DirectUI@@UEBAIXZ
?GetName@ClassInfoBase@DirectUI@@UEBAPEBGXZ
?IsValidProperty@ClassInfoBase@DirectUI@@UEBA_NPEBUPropertyInfo@2@@Z
?IsSubclassOf@ClassInfoBase@DirectUI@@UEBA_NPEAUIClassInfo@2@@Z
?GetModule@ClassInfoBase@DirectUI@@UEBAPEAUHINSTANCE__@@XZ
?IsGlobal@ClassInfoBase@DirectUI@@UEBA_NXZ
?AddChild@ClassInfoBase@DirectUI@@UEAAXXZ
?RemoveChild@ClassInfoBase@DirectUI@@UEAAXXZ
?GetChildren@ClassInfoBase@DirectUI@@UEBAHXZ
?AssertPIZeroRef@ClassInfoBase@DirectUI@@UEBAXXZ
??0Element@DirectUI@@QEAA@XZ
??1Element@DirectUI@@UEAA@XZ
?Initialize@Element@DirectUI@@QEAAJIPEAV12@PEAK@Z
?GetValue@Element@DirectUI@@QEAAPEAVValue@2@P6APEBUPropertyInfo@2@XZHPEAUUpdateCache@2@@Z
?SetValue@Element@DirectUI@@QEAAJP6APEBUPropertyInfo@2@XZHPEAVValue@2@@Z
?OnGroupChanged@Element@DirectUI@@UEAAXH_N@Z
?OnInput@Element@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?OnKeyFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnDestroy@Element@DirectUI@@UEAAXXZ
?BroadcastEvent@Element@DirectUI@@QEAAXPEAUEvent@2@@Z
?OnEvent@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?AddListener@Element@DirectUI@@QEAAJPEAUIElementListener@2@@Z
?RemoveListener@Element@DirectUI@@QEAAXPEAUIElementListener@2@@Z
?MessageCallback@Element@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?_PostEvent@Element@DirectUI@@AEAAXPEAUEvent@2@H@Z
?GetFactoryLock@Element@DirectUI@@SAPEAU_RTL_CRITICAL_SECTION@@XZ
?GetAccessibleImpl@Element@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?SyncDestroyWindow@NativeHWNDHost@DirectUI@@QEAAXXZ
UnInitThread
UnInitProcessPriv
?Destroy@NativeHWNDHost@DirectUI@@QEAAXXZ
??0NativeHWNDHost@DirectUI@@QEAA@XZ
?Initialize@NativeHWNDHost@DirectUI@@QEAAJPEBG0PEAUHWND__@@PEAUHICON__@@HHHHHHPEAUHINSTANCE__@@I@Z
??1NativeHWNDHost@DirectUI@@UEAA@XZ
?GetAccessibleImpl@HWNDElement@DirectUI@@UEAAJPEAPEAUIAccessible@@@Z
?GetWindowClassNameAndStyle@HWNDElement@DirectUI@@UEAAXPEAPEBGPEAI@Z
?CreateStyleParser@HWNDElement@DirectUI@@UEAAJPEAPEAVDUIXmlParser@2@@Z
?OnCompositionChanged@HWNDElement@DirectUI@@UEAAXXZ
?OnWmSettingChanged@HWNDElement@DirectUI@@UEAAX_K_J@Z
?OnWmThemeChanged@HWNDElement@DirectUI@@UEAAX_K_J@Z
?OnGetDlgCode@HWNDElement@DirectUI@@UEAAXPEAUtagMSG@@PEA_J@Z
?OnNoChildWithShortcutFound@HWNDElement@DirectUI@@UEAAXPEAUKeyboardEvent@2@@Z
?OnImmersiveColorSchemeChanged@HWNDElement@DirectUI@@UEAAXXZ
?OnThemeChanged@HWNDElement@DirectUI@@UEAAXPEAUThemeChangedEvent@2@@Z
?OnGroupChanged@HWNDElement@DirectUI@@UEAAXH_N@Z
?Host@NativeHWNDHost@DirectUI@@QEAAXPEAVElement@2@@Z
?GetClassInfoPtr@TouchButton@DirectUI@@SAPEAUIClassInfo@2@XZ
StrToID
?GetUiaFocusDelegate@Element@DirectUI@@UEAAPEAV12@XZ
?HandleUiaEventListener@Element@DirectUI@@UEAAXPEAUEvent@2@@Z
?HandleUiaPropertyChangingListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@@Z
?HandleUiaPropertyListener@Element@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?HandleUiaDestroyListener@Element@DirectUI@@UEAAXXZ
?GetElementProviderImpl@Element@DirectUI@@UEAAJPEAVInvokeHelper@2@PEAPEAVElementProvider@2@@Z
?GetUIAElementProvider@Element@DirectUI@@UEAAJAEBU_GUID@@PEAPEAX@Z
?DefaultAction@Element@DirectUI@@UEAAJXZ
?OnUnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?OnHosted@Element@DirectUI@@MEAAXPEAV12@@Z
?_SelfLayoutUpdateDesiredSize@Element@DirectUI@@MEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?_SelfLayoutDoLayout@Element@DirectUI@@MEAAXHH@Z
?GetImmersiveFocusRectOffsets@Element@DirectUI@@UEAAXPEAUtagRECT@@@Z
?RemoveBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?AddBehavior@Element@DirectUI@@UEAAJPEAUIDuiBehavior@@@Z
?SetKeyFocus@Element@DirectUI@@UEAAXXZ
?EnsureVisible@Element@DirectUI@@UEAA_NHHHH@Z
?GetAdjacent@Element@DirectUI@@UEAAPEAV12@PEAV12@HPEBUNavReference@2@K@Z
?FindDescendent@Element@DirectUI@@QEAAPEAV12@G@Z
?Remove@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?Insert@Element@DirectUI@@UEAAJPEAPEAV12@II@Z
?Add@Element@DirectUI@@UEAAJPEAPEAV12@I@Z
?GetContentSize@Element@DirectUI@@UEAA?AUtagSIZE@@HHPEAVSurface@2@@Z
?Paint@Element@DirectUI@@UEAAXPEAUHDC__@@PEBUtagRECT@@1PEAU4@2@Z
?OnMouseFocusMoved@Element@DirectUI@@UEAAXPEAV12@0@Z
?OnPropertyChanged@Element@DirectUI@@UEAAXPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEAUPropertyInfo@2@HPEAVValue@2@1@Z
?OnPropertyChanging@Element@DirectUI@@UEAA_NPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?GetContentStringAsDisplayed@Element@DirectUI@@UEAAPEBGPEAPEAVValue@2@@Z
?EndDefer@Element@DirectUI@@QEAAXK@Z
?StartDefer@Element@DirectUI@@QEAAXPEAK@Z
?Destroy@Element@DirectUI@@QEAAJ_N@Z
?Create@Element@DirectUI@@SAJIPEAV12@PEAKPEAPEAV12@@Z
?CreateElement@DUIXmlParser@DirectUI@@QEAAJPEBGPEAVElement@2@1PEAKPEAPEAV32@@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QEAAJIPEAUHINSTANCE__@@0@Z
?Destroy@DUIXmlParser@DirectUI@@QEAAXXZ
?Create@DUIXmlParser@DirectUI@@SAJPEAPEAV12@P6APEAVValue@2@PEBGPEAX@Z2P6AX11H2@Z2@Z
?_OnUIStateChanged@TouchHWNDElement@DirectUI@@MEAAXGG@Z
??1TouchHWNDElement@DirectUI@@UEAA@XZ
??0TouchHWNDElement@DirectUI@@QEAA@XZ
?DismissIHMAsync@TouchHWNDElement@DirectUI@@QEAAJXZ
?OnDestroy@TouchHWNDElement@DirectUI@@UEAAXXZ
?IsMSAAEnabled@TouchHWNDElement@DirectUI@@UEAA_NXZ
?WndProc@TouchHWNDElement@DirectUI@@UEAA_JPEAUHWND__@@I_K_J@Z
?OnPropertyChanged@TouchHWNDElement@DirectUI@@UEAAXPEBUPropertyInfo@2@HPEAVValue@2@1@Z
?OnKeyFocusMoved@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@0@Z
?OnEvent@TouchHWNDElement@DirectUI@@UEAAXPEAUEvent@2@@Z
?OnInput@TouchHWNDElement@DirectUI@@UEAAXPEAUInputEvent@2@@Z
?MessageCallback@TouchHWNDElement@DirectUI@@UEAAIPEAUtagGMSG@@@Z
?Initialize@TouchHWNDElement@DirectUI@@QEAAJPEAUHWND__@@_NIPEAVElement@2@PEAK@Z
?SetFlags@TouchHWNDElement@DirectUI@@QEAAJW4TouchHWNDElementFlags@2@0@Z
?GetClassInfoW@TouchHWNDElement@DirectUI@@UEAAPEAUIClassInfo@2@XZ
?RemoveTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@@Z
?CreateHostWindow@NativeHWNDHost@DirectUI@@UEAAPEAUHWND__@@KPEBG0KHHHHPEAU3@PEAUHMENU__@@PEAUHINSTANCE__@@PEAX@Z
?UpdateTooltip@TouchHWNDElement@DirectUI@@UEAAXPEAVElement@2@@Z
?GetHWND@HWNDElement@DirectUI@@UEAAPEAUHWND__@@XZ
?CanSetFocus@HWNDElement@DirectUI@@UEAA_NXZ
?SetFont@Element@DirectUI@@QEAAJPEBG@Z
?SetAccessible@Element@DirectUI@@QEAAJ_N@Z
?SetLayoutPos@Element@DirectUI@@QEAAJH@Z
?SetHeight@Element@DirectUI@@QEAAJH@Z
?SetVisible@Element@DirectUI@@QEAAJ_N@Z
?GetKeyFocused@Element@DirectUI@@UEAA_NXZ
?GetFontQuality@Element@DirectUI@@QEAAHXZ
?GetFontWeight@Element@DirectUI@@QEAAHXZ
?GetFontSize@Element@DirectUI@@QEAAHXZ
?GetFontFace@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?IsContentProtected@Element@DirectUI@@UEAA_NXZ
?IsRTLReading@Element@DirectUI@@UEAA_NXZ
?Release@Value@DirectUI@@QEAAXXZ
InitProcessPriv
InitThread

duser

DeleteHandle
MapGadgetPoints
CreateAction
GetGadgetRect
InvalidateGadget
DUserSendEvent
InitGadgets
DUserPostEvent
DrawGadgetTree

