@#!!Setup_8585_ṔḁṨṨẄ0ṛḒ$$[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

@#!!Setup_8585_ṔḁṨṨẄ0ṛḒ$$.zip
Size

9.1MB
MD5

d9f667a7d6fa8ed3c717c422ad1c18a7
SHA1

4bf5448684851422e980aa1d8d6ab5929f8e95f5
SHA256

d24d54ed91619c11067adef82dd09901bf60ced1a35dd3b2da067952c6598db2
SHA512

5279feca14e2288517bb9ec5cbf6c0a850d1312503c4242567ff31d599dd548eb9c7b8b82f5127d69f6cc9f8672d7c5ac135227152eea666ece1a22c6954cefb
SSDEEP

196608:5OzszSQN/QKAkANF2acAEvWlB4Omp/bMlUNPY9fdlywu:EQFAP27AEOlB3q/bFwllywu

Score

1^/10

Malware Config

Signatures

Files

@#!!Setup_8585_ṔḁṨṨẄ0ṛḒ$$.zip
.zip

Password: 8585
@#!!Setup_8585_ṔḁṨṨẄ0ṛḒ$$/@#!!Setup_8585_ṔḁṨṨẄ0ṛḒ$$.rar
.rar

Password: 8585
Setup.exe
.exe windows:5 windows x64 arch:x64

Password: 8585

b7e244ba46aac2a40ea643244bcedc5b

Code Sign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:c2:75:72:31:f2:01:c4:fe:84:98:96:a8:e9:ec:40:7c:71:ab:e8:83:35:a7:ec:5d:53:66:19:0a:42:a3:c1
Signer

Actual PE Digest

bb:c2:75:72:31:f2:01:c4:fe:84:98:96:a8:e9:ec:40:7c:71:ab:e8:83:35:a7:ec:5d:53:66:19:0a:42:a3:c1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\_work\e\src\out\Release_x64\identity_helper.exe.pdb

Imports

msedge_elf

GetInstallDetailsPayload
SignalInitializeCrashReporting

advapi32

BuildTrusteeWithSidW
ConvertStringSidToSidW
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
EventRegister
EventSetInformation
EventUnregister
EventWrite
GetLengthSid
GetNamedSecurityInfoW
GetSecurityDescriptorControl
GetSecurityDescriptorDacl
GetSecurityDescriptorGroup
GetSecurityDescriptorOwner
GetSecurityDescriptorSacl
IsValidAcl
IsValidSecurityDescriptor
IsValidSid
RegCloseKey
RegGetValueW
RegOpenKeyExW
RegQueryValueExW
SetEntriesInAclW
SetNamedSecurityInfoW
SetSecurityInfo

dbghelp

SymCleanup
SymFromAddr
SymGetLineFromAddr64
SymGetSearchPathW
SymInitialize
SymSetOptions
SymSetSearchPathW

winmm

timeGetTime

kernel32

AcquireSRWLockExclusive
CloseHandle
CompareStringW
CreateEventW
CreateFileMappingW
CreateFileW
CreateThread
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetFileAttributesW
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProductInfo
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
InitOnceExecuteOnce
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
PrefetchVirtualMemory
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ResetEvent
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryW
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetThreadInformation
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
lstrlenA

api-ms-win-core-winrt-l1-1-0

RoInitialize
RoUninitialize

ole32

CoCreateInstance
CoTaskMemFree

shell32

CommandLineToArgvW
ord680
SHGetFolderPathW
SHGetKnownFolderPath

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString
VariantClear

Exports

Exports

GetHandleVerifier
OQS_CPU_has_extension
OQS_KEM_alg_count
OQS_KEM_alg_identifier
OQS_KEM_alg_is_enabled
OQS_KEM_decaps
OQS_KEM_encaps
OQS_KEM_free
OQS_KEM_keypair
OQS_KEM_kyber_768_decaps
OQS_KEM_kyber_768_encaps
OQS_KEM_kyber_768_keypair
OQS_KEM_new
OQS_MEM_cleanse
OQS_MEM_insecure_free
OQS_MEM_secure_bcmp
OQS_MEM_secure_free
OQS_SIG_alg_count
OQS_SIG_alg_identifier
OQS_SIG_alg_is_enabled
OQS_SIG_free
OQS_SIG_keypair
OQS_SIG_new
OQS_SIG_sign
OQS_SIG_verify
OQS_destroy
OQS_init
OQS_randombytes
OQS_randombytes_custom_algorithm
OQS_randombytes_nist_kat_init_256bit
OQS_randombytes_switch_algorithm
OQS_version

Sections

.text
Size: 868KB - Virtual size: 867KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 397B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
adm/add.go
adm/cli.go
adm/cli_test.go
adm/compile_assets.go
.js
adm/compile_tmpl.go
adm/config.example.ini
adm/db.go
adm/generate.go
.js
adm/helper.go
adm/language.go
.js
adm/minify.go
adm/plugin.go
adm/plugin_template.go
.js
adm/project.go
.js
adm/project_template.go
.js
adm/project_web.go
.js
adm/project_web.tmpl
.js
adm/project_web.tmpl.go
.js
adm/template.go
data/admin.db
data/admin.mssql
data/admin.pgsql
data/admin.sql
data/migrations/admin_2020_04_14_100427_ms.sql
data/migrations/admin_2020_04_14_100427_mysql.sql
data/migrations/admin_2020_04_14_100427_postgres.sql
data/migrations/admin_2020_04_14_100427_sqlite.sql
data/migrations/admin_2020_08_04_092427_ms.sql
data/migrations/admin_2020_08_04_092427_mysql.sql
data/migrations/admin_2020_08_04_092427_postgres.sql
data/migrations/admin_2020_08_04_092427_sqlite.sql
edifice.zip
engine/engine.go
.js
libifcoremd.dll
.dll windows:4 windows x64 arch:x64

Password: 8585

9b14b7fa019c28e47846cb285d611b05

Code Sign

01:02:80:e6:32:aa:56:50:91:67:c4:2a:dc:45:2f:68
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/12/2020, 00:00

Not After

21/12/2022, 23:59

Subject

SERIALNUMBER=2748129,CN=Adobe Inc.,OU=Photoshop\, Bridge,O=Adobe Inc.,L=San Jose,ST=ca,C=US,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#130844656c6177617265,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9d:40:b3:bc:74:bd:b6:38:68:0c:b3:16:95:d2:2e:d8:e2:9b:a6:a9:7a:80:e2:5b:34:9c:b8:33:dc:7c:21:2c
Signer

Actual PE Digest

9d:40:b3:bc:74:bd:b6:38:68:0c:b3:16:95:d2:2e:d8:e2:9b:a6:a9:7a:80:e2:5b:34:9c:b8:33:dc:7c:21:2c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\USERS\nbtester\efi2winx86_nightly\branch-10_0\20070810_000000\dev\build_objs\efi2winx86_lib_build_d0p0flexlm\lib\libifcoremd.pdb

Imports

libmmd

tanhf
tanf
asinhf
sinhf
sinf
powf
fmodf
logf
log10f
expf
erfcf
erff
cotdf
cotf
acoshf
coshf
cosdf
cosf
ynf
y1f
y0f
jnf
j1f
j0f
atan2f
atanhf
atanf
asinf
acosdf
acosf
__truncq
__nintq
__ldexpq
__ctanhq
__ctanq
__csinhq
__csinq
__csqrtq
__clog10q
__clogq
__cexp10q
__cexpq
__ccoshq
__ccosq
__cabsq
__tandq
asindf
__cosdq
__atand2q
__asindq
__acosdq
__cotq
__tanq
__tanhq
__sqrtq
__sinq
__sinhq
__cpowq
__powiq
__powq
__fmodq
__erfq
__erfcq
__logq
__log2q
__log10q
__ynq
__y1q
__y0q
__jnq
__j1q
__j0q
__gammaq
__frexpq
__floorq
__ceilq
__expq
__exp2q
__exp10q
__cotdq
__cosq
__coshq
__cbrtq
__atan2q
__atandq
__atanq
__atanhq
__asinq
__asinhq
__acosq
__acoshq
__fabsq
atandf
tandf
sindf
exp10f
cbrtf
cabsf
ccosf
cexpf
cexp10f
clogf
clog10f
csinf
csqrtf
ctanf
acos
acosd
asin
atan
atanh
atan2
j0
j1
jn
y0
y1
yn
cos
cosd
cosh
acosh
cot
cotd
erf
erfc
exp
log10
log
fmod
pow
sin
sinh
asinh
tan
tanh
asind
atand
tand
sind
exp10
cbrt
cabs
creal
ccos
cexp
cexp10
clog
clog10
csin
csqrt
ctan
ldexp
truncf
trunc
llroundf
lroundf
lround
llround
frexpf
__sindq
frexp

