njrat | KIWI X REBORN[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

KIWI X REBORN.rar
Size

8.7MB
MD5

d926139e87ea0093ae90a7528e0cc05e
SHA1

6e6734b1028de7c39b2eb0729bc1908c042ef3da
SHA256

41404fb75ff6a5a1b79830bbeee3045f12b2f43134318b0b219c45da3b940bb1
SHA512

0d0af12bbb2919ec76ef72efd201acfa774d16c2a0eff7229f19be0bf2a03cab6da81f13ed9fd58d13b4c2a3b2eab661ac37833a1abbc18fd803ed1bea9dd164
SSDEEP

196608:vUIQdFzlEasIsEBdaXKWmHvnj2n3kcE1W1xqBUR6a4mTR:MDzxvBdqKWmHvnj2JQNBU+mTR

Score

10^/10

hacked njrat

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

HacKed

having-jackson.gl.at.ply.gg:56522

Mutex

7c148ac38012fc3caa04b1bbe75feba0

Attributes

reg_key
7c148ac38012fc3caa04b1bbe75feba0
splitter
|'|'|

Signatures

Njrat family
njrat

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Kiwi REBORN (free)/Inj.exe
unpack001/Kiwi REBORN (free)/KiwiX REBORN.exe

Files

KIWI X REBORN.rar
.rar

Password: key_afg
Kiwi REBORN (free)/Exec.dll
.dll windows:6 windows x64 arch:x64

Password: key_afg

850ed9fffc9a75f2316a2b644c3389db

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/12/2013, 00:00

Not After

22/12/2016, 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01/01/2014, 00:00

Not After

31/12/2014, 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/02/2021, 00:00

Not After

16/04/2024, 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:1c:47:2f:33:77:cb:24:86:e5:e2:61:b5:19:1e:bc:e0:8a:17:fe:33:f9:8f:2e:aa:a6:88:97:28:c9:05:c5
Signer

Actual PE Digest

e0:1c:47:2f:33:77:cb:24:86:e5:e2:61:b5:19:1e:bc:e0:8a:17:fe:33:f9:8f:2e:aa:a6:88:97:28:c9:05:c5

Digest Algorithm

sha256

PE Digest Matches

true

1e:63:86:b8:16:95:ec:b3:10:3b:b5:ce:f2:fb:d8:b3:87:6d:35:e6
Signer

Actual PE Digest

1e:63:86:b8:16:95:ec:b3:10:3b:b5:ce:f2:fb:d8:b3:87:6d:35:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\tinderboxa\win-7.0\out\win.amd64\release\obj\VBoxRT\VBoxRT.pdb

Imports

vcruntime140

memcpy
__std_type_info_destroy_list
__current_exception_context
_purecall
strrchr
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__current_exception
__C_specific_handler
strstr
memchr
strchr
memmove
memcmp
memset
wcsstr

vcruntime140_1

__CxxFrameHandler4

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

kernel32

GetLocalTime
ReadConsoleW
ReadConsoleA
ConvertThreadToFiberEx
ConvertFiberToThread
FindNextFileA
FindFirstFileA
FindClose
CreateFiberEx
DeleteFiber
SwitchToFiber
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitializeSRWLock
VerifyVersionInfoW
GetLastError
GetCommandLineW
GetCurrentProcessId
WaitForMultipleObjectsEx
CloseHandle
SetEvent
ResetEvent
CreateEventW
GetFileType
GetConsoleMode
SetConsoleMode
WriteConsoleW
GetConsoleScreenBufferInfo
GlobalFree
SetLastError
GetEnvironmentVariableW
DeviceIoControl
GetStdHandle
GetNamedPipeInfo
GetLocaleInfoA
GetUserDefaultLCID
GetProcAddress
GetModuleHandleA
GetCurrentProcess
GetCurrentThread
GetModuleHandleW
GlobalMemoryStatus
GetTimeZoneInformation
VirtualProtect
VirtualLock
VirtualAlloc
VirtualFree
VirtualQuery
CreateDirectoryW
RemoveDirectoryW
SetFileAttributesW
ReadFile
WriteFile
CreateFileW
DeleteFileW
FlushFileBuffers
GetFileSize
LockFileEx
SetEndOfFile
SetFilePointer
SetFileTime
UnlockFile
DuplicateHandle
SetErrorMode
GetSystemDirectoryW
FreeLibrary
LoadLibraryExW
ConnectNamedPipe
DisconnectNamedPipe
PeekNamedPipe
CreateNamedPipeW
GetOverlappedResult
WaitForSingleObject
CreateEventA
LocalAlloc
LocalFree
GetSystemInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFileAttributesW
GetFullPathNameW
MoveFileExW
CreateFileA
CreateNamedPipeA
GetNamedPipeHandleStateA
WaitForSingleObjectEx
TerminateProcess
GetExitCodeProcess
ResumeThread
CreateProcessW
OpenProcess
ReadProcessMemory
WriteProcessMemory
GetProcessAffinityMask
OutputDebugStringA
GetModuleFileNameW
GetCurrentThreadId
SetThreadPriority
ReleaseMutex
CreateMutexA
WaitForMultipleObjects
ClearCommBreak
ClearCommError
EscapeCommFunction
GetCommModemStatus
GetCommState
PurgeComm
SetCommBreak
SetCommMask
SetCommState
SetCommTimeouts
WaitCommEvent
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
GetThreadTimes
Sleep
FileTimeToLocalFileTime
GetSystemTime
VerSetConditionMask
GetVersion
GetTickCount
SystemTimeToFileTime
SetSystemTime
FileTimeToSystemTime
SetWaitableTimer
CancelWaitableTimer
TerminateThread
GetSystemTimeAsFileTime
CreateWaitableTimerA
TlsFree
CompareStringW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetConsoleCP
LoadLibraryW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
GetFullPathNameA
GetModuleFileNameA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
GetEnvironmentVariableA
MoveFileExA
FormatMessageW
QueryPerformanceFrequency
GetSystemDirectoryA
LoadLibraryA
LoadLibraryExA

rpcrt4

UuidCreate

ntdll

NtReadFile
RtlGetLastWin32Error
NtDuplicateObject
NtDeviceIoControlFile
NtSetTimerResolution
NtClearEvent
RtlAddAccessDeniedAce
RtlSubAuthoritySid
RtlInitializeSid
RtlAddAccessAllowedAce
NtCancelIoFile
RtlFreeUnicodeString
NtQuerySystemInformation
NtResetEvent
NtQueryTimerResolution
RtlEqualSid
NtCreateEvent
NtWaitForSingleObject
NtQueryInformationProcess
NtOpenProcess
NtQueryDirectoryObject
NtQueryInformationFile
NtOpenDirectoryObject
NtQueryObject
NtQueryVolumeInformationFile
NtSetInformationFile
NtClose
NtQueryDirectoryFile
NtCreateFile
RtlReleasePebLock
RtlAcquirePebLock
RtlGetVersion
NtSetEvent
NtQuerySecurityObject
NtQuerySection

api-ms-win-crt-string-l1-1-0

toupper
strncpy
strcmp
isdigit
tolower
strspn
_strdup
strpbrk
strcspn
isspace
strncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
fwrite
fflush
_open
ftell
__acrt_iob_func
_read
fputs
_lseeki64
fputc
__stdio_common_vsscanf
clearerr
fclose
setbuf
_dup
_write
fopen
_wfopen
_wopen
_getcwd
feof
ferror
_isatty
_close
_fileno
__stdio_common_vsprintf
fgets
_setmode
_open_osfhandle
_get_osfhandle
setvbuf
_ftelli64
_fseeki64
fseek
fread
fgetc

api-ms-win-crt-runtime-l1-1-0

__p___argv
_initterm
_seh_filter_dll
signal
strerror
__p___argc
_initterm_e
_beginthreadex
terminate
_cexit
_crt_atexit
_endthreadex
_execute_onexit_table
__sys_errlist
__sys_nerr
_register_onexit_function
_errno
_initialize_onexit_table
raise
_exit
_wassert
strerror_s
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-convert-l1-1-0

atoi
strtoul
strtol
wcstombs
strtod
_strtoi64

api-ms-win-crt-heap-l1-1-0

malloc
calloc
realloc
_aligned_malloc
_aligned_free
_callnewh
free

api-ms-win-crt-environment-l1-1-0

_wputenv_s
_wputenv
_putenv
_wgetenv
_putenv_s
getenv

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-math-l1-1-0

_fdopen

api-ms-win-crt-filesystem-l1-1-0

_access
_fstat64
_stat64
_unlink
_wstat64i32
_stat64i32
_fstat64i32

api-ms-win-crt-utility-l1-1-0

qsort
bsearch

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64
_gmtime64_s
strftime

ws2_32

WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSASetLastError
WSACreateEvent
WSACloseEvent
send
getsockopt
WSACleanup
setsockopt
WSAIoctl
ntohs
htons
__WSAFDIsSet
select
WSAGetLastError
accept
bind
getsockname
listen
WSAStartup
htonl
closesocket
connect
recv
socket
gethostbyname
ioctlsocket

