hotline[.]zip | Triage

Sharing

Copy URL Twitter E-mail

General

Target

hotline.zip
Size

89.8MB
MD5

69a9ac92c4a35f1608720d06869281fe
SHA1

59020c29a499a0b8b62c8e8643139b5b164943ab
SHA256

3719ecb42334609b36103208be9be2e2f1e23ffd84b72203237724d760bd783e
SHA512

d479a12fdf66bf16d396ea4da4f0859f6cc645d0275dcb45e41d1ce756ff66d1426e5894d4cc0df35f8de92cf3ad9b5c1151f899bb4067cb06b322cc3948d489
SSDEEP

1572864:/p/JoZS8vSDTgJpHXrpUcVRiV918dX2U98yQxPUowyQvUAedhTE9gFGXZimNHAb8:joI8vSv6rScV4n0mFP7Qvr1gEZr

Score

3^/10

Malware Config

Signatures

Unsigned PE 12 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Hotline Miami/AlienInMiami.dll
unpack001/Hotline Miami/GMXInput.dll
unpack001/Hotline Miami/HotlineGL.exe
unpack001/Hotline Miami/HotlineLauncher.exe
unpack001/Hotline Miami/HotlineMiami_Original.exe
unpack001/Hotline Miami/bass.dll
unpack001/Hotline Miami/bgm.dll
unpack001/Hotline Miami/cg.dll
unpack001/Hotline Miami/cgGL.dll
unpack001/Hotline Miami/libogg.dll
unpack001/Hotline Miami/libvorbis.dll
unpack001/Hotline Miami/libvorbisfile.dll

Files

hotline.zip
.zip
Hotline Miami/AlienInMiami.dll
.dll windows:5 windows x86 arch:x86

247b308e7b70429cf767800cf06d9fd7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\dpunktw\documents\visual studio 2010\Projects\HotlineMiami\Release\AlienInMiami.pdb

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CloseHandle
WaitForSingleObject
TerminateThread
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetTickCount
QueryPerformanceCounter
QueryPerformanceFrequency
Sleep
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
InterlockedExchange
DecodePointer
EncodePointer
IsProcessorFeaturePresent

msvcp100

?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QAEXH_N@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?setiosflags@std@@YA?AU?$_Smanip@H@1@H@Z
?setprecision@std@@YA?AU?$_Smanip@_J@1@_J@Z
?_Xlength_error@std@@YAXPBD@Z
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAE_JPBD_J@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QAEHD@Z
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A

msvcr100

_lock
_onexit
__dllonexit
free
_encoded_null
_initterm
_initterm_e
_amsg_exit
__CppXcptFilter
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_except_handler4_common
__clean_type_info_names_internal
_unlock
_beginthreadex
__CxxFrameHandler3
_endthreadex
??2@YAPAXI@Z
_time64
??3@YAXPAX@Z
clock
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBD@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
_malloc_crt
_CIpow
floor
_CxxThrowException
_CIsin
??_V@YAXPAX@Z

Exports

Exports

AlienInitialize
AlienRelease
AlienRotatePink
AlienRotateYellow
DeathBlink

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/EULA.txt
Hotline Miami/GMXInput.dll
.dll windows:5 windows x86 arch:x86

269b668187179ca797c827253a08e463

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\Myself\Mijn documenten\Visual Studio 2008\Projects\GMXInput\Debug\GMXInput.pdb

Imports

xinput1_3

ord2
ord3

kernel32

GetCurrentProcessId
SetEnvironmentVariableA
CompareStringW
GetCurrentThreadId
GetCommandLineA
GetProcAddress
GetModuleHandleA
RaiseException
IsDebuggerPresent
DebugBreak
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
LoadLibraryA
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
GetCurrentThread
HeapFree
Sleep
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FreeLibrary
HeapAlloc
GetProcessHeap
GetModuleFileNameW
VirtualQuery
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualAlloc
HeapReAlloc
WriteFile
SetConsoleCtrlHandler
InterlockedExchange
InitializeCriticalSectionAndSpinCount
RtlUnwind
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
HeapSize
GetLocaleInfoW
GetTimeZoneInformation
CompareStringA

Exports

Exports

checkButton
getButtonState
getCtrlState
leftThumbX
leftThumbY
leftTrigger
rightThumbX
rightThumbY
rightTrigger
setRumble

Sections

.textbss
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/HotlineGL.exe
.exe windows:5 windows x86 arch:x86

8a7b8dd31a88bbffd31179218f1e2c57

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\Hotline\svn\Software\Code\HotlineGL.exe.pdb

Imports

openal32

alBufferData
alSourceQueueBuffers
alSourceUnqueueBuffers
alGenBuffers
alSourceStop
alDeleteSources
alGetSourcei
alSourcePlay
alSourcef
alSourcei
alGenSources
alDeleteBuffers
alGetError
alcMakeContextCurrent
alcCreateContext
alcOpenDevice
alcCloseDevice
alcDestroyContext

libvorbisfile

ov_clear
ov_read
ov_info
ov_open_callbacks

dbghelp

SymCleanup
SymLoadModule
SymInitialize
SymSetOptions
SymGetOptions
SymGetModuleBase
SymGetSymFromAddr
StackWalk
SymFunctionTableAccess
SymGetLineFromAddr

kernel32

UnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
HeapSetInformation
InterlockedExchange
DecodePointer
EncodePointer
GetCommandLineW
WideCharToMultiByte
LoadLibraryExA
GetSystemInfo
CreateFileW
SetFilePointer
ReadFile
WriteFile
SetEndOfFile
GetFileSizeEx
IsDebuggerPresent
DebugBreak
CreateSemaphoreA
QueryPerformanceFrequency
QueryPerformanceCounter
ResetEvent
SetEvent
CreateEventA
ReleaseSemaphore
WaitForSingleObject
GetExitCodeThread
InterlockedCompareExchange
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetProcessHeap
OutputDebugStringA
IsBadWritePtr
ReadProcessMemory
GetCurrentProcess
IsBadReadPtr
GetCurrentProcessId
GetVersionExA
GetProcAddress
LoadLibraryA
SetLastError
CloseHandle
IsBadCodePtr
OpenProcess
GetModuleHandleA
GetLastError
lstrcpynA
lstrlenA
GetModuleFileNameA
CreateFileA
FormatMessageA
GetCurrentThread
GetTickCount
CreateDirectoryA
CreateThread
FreeLibrary
LocalFree
Sleep
GetCurrentThreadId
SetThreadPriority
GetSystemTimeAsFileTime
HeapFree
RaiseException

user32

SetLastErrorEx
ClipCursor
GetFocus
ShowCursor
GetSystemMetrics
wsprintfA
PeekMessageA
ReleaseDC
GetClientRect
GetDC
PostMessageA
SendMessageA
RegisterWindowMessageA
SetParent
SystemParametersInfoA
SetWindowPos
SetWindowLongA
ChangeDisplaySettingsA
DefWindowProcA
CreateWindowExA
RegisterClassA
GetWindowLongA
GetWindowInfo
GetCursorPos
DestroyWindow
PostQuitMessage
SetFocus
SwitchToThisWindow
ShowWindow
UpdateWindow
RegisterDeviceNotificationA
LoadCursorA
LoadIconA
EnumDisplaySettingsA
DispatchMessageA
TranslateMessage
GetWindowRect

shell32

CommandLineToArgvW
SHGetFolderPathA

msvcp100

??1_Container_base12@std@@QAE@XZ
?_Xout_of_range@std@@YAXPBD@Z
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAEXXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEGXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAE_JPB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEPAV12@PA_W_J@Z
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEHXZ
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MAEXABVlocale@2@@Z
?_BADOFF@std@@3_JB
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
?_Pninc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEPA_WXZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
?_Ios_base_dtor@ios_base@std@@CAXPAV12@@Z
??_7ios_base@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
?_Xlength_error@std@@YAXPBD@Z

msvcr100

??3@YAXPAX@Z
sscanf
__CxxFrameHandler3
??2@YAPAXI@Z
strrchr
memcpy
memset
strncpy
free
fflush
__iob_func
printf
fwrite
fclose
fprintf
fopen
memmove
_purecall
fread
??_V@YAXPAX@Z
fseek
ferror
sscanf_s
atoi
atof
_vsnprintf_s
isspace
tolower
isalpha
isalnum
strncmp
strchr
??0exception@std@@QAE@ABQBD@Z
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
_CxxThrowException
??0exception@std@@QAE@ABV01@@Z
sprintf
_CIsin
_CIsqrt
_CIfmod
_CIatan2
_CIcos
strstr
_stat64i32
_errno
wcstombs
_fseeki64
remove
realloc
malloc
ceil
floor
rand
isdigit
_stricmp
qsort
toupper
_CItan
memchr
sprintf_s
wcsstr
swscanf_s
?terminate@@YAXXZ
_except_handler4_common
_unlock
__dllonexit
_lock
_onexit
_amsg_exit
__getmainargs
_cexit
_exit
_XcptFilter
_ismbblead
exit
_acmdln
_initterm
_initterm_e
_configthreadlocale
__setusermatherr
_commode
_fmode
__set_app_type
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_crt_debugger_hook
_invoke_watson
_controlfp_s
_CIacos
_CIatan
_CIasin
_CItanh
_CIcosh
_CIsinh
modf
_CIpow
_CIlog10
_CIlog
_CIexp
frexp
ldexp
srand
_HUGE
strtod
strpbrk
_snprintf
abort
longjmp
_setjmp3
strcoll
localeconv
fgets
isxdigit
isupper
ispunct
isgraph
iscntrl
islower
_difftime64
_gmtime64
_localtime64
_mktime64
system
rename
tmpnam
getenv
clock
strftime
setlocale
_pclose
_popen
tmpfile
fscanf
ungetc
clearerr
_ftelli64
ftell
strerror
feof
getc
freopen
strspn
_time64
setvbuf