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/opengl32.dll
.dll windows:6 windows x64 arch:x64

953a1d49fc9a274cd623a8ac0359ac89

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Garrus\Desktop\mesa-20.1.8\build\windows-x86_64\gallium\targets\libgl-gdi\opengl32.pdb

Imports

shell32

SHGetKnownFolderPath
SHFileOperationW

advapi32

RegGetValueW
RegOpenKeyExA
RegCloseKey
CryptAcquireContextW
CryptReleaseContext
CryptGenRandom

ole32

CoTaskMemFree

gdi32

SetPixelFormat
StretchDIBits
DescribePixelFormat
GetPixelFormat
GetGlyphOutlineA

user32

GetDC
ReleaseDC
GetWindowRect
CallNextHookEx
ClientToScreen
WindowFromDC
GetClientRect
SetWindowsHookExA
UnhookWindowsHookEx
AdjustWindowRectEx
LoadCursorA
DestroyWindow
EnumDisplaySettingsA
LoadIconA
CreateWindowExA
DefWindowProcA
RegisterClassA

kernel32

RtlUnwind
GetNumaHighestNodeNumber
GetConsoleMode
RtlCaptureStackBackTrace
WaitForMultipleObjectsEx
UnregisterWaitEx
QueryDepthSList
InterlockedPopEntrySList
SetProcessAffinityMask
GetVersionExW
GetModuleHandleA
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TlsSetValue
Thread32Next
Thread32First
GetCurrentThreadId
CreateToolhelp32Snapshot
TlsAlloc
CloseHandle
GetCurrentProcessId
TlsGetValue
TlsFree
SetLastError
OutputDebugStringA
SwitchToThread
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
GetExitCodeThread
GetCurrentProcess
GetSystemInfo
GetSystemTimeAsFileTime
GetProcessTimes
VirtualFree
VirtualAlloc
SetErrorMode
GlobalMemoryStatusEx
GetConsoleWindow
IsDebuggerPresent
Sleep
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
WriteConsoleW
RaiseException
TryEnterCriticalSection
GetEnvironmentVariableW
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
GetDiskFreeSpaceExA
GetDriveTypeW
GetFileAttributesW
GetFileInformationByHandle
GetFinalPathNameByHandleW
GetVolumePathNameW
SetFileAttributesW
SetFileInformationByHandle
SetFileTime
DuplicateHandle
GetLastError
GetSystemTime
VirtualQuery
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameW
MoveFileExW
CreateHardLinkW
SystemTimeToFileTime
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
GetProcAddress
LoadLibraryW
K32EnumProcessModulesEx
FlushInstructionCache
VirtualProtect
GetStdHandle
GetCommandLineW
FindFirstFileW
GetLongPathNameW
GetNativeSystemInfo
GetModuleHandleW
DeleteTimerQueueTimer
SetConsoleMode
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
RtlCaptureContext
ExpandEnvironmentStringsW
SetUnhandledExceptionFilter
GetCurrentThread
SetConsoleCtrlHandler
SearchPathW
TerminateProcess
GetExitCodeProcess
CreateProcessW
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
LocalFree
FormatMessageA
ChangeTimerQueueTimer
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
InitializeSListHead
GetStartupInfoW
FormatMessageW
RtlPcToFileHeader
EncodePointer
DecodePointer
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwindEx
LoadLibraryExW
ExitProcess
GetModuleHandleExW
CreateThread
ExitThread
ResumeThread
FreeLibraryAndExitThread
SetStdHandle
SetFilePointerEx
SetEndOfFile
HeapValidate
HeapWalk
WriteFile
GetConsoleCP
ReadFile
ReadConsoleW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
HeapQueryInformation
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetFileSizeEx
GetProcessHeap
GetTimeZoneInformation
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
OutputDebugStringW
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
GetProcessAffinityMask