Exports

Exports

??0AttributeNode@xml@@IEAA@PEBVElementNode@1@PEAVNode@1@PEAURTLISTNODE@@PEAU_xmlAttr@@@Z
??0ContentNode@xml@@IEAA@PEAVNode@1@PEAURTLISTNODE@@PEAU_xmlNode@@@Z
??0Document@xml@@QEAA@AEBV01@@Z
??0Document@xml@@QEAA@XZ
??0EDocumentNotEmpty@xml@@QEAA@$$QEAV01@@Z
??0EDocumentNotEmpty@xml@@QEAA@AEBV01@@Z
??0EDocumentNotEmpty@xml@@QEAA@PEBD@Z
??0EDocumentNotEmpty@xml@@QEAA@PEBDI0@Z
??0EIPRTFailure@xml@@QEAA@$$QEAV01@@Z
??0EIPRTFailure@xml@@QEAA@AEBV01@@Z
??0EIPRTFailure@xml@@QEAA@HPEBDZZ
??0EInvalidArg@xml@@QEAA@$$QEAV01@@Z
??0EInvalidArg@xml@@QEAA@AEBV01@@Z
??0EInvalidArg@xml@@QEAA@PEBD@Z
??0EInvalidArg@xml@@QEAA@PEBDI0@Z
??0ENodeIsNotElement@xml@@QEAA@$$QEAV01@@Z
??0ENodeIsNotElement@xml@@QEAA@AEBV01@@Z
??0ENodeIsNotElement@xml@@QEAA@PEBD@Z
??0ENodeIsNotElement@xml@@QEAA@PEBDI0@Z
??0ENotImplemented@xml@@QEAA@$$QEAV01@@Z
??0ENotImplemented@xml@@QEAA@AEBV01@@Z
??0ENotImplemented@xml@@QEAA@PEBD@Z
??0ENotImplemented@xml@@QEAA@PEBDI0@Z
??0ElementNode@xml@@IEAA@PEBV01@PEAVNode@1@PEAURTLISTNODE@@PEAU_xmlNode@@@Z
??0File@xml@@QEAA@PEAURTFILEINT@@PEBD_N@Z
??0File@xml@@QEAA@W4Mode@01@PEBD_N@Z
??0GlobalLock@xml@@QEAA@XZ
??0Input@xml@@QEAA@$$QEAV01@@Z
??0Input@xml@@QEAA@AEBV01@@Z
??0Input@xml@@QEAA@XZ
??0LogicError@xml@@QEAA@$$QEAV01@@Z
??0LogicError@xml@@QEAA@AEBV01@@Z
??0LogicError@xml@@QEAA@PEBD@Z
??0LogicError@xml@@QEAA@PEBDI0@Z
??0MemoryBuf@xml@@QEAA@PEBD_K0@Z
??0Node@xml@@IEAA@W4EnumType@01@PEAV01@PEAURTLISTNODE@@PEAU_xmlNode@@PEAU_xmlAttr@@@Z
??0NodesLoop@xml@@QEAA@AEBVElementNode@1@PEBD@Z
??0Output@xml@@QEAA@$$QEAV01@@Z
??0Output@xml@@QEAA@AEBV01@@Z
??0Output@xml@@QEAA@XZ
??0RTCError@@QEAA@AEBV0@@Z
??0RTCError@@QEAA@AEBVRTCString@@@Z
??0RTCError@@QEAA@PEBD@Z
??0RTCRestAnyObject@@QEAA@AEBV0@@Z
??0RTCRestAnyObject@@QEAA@XZ
??0RTCRestArrayBase@@QEAA@XZ
??0RTCRestBinary@@QEAA@XZ
??0RTCRestBinaryParameter@@QEAA@XZ
??0RTCRestBinaryResponse@@QEAA@XZ
??0RTCRestBool@@QEAA@AEBV0@@Z
??0RTCRestBool@@QEAA@XZ
??0RTCRestBool@@QEAA@_N@Z
??0RTCRestClientApiBase@@QEAA@XZ
??0RTCRestClientRequestBase@@QEAA@AEBV0@@Z
??0RTCRestClientRequestBase@@QEAA@XZ
??0RTCRestClientResponseBase@@QEAA@AEBV0@@Z
??0RTCRestClientResponseBase@@QEAA@XZ
??0RTCRestDataObject@@QEAA@AEBV0@@Z
??0RTCRestDataObject@@QEAA@XZ
??0RTCRestDate@@QEAA@AEBV0@@Z
??0RTCRestDate@@QEAA@XZ
??0RTCRestDouble@@QEAA@AEBV0@@Z
??0RTCRestDouble@@QEAA@N@Z
??0RTCRestDouble@@QEAA@XZ
??0RTCRestInt16@@QEAA@AEBV0@@Z
??0RTCRestInt16@@QEAA@F@Z
??0RTCRestInt16@@QEAA@XZ
??0RTCRestInt32@@QEAA@AEBV0@@Z
??0RTCRestInt32@@QEAA@H@Z
??0RTCRestInt32@@QEAA@XZ
??0RTCRestInt64@@QEAA@AEBV0@@Z
??0RTCRestInt64@@QEAA@XZ
??0RTCRestInt64@@QEAA@_J@Z
??0RTCRestJsonCursor@@QEAA@AEBU0@@Z
??0RTCRestJsonCursor@@QEAA@PEAURTJSONVALINT@@PEBD@Z
??0RTCRestJsonCursor@@QEAA@PEAURTJSONVALINT@@PEBDPEAU0@@Z
??0RTCRestJsonPrimaryCursor@@QEAA@AEBV0@@Z
??0RTCRestJsonPrimaryCursor@@QEAA@PEAURTJSONVALINT@@PEBDPEAURTERRINFO@@@Z
??0RTCRestObjectBase@@QEAA@AEBV0@@Z
??0RTCRestObjectBase@@QEAA@XZ
??0RTCRestOutputBase@@QEAA@AEBV0@@Z
??0RTCRestOutputBase@@QEAA@XZ
??0RTCRestOutputPrettyBase@@QEAA@AEBV0@@Z
??0RTCRestOutputPrettyBase@@QEAA@XZ
??0RTCRestOutputPrettyToString@@QEAA@AEBV0@@Z
??0RTCRestOutputPrettyToString@@QEAA@PEAVRTCString@@_N@Z
??0RTCRestOutputToString@@QEAA@PEAVRTCString@@_N@Z
??0RTCRestPolyDataObject@@QEAA@AEBV0@@Z
??0RTCRestPolyDataObject@@QEAA@XZ
??0RTCRestString@@QEAA@AEBV0@@Z
??0RTCRestString@@QEAA@AEBVRTCString@@@Z
??0RTCRestString@@QEAA@PEBD@Z
??0RTCRestString@@QEAA@XZ
??0RTCRestStringEnumBase@@QEAA@AEBV0@@Z
??0RTCRestStringEnumBase@@QEAA@XZ
??0RTCRestStringMapBase@@QEAA@XZ
??0RTCString@@QEAA@AEBV0@@Z
??0RTCString@@QEAA@AEBV0@_K1@Z
??0RTCString@@QEAA@PEBD@Z
??0RTCString@@QEAA@PEBDPEAD@Z
??0RTCString@@QEAA@PEBD_K@Z
??0RTCString@@QEAA@XZ
??0RTCString@@QEAA@_KD@Z
??0RuntimeError@xml@@QEAA@$$QEAV01@@Z
??0RuntimeError@xml@@QEAA@AEBV01@@Z
??0RuntimeError@xml@@QEAA@PEBD@Z
??0Stream@xml@@QEAA@AEBV01@@Z
??0Stream@xml@@QEAA@XZ
??0XmlError@xml@@QEAA@$$QEAV01@@Z
??0XmlError@xml@@QEAA@AEBV01@@Z
??0XmlError@xml@@QEAA@PEAU_xmlError@@@Z
??0XmlFileParser@xml@@QEAA@XZ
??0XmlFileWriter@xml@@QEAA@AEAVDocument@1@@Z
??0XmlMemParser@xml@@QEAA@XZ
??0XmlMemWriter@xml@@QEAA@XZ
??0XmlParserBase@xml@@IEAA@XZ
??0XmlStringWriter@xml@@QEAA@XZ
??1AttributeNode@xml@@UEAA@XZ
??1ContentNode@xml@@UEAA@XZ
??1Document@xml@@QEAA@XZ
??1EDocumentNotEmpty@xml@@UEAA@XZ
??1EIPRTFailure@xml@@UEAA@XZ
??1EInvalidArg@xml@@UEAA@XZ
??1ENodeIsNotElement@xml@@UEAA@XZ
??1ENotImplemented@xml@@UEAA@XZ
??1ElementNode@xml@@UEAA@XZ
??1File@xml@@UEAA@XZ
??1GlobalLock@xml@@QEAA@XZ
??1Input@xml@@UEAA@XZ
??1LogicError@xml@@UEAA@XZ
??1MemoryBuf@xml@@UEAA@XZ
??1Node@xml@@UEAA@XZ
??1NodesLoop@xml@@QEAA@XZ
??1Output@xml@@UEAA@XZ
??1RTCError@@UEAA@XZ
??1RTCRestAnyObject@@UEAA@XZ
??1RTCRestArrayBase@@UEAA@XZ
??1RTCRestBinary@@UEAA@XZ
??1RTCRestBinaryParameter@@UEAA@XZ
??1RTCRestBinaryResponse@@UEAA@XZ
??1RTCRestBool@@UEAA@XZ
??1RTCRestClientApiBase@@UEAA@XZ
??1RTCRestClientRequestBase@@UEAA@XZ
??1RTCRestClientResponseBase@@UEAA@XZ
??1RTCRestDataObject@@UEAA@XZ
??1RTCRestDate@@UEAA@XZ
??1RTCRestDouble@@UEAA@XZ
??1RTCRestInt16@@UEAA@XZ
??1RTCRestInt32@@UEAA@XZ
??1RTCRestInt64@@UEAA@XZ
??1RTCRestJsonCursor@@QEAA@XZ
??1RTCRestJsonPrimaryCursor@@UEAA@XZ
??1RTCRestObjectBase@@UEAA@XZ
??1RTCRestOutputBase@@UEAA@XZ
??1RTCRestOutputPrettyBase@@UEAA@XZ
??1RTCRestOutputPrettyToString@@UEAA@XZ
??1RTCRestOutputToString@@UEAA@XZ
??1RTCRestPolyDataObject@@UEAA@XZ
??1RTCRestString@@UEAA@XZ
??1RTCRestStringEnumBase@@UEAA@XZ
??1RTCRestStringMapBase@@UEAA@XZ
??1RTCString@@UEAA@XZ
??1RuntimeError@xml@@UEAA@XZ
??1Stream@xml@@UEAA@XZ
??1XmlError@xml@@UEAA@XZ
??1XmlFileParser@xml@@QEAA@XZ
??1XmlFileWriter@xml@@QEAA@XZ
??1XmlMemParser@xml@@QEAA@XZ
??1XmlMemWriter@xml@@QEAA@XZ
??1XmlParserBase@xml@@IEAA@XZ
??4AttributeNode@xml@@QEAAAEAV01@AEBV01@@Z
??4ContentNode@xml@@QEAAAEAV01@AEBV01@@Z
??4Document@xml@@QEAAAEAV01@AEBV01@@Z
??4EDocumentNotEmpty@xml@@QEAAAEAV01@$$QEAV01@@Z
??4EDocumentNotEmpty@xml@@QEAAAEAV01@AEBV01@@Z
??4EIPRTFailure@xml@@QEAAAEAV01@$$QEAV01@@Z
??4EIPRTFailure@xml@@QEAAAEAV01@AEBV01@@Z
??4EInvalidArg@xml@@QEAAAEAV01@$$QEAV01@@Z
??4EInvalidArg@xml@@QEAAAEAV01@AEBV01@@Z
??4ENodeIsNotElement@xml@@QEAAAEAV01@$$QEAV01@@Z
??4ENodeIsNotElement@xml@@QEAAAEAV01@AEBV01@@Z
??4ENotImplemented@xml@@QEAAAEAV01@$$QEAV01@@Z
??4ENotImplemented@xml@@QEAAAEAV01@AEBV01@@Z
??4ElementNode@xml@@QEAAAEAV01@AEBV01@@Z
??4GlobalLock@xml@@QEAAAEAV01@AEBV01@@Z
??4Input@xml@@QEAAAEAV01@$$QEAV01@@Z
??4Input@xml@@QEAAAEAV01@AEBV01@@Z
??4LogicError@xml@@QEAAAEAV01@$$QEAV01@@Z
??4LogicError@xml@@QEAAAEAV01@AEBV01@@Z
??4Node@xml@@QEAAAEAV01@AEBV01@@Z
??4NodesLoop@xml@@QEAAAEAV01@AEBV01@@Z
??4Output@xml@@QEAAAEAV01@$$QEAV01@@Z
??4Output@xml@@QEAAAEAV01@AEBV01@@Z
??4RTCError@@QEAAXAEBV0@@Z
??4RTCRestAnyObject@@QEAAAEAV0@AEBV0@@Z
??4RTCRestBool@@QEAAAEAV0@AEBV0@@Z
??4RTCRestClientRequestBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestClientResponseBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestDataObject@@IEAAAEAV0@AEBV0@@Z
??4RTCRestDate@@QEAAAEAV0@AEBV0@@Z
??4RTCRestDouble@@QEAAAEAV0@AEBV0@@Z
??4RTCRestInt16@@QEAAAEAV0@AEBV0@@Z
??4RTCRestInt32@@QEAAAEAV0@AEBV0@@Z
??4RTCRestInt64@@QEAAAEAV0@AEBV0@@Z
??4RTCRestJsonCursor@@QEAAAEAU0@AEBU0@@Z
??4RTCRestJsonPrimaryCursor@@QEAAAEAV0@AEBV0@@Z
??4RTCRestObjectBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestOutputBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestOutputPrettyBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestOutputPrettyToString@@QEAAAEAV0@AEBV0@@Z
??4RTCRestPolyDataObject@@IEAAAEAV0@AEBV0@@Z
??4RTCRestString@@QEAAAEAV0@AEBV0@@Z
??4RTCRestString@@QEAAAEAV0@AEBVRTCString@@@Z
??4RTCRestString@@QEAAAEAV0@PEBD@Z
??4RTCRestStringEnumBase@@QEAAAEAV0@AEBV0@@Z
??4RTCString@@QEAAAEAV0@AEBV0@@Z
??4RTCString@@QEAAAEAV0@PEBD@Z
??4RuntimeError@xml@@QEAAAEAV01@$$QEAV01@@Z
??4RuntimeError@xml@@QEAAAEAV01@AEBV01@@Z
??4Stream@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlError@xml@@QEAAAEAV01@$$QEAV01@@Z
??4XmlError@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlFileParser@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlFileWriter@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlMemParser@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlMemWriter@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlParserBase@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlStringWriter@xml@@QEAAAEAV01@$$QEAV01@@Z
??4XmlStringWriter@xml@@QEAAAEAV01@AEBV01@@Z
??8RTCString@@QEBA_NAEBV0@@Z
??8RTCString@@QEBA_NPEBD@Z
??9RTCString@@QEBA_NAEBV0@@Z
??9RTCString@@QEBA_NPEBD@Z
??ARTCString@@QEBAD_K@Z
??H@YA?BVRTCString@@AEBV0@0@Z
??H@YA?BVRTCString@@AEBV0@PEBD@Z
??H@YA?BVRTCString@@PEBDAEBV0@@Z
??MRTCString@@QEBA_NAEBV0@@Z
??MRTCString@@QEBA_NPEBD@Z
??ORTCString@@QEBA_NAEBV0@@Z
??ORTCString@@QEBA_NPEBD@Z
??YRTCString@@QEAAAEAV0@AEBV0@@Z
??YRTCString@@QEAAAEAV0@D@Z
??YRTCString@@QEAAAEAV0@PEBD@Z
??_7AttributeNode@xml@@6B@
??_7ContentNode@xml@@6B@
??_7EDocumentNotEmpty@xml@@6B@
??_7EIPRTFailure@xml@@6B@
??_7EInvalidArg@xml@@6B@
??_7ENodeIsNotElement@xml@@6B@
??_7ENotImplemented@xml@@6B@
??_7ElementNode@xml@@6B@
??_7File@xml@@6BInput@1@@
??_7File@xml@@6BOutput@1@@
??_7File@xml@@6BStream@1@@
??_7Input@xml@@6B01@@
??_7Input@xml@@6BStream@1@@
??_7LogicError@xml@@6B@
??_7MemoryBuf@xml@@6BInput@1@@
??_7MemoryBuf@xml@@6BStream@1@@
??_7Node@xml@@6B@
??_7Output@xml@@6B01@@
??_7Output@xml@@6BStream@1@@
??_7RTCError@@6B@
??_7RTCRestAnyObject@@6B@
??_7RTCRestArrayBase@@6B@
??_7RTCRestBinary@@6B@
??_7RTCRestBinaryParameter@@6B@
??_7RTCRestBinaryResponse@@6B@
??_7RTCRestBool@@6B@
??_7RTCRestClientApiBase@@6B@
??_7RTCRestClientRequestBase@@6B@
??_7RTCRestClientResponseBase@@6B@
??_7RTCRestDataObject@@6B@
??_7RTCRestDate@@6B@
??_7RTCRestDouble@@6B@
??_7RTCRestInt16@@6B@
??_7RTCRestInt32@@6B@
??_7RTCRestInt64@@6B@
??_7RTCRestJsonPrimaryCursor@@6B@
??_7RTCRestObjectBase@@6B@
??_7RTCRestOutputBase@@6B@
??_7RTCRestOutputPrettyBase@@6B@
??_7RTCRestOutputPrettyToString@@6B@
??_7RTCRestOutputToString@@6B@
??_7RTCRestPolyDataObject@@6B@
??_7RTCRestString@@6BRTCRestObjectBase@@@
??_7RTCRestString@@6BRTCString@@@
??_7RTCRestStringEnumBase@@6B@
??_7RTCRestStringMapBase@@6B@
??_7RTCString@@6B@
??_7RuntimeError@xml@@6B@
??_7Stream@xml@@6B@
??_7XmlError@xml@@6B@
??_8File@xml@@7BInput@1@@
??_8File@xml@@7BOutput@1@@
??_8MemoryBuf@xml@@7B@
??_DFile@xml@@QEAAXXZ
??_DMemoryBuf@xml@@QEAAXXZ
??_FEDocumentNotEmpty@xml@@QEAAXXZ
??_FEInvalidArg@xml@@QEAAXXZ
??_FENodeIsNotElement@xml@@QEAAXXZ
??_FENotImplemented@xml@@QEAAXXZ
??_FLogicError@xml@@QEAAXXZ
??_FRuntimeError@xml@@QEAAXXZ
?CloseCallback@XmlFileParser@xml@@CAHPEAX@Z
?CloseCallback@XmlFileWriter@xml@@SAHPEAX@Z
?CloseCallback@XmlStringWriter@xml@@CAHPEAX@Z
?Format@XmlError@xml@@SAPEADPEAU_xmlError@@@Z
?RTAsn1VideotexString_CheckSanity@@YAHPEBURTASN1STRING@@IPEAURTERRINFO@@PEBD@Z
?RTAsn1VideotexString_Clone@@YAHPEAURTASN1STRING@@PEBU1@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTAsn1VideotexString_Compare@@YAHPEBURTASN1STRING@@0@Z
?RTAsn1VideotexString_DecodeAsn1@@YAHPEAURTASN1CURSOR@@IPEAURTASN1STRING@@PEBD@Z
?RTAsn1VideotexString_Delete@@YAXPEAURTASN1STRING@@@Z
?RTAsn1VideotexString_Enum@@YAHPEAURTASN1STRING@@P6AHPEAURTASN1CORE@@PEBDIPEAX@_EI3@Z
?RTAsn1VideotexString_Init@@YAHPEAURTASN1STRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrKeyCreateFromPemSection@@YAHPEAPEAURTCRKEYINT@@PEBURTCRPEMSECTION@@IPEBDPEAURTERRINFO@@2@Z
?RTCrPkcs7ContentInfo_SetContent@@YAHPEAURTCRPKCS7CONTENTINFO@@PEBURTASN1OCTETSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrPkcs8PrivateKeyInfo_SetAttributes@@YAHPEAURTCRPKCS8PRIVATEKEYINFO@@PEBURTCRPKCS7ATTRIBUTES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrRsaPrivateKey_SetOtherPrimeInfos@@YAHPEAURTCRRSAPRIVATEKEY@@PEBURTCRRSAOTHERPRIMEINFOS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrStoreCertAddPkcs7@@YAHPEAURTCRSTOREINT@@IPEAURTCRPKCS7CERT@@PEAURTERRINFO@@@Z