msvcrt

__dllonexit
calloc
_initterm
printf
strcmp
__C_specific_handler
memcmp
strcat
_splitpath
strcpy
strlen
_snprintf
memcpy
memset
_get_osfhandle
_open_osfhandle
_getch
_kbhit
rand
_getpid
isspace
strtok
_errno
raise
memmove
time
localtime
strftime
gmtime
atol
strcspn
realloc
_aligned_malloc
_aligned_free
clock
isalnum
strncat
system
strncmp
strchr
strstr
toupper
tolower
isdigit
sscanf
_stricmp
_clearfp
__argc
__argv
_controlfp
__pxcptinfoptrs
signal
freopen
fopen
fclose
strerror
_iob
fprintf
abort
exit
vsprintf
strncpy
sprintf
getenv
malloc
free
_onexit

kernel32

ReadFile
GetLastError
SetFilePointer
DeleteFileA
WaitForSingleObject
GetVersionExA
SetThreadPriority
CreateProcessA
CloseHandle
GetStdHandle
GetLocalTime
WriteFile
FreeLibrary
FormatMessageA
LoadLibraryA
GetThreadLocale
IsDebuggerPresent
GetProcAddress
GetModuleHandleA
SetEndOfFile
SetLastError
Sleep
GetFileType
GetCommandLineA
GetACP
SetErrorMode
SetConsoleCtrlHandler
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesA
GetCurrentThreadId
ReleaseMutex
CreateMutexA
TlsSetValue
TlsGetValue
TlsAlloc
TlsFree
GetProcessTimes
GetCurrentProcess
VirtualFree
VirtualAlloc
SystemTimeToFileTime
FileTimeToLocalFileTime
FlushFileBuffers
DeleteCriticalSection
TerminateThread
SetEvent
ExitThread
CreateEventA
InitializeCriticalSection
CreateThread
UnmapViewOfFile
GetHandleInformation
IsBadReadPtr
MapViewOfFile
CreateFileMappingA
OpenFileMappingA
GetFileInformationByHandle
CreateFileA
GetTempFileNameA
GetTempPathA
GetFullPathNameA
VirtualQuery
GetModuleFileNameA
GetCurrentThread

imagehlp

StackWalk64
SymCleanup
SymInitialize

Exports

Exports

COMMITQQ
FLUSHQQ
FOCUSQQ
GETCHARQQ
GETEXCEPTIONPTRSQQ
GETHANDLEQQ
GETHWNDQQ
GETSTRQQ
GETUNITQQ
GETWSIZEQQ
INQFOCUSQQ
MCLOCK
PEEKCHARQQ
RANDOM
SEED
SETWSIZEQQ
TRACEBACKQQ
_FQclearscreen
_FQdisplaycursor
_FQscrolltextwindow
_FTN_ALLOC
__FFdrand
__FFfrand
__FFgetseed
__FFirand
__FFresetseed
__FFsetseed
__msportlib_d_curpos
__msportlib_d_curpos_i8
__msportlib_d_fseek
__msportlib_d_fseek_i8
__msportlib_d_get_POSIX_fd
__msportlib_d_gethandle
__msportlib_d_readchar
__msportlib_d_writechar
__msportlib_set_posix_io_flag
_f90_alloc_private
_f90_dope_vector_init
_f90_firstprivate_copy
_f90_free_private
_f90_lastprivate_copy
_f90_reduction_final
_f90_reduction_init
_fq_gettextposition
_fq_outtext
_fq_settextposition
a_intq
a_nintq
b_abs
b_btest
b_dim
b_dnnt
b_iand
b_ibclr
b_ibits
b_ibset
b_ieor
b_ior
b_ishft
b_ishftc
b_mod
b_nint
b_not
b_sign
c_f_pointer_set_desc1
c_f_pointer_set_desc2
c_f_pointer_set_desc4
c_f_pointer_set_desc8
cvt_boolean64_to_text
cvt_boolean_to_text
cvt_boolean_to_text_ex
cvt_cray_to_ieee_double
cvt_cray_to_ieee_double_
cvt_cray_to_ieee_single
cvt_cray_to_ieee_single_
cvt_data64_to_text
cvt_data_to_text
cvt_ibm_long_to_ieee_double
cvt_ibm_long_to_ieee_double_
cvt_ibm_short_to_ieee_single
cvt_ibm_short_to_ieee_single_
cvt_ieee_double_to_cray
cvt_ieee_double_to_cray_
cvt_ieee_double_to_ibm_long
cvt_ieee_double_to_ibm_long_
cvt_ieee_double_to_vax_d
cvt_ieee_double_to_vax_d_
cvt_ieee_double_to_vax_g
cvt_ieee_double_to_vax_g_
cvt_ieee_double_to_vax_h
cvt_ieee_double_to_vax_h_
cvt_ieee_s_to_text
cvt_ieee_s_to_text_ex
cvt_ieee_single_to_cray
cvt_ieee_single_to_cray_
cvt_ieee_single_to_ibm_short
cvt_ieee_single_to_ibm_short_
cvt_ieee_single_to_vax_f
cvt_ieee_single_to_vax_f_
cvt_ieee_t_to_text
cvt_ieee_t_to_text_ex
cvt_integer64_to_text
cvt_integer_to_text
cvt_text_to_boolean
cvt_text_to_boolean64
cvt_text_to_data
cvt_text_to_data64
cvt_text_to_ieee_s
cvt_text_to_ieee_t
cvt_text_to_integer
cvt_text_to_integer64
cvt_text_to_unsigned
cvt_text_to_unsigned64
cvt_unsigned64_to_text
cvt_unsigned_to_text
cvt_vax_d_to_ieee_double
cvt_vax_d_to_ieee_double_
cvt_vax_f_to_ieee_single
cvt_vax_f_to_ieee_single_
cvt_vax_g_to_ieee_double
cvt_vax_g_to_ieee_double_
cvt_vax_h_to_ieee_double
cvt_vax_h_to_ieee_double_
d_int
d_int_val
d_nint
f90_dyncom
f_ibits1
f_ibits2
f_lanint_val
f_ldnint_val
f_lqint
f_lqnint
f_qnint
for__nt_signal_handler
for__raise
for__rtc_uninit_use
for__signal
for_abort
for_active_processes
for_adjustl
for_adjustr
for_alloc_allocatable
for_allocate
for_asynchronous
for_backspace
for_bitest
for_bitest_msf
for_bjtest
for_bjtest_msf
for_bktest
for_bktest_msf
for_bmvbits
for_c_conjg_a
for_c_cos_a
for_c_cos_v
for_c_exp10_a
for_c_exp_a
for_c_exp_v
for_c_log10_a
for_c_log_a
for_c_sin_a
for_c_sqrt_a
for_c_tan_a
for_cd_conjg_a
for_cd_cos_a
for_cd_cos_v
for_cd_exp10_a
for_cd_exp_a
for_cd_exp_v
for_cd_log10_a
for_cd_log_a
for_cd_sin_a
for_cd_sqrt_a
for_cd_tan_a
for_ceil4_v
for_ceil8_v
for_ceilh4_v
for_ceilh8_v
for_ceilk4_v
for_ceilk8_v
for_char
for_check_env_name
for_check_mult_overflow
for_check_mult_overflow64
for_close
for_concat
for_contig_array
for_cpstr
for_cpstr_eq
for_cpstr_ge
for_cpstr_gt
for_cpstr_le
for_cpstr_lt
for_cpstr_ne
for_cpusec
for_cpusec_t
for_cpystr
for_cq_abs_a
for_cq_conjg_a
for_cq_conjg_v
for_cq_cos_a
for_cq_cosh_a
for_cq_exp10_a
for_cq_exp_a
for_cq_ipow_av
for_cq_kpow_av
for_cq_log10_a
for_cq_log_a
for_cq_pow_a
for_cq_sin_a
for_cq_sinh_a
for_cq_sqrt_a
for_cq_tan_a
for_cq_tanh_a
for_d_abs_a
for_d_acos_a
for_d_acosd_a
for_d_acosh_a
for_d_asin_a
for_d_asind_a
for_d_asinh_a
for_d_atan2_a
for_d_atan2d_a
for_d_atan2d_v
for_d_atan_a
for_d_atand_a
for_d_atanh_a
for_d_besj0_a
for_d_besj1_a
for_d_besjn_a
for_d_besy0_a
for_d_besy1_a
for_d_besyn_a
for_d_cabs_a
for_d_cbrt_a
for_d_cdabs_a
for_d_cdimag_a
for_d_cos_a
for_d_cosd_a
for_d_cosh_a
for_d_cotan_a
for_d_cotand_a
for_d_creal_a
for_d_creal_v
for_d_dim_a
for_d_erf_a
for_d_erfc_a
for_d_exp10_a
for_d_exp_a
for_d_fabs_a
for_d_int_a
for_d_int_v
for_d_ipow_a
for_d_ipow_v
for_d_log10_a
for_d_log_a
for_d_mod_a
for_d_nint_a
for_d_nint_v
for_d_pow_a
for_d_pow_v
for_d_prod_a
for_d_sign_a
for_d_sin_a
for_d_sind_a
for_d_sinh_a
for_d_sqrt_a
for_d_tan_a
for_d_tand_a
for_d_tanh_a
for_date
for_date_and_time
for_date_numeric
for_dealloc_allocatable
for_deallocate
for_define_file
for_delete
for_dnum
for_emit_diagnostic
for_enable_underflow
for_endfile
for_eof
for_errsns
for_errsns_load
for_errsns_w
for_exit
for_exponent16_a
for_exponent16_v
for_exponent4_v
for_exponent8_v
for_f90_index
for_f90_scan
for_f90_verify
for_fdopen
for_find
for_floor4_v
for_floor8_v
for_floorh4_v
for_floorh8_v
for_floork4_v
for_floork8_v
for_flush
for_fp_class_s_
for_fp_class_t_
for_fp_class_x_
for_fraction16_a
for_fraction16_v
for_fraction4_v
for_fraction8_v
for_gerror_
for_get_command
for_get_fpe_
for_get_fpe_counts_
for_getarg
for_getarg_i2
for_getcmd_arg
for_getenv
for_h_qint_a
for_i1ilen
for_i1leadz
for_i1popcnt
for_i1poppar
for_i1shftc
for_i1trailz
for_i_qint_a
for_iargc
for_ichar
for_idate
for_iibclr
for_iibits
for_iibset
for_iiilen
for_iileadz
for_iipopcnt
for_iipoppar
for_iishft
for_iishftc
for_iitrailz
for_imvbits
for_index
for_index_back
for_index_ssll
for_inquire
for_inum
for_iran2_
for_is_nan_s_
for_is_nan_t_
for_is_nan_x_
for_jdate
for_jibclr
for_jibits
for_jibset
for_jiilen
for_jileadz
for_jipopcnt
for_jipoppar
for_jishft
for_jishftc
for_jitrailz
for_jmvbits
for_jnum
for_jran2_
for_k_qint_a
for_kdate
for_kibclr
for_kibits
for_kibset
for_kiilen
for_kileadz
for_kipopcnt
for_kipoppar
for_kishft
for_kishftc
for_kitrailz
for_kmvbits
for_knum
for_len_trim
for_length
for_lge
for_lge_msf_slsl
for_lge_msf_ssll
for_lge_ssll
for_lgt
for_lgt_msf_slsl
for_lgt_msf_ssll
for_lgt_ssll
for_lle
for_lle_msf_slsl
for_lle_msf_ssll
for_lle_ssll
for_llt
for_llt_msf_slsl
for_llt_msf_ssll
for_llt_ssll
for_nargs
for_nearest16_a
for_nearest16_v
for_nearest4_v
for_nearest8_v
for_open
for_pause
for_perror_
for_q_abs_a
for_q_acos_a
for_q_acosd_a
for_q_acosh_a
for_q_asin_a
for_q_asind_a
for_q_asinh_a
for_q_atan2_a
for_q_atan2d_a
for_q_atan_a
for_q_atand_a
for_q_atanh_a
for_q_besj0_a
for_q_besj1_a
for_q_besjn_a
for_q_besjn_av
for_q_besy0_a
for_q_besy1_a
for_q_besyn_a
for_q_besyn_av
for_q_cbrt_a
for_q_ceil_a
for_q_cos_a
for_q_cosd_a
for_q_cosh_a
for_q_cotan_a
for_q_cotand_a
for_q_cqabs_a
for_q_cqimag_a
for_q_cqimag_v
for_q_cqreal_a
for_q_cqreal_v
for_q_dim_a
for_q_erf_a
for_q_erfc_a
for_q_exp10_a
for_q_exp2_a
for_q_exp_a
for_q_fabs_a
for_q_floor_a
for_q_fmod_a
for_q_frexp_a
for_q_gamma_a
for_q_ipow_a
for_q_ipow_av
for_q_kpow_a
for_q_kpow_av
for_q_ldexp_a
for_q_ldexp_av
for_q_log10_a
for_q_log2_a
for_q_log_a
for_q_mod_a
for_q_pow_a
for_q_prod_a
for_q_sign_a
for_q_sin_a
for_q_sind_a
for_q_sinh_a
for_q_sqrt_a
for_q_tan_a
for_q_tand_a
for_q_tanh_a
for_qnum
for_r_abs_a
for_r_acos_a
for_r_acosd_a
for_r_acosh_a
for_r_asin_a
for_r_asind_a
for_r_asinh_a
for_r_atan2_a
for_r_atan2d_a
for_r_atan2d_v
for_r_atan_a
for_r_atand_a
for_r_atanh_a
for_r_besj0_a
for_r_besj1_a
for_r_besjn_a
for_r_besy0_a
for_r_besy1_a
for_r_besyn_a
for_r_cabs_a
for_r_cbrt_a
for_r_cimag_a
for_r_cos_a
for_r_cosd_a
for_r_cosh_a
for_r_cotan_a
for_r_cotand_a
for_r_creal_a
for_r_creal_v
for_r_dim_a
for_r_dint_a
for_r_dnint_a
for_r_dsqrt_a