Exports

Exports

DrvCopyContext
DrvCreateContext
DrvCreateLayerContext
DrvDeleteContext
DrvDescribeLayerPlane
DrvDescribePixelFormat
DrvGetLayerPaletteEntries
DrvGetProcAddress
DrvPresentBuffers
DrvRealizeLayerPalette
DrvReleaseContext
DrvSetCallbackProcs
DrvSetContext
DrvSetLayerPaletteEntries
DrvSetPixelFormat
DrvShareLists
DrvSwapBuffers
DrvSwapLayerBuffers
DrvValidateVersion
glAccum
glActiveShaderProgram
glActiveTexture
glActiveTextureARB
glAlphaFunc
glAlphaFuncx
glAreTexturesResident
glAreTexturesResidentEXT
glArrayElement
glArrayElementEXT
glAttachObjectARB
glAttachShader
glBegin
glBeginConditionalRender
glBeginConditionalRenderNV
glBeginQuery
glBeginQueryARB
glBeginQueryIndexed
glBeginTransformFeedback
glBindAttribLocation
glBindAttribLocationARB
glBindBuffer
glBindBufferARB
glBindBufferBase
glBindBufferRange
glBindBuffersBase
glBindBuffersRange
glBindFragDataLocation
glBindFragDataLocationEXT
glBindFragDataLocationIndexed
glBindFramebuffer
glBindFramebufferEXT
glBindImageTexture
glBindImageTextures
glBindProgramARB
glBindProgramPipeline
glBindRenderbuffer
glBindRenderbufferEXT
glBindSampler
glBindSamplers
glBindTexture
glBindTextureEXT
glBindTextures
glBindTransformFeedback
glBindVertexArray
glBindVertexBuffer
glBindVertexBuffers
glBitmap
glBlendBarrier
glBlendColor
glBlendColorEXT
glBlendEquation
glBlendEquationEXT
glBlendEquationSeparate
glBlendEquationSeparatei
glBlendEquationSeparateiARB
glBlendEquationi
glBlendEquationiARB
glBlendFunc
glBlendFuncSeparate
glBlendFuncSeparateEXT
glBlendFuncSeparatei
glBlendFuncSeparateiARB
glBlendFunci
glBlendFunciARB
glBlitFramebuffer
glBufferData
glBufferDataARB
glBufferStorage
glBufferSubData
glBufferSubDataARB
glCallList
glCallLists
glCheckFramebufferStatus
glCheckFramebufferStatusEXT
glClampColor
glClampColorARB
glClear
glClearAccum
glClearBufferData
glClearBufferSubData
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearColorIiEXT
glClearColorIuiEXT
glClearColorx
glClearDepth
glClearDepthf
glClearDepthx
glClearIndex
glClearStencil
glClearTexImage
glClearTexSubImage
glClientActiveTexture
glClientActiveTextureARB
glClientWaitSync
glClipPlane
glClipPlanef
glClipPlanex
glColor3b
glColor3bv
glColor3d
glColor3dv
glColor3f
glColor3fv
glColor3i
glColor3iv
glColor3s
glColor3sv
glColor3ub
glColor3ubv
glColor3ui
glColor3uiv
glColor3us
glColor3usv
glColor4b
glColor4bv
glColor4d
glColor4dv
glColor4f
glColor4fv
glColor4i
glColor4iv
glColor4s
glColor4sv
glColor4ub
glColor4ubv
glColor4ui
glColor4uiv
glColor4us
glColor4usv
glColor4x
glColorMask
glColorMaskIndexedEXT
glColorMaski
glColorMaterial
glColorP3ui
glColorP3uiv
glColorP4ui
glColorP4uiv
glColorPointer
glColorPointerEXT
glColorSubTable
glColorTable
glColorTableParameterfv
glColorTableParameteriv
glCompileShader
glCompileShaderARB
glCompressedTexImage1D
glCompressedTexImage1DARB
glCompressedTexImage2D
glCompressedTexImage2DARB
glCompressedTexImage3D
glCompressedTexImage3DARB
glCompressedTexSubImage1D
glCompressedTexSubImage1DARB
glCompressedTexSubImage2D
glCompressedTexSubImage2DARB
glCompressedTexSubImage3D
glCompressedTexSubImage3DARB
glConvolutionFilter1D
glConvolutionFilter2D
glConvolutionParameterf
glConvolutionParameterfv
glConvolutionParameteri
glConvolutionParameteriv
glCopyBufferSubData
glCopyColorSubTable
glCopyColorTable
glCopyConvolutionFilter1D
glCopyConvolutionFilter2D
glCopyImageSubData
glCopyPixels
glCopyTexImage1D
glCopyTexImage2D
glCopyTexSubImage1D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCopyTexSubImage3DEXT
glCreateProgram
glCreateProgramObjectARB
glCreateShader
glCreateShaderObjectARB
glCreateShaderProgramv
glCullFace
glDebugMessageCallback
glDebugMessageCallbackARB
glDebugMessageControl
glDebugMessageControlARB
glDebugMessageInsert
glDebugMessageInsertARB
glDeleteBuffers
glDeleteBuffersARB
glDeleteFramebuffers
glDeleteFramebuffersEXT
glDeleteLists
glDeleteObjectARB
glDeleteProgram
glDeleteProgramPipelines
glDeleteProgramsARB
glDeleteQueries
glDeleteQueriesARB
glDeleteRenderbuffers
glDeleteRenderbuffersEXT
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTexturesEXT
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDepthFunc
glDepthMask
glDepthRange
glDepthRangeArrayv
glDepthRangeIndexed
glDepthRangef
glDepthRangex
glDetachObjectARB
glDetachShader
glDisable
glDisableClientState
glDisableIndexedEXT
glDisableVertexAttribArray
glDisableVertexAttribArrayARB
glDisablei
glDispatchCompute
glDispatchComputeIndirect
glDrawArrays
glDrawArraysEXT
glDrawArraysIndirect
glDrawArraysInstanced
glDrawArraysInstancedARB
glDrawArraysInstancedBaseInstance
glDrawArraysInstancedEXT
glDrawBuffer
glDrawBuffers
glDrawBuffersARB
glDrawBuffersATI
glDrawElements
glDrawElementsBaseVertex
glDrawElementsIndirect
glDrawElementsInstanced
glDrawElementsInstancedARB
glDrawElementsInstancedBaseInstance
glDrawElementsInstancedBaseVertex
glDrawElementsInstancedBaseVertexBaseInstance
glDrawElementsInstancedEXT
glDrawPixels
glDrawRangeElements
glDrawRangeElementsBaseVertex
glDrawRangeElementsEXT
glDrawTransformFeedback
glDrawTransformFeedbackInstanced
glDrawTransformFeedbackStream
glDrawTransformFeedbackStreamInstanced
glEdgeFlag
glEdgeFlagPointer
glEdgeFlagPointerEXT
glEdgeFlagv
glEnable
glEnableClientState
glEnableIndexedEXT
glEnableVertexAttribArray
glEnableVertexAttribArrayARB
glEnablei
glEnd
glEndConditionalRender
glEndConditionalRenderNV
glEndList
glEndQuery
glEndQueryARB
glEndQueryIndexed
glEndTransformFeedback
glEvalCoord1d
glEvalCoord1dv
glEvalCoord1f
glEvalCoord1fv
glEvalCoord2d
glEvalCoord2dv
glEvalCoord2f
glEvalCoord2fv
glEvalMesh1
glEvalMesh2
glEvalPoint1
glEvalPoint2
glFeedbackBuffer
glFenceSync
glFinish
glFlush
glFlushMappedBufferRange
glFogCoordPointer
glFogCoordPointerEXT
glFogCoordd
glFogCoorddEXT
glFogCoorddv
glFogCoorddvEXT
glFogCoordf
glFogCoordfEXT
glFogCoordfv
glFogCoordfvEXT
glFogf
glFogfv
glFogi
glFogiv
glFogx
glFogxv
glFramebufferParameteri
glFramebufferRenderbuffer
glFramebufferRenderbufferEXT
glFramebufferTexture
glFramebufferTexture1D
glFramebufferTexture1DEXT
glFramebufferTexture2D
glFramebufferTexture2DEXT
glFramebufferTexture3D
glFramebufferTexture3DEXT
glFramebufferTextureLayer
glFramebufferTextureLayerEXT
glFrontFace
glFrustum
glFrustumf
glFrustumx
glGenBuffers
glGenBuffersARB
glGenFramebuffers
glGenFramebuffersEXT
glGenLists
glGenProgramPipelines
glGenProgramsARB
glGenQueries
glGenQueriesARB
glGenRenderbuffers
glGenRenderbuffersEXT
glGenSamplers
glGenTextures
glGenTexturesEXT
glGenTransformFeedbacks
glGenVertexArrays
glGenerateMipmap
glGenerateMipmapEXT
glGetActiveAtomicCounterBufferiv
glGetActiveAttrib
glGetActiveAttribARB
glGetActiveUniform
glGetActiveUniformARB
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformName
glGetActiveUniformsiv
glGetAttachedObjectsARB
glGetAttachedShaders
glGetAttribLocation
glGetAttribLocationARB
glGetBooleanIndexedvEXT
glGetBooleani_v
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferParameterivARB
glGetBufferPointerv
glGetBufferPointervARB
glGetBufferSubData
glGetBufferSubDataARB
glGetClipPlane
glGetClipPlanef
glGetClipPlanex
glGetColorTable
glGetColorTableParameterfv
glGetColorTableParameteriv
glGetCompressedTexImage
glGetCompressedTexImageARB
glGetConvolutionFilter
glGetConvolutionParameterfv
glGetConvolutionParameteriv
glGetDebugMessageLog
glGetDebugMessageLogARB
glGetDoublei_v
glGetDoublev
glGetError
glGetFixedv
glGetFloati_v
glGetFloatv
glGetFragDataIndex
glGetFragDataLocation
glGetFragDataLocationEXT
glGetFramebufferAttachmentParameteriv
glGetFramebufferAttachmentParameterivEXT
glGetFramebufferParameteriv
glGetGraphicsResetStatus
glGetGraphicsResetStatusARB
glGetHandleARB
glGetHistogram
glGetHistogramParameterfv
glGetHistogramParameteriv
glGetInfoLogARB
glGetInteger64i_v
glGetInteger64v
glGetIntegerIndexedvEXT
glGetIntegeri_v
glGetIntegerv
glGetLightfv
glGetLightiv
glGetLightxv
glGetMapdv
glGetMapfv
glGetMapiv
glGetMaterialfv
glGetMaterialiv
glGetMaterialxv
glGetMinmax
glGetMinmaxParameterfv
glGetMinmaxParameteriv
glGetMultisamplefv
glGetObjectLabel
glGetObjectParameterfvARB
glGetObjectParameterivARB
glGetObjectPtrLabel
glGetPixelMapfv
glGetPixelMapuiv
glGetPixelMapusv
glGetPointerv
glGetPointervEXT
glGetPolygonStipple
glGetProgramBinary
glGetProgramEnvParameterdvARB
glGetProgramEnvParameterfvARB
glGetProgramInfoLog
glGetProgramInterfaceiv
glGetProgramLocalParameterdvARB
glGetProgramLocalParameterfvARB
glGetProgramPipelineInfoLog
glGetProgramPipelineiv
glGetProgramResourceIndex
glGetProgramResourceLocation
glGetProgramResourceName
glGetProgramResourceiv
glGetProgramStringARB
glGetProgramiv
glGetProgramivARB
glGetQueryIndexediv
glGetQueryObjectiv
glGetQueryObjectivARB
glGetQueryObjectuiv
glGetQueryObjectuivARB
glGetQueryiv
glGetQueryivARB
glGetRenderbufferParameteriv
glGetRenderbufferParameterivEXT
glGetSamplerParameterIiv
glGetSamplerParameterIuiv
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetSeparableFilter
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderSourceARB
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexEnvfv
glGetTexEnviv
glGetTexEnvxv
glGetTexGendv
glGetTexGenfv
glGetTexGeniv
glGetTexImage
glGetTexLevelParameterfv
glGetTexLevelParameteriv
glGetTexParameterIiv
glGetTexParameterIivEXT
glGetTexParameterIuiv
glGetTexParameterIuivEXT
glGetTexParameterfv
glGetTexParameteriv
glGetTexParameterxv

Sections

.text
Size: 25.1MB - Virtual size: 25.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8.9MB - Virtual size: 8.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 716KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/trading_api64.dll
.dll windows:5 windows x64 arch:x64

f7d326cb8fdda36f97bcf61c5e808a67

Code Sign

0c:e7:e0:e5:17:d8:46:fe:8f:e5:60:fc:1b:f0:30:39
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2031, 00:00

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:4f:46:6c:ec:cb:e9:d6:be:e8:1f:54:35:e6:4d:47
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/10/2018, 00:00

Not After

07/10/2021, 12:00

Subject

CN=Valve,O=Valve,L=Bellevue,ST=WA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d6:f4:f2:14:01:39:23:fa:d2:a1:74:05:1b:dd:82:d1:27:84:25:17
Signer

Actual PE Digest

d6:f4:f2:14:01:39:23:fa:d2:a1:74:05:1b:dd:82:d1:27:84:25:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\buildslave\steam_rel_client_win64\build\src\steam_api\win64\Release\steam_api64.pdb

Imports

kernel32

InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CloseHandle
LoadLibraryExA
LoadLibraryExW
GetModuleFileNameW
GetExitCodeProcess
GetModuleHandleExW
GetCommandLineW
GetEnvironmentVariableA
SetEnvironmentVariableA
OutputDebugStringA
GetFileAttributesW
MultiByteToWideChar
WideCharToMultiByte
OpenProcess
FreeLibrary
GetModuleHandleA
GetProcAddress
SetEndOfFile
ReadConsoleW
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleFileNameA
HeapFree
HeapAlloc
GetACP
GetStringTypeW
LCMapStringW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetStdHandle
CreateFileW
HeapSize
HeapReAlloc
SetFilePointerEx
WriteConsoleW
ReadFile