?RTCrTafCertPathControls_SetCertificate@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTCRX509CERTIFICATE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafCertPathControls_SetNameConstr@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTCRX509NAMECONSTRAINTS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafCertPathControls_SetPathLenConstraint@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafCertPathControls_SetPolicyFlags@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTASN1BITSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafCertPathControls_SetPolicySet@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTCRX509CERTIFICATEPOLICIES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorChoice_SetCertificate@@YAHPEAURTCRTAFTRUSTANCHORCHOICE@@PEBURTCRX509CERTIFICATE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorChoice_SetTaInfo@@YAHPEAURTCRTAFTRUSTANCHORCHOICE@@PEBURTCRTAFTRUSTANCHORINFO@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorChoice_SetTbsCert@@YAHPEAURTCRTAFTRUSTANCHORCHOICE@@PEBURTCRX509TBSCERTIFICATE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorInfo_SetCertPath@@YAHPEAURTCRTAFTRUSTANCHORINFO@@PEBURTCRTAFCERTPATHCONTROLS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorInfo_SetExts@@YAHPEAURTCRTAFTRUSTANCHORINFO@@PEBURTCRX509EXTENSIONS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorInfo_SetVersion@@YAHPEAURTCRTAFTRUSTANCHORINFO@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspAccuracy_SetMicros@@YAHPEAURTCRTSPACCURACY@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspAccuracy_SetMillis@@YAHPEAURTCRTSPACCURACY@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspAccuracy_SetSeconds@@YAHPEAURTCRTSPACCURACY@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetAccuracy@@YAHPEAURTCRTSPTSTINFO@@PEBURTCRTSPACCURACY@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetExtensions@@YAHPEAURTCRTSPTSTINFO@@PEBURTCRX509EXTENSION@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetNonce@@YAHPEAURTCRTSPTSTINFO@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetOrdering@@YAHPEAURTCRTSPTSTINFO@@PEBURTASN1BOOLEAN@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetTsa@@YAHPEAURTCRTSPTSTINFO@@PEBURTCRX509GENERALNAME@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509AttributeTypeAndValue_MatchAsRdnByRfc5280@@YA_NPEBURTCRX509ATTRIBUTETYPEANDVALUE@@0@Z
?RTCrX509AuthorityKeyIdentifier_SetAuthorityCertIssuer@@YAHPEAURTCRX509AUTHORITYKEYIDENTIFIER@@PEBURTCRX509GENERALNAMES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509AuthorityKeyIdentifier_SetAuthorityCertSerialNumber@@YAHPEAURTCRX509AUTHORITYKEYIDENTIFIER@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509AuthorityKeyIdentifier_SetKeyIdentifier@@YAHPEAURTCRX509AUTHORITYKEYIDENTIFIER@@PEBURTASN1OCTETSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509BasicConstraints_SetCA@@YAHPEAURTCRX509BASICCONSTRAINTS@@PEBURTASN1BOOLEAN@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509BasicConstraints_SetPathLenConstraint@@YAHPEAURTCRX509BASICCONSTRAINTS@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509Extension_SetCritical@@YAHPEAURTCRX509EXTENSION@@PEBURTASN1BOOLEAN@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetDirectoryName@@YAHPEAURTCRX509GENERALNAME@@PEBURTCRX509NAME@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetDnsType@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1STRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetEdiPartyName@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1DYNTYPE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetIpAddress@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1OCTETSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetOtherName@@YAHPEAURTCRX509GENERALNAME@@PEBURTCRX509OTHERNAME@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetRegisteredId@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1OBJID@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetRfc822@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1STRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetUri@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1STRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetX400Address@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1DYNTYPE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralSubtree_SetMaximum@@YAHPEAURTCRX509GENERALSUBTREE@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralSubtree_SetMinimum@@YAHPEAURTCRX509GENERALSUBTREE@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509NameConstraints_SetExcludedSubtrees@@YAHPEAURTCRX509NAMECONSTRAINTS@@PEBURTCRX509GENERALSUBTREES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509NameConstraints_SetPermittedSubtrees@@YAHPEAURTCRX509NAMECONSTRAINTS@@PEBURTCRX509GENERALSUBTREES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509OldAuthorityKeyIdentifier_SetAuthorityCertIssuer@@YAHPEAURTCRX509OLDAUTHORITYKEYIDENTIFIER@@PEBURTCRX509NAME@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509OldAuthorityKeyIdentifier_SetAuthorityCertSerialNumber@@YAHPEAURTCRX509OLDAUTHORITYKEYIDENTIFIER@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509OldAuthorityKeyIdentifier_SetKeyIdentifier@@YAHPEAURTCRX509OLDAUTHORITYKEYIDENTIFIER@@PEBURTASN1OCTETSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509PolicyConstraints_SetInhibitPolicyMapping@@YAHPEAURTCRX509POLICYCONSTRAINTS@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509PolicyConstraints_SetRequireExplicitPolicy@@YAHPEAURTCRX509POLICYCONSTRAINTS@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509PolicyInformation_SetPolicyQualifiers@@YAHPEAURTCRX509POLICYINFORMATION@@PEBURTCRX509POLICYQUALIFIERINFOS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509RelativeDistinguishedName_MatchByRfc5280@@YA_NPEBURTCRX509ATTRIBUTETYPEANDVALUES@@0@Z
?RTCrX509TbsCertificate_SetExtensions@@YAHPEAURTCRX509TBSCERTIFICATE@@PEBURTCRX509EXTENSIONS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509TbsCertificate_SetIssuerUniqueId@@YAHPEAURTCRX509TBSCERTIFICATE@@PEBURTASN1BITSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509TbsCertificate_SetSubjectUniqueId@@YAHPEAURTCRX509TBSCERTIFICATE@@PEBURTASN1BITSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509TbsCertificate_SetVersion@@YAHPEAURTCRX509TBSCERTIFICATE@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTLdrOpenVfsChainkLdr@@YAHPEBDIW4RTLDRARCH@@PEAPEAURTLDRMODINTERNAL@@PEAIPEAURTERRINFO@@@Z
?RTVfsLockRetainDebug@@YAIPEAURTVFSLOCKINTERNAL@@PEBDI1@Z
?RTZipTarFsStreamSetModTime@@YAHPEAURTVFSFSSTREAMINTERNAL@@PEBURTTIMESPEC@@@Z
?ReadCallback@XmlFileParser@xml@@CAHPEAXPEADH@Z
?WriteCallback@XmlFileWriter@xml@@SAHPEAXPEBDH@Z
?WriteCallbackForReal@XmlStringWriter@xml@@CAHPEAXPEBDH@Z
?WriteCallbackForSize@XmlStringWriter@xml@@CAHPEAXPEBDH@Z
?addContent@ElementNode@xml@@QEAAPEAVContentNode@2@AEBVRTCString@@@Z
?addContent@ElementNode@xml@@QEAAPEAVContentNode@2@PEBD@Z
?addError@RTCRestClientResponseBase@@IEAAHHPEBDZZ
?addError@RTCRestJsonPrimaryCursor@@UEAAHAEBURTCRestJsonCursor@@HPEBDZZ
?append@RTCString@@QEAAAEAV1@AEBV1@@Z
?append@RTCString@@QEAAAEAV1@AEBV1@_K1@Z
?append@RTCString@@QEAAAEAV1@D@Z
?append@RTCString@@QEAAAEAV1@PEBD@Z
?append@RTCString@@QEAAAEAV1@PEBD_K@Z
?appendCodePoint@RTCString@@QEAAAEAV1@I@Z
?appendCodePointNoThrow@RTCString@@QEAAHI@Z
?appendNoThrow@RTCString@@QEAAHAEBV1@@Z
?appendNoThrow@RTCString@@QEAAHAEBV1@_K1@Z
?appendNoThrow@RTCString@@QEAAHD@Z
?appendNoThrow@RTCString@@QEAAHPEBD@Z
?appendNoThrow@RTCString@@QEAAHPEBD_K@Z
?appendPrintf@RTCString@@QEAAAEAV1@PEBDZZ
?appendPrintfNoThrow@RTCString@@QEAAHPEBDZZ
?appendPrintfV@RTCString@@QEAAAEAV1@PEBDPEAD@Z
?appendPrintfVNoThrow@RTCString@@QEAAHPEBDPEAD@Z
?appendWorker@RTCString@@IEAAAEAV1@PEBD_K@Z
?appendWorkerNoThrow@RTCString@@IEAAHPEBD_K@Z
?assign@RTCRestString@@QEAAAEAV1@AEBVRTCString@@@Z
?assign@RTCRestString@@QEAAAEAV1@AEBVRTCString@@_K1@Z
?assign@RTCRestString@@QEAAAEAV1@PEBD@Z
?assign@RTCRestString@@QEAAAEAV1@PEBD_K@Z
?assign@RTCRestString@@QEAAAEAV1@_KD@Z
?assign@RTCString@@QEAAAEAV1@AEBV1@@Z
?assign@RTCString@@QEAAAEAV1@AEBV1@_K1@Z
?assign@RTCString@@QEAAAEAV1@PEBD@Z
?assign@RTCString@@QEAAAEAV1@PEBD_K@Z
?assign@RTCString@@QEAAAEAV1@_KD@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBV1@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBV?$RTCRestArray@VRTCRestAnyObject@@@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBV?$RTCRestStringMap@VRTCRestAnyObject@@@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestBool@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestDouble@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestInt16@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestInt32@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestInt64@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestString@@@Z
?assignCopy@RTCRestBinary@@UEAAHAEBV1@@Z
?assignCopy@RTCRestBinary@@UEAAHPEBX_K@Z
?assignCopy@RTCRestBinaryParameter@@UEAAHAEBV1@@Z
?assignCopy@RTCRestBinaryParameter@@UEAAHAEBVRTCRestBinary@@@Z
?assignCopy@RTCRestBinaryParameter@@UEAAHPEBX_K@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHAEBV1@@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHAEBVRTCRestBinary@@@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHPEBX_K@Z
?assignCopy@RTCRestBool@@QEAAHAEBV1@@Z
?assignCopy@RTCRestDataObject@@MEAAHAEBV1@@Z
?assignCopy@RTCRestDate@@QEAAHAEBV1@@Z
?assignCopy@RTCRestDouble@@QEAAHAEBV1@@Z
?assignCopy@RTCRestInt16@@QEAAHAEBV1@@Z
?assignCopy@RTCRestInt32@@QEAAHAEBV1@@Z
?assignCopy@RTCRestInt64@@QEAAHAEBV1@@Z
?assignCopy@RTCRestString@@QEAAHAEBV1@@Z
?assignCopy@RTCRestString@@QEAAHAEBVRTCString@@@Z
?assignCopy@RTCRestString@@QEAAHPEBD@Z
?assignCopy@RTCRestStringEnumBase@@QEAAHAEBV1@@Z
?assignCopy@RTCRestStringEnumBase@@QEAAHAEBVRTCString@@@Z
?assignCopy@RTCRestStringEnumBase@@QEAAHPEBD@Z
?assignNoThrow@RTCRestString@@QEAAHAEBVRTCString@@@Z
?assignNoThrow@RTCRestString@@QEAAHAEBVRTCString@@_K1@Z
?assignNoThrow@RTCRestString@@QEAAHPEBD@Z
?assignNoThrow@RTCRestString@@QEAAHPEBD_K@Z
?assignNoThrow@RTCRestString@@QEAAH_KD@Z
?assignNoThrow@RTCString@@QEAAHAEBV1@@Z
?assignNoThrow@RTCString@@QEAAHAEBV1@_K1@Z
?assignNoThrow@RTCString@@QEAAHPEBD@Z
?assignNoThrow@RTCString@@QEAAHPEBD_K@Z
?assignNoThrow@RTCString@@QEAAH_KD@Z
?assignNow@RTCRestDate@@QEAAHW4kFormat@1@@Z
?assignNowRfc2822@RTCRestDate@@QEAAHXZ
?assignNowRfc3339@RTCRestDate@@QEAAHXZ
?assignNowRfc7131@RTCRestDate@@QEAAHXZ
?assignReadOnly@RTCRestBinary@@UEAAHPEBX_K@Z
?assignReadOnly@RTCRestBinaryParameter@@UEAAHPEBX_K@Z
?assignReadOnly@RTCRestBinaryResponse@@UEAAHPEBX_K@Z
?assignValue@RTCRestAnyObject@@QEAAHAEBVRTCString@@@Z
?assignValue@RTCRestAnyObject@@QEAAHF@Z
?assignValue@RTCRestAnyObject@@QEAAHH@Z
?assignValue@RTCRestAnyObject@@QEAAHN@Z
?assignValue@RTCRestAnyObject@@QEAAHPEBD@Z
?assignValue@RTCRestAnyObject@@QEAAH_J@Z
?assignValue@RTCRestAnyObject@@QEAAH_N@Z
?assignValue@RTCRestBool@@QEAAX_N@Z
?assignValue@RTCRestDate@@QEAAHPEBURTTIMESPEC@@W4kFormat@1@@Z
?assignValue@RTCRestDouble@@QEAAXN@Z
?assignValue@RTCRestInt16@@QEAAXF@Z
?assignValue@RTCRestInt32@@QEAAXH@Z
?assignValue@RTCRestInt64@@QEAAX_J@Z
?assignValueRfc2822@RTCRestDate@@QEAAHPEBURTTIMESPEC@@@Z
?assignValueRfc3339@RTCRestDate@@QEAAHPEBURTTIMESPEC@@@Z
?assignValueRfc7131@RTCRestDate@@QEAAHPEBURTTIMESPEC@@@Z
?assignWriteable@RTCRestBinary@@UEAAHPEAX_K@Z
?assignWriteable@RTCRestBinaryParameter@@UEAAHPEAX_K@Z
?assignWriteable@RTCRestBinaryResponse@@UEAAHPEAX_K@Z
?atBase@RTCRestArrayBase@@QEAAPEAVRTCRestObjectBase@@_K@Z
?atBase@RTCRestArrayBase@@QEBAPEBVRTCRestObjectBase@@_K@Z
?baseClone@RTCRestAnyObject@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestArrayBase@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBinary@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBinaryParameter@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBinaryResponse@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBool@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestDate@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestDouble@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestInt16@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestInt32@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestInt64@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestString@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestStringMapBase@@UEBAPEAVRTCRestObjectBase@@XZ
?begin@RTCRestStringMapBase@@QEBA?AVConstIterator@1@XZ
?beginArray@RTCRestOutputBase@@UEAAIXZ
?beginArray@RTCRestOutputPrettyBase@@UEAAIXZ
?beginObject@RTCRestOutputBase@@UEAAIXZ
?beginObject@RTCRestOutputPrettyBase@@UEAAIXZ
?buildChildren@ElementNode@xml@@KAXPEAV12@@Z
?c_str@RTCString@@QEBAPEBDXZ
?callDefaultLoader@GlobalLock@xml@@SAPEAU_xmlParserInput@@PEBD0PEAU_xmlParserCtxt@@@Z
?capacity@RTCString@@QEBA_KXZ