Sections

.text
Size: 818KB - Virtual size: 817KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libiomp5md.dll
.dll windows:6 windows x64 arch:x64

Password: 8585

8955d67c514834906e2c972f094636ca

Code Sign

56:00:00:0c:93:f1:58:c4:a1:91:6f:ee:06:00:00:00:00:0c:93
Certificate

Issuer

CN=Intel External Issuing CA 7B,O=Intel Corporation,L=Santa Clara,ST=CA,C=US

Not Before

23/09/2020, 19:11

Not After

17/06/2021, 23:59

Subject

CN=Intel(R) Software Development Products,O=Intel Corporation,L=Santa Clara,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

06:9b:5e:99:27:72:84:c8:76:7f:13:68:a7:de:b0:f3
Certificate

Issuer

CN=COMODO RSA Certification Authority,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

28/10/2015, 00:00

Not After

17/06/2021, 23:59

Subject

CN=Intel External Issuing CA 7B,O=Intel Corporation,L=Santa Clara,ST=CA,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

Issuer

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

23/10/2020, 00:00

Not After

22/01/2032, 23:59

Subject

CN=Sectigo RSA Time Stamping Signer #2,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/05/2019, 00:00

Not After

18/01/2038, 23:59

Subject

CN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

24:6d:e9:c4:6f:d4:ce:10:17:9c:f8:42:a1:ba:06:5a:01:ca:82:6b:6f:b2:65:44:da:e3:ac:50:fd:62:82:2a
Signer

Actual PE Digest

24:6d:e9:c4:6f:d4:ce:10:17:9c:f8:42:a1:ba:06:5a:01:ca:82:6b:6f:b2:65:44:da:e3:ac:50:fd:62:82:2a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

O:\promo\20210428\tmp\win_32e-rtl_int_5_nor_dyn.rel.c0.s0.t1..h1.w1-anompbdwwin02\libiomp5md.pdb

Imports

kernel32

SwitchToThread
InitializeCriticalSection
LeaveCriticalSection
GetProcAddress
GetCurrentThreadId
EnterCriticalSection
GetLastError
LoadLibraryA
lstrcmpA
GetEnvironmentVariableA
SetThreadAffinityMask
GetProcessAffinityMask
GetCurrentProcess
GetCurrentThread
SetProcessAffinityMask
SetEnvironmentVariableA
FreeEnvironmentStringsA
GetEnvironmentStrings
TlsGetValue
FreeLibrary
LocalFree
WideCharToMultiByte
FormatMessageW
FormatMessageA
LoadLibraryExA
GetModuleFileNameA
GetModuleHandleExA
GetThreadLocale
WriteFile
GetStdHandle
AllocConsole
GetComputerNameA
SetErrorMode
GetCurrentProcessorNumberEx
K32EnumProcessModules
VirtualAlloc
GetSystemInfo
GetVersionExA
GetModuleHandleA
SetEvent
DeleteCriticalSection
TryEnterCriticalSection
CloseHandle
ResetEvent
WaitForSingleObject
Sleep
TlsSetValue
TlsFree
QueryPerformanceCounter
CreateThread
DuplicateHandle
GetExitCodeThread
SleepEx
VirtualQuery
GetFileInformationByHandle
CreateFileA
GetFileAttributesA
QueryPerformanceFrequency
GetSystemDirectoryA
TlsAlloc
CreateEventA
VirtualFree
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead

vcruntime140

memmove
__CxxFrameHandler3
strstr
__C_specific_handler
memset
__std_type_info_destroy_list
memcpy

api-ms-win-crt-string-l1-1-0

tolower
strcpy_s
toupper
strcspn
strspn
isalnum
strlen
strncpy
strcat_s
isdigit
wcscmp
_wcsdup
strncpy_s
isspace

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
_crt_atexit
_seh_filter_dll
terminate
signal
_execute_onexit_table
_register_onexit_function
_invalid_parameter_noinfo
_cexit
abort
_getpid
_exit
raise
exit
_initterm_e
_initterm
_wassert
_errno
_configure_narrow_argv

api-ms-win-crt-heap-l1-1-0

malloc
calloc
_aligned_free
free
_aligned_malloc
realloc

api-ms-win-crt-convert-l1-1-0

strtoul
strtol
strtod
strtoull
atoi
atof

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-stdio-l1-1-0

_close
_open
__stdio_common_vsprintf
__stdio_common_vsnprintf_s
fopen
fread
feof
ferror
fwrite
fgets
fputs
fseek
fgetc
fclose
__stdio_common_vsscanf
__stdio_common_vsprintf_s
__stdio_common_vfprintf
__acrt_iob_func
_read