dinput8

DirectInput8Create

winmm

timeGetTime
timeBeginPeriod
timeEndPeriod

opengl32

glCopyTexSubImage2D
glReadBuffer
glDrawBuffer
wglDeleteContext
glGetFloatv
glPixelStorei
glFrontFace
glTexImage2D
glBindTexture
glTexSubImage2D
wglCreateContext
glShadeModel
glAlphaFunc
glDepthFunc
glCullFace
glPolygonMode
glStencilOp
glStencilFunc
glStencilMask
glGetTexImage
glEnableClientState
glDisableClientState
glClearColor
glClearDepth
glClear
glTexParameteri
glTexParameterfv
glTexParameterf
glDeleteTextures
glGenTextures
glReadPixels
glClearStencil
glDrawArrays
glGetError
glViewport
glScissor
wglMakeCurrent
glGetString
glDrawElements
glBlendFunc
wglGetProcAddress
glPointSize
glLineWidth
glColorMask
glPolygonOffset
glDepthMask
glEnable
glDisable
glTexEnvi
glHint

cg

cgDestroyProgram
cgCreateContext
cgSetParameterSettingMode
cgGetParameterResource
cgGetNamedParameter
cgGetParameterResourceIndex
cgGetErrorString
cgGetLastListing
cgCreateProgramFromEffect
cgCreateProgram
cgDestroyContext
cgUpdateProgramParameters
cgGetError

cggl

cgGLSetParameterPointer
cgGLEnableClientState
cgGLSetDebugMode
cgGLBindProgram
cgGLEnableProfile
cgGLSetParameter4fv
cgGLDisableProfile
cgGLUnbindProgram
cgGLDisableTextureParameter
cgGLLoadProgram
cgGLIsProfileSupported
cgGLSetParameter2fv
cgGLSetParameterArray3f
cgGLSetParameter3fv
cgGLSetParameterArray4f
cgGLSetMatrixParameterArrayfc
cgGLSetMatrixParameterfc
cgGLGetTextureEnum
cgGLSetParameter1f
cgGLSetParameterArray1f
cgGLDisableClientState
cgGLGetLatestProfile
cgGLSetTextureParameter
cgGLEnableTextureParameter
cgGLSetParameterArray2f

xinput1_3

ord3
ord2

gdi32

DescribePixelFormat
SwapBuffers
SetPixelFormat
ChoosePixelFormat

ole32

CoInitialize
CoCreateInstance
CoSetProxyBlanket
CoUninitialize

oleaut32

SysAllocString
SysFreeString

Sections

.text
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 757KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 131KB - Virtual size: 4.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Hotline Miami/HotlineLauncher.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Projects\Hotline\svn\Tools\HotlineLauncher\obj\x86\Release\HotlineLauncher.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 525KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/HotlineMiami_GL.wad
Hotline Miami/HotlineMiami_Original.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 440KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Hotline Miami/Launch Hotline Miami.lnk
.lnk
Hotline Miami/bass.dll
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Exports

Exports

BASS_Apply3D
BASS_ChannelBytes2Seconds
BASS_ChannelGet3DAttributes
BASS_ChannelGet3DPosition
BASS_ChannelGetAttributes
BASS_ChannelGetData
BASS_ChannelGetDevice
BASS_ChannelGetEAXMix
BASS_ChannelGetInfo
BASS_ChannelGetLength
BASS_ChannelGetLevel
BASS_ChannelGetPosition
BASS_ChannelGetTags
BASS_ChannelIsActive
BASS_ChannelIsSliding
BASS_ChannelPause
BASS_ChannelPlay
BASS_ChannelPreBuf
BASS_ChannelRemoveDSP
BASS_ChannelRemoveFX
BASS_ChannelRemoveLink
BASS_ChannelRemoveSync
BASS_ChannelSeconds2Bytes
BASS_ChannelSet3DAttributes
BASS_ChannelSet3DPosition
BASS_ChannelSetAttributes
BASS_ChannelSetDSP
BASS_ChannelSetDevice
BASS_ChannelSetEAXMix
BASS_ChannelSetFX
BASS_ChannelSetFlags
BASS_ChannelSetLink
BASS_ChannelSetPosition
BASS_ChannelSetSync
BASS_ChannelSlideAttributes
BASS_ChannelStop
BASS_ErrorGetCode
BASS_FXGetParameters
BASS_FXSetParameters
BASS_Free
BASS_Get3DFactors
BASS_Get3DPosition
BASS_GetCPU
BASS_GetConfig
BASS_GetDSoundObject
BASS_GetDevice
BASS_GetDeviceDescription
BASS_GetEAXParameters
BASS_GetInfo
BASS_GetVersion
BASS_GetVolume
BASS_Init
BASS_MusicFree
BASS_MusicGetAttribute
BASS_MusicGetOrderPosition
BASS_MusicGetOrders
BASS_MusicLoad
BASS_MusicSetAttribute
BASS_Pause
BASS_PluginFree
BASS_PluginGetInfo
BASS_PluginLoad
BASS_RecordFree
BASS_RecordGetDevice
BASS_RecordGetDeviceDescription
BASS_RecordGetInfo
BASS_RecordGetInput
BASS_RecordGetInputName
BASS_RecordInit
BASS_RecordSetDevice
BASS_RecordSetInput
BASS_RecordStart
BASS_SampleCreate
BASS_SampleCreateDone
BASS_SampleFree
BASS_SampleGetChannel
BASS_SampleGetInfo
BASS_SampleLoad
BASS_SampleSetInfo
BASS_SampleStop
BASS_Set3DFactors
BASS_Set3DPosition
BASS_SetConfig
BASS_SetDevice
BASS_SetEAXParameters
BASS_SetVolume
BASS_Start
BASS_Stop
BASS_StreamCreate
BASS_StreamCreateFile
BASS_StreamCreateFileUser
BASS_StreamCreateURL
BASS_StreamFree
BASS_StreamGetFilePosition
BASS_Update
_

Sections

Size: 85KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 568B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Hotline Miami/bgm.dll
.dll windows:4 windows x86 arch:x86

0eb2cb15b7b03a2ebeb8ad2576423c20

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

bass

BASS_Init
BASS_ErrorGetCode
BASS_Free
BASS_ChannelGetInfo
BASS_MusicGetAttribute
BASS_MusicSetAttribute
BASS_ChannelGetTags
BASS_ChannelSlideAttributes
BASS_ChannelIsSliding
BASS_ChannelGetAttributes
BASS_ChannelSetAttributes
BASS_ChannelSetFlags
BASS_GetConfig
BASS_SetConfig
BASS_MusicLoad
BASS_SampleLoad
BASS_SampleGetChannel
BASS_SampleFree
BASS_StreamCreateFile
BASS_StreamCreateURL
BASS_SampleStop
BASS_StreamFree
BASS_MusicFree
BASS_ChannelPlay
BASS_ChannelPause
BASS_ChannelStop
BASS_ChannelIsActive
BASS_ChannelGetLength
BASS_ChannelBytes2Seconds
BASS_ChannelGetPosition
BASS_MusicGetOrderPosition

kernel32

AddAtomA
FindAtomA
GetAtomNameA

msvcrt

__dllonexit
_errno
_iob
abort
atoi
fclose
fflush
fopen
fprintf
free
gmtime
isdigit
malloc
printf
sprintf
strcmp
strcpy
strlen
strncpy
strstr
time
tolower

Exports

Exports

bgm_Close
bgm_Error
bgm_FadeVolByFname
bgm_FadeVolById
bgm_GetAttrByFname
bgm_GetAttrById
bgm_GetAttrTypeLast
bgm_GetLenByFname
bgm_GetLenById
bgm_GetOrderByFname
bgm_GetOrderById
bgm_GetPosByFname
bgm_GetPosById
bgm_GetRowByFname
bgm_GetRowById
bgm_Init
bgm_IsLoadedByFname
bgm_IsLoadedById
bgm_IsPlayingByFname
bgm_IsPlayingById
bgm_Load
bgm_LoadMod
bgm_LoadNetStream
bgm_LoadSample
bgm_LoadStream
bgm_PauseByFname
bgm_PauseById
bgm_PlayByFname
bgm_PlayById
bgm_SetAttrByFname
bgm_SetAttrById
bgm_SetReportErrors
bgm_StopByFname
bgm_StopById
bgm_UnloadByFname
bgm_UnloadById
bgm_UnpauseByFname
bgm_UnpauseById
bgm_VolIsFadingByFname
bgm_VolIsFadingById