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zero
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kiwi REBORN (free)/Inj.dll
.dll windows:6 windows x64 arch:x64

Password: key_afg

850ed9fffc9a75f2316a2b644c3389db

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/12/2013, 00:00

Not After

22/12/2016, 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01/01/2014, 00:00

Not After

31/12/2014, 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/02/2021, 00:00

Not After

16/04/2024, 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e0:1c:47:2f:33:77:cb:24:86:e5:e2:61:b5:19:1e:bc:e0:8a:17:fe:33:f9:8f:2e:aa:a6:88:97:28:c9:05:c5
Signer

Actual PE Digest

e0:1c:47:2f:33:77:cb:24:86:e5:e2:61:b5:19:1e:bc:e0:8a:17:fe:33:f9:8f:2e:aa:a6:88:97:28:c9:05:c5

Digest Algorithm

sha256

PE Digest Matches

true

1e:63:86:b8:16:95:ec:b3:10:3b:b5:ce:f2:fb:d8:b3:87:6d:35:e6
Signer

Actual PE Digest

1e:63:86:b8:16:95:ec:b3:10:3b:b5:ce:f2:fb:d8:b3:87:6d:35:e6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\tinderboxa\win-7.0\out\win.amd64\release\obj\VBoxRT\VBoxRT.pdb

Imports

vcruntime140

memcpy
__std_type_info_destroy_list
__current_exception_context
_purecall
strrchr
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__current_exception
__C_specific_handler
strstr
memchr
strchr
memmove
memcmp
memset
wcsstr

vcruntime140_1

__CxxFrameHandler4

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

kernel32

GetLocalTime
ReadConsoleW
ReadConsoleA
ConvertThreadToFiberEx
ConvertFiberToThread
FindNextFileA
FindFirstFileA
FindClose
CreateFiberEx
DeleteFiber
SwitchToFiber
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared
ReleaseSRWLockExclusive
InitializeSRWLock
VerifyVersionInfoW
GetLastError
GetCommandLineW
GetCurrentProcessId
WaitForMultipleObjectsEx
CloseHandle
SetEvent
ResetEvent
CreateEventW
GetFileType
GetConsoleMode
SetConsoleMode
WriteConsoleW
GetConsoleScreenBufferInfo
GlobalFree
SetLastError
GetEnvironmentVariableW
DeviceIoControl
GetStdHandle
GetNamedPipeInfo
GetLocaleInfoA
GetUserDefaultLCID
GetProcAddress
GetModuleHandleA
GetCurrentProcess
GetCurrentThread
GetModuleHandleW
GlobalMemoryStatus
GetTimeZoneInformation
VirtualProtect
VirtualLock
VirtualAlloc
VirtualFree
VirtualQuery
CreateDirectoryW
RemoveDirectoryW
SetFileAttributesW
ReadFile
WriteFile
CreateFileW
DeleteFileW
FlushFileBuffers
GetFileSize
LockFileEx
SetEndOfFile
SetFilePointer
SetFileTime
UnlockFile
DuplicateHandle
SetErrorMode
GetSystemDirectoryW
FreeLibrary
LoadLibraryExW
ConnectNamedPipe
DisconnectNamedPipe
PeekNamedPipe
CreateNamedPipeW
GetOverlappedResult
WaitForSingleObject
CreateEventA
LocalAlloc
LocalFree
GetSystemInfo
SetCurrentDirectoryW
GetCurrentDirectoryW
GetFileAttributesW
GetFullPathNameW
MoveFileExW
CreateFileA
CreateNamedPipeA
GetNamedPipeHandleStateA
WaitForSingleObjectEx
TerminateProcess
GetExitCodeProcess
ResumeThread
CreateProcessW
OpenProcess
ReadProcessMemory
WriteProcessMemory
GetProcessAffinityMask
OutputDebugStringA
GetModuleFileNameW
GetCurrentThreadId
SetThreadPriority
ReleaseMutex
CreateMutexA
WaitForMultipleObjects
ClearCommBreak
ClearCommError
EscapeCommFunction
GetCommModemStatus
GetCommState
PurgeComm
SetCommBreak
SetCommMask
SetCommState
SetCommTimeouts
WaitCommEvent
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
RaiseException
TlsAlloc
TlsGetValue
TlsSetValue
GetThreadTimes
Sleep
FileTimeToLocalFileTime
GetSystemTime
VerSetConditionMask
GetVersion
GetTickCount
SystemTimeToFileTime
SetSystemTime
FileTimeToSystemTime
SetWaitableTimer
CancelWaitableTimer
TerminateThread
GetSystemTimeAsFileTime
CreateWaitableTimerA
TlsFree
CompareStringW
MultiByteToWideChar
WideCharToMultiByte
GetACP
GetConsoleCP
LoadLibraryW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
QueryPerformanceCounter
InitializeSListHead
GetFullPathNameA
GetModuleFileNameA
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
GetEnvironmentVariableA
MoveFileExA
FormatMessageW
QueryPerformanceFrequency
GetSystemDirectoryA
LoadLibraryA
LoadLibraryExA