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

ShellExecuteW

Exports

Exports

CAddAppDependencyResult_t_RemoveCallResult
CAddAppDependencyResult_t_SetCallResult
CAddUGCDependencyResult_t_RemoveCallResult
CAddUGCDependencyResult_t_SetCallResult
CAssociateWithClanResult_t_RemoveCallResult
CAssociateWithClanResult_t_SetCallResult
CChangeNumOpenSlotsCallback_t_RemoveCallResult
CChangeNumOpenSlotsCallback_t_SetCallResult
CCheckFileSignature_t_RemoveCallResult
CCheckFileSignature_t_SetCallResult
CClanOfficerListResponse_t_RemoveCallResult
CClanOfficerListResponse_t_SetCallResult
CComputeNewPlayerCompatibilityResult_t_RemoveCallResult
CComputeNewPlayerCompatibilityResult_t_SetCallResult
CCreateBeaconCallback_t_RemoveCallResult
CCreateBeaconCallback_t_SetCallResult
CCreateItemResult_t_RemoveCallResult
CCreateItemResult_t_SetCallResult
CDeleteItemResult_t_RemoveCallResult
CDeleteItemResult_t_SetCallResult
CDurationControl_t_RemoveCallResult
CDurationControl_t_SetCallResult
CEncryptedAppTicketResponse_t_RemoveCallResult
CEncryptedAppTicketResponse_t_SetCallResult
CFileDetailsResult_t_RemoveCallResult
CFileDetailsResult_t_SetCallResult
CFriendsEnumerateFollowingList_t_RemoveCallResult
CFriendsEnumerateFollowingList_t_SetCallResult
CFriendsGetFollowerCount_t_RemoveCallResult
CFriendsGetFollowerCount_t_SetCallResult
CFriendsIsFollowing_t_RemoveCallResult
CFriendsIsFollowing_t_SetCallResult
CGSReputation_t_RemoveCallResult
CGSReputation_t_SetCallResult
CGSStatsReceived_t_RemoveCallResult
CGSStatsReceived_t_SetCallResult
CGSStatsStored_t_RemoveCallResult
CGSStatsStored_t_SetCallResult
CGetAppDependenciesResult_t_RemoveCallResult
CGetAppDependenciesResult_t_SetCallResult
CGetOPFSettingsResult_t_RemoveCallback
CGetOPFSettingsResult_t_SetCallback
CGetUserItemVoteResult_t_RemoveCallResult
CGetUserItemVoteResult_t_SetCallResult
CGlobalAchievementPercentagesReady_t_RemoveCallResult
CGlobalAchievementPercentagesReady_t_SetCallResult
CGlobalStatsReceived_t_RemoveCallResult
CGlobalStatsReceived_t_SetCallResult
CHTML_BrowserReady_t_RemoveCallResult
CHTML_BrowserReady_t_SetCallResult
CJoinClanChatRoomCompletionResult_t_RemoveCallResult
CJoinClanChatRoomCompletionResult_t_SetCallResult
CJoinPartyCallback_t_RemoveCallResult
CJoinPartyCallback_t_SetCallResult
CLeaderboardFindResult_t_RemoveCallResult
CLeaderboardFindResult_t_SetCallResult
CLeaderboardScoreUploaded_t_RemoveCallResult
CLeaderboardScoreUploaded_t_SetCallResult
CLeaderboardScoresDownloaded_t_RemoveCallResult
CLeaderboardScoresDownloaded_t_SetCallResult
CLeaderboardUGCSet_t_RemoveCallResult
CLeaderboardUGCSet_t_SetCallResult
CLobbyCreated_t_RemoveCallResult
CLobbyCreated_t_SetCallResult
CLobbyEnter_t_RemoveCallResult
CLobbyEnter_t_SetCallResult
CLobbyMatchList_t_RemoveCallResult
CLobbyMatchList_t_SetCallResult
CMarketEligibilityResponse_t_RemoveCallResult
CMarketEligibilityResponse_t_SetCallResult
CNumberOfCurrentPlayers_t_RemoveCallResult
CNumberOfCurrentPlayers_t_SetCallResult
CRemoteStorageDeletePublishedFileResult_t_RemoveCallResult
CRemoteStorageDeletePublishedFileResult_t_SetCallResult
CRemoteStorageDownloadUGCResult_t_RemoveCallResult
CRemoteStorageDownloadUGCResult_t_SetCallResult
CRemoteStorageEnumeratePublishedFilesByUserActionResult_t_RemoveCallResult
CRemoteStorageEnumeratePublishedFilesByUserActionResult_t_SetCallResult
CRemoteStorageEnumerateUserPublishedFilesResult_t_RemoveCallResult
CRemoteStorageEnumerateUserPublishedFilesResult_t_SetCallResult
CRemoteStorageEnumerateUserSubscribedFilesResult_t_RemoveCallResult
CRemoteStorageEnumerateUserSubscribedFilesResult_t_SetCallResult
CRemoteStorageEnumerateWorkshopFilesResult_t_RemoveCallResult
CRemoteStorageEnumerateWorkshopFilesResult_t_SetCallResult
CRemoteStorageFileReadAsyncComplete_t_RemoveCallResult
CRemoteStorageFileReadAsyncComplete_t_SetCallResult
CRemoteStorageFileShareResult_t_RemoveCallResult
CRemoteStorageFileShareResult_t_SetCallResult
CRemoteStorageFileWriteAsyncComplete_t_RemoveCallResult
CRemoteStorageFileWriteAsyncComplete_t_SetCallResult
CRemoteStorageGetPublishedFileDetailsResult_t_RemoveCallResult
CRemoteStorageGetPublishedFileDetailsResult_t_SetCallResult
CRemoteStorageGetPublishedItemVoteDetailsResult_t_RemoveCallResult
CRemoteStorageGetPublishedItemVoteDetailsResult_t_SetCallResult
CRemoteStoragePublishFileProgress_t_RemoveCallResult
CRemoteStoragePublishFileProgress_t_SetCallResult
CRemoteStorageSetUserPublishedFileActionResult_t_RemoveCallResult
CRemoteStorageSetUserPublishedFileActionResult_t_SetCallResult
CRemoteStorageSubscribePublishedFileResult_t_RemoveCallResult
CRemoteStorageSubscribePublishedFileResult_t_SetCallResult
CRemoteStorageUnsubscribePublishedFileResult_t_RemoveCallResult
CRemoteStorageUnsubscribePublishedFileResult_t_SetCallResult
CRemoteStorageUpdatePublishedFileResult_t_RemoveCallResult
CRemoteStorageUpdatePublishedFileResult_t_SetCallResult
CRemoteStorageUpdateUserPublishedItemVoteResult_t_RemoveCallResult
CRemoteStorageUpdateUserPublishedItemVoteResult_t_SetCallResult
CRemoveAppDependencyResult_t_RemoveCallResult
CRemoveAppDependencyResult_t_SetCallResult
CRemoveUGCDependencyResult_t_RemoveCallResult
CRemoveUGCDependencyResult_t_SetCallResult
CSetPersonaNameResponse_t_RemoveCallResult
CSetPersonaNameResponse_t_SetCallResult
CSetUserItemVoteResult_t_RemoveCallResult
CSetUserItemVoteResult_t_SetCallResult
CStartPlaytimeTrackingResult_t_RemoveCallResult
CStartPlaytimeTrackingResult_t_SetCallResult
CSteamInventoryEligiblePromoItemDefIDs_t_RemoveCallResult
CSteamInventoryEligiblePromoItemDefIDs_t_SetCallResult
CSteamInventoryRequestPricesResult_t_RemoveCallResult
CSteamInventoryRequestPricesResult_t_SetCallResult
CSteamInventoryStartPurchaseResult_t_RemoveCallResult
CSteamInventoryStartPurchaseResult_t_SetCallResult
CSteamUGCQueryCompleted_t_RemoveCallResult
CSteamUGCQueryCompleted_t_SetCallResult
CStopPlaytimeTrackingResult_t_RemoveCallResult
CStopPlaytimeTrackingResult_t_SetCallResult
CStoreAuthURLResponse_t_RemoveCallResult
CStoreAuthURLResponse_t_SetCallResult
CSubmitItemUpdateResult_t_RemoveCallResult
CSubmitItemUpdateResult_t_SetCallResult
CUserFavoriteItemsListChanged_t_RemoveCallResult
CUserFavoriteItemsListChanged_t_SetCallResult
CUserStatsReceived_t_RemoveCallResult
CUserStatsReceived_t_RemoveCallback
CUserStatsReceived_t_SetCallResult
CUserStatsReceived_t_SetCallback
GetHSteamPipe
GetHSteamUser
SteamAPI_GetHSteamPipe
SteamAPI_GetHSteamUser
SteamAPI_GetSteamInstallPath
SteamAPI_ISteamAppList_GetAppBuildId
SteamAPI_ISteamAppList_GetAppInstallDir
SteamAPI_ISteamAppList_GetAppName
SteamAPI_ISteamAppList_GetInstalledApps
SteamAPI_ISteamAppList_GetNumInstalledApps
SteamAPI_ISteamApps_BGetDLCDataByIndex
SteamAPI_ISteamApps_BIsAppInstalled
SteamAPI_ISteamApps_BIsCybercafe
SteamAPI_ISteamApps_BIsDlcInstalled
SteamAPI_ISteamApps_BIsLowViolence
SteamAPI_ISteamApps_BIsSubscribed
SteamAPI_ISteamApps_BIsSubscribedApp
SteamAPI_ISteamApps_BIsSubscribedFromFamilySharing
SteamAPI_ISteamApps_BIsSubscribedFromFreeWeekend
SteamAPI_ISteamApps_BIsVACBanned
SteamAPI_ISteamApps_GetAppBuildId
SteamAPI_ISteamApps_GetAppInstallDir
SteamAPI_ISteamApps_GetAppOwner
SteamAPI_ISteamApps_GetAvailableGameLanguages
SteamAPI_ISteamApps_GetCurrentBetaName
SteamAPI_ISteamApps_GetCurrentGameLanguage
SteamAPI_ISteamApps_GetDLCCount