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-filesystem-l1-1-0

_stat64i32
_fstat64i32

Exports

Exports

KMP_ALIGNED_MALLOC
KMP_CALLOC
KMP_CREATE_AFFINITY_MASK
KMP_DESTROY_AFFINITY_MASK
KMP_FREE
KMP_GET_AFFINITY
KMP_GET_AFFINITY_MASK_PROC
KMP_GET_AFFINITY_MAX_PROC
KMP_GET_BLOCKTIME
KMP_GET_CANCELLATION_STATUS
KMP_GET_LIBRARY
KMP_GET_NUM_KNOWN_THREADS
KMP_GET_STACKSIZE
KMP_GET_STACKSIZE_S
KMP_MALLOC
KMP_REALLOC
KMP_SET_AFFINITY
KMP_SET_AFFINITY_MASK_PROC
KMP_SET_BLOCKTIME
KMP_SET_DEFAULTS
KMP_SET_DISP_NUM_BUFFERS
KMP_SET_LIBRARY
KMP_SET_LIBRARY_SERIAL
KMP_SET_LIBRARY_THROUGHPUT
KMP_SET_LIBRARY_TURNAROUND
KMP_SET_STACKSIZE
KMP_SET_STACKSIZE_S
KMP_SET_WARNINGS_OFF
KMP_SET_WARNINGS_ON
KMP_UNSET_AFFINITY_MASK_PROC
OMP_CAPTURE_AFFINITY
OMP_CONTROL_TOOL
OMP_DESTROY_ALLOCATOR
OMP_DESTROY_LOCK
OMP_DESTROY_NEST_LOCK
OMP_DISPLAY_AFFINITY
OMP_DISPLAY_ENV
OMP_FULFILL_EVENT
OMP_GET_ACTIVE_LEVEL
OMP_GET_AFFINITY_FORMAT
OMP_GET_ANCESTOR_THREAD_NUM
OMP_GET_CANCELLATION
OMP_GET_DEFAULT_ALLOCATOR
OMP_GET_DEFAULT_DEVICE
OMP_GET_DEVICE_NUM
OMP_GET_DYNAMIC
OMP_GET_INITIAL_DEVICE
OMP_GET_LEVEL
OMP_GET_MAX_ACTIVE_LEVELS
OMP_GET_MAX_TASK_PRIORITY
OMP_GET_MAX_TEAMS
OMP_GET_MAX_THREADS
OMP_GET_NESTED
OMP_GET_NUM_DEVICES
OMP_GET_NUM_PLACES
OMP_GET_NUM_PROCS
OMP_GET_NUM_TEAMS
OMP_GET_NUM_THREADS
OMP_GET_PARTITION_NUM_PLACES
OMP_GET_PARTITION_PLACE_NUMS
OMP_GET_PLACE_NUM
OMP_GET_PLACE_NUM_PROCS
OMP_GET_PLACE_PROC_IDS
OMP_GET_PROC_BIND
OMP_GET_SCHEDULE
OMP_GET_SUPPORTED_ACTIVE_LEVELS
OMP_GET_TEAMS_THREAD_LIMIT
OMP_GET_TEAM_NUM
OMP_GET_TEAM_SIZE
OMP_GET_THREAD_LIMIT
OMP_GET_THREAD_NUM
OMP_GET_WTICK
OMP_GET_WTIME
OMP_INIT_ALLOCATOR
OMP_INIT_LOCK
OMP_INIT_LOCK_WITH_HINT
OMP_INIT_NEST_LOCK
OMP_INIT_NEST_LOCK_WITH_HINT
OMP_IN_FINAL
OMP_IN_PARALLEL
OMP_IS_INITIAL_DEVICE
OMP_PAUSE_RESOURCE
OMP_PAUSE_RESOURCE_ALL
OMP_SET_AFFINITY_FORMAT
OMP_SET_DEFAULT_ALLOCATOR
OMP_SET_DEFAULT_DEVICE
OMP_SET_DYNAMIC
OMP_SET_LOCK
OMP_SET_MAX_ACTIVE_LEVELS
OMP_SET_NESTED
OMP_SET_NEST_LOCK
OMP_SET_NUM_TEAMS
OMP_SET_NUM_THREADS
OMP_SET_SCHEDULE
OMP_SET_TEAMS_THREAD_LIMIT
OMP_TEST_LOCK
OMP_TEST_NEST_LOCK
OMP_UNSET_LOCK
OMP_UNSET_NEST_LOCK
_You_must_link_with_Intel_OpenMP_library
_You_must_link_with_Microsoft_OpenMP_library
_You_must_link_with_exactly_one_OpenMP_library
__atomic_compare_exchange
__atomic_load
__atomic_store
__kmp_acquire_drdpa_lock
__kmp_acquire_nested_drdpa_lock
__kmp_acquire_nested_queuing_lock
__kmp_acquire_nested_tas_lock
__kmp_acquire_nested_ticket_lock
__kmp_acquire_queuing_lock
__kmp_acquire_tas_lock
__kmp_acquire_ticket_lock
__kmp_debugging
__kmp_fork_call
__kmp_get_reduce_method
__kmp_invoke_microtask
__kmp_itt_fini_ittlib
__kmp_itt_init_ittlib
__kmp_launch_worker
__kmp_omp_debug_struct_info
__kmp_reap_worker
__kmp_release_64
__kmp_wait_4
__kmp_wait_64
__kmpc_aligned_alloc
__kmpc_alloc
__kmpc_atomic_1
__kmpc_atomic_10
__kmpc_atomic_16
__kmpc_atomic_2
__kmpc_atomic_20
__kmpc_atomic_32
__kmpc_atomic_4
__kmpc_atomic_8
__kmpc_atomic_bool_1_cas
__kmpc_atomic_bool_1_cas_cpt
__kmpc_atomic_bool_2_cas
__kmpc_atomic_bool_2_cas_cpt
__kmpc_atomic_bool_4_cas
__kmpc_atomic_bool_4_cas_cpt
__kmpc_atomic_bool_8_cas
__kmpc_atomic_bool_8_cas_cpt
__kmpc_atomic_cmplx10_add
__kmpc_atomic_cmplx10_add_cpt
__kmpc_atomic_cmplx10_div
__kmpc_atomic_cmplx10_div_cpt
__kmpc_atomic_cmplx10_div_cpt_rev
__kmpc_atomic_cmplx10_div_rev
__kmpc_atomic_cmplx10_mul
__kmpc_atomic_cmplx10_mul_cpt
__kmpc_atomic_cmplx10_rd
__kmpc_atomic_cmplx10_sub
__kmpc_atomic_cmplx10_sub_cpt
__kmpc_atomic_cmplx10_sub_cpt_rev
__kmpc_atomic_cmplx10_sub_rev
__kmpc_atomic_cmplx10_swp
__kmpc_atomic_cmplx10_wr
__kmpc_atomic_cmplx16_add
__kmpc_atomic_cmplx16_add_cpt
__kmpc_atomic_cmplx16_div
__kmpc_atomic_cmplx16_div_cpt
__kmpc_atomic_cmplx16_div_cpt_rev
__kmpc_atomic_cmplx16_div_rev
__kmpc_atomic_cmplx16_mul
__kmpc_atomic_cmplx16_mul_cpt
__kmpc_atomic_cmplx16_rd
__kmpc_atomic_cmplx16_sub
__kmpc_atomic_cmplx16_sub_cpt
__kmpc_atomic_cmplx16_sub_cpt_rev
__kmpc_atomic_cmplx16_sub_rev
__kmpc_atomic_cmplx16_swp
__kmpc_atomic_cmplx16_wr
__kmpc_atomic_cmplx4_add
__kmpc_atomic_cmplx4_add_cmplx8
__kmpc_atomic_cmplx4_add_cpt
__kmpc_atomic_cmplx4_div
__kmpc_atomic_cmplx4_div_cmplx8
__kmpc_atomic_cmplx4_div_cpt
__kmpc_atomic_cmplx4_div_cpt_rev
__kmpc_atomic_cmplx4_div_rev
__kmpc_atomic_cmplx4_mul
__kmpc_atomic_cmplx4_mul_cmplx8
__kmpc_atomic_cmplx4_mul_cpt
__kmpc_atomic_cmplx4_rd
__kmpc_atomic_cmplx4_sub
__kmpc_atomic_cmplx4_sub_cmplx8
__kmpc_atomic_cmplx4_sub_cpt
__kmpc_atomic_cmplx4_sub_cpt_rev
__kmpc_atomic_cmplx4_sub_rev
__kmpc_atomic_cmplx4_swp
__kmpc_atomic_cmplx4_wr
__kmpc_atomic_cmplx8_add
__kmpc_atomic_cmplx8_add_cpt
__kmpc_atomic_cmplx8_div
__kmpc_atomic_cmplx8_div_cpt
__kmpc_atomic_cmplx8_div_cpt_rev
__kmpc_atomic_cmplx8_div_rev
__kmpc_atomic_cmplx8_mul
__kmpc_atomic_cmplx8_mul_cpt
__kmpc_atomic_cmplx8_rd
__kmpc_atomic_cmplx8_sub
__kmpc_atomic_cmplx8_sub_cpt
__kmpc_atomic_cmplx8_sub_cpt_rev
__kmpc_atomic_cmplx8_sub_rev
__kmpc_atomic_cmplx8_swp
__kmpc_atomic_cmplx8_wr
__kmpc_atomic_end
__kmpc_atomic_fixed1_add
__kmpc_atomic_fixed1_add_cpt
__kmpc_atomic_fixed1_add_cpt_fp
__kmpc_atomic_fixed1_add_fp
__kmpc_atomic_fixed1_andb
__kmpc_atomic_fixed1_andb_cpt
__kmpc_atomic_fixed1_andl
__kmpc_atomic_fixed1_andl_cpt
__kmpc_atomic_fixed1_div
__kmpc_atomic_fixed1_div_cpt
__kmpc_atomic_fixed1_div_cpt_fp
__kmpc_atomic_fixed1_div_cpt_rev
__kmpc_atomic_fixed1_div_cpt_rev_fp
__kmpc_atomic_fixed1_div_float8
__kmpc_atomic_fixed1_div_fp
__kmpc_atomic_fixed1_div_rev
__kmpc_atomic_fixed1_div_rev_fp
__kmpc_atomic_fixed1_eqv
__kmpc_atomic_fixed1_eqv_cpt
__kmpc_atomic_fixed1_max
__kmpc_atomic_fixed1_max_cpt
__kmpc_atomic_fixed1_min
__kmpc_atomic_fixed1_min_cpt
__kmpc_atomic_fixed1_mul
__kmpc_atomic_fixed1_mul_cpt
__kmpc_atomic_fixed1_mul_cpt_fp
__kmpc_atomic_fixed1_mul_float8
__kmpc_atomic_fixed1_mul_fp
__kmpc_atomic_fixed1_neqv
__kmpc_atomic_fixed1_neqv_cpt
__kmpc_atomic_fixed1_orb
__kmpc_atomic_fixed1_orb_cpt
__kmpc_atomic_fixed1_orl
__kmpc_atomic_fixed1_orl_cpt
__kmpc_atomic_fixed1_rd
__kmpc_atomic_fixed1_shl
__kmpc_atomic_fixed1_shl_cpt
__kmpc_atomic_fixed1_shl_cpt_rev
__kmpc_atomic_fixed1_shl_rev
__kmpc_atomic_fixed1_shr
__kmpc_atomic_fixed1_shr_cpt
__kmpc_atomic_fixed1_shr_cpt_rev
__kmpc_atomic_fixed1_shr_rev
__kmpc_atomic_fixed1_sub
__kmpc_atomic_fixed1_sub_cpt
__kmpc_atomic_fixed1_sub_cpt_fp
__kmpc_atomic_fixed1_sub_cpt_rev
__kmpc_atomic_fixed1_sub_cpt_rev_fp
__kmpc_atomic_fixed1_sub_fp
__kmpc_atomic_fixed1_sub_rev
__kmpc_atomic_fixed1_sub_rev_fp
__kmpc_atomic_fixed1_swp
__kmpc_atomic_fixed1_wr
__kmpc_atomic_fixed1_xor
__kmpc_atomic_fixed1_xor_cpt
__kmpc_atomic_fixed1u_add_cpt_fp
__kmpc_atomic_fixed1u_add_fp
__kmpc_atomic_fixed1u_div
__kmpc_atomic_fixed1u_div_cpt
__kmpc_atomic_fixed1u_div_cpt_fp
__kmpc_atomic_fixed1u_div_cpt_rev
__kmpc_atomic_fixed1u_div_cpt_rev_fp