rpcrt4

UuidCreate

ntdll

NtReadFile
RtlGetLastWin32Error
NtDuplicateObject
NtDeviceIoControlFile
NtSetTimerResolution
NtClearEvent
RtlAddAccessDeniedAce
RtlSubAuthoritySid
RtlInitializeSid
RtlAddAccessAllowedAce
NtCancelIoFile
RtlFreeUnicodeString
NtQuerySystemInformation
NtResetEvent
NtQueryTimerResolution
RtlEqualSid
NtCreateEvent
NtWaitForSingleObject
NtQueryInformationProcess
NtOpenProcess
NtQueryDirectoryObject
NtQueryInformationFile
NtOpenDirectoryObject
NtQueryObject
NtQueryVolumeInformationFile
NtSetInformationFile
NtClose
NtQueryDirectoryFile
NtCreateFile
RtlReleasePebLock
RtlAcquirePebLock
RtlGetVersion
NtSetEvent
NtQuerySecurityObject
NtQuerySection

api-ms-win-crt-string-l1-1-0

toupper
strncpy
strcmp
isdigit
tolower
strspn
_strdup
strpbrk
strcspn
isspace
strncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
fwrite
fflush
_open
ftell
__acrt_iob_func
_read
fputs
_lseeki64
fputc
__stdio_common_vsscanf
clearerr
fclose
setbuf
_dup
_write
fopen
_wfopen
_wopen
_getcwd
feof
ferror
_isatty
_close
_fileno
__stdio_common_vsprintf
fgets
_setmode
_open_osfhandle
_get_osfhandle
setvbuf
_ftelli64
_fseeki64
fseek
fread
fgetc

api-ms-win-crt-runtime-l1-1-0

__p___argv
_initterm
_seh_filter_dll
signal
strerror
__p___argc
_initterm_e
_beginthreadex
terminate
_cexit
_crt_atexit
_endthreadex
_execute_onexit_table
__sys_errlist
__sys_nerr
_register_onexit_function
_errno
_initialize_onexit_table
raise
_exit
_wassert
strerror_s
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-convert-l1-1-0

atoi
strtoul
strtol
wcstombs
strtod
_strtoi64

api-ms-win-crt-heap-l1-1-0

malloc
calloc
realloc
_aligned_malloc
_aligned_free
_callnewh
free

api-ms-win-crt-environment-l1-1-0

_wputenv_s
_wputenv
_putenv
_wgetenv
_putenv_s
getenv

api-ms-win-crt-locale-l1-1-0

setlocale

api-ms-win-crt-math-l1-1-0

_fdopen

api-ms-win-crt-filesystem-l1-1-0

_access
_fstat64
_stat64
_unlink
_wstat64i32
_stat64i32
_fstat64i32

api-ms-win-crt-utility-l1-1-0

qsort
bsearch

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64
_gmtime64_s
strftime

ws2_32

WSAWaitForMultipleEvents
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSASetLastError
WSACreateEvent
WSACloseEvent
send
getsockopt
WSACleanup
setsockopt
WSAIoctl
ntohs
htons
__WSAFDIsSet
select
WSAGetLastError
accept
bind
getsockname
listen
WSAStartup
htonl
closesocket
connect
recv
socket
gethostbyname
ioctlsocket