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/cg.dll
.dll windows:4 windows x86 arch:x86

15d86246c2a8c4673375ac9615d7dde9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\bld\cg\rel2.0\src\cglang\runtime\bin\Windows_vc8_release\cg.pdb

Imports

kernel32

InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetLastError
HeapFree
HeapAlloc
HeapReAlloc
GetProcAddress
GetModuleHandleA
ExitProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentThreadId
GetCommandLineA
GetVersionExA
GetProcessHeap
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
CloseHandle
LoadLibraryA
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
RaiseException
LCMapStringA
MultiByteToWideChar
LCMapStringW
ReadFile
CreateFileA
SetStdHandle
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
SetEndOfFile
VirtualQuery

Exports

Exports

??0cgiRefCount@@QAE@ABU0@@Z
??0cgiRefCount@@QAE@XZ
??1cgiRefCount@@MAE@XZ
??4cgiRefCount@@QAEAAU0@ABU0@@Z
??_7cgiRefCount@@6B@
?Ref@cgiRefCount@@QAEXXZ
?UnRef@cgiRefCount@@QAEXXZ
GetIAtomString
cgAddStateEnumerant
cgCallStateResetCallback
cgCallStateSetCallback
cgCallStateValidateCallback
cgCombinePrograms
cgCombinePrograms2
cgCombinePrograms3
cgCompileProgram
cgConnectParameter
cgCopyEffect
cgCopyProgram
cgCreateArraySamplerState
cgCreateArrayState
cgCreateBuffer
cgCreateContext
cgCreateEffect
cgCreateEffectAnnotation
cgCreateEffectFromFile
cgCreateEffectParameter
cgCreateEffectParameterArray
cgCreateEffectParameterMultiDimArray
cgCreateObj
cgCreateObjFromFile
cgCreateParameter
cgCreateParameterAnnotation
cgCreateParameterArray
cgCreateParameterMultiDimArray
cgCreatePass
cgCreatePassAnnotation
cgCreateProgram
cgCreateProgramAnnotation
cgCreateProgramFromEffect
cgCreateProgramFromFile
cgCreateSamplerState
cgCreateSamplerStateAssignment
cgCreateState
cgCreateStateAssignment
cgCreateStateAssignmentIndex
cgCreateTechnique
cgCreateTechniqueAnnotation
cgDestroyBuffer
cgDestroyContext
cgDestroyEffect
cgDestroyObj
cgDestroyParameter
cgDestroyProgram
cgDisconnectParameter
cgEvaluateProgram
cgGetAnnotationName
cgGetAnnotationType
cgGetArrayDimension
cgGetArrayParameter
cgGetArraySize
cgGetArrayTotalSize
cgGetArrayType
cgGetAutoCompile
cgGetBoolAnnotationValues
cgGetBoolStateAssignmentValues
cgGetBooleanAnnotationValues
cgGetBufferSize
cgGetConnectedParameter
cgGetConnectedStateAssignmentParameter
cgGetConnectedToParameter
cgGetDependentAnnotationParameter
cgGetDependentStateAssignmentParameter
cgGetEffectContext
cgGetEffectName
cgGetEffectParameterBySemantic
cgGetEnum
cgGetEnumString
cgGetError
cgGetErrorCallback
cgGetErrorHandler
cgGetErrorString
cgGetFirstDependentParameter
cgGetFirstEffect
cgGetFirstEffectAnnotation
cgGetFirstEffectParameter
cgGetFirstError
cgGetFirstLeafEffectParameter
cgGetFirstLeafParameter
cgGetFirstParameter
cgGetFirstParameterAnnotation
cgGetFirstPass
cgGetFirstPassAnnotation
cgGetFirstProgram
cgGetFirstProgramAnnotation
cgGetFirstSamplerState
cgGetFirstSamplerStateAssignment
cgGetFirstState
cgGetFirstStateAssignment
cgGetFirstStructParameter
cgGetFirstTechnique
cgGetFirstTechniqueAnnotation
cgGetFloatAnnotationValues
cgGetFloatStateAssignmentValues
cgGetIntAnnotationValues
cgGetIntStateAssignmentValues
cgGetLastErrorString
cgGetLastListing
cgGetLockingPolicy
cgGetMatrixParameterdc
cgGetMatrixParameterdr
cgGetMatrixParameterfc
cgGetMatrixParameterfr
cgGetMatrixParameteric
cgGetMatrixParameterir
cgGetMatrixSize
cgGetNamedEffect
cgGetNamedEffectAnnotation
cgGetNamedEffectParameter
cgGetNamedParameter
cgGetNamedParameterAnnotation
cgGetNamedPass
cgGetNamedPassAnnotation
cgGetNamedProgramAnnotation
cgGetNamedProgramParameter
cgGetNamedSamplerState
cgGetNamedSamplerStateAssignment
cgGetNamedState
cgGetNamedStateAssignment
cgGetNamedStructParameter
cgGetNamedSubParameter
cgGetNamedTechnique
cgGetNamedTechniqueAnnotation
cgGetNamedUserType
cgGetNextAnnotation
cgGetNextEffect
cgGetNextLeafParameter
cgGetNextParameter
cgGetNextPass
cgGetNextProgram
cgGetNextState
cgGetNextStateAssignment
cgGetNextTechnique
cgGetNumConnectedToParameters
cgGetNumDependentAnnotationParameters
cgGetNumDependentStateAssignmentParameters
cgGetNumParentTypes
cgGetNumProgramDomains
cgGetNumUserTypes
cgGetParameterBaseResource
cgGetParameterBaseType
cgGetParameterBufferIndex
cgGetParameterBufferOffset
cgGetParameterClass
cgGetParameterColumns
cgGetParameterContext
cgGetParameterDirection
cgGetParameterEffect
cgGetParameterIndex
cgGetParameterName
cgGetParameterNamedType
cgGetParameterOrdinalNumber
cgGetParameterProgram
cgGetParameterResource
cgGetParameterResourceIndex
cgGetParameterResourceSize
cgGetParameterResourceType
cgGetParameterRows
cgGetParameterSemantic
cgGetParameterSettingMode
cgGetParameterType
cgGetParameterValuedc
cgGetParameterValuedr
cgGetParameterValuefc
cgGetParameterValuefr
cgGetParameterValueic
cgGetParameterValueir
cgGetParameterValues
cgGetParameterVariability
cgGetParentType
cgGetPassName
cgGetPassTechnique
cgGetProfile
cgGetProfileDomain
cgGetProfileString
cgGetProgramBuffer
cgGetProgramBufferMaxIndex
cgGetProgramBufferMaxSize
cgGetProgramContext
cgGetProgramDomainProfile
cgGetProgramInput
cgGetProgramOptions
cgGetProgramOutput
cgGetProgramProfile
cgGetProgramStateAssignmentValue
cgGetProgramString
cgGetResource
cgGetResourceString
cgGetSamplerStateAssignmentParameter
cgGetSamplerStateAssignmentState
cgGetSamplerStateAssignmentValue
cgGetSemanticCasePolicy
cgGetStateAssignmentIndex
cgGetStateAssignmentPass
cgGetStateAssignmentState
cgGetStateContext
cgGetStateEnumerantName
cgGetStateEnumerantValue
cgGetStateName
cgGetStateResetCallback
cgGetStateSetCallback
cgGetStateType
cgGetStateValidateCallback
cgGetString
cgGetStringAnnotationValue
cgGetStringAnnotationValues
cgGetStringParameterValue
cgGetStringStateAssignmentValue
cgGetTechniqueEffect
cgGetTechniqueName
cgGetTextureStateAssignmentValue
cgGetType
cgGetTypeBase
cgGetTypeClass
cgGetTypeSizes
cgGetTypeString
cgGetUserType
cgIsAnnotation
cgIsContext
cgIsEffect
cgIsInterfaceType
cgIsParameter
cgIsParameterGlobal
cgIsParameterReferenced
cgIsParameterUsed
cgIsParentType
cgIsPass
cgIsProgram
cgIsProgramCompiled
cgIsState
cgIsStateAssignment
cgIsTechnique
cgIsTechniqueValidated
cgMapBuffer
cgResetPassState
cgSetArraySize
cgSetAutoCompile
cgSetBoolAnnotation
cgSetBoolArrayStateAssignment
cgSetBoolStateAssignment
cgSetBufferData
cgSetBufferSubData
cgSetEffectName
cgSetErrorCallback
cgSetErrorHandler
cgSetFloatAnnotation
cgSetFloatArrayStateAssignment
cgSetFloatStateAssignment
cgSetIntAnnotation
cgSetIntArrayStateAssignment
cgSetIntStateAssignment
cgSetLastListing
cgSetLockingPolicy
cgSetMatrixParameterdc
cgSetMatrixParameterdr
cgSetMatrixParameterfc
cgSetMatrixParameterfr
cgSetMatrixParameteric
cgSetMatrixParameterir
cgSetMultiDimArraySize
cgSetParameter1d
cgSetParameter1dv
cgSetParameter1f
cgSetParameter1fv
cgSetParameter1i
cgSetParameter1iv
cgSetParameter2d
cgSetParameter2dv
cgSetParameter2f
cgSetParameter2fv
cgSetParameter2i
cgSetParameter2iv
cgSetParameter3d
cgSetParameter3dv
cgSetParameter3f
cgSetParameter3fv
cgSetParameter3i
cgSetParameter3iv
cgSetParameter4d
cgSetParameter4dv
cgSetParameter4f
cgSetParameter4fv
cgSetParameter4i
cgSetParameter4iv
cgSetParameterSemantic
cgSetParameterSettingMode
cgSetParameterValuedc
cgSetParameterValuedr
cgSetParameterValuefc
cgSetParameterValuefr
cgSetParameterValueic
cgSetParameterValueir
cgSetParameterVariability
cgSetPassProgramParameters
cgSetPassState
cgSetProgramBuffer
cgSetProgramProfile
cgSetProgramStateAssignment
cgSetSamplerState
cgSetSamplerStateAssignment
cgSetSemanticCasePolicy
cgSetStateCallbacks
cgSetStringAnnotation
cgSetStringParameterValue
cgSetStringStateAssignment
cgSetTextureStateAssignment
cgUnmapBuffer
cgUpdateProgramParameters
cgValidateTechnique
cgiAcquireWriteLock
cgiAddCleanupCallback
cgiCheckForInvalidProfileProgram
cgiClearLastError
cgiCreateBuffer
cgiDispatchResetSamplerStates
cgiDispatchSetSamplerStates
cgiGetArrayDim
cgiGetArrayParameter
cgiGetArraySize
cgiGetBoolStateAssignmentValues
cgiGetBuffer
cgiGetConnectedParameter
cgiGetConnectedToParameter
cgiGetErrorCallback
cgiGetFirstDependentParameter
cgiGetFirstLeafParameter
cgiGetFirstSamplerStateAssignment
cgiGetFirstStructParameter
cgiGetFloatStateAssignmentValues
cgiGetIntStateAssignmentValues
cgiGetLeafParameterValues
cgiGetLinkedParams
cgiGetMatrixParameterArrayd
cgiGetMatrixParameterArrayf
cgiGetMatrixSize
cgiGetNamedEffectParameter
cgiGetNextLeafParameter
cgiGetNextParameter
cgiGetNextStateAssignment
cgiGetNumConnectedToParameters
cgiGetNumParentTypes
cgiGetNumStateAssignmentValues
cgiGetParamById
cgiGetParameterArrayd
cgiGetParameterArrayf
cgiGetParameterBaseResource
cgiGetParameterBaseType
cgiGetParameterBufferIndex
cgiGetParameterBufferOffset
cgiGetParameterCachedValues
cgiGetParameterClass
cgiGetParameterDefaultValues
cgiGetParameterDirection
cgiGetParameterEffect
cgiGetParameterName
cgiGetParameterProfile
cgiGetParameterProgram
cgiGetParameterResource
cgiGetParameterResourceIndex
cgiGetParameterResourceName
cgiGetParameterResourceNameCStr
cgiGetParameterType
cgiGetParameterValues
cgiGetParameterVariability
cgiGetParentType
cgiGetProfile
cgiGetProfileCallbacks
cgiGetProfileName
cgiGetProfileString
cgiGetProgramBuffer
cgiGetProgramById
cgiGetProgramCachedParameters
cgiGetProgramContext
cgiGetProgramEntry
cgiGetProgramOptions
cgiGetProgramProfile
cgiGetProgramProfileObject
cgiGetProgramStateAssignmentValue
cgiGetProgramString
cgiGetResourceName
cgiGetSamplerStateAssignmentParameter
cgiGetSamplerStateAssignmentValue
cgiGetStateAssignment
cgiGetStateAssignmentIndex
cgiGetStringStateAssignmentValue
cgiGetTextureStateAssignmentValue
cgiGetType
cgiGetTypeBase
cgiGetTypeClass
cgiGetTypeName
cgiGetTypeSizes
cgiGetTypeString
cgiHandleToContext
cgiHandleToLeafParam
cgiHandleToParam
cgiHandleToProgram
cgiInitialize
cgiInvalidateTechnique
cgiIsInterfaceType
cgiIsParameterReferenced
cgiIsParameterUsed
cgiIsParameterUsedInProgram
cgiIsParentType
cgiIsProgramCompiled
cgiIsTextureType
cgiPopBoundProgram
cgiPushBoundProgram
cgiRegisterState
cgiRegisterStateEnum
cgiReleaseWriteLock
cgiRemoveProgramProfileObject
cgiResourceToStr
cgiSetContextDispatcher
cgiSetError
cgiSetErrorCallback
cgiSetMatrixParameterArrayd
cgiSetMatrixParameterArrayf
cgiSetParamProfileCallbacks
cgiSetParameterArrayd
cgiSetParameterArrayf
cgiSetParameterError
cgiSetProfileCallbacks
cgiSetProfileOptions
cgiSetProgramError
cgiSetProgramProfileObject
cgiSetProgramVMParameters
cgiSetUnloadProgramCallback
cgiToStateId
cgiUpdateProgramParameters
cgihCompileProgram
cgihConnectParameter
cgihCreateArraySamplerState
cgihGetAutoCompile
cgihGetFirstParameter
cgihGetFirstPass
cgihGetFirstStateAssignment
cgihGetFirstStructParameter
cgihGetLastListing
cgihGetNamedEffectParameter
cgihGetNextParameter
cgihGetNextPass
cgihGetNextStateAssignment
cgihGetParameterDirection
cgihGetParameterName
cgihGetParameterOrdinalNumber
cgihGetParameterType
cgihGetParameterVariability
cgihGetProgramContext
cgihGetProgramProfile
cgihSetAutoCompile