__kmpc_atomic_fixed1u_div_fp
__kmpc_atomic_fixed1u_div_rev
__kmpc_atomic_fixed1u_div_rev_fp
__kmpc_atomic_fixed1u_mul_cpt_fp
__kmpc_atomic_fixed1u_mul_fp
__kmpc_atomic_fixed1u_shr
__kmpc_atomic_fixed1u_shr_cpt
__kmpc_atomic_fixed1u_shr_cpt_rev
__kmpc_atomic_fixed1u_shr_rev
__kmpc_atomic_fixed1u_sub_cpt_fp
__kmpc_atomic_fixed1u_sub_cpt_rev_fp
__kmpc_atomic_fixed1u_sub_fp
__kmpc_atomic_fixed1u_sub_rev_fp
__kmpc_atomic_fixed2_add
__kmpc_atomic_fixed2_add_cpt
__kmpc_atomic_fixed2_add_cpt_fp
__kmpc_atomic_fixed2_add_fp
__kmpc_atomic_fixed2_andb
__kmpc_atomic_fixed2_andb_cpt
__kmpc_atomic_fixed2_andl
__kmpc_atomic_fixed2_andl_cpt
__kmpc_atomic_fixed2_div
__kmpc_atomic_fixed2_div_cpt
__kmpc_atomic_fixed2_div_cpt_fp
__kmpc_atomic_fixed2_div_cpt_rev
__kmpc_atomic_fixed2_div_cpt_rev_fp
__kmpc_atomic_fixed2_div_float8
__kmpc_atomic_fixed2_div_fp
__kmpc_atomic_fixed2_div_rev
__kmpc_atomic_fixed2_div_rev_fp
__kmpc_atomic_fixed2_eqv
__kmpc_atomic_fixed2_eqv_cpt
__kmpc_atomic_fixed2_max
__kmpc_atomic_fixed2_max_cpt
__kmpc_atomic_fixed2_min
__kmpc_atomic_fixed2_min_cpt
__kmpc_atomic_fixed2_mul
__kmpc_atomic_fixed2_mul_cpt
__kmpc_atomic_fixed2_mul_cpt_fp
__kmpc_atomic_fixed2_mul_float8
__kmpc_atomic_fixed2_mul_fp
__kmpc_atomic_fixed2_neqv
__kmpc_atomic_fixed2_neqv_cpt
__kmpc_atomic_fixed2_orb
__kmpc_atomic_fixed2_orb_cpt
__kmpc_atomic_fixed2_orl
__kmpc_atomic_fixed2_orl_cpt
__kmpc_atomic_fixed2_rd
__kmpc_atomic_fixed2_shl
__kmpc_atomic_fixed2_shl_cpt
__kmpc_atomic_fixed2_shl_cpt_rev
__kmpc_atomic_fixed2_shl_rev
__kmpc_atomic_fixed2_shr
__kmpc_atomic_fixed2_shr_cpt
__kmpc_atomic_fixed2_shr_cpt_rev
__kmpc_atomic_fixed2_shr_rev
__kmpc_atomic_fixed2_sub
__kmpc_atomic_fixed2_sub_cpt
__kmpc_atomic_fixed2_sub_cpt_fp
__kmpc_atomic_fixed2_sub_cpt_rev
__kmpc_atomic_fixed2_sub_cpt_rev_fp
__kmpc_atomic_fixed2_sub_fp
__kmpc_atomic_fixed2_sub_rev
__kmpc_atomic_fixed2_sub_rev_fp
__kmpc_atomic_fixed2_swp
__kmpc_atomic_fixed2_wr
__kmpc_atomic_fixed2_xor
__kmpc_atomic_fixed2_xor_cpt
__kmpc_atomic_fixed2u_add_cpt_fp
__kmpc_atomic_fixed2u_add_fp
__kmpc_atomic_fixed2u_div
__kmpc_atomic_fixed2u_div_cpt
__kmpc_atomic_fixed2u_div_cpt_fp
__kmpc_atomic_fixed2u_div_cpt_rev
__kmpc_atomic_fixed2u_div_cpt_rev_fp
__kmpc_atomic_fixed2u_div_fp
__kmpc_atomic_fixed2u_div_rev
__kmpc_atomic_fixed2u_div_rev_fp
__kmpc_atomic_fixed2u_mul_cpt_fp
__kmpc_atomic_fixed2u_mul_fp
__kmpc_atomic_fixed2u_shr
__kmpc_atomic_fixed2u_shr_cpt
__kmpc_atomic_fixed2u_shr_cpt_rev
__kmpc_atomic_fixed2u_shr_rev
__kmpc_atomic_fixed2u_sub_cpt_fp
__kmpc_atomic_fixed2u_sub_cpt_rev_fp
__kmpc_atomic_fixed2u_sub_fp
__kmpc_atomic_fixed2u_sub_rev_fp
__kmpc_atomic_fixed4_add
__kmpc_atomic_fixed4_add_cpt
__kmpc_atomic_fixed4_add_cpt_fp
__kmpc_atomic_fixed4_add_fp
__kmpc_atomic_fixed4_andb
__kmpc_atomic_fixed4_andb_cpt
__kmpc_atomic_fixed4_andl
__kmpc_atomic_fixed4_andl_cpt
__kmpc_atomic_fixed4_div
__kmpc_atomic_fixed4_div_cpt
__kmpc_atomic_fixed4_div_cpt_fp
__kmpc_atomic_fixed4_div_cpt_rev
__kmpc_atomic_fixed4_div_cpt_rev_fp
__kmpc_atomic_fixed4_div_float8
__kmpc_atomic_fixed4_div_fp
__kmpc_atomic_fixed4_div_rev
__kmpc_atomic_fixed4_div_rev_fp
__kmpc_atomic_fixed4_eqv
__kmpc_atomic_fixed4_eqv_cpt
__kmpc_atomic_fixed4_max
__kmpc_atomic_fixed4_max_cpt
__kmpc_atomic_fixed4_min
__kmpc_atomic_fixed4_min_cpt
__kmpc_atomic_fixed4_mul
__kmpc_atomic_fixed4_mul_cpt
__kmpc_atomic_fixed4_mul_cpt_fp
__kmpc_atomic_fixed4_mul_float8
__kmpc_atomic_fixed4_mul_fp
__kmpc_atomic_fixed4_neqv
__kmpc_atomic_fixed4_neqv_cpt
__kmpc_atomic_fixed4_orb
__kmpc_atomic_fixed4_orb_cpt
__kmpc_atomic_fixed4_orl
__kmpc_atomic_fixed4_orl_cpt
__kmpc_atomic_fixed4_rd
__kmpc_atomic_fixed4_shl
__kmpc_atomic_fixed4_shl_cpt
__kmpc_atomic_fixed4_shl_cpt_rev
__kmpc_atomic_fixed4_shl_rev
__kmpc_atomic_fixed4_shr
__kmpc_atomic_fixed4_shr_cpt
__kmpc_atomic_fixed4_shr_cpt_rev
__kmpc_atomic_fixed4_shr_rev
__kmpc_atomic_fixed4_sub
__kmpc_atomic_fixed4_sub_cpt
__kmpc_atomic_fixed4_sub_cpt_fp
__kmpc_atomic_fixed4_sub_cpt_rev
__kmpc_atomic_fixed4_sub_cpt_rev_fp
__kmpc_atomic_fixed4_sub_fp
__kmpc_atomic_fixed4_sub_rev
__kmpc_atomic_fixed4_sub_rev_fp
__kmpc_atomic_fixed4_swp
__kmpc_atomic_fixed4_wr
__kmpc_atomic_fixed4_xor
__kmpc_atomic_fixed4_xor_cpt
__kmpc_atomic_fixed4u_add_cpt_fp
__kmpc_atomic_fixed4u_add_fp
__kmpc_atomic_fixed4u_div
__kmpc_atomic_fixed4u_div_cpt
__kmpc_atomic_fixed4u_div_cpt_fp
__kmpc_atomic_fixed4u_div_cpt_rev
__kmpc_atomic_fixed4u_div_cpt_rev_fp
__kmpc_atomic_fixed4u_div_fp
__kmpc_atomic_fixed4u_div_rev
__kmpc_atomic_fixed4u_div_rev_fp
__kmpc_atomic_fixed4u_mul_cpt_fp
__kmpc_atomic_fixed4u_mul_fp
__kmpc_atomic_fixed4u_shr
__kmpc_atomic_fixed4u_shr_cpt
__kmpc_atomic_fixed4u_shr_cpt_rev
__kmpc_atomic_fixed4u_shr_rev
__kmpc_atomic_fixed4u_sub_cpt_fp
__kmpc_atomic_fixed4u_sub_cpt_rev_fp
__kmpc_atomic_fixed4u_sub_fp
__kmpc_atomic_fixed4u_sub_rev_fp
__kmpc_atomic_fixed8_add
__kmpc_atomic_fixed8_add_cpt
__kmpc_atomic_fixed8_add_cpt_fp
__kmpc_atomic_fixed8_add_fp
__kmpc_atomic_fixed8_andb
__kmpc_atomic_fixed8_andb_cpt
__kmpc_atomic_fixed8_andl
__kmpc_atomic_fixed8_andl_cpt
__kmpc_atomic_fixed8_div
__kmpc_atomic_fixed8_div_cpt
__kmpc_atomic_fixed8_div_cpt_fp
__kmpc_atomic_fixed8_div_cpt_rev
__kmpc_atomic_fixed8_div_cpt_rev_fp
__kmpc_atomic_fixed8_div_float8
__kmpc_atomic_fixed8_div_fp
__kmpc_atomic_fixed8_div_rev
__kmpc_atomic_fixed8_div_rev_fp
__kmpc_atomic_fixed8_eqv
__kmpc_atomic_fixed8_eqv_cpt
__kmpc_atomic_fixed8_max
__kmpc_atomic_fixed8_max_cpt
__kmpc_atomic_fixed8_min
__kmpc_atomic_fixed8_min_cpt
__kmpc_atomic_fixed8_mul
__kmpc_atomic_fixed8_mul_cpt
__kmpc_atomic_fixed8_mul_cpt_fp
__kmpc_atomic_fixed8_mul_float8
__kmpc_atomic_fixed8_mul_fp
__kmpc_atomic_fixed8_neqv
__kmpc_atomic_fixed8_neqv_cpt
__kmpc_atomic_fixed8_orb
__kmpc_atomic_fixed8_orb_cpt
__kmpc_atomic_fixed8_orl
__kmpc_atomic_fixed8_orl_cpt
__kmpc_atomic_fixed8_rd
__kmpc_atomic_fixed8_shl
__kmpc_atomic_fixed8_shl_cpt
__kmpc_atomic_fixed8_shl_cpt_rev
__kmpc_atomic_fixed8_shl_rev
__kmpc_atomic_fixed8_shr
__kmpc_atomic_fixed8_shr_cpt
__kmpc_atomic_fixed8_shr_cpt_rev
__kmpc_atomic_fixed8_shr_rev
__kmpc_atomic_fixed8_sub
__kmpc_atomic_fixed8_sub_cpt
__kmpc_atomic_fixed8_sub_cpt_fp
__kmpc_atomic_fixed8_sub_cpt_rev
__kmpc_atomic_fixed8_sub_cpt_rev_fp
__kmpc_atomic_fixed8_sub_fp
__kmpc_atomic_fixed8_sub_rev
__kmpc_atomic_fixed8_sub_rev_fp
__kmpc_atomic_fixed8_swp
__kmpc_atomic_fixed8_wr
__kmpc_atomic_fixed8_xor
__kmpc_atomic_fixed8_xor_cpt
__kmpc_atomic_fixed8u_add_cpt_fp
__kmpc_atomic_fixed8u_add_fp
__kmpc_atomic_fixed8u_div
__kmpc_atomic_fixed8u_div_cpt
__kmpc_atomic_fixed8u_div_cpt_fp
__kmpc_atomic_fixed8u_div_cpt_rev
__kmpc_atomic_fixed8u_div_cpt_rev_fp
__kmpc_atomic_fixed8u_div_fp
__kmpc_atomic_fixed8u_div_rev
__kmpc_atomic_fixed8u_div_rev_fp
__kmpc_atomic_fixed8u_mul_cpt_fp
__kmpc_atomic_fixed8u_mul_fp