Exports

Exports

??0AttributeNode@xml@@IEAA@PEBVElementNode@1@PEAVNode@1@PEAURTLISTNODE@@PEAU_xmlAttr@@@Z
??0ContentNode@xml@@IEAA@PEAVNode@1@PEAURTLISTNODE@@PEAU_xmlNode@@@Z
??0Document@xml@@QEAA@AEBV01@@Z
??0Document@xml@@QEAA@XZ
??0EDocumentNotEmpty@xml@@QEAA@$$QEAV01@@Z
??0EDocumentNotEmpty@xml@@QEAA@AEBV01@@Z
??0EDocumentNotEmpty@xml@@QEAA@PEBD@Z
??0EDocumentNotEmpty@xml@@QEAA@PEBDI0@Z
??0EIPRTFailure@xml@@QEAA@$$QEAV01@@Z
??0EIPRTFailure@xml@@QEAA@AEBV01@@Z
??0EIPRTFailure@xml@@QEAA@HPEBDZZ
??0EInvalidArg@xml@@QEAA@$$QEAV01@@Z
??0EInvalidArg@xml@@QEAA@AEBV01@@Z
??0EInvalidArg@xml@@QEAA@PEBD@Z
??0EInvalidArg@xml@@QEAA@PEBDI0@Z
??0ENodeIsNotElement@xml@@QEAA@$$QEAV01@@Z
??0ENodeIsNotElement@xml@@QEAA@AEBV01@@Z
??0ENodeIsNotElement@xml@@QEAA@PEBD@Z
??0ENodeIsNotElement@xml@@QEAA@PEBDI0@Z
??0ENotImplemented@xml@@QEAA@$$QEAV01@@Z
??0ENotImplemented@xml@@QEAA@AEBV01@@Z
??0ENotImplemented@xml@@QEAA@PEBD@Z
??0ENotImplemented@xml@@QEAA@PEBDI0@Z
??0ElementNode@xml@@IEAA@PEBV01@PEAVNode@1@PEAURTLISTNODE@@PEAU_xmlNode@@@Z
??0File@xml@@QEAA@PEAURTFILEINT@@PEBD_N@Z
??0File@xml@@QEAA@W4Mode@01@PEBD_N@Z
??0GlobalLock@xml@@QEAA@XZ
??0Input@xml@@QEAA@$$QEAV01@@Z
??0Input@xml@@QEAA@AEBV01@@Z
??0Input@xml@@QEAA@XZ
??0LogicError@xml@@QEAA@$$QEAV01@@Z
??0LogicError@xml@@QEAA@AEBV01@@Z
??0LogicError@xml@@QEAA@PEBD@Z
??0LogicError@xml@@QEAA@PEBDI0@Z
??0MemoryBuf@xml@@QEAA@PEBD_K0@Z
??0Node@xml@@IEAA@W4EnumType@01@PEAV01@PEAURTLISTNODE@@PEAU_xmlNode@@PEAU_xmlAttr@@@Z
??0NodesLoop@xml@@QEAA@AEBVElementNode@1@PEBD@Z
??0Output@xml@@QEAA@$$QEAV01@@Z
??0Output@xml@@QEAA@AEBV01@@Z
??0Output@xml@@QEAA@XZ
??0RTCError@@QEAA@AEBV0@@Z
??0RTCError@@QEAA@AEBVRTCString@@@Z
??0RTCError@@QEAA@PEBD@Z
??0RTCRestAnyObject@@QEAA@AEBV0@@Z
??0RTCRestAnyObject@@QEAA@XZ
??0RTCRestArrayBase@@QEAA@XZ
??0RTCRestBinary@@QEAA@XZ
??0RTCRestBinaryParameter@@QEAA@XZ
??0RTCRestBinaryResponse@@QEAA@XZ
??0RTCRestBool@@QEAA@AEBV0@@Z
??0RTCRestBool@@QEAA@XZ
??0RTCRestBool@@QEAA@_N@Z
??0RTCRestClientApiBase@@QEAA@XZ
??0RTCRestClientRequestBase@@QEAA@AEBV0@@Z
??0RTCRestClientRequestBase@@QEAA@XZ
??0RTCRestClientResponseBase@@QEAA@AEBV0@@Z
??0RTCRestClientResponseBase@@QEAA@XZ
??0RTCRestDataObject@@QEAA@AEBV0@@Z
??0RTCRestDataObject@@QEAA@XZ
??0RTCRestDate@@QEAA@AEBV0@@Z
??0RTCRestDate@@QEAA@XZ
??0RTCRestDouble@@QEAA@AEBV0@@Z
??0RTCRestDouble@@QEAA@N@Z
??0RTCRestDouble@@QEAA@XZ
??0RTCRestInt16@@QEAA@AEBV0@@Z
??0RTCRestInt16@@QEAA@F@Z
??0RTCRestInt16@@QEAA@XZ
??0RTCRestInt32@@QEAA@AEBV0@@Z
??0RTCRestInt32@@QEAA@H@Z
??0RTCRestInt32@@QEAA@XZ
??0RTCRestInt64@@QEAA@AEBV0@@Z
??0RTCRestInt64@@QEAA@XZ
??0RTCRestInt64@@QEAA@_J@Z
??0RTCRestJsonCursor@@QEAA@AEBU0@@Z
??0RTCRestJsonCursor@@QEAA@PEAURTJSONVALINT@@PEBD@Z
??0RTCRestJsonCursor@@QEAA@PEAURTJSONVALINT@@PEBDPEAU0@@Z
??0RTCRestJsonPrimaryCursor@@QEAA@AEBV0@@Z
??0RTCRestJsonPrimaryCursor@@QEAA@PEAURTJSONVALINT@@PEBDPEAURTERRINFO@@@Z
??0RTCRestObjectBase@@QEAA@AEBV0@@Z
??0RTCRestObjectBase@@QEAA@XZ
??0RTCRestOutputBase@@QEAA@AEBV0@@Z
??0RTCRestOutputBase@@QEAA@XZ
??0RTCRestOutputPrettyBase@@QEAA@AEBV0@@Z
??0RTCRestOutputPrettyBase@@QEAA@XZ
??0RTCRestOutputPrettyToString@@QEAA@AEBV0@@Z
??0RTCRestOutputPrettyToString@@QEAA@PEAVRTCString@@_N@Z
??0RTCRestOutputToString@@QEAA@PEAVRTCString@@_N@Z
??0RTCRestPolyDataObject@@QEAA@AEBV0@@Z
??0RTCRestPolyDataObject@@QEAA@XZ
??0RTCRestString@@QEAA@AEBV0@@Z
??0RTCRestString@@QEAA@AEBVRTCString@@@Z
??0RTCRestString@@QEAA@PEBD@Z
??0RTCRestString@@QEAA@XZ
??0RTCRestStringEnumBase@@QEAA@AEBV0@@Z
??0RTCRestStringEnumBase@@QEAA@XZ
??0RTCRestStringMapBase@@QEAA@XZ
??0RTCString@@QEAA@AEBV0@@Z
??0RTCString@@QEAA@AEBV0@_K1@Z
??0RTCString@@QEAA@PEBD@Z
??0RTCString@@QEAA@PEBDPEAD@Z
??0RTCString@@QEAA@PEBD_K@Z
??0RTCString@@QEAA@XZ
??0RTCString@@QEAA@_KD@Z
??0RuntimeError@xml@@QEAA@$$QEAV01@@Z
??0RuntimeError@xml@@QEAA@AEBV01@@Z
??0RuntimeError@xml@@QEAA@PEBD@Z
??0Stream@xml@@QEAA@AEBV01@@Z
??0Stream@xml@@QEAA@XZ
??0XmlError@xml@@QEAA@$$QEAV01@@Z
??0XmlError@xml@@QEAA@AEBV01@@Z
??0XmlError@xml@@QEAA@PEAU_xmlError@@@Z
??0XmlFileParser@xml@@QEAA@XZ
??0XmlFileWriter@xml@@QEAA@AEAVDocument@1@@Z
??0XmlMemParser@xml@@QEAA@XZ
??0XmlMemWriter@xml@@QEAA@XZ
??0XmlParserBase@xml@@IEAA@XZ
??0XmlStringWriter@xml@@QEAA@XZ
??1AttributeNode@xml@@UEAA@XZ
??1ContentNode@xml@@UEAA@XZ
??1Document@xml@@QEAA@XZ
??1EDocumentNotEmpty@xml@@UEAA@XZ
??1EIPRTFailure@xml@@UEAA@XZ
??1EInvalidArg@xml@@UEAA@XZ
??1ENodeIsNotElement@xml@@UEAA@XZ
??1ENotImplemented@xml@@UEAA@XZ
??1ElementNode@xml@@UEAA@XZ
??1File@xml@@UEAA@XZ
??1GlobalLock@xml@@QEAA@XZ
??1Input@xml@@UEAA@XZ
??1LogicError@xml@@UEAA@XZ
??1MemoryBuf@xml@@UEAA@XZ
??1Node@xml@@UEAA@XZ
??1NodesLoop@xml@@QEAA@XZ
??1Output@xml@@UEAA@XZ
??1RTCError@@UEAA@XZ
??1RTCRestAnyObject@@UEAA@XZ
??1RTCRestArrayBase@@UEAA@XZ
??1RTCRestBinary@@UEAA@XZ
??1RTCRestBinaryParameter@@UEAA@XZ
??1RTCRestBinaryResponse@@UEAA@XZ
??1RTCRestBool@@UEAA@XZ
??1RTCRestClientApiBase@@UEAA@XZ
??1RTCRestClientRequestBase@@UEAA@XZ
??1RTCRestClientResponseBase@@UEAA@XZ
??1RTCRestDataObject@@UEAA@XZ
??1RTCRestDate@@UEAA@XZ
??1RTCRestDouble@@UEAA@XZ
??1RTCRestInt16@@UEAA@XZ
??1RTCRestInt32@@UEAA@XZ
??1RTCRestInt64@@UEAA@XZ
??1RTCRestJsonCursor@@QEAA@XZ
??1RTCRestJsonPrimaryCursor@@UEAA@XZ
??1RTCRestObjectBase@@UEAA@XZ
??1RTCRestOutputBase@@UEAA@XZ
??1RTCRestOutputPrettyBase@@UEAA@XZ
??1RTCRestOutputPrettyToString@@UEAA@XZ
??1RTCRestOutputToString@@UEAA@XZ
??1RTCRestPolyDataObject@@UEAA@XZ
??1RTCRestString@@UEAA@XZ
??1RTCRestStringEnumBase@@UEAA@XZ
??1RTCRestStringMapBase@@UEAA@XZ
??1RTCString@@UEAA@XZ
??1RuntimeError@xml@@UEAA@XZ
??1Stream@xml@@UEAA@XZ
??1XmlError@xml@@UEAA@XZ
??1XmlFileParser@xml@@QEAA@XZ
??1XmlFileWriter@xml@@QEAA@XZ
??1XmlMemParser@xml@@QEAA@XZ
??1XmlMemWriter@xml@@QEAA@XZ
??1XmlParserBase@xml@@IEAA@XZ
??4AttributeNode@xml@@QEAAAEAV01@AEBV01@@Z
??4ContentNode@xml@@QEAAAEAV01@AEBV01@@Z
??4Document@xml@@QEAAAEAV01@AEBV01@@Z
??4EDocumentNotEmpty@xml@@QEAAAEAV01@$$QEAV01@@Z
??4EDocumentNotEmpty@xml@@QEAAAEAV01@AEBV01@@Z
??4EIPRTFailure@xml@@QEAAAEAV01@$$QEAV01@@Z
??4EIPRTFailure@xml@@QEAAAEAV01@AEBV01@@Z
??4EInvalidArg@xml@@QEAAAEAV01@$$QEAV01@@Z
??4EInvalidArg@xml@@QEAAAEAV01@AEBV01@@Z
??4ENodeIsNotElement@xml@@QEAAAEAV01@$$QEAV01@@Z
??4ENodeIsNotElement@xml@@QEAAAEAV01@AEBV01@@Z
??4ENotImplemented@xml@@QEAAAEAV01@$$QEAV01@@Z
??4ENotImplemented@xml@@QEAAAEAV01@AEBV01@@Z
??4ElementNode@xml@@QEAAAEAV01@AEBV01@@Z
??4GlobalLock@xml@@QEAAAEAV01@AEBV01@@Z
??4Input@xml@@QEAAAEAV01@$$QEAV01@@Z
??4Input@xml@@QEAAAEAV01@AEBV01@@Z
??4LogicError@xml@@QEAAAEAV01@$$QEAV01@@Z
??4LogicError@xml@@QEAAAEAV01@AEBV01@@Z
??4Node@xml@@QEAAAEAV01@AEBV01@@Z
??4NodesLoop@xml@@QEAAAEAV01@AEBV01@@Z
??4Output@xml@@QEAAAEAV01@$$QEAV01@@Z
??4Output@xml@@QEAAAEAV01@AEBV01@@Z
??4RTCError@@QEAAXAEBV0@@Z
??4RTCRestAnyObject@@QEAAAEAV0@AEBV0@@Z
??4RTCRestBool@@QEAAAEAV0@AEBV0@@Z
??4RTCRestClientRequestBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestClientResponseBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestDataObject@@IEAAAEAV0@AEBV0@@Z
??4RTCRestDate@@QEAAAEAV0@AEBV0@@Z
??4RTCRestDouble@@QEAAAEAV0@AEBV0@@Z
??4RTCRestInt16@@QEAAAEAV0@AEBV0@@Z
??4RTCRestInt32@@QEAAAEAV0@AEBV0@@Z
??4RTCRestInt64@@QEAAAEAV0@AEBV0@@Z
??4RTCRestJsonCursor@@QEAAAEAU0@AEBU0@@Z
??4RTCRestJsonPrimaryCursor@@QEAAAEAV0@AEBV0@@Z
??4RTCRestObjectBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestOutputBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestOutputPrettyBase@@QEAAAEAV0@AEBV0@@Z
??4RTCRestOutputPrettyToString@@QEAAAEAV0@AEBV0@@Z
??4RTCRestPolyDataObject@@IEAAAEAV0@AEBV0@@Z
??4RTCRestString@@QEAAAEAV0@AEBV0@@Z
??4RTCRestString@@QEAAAEAV0@AEBVRTCString@@@Z
??4RTCRestString@@QEAAAEAV0@PEBD@Z
??4RTCRestStringEnumBase@@QEAAAEAV0@AEBV0@@Z
??4RTCString@@QEAAAEAV0@AEBV0@@Z
??4RTCString@@QEAAAEAV0@PEBD@Z
??4RuntimeError@xml@@QEAAAEAV01@$$QEAV01@@Z
??4RuntimeError@xml@@QEAAAEAV01@AEBV01@@Z
??4Stream@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlError@xml@@QEAAAEAV01@$$QEAV01@@Z
??4XmlError@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlFileParser@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlFileWriter@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlMemParser@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlMemWriter@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlParserBase@xml@@QEAAAEAV01@AEBV01@@Z
??4XmlStringWriter@xml@@QEAAAEAV01@$$QEAV01@@Z
??4XmlStringWriter@xml@@QEAAAEAV01@AEBV01@@Z
??8RTCString@@QEBA_NAEBV0@@Z
??8RTCString@@QEBA_NPEBD@Z
??9RTCString@@QEBA_NAEBV0@@Z
??9RTCString@@QEBA_NPEBD@Z
??ARTCString@@QEBAD_K@Z
??H@YA?BVRTCString@@AEBV0@0@Z
??H@YA?BVRTCString@@AEBV0@PEBD@Z
??H@YA?BVRTCString@@PEBDAEBV0@@Z
??MRTCString@@QEBA_NAEBV0@@Z
??MRTCString@@QEBA_NPEBD@Z
??ORTCString@@QEBA_NAEBV0@@Z
??ORTCString@@QEBA_NPEBD@Z
??YRTCString@@QEAAAEAV0@AEBV0@@Z
??YRTCString@@QEAAAEAV0@D@Z
??YRTCString@@QEAAAEAV0@PEBD@Z
??_7AttributeNode@xml@@6B@
??_7ContentNode@xml@@6B@
??_7EDocumentNotEmpty@xml@@6B@
??_7EIPRTFailure@xml@@6B@
??_7EInvalidArg@xml@@6B@
??_7ENodeIsNotElement@xml@@6B@
??_7ENotImplemented@xml@@6B@
??_7ElementNode@xml@@6B@
??_7File@xml@@6BInput@1@@
??_7File@xml@@6BOutput@1@@
??_7File@xml@@6BStream@1@@
??_7Input@xml@@6B01@@
??_7Input@xml@@6BStream@1@@
??_7LogicError@xml@@6B@
??_7MemoryBuf@xml@@6BInput@1@@
??_7MemoryBuf@xml@@6BStream@1@@
??_7Node@xml@@6B@
??_7Output@xml@@6B01@@
??_7Output@xml@@6BStream@1@@
??_7RTCError@@6B@
??_7RTCRestAnyObject@@6B@
??_7RTCRestArrayBase@@6B@
??_7RTCRestBinary@@6B@
??_7RTCRestBinaryParameter@@6B@
??_7RTCRestBinaryResponse@@6B@
??_7RTCRestBool@@6B@
??_7RTCRestClientApiBase@@6B@
??_7RTCRestClientRequestBase@@6B@
??_7RTCRestClientResponseBase@@6B@
??_7RTCRestDataObject@@6B@
??_7RTCRestDate@@6B@
??_7RTCRestDouble@@6B@
??_7RTCRestInt16@@6B@
??_7RTCRestInt32@@6B@
??_7RTCRestInt64@@6B@
??_7RTCRestJsonPrimaryCursor@@6B@
??_7RTCRestObjectBase@@6B@
??_7RTCRestOutputBase@@6B@
??_7RTCRestOutputPrettyBase@@6B@
??_7RTCRestOutputPrettyToString@@6B@
??_7RTCRestOutputToString@@6B@
??_7RTCRestPolyDataObject@@6B@
??_7RTCRestString@@6BRTCRestObjectBase@@@
??_7RTCRestString@@6BRTCString@@@
??_7RTCRestStringEnumBase@@6B@
??_7RTCRestStringMapBase@@6B@
??_7RTCString@@6B@
??_7RuntimeError@xml@@6B@
??_7Stream@xml@@6B@
??_7XmlError@xml@@6B@
??_8File@xml@@7BInput@1@@
??_8File@xml@@7BOutput@1@@
??_8MemoryBuf@xml@@7B@
??_DFile@xml@@QEAAXXZ
??_DMemoryBuf@xml@@QEAAXXZ
??_FEDocumentNotEmpty@xml@@QEAAXXZ
??_FEInvalidArg@xml@@QEAAXXZ
??_FENodeIsNotElement@xml@@QEAAXXZ
??_FENotImplemented@xml@@QEAAXXZ
??_FLogicError@xml@@QEAAXXZ
??_FRuntimeError@xml@@QEAAXXZ
?CloseCallback@XmlFileParser@xml@@CAHPEAX@Z
?CloseCallback@XmlFileWriter@xml@@SAHPEAX@Z
?CloseCallback@XmlStringWriter@xml@@CAHPEAX@Z
?Format@XmlError@xml@@SAPEADPEAU_xmlError@@@Z
?RTAsn1VideotexString_CheckSanity@@YAHPEBURTASN1STRING@@IPEAURTERRINFO@@PEBD@Z
?RTAsn1VideotexString_Clone@@YAHPEAURTASN1STRING@@PEBU1@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTAsn1VideotexString_Compare@@YAHPEBURTASN1STRING@@0@Z
?RTAsn1VideotexString_DecodeAsn1@@YAHPEAURTASN1CURSOR@@IPEAURTASN1STRING@@PEBD@Z
?RTAsn1VideotexString_Delete@@YAXPEAURTASN1STRING@@@Z
?RTAsn1VideotexString_Enum@@YAHPEAURTASN1STRING@@P6AHPEAURTASN1CORE@@PEBDIPEAX@_EI3@Z
?RTAsn1VideotexString_Init@@YAHPEAURTASN1STRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrKeyCreateFromPemSection@@YAHPEAPEAURTCRKEYINT@@PEBURTCRPEMSECTION@@IPEBDPEAURTERRINFO@@2@Z
?RTCrPkcs7ContentInfo_SetContent@@YAHPEAURTCRPKCS7CONTENTINFO@@PEBURTASN1OCTETSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrPkcs8PrivateKeyInfo_SetAttributes@@YAHPEAURTCRPKCS8PRIVATEKEYINFO@@PEBURTCRPKCS7ATTRIBUTES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrRsaPrivateKey_SetOtherPrimeInfos@@YAHPEAURTCRRSAPRIVATEKEY@@PEBURTCRRSAOTHERPRIMEINFOS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrStoreCertAddPkcs7@@YAHPEAURTCRSTOREINT@@IPEAURTCRPKCS7CERT@@PEAURTERRINFO@@@Z