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 988KB - Virtual size: 985KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 92KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/cgGL.dll
.dll windows:4 windows x86 arch:x86

f7e52d082a07fe5b05913a0b16b965b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\bld\cg\rel2.0\src\cglang\runtime\bin\Windows_vc8_release\cgGL.pdb

Imports

cg

cgiGetParameterBaseType
cgGetProfileDomain
cgiGetParameterResourceName
cgiGetParameterName
cgihGetNextParameter
cgGetFirstDependentParameter
cgiGetParameterDefaultValues
cgiGetProgramString
cgiSetProgramError
cgiRemoveProgramProfileObject
cgiGetTypeBase
cgiSetProfileOptions
cgiGetProgramProfileObject
cgiGetProgramProfile
cgiSetProgramProfileObject
cgiGetConnectedParameter
cgihCompileProgram
cgiCheckForInvalidProfileProgram
cgiRegisterStateEnum
cgiSetErrorCallback
cgiSetContextDispatcher
cgiGetProfileString
cgSetLastListing
cgiGetSamplerStateAssignmentParameter
cgiGetProgramStateAssignmentValue
cgiSetProgramVMParameters
cgiGetFloatStateAssignmentValues
cgiGetNumStateAssignmentValues
cgiIsProgramCompiled
cgiGetIntStateAssignmentValues
cgiToStateId
cgGetError
cgiGetErrorCallback
cgiRegisterState
cgiGetSamplerStateAssignmentValue
cgiGetBoolStateAssignmentValues
cgiCreateBuffer
cgiGetParameterResource
??_7cgiRefCount@@6B@
cgSetParameter4fv
cgSetParameter4dv
cgiGetParameterResourceIndex
cgSetParameter2dv
cgiSetParameterError
cgGetMatrixParameterdc
cgSetParameter3d
cgiGetMatrixParameterArrayf
cgSetMatrixParameterfc
cgSetParameter2d
cgiSetMatrixParameterArrayd
cgiSetParameterArrayd
cgiGetParameterBaseResource
cgiGetProgramContext
cgSetParameter2fv
cgGetMatrixParameterfc
cgSetMatrixParameterdc
cgiSetUnloadProgramCallback
cgSetSamplerState
cgiHandleToLeafParam
cgiGetParameterVariability
cgiAddCleanupCallback
cgiGetProfileCallbacks
cgiPopBoundProgram
cgiAcquireWriteLock
cgiIsTextureType
cgSetMatrixParameterdr
cgGetParameterValuefr
cgiHandleToParam
cgiGetBuffer
cgGetMatrixParameterdr
cgiSetParameterArrayf
cgiGetParameterDirection
cgiGetProgramCachedParameters
cgiUpdateProgramParameters
cgiGetParameterCachedValues
cgiGetParameterType
cgiGetLinkedParams
cgiGetParameterArrayf
cgGetParameterValuedr
cgSetParameter3fv
cgiGetArraySize
cgSetParameter1f
cgGetMatrixParameterfr
cgiPushBoundProgram
cgSetParameter3f
cgiGetParameterArrayd
cgiGetParameterProgram
cgSetParameter3dv
cgSetParameter4f
cgiHandleToProgram
cgiReleaseWriteLock
cgiIsParameterReferenced
cgiSetMatrixParameterArrayf
cgiGetMatrixSize
cgiGetMatrixParameterArrayd
cgSetMatrixParameterfr
cgSetParameter1d
cgihGetParameterType
cgSetParameter4d
cgSetParameter2f
cgSetParameter1dv
cgiSetProfileCallbacks
?UnRef@cgiRefCount@@QAEXXZ
cgiSetError
cgSetParameter1fv