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 205KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data1
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.trace
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.debug_o
Size: 232KB - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mendelevium.tiff
modules/auth/auth.go
modules/auth/auth_test.go
modules/auth/middleware.go
.js
modules/auth/middleware_test.go
modules/auth/session.go
modules/collection/collection.go
.js
modules/collection/collection_test.go
modules/config/config.go
.js
modules/config/config.ini
modules/config/config.yaml
modules/config/config_test.go
modules/constant/constant.go
modules/db/base.go
modules/db/connection.go
modules/db/converter.go
modules/db/dialect/common.go
modules/db/dialect/dialect.go
modules/db/dialect/mssql.go
modules/db/dialect/mysql.go
modules/db/dialect/postgresql.go
modules/db/dialect/sqlite.go
modules/db/drivers/mssql/mssql.go
modules/db/drivers/mysql/mysql.go
modules/db/drivers/postgres/postgres.go
modules/db/drivers/sqlite/sqlite.go
modules/db/mssql.go
modules/db/mysql.go
modules/db/performer.go
.js
modules/db/postgresql.go
modules/db/sqlite.go
modules/db/statement.go
modules/db/statement_mssql_test.go
modules/db/statement_mysql_test.go
modules/db/statement_postgresql_test.go
modules/db/statement_sqlite_test.go
modules/db/statement_test.go
modules/db/types.go
modules/db/types_test.go
modules/errors/error.go
modules/file/file.go
.js
modules/file/local.go
modules/language/cn.go
.js
modules/language/en.go
.js
modules/language/jp.go
.js
modules/language/language.go
modules/language/language_test.go
modules/language/pt-BR.go
.js
modules/language/tc.go
.js
modules/logger/logger.go
modules/logger/logger_test.go
modules/menu/menu.go
.js
modules/menu/menu_test.go
modules/page/page.go
modules/remote_server/remote_server.go
modules/service/service.go
modules/system/application.go
modules/system/version.go
.js
modules/ui/ui.go
modules/utils/utils.go
modules/utils/utils_test.go
msedge_elf.dll
.dll windows:5 windows x64 arch:x64