?RTCrTafCertPathControls_SetCertificate@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTCRX509CERTIFICATE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafCertPathControls_SetNameConstr@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTCRX509NAMECONSTRAINTS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafCertPathControls_SetPathLenConstraint@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafCertPathControls_SetPolicyFlags@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTASN1BITSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafCertPathControls_SetPolicySet@@YAHPEAURTCRTAFCERTPATHCONTROLS@@PEBURTCRX509CERTIFICATEPOLICIES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorChoice_SetCertificate@@YAHPEAURTCRTAFTRUSTANCHORCHOICE@@PEBURTCRX509CERTIFICATE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorChoice_SetTaInfo@@YAHPEAURTCRTAFTRUSTANCHORCHOICE@@PEBURTCRTAFTRUSTANCHORINFO@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorChoice_SetTbsCert@@YAHPEAURTCRTAFTRUSTANCHORCHOICE@@PEBURTCRX509TBSCERTIFICATE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorInfo_SetCertPath@@YAHPEAURTCRTAFTRUSTANCHORINFO@@PEBURTCRTAFCERTPATHCONTROLS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorInfo_SetExts@@YAHPEAURTCRTAFTRUSTANCHORINFO@@PEBURTCRX509EXTENSIONS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTafTrustAnchorInfo_SetVersion@@YAHPEAURTCRTAFTRUSTANCHORINFO@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspAccuracy_SetMicros@@YAHPEAURTCRTSPACCURACY@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspAccuracy_SetMillis@@YAHPEAURTCRTSPACCURACY@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspAccuracy_SetSeconds@@YAHPEAURTCRTSPACCURACY@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetAccuracy@@YAHPEAURTCRTSPTSTINFO@@PEBURTCRTSPACCURACY@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetExtensions@@YAHPEAURTCRTSPTSTINFO@@PEBURTCRX509EXTENSION@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetNonce@@YAHPEAURTCRTSPTSTINFO@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetOrdering@@YAHPEAURTCRTSPTSTINFO@@PEBURTASN1BOOLEAN@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrTspTstInfo_SetTsa@@YAHPEAURTCRTSPTSTINFO@@PEBURTCRX509GENERALNAME@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509AttributeTypeAndValue_MatchAsRdnByRfc5280@@YA_NPEBURTCRX509ATTRIBUTETYPEANDVALUE@@0@Z
?RTCrX509AuthorityKeyIdentifier_SetAuthorityCertIssuer@@YAHPEAURTCRX509AUTHORITYKEYIDENTIFIER@@PEBURTCRX509GENERALNAMES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509AuthorityKeyIdentifier_SetAuthorityCertSerialNumber@@YAHPEAURTCRX509AUTHORITYKEYIDENTIFIER@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509AuthorityKeyIdentifier_SetKeyIdentifier@@YAHPEAURTCRX509AUTHORITYKEYIDENTIFIER@@PEBURTASN1OCTETSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509BasicConstraints_SetCA@@YAHPEAURTCRX509BASICCONSTRAINTS@@PEBURTASN1BOOLEAN@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509BasicConstraints_SetPathLenConstraint@@YAHPEAURTCRX509BASICCONSTRAINTS@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509Extension_SetCritical@@YAHPEAURTCRX509EXTENSION@@PEBURTASN1BOOLEAN@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetDirectoryName@@YAHPEAURTCRX509GENERALNAME@@PEBURTCRX509NAME@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetDnsType@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1STRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetEdiPartyName@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1DYNTYPE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetIpAddress@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1OCTETSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetOtherName@@YAHPEAURTCRX509GENERALNAME@@PEBURTCRX509OTHERNAME@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetRegisteredId@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1OBJID@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetRfc822@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1STRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetUri@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1STRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralName_SetX400Address@@YAHPEAURTCRX509GENERALNAME@@PEBURTASN1DYNTYPE@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralSubtree_SetMaximum@@YAHPEAURTCRX509GENERALSUBTREE@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509GeneralSubtree_SetMinimum@@YAHPEAURTCRX509GENERALSUBTREE@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509NameConstraints_SetExcludedSubtrees@@YAHPEAURTCRX509NAMECONSTRAINTS@@PEBURTCRX509GENERALSUBTREES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509NameConstraints_SetPermittedSubtrees@@YAHPEAURTCRX509NAMECONSTRAINTS@@PEBURTCRX509GENERALSUBTREES@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509OldAuthorityKeyIdentifier_SetAuthorityCertIssuer@@YAHPEAURTCRX509OLDAUTHORITYKEYIDENTIFIER@@PEBURTCRX509NAME@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509OldAuthorityKeyIdentifier_SetAuthorityCertSerialNumber@@YAHPEAURTCRX509OLDAUTHORITYKEYIDENTIFIER@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509OldAuthorityKeyIdentifier_SetKeyIdentifier@@YAHPEAURTCRX509OLDAUTHORITYKEYIDENTIFIER@@PEBURTASN1OCTETSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509PolicyConstraints_SetInhibitPolicyMapping@@YAHPEAURTCRX509POLICYCONSTRAINTS@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509PolicyConstraints_SetRequireExplicitPolicy@@YAHPEAURTCRX509POLICYCONSTRAINTS@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509PolicyInformation_SetPolicyQualifiers@@YAHPEAURTCRX509POLICYINFORMATION@@PEBURTCRX509POLICYQUALIFIERINFOS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509RelativeDistinguishedName_MatchByRfc5280@@YA_NPEBURTCRX509ATTRIBUTETYPEANDVALUES@@0@Z
?RTCrX509TbsCertificate_SetExtensions@@YAHPEAURTCRX509TBSCERTIFICATE@@PEBURTCRX509EXTENSIONS@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509TbsCertificate_SetIssuerUniqueId@@YAHPEAURTCRX509TBSCERTIFICATE@@PEBURTASN1BITSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509TbsCertificate_SetSubjectUniqueId@@YAHPEAURTCRX509TBSCERTIFICATE@@PEBURTASN1BITSTRING@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTCrX509TbsCertificate_SetVersion@@YAHPEAURTCRX509TBSCERTIFICATE@@PEBURTASN1INTEGER@@PEBURTASN1ALLOCATORVTABLE@@@Z
?RTLdrOpenVfsChainkLdr@@YAHPEBDIW4RTLDRARCH@@PEAPEAURTLDRMODINTERNAL@@PEAIPEAURTERRINFO@@@Z
?RTVfsLockRetainDebug@@YAIPEAURTVFSLOCKINTERNAL@@PEBDI1@Z
?RTZipTarFsStreamSetModTime@@YAHPEAURTVFSFSSTREAMINTERNAL@@PEBURTTIMESPEC@@@Z
?ReadCallback@XmlFileParser@xml@@CAHPEAXPEADH@Z
?WriteCallback@XmlFileWriter@xml@@SAHPEAXPEBDH@Z
?WriteCallbackForReal@XmlStringWriter@xml@@CAHPEAXPEBDH@Z
?WriteCallbackForSize@XmlStringWriter@xml@@CAHPEAXPEBDH@Z
?addContent@ElementNode@xml@@QEAAPEAVContentNode@2@AEBVRTCString@@@Z
?addContent@ElementNode@xml@@QEAAPEAVContentNode@2@PEBD@Z
?addError@RTCRestClientResponseBase@@IEAAHHPEBDZZ
?addError@RTCRestJsonPrimaryCursor@@UEAAHAEBURTCRestJsonCursor@@HPEBDZZ
?append@RTCString@@QEAAAEAV1@AEBV1@@Z
?append@RTCString@@QEAAAEAV1@AEBV1@_K1@Z
?append@RTCString@@QEAAAEAV1@D@Z
?append@RTCString@@QEAAAEAV1@PEBD@Z
?append@RTCString@@QEAAAEAV1@PEBD_K@Z
?appendCodePoint@RTCString@@QEAAAEAV1@I@Z
?appendCodePointNoThrow@RTCString@@QEAAHI@Z
?appendNoThrow@RTCString@@QEAAHAEBV1@@Z
?appendNoThrow@RTCString@@QEAAHAEBV1@_K1@Z
?appendNoThrow@RTCString@@QEAAHD@Z
?appendNoThrow@RTCString@@QEAAHPEBD@Z
?appendNoThrow@RTCString@@QEAAHPEBD_K@Z
?appendPrintf@RTCString@@QEAAAEAV1@PEBDZZ
?appendPrintfNoThrow@RTCString@@QEAAHPEBDZZ
?appendPrintfV@RTCString@@QEAAAEAV1@PEBDPEAD@Z
?appendPrintfVNoThrow@RTCString@@QEAAHPEBDPEAD@Z
?appendWorker@RTCString@@IEAAAEAV1@PEBD_K@Z
?appendWorkerNoThrow@RTCString@@IEAAHPEBD_K@Z
?assign@RTCRestString@@QEAAAEAV1@AEBVRTCString@@@Z
?assign@RTCRestString@@QEAAAEAV1@AEBVRTCString@@_K1@Z
?assign@RTCRestString@@QEAAAEAV1@PEBD@Z
?assign@RTCRestString@@QEAAAEAV1@PEBD_K@Z
?assign@RTCRestString@@QEAAAEAV1@_KD@Z
?assign@RTCString@@QEAAAEAV1@AEBV1@@Z
?assign@RTCString@@QEAAAEAV1@AEBV1@_K1@Z
?assign@RTCString@@QEAAAEAV1@PEBD@Z
?assign@RTCString@@QEAAAEAV1@PEBD_K@Z
?assign@RTCString@@QEAAAEAV1@_KD@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBV1@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBV?$RTCRestArray@VRTCRestAnyObject@@@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBV?$RTCRestStringMap@VRTCRestAnyObject@@@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestBool@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestDouble@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestInt16@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestInt32@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestInt64@@@Z
?assignCopy@RTCRestAnyObject@@QEAAHAEBVRTCRestString@@@Z
?assignCopy@RTCRestBinary@@UEAAHAEBV1@@Z
?assignCopy@RTCRestBinary@@UEAAHPEBX_K@Z
?assignCopy@RTCRestBinaryParameter@@UEAAHAEBV1@@Z
?assignCopy@RTCRestBinaryParameter@@UEAAHAEBVRTCRestBinary@@@Z
?assignCopy@RTCRestBinaryParameter@@UEAAHPEBX_K@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHAEBV1@@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHAEBVRTCRestBinary@@@Z
?assignCopy@RTCRestBinaryResponse@@UEAAHPEBX_K@Z
?assignCopy@RTCRestBool@@QEAAHAEBV1@@Z
?assignCopy@RTCRestDataObject@@MEAAHAEBV1@@Z
?assignCopy@RTCRestDate@@QEAAHAEBV1@@Z
?assignCopy@RTCRestDouble@@QEAAHAEBV1@@Z
?assignCopy@RTCRestInt16@@QEAAHAEBV1@@Z
?assignCopy@RTCRestInt32@@QEAAHAEBV1@@Z
?assignCopy@RTCRestInt64@@QEAAHAEBV1@@Z
?assignCopy@RTCRestString@@QEAAHAEBV1@@Z
?assignCopy@RTCRestString@@QEAAHAEBVRTCString@@@Z
?assignCopy@RTCRestString@@QEAAHPEBD@Z
?assignCopy@RTCRestStringEnumBase@@QEAAHAEBV1@@Z
?assignCopy@RTCRestStringEnumBase@@QEAAHAEBVRTCString@@@Z
?assignCopy@RTCRestStringEnumBase@@QEAAHPEBD@Z
?assignNoThrow@RTCRestString@@QEAAHAEBVRTCString@@@Z
?assignNoThrow@RTCRestString@@QEAAHAEBVRTCString@@_K1@Z
?assignNoThrow@RTCRestString@@QEAAHPEBD@Z
?assignNoThrow@RTCRestString@@QEAAHPEBD_K@Z
?assignNoThrow@RTCRestString@@QEAAH_KD@Z
?assignNoThrow@RTCString@@QEAAHAEBV1@@Z
?assignNoThrow@RTCString@@QEAAHAEBV1@_K1@Z
?assignNoThrow@RTCString@@QEAAHPEBD@Z
?assignNoThrow@RTCString@@QEAAHPEBD_K@Z
?assignNoThrow@RTCString@@QEAAH_KD@Z
?assignNow@RTCRestDate@@QEAAHW4kFormat@1@@Z
?assignNowRfc2822@RTCRestDate@@QEAAHXZ
?assignNowRfc3339@RTCRestDate@@QEAAHXZ
?assignNowRfc7131@RTCRestDate@@QEAAHXZ
?assignReadOnly@RTCRestBinary@@UEAAHPEBX_K@Z
?assignReadOnly@RTCRestBinaryParameter@@UEAAHPEBX_K@Z
?assignReadOnly@RTCRestBinaryResponse@@UEAAHPEBX_K@Z
?assignValue@RTCRestAnyObject@@QEAAHAEBVRTCString@@@Z
?assignValue@RTCRestAnyObject@@QEAAHF@Z
?assignValue@RTCRestAnyObject@@QEAAHH@Z
?assignValue@RTCRestAnyObject@@QEAAHN@Z
?assignValue@RTCRestAnyObject@@QEAAHPEBD@Z
?assignValue@RTCRestAnyObject@@QEAAH_J@Z
?assignValue@RTCRestAnyObject@@QEAAH_N@Z
?assignValue@RTCRestBool@@QEAAX_N@Z
?assignValue@RTCRestDate@@QEAAHPEBURTTIMESPEC@@W4kFormat@1@@Z
?assignValue@RTCRestDouble@@QEAAXN@Z
?assignValue@RTCRestInt16@@QEAAXF@Z
?assignValue@RTCRestInt32@@QEAAXH@Z
?assignValue@RTCRestInt64@@QEAAX_J@Z
?assignValueRfc2822@RTCRestDate@@QEAAHPEBURTTIMESPEC@@@Z
?assignValueRfc3339@RTCRestDate@@QEAAHPEBURTTIMESPEC@@@Z
?assignValueRfc7131@RTCRestDate@@QEAAHPEBURTTIMESPEC@@@Z
?assignWriteable@RTCRestBinary@@UEAAHPEAX_K@Z
?assignWriteable@RTCRestBinaryParameter@@UEAAHPEAX_K@Z
?assignWriteable@RTCRestBinaryResponse@@UEAAHPEAX_K@Z
?atBase@RTCRestArrayBase@@QEAAPEAVRTCRestObjectBase@@_K@Z
?atBase@RTCRestArrayBase@@QEBAPEBVRTCRestObjectBase@@_K@Z
?baseClone@RTCRestAnyObject@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestArrayBase@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBinary@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBinaryParameter@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBinaryResponse@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestBool@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestDate@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestDouble@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestInt16@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestInt32@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestInt64@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestString@@UEBAPEAVRTCRestObjectBase@@XZ
?baseClone@RTCRestStringMapBase@@UEBAPEAVRTCRestObjectBase@@XZ
?begin@RTCRestStringMapBase@@QEBA?AVConstIterator@1@XZ
?beginArray@RTCRestOutputBase@@UEAAIXZ
?beginArray@RTCRestOutputPrettyBase@@UEAAIXZ
?beginObject@RTCRestOutputBase@@UEAAIXZ
?beginObject@RTCRestOutputPrettyBase@@UEAAIXZ
?buildChildren@ElementNode@xml@@KAXPEAV12@@Z
?c_str@RTCString@@QEBAPEBDXZ
?callDefaultLoader@GlobalLock@xml@@SAPEAU_xmlParserInput@@PEBD0PEAU_xmlParserCtxt@@@Z
?capacity@RTCString@@QEBA_KXZ