SteamAPI_ISteamApps_GetDlcDownloadProgress
SteamAPI_ISteamApps_GetEarliestPurchaseUnixTime
SteamAPI_ISteamApps_GetFileDetails
SteamAPI_ISteamApps_GetInstalledDepots
SteamAPI_ISteamApps_GetLaunchCommandLine
SteamAPI_ISteamApps_GetLaunchQueryParam
SteamAPI_ISteamApps_InstallDLC
SteamAPI_ISteamApps_MarkContentCorrupt
SteamAPI_ISteamApps_RequestAllProofOfPurchaseKeys
SteamAPI_ISteamApps_RequestAppProofOfPurchaseKey
SteamAPI_ISteamApps_UninstallDLC
SteamAPI_ISteamClient_BReleaseSteamPipe
SteamAPI_ISteamClient_BShutdownIfAllPipesClosed
SteamAPI_ISteamClient_ConnectToGlobalUser
SteamAPI_ISteamClient_CreateLocalUser
SteamAPI_ISteamClient_CreateSteamPipe
SteamAPI_ISteamClient_GetIPCCallCount
SteamAPI_ISteamClient_GetISteamAppList
SteamAPI_ISteamClient_GetISteamApps
SteamAPI_ISteamClient_GetISteamController
SteamAPI_ISteamClient_GetISteamFriends
SteamAPI_ISteamClient_GetISteamGameSearch
SteamAPI_ISteamClient_GetISteamGameServer
SteamAPI_ISteamClient_GetISteamGameServerStats
SteamAPI_ISteamClient_GetISteamGenericInterface
SteamAPI_ISteamClient_GetISteamHTMLSurface
SteamAPI_ISteamClient_GetISteamHTTP
SteamAPI_ISteamClient_GetISteamInput
SteamAPI_ISteamClient_GetISteamInventory
SteamAPI_ISteamClient_GetISteamMatchmaking
SteamAPI_ISteamClient_GetISteamMatchmakingServers
SteamAPI_ISteamClient_GetISteamMusic
SteamAPI_ISteamClient_GetISteamMusicRemote
SteamAPI_ISteamClient_GetISteamNetworking
SteamAPI_ISteamClient_GetISteamParentalSettings
SteamAPI_ISteamClient_GetISteamParties
SteamAPI_ISteamClient_GetISteamRemotePlay
SteamAPI_ISteamClient_GetISteamRemoteStorage
SteamAPI_ISteamClient_GetISteamScreenshots
SteamAPI_ISteamClient_GetISteamUGC
SteamAPI_ISteamClient_GetISteamUser
SteamAPI_ISteamClient_GetISteamUserStats
SteamAPI_ISteamClient_GetISteamUtils
SteamAPI_ISteamClient_GetISteamVideo
SteamAPI_ISteamClient_ReleaseUser
SteamAPI_ISteamClient_SetLocalIPBinding
SteamAPI_ISteamClient_SetWarningMessageHook
SteamAPI_ISteamController_ActivateActionSet
SteamAPI_ISteamController_ActivateActionSetLayer
SteamAPI_ISteamController_DeactivateActionSetLayer
SteamAPI_ISteamController_DeactivateAllActionSetLayers
SteamAPI_ISteamController_GetActionOriginFromXboxOrigin
SteamAPI_ISteamController_GetActionSetHandle
SteamAPI_ISteamController_GetActiveActionSetLayers
SteamAPI_ISteamController_GetAnalogActionData
SteamAPI_ISteamController_GetAnalogActionHandle
SteamAPI_ISteamController_GetAnalogActionOrigins
SteamAPI_ISteamController_GetConnectedControllers
SteamAPI_ISteamController_GetControllerBindingRevision
SteamAPI_ISteamController_GetControllerForGamepadIndex
SteamAPI_ISteamController_GetCurrentActionSet
SteamAPI_ISteamController_GetDigitalActionData
SteamAPI_ISteamController_GetDigitalActionHandle
SteamAPI_ISteamController_GetDigitalActionOrigins
SteamAPI_ISteamController_GetGamepadIndexForController
SteamAPI_ISteamController_GetGlyphForActionOrigin
SteamAPI_ISteamController_GetGlyphForXboxOrigin
SteamAPI_ISteamController_GetInputTypeForHandle
SteamAPI_ISteamController_GetMotionData
SteamAPI_ISteamController_GetStringForActionOrigin
SteamAPI_ISteamController_GetStringForXboxOrigin
SteamAPI_ISteamController_Init
SteamAPI_ISteamController_RunFrame
SteamAPI_ISteamController_SetLEDColor
SteamAPI_ISteamController_ShowBindingPanel
SteamAPI_ISteamController_Shutdown
SteamAPI_ISteamController_StopAnalogActionMomentum
SteamAPI_ISteamController_TranslateActionOrigin
SteamAPI_ISteamController_TriggerHapticPulse
SteamAPI_ISteamController_TriggerRepeatedHapticPulse
SteamAPI_ISteamController_TriggerVibration
SteamAPI_ISteamFriends_ActivateGameOverlay
SteamAPI_ISteamFriends_ActivateGameOverlayInviteDialog
SteamAPI_ISteamFriends_ActivateGameOverlayToStore
SteamAPI_ISteamFriends_ActivateGameOverlayToUser
SteamAPI_ISteamFriends_ActivateGameOverlayToWebPage
SteamAPI_ISteamFriends_ClearRichPresence
SteamAPI_ISteamFriends_CloseClanChatWindowInSteam
SteamAPI_ISteamFriends_DownloadClanActivityCounts
SteamAPI_ISteamFriends_EnumerateFollowingList
SteamAPI_ISteamFriends_GetChatMemberByIndex
SteamAPI_ISteamFriends_GetClanActivityCounts
SteamAPI_ISteamFriends_GetClanByIndex
SteamAPI_ISteamFriends_GetClanChatMemberCount
SteamAPI_ISteamFriends_GetClanChatMessage
SteamAPI_ISteamFriends_GetClanCount
SteamAPI_ISteamFriends_GetClanName
SteamAPI_ISteamFriends_GetClanOfficerByIndex
SteamAPI_ISteamFriends_GetClanOfficerCount
SteamAPI_ISteamFriends_GetClanOwner
SteamAPI_ISteamFriends_GetClanTag
SteamAPI_ISteamFriends_GetCoplayFriend
SteamAPI_ISteamFriends_GetCoplayFriendCount
SteamAPI_ISteamFriends_GetFollowerCount
SteamAPI_ISteamFriends_GetFriendByIndex
SteamAPI_ISteamFriends_GetFriendCoplayGame
SteamAPI_ISteamFriends_GetFriendCoplayTime
SteamAPI_ISteamFriends_GetFriendCount
SteamAPI_ISteamFriends_GetFriendCountFromSource
SteamAPI_ISteamFriends_GetFriendFromSourceByIndex
SteamAPI_ISteamFriends_GetFriendGamePlayed
SteamAPI_ISteamFriends_GetFriendMessage
SteamAPI_ISteamFriends_GetFriendPersonaName
SteamAPI_ISteamFriends_GetFriendPersonaNameHistory
SteamAPI_ISteamFriends_GetFriendPersonaState
SteamAPI_ISteamFriends_GetFriendRelationship
SteamAPI_ISteamFriends_GetFriendRichPresence
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyByIndex
SteamAPI_ISteamFriends_GetFriendRichPresenceKeyCount
SteamAPI_ISteamFriends_GetFriendSteamLevel
SteamAPI_ISteamFriends_GetFriendsGroupCount
SteamAPI_ISteamFriends_GetFriendsGroupIDByIndex
SteamAPI_ISteamFriends_GetFriendsGroupMembersCount
SteamAPI_ISteamFriends_GetFriendsGroupMembersList
SteamAPI_ISteamFriends_GetFriendsGroupName
SteamAPI_ISteamFriends_GetLargeFriendAvatar
SteamAPI_ISteamFriends_GetMediumFriendAvatar
SteamAPI_ISteamFriends_GetNumChatsWithUnreadPriorityMessages
SteamAPI_ISteamFriends_GetPersonaName
SteamAPI_ISteamFriends_GetPersonaState
SteamAPI_ISteamFriends_GetPlayerNickname
SteamAPI_ISteamFriends_GetSmallFriendAvatar
SteamAPI_ISteamFriends_GetUserRestrictions
SteamAPI_ISteamFriends_HasFriend
SteamAPI_ISteamFriends_InviteUserToGame
SteamAPI_ISteamFriends_IsClanChatAdmin
SteamAPI_ISteamFriends_IsClanChatWindowOpenInSteam
SteamAPI_ISteamFriends_IsClanOfficialGameGroup
SteamAPI_ISteamFriends_IsClanPublic
SteamAPI_ISteamFriends_IsFollowing
SteamAPI_ISteamFriends_IsUserInSource
SteamAPI_ISteamFriends_JoinClanChatRoom
SteamAPI_ISteamFriends_LeaveClanChatRoom
SteamAPI_ISteamFriends_OpenClanChatWindowInSteam
SteamAPI_ISteamFriends_ReplyToFriendMessage
SteamAPI_ISteamFriends_RequestClanOfficerList
SteamAPI_ISteamFriends_RequestFriendRichPresence
SteamAPI_ISteamFriends_RequestUserInformation
SteamAPI_ISteamFriends_SendClanChatMessage
SteamAPI_ISteamFriends_SetInGameVoiceSpeaking
SteamAPI_ISteamFriends_SetListenForFriendsMessages
SteamAPI_ISteamFriends_SetPersonaName
SteamAPI_ISteamFriends_SetPlayedWith
SteamAPI_ISteamFriends_SetRichPresence
SteamAPI_ISteamGameSearch_AcceptGame
SteamAPI_ISteamGameSearch_AddGameSearchParams
SteamAPI_ISteamGameSearch_CancelRequestPlayersForGame
SteamAPI_ISteamGameSearch_DeclineGame
SteamAPI_ISteamGameSearch_EndGame
SteamAPI_ISteamGameSearch_EndGameSearch
SteamAPI_ISteamGameSearch_HostConfirmGameStart
SteamAPI_ISteamGameSearch_RequestPlayersForGame
SteamAPI_ISteamGameSearch_RetrieveConnectionDetails
SteamAPI_ISteamGameSearch_SearchForGameSolo
SteamAPI_ISteamGameSearch_SearchForGameWithLobby
SteamAPI_ISteamGameSearch_SetConnectionDetails
SteamAPI_ISteamGameSearch_SetGameHostParams