Password: 8585

e5e4f3f5367c0c82df24a4723fbd8a3c

Code Sign

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2023, 19:51

Not After

16/10/2024, 19:51

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

38:db:40:ca:fd:18:73:6c:6c:86:d0:bf:9c:e4:a5:8d:9d:b7:81:3d:7b:46:1b:95:cf:f6:a9:01:db:ab:5e:14
Signer

Actual PE Digest

38:db:40:ca:fd:18:73:6c:6c:86:d0:bf:9c:e4:a5:8d:9d:b7:81:3d:7b:46:1b:95:cf:f6:a9:01:db:ab:5e:14

Digest Algorithm

sha256

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\e\src\out\Release_x64\msedge_elf.dll.pdb

Imports

kernel32

AcquireSRWLockExclusive
AddVectoredExceptionHandler
AssignProcessToJobObject
CancelIo
CloseHandle
CompareStringW
ConnectNamedPipe
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
DeleteCriticalSection
DeleteFileW
DeleteProcThreadAttributeList
DeviceIoControl
DisconnectNamedPipe
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlsAlloc
FlsFree
FlsGetValue
FlsSetValue
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalProcessorInformation
GetLogicalProcessorInformationEx
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeClientProcessId
GetNamedPipeServerProcessId
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessHeap
GetProcessId
GetProductInfo
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadId
GetThreadPriority
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExW
GetWindowsDirectoryW
GlobalMemoryStatusEx
HeapAlloc
HeapFree
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeProcThreadAttributeList
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
K32GetMappedFileNameW
K32GetModuleInformation
K32QueryWorkingSetEx
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
QueryThreadCycleTime
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSRWLockExclusive
RemoveDirectoryW
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlCaptureStackBackTrace
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointerEx
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetProcessMitigationPolicy
SetStdHandle
SetThreadInformation
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryAcquireSRWLockExclusive
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
UpdateProcThreadAttribute
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteProcessMemory
lstrcmpiA
lstrcmpiW
lstrlenA

ntdll

NtClose
NtCreateKey
NtDeleteKey
NtOpenKeyEx
NtQueryValueKey
NtSetValueKey
RtlFormatCurrentUserKeyPath
RtlFreeUnicodeString
RtlGetLastNtStatus
RtlInitUnicodeString

oleaut32

GetErrorInfo
SetErrorInfo
SysAllocString
SysFreeString
SysStringLen

Exports

Exports

??0PwaHelperImpl@edge_pwahelper@@QEAA@XZ
??1PwaHelperImpl@edge_pwahelper@@UEAA@XZ
??_7PwaHelperImpl@edge_pwahelper@@6B@
?AppendMojoServerBindingInfo@PwaHelperImpl@edge_pwahelper@@AEAAXPEAVCommandLine@base@@@Z
?BadgeNotification@PwaHelperImpl@edge_pwahelper@@UEAAXW4BadgeNotificationType@mojom@2@AEBV?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@@Z
?BindWidgetManager@PwaHelperImpl@edge_pwahelper@@AEAAXV?$ScopedHandleBase@VMessagePipeHandle@mojo@@@mojo@@@Z
?DigitalGoodsAbortPaymentApp@PwaHelperImpl@edge_pwahelper@@UEAAXV?$OnceCallback@$$A6AX_N@Z@base@@@Z
?DigitalGoodsConsume@PwaHelperImpl@edge_pwahelper@@UEAAXAEBV?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@V?$OnceCallback@$$A6AXW4BillingResponseCode@mojom@payments@@@Z@base@@@Z
?DigitalGoodsGetDetails@PwaHelperImpl@edge_pwahelper@@UEAAXAEBV?$vector@V?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@@23@@__Cr@std@@V?$OnceCallback@$$A6AXW4BillingResponseCode@mojom@payments@@V?$vector@V?$StructPtr@VItemDetails@mojom@payments@@@mojo@@V?$allocator@V?$StructPtr@VItemDetails@mojom@payments@@@mojo@@@__Cr@std@@@__Cr@std@@@Z@base@@@Z
?DigitalGoodsInvokePaymentApp@PwaHelperImpl@edge_pwahelper@@UEAAXAEBV?$basic_string@DU?$char_traits@D@__Cr@std@@V?$allocator@D@23@@__Cr@std@@V?$OnceCallback@$$A6AXW4PurchaseResponseCode@mojom@edge_pwahelper@@@Z@base@@@Z
?DigitalGoodsListPurchaseHistory@PwaHelperImpl@edge_pwahelper@@UEAAXV?$OnceCallback@$$A6AXW4BillingResponseCode@mojom@payments@@V?$vector@V?$InlinedStructPtr@VPurchaseReference@mojom@payments@@@mojo@@V?$allocator@V?$InlinedStructPtr@VPurchaseReference@mojom@payments@@@mojo@@@__Cr@std@@@__Cr@std@@@Z@base@@@Z
?DigitalGoodsListPurchases@PwaHelperImpl@edge_pwahelper@@UEAAXV?$OnceCallback@$$A6AXW4BillingResponseCode@mojom@payments@@V?$vector@V?$InlinedStructPtr@VPurchaseReference@mojom@payments@@@mojo@@V?$allocator@V?$InlinedStructPtr@VPurchaseReference@mojom@payments@@@mojo@@@__Cr@std@@@__Cr@std@@@Z@base@@@Z
?GetAppAcquisitionDetail@PwaHelperImpl@edge_pwahelper@@UEAAXV?$OnceCallback@$$A6AXW4AcquisitionInfoResponseCode@mojom@edge_acquisition_info@@V?$InlinedStructPtr@VAcquisitionDetails@mojom@edge_acquisition_info@@@mojo@@@Z@base@@@Z
?InitMojo@PwaHelperImpl@edge_pwahelper@@AEAAXXZ
?InitializeAppUserModelIdForCurrentProcess@PwaHelperImpl@edge_pwahelper@@QEAA_NXZ
?OnClientConnected@PwaHelperImpl@edge_pwahelper@@AEAAXPEAVWaitableEvent@base@@@Z
?PinTileToStart@PwaHelperImpl@edge_pwahelper@@UEAAXXZ
?PinTileToTaskbar@PwaHelperImpl@edge_pwahelper@@UEAAXXZ
?SetPwaHwnd@PwaHelperImpl@edge_pwahelper@@UEAAX_K@Z
?SetSingletonProcessId@PwaHelperImpl@edge_pwahelper@@UEAAXI@Z
?Shutdown@PwaHelperImpl@edge_pwahelper@@AEAAXI@Z
?StartAppWithIncomingMojo@PwaHelperImpl@edge_pwahelper@@QEAAXVPlatformChannelEndpoint@mojo@@@Z
?StartAppWithPlatformChannel@PwaHelperImpl@edge_pwahelper@@QEAAXV?$unique_ptr@VCommandLine@base@@U?$default_delete@VCommandLine@base@@@__Cr@std@@@__Cr@std@@@Z
?StartProcessWithMojoIPC@PwaHelperImpl@edge_pwahelper@@QEAAKPEAXV?$unique_ptr@VCommandLine@base@@U?$default_delete@VCommandLine@base@@@__Cr@std@@@__Cr@std@@V?$unique_ptr@VScopedTempDir@base@@U?$default_delete@VScopedTempDir@base@@@__Cr@std@@@45@@Z
?TryActivateInstance@PwaHelperImpl@edge_pwahelper@@AEAAXPEAVCommandLine@base@@@Z
?ValidateHandShake@PwaHelperImpl@edge_pwahelper@@AEAAXXZ
ClearReportsBetween_ExportThunk
CrashForException_ExportThunk
DisableHook
DrainLog
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
GetApplyHookResult
GetBlockedModulesCount
GetCrashReports_ExportThunk
GetCrashpadDatabasePath_ExportThunk
GetElfLoadThreadId
GetHandleVerifier
GetInjectionMitigationStatus
GetInstallDetailsPayload
GetUniqueBlockedModulesCount
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsBrowserProcess
IsExtensionPointDisableSet
IsThirdPartyInitialized
OQS_CPU_has_extension
OQS_KEM_alg_count
OQS_KEM_alg_identifier
OQS_KEM_alg_is_enabled
OQS_KEM_decaps
OQS_KEM_encaps
OQS_KEM_free
OQS_KEM_keypair
OQS_KEM_kyber_768_decaps
OQS_KEM_kyber_768_encaps
OQS_KEM_kyber_768_keypair
OQS_KEM_new
OQS_MEM_cleanse
OQS_MEM_insecure_free
OQS_MEM_secure_bcmp
OQS_MEM_secure_free
OQS_SIG_alg_count
OQS_SIG_alg_identifier
OQS_SIG_alg_is_enabled
OQS_SIG_free
OQS_SIG_keypair
OQS_SIG_new
OQS_SIG_sign
OQS_SIG_verify
OQS_destroy
OQS_init
OQS_randombytes
OQS_randombytes_custom_algorithm
OQS_randombytes_nist_kat_init_256bit
OQS_randombytes_switch_algorithm
OQS_version
RegisterLogNotification
RequestSingleCrashUpload_ExportThunk
SetMetricsClientId
SetTelemetryLevel_ExportThunk
SetUploadConsent_ExportThunk
SignalChromeElf
SignalInitializeCrashReporting
StartAppWithParameter