opengl32

glTexEnvf
glColor3f
glNormal3fv
glVertex2fv
glColor4fv
glVertex2f
glEnableClientState
glVertex3fv
glDisableClientState
glColor3fv
glVertex4fv
glNormal3f
glStencilMask
glLightf
glBlendFunc
glLightModeliv
glPolygonMode
glFrontFace
glLineStipple
glTexGeni
glGetIntegerv
glGetDoublev
glBindTexture
glGetString
wglGetCurrentDC
wglGetProcAddress
glNormalPointer
glVertexPointer
glTexCoordPointer
glGetError
glDisable
glColorPointer
glShadeModel
glCullFace
glTexParameterf
glColorMaterial
glTexGenfv
glColorMask
glFogi
glLoadIdentity
glScissor
glDepthRange
glLightModelfv
glDepthMask
glLightModeli
glPointSize
glMatrixMode
glFogfv
glTexEnvi
glLineWidth
glLoadMatrixf
glTexParameteri
glFogf
glClearDepth
glClearStencil
glMaterialfv
glLightfv
glGetFloatv
glAlphaFunc
glPolygonOffset
glStencilOp
glDepthFunc
glEnable
glTexParameterfv
glClearColor
glLogicOp
glStencilFunc
glClipPlane
glTexEnvfv
glMaterialf

kernel32

SetEndOfFile
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
CreateFileA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetConsoleMode
GetConsoleCP
CloseHandle
WideCharToMultiByte
GetStartupInfoA
GetFileType
SetHandleCount
SetFilePointer
ReadFile
MultiByteToWideChar
RtlUnwind
InitializeCriticalSection
LoadLibraryA
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
HeapSize
Sleep
VirtualAlloc
DeleteCriticalSection
VirtualFree
HeapCreate
HeapDestroy
InterlockedDecrement
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
WriteFile
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcessHeap
GetVersionExA
GetCommandLineA
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
ExitProcess
GetModuleHandleA
GetProcAddress
HeapReAlloc
HeapAlloc
HeapFree
GetLastError

Exports

Exports

cgGLBindProgram
cgGLCreateBuffer
cgGLDisableClientState
cgGLDisableProfile
cgGLDisableProgramProfiles
cgGLDisableTextureParameter
cgGLEnableClientState
cgGLEnableProfile
cgGLEnableProgramProfiles
cgGLEnableTextureParameter
cgGLGetBufferObject
cgGLGetLatestProfile
cgGLGetManageTextureParameters
cgGLGetMatrixParameterArraydc
cgGLGetMatrixParameterArraydr
cgGLGetMatrixParameterArrayfc
cgGLGetMatrixParameterArrayfr
cgGLGetMatrixParameterdc
cgGLGetMatrixParameterdr
cgGLGetMatrixParameterfc
cgGLGetMatrixParameterfr
cgGLGetParameter1d
cgGLGetParameter1f
cgGLGetParameter2d
cgGLGetParameter2f
cgGLGetParameter3d
cgGLGetParameter3f
cgGLGetParameter4d
cgGLGetParameter4f
cgGLGetParameterArray1d
cgGLGetParameterArray1f
cgGLGetParameterArray2d
cgGLGetParameterArray2f
cgGLGetParameterArray3d
cgGLGetParameterArray3f
cgGLGetParameterArray4d
cgGLGetParameterArray4f
cgGLGetProgramID
cgGLGetTextureEnum
cgGLGetTextureParameter
cgGLIsProfileSupported
cgGLIsProgramLoaded
cgGLLoadProgram
cgGLRegisterStates
cgGLSetDebugMode
cgGLSetManageTextureParameters
cgGLSetMatrixParameterArraydc
cgGLSetMatrixParameterArraydr
cgGLSetMatrixParameterArrayfc
cgGLSetMatrixParameterArrayfr
cgGLSetMatrixParameterdc
cgGLSetMatrixParameterdr
cgGLSetMatrixParameterfc
cgGLSetMatrixParameterfr
cgGLSetOptimalOptions
cgGLSetParameter1d
cgGLSetParameter1dv
cgGLSetParameter1f
cgGLSetParameter1fv
cgGLSetParameter2d
cgGLSetParameter2dv
cgGLSetParameter2f
cgGLSetParameter2fv
cgGLSetParameter3d
cgGLSetParameter3dv
cgGLSetParameter3f
cgGLSetParameter3fv
cgGLSetParameter4d
cgGLSetParameter4dv
cgGLSetParameter4f
cgGLSetParameter4fv
cgGLSetParameterArray1d
cgGLSetParameterArray1f
cgGLSetParameterArray2d
cgGLSetParameterArray2f
cgGLSetParameterArray3d
cgGLSetParameterArray3f
cgGLSetParameterArray4d
cgGLSetParameterArray4f
cgGLSetParameterPointer
cgGLSetStateMatrixParameter
cgGLSetTextureParameter
cgGLSetupSampler
cgGLUnbindProgram

Sections

.text
Size: 192KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/gog.ico
Hotline Miami/goggame-1207659118.hashdb
.zip
goggame-1207659118.hashdb
Hotline Miami/goggame-1207659118.ico
Hotline Miami/goggame-1207659118.id
Hotline Miami/goggame-1207659118.info
Hotline Miami/goggame-1207659118.script
Hotline Miami/goglog.ini
Hotline Miami/libogg.dll
.dll windows:5 windows x86 arch:x86

79048559df7de60b399b774f016836b6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr100

_except_handler4_common
_onexit
memmove
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
memchr
realloc
malloc
free
_crt_debugger_hook
memset
memcpy

kernel32

EncodePointer
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer

Exports

Exports

ogg_packet_clear
ogg_page_bos
ogg_page_checksum_set
ogg_page_continued
ogg_page_eos
ogg_page_granulepos
ogg_page_packets
ogg_page_pageno
ogg_page_serialno
ogg_page_version
ogg_stream_clear
ogg_stream_destroy
ogg_stream_eos
ogg_stream_flush
ogg_stream_init
ogg_stream_packetin
ogg_stream_packetout
ogg_stream_packetpeek
ogg_stream_pagein
ogg_stream_pageout
ogg_stream_reset
ogg_stream_reset_serialno
ogg_sync_buffer
ogg_sync_clear
ogg_sync_destroy
ogg_sync_init
ogg_sync_pageout
ogg_sync_pageseek
ogg_sync_reset
ogg_sync_wrote
oggpackB_adv
oggpackB_adv1
oggpackB_bits
oggpackB_bytes
oggpackB_get_buffer
oggpackB_look
oggpackB_look1
oggpackB_read
oggpackB_read1
oggpackB_readinit
oggpackB_reset
oggpackB_write
oggpackB_writealign
oggpackB_writeclear
oggpackB_writecopy
oggpackB_writeinit
oggpackB_writetrunc
oggpack_adv
oggpack_adv1
oggpack_bits
oggpack_bytes
oggpack_get_buffer
oggpack_look
oggpack_look1
oggpack_read
oggpack_read1
oggpack_readinit
oggpack_reset
oggpack_write
oggpack_writealign
oggpack_writeclear
oggpack_writecopy
oggpack_writeinit
oggpack_writetrunc

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/libvorbis.dll
.dll windows:5 windows x86 arch:x86

22c6f5113a71af1b57f32e3c77200547

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libogg

oggpack_readinit
oggpack_look
oggpack_adv
oggpack_read
oggpack_writeinit
oggpack_writeclear
oggpack_write
oggpack_writetrunc
oggpack_get_buffer
oggpack_reset
oggpack_bytes

msvcr100

exit
toupper
ceil
ldexp
_malloc_crt
_encoded_null
_initterm
_initterm_e
qsort
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
realloc
malloc
calloc
free
memmove
_CIsin
_CIcos
memset
floor
_CIpow
_CIlog
_CIexp
_CIsqrt
_CIatan
memcpy
_amsg_exit

kernel32

IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer
IsDebuggerPresent

Exports

Exports

_floor_P
_mapping_P
_residue_P
vorbis_analysis
vorbis_analysis_blockout
vorbis_analysis_buffer
vorbis_analysis_headerout
vorbis_analysis_init
vorbis_analysis_wrote
vorbis_bitrate_addblock
vorbis_bitrate_flushpacket
vorbis_block_clear
vorbis_block_init
vorbis_comment_add
vorbis_comment_add_tag
vorbis_comment_clear
vorbis_comment_init
vorbis_comment_query
vorbis_comment_query_count
vorbis_commentheader_out
vorbis_dsp_clear
vorbis_encode_ctl
vorbis_encode_init
vorbis_encode_init_vbr
vorbis_encode_setup_init
vorbis_encode_setup_managed
vorbis_encode_setup_vbr
vorbis_granule_time
vorbis_info_blocksize
vorbis_info_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_synthesis
vorbis_synthesis_blockin
vorbis_synthesis_halfrate
vorbis_synthesis_halfrate_p
vorbis_synthesis_headerin
vorbis_synthesis_idheader
vorbis_synthesis_init
vorbis_synthesis_lapout
vorbis_synthesis_pcmout
vorbis_synthesis_read
vorbis_synthesis_restart
vorbis_synthesis_trackonly
vorbis_version_string
vorbis_window