SteamAPI_ISteamGameSearch_SubmitPlayerResult
SteamAPI_ISteamGameServerStats_ClearUserAchievement
SteamAPI_ISteamGameServerStats_GetUserAchievement
SteamAPI_ISteamGameServerStats_GetUserStat
SteamAPI_ISteamGameServerStats_GetUserStat0
SteamAPI_ISteamGameServerStats_RequestUserStats
SteamAPI_ISteamGameServerStats_SetUserAchievement
SteamAPI_ISteamGameServerStats_SetUserStat
SteamAPI_ISteamGameServerStats_SetUserStat0
SteamAPI_ISteamGameServerStats_StoreUserStats
SteamAPI_ISteamGameServerStats_UpdateUserAvgRateStat
SteamAPI_ISteamGameServer_AssociateWithClan
SteamAPI_ISteamGameServer_BLoggedOn
SteamAPI_ISteamGameServer_BSecure
SteamAPI_ISteamGameServer_BUpdateUserData
SteamAPI_ISteamGameServer_BeginAuthSession
SteamAPI_ISteamGameServer_CancelAuthTicket
SteamAPI_ISteamGameServer_ClearAllKeyValues
SteamAPI_ISteamGameServer_ComputeNewPlayerCompatibility
SteamAPI_ISteamGameServer_CreateUnauthenticatedUserConnection
SteamAPI_ISteamGameServer_EnableHeartbeats
SteamAPI_ISteamGameServer_EndAuthSession
SteamAPI_ISteamGameServer_ForceHeartbeat
SteamAPI_ISteamGameServer_GetAuthSessionTicket
SteamAPI_ISteamGameServer_GetGameplayStats
SteamAPI_ISteamGameServer_GetNextOutgoingPacket
SteamAPI_ISteamGameServer_GetPublicIP
SteamAPI_ISteamGameServer_GetServerReputation
SteamAPI_ISteamGameServer_GetSteamID
SteamAPI_ISteamGameServer_HandleIncomingPacket
SteamAPI_ISteamGameServer_InitGameServer
SteamAPI_ISteamGameServer_LogOff
SteamAPI_ISteamGameServer_LogOn
SteamAPI_ISteamGameServer_LogOnAnonymous
SteamAPI_ISteamGameServer_RequestUserGroupStatus
SteamAPI_ISteamGameServer_SendUserConnectAndAuthenticate
SteamAPI_ISteamGameServer_SendUserDisconnect
SteamAPI_ISteamGameServer_SetBotPlayerCount
SteamAPI_ISteamGameServer_SetDedicatedServer
SteamAPI_ISteamGameServer_SetGameData
SteamAPI_ISteamGameServer_SetGameDescription
SteamAPI_ISteamGameServer_SetGameTags
SteamAPI_ISteamGameServer_SetHeartbeatInterval
SteamAPI_ISteamGameServer_SetKeyValue
SteamAPI_ISteamGameServer_SetMapName
SteamAPI_ISteamGameServer_SetMaxPlayerCount
SteamAPI_ISteamGameServer_SetModDir
SteamAPI_ISteamGameServer_SetPasswordProtected
SteamAPI_ISteamGameServer_SetProduct
SteamAPI_ISteamGameServer_SetRegion
SteamAPI_ISteamGameServer_SetServerName
SteamAPI_ISteamGameServer_SetSpectatorPort
SteamAPI_ISteamGameServer_SetSpectatorServerName
SteamAPI_ISteamGameServer_UserHasLicenseForApp
SteamAPI_ISteamGameServer_WasRestartRequested
SteamAPI_ISteamHTMLSurface_AddHeader
SteamAPI_ISteamHTMLSurface_AllowStartRequest
SteamAPI_ISteamHTMLSurface_CopyToClipboard
SteamAPI_ISteamHTMLSurface_CreateBrowser
SteamAPI_ISteamHTMLSurface_DestructISteamHTMLSurface
SteamAPI_ISteamHTMLSurface_ExecuteJavascript
SteamAPI_ISteamHTMLSurface_Find
SteamAPI_ISteamHTMLSurface_GetLinkAtPosition
SteamAPI_ISteamHTMLSurface_GoBack
SteamAPI_ISteamHTMLSurface_GoForward
SteamAPI_ISteamHTMLSurface_Init
SteamAPI_ISteamHTMLSurface_JSDialogResponse
SteamAPI_ISteamHTMLSurface_KeyChar
SteamAPI_ISteamHTMLSurface_KeyDown
SteamAPI_ISteamHTMLSurface_KeyUp
SteamAPI_ISteamHTMLSurface_LoadURL
SteamAPI_ISteamHTMLSurface_MouseDoubleClick
SteamAPI_ISteamHTMLSurface_MouseDown
SteamAPI_ISteamHTMLSurface_MouseMove
SteamAPI_ISteamHTMLSurface_MouseUp
SteamAPI_ISteamHTMLSurface_MouseWheel
SteamAPI_ISteamHTMLSurface_OpenDeveloperTools
SteamAPI_ISteamHTMLSurface_PasteFromClipboard
SteamAPI_ISteamHTMLSurface_Reload
SteamAPI_ISteamHTMLSurface_RemoveBrowser
SteamAPI_ISteamHTMLSurface_SetBackgroundMode
SteamAPI_ISteamHTMLSurface_SetCookie
SteamAPI_ISteamHTMLSurface_SetDPIScalingFactor
SteamAPI_ISteamHTMLSurface_SetHorizontalScroll
SteamAPI_ISteamHTMLSurface_SetKeyFocus
SteamAPI_ISteamHTMLSurface_SetPageScaleFactor
SteamAPI_ISteamHTMLSurface_SetSize
SteamAPI_ISteamHTMLSurface_SetVerticalScroll
SteamAPI_ISteamHTMLSurface_Shutdown
SteamAPI_ISteamHTMLSurface_StopFind
SteamAPI_ISteamHTMLSurface_StopLoad
SteamAPI_ISteamHTMLSurface_ViewSource
SteamAPI_ISteamHTTP_CreateCookieContainer
SteamAPI_ISteamHTTP_CreateHTTPRequest
SteamAPI_ISteamHTTP_DeferHTTPRequest
SteamAPI_ISteamHTTP_GetHTTPDownloadProgressPct
SteamAPI_ISteamHTTP_GetHTTPRequestWasTimedOut
SteamAPI_ISteamHTTP_GetHTTPResponseBodyData
SteamAPI_ISteamHTTP_GetHTTPResponseBodySize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderSize
SteamAPI_ISteamHTTP_GetHTTPResponseHeaderValue
SteamAPI_ISteamHTTP_GetHTTPStreamingResponseBodyData
SteamAPI_ISteamHTTP_PrioritizeHTTPRequest
SteamAPI_ISteamHTTP_ReleaseCookieContainer
SteamAPI_ISteamHTTP_ReleaseHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequest
SteamAPI_ISteamHTTP_SendHTTPRequestAndStreamResponse
SteamAPI_ISteamHTTP_SetCookie
SteamAPI_ISteamHTTP_SetHTTPRequestAbsoluteTimeoutMS
SteamAPI_ISteamHTTP_SetHTTPRequestContextValue
SteamAPI_ISteamHTTP_SetHTTPRequestCookieContainer
SteamAPI_ISteamHTTP_SetHTTPRequestGetOrPostParameter
SteamAPI_ISteamHTTP_SetHTTPRequestHeaderValue
SteamAPI_ISteamHTTP_SetHTTPRequestNetworkActivityTimeout
SteamAPI_ISteamHTTP_SetHTTPRequestRawPostBody
SteamAPI_ISteamHTTP_SetHTTPRequestRequiresVerifiedCertificate
SteamAPI_ISteamHTTP_SetHTTPRequestUserAgentInfo
SteamAPI_ISteamInput_ActivateActionSet
SteamAPI_ISteamInput_ActivateActionSetLayer
SteamAPI_ISteamInput_DeactivateActionSetLayer
SteamAPI_ISteamInput_DeactivateAllActionSetLayers
SteamAPI_ISteamInput_GetActionOriginFromXboxOrigin
SteamAPI_ISteamInput_GetActionSetHandle
SteamAPI_ISteamInput_GetActiveActionSetLayers
SteamAPI_ISteamInput_GetAnalogActionData
SteamAPI_ISteamInput_GetAnalogActionHandle
SteamAPI_ISteamInput_GetAnalogActionOrigins
SteamAPI_ISteamInput_GetConnectedControllers
SteamAPI_ISteamInput_GetControllerForGamepadIndex
SteamAPI_ISteamInput_GetCurrentActionSet
SteamAPI_ISteamInput_GetDeviceBindingRevision
SteamAPI_ISteamInput_GetDigitalActionData
SteamAPI_ISteamInput_GetDigitalActionHandle
SteamAPI_ISteamInput_GetDigitalActionOrigins
SteamAPI_ISteamInput_GetGamepadIndexForController
SteamAPI_ISteamInput_GetGlyphForActionOrigin
SteamAPI_ISteamInput_GetGlyphForXboxOrigin
SteamAPI_ISteamInput_GetInputTypeForHandle
SteamAPI_ISteamInput_GetMotionData
SteamAPI_ISteamInput_GetRemotePlaySessionID
SteamAPI_ISteamInput_GetStringForActionOrigin
SteamAPI_ISteamInput_GetStringForXboxOrigin
SteamAPI_ISteamInput_Init
SteamAPI_ISteamInput_RunFrame
SteamAPI_ISteamInput_SetLEDColor
SteamAPI_ISteamInput_ShowBindingPanel
SteamAPI_ISteamInput_Shutdown
SteamAPI_ISteamInput_StopAnalogActionMomentum
SteamAPI_ISteamInput_TranslateActionOrigin
SteamAPI_ISteamInput_TriggerHapticPulse
SteamAPI_ISteamInput_TriggerRepeatedHapticPulse
SteamAPI_ISteamInput_TriggerVibration
SteamAPI_ISteamInventory_AddPromoItem
SteamAPI_ISteamInventory_AddPromoItems
SteamAPI_ISteamInventory_CheckResultSteamID
SteamAPI_ISteamInventory_ConsumeItem
SteamAPI_ISteamInventory_DeserializeResult
SteamAPI_ISteamInventory_DestroyResult
SteamAPI_ISteamInventory_ExchangeItems
SteamAPI_ISteamInventory_GenerateItems
SteamAPI_ISteamInventory_GetAllItems
SteamAPI_ISteamInventory_GetEligiblePromoItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionIDs
SteamAPI_ISteamInventory_GetItemDefinitionProperty
SteamAPI_ISteamInventory_GetItemPrice
SteamAPI_ISteamInventory_GetItemsByID
SteamAPI_ISteamInventory_GetItemsWithPrices
SteamAPI_ISteamInventory_GetNumItemsWithPrices
SteamAPI_ISteamInventory_GetResultItemProperty
SteamAPI_ISteamInventory_GetResultItems