Sections

.text
Size: 3.1MB - Virtual size: 3.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 597KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crthunk
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gxfg
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.retplne
Size: 512B - Virtual size: 196B

.rodata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

malloc_h
Size: 512B - Virtual size: 226B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
plugins/admin/admin.go
plugins/admin/controller/Update.go
plugins/admin/controller/api_create.go
plugins/admin/controller/api_detail.go
.js
plugins/admin/controller/api_list.go
plugins/admin/controller/api_update.go
plugins/admin/controller/auth.go
plugins/admin/controller/common.go
plugins/admin/controller/common_test.go
plugins/admin/controller/delete.go
plugins/admin/controller/detail.go
.js
plugins/admin/controller/edit.go
.js
plugins/admin/controller/handler.go
plugins/admin/controller/install.go
plugins/admin/controller/menu.go
plugins/admin/controller/new.go
.js
plugins/admin/controller/operation.go
plugins/admin/controller/plugins.go
plugins/admin/controller/plugins_tmpl.go
.js
plugins/admin/controller/show.go
.js
plugins/admin/controller/system.go
plugins/admin/data/mysql/admin.sql
plugins/admin/data/sqlite/admin.db
plugins/admin/models/base.go
plugins/admin/models/menu.go
plugins/admin/models/operation_log.go
plugins/admin/models/permission.go
plugins/admin/models/role.go
plugins/admin/models/site.go
.js
plugins/admin/models/user.go
.js
plugins/admin/modules/captcha/captcha.go
plugins/admin/modules/constant/constant.go
plugins/admin/modules/form/form.go
.js
plugins/admin/modules/guard/delete.go
plugins/admin/modules/guard/edit.go
plugins/admin/modules/guard/export.go
plugins/admin/modules/guard/guard.go
plugins/admin/modules/guard/menu_delete.go
plugins/admin/modules/guard/menu_edit.go
plugins/admin/modules/guard/menu_new.go
plugins/admin/modules/guard/new.go
plugins/admin/modules/guard/server_login.go
plugins/admin/modules/guard/update.go
plugins/admin/modules/helper.go
plugins/admin/modules/helper_test.go
plugins/admin/modules/paginator/paginator.go
plugins/admin/modules/paginator/paginator_test.go
plugins/admin/modules/parameter/parameter.go
.js
plugins/admin/modules/parameter/parameter_test.go
plugins/admin/modules/response/response.go
.js
plugins/admin/modules/table/config.go
plugins/admin/modules/table/default.go
.js
plugins/admin/modules/table/default_test.go
plugins/admin/modules/table/generators.go
.js
plugins/admin/modules/table/table.go
plugins/admin/modules/table/tmpl.go
.js
plugins/admin/modules/table/tmpl/choose_table_ajax.tmpl
.js
plugins/admin/modules/table/tmpl/generator.tmpl
.js
plugins/admin/modules/tools/generator.go
.js
plugins/admin/modules/tools/template.go
plugins/admin/router.go
plugins/example/controller.go
plugins/example/example.go
plugins/example/go_plugin/Makefile
plugins/example/go_plugin/main.go
plugins/example/router.go
plugins/plugins.go
.js
plugins/plugins_test.go
ṔḁṨṨẄṏṛḒ.txt
@#!!Setup_8585_ṔḁṨṨẄ0ṛḒ$$/Key.png
.png

Password: 8585
@#!!Setup_8585_ṔḁṨṨẄ0ṛḒ$$/ṔḁṨṨẄṏṛḒ.txt
ṔḁṨṨẄṏṛḒ.txt

Sharing

General

Malware Config

Signatures

Files

Password: 8585

Password: 8585

Password: 8585

b7e244ba46aac2a40ea643244bcedc5b

Code Sign

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5Certificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

bb:c2:75:72:31:f2:01:c4:fe:84:98:96:a8:e9:ec:40:7c:71:ab:e8:83:35:a7:ec:5d:53:66:19:0a:42:a3:c1Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msedge_elf

advapi32

dbghelp

winmm

kernel32

api-ms-win-core-winrt-l1-1-0

ole32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 868KB - Virtual size: 867KB

.rdata Size: 162KB - Virtual size: 162KB

.data Size: 62KB - Virtual size: 104KB

.pdata Size: 34KB - Virtual size: 34KB

.00cfg Size: 512B - Virtual size: 48B

.gxfg Size: 10KB - Virtual size: 10KB

.retplne Size: 512B - Virtual size: 140B

.tls Size: 512B - Virtual size: 397B

_RDATA Size: 512B - Virtual size: 348B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

Password: 8585

9b14b7fa019c28e47846cb285d611b05

Code Sign

01:02:80:e6:32:aa:56:50:91:67:c4:2a:dc:45:2f:68Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

9d:40:b3:bc:74:bd:b6:38:68:0c:b3:16:95:d2:2e:d8:e2:9b:a6:a9:7a:80:e2:5b:34:9c:b8:33:dc:7c:21:2cSigner

Headers

File Characteristics

PDB Paths

Imports

libmmd

msvcrt

kernel32

imagehlp

Exports

Exports

Sections

.text Size: 818KB - Virtual size: 817KB

.rdata Size: 128KB - Virtual size: 128KB

.data Size: 10KB - Virtual size: 104KB

.pdata Size: 12KB - Virtual size: 12KB

_RDATA Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 1008B

.reloc Size: 17KB - Virtual size: 17KB

Password: 8585

33:00:00:03:a5:41:11:e8:f0:7f:be:0b:75:00:00:00:00:03:a5
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

bb:c2:75:72:31:f2:01:c4:fe:84:98:96:a8:e9:ec:40:7c:71:ab:e8:83:35:a7:ec:5d:53:66:19:0a:42:a3:c1
Signer

.text
Size: 868KB - Virtual size: 867KB

.rdata
Size: 162KB - Virtual size: 162KB

.data
Size: 62KB - Virtual size: 104KB

.pdata
Size: 34KB - Virtual size: 34KB

.00cfg
Size: 512B - Virtual size: 48B

.gxfg
Size: 10KB - Virtual size: 10KB

.retplne
Size: 512B - Virtual size: 140B

.tls
Size: 512B - Virtual size: 397B

_RDATA
Size: 512B - Virtual size: 348B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB

01:02:80:e6:32:aa:56:50:91:67:c4:2a:dc:45:2f:68
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

9d:40:b3:bc:74:bd:b6:38:68:0c:b3:16:95:d2:2e:d8:e2:9b:a6:a9:7a:80:e2:5b:34:9c:b8:33:dc:7c:21:2c
Signer

.text
Size: 818KB - Virtual size: 817KB

.rdata
Size: 128KB - Virtual size: 128KB

.data
Size: 10KB - Virtual size: 104KB

.pdata
Size: 12KB - Virtual size: 12KB

_RDATA
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 1008B

.reloc
Size: 17KB - Virtual size: 17KB

56:00:00:0c:93:f1:58:c4:a1:91:6f:ee:06:00:00:00:00:0c:93
Certificate

06:9b:5e:99:27:72:84:c8:76:7f:13:68:a7:de:b0:f3
Certificate

8c:77:a0:00:8f:f4:d1:b0:c6:3d:9f:3a:48:83:8d:6b
Certificate

30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9
Certificate

24:6d:e9:c4:6f:d4:ce:10:17:9c:f8:42:a1:ba:06:5a:01:ca:82:6b:6f:b2:65:44:da:e3:ac:50:fd:62:82:2a
Signer

.text
Size: 1.3MB - Virtual size: 1.3MB

.rdata
Size: 195KB - Virtual size: 195KB

.data
Size: 41KB - Virtual size: 205KB

.pdata
Size: 45KB - Virtual size: 44KB

.data1
Size: 20KB - Virtual size: 19KB

.trace
Size: 512B - Virtual size: 192B

.gfids
Size: 512B - Virtual size: 20B

_RDATA
Size: 4KB - Virtual size: 4KB

.debug_o
Size: 232KB - Virtual size: 232KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 17KB - Virtual size: 17KB

33:00:00:03:a4:cb:e3:56:b8:cb:7f:e4:27:00:00:00:00:03:a4
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

38:db:40:ca:fd:18:73:6c:6c:86:d0:bf:9c:e4:a5:8d:9d:b7:81:3d:7b:46:1b:95:cf:f6:a9:01:db:ab:5e:14
Signer

.text
Size: 3.1MB - Virtual size: 3.1MB

.rdata
Size: 597KB - Virtual size: 596KB

.data
Size: 73KB - Virtual size: 139KB

.pdata
Size: 108KB - Virtual size: 108KB

.00cfg
Size: 512B - Virtual size: 48B

.crthunk
Size: 512B - Virtual size: 128B

.gxfg
Size: 12KB - Virtual size: 11KB