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/libvorbisfile.dll
.dll windows:5 windows x86 arch:x86

35cc956311eba86c277fec120b7085ae

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libogg

ogg_sync_wrote
ogg_sync_reset
ogg_sync_pageseek
ogg_page_serialno
ogg_page_granulepos
ogg_stream_packetout
ogg_stream_pagein
ogg_stream_reset_serialno
ogg_page_bos
ogg_sync_clear
ogg_stream_clear
ogg_page_eos
ogg_stream_reset
ogg_stream_init
ogg_page_continued
ogg_stream_packetpeek
ogg_sync_init
ogg_sync_buffer

libvorbis

vorbis_synthesis_idheader
vorbis_comment_init
vorbis_info_clear
vorbis_comment_clear
vorbis_info_init
vorbis_packet_blocksize
vorbis_block_init
vorbis_synthesis_init
vorbis_block_clear
vorbis_dsp_clear
vorbis_synthesis_blockin
vorbis_synthesis_pcmout
vorbis_synthesis
vorbis_synthesis_halfrate_p
vorbis_synthesis_restart
vorbis_synthesis_read
vorbis_synthesis_trackonly
vorbis_info_blocksize
vorbis_synthesis_lapout
vorbis_window
vorbis_synthesis_halfrate
vorbis_synthesis_headerin

msvcr100

_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
floor
fopen
fread
fclose
ftell
calloc
memcpy
memset
fseek
free
_errno
malloc
realloc

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
DisableThreadLibraryCalls
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InterlockedCompareExchange
Sleep
InterlockedExchange
DecodePointer
EncodePointer

Exports

Exports

ov_bitrate
ov_bitrate_instant
ov_clear
ov_comment
ov_crosslap
ov_fopen
ov_halfrate
ov_halfrate_p
ov_info
ov_open
ov_open_callbacks
ov_pcm_seek
ov_pcm_seek_lap
ov_pcm_seek_page
ov_pcm_seek_page_lap
ov_pcm_tell
ov_pcm_total
ov_raw_seek
ov_raw_seek_lap
ov_raw_tell
ov_raw_total
ov_read
ov_read_float
ov_seekable
ov_serialnumber
ov_streams
ov_test
ov_test_callbacks
ov_test_open
ov_time_seek
ov_time_seek_lap
ov_time_seek_page
ov_time_seek_page_lap
ov_time_tell
ov_time_total

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 618B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Hotline Miami/support.ico
Hotline Miami/unins000.dat
Hotline Miami/unins000.exe
.exe windows:5 windows x86 arch:x86

f62b90e31eca404f228fcf7068b00f31

Code Sign

0b:2c:e8:69:37:cd:32:09:2d:0c:00:3e:fd:f5:d9:88
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

15/10/2018, 00:00

Not After

03/01/2020, 12:00

Subject

CN=GOG Sp. z o.o.,O=GOG Sp. z o.o.,L=Warsaw,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d0:0a:41:81:03:43:ff:c8:bd:08:5b:84:f2:95:77:75:8b:31:fc:4c
Signer

Actual PE Digest

d0:0a:41:81:03:43:ff:c8:bd:08:5b:84:f2:95:77:75:8b:31:fc:4c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
GetErrorInfo
GetActiveObject
RegisterTypeLib
LoadTypeLib
SysFreeString
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayGetElement
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopyInd
VariantCopy
VariantClear
VariantInit
SysFreeString

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey
SetSecurityDescriptorDacl
RegSetValueExW
RegQueryValueExW
RegQueryInfoKeyW
RegOpenKeyExW
RegFlushKey
RegEnumValueW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupPrivilegeValueW
InitializeSecurityDescriptor
GetUserNameW
GetTokenInformation
FreeSid
EqualSid
AllocateAndInitializeSid
AdjustTokenPrivileges

user32

GetKeyboardType
LoadStringW
MessageBoxA
CharNextW
CreateWindowExW
WindowFromPoint
WaitMessage
WaitForInputIdle
UpdateWindow
UnregisterClassW
UnhookWindowsHookEx
TranslateMessage
TranslateMDISysAccel
TrackPopupMenu
SystemParametersInfoW
ShowWindow
ShowScrollBar
ShowOwnedPopups
SetWindowsHookExW
SetWindowTextW
SetWindowPos
SetWindowPlacement
SetWindowLongW
SetTimer
SetScrollRange
SetScrollPos
SetScrollInfo
SetRectEmpty
SetRect
SetPropW
SetParent
SetMenuItemInfoW
SetMenu
SetForegroundWindow
SetFocus
SetCursor
SetClassLongW
SetCapture
SetActiveWindow
SendNotifyMessageW
SendMessageTimeoutW
SendMessageA
SendMessageW
ScrollWindowEx
ScrollWindow
ScreenToClient
ReplyMessage
RemovePropW
RemoveMenu
ReleaseDC
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
RegisterClassW
RedrawWindow
PtInRect
PostQuitMessage
PostMessageW
PeekMessageA
PeekMessageW
OffsetRect
OemToCharBuffA
MsgWaitForMultipleObjectsEx
MsgWaitForMultipleObjects
MessageBoxW
MessageBeep
MapWindowPoints
MapVirtualKeyW
LoadStringW
LoadKeyboardLayoutW
LoadIconW
LoadCursorW
LoadBitmapW
KillTimer
IsZoomed
IsWindowVisible
IsWindowUnicode
IsWindowEnabled
IsWindow
IsRectEmpty
IsIconic
IsDialogMessageA
IsDialogMessageW
IsChild
InvalidateRect
IntersectRect
InsertMenuItemW
InsertMenuW
InflateRect
GetWindowThreadProcessId
GetWindowTextW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindowDC
GetTopWindow
GetSystemMetrics
GetSystemMenu
GetSysColorBrush
GetSysColor
GetSubMenu
GetScrollRange
GetScrollPos
GetScrollInfo
GetPropW
GetParent
GetWindow
GetMessagePos
GetMessageW
GetMenuStringW
GetMenuState
GetMenuItemInfoW
GetMenuItemID
GetMenuItemCount
GetMenu
GetLastActivePopup
GetKeyboardState
GetKeyboardLayoutNameW
GetKeyboardLayoutList
GetKeyboardLayout
GetKeyState
GetKeyNameTextW
GetIconInfo
GetForegroundWindow
GetFocus
GetDesktopWindow
GetDCEx
GetDC
GetCursorPos
GetCursor
GetClientRect
GetClassLongW
GetClassInfoW
GetCapture
GetActiveWindow
FrameRect
FindWindowExW
FindWindowW
FillRect
ExitWindowsEx
EnumWindows
EnumThreadWindows
EnumChildWindows
EndPaint
EnableWindow
EnableScrollBar
EnableMenuItem
DrawTextExW
DrawTextW
DrawMenuBar
DrawIconEx
DrawIcon
DrawFrameControl
DrawFocusRect
DrawEdge
DispatchMessageA
DispatchMessageW
DestroyWindow
DestroyMenu
DestroyIcon
DestroyCursor
DeleteMenu
DefWindowProcW
DefMDIChildProcW
DefFrameProcW
CreatePopupMenu
CreateMenu
CreateIcon
ClientToScreen
CheckMenuItem
CharUpperBuffW
CharNextW
CharLowerBuffW
CharLowerW
CallWindowProcW
CallNextHookEx
BringWindowToTop
BeginPaint
AppendMenuW
CharToOemBuffA
AdjustWindowRectEx
ActivateKeyboardLayout