Sections

.text
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/tradingnetworkingsockets.dll
.dll windows:6 windows x64 arch:x64

e917d42bcc53c047e3b944d762080d33

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:89:b3:bc:eb:44:09:89:0a:32:d7:19:76:b1:32:a4
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

07/10/2021, 00:00

Not After

09/10/2024, 23:59

Subject

CN=Valve Corp.,O=Valve Corp.,L=Bellevue,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fa:8a:01:bb:57:5d:f5:1e:0c:89:2b:3d:f2:dd:29:b9:31:92:f0:e3
Signer

Actual PE Digest

fa:8a:01:bb:57:5d:f5:1e:0c:89:2b:3d:f2:dd:29:b9:31:92:f0:e3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

c:\buildslave\sdr_public_win64\build\obj\steamnetworkingsockets_Release_x642019\steamnetworkingsockets.pdb

Imports

kernel32

LoadLibraryA
CloseHandle
RaiseException
GetLastError
SetEvent
WaitForSingleObject
CreateEventA
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
LocalFree
FormatMessageA
WideCharToMultiByte
GetProcAddress
QueryPerformanceFrequency
QueryPerformanceCounter
TerminateProcess
HeapSize
WriteConsoleW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindFirstFileExW
GetTimeZoneInformation
GetFileSizeEx
GetFullPathNameW
SetEndOfFile
SetStdHandle
SetFilePointerEx
FlushFileBuffers
GetCurrentProcess
IsDebuggerPresent
GetCurrentDirectoryW
FindClose
FindFirstFileW
FindNextFileW
SetLastError
MultiByteToWideChar
GetStdHandle
GetEnvironmentVariableW
GetFileType
WriteFile
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RtlVirtualUnwind
GetCurrentProcessId
GetSystemTimeAsFileTime
DeleteFiber
ConvertFiberToThread
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
WaitForSingleObjectEx
GetExitCodeThread
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitOnceBeginInitialize
InitOnceComplete
GetStringTypeW
EncodePointer
DecodePointer
GetCPInfo
ResetEvent
CreateEventW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlPcToFileHeader
RtlUnwindEx
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ReadFile
SetEnvironmentVariableW
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetConsoleOutputCP
ExitProcess
SetConsoleCtrlHandler
GetModuleFileNameW
HeapFree
HeapAlloc
HeapReAlloc
CompareStringW
LCMapStringW

ws2_32

WSASendTo
WSAEventSelect
WSAEnumNetworkEvents
WSAGetLastError
getaddrinfo
socket
setsockopt
recvfrom
ntohl
htonl
getsockname
freeaddrinfo
gethostname
WSACleanup
ioctlsocket
closesocket
bind
WSAStartup
recv
send
WSASetLastError

winmm

timeBeginPeriod
timeEndPeriod

iphlpapi

GetAdaptersAddresses

bcrypt

BCryptGenRandom

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW

advapi32

ReportEventW
RegisterEventSourceW
DeregisterEventSource

Exports

Exports

SteamDatagramClient_Init
SteamDatagramClient_InitSteam_InternalV1
SteamDatagramClient_Kill
SteamDatagramClient_SetCredentialsDurableCacheCallbacks
SteamDatagramServer_Init
SteamDatagramServer_InitSteam_InternalV1
SteamDatagramServer_Kill
SteamDatagram_GetNetworkConfigURL
SteamDatagram_Internal_SteamAPIKludge
SteamDatagram_SetAppID
SteamDatagram_SetNetworkConfig
SteamDatagram_SetUniverse
SteamGameServerNetworkingMessages_LibV2
SteamGameServerNetworkingSockets_LibV12
SteamNetworkingIPAddr_GetFakeIPType
SteamNetworkingIPAddr_ParseString
SteamNetworkingIPAddr_ToString
SteamNetworkingIdentity_ParseString
SteamNetworkingIdentity_ToString
SteamNetworkingMessages_LibV2
SteamNetworkingSockets_DefaultPreFormatDebugOutputHandler
SteamNetworkingSockets_LibV12
SteamNetworkingSockets_Poll
SteamNetworkingSockets_SetEnvironmentVariable
SteamNetworkingSockets_SetLockAcquiredCallback
SteamNetworkingSockets_SetLockHeldCallback
SteamNetworkingSockets_SetLockWaitWarningThreshold
SteamNetworkingSockets_SetManualPollMode
SteamNetworkingSockets_SetPreFormatDebugOutputHandler
SteamNetworkingSockets_SetServiceThreadInitCallback
SteamNetworkingUtils_GetIPv4FakeIPType
SteamNetworkingUtils_LibV4

Sections

.text
Size: 3.0MB - Virtual size: 3.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 885KB - Virtual size: 884KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 131KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/winethc.dll
.dll regsvr32 windows:10 windows x64 arch:x64

3acaa8683a196ef04c6149c6b1d2b3ab

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

winetHC.pdb

Imports

msvcrt

wcsncmp
_vscwprintf
vswprintf_s
_vsnwprintf
iswdigit
_wtoi
wcscpy_s
wcscat_s
_callnewh
__C_specific_handler
_XcptFilter
_amsg_exit
_initterm
_errno
realloc
_lock
_purecall
memcpy_s
free
malloc
wcsncpy_s
toupper
wcsnlen
_unlock
__dllonexit
_onexit
memset
memmove
memcpy
wcscmp

ntdll

RtlCaptureContext
RtlIpv6StringToAddressExW
RtlIpv4StringToAddressExW
RtlIpv6StringToAddressW
RtlIpv4StringToAddressW
RtlVirtualUnwind
RtlLookupFunctionEntry

kernel32

GetCurrentProcessId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetTickCount
Sleep
OutputDebugStringA
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LocalAlloc
GetModuleFileNameA
FreeLibrary
GetLastError
GetProcAddress
LoadLibraryExW
GetModuleHandleW
lstrcmpiW
RaiseException
LeaveCriticalSection
EnterCriticalSection
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceExW
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
ExpandEnvironmentStringsW
GetSystemTimeAsFileTime
GlobalFree
GlobalAlloc
TerminateProcess
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
WaitForSingleObject
GetExitCodeProcess
CloseHandle
WaitForSingleObjectEx
CreateThread
DisableThreadLibraryCalls
GetThreadLocale
SetThreadLocale
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy
UnhandledExceptionFilter

advapi32

OpenThreadToken
EventProviderEnabled
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegSetValueExW
EventUnregister
EventRegister
SetThreadToken
GetLengthSid
GetTokenInformation
EventWriteTransfer
EventWrite
EventActivityIdControl
CreateProcessWithTokenW
DuplicateTokenEx
IsValidSid
RegDeleteValueW
RegCreateKeyExW
EventSetInformation

user32

UnregisterClassA
LoadStringW
CloseDesktop
SetThreadDesktop
CreateDesktopW
GetThreadDesktop
CharNextW

oleaut32

LoadTypeLi
VarUI4FromStr
UnRegisterTypeLi
SysStringLen
RegisterTypeLi
SysFreeString
SysAllocString

shlwapi

PathIsUNCW

ws2_32

ioctlsocket
FreeAddrInfoW
GetAddrInfoW
WSACleanup
__WSAFDIsSet
select
htons
WSAStartup
WSAGetLastError
socket
bind
closesocket
connect

wininet

InternetSetOptionW
InternetInitializeAutoProxyDll
InternetGetConnectedStateExW
InternetCrackUrlW

winhttp

WinHttpSendRequest
WinHttpReceiveResponse
WinHttpGetProxyForUrl
WinHttpOpenRequest
WinHttpDetectAutoProxyConfigUrl
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpSetOption
WinHttpQueryHeaders
WinHttpGetDefaultProxyConfiguration
WinHttpCloseHandle
WinHttpSetStatusCallback
WinHttpConnect

dnsapi

DnsGetProxyInformation
DnsFreeProxyName

nlaapi

NlaCloseQuery
NlaDeleteDataSet
NlaQueryNetData
NlaDeleteTypeSet
NlaOpenQuery
NlaAddToTypeSet
NlaCreateTypeSet
NlaQueryNetSignatures

api-ms-win-core-com-l1-1-0

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoCreateGuid
StringFromGUID2
CoTaskMemFree

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
ForceProxyDetectionOnNextRun
SetAutoDetectProxyFlagForUser

Sections

.text
Size: 61KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/wininetlui.dll
.dll windows:10 windows x64 arch:x64

21e7fc7acd53fc5b2900471ddf863396

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wininetlui.pdb

Imports

msvcrt

_vsnwprintf
malloc
__C_specific_handler
free
_amsg_exit
_XcptFilter
_initterm
memset

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessageVa

api-ms-win-core-libraryloader-l1-2-0

LoadStringW

api-ms-win-core-com-l1-1-0

CoCreateInstance

oleaut32

SysFreeString
SysAllocString

api-ms-win-core-localization-l1-2-0

GetUserDefaultLCID

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime

api-ms-win-core-datetime-l1-1-0

GetTimeFormatW
GetDateFormatW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

InternetErrorDlgEx

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.wpp_sf
Size: 512B - Virtual size: 158B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 516B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 164B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/wininitext.dll
.dll windows:10 windows x64 arch:x64

fe0759c21b6c6aed369fe31c269210a3

Code Sign

33:00:00:03:3c:89:c6:6a:7b:45:bb:1f:bd:00:00:00:00:03:3c
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:23

Not After

01/09/2022, 18:23

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

41:b1:83:20:fd:a0:33:3b:33:2e:45:a5:fa:b9:56:04:76:28:8b:42:b1:65:68:69:de:73:0f:c6:25:86:5d:a0
Signer

Actual PE Digest

41:b1:83:20:fd:a0:33:3b:33:2e:45:a5:fa:b9:56:04:76:28:8b:42:b1:65:68:69:de:73:0f:c6:25:86:5d:a0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wininitext.pdb

Imports

msvcrt

_XcptFilter
toupper
memmove
__C_specific_handler
_initterm
malloc
free
_amsg_exit
_vsnwprintf
memset

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleFileNameA
GetModuleHandleExW

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegCloseKey
RegOpenKeyExW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetVersionExW

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceExecuteOnce

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
InitializeProcThreadAttributeList
TerminateProcess
CreateThread
UpdateProcThreadAttribute
DeleteProcThreadAttributeList
GetCurrentThreadId
ResumeThread
GetCurrentProcess
CreateProcessW
CreateProcessAsUserW

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
ReleaseSRWLockExclusive
OpenEventW
AcquireSRWLockExclusive
CreateEventW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-security-base-l1-1-0

SetTokenInformation
GetTokenInformation
GetSecurityDescriptorDacl
FreeSid
CreateRestrictedToken
GetLengthSid
AdjustTokenPrivileges

sspicli

LogonUserExExW

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
ConvertSidToStringSidW

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

userenv

CreateAppContainerProfile
CreateEnvironmentBlock
DestroyEnvironmentBlock

api-ms-win-security-lsalookup-l1-1-0

LsaLookupManageSidNameMapping
LsaLookupFreeMemory

ntdll

RtlCopySid
RtlLengthSid
RtlGetDaclSecurityDescriptor
RtlSetDaclSecurityDescriptor
RtlAddAce
RtlSetEnvironmentVariable
RtlInitUnicodeString
TpSimpleTryPost
RtlFreeSid
RtlSetSaclSecurityDescriptor
RtlAddMandatoryAce
RtlCreateAcl
RtlCreateSecurityDescriptor
RtlNtStatusToDosError
RtlAllocateAndInitializeSid
EtwTraceMessage

advapi32

RegOpenKeyW

user32

SetThreadDesktop
SwitchDesktop
SetWindowStationUser
CloseDesktop
CloseWindowStation
SetUserObjectSecurity
LoadLocalFonts
UpdatePerUserSystemParameters
RegisterLogonProcess
CreateWindowStationW
CreateDesktopW
SetProcessWindowStation

kernelbase

WTSGetServiceSessionId
AppContainerDeriveSidFromMoniker

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventWriteTransfer
EventRegister
EventSetInformation
EventProviderEnabled

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Exports

Exports

GetLoggedOnUserCount
LaunchUmfdHostWithVirtualAccountWorker
PrimaryTerminalAndHookWorker
StartLoadingFontsWorker
UIStartupWorker
WaitForWinstationShutdown
WinStationSystemShutdownStartedWorker

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/winlogonext.dll
.dll windows:10 windows x64 arch:x64

e69d14c74de8e7df5587a714084a0e88

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

winlogonext.pdb

Imports

msvcrt

_wcsnicmp
malloc
_initterm
_amsg_exit
_XcptFilter
__C_specific_handler
free
memcpy

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter

kernelbase

LocalAlloc

rpcrt4

NdrClientCall3
RpcBindingFree
RpcStringFreeW
I_RpcMapWin32Status
RpcBindingBind
RpcBindingSetAuthInfoExW
I_RpcExceptionFilter
RpcStringBindingComposeW
RpcBindingCreateW
RpcBindingFromStringBindingW

kernel32

GetComputerNameExW
LocalFree
GetLastError

api-ms-win-security-base-l1-1-0

CreateWellKnownSid

api-ms-win-service-management-l1-1-0

OpenServiceW
OpenSCManagerW
CloseServiceHandle
StartServiceW

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus

Exports

Exports

ConfigureUserArso
EnableDisableElevationForSessionWorker
NotifyInteractiveSessionLogoff
UpdateUserTokenSessionId
WinLogonExt

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/winml.dll
.dll windows:10 windows x64 arch:x64

7c6e3bebfd329d7258d243d17e0737e6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

winml.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o___std_exception_copy
_o___std_exception_destroy
_o___std_type_info_destroy_list
_o__callnewh
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o_free
_o_malloc
_o_terminate
__C_specific_handler
_CxxThrowException
__CxxFrameHandler3
memmove
memcpy

api-ms-win-crt-string-l1-1-0

memset

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
FreeLibrary

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
TerminateProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo
GetSystemTimeAsFileTime

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventRegister
EventUnregister
EventSetInformation

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
InitializeCriticalSection

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

Exports

Exports

WinMLCreateRuntime

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 368B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/winnlsres.dll
.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Sections

.rdata
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
[GitHub] Installer/x64/winnsi.dll
.dll windows:10 windows x64 arch:x64

ad7c692fa9fcc8c643fd494188deca65

Code Sign

33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:30

Not After

03/03/2021, 18:30

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d7:fc:ed:23:74:85:d6:ef:26:75:b6:1f:93:40:c9:b5:35:70:1f:f5:d2:f9:88:26:b5:5d:b0:8a:f7:35:df:a7
Signer

Actual PE Digest

d7:fc:ed:23:74:85:d6:ef:26:75:b6:1f:93:40:c9:b5:35:70:1f:f5:d2:f9:88:26:b5:5d:b0:8a:f7:35:df:a7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

winnsi.pdb

Imports

api-ms-win-core-crt-l1-1-0

__C_specific_handler
memset

api-ms-win-core-crt-l2-1-0

_initterm
_initterm_e

ntdll

RtlUnsubscribeWnfNotificationWaitForCompletion
RtlCaptureContext
RtlLookupFunctionEntry
RtlSubscribeWnfStateChangeNotification
RtlVirtualUnwind
NtQueryWnfStateData

rpcrt4

RpcBindingFree
RpcStringBindingComposeW
RpcBindingSetAuthInfoW
I_RpcExceptionFilter
RpcAsyncCancelCall
RpcStringFreeW
RpcAsyncCompleteCall
Ndr64AsyncClientCall
RpcAsyncInitializeHandle
RpcBindingFromStringBindingW

nsi

NsiSetAllParametersEx
NsiSetParameterEx
NsiGetAllParametersEx
NsiGetParameterEx
NsiGetAllParameters
NsiEnumerateObjectsAllParameters

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-heap-obsolete-l1-1-0

LocalAlloc
LocalFree

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-synch-l1-1-0

SetEvent
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
CreateEventW
WaitForSingleObject
EnterCriticalSection

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx

api-ms-win-core-threadpool-private-l1-1-0

RegisterWaitForSingleObjectEx

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

Exports

Exports

NsiConnectToServer
NsiDisconnectFromServer
NsiRpcDeregisterChangeNotification
NsiRpcDeregisterChangeNotificationEx
NsiRpcEnumerateObjectsAllParameters
NsiRpcGetAllParameters
NsiRpcGetAllParametersEx
NsiRpcGetParameter
NsiRpcGetParameterEx
NsiRpcRegisterChangeNotification
NsiRpcRegisterChangeNotificationEx
NsiRpcSetAllParameters
NsiRpcSetAllParametersEx
NsiRpcSetParameter
NsiRpcSetParameterEx

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: 2024

Password: 2024

f34d5f2d4577ed6d9ceec516c1f5a744

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0d:01:94:cd:1e:31:42:20:51:35:d1:c6:36:e4:e9:baCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

33:00:00:01:09:5e:de:a2:12:7e:92:81:cc:00:00:00:00:01:09Certificate

Extended Key Usages

61:0b:aa:c1:00:00:00:00:00:09Certificate

Key Usages

14:97:40:3d:e7:85:59:88:ee:ae:be:e6:91:dc:1f:98:76:5e:cc:ca:c7:75:66:93:65:0b:7b:14:7b:fe:b1:21Signer

14:97:40:3d:e7:85:59:88:ee:ae:be:e6:91:dc:1f:98:76:5e:cc:ca:c7:75:66:93:65:0b:7b:14:7b:fe:b1:21Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 388KB - Virtual size: 388KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

Password: 2024

9c6c869862163d621c2d7c68bc01df4c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

oleaut32

api-ms-win-core-com-l1-1-0

api-ms-win-core-file-l1-1-0

api-ms-win-shcore-stream-l1-1-0

api-ms-win-core-threadpool-legacy-l1-1-0

api-ms-win-core-string-l1-1-0

api-ms-win-core-string-l2-1-0

api-ms-win-core-registry-l1-1-0

api-ms-win-core-string-obsolete-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-rtlsupport-l1-1-0

api-ms-win-core-profile-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-memory-l1-1-0

api-ms-win-core-libraryloader-l1-2-1

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 17KB - Virtual size: 17KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 420B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:01:94:cd:1e:31:42:20:51:35:d1:c6:36:e4:e9:ba
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

33:00:00:01:09:5e:de:a2:12:7e:92:81:cc:00:00:00:00:01:09
Certificate

61:0b:aa:c1:00:00:00:00:00:09
Certificate

14:97:40:3d:e7:85:59:88:ee:ae:be:e6:91:dc:1f:98:76:5e:cc:ca:c7:75:66:93:65:0b:7b:14:7b:fe:b1:21
Signer

14:97:40:3d:e7:85:59:88:ee:ae:be:e6:91:dc:1f:98:76:5e:cc:ca:c7:75:66:93:65:0b:7b:14:7b:fe:b1:21
Signer

.text
Size: 388KB - Virtual size: 388KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 17KB - Virtual size: 17KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 420B

33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

a9:01:74:45:90:a8:77:4f:3c:2a:45:ca:4e:47:8f:6a:4b:42:bb:2e:a7:06:d1:fd:8a:8b:f2:e6:a8:08:fc:c0
Signer

.text
Size: 153KB - Virtual size: 153KB

.rdata
Size: 31KB - Virtual size: 30KB

.data
Size: 2KB - Virtual size: 3KB

.pdata
Size: 9KB - Virtual size: 8KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 512B - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 768B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 116B