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetSystemInfo
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
VirtualQuery
WideCharToMultiByte
SetCurrentDirectoryW
MultiByteToWideChar
lstrlenW
lstrcpynW
LoadLibraryExW
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleW
GetModuleFileNameW
GetLocaleInfoW
GetCurrentDirectoryW
GetCommandLineW
FreeLibrary
FindFirstFileW
FindClose
ExitProcess
ExitThread
CreateThread
CompareStringW
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
CloseHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleW
lstrcpyW
lstrcmpW
WriteProfileStringW
WritePrivateProfileStringW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjectsEx
VirtualQueryEx
VirtualQuery
VirtualFree
VirtualAlloc
TransactNamedPipe
TerminateProcess
SwitchToThread
SizeofResource
SignalObjectAndWait
SetThreadLocale
SetNamedPipeHandleState
SetLastError
SetFileTime
SetFilePointer
SetFileAttributesW
SetEvent
SetErrorMode
SetEndOfFile
SetCurrentDirectoryW
ResumeThread
ResetEvent
RemoveDirectoryW
ReleaseMutex
ReadFile
QueryPerformanceCounter
OpenProcess
OpenMutexW
MultiByteToWideChar
MulDiv
MoveFileExW
MoveFileW
LockResource
LocalFree
LocalFileTimeToFileTime
LoadResource
LoadLibraryExW
LoadLibraryW
LeaveCriticalSection
IsDBCSLeadByte
IsBadWritePtr
InitializeCriticalSection
GlobalFindAtomW
GlobalDeleteAtom
GlobalAddAtomW
GetWindowsDirectoryW
GetVersionExW
GetVersion
GetUserDefaultLangID
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetSystemInfo
GetSystemDirectoryW
GetStdHandle
GetShortPathNameW
GetProfileStringW
GetProcAddress
GetPrivateProfileStringW
GetOverlappedResult
GetModuleHandleW
GetModuleFileNameW
GetLogicalDrives
GetLocaleInfoW
GetLocalTime
GetLastError
GetFullPathNameW
GetFileSize
GetFileAttributesW
GetExitCodeThread
GetExitCodeProcess
GetEnvironmentVariableW
GetDriveTypeW
GetDiskFreeSpaceW
GetDateFormatW
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryW
GetComputerNameW
GetCommandLineW
GetCPInfo
FreeResource
InterlockedIncrement
InterlockedExchangeAdd
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
FreeLibrary
FormatMessageW
FlushFileBuffers
FindResourceW
FindNextFileW
FindFirstFileW
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
EnumCalendarInfoW
EnterCriticalSection
DeviceIoControl
DeleteFileW
DeleteCriticalSection
CreateThread
CreateProcessW
CreateNamedPipeW
CreateMutexW
CreateFileW
CreateEventW
CreateDirectoryW
CopyFileW
CompareStringW
CompareFileTime
CloseHandle
Sleep

msimg32

AlphaBlend

gdi32

UnrealizeObject
StretchBlt
SetWindowOrgEx
SetViewportOrgEx
SetTextColor
SetStretchBltMode
SetROP2
SetPixel
SetDIBColorTable
SetBrushOrgEx
SetBkMode
SetBkColor
SelectPalette
SelectObject
SaveDC
RoundRect
RestoreDC
RemoveFontResourceW
Rectangle
RectVisible
RealizePalette
Polyline
Pie
PatBlt
MoveToEx
MaskBlt
LineTo
LineDDA
IntersectClipRect
GetWindowOrgEx
GetTextMetricsW
GetTextExtentPointW
GetTextExtentPoint32W
GetSystemPaletteEntries
GetStockObject
GetRgnBox
GetPixel
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetDIBits
GetDIBColorTable
GetDCOrgEx
GetCurrentPositionEx
GetClipBox
GetBrushOrgEx
GetBitmapBits
GdiFlush
FrameRgn
ExtTextOutW
ExtFloodFill
ExcludeClipRect
EnumFontsW
Ellipse
DeleteObject
DeleteDC
CreateSolidBrush
CreateRectRgn
CreatePenIndirect
CreatePalette
CreateHalftonePalette
CreateFontIndirectW
CreateDIBitmap
CreateDIBSection
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
CreateBitmap
Chord
BitBlt
Arc
AddFontResourceW

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

mpr

WNetOpenEnumW
WNetGetUniversalNameW
WNetGetConnectionW
WNetEnumResourceW
WNetCloseEnum

comctl32

InitCommonControls
InitializeFlatSB
FlatSB_SetScrollProp
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
FlatSB_GetScrollPos
FlatSB_GetScrollInfo
_TrackMouseEvent
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_Write
ImageList_Read
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter
ImageList_EndDrag
ImageList_BeginDrag
ImageList_Remove
ImageList_DrawEx
ImageList_Draw
ImageList_GetBkColor
ImageList_SetBkColor
ImageList_Add
ImageList_SetImageCount
ImageList_GetImageCount
ImageList_Destroy
ImageList_Create
InitCommonControls

ole32

OleUninitialize
OleInitialize
CoTaskMemFree
CLSIDFromProgID
CLSIDFromString
StringFromCLSID
CoCreateInstance
CoFreeUnusedLibraries
CoUninitialize
CoInitialize
IsEqualGUID
CoDisconnectObject

shell32

ShellExecuteExW
ShellExecuteW
SHGetFileInfoW
ExtractIconW
SHGetPathFromIDListW
SHGetMalloc
SHChangeNotify
SHBrowseForFolderW

comdlg32

GetSaveFileNameW
GetOpenFileNameW

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 24KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 60B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Hotline Miami/unins000.ini
Hotline Miami/unins000.msg
Hotline Miami/webcache.zip
.zip
124e6f1066799ec18bb6722d4e312773ec9570b16ce450736cd64ba9730c91e0_glx_logo.jpg
.jpg
124e6f1066799ec18bb6722d4e312773ec9570b16ce450736cd64ba9730c91e0_glx_logo_2x.jpg
.jpg
ce756ffb2ebf63eea602f8f2bb50858b9feb1bc0402ebd3ea6d74b6090af976a.jpg
.jpg
d99b90e8037bae48fbc4f61f43edad6d5d592e10cb0581c9e20189b78d5d7446.png
.png
d99b90e8037bae48fbc4f61f43edad6d5d592e10cb0581c9e20189b78d5d7446_menu_notification_av.png
.png
d99b90e8037bae48fbc4f61f43edad6d5d592e10cb0581c9e20189b78d5d7446_menu_notification_av2.png
.png
d99b90e8037bae48fbc4f61f43edad6d5d592e10cb0581c9e20189b78d5d7446_sbicon.png
.png
d99b90e8037bae48fbc4f61f43edad6d5d592e10cb0581c9e20189b78d5d7446_sbicon_2x.png
.png
resources.json
_CommonRedist/dxwebsetup.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:b8:85:36:04:6e:46:6d:2f:58:b3:18:fd:18:43:f0:b8:4b:28:d3
Signer

Actual PE Digest

47:b8:85:36:04:6e:46:6d:2f:58:b3:18:fd:18:43:f0:b8:4b:28:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 239KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_CommonRedist/oalinst.exe
.exe windows:4 windows x86 arch:x86

1ff011c2e13ea492fe69b2fbfc802083

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

36:33:6d:83:6a:19:e2:44:ff:0e:52:88:2e:b5:b1:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/06/2006, 00:00

Not After

14/07/2009, 23:59

Subject

CN=Creative Labs Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=CLI,O=Creative Labs Inc,L=Milpitas,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:34:e3:72:3d:d1:2b:57:d7:86:46:9b:d8:78:2f:92:cf:2d:5d:4f
Signer

Actual PE Digest

cb:34:e3:72:3d:d1:2b:57:d7:86:46:9b:d8:78:2f:92:cf:2d:5d:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cbs\build\ec922632-90cb-1015-8202-b7f05167b5ef\in\CTSDK\AL_Installer\Release\oalinst.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetFileAttributesA
GetProcAddress
LoadLibraryA
FreeResource
SizeofResource
LoadResource
FindResourceA
ReadFile
SetEndOfFile
GetLocaleInfoW
HeapSize
IsValidCodePage
IsValidLocale
DeleteFileA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FlushFileBuffers
SetStdHandle
InterlockedExchange
RemoveDirectoryA
CreateDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
CopyFileA
GetTempFileNameA
LockResource
MoveFileExA
GetTimeZoneInformation
CompareStringA
CompareStringW
EnumSystemLocalesA
VirtualAlloc
GetLastError
HeapFree
HeapAlloc
MoveFileA
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetEnvironmentVariableA
HeapReAlloc
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
LCMapStringA
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep
SetConsoleCtrlHandler
FreeLibrary

user32

LoadCursorA
RegisterClassExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
PostQuitMessage
LoadIconA
SetClassLongA
LoadImageA
CreateWindowExA
SendMessageA
BeginPaint
GetClientRect
MoveWindow
DrawTextA
EndPaint
DefWindowProcA

gdi32

CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 636KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_CommonRedist/vcredist_2015-2019_x64.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

33:00:00:01:34:22:1e:7e:49:2a:ac:da:6a:00:00:00:00:01:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/10/2019, 18:17

Not After

03/01/2021, 18:17

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:E041-4BEE-FA7E,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b4:cd:00:d9:81:97:db:3f:fb:fb:3f:54:d1:0a:0d:d4:f4:56:29:a6:03:63:86:3f:a0:b1:71:7e:4c:43:8a:da
Signer

Actual PE Digest

b4:cd:00:d9:81:97:db:3f:fb:fb:3f:54:d1:0a:0d:d4:f4:56:29:a6:03:63:86:3f:a0:b1:71:7e:4c:43:8a:da

Digest Algorithm

sha256

PE Digest Matches

true

77:97:6d:62:92:5a:37:44:2f:5d:c5:b0:8d:43:91:09:56:54:b2:48
Signer

Actual PE Digest

77:97:6d:62:92:5a:37:44:2f:5d:c5:b0:8d:43:91:09:56:54:b2:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_CommonRedist/vcredist_2015-2019_x86.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

33:00:00:01:2a:30:bf:85:c5:0e:b1:e2:8c:00:00:00:00:01:2a
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/09/2019, 20:40

Not After

04/12/2020, 20:40

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:7D2E-3782-B0F7,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:6d:60:08:04:c6:65:c7:f8:0a:78:74:29:9a:a4:ab:9d:42:b8:ba:0c:df:95:ee:75:8a:64:a4:2f:71:a6:46
Signer

Actual PE Digest

74:6d:60:08:04:c6:65:c7:f8:0a:78:74:29:9a:a4:ab:9d:42:b8:ba:0c:df:95:ee:75:8a:64:a4:2f:71:a6:46

Digest Algorithm

sha256

PE Digest Matches

true

0b:05:b3:51:e7:d2:3f:ce:ad:94:9d:75:ac:64:9a:ad:21:01:73:2c
Signer

Actual PE Digest

0b:05:b3:51:e7:d2:3f:ce:ad:94:9d:75:ac:64:9a:ad:21:01:73:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_CommonRedist/vcredist_x64.exe
.exe windows:5 windows x86 arch:x86

a1f6f100bff4507a3332f3f0cdfc24f5

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b7:67:e2:97:28:63:cf:54:51:e3:36:ce:0a:1f:4f:ce:6e:3a:bc:30
Signer

Actual PE Digest

b7:67:e2:97:28:63:cf:54:51:e3:36:ce:0a:1f:4f:ce:6e:3a:bc:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

sfxcab.pdb

Imports

msvcrt

__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_adjust_fdiv
_exit
_c_exit
strncpy
strstr
_strlwr
strrchr
_stricmp
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_snprintf
sprintf
strchr
_strnicmp
_vsnprintf

advapi32

InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
GetLengthSid
InitiateSystemShutdownA
InitializeSecurityDescriptor

kernel32

CreateThread
GetFileSize
ExpandEnvironmentStringsA
CreateProcessA
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
LocalFileTimeToFileTime
SetFileTime
SetEndOfFile
CreateEventA
QueryDosDeviceA
GetDiskFreeSpaceA
GetSystemTime
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetProcessHeap
CopyFileA
SetFileAttributesA
DosDateTimeToFileTime
SetEvent
GetVersionExA
ReadFile
SetFilePointer
MoveFileExA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTickCount
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
DeviceIoControl
CreateFileA
GetDriveTypeA
HeapFree
FormatMessageA
LeaveCriticalSection
DeleteFileA
EnterCriticalSection
TerminateProcess
WaitForMultipleObjects
CreateEventW
FindFirstFileA
Sleep
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
HeapAlloc
SetLastError
WriteFile
MoveFileA
ExitProcess
DeleteCriticalSection
FlushFileBuffers
WaitForSingleObject
OpenEventA
GetCurrentProcess
GetFileAttributesA
GetCommandLineA
GetModuleFileNameA
FindClose
FindNextFileA
SystemTimeToFileTime

user32

SendDlgItemMessageA
SendMessageA
DialogBoxParamA
MessageBoxA
SetParent
EndDialog
LoadStringA
ShowWindow

ntdll

NtOpenProcessToken
NtAdjustPrivilegesToken
NtClose
NtShutdownSystem

comctl32

ord17

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.4MB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_CommonRedist/vcredist_x86.exe
.exe windows:5 windows x86 arch:x86

a1f6f100bff4507a3332f3f0cdfc24f5

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

8a:19:aa:3a:87:7f:dd:23:dc:03:96:64:c9:5b:23:7c:35:b0:fd:3d
Signer

Actual PE Digest

8a:19:aa:3a:87:7f:dd:23:dc:03:96:64:c9:5b:23:7c:35:b0:fd:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

sfxcab.pdb

Imports

msvcrt

__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_adjust_fdiv
_exit
_c_exit
strncpy
strstr
_strlwr
strrchr
_stricmp
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_snprintf
sprintf
strchr
_strnicmp
_vsnprintf

advapi32

InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
GetLengthSid
InitiateSystemShutdownA
InitializeSecurityDescriptor

kernel32

CreateThread
GetFileSize
ExpandEnvironmentStringsA
CreateProcessA
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
LocalFileTimeToFileTime
SetFileTime
SetEndOfFile
CreateEventA
QueryDosDeviceA
GetDiskFreeSpaceA
GetSystemTime
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetProcessHeap
CopyFileA
SetFileAttributesA
DosDateTimeToFileTime
SetEvent
GetVersionExA
ReadFile
SetFilePointer
MoveFileExA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTickCount
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
DeviceIoControl
CreateFileA
GetDriveTypeA
HeapFree
FormatMessageA
LeaveCriticalSection
DeleteFileA
EnterCriticalSection
TerminateProcess
WaitForMultipleObjects
CreateEventW
FindFirstFileA
Sleep
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
HeapAlloc
SetLastError
WriteFile
MoveFileA
ExitProcess
DeleteCriticalSection
FlushFileBuffers
WaitForSingleObject
OpenEventA
GetCurrentProcess
GetFileAttributesA
GetCommandLineA
GetModuleFileNameA
FindClose
FindNextFileA
SystemTimeToFileTime

user32

SendDlgItemMessageA
SendMessageA
DialogBoxParamA
MessageBoxA
SetParent
EndDialog
LoadStringA
ShowWindow

ntdll

NtOpenProcessToken
NtAdjustPrivilegesToken
NtClose
NtShutdownSystem

comctl32

ord17

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.8MB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_CommonRedist/xnafx40_redist.msi
.msi

Sharing

General

Malware Config

Signatures

Files

247b308e7b70429cf767800cf06d9fd7

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

msvcp100

msvcr100

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 2KB - Virtual size: 1KB

269b668187179ca797c827253a08e463

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

xinput1_3

kernel32

Exports

Exports

Sections

.textbss Size: - Virtual size: 64KB

.text Size: 123KB - Virtual size: 122KB

.rdata Size: 17KB - Virtual size: 16KB

.data Size: 5KB - Virtual size: 8KB

.idata Size: 3KB - Virtual size: 2KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

8a7b8dd31a88bbffd31179218f1e2c57

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

openal32

libvorbisfile

dbghelp

kernel32

user32

shell32

msvcp100

msvcr100

dinput8

winmm

opengl32

cg

cggl

xinput1_3

gdi32

ole32

oleaut32

Sections

.text Size: 6.3MB - Virtual size: 6.3MB

.rdata Size: 757KB - Virtual size: 756KB

.data Size: 131KB - Virtual size: 4.6MB

.rsrc Size: 3KB - Virtual size: 3KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 525KB - Virtual size: 525KB

.rsrc Size: 5KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 12B

Headers

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 2KB - Virtual size: 1KB

.textbss
Size: - Virtual size: 64KB

.text
Size: 123KB - Virtual size: 122KB

.rdata
Size: 17KB - Virtual size: 16KB

.data
Size: 5KB - Virtual size: 8KB

.idata
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB

.text
Size: 6.3MB - Virtual size: 6.3MB

.rdata
Size: 757KB - Virtual size: 756KB

.data
Size: 131KB - Virtual size: 4.6MB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 525KB - Virtual size: 525KB

.rsrc
Size: 5KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 12B

CODE
Size: 1.5MB - Virtual size: 1.5MB

DATA
Size: 21KB - Virtual size: 20KB

BSS
Size: - Virtual size: 440KB

.idata
Size: 12KB - Virtual size: 12KB

.tls
Size: - Virtual size: 16B

.rdata
Size: 512B - Virtual size: 24B

.reloc
Size: 93KB - Virtual size: 93KB

.rsrc
Size: 244KB - Virtual size: 244KB

.rsrc
Size: 568B - Virtual size: 4KB

.text
Size: 17KB - Virtual size: 16KB

.data
Size: 512B - Virtual size: 48B

.rdata
Size: 6KB - Virtual size: 5KB

.bss
Size: - Virtual size: 2KB

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 1024B - Virtual size: 836B

.reloc
Size: 4KB - Virtual size: 3KB

.text
Size: 1.5MB - Virtual size: 1.5MB

.rdata
Size: 988KB - Virtual size: 985KB

.data
Size: 12KB - Virtual size: 26KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 92KB - Virtual size: 90KB

.text
Size: 192KB - Virtual size: 190KB

.rdata
Size: 60KB - Virtual size: 58KB

.data
Size: 12KB - Virtual size: 27KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 24KB - Virtual size: 20KB