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zero
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kiwi REBORN (free)/Inj.exe
.exe windows:4 windows x86 arch:x86

Password: key_afg

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

.text
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 576B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kiwi REBORN (free)/KiwKey.dll
.dll regsvr32 windows:6 windows x64 arch:x64

Password: key_afg

6a5978d03665528ad707e90ec357d440

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/12/2013, 00:00

Not After

22/12/2016, 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01/01/2014, 00:00

Not After

31/12/2014, 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/02/2021, 00:00

Not After

16/04/2024, 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9a:d8:74:c9:0b:2e:1e:b1:ff:61:62:d0:ce:2c:9f:0b:d8:a2:17:66:e8:05:ff:57:1c:d8:f2:ab:9f:83:0a:9a
Signer

Actual PE Digest

9a:d8:74:c9:0b:2e:1e:b1:ff:61:62:d0:ce:2c:9f:0b:d8:a2:17:66:e8:05:ff:57:1c:d8:f2:ab:9f:83:0a:9a

Digest Algorithm

sha256

PE Digest Matches

true

ca:bf:e7:ce:94:0e:1d:cd:de:a1:f5:85:15:c3:ec:54:48:7d:cc:e0
Signer

Actual PE Digest

ca:bf:e7:ce:94:0e:1d:cd:de:a1:f5:85:15:c3:ec:54:48:7d:cc:e0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\tinderboxa\win-7.0\out\win.amd64\release\obj\VBoxProxyStub\VBoxProxyStub.pdb

Imports

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memcmp

vboxrt

RTUtf16CatAscii
RTLogLoggerEx
RTR3InitDll
RTStrCopy
RTStrCat
RTUtf16ICmp
RTUtf16Cmp
RTUtf16Len
RTUtf16Cat
RTUtf16CopyAscii
RTUtf16Copy
RTLogRelGetDefaultInstanceEx

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

_memicmp
strcmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_seh_filter_dll
_initterm
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_cexit
_execute_onexit_table

kernel32

IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError
SetLastError
DisableThreadLibraryCalls
GetModuleFileNameW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

advapi32

RegQueryValueExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
RegCreateKeyExA
RegCloseKey
RegOpenKeyExW
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegSetValueExW
ChangeServiceConfig2W
CloseServiceHandle
ControlService
CreateServiceW
DeleteService
OpenSCManagerW
OpenServiceW
QueryServiceConfigW

shlwapi

SHDeleteKeyW
SHDeleteKeyA

ole32

ObjectStublessClient18
ObjectStublessClient17
ObjectStublessClient16
ObjectStublessClient15
ObjectStublessClient14
ObjectStublessClient13
ObjectStublessClient20
ObjectStublessClient11
ObjectStublessClient10
ObjectStublessClient9
ObjectStublessClient8
ObjectStublessClient7
ObjectStublessClient4
ObjectStublessClient3
ObjectStublessClient21
ObjectStublessClient19
ObjectStublessClient22
ObjectStublessClient23
ObjectStublessClient24
ObjectStublessClient25
ObjectStublessClient26
ObjectStublessClient27
ObjectStublessClient28
ObjectStublessClient29
ObjectStublessClient30
ObjectStublessClient31
NdrProxyForwardingFunction3
NdrProxyForwardingFunction7
NdrProxyForwardingFunction6
NdrProxyForwardingFunction5
ObjectStublessClient12
NdrProxyForwardingFunction4
ObjectStublessClient5

oleaut32

BSTR_UserFree64
LPSAFEARRAY_UserSize
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserUnmarshal
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserSize64
LPSAFEARRAY_UserMarshal64
LPSAFEARRAY_UserUnmarshal64
LPSAFEARRAY_UserFree64
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
BSTR_UserSize
BSTR_UserMarshal64
BSTR_UserSize64
BSTR_UserFree
BSTR_UserUnmarshal
BSTR_UserMarshal
BSTR_UserUnmarshal64

rpcrt4

CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_Invoke
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_DebugServerRelease
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_AddRef
IUnknown_QueryInterface_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_QueryInterface
NdrStubForwardingFunction
IUnknown_Release_Proxy
NdrOleFree
NdrOleAllocate
NdrStubCall3

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo
VbpsUpdateRegistrations

Sections

.orpc
Size: 512B - Virtual size: 457B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 310KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 435KB - Virtual size: 434KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Kiwi REBORN (free)/KiwPG.dll
.dll windows:6 windows x64 arch:x64

Password: key_afg

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

23/12/2013, 00:00

Not After

22/12/2016, 23:59

Subject

CN=Oracle Corporation,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=VirtualBox,O=Oracle Corporation,L=Redwood Shores,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

Issuer

CN=VirtualBox for Legacy Windows Only Timestamp CA,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Not Before

01/01/2014, 00:00

Not After

31/12/2014, 23:59

Subject

CN=VirtualBox for Legacy Windows Only Timestamp Kludge 2014,O=Oracle Deutschland B.V. & Co. KG,L=Munich,ST=Bavaria,C=DE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:1c:b2:8a:00:00:00:00:00:26
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15/04/2011, 19:41

Not After

15/04/2021, 19:51

Subject

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/02/2021, 00:00

Not After

16/04/2024, 23:59

Subject

CN=Oracle Corporation,OU=VirtualBox,O=Oracle Corporation,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9d:6f:1a:d6:5a:1a:e3:6c:e3:cc:97:aa:39:e7:0d:71:2a:c9:aa:82:53:37:4c:27:b8:8d:80:1e:f6:10:2a:cf
Signer

Actual PE Digest

9d:6f:1a:d6:5a:1a:e3:6c:e3:cc:97:aa:39:e7:0d:71:2a:c9:aa:82:53:37:4c:27:b8:8d:80:1e:f6:10:2a:cf

Digest Algorithm

sha256

PE Digest Matches

true

84:5e:6a:7c:5c:4a:ca:35:22:c7:ac:4a:19:2c:68:18:1a:85:ba:d8
Signer

Actual PE Digest

84:5e:6a:7c:5c:4a:ca:35:22:c7:ac:4a:19:2c:68:18:1a:85:ba:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\tinderboxa\win-7.0\out\win.amd64\release\obj\VBoxRes\VBoxRes.pdb

Exports

Exports

VBoxResDummy

Sections

.text
Size: 512B - Virtual size: 3B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 862KB - Virtual size: 861KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Kiwi REBORN (free)/KiwiX REBORN.exe
.exe windows:5 windows x86 arch:x86

Password: key_afg

cdf2338385bbf26ec9ce2289fc7f2d64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

winmm

timeBeginPeriod
joyGetDevCapsW
joyGetPosEx
timeEndPeriod

kernel32

GetTempFileNameW
GlobalAddAtomW
GlobalDeleteAtom
GetModuleHandleW
lstrlenW
GetLocaleInfoA
LockResource
VirtualProtect
VirtualQuery
SetLastError
LoadResource
SizeofResource
FindResourceA
FindResourceW
IsBadReadPtr
IsBadWritePtr
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
FindNextFileA
FindFirstFileExA
GetProcessHeap
DecodePointer
GetFileType
LCMapStringW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetOEMCP
IsValidCodePage
GetStringTypeW
GetCPInfo
HeapFree
GlobalFree
HeapAlloc
GetStdHandle
GetModuleFileNameA
GetModuleHandleExW
ExitProcess
HeapSize
HeapCompact
SetEnvironmentVariableW
DeleteFileW
GetACP
LoadLibraryExW
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
EncodePointer
RtlUnwind
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetSystemTimeAsFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryExA
GetSystemInfo
RaiseException
FileTimeToSystemTime
FileTimeToLocalFileTime
GetSystemTime
GetVersion
GetTempPathW
FindClose
FindNextFileW
FindFirstFileW
GetCurrentDirectoryW
SetErrorMode
GlobalUnlock
GlobalLock
GlobalAlloc
GetExitCodeProcess
GetCommandLineW
WideCharToMultiByte
Sleep
SetCurrentDirectoryW
CreateDirectoryW
CloseHandle
SetFilePointer
WriteFile
GetLastError
ReadFile
CreateFileW
GetCurrentThreadId
RemoveDirectoryW
GetVersionExW
GetModuleFileNameW
WriteConsoleW
GetLocaleInfoW
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryW
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushFileBuffers
HeapReAlloc

user32

SystemParametersInfoW
DrawEdge
DrawTextW
PostQuitMessage
IntersectRect
SetRect
DrawFocusRect
InvertRect
CreateDialogParamA
CreateDialogParamW
CreateDialogIndirectParamA
CreateDialogIndirectParamW
DialogBoxParamA
DialogBoxIndirectParamA
DialogBoxIndirectParamW
LoadMenuA
LoadMenuW
LoadStringA
SetLastErrorEx
GetTabbedTextExtentW
GetUpdateRect
IsIconic
DefMDIChildProcW
SetDlgItemTextW
EndPaint
BeginPaint
PtInRect
GetDlgItem
MapVirtualKeyW
ModifyMenuW
GetDlgItemTextW
EndDialog
DrawMenuBar
DestroyMenu
LoadMenuIndirectW
GetMenuItemCount
SetWindowPlacement
GetWindowPlacement
GetFocus
CallWindowProcW
RemovePropW
SetPropW
GetPropW
UnionRect
DestroyWindow
SetScrollPos
SetScrollRange
CreateWindowExW
GetParent
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetFocus
GetSysColor
GetDesktopWindow
RedrawWindow
GetSystemMenu
UpdateWindow
SetWindowLongW
MessageBoxW
GetMenuStringW
GetMenuItemID
GetInputState
FillRect
LoadStringW
DialogBoxParamW
RegisterClassW
RegisterClassExW
LoadImageW
LoadIconW
GetWindow
GetClassNameW
GetTopWindow
GetMonitorInfoW
MonitorFromWindow
GetSystemMetrics
OemToCharA
GetAsyncKeyState
GetActiveWindow
ShowCursor
SetCapture
ReleaseCapture
GetKeyState
GetWindowRect
MapWindowPoints
SetWindowPos
IsZoomed
GetWindowLongW
AdjustWindowRectEx
SendMessageW
LockWindowUpdate
IsWindowVisible
GetClientRect
SetWindowTextW
IsDialogMessageW
SetTimer
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
IsClipboardFormatAvailable
wsprintfW
ShowWindow
PostMessageW
CheckMenuItem
EnableMenuItem
GetMenu
InvalidateRect
SetCursorPos
ClientToScreen
ScreenToClient
GetCursorPos
GetKeyboardState
CopyRect
UnhookWindowsHookEx
KillTimer
SetWindowsHookExW
CallNextHookEx
DestroyIcon
GetSubMenu
DeleteMenu
GetMenuState
LoadCursorW
SetCursor
ReleaseDC
CreateIconIndirect
GetDC
MsgWaitForMultipleObjects
DispatchMessageW
TranslateMessage
TranslateMDISysAccel
GetMessageW
PeekMessageW
SendDlgItemMessageW

gdi32

CreatePalette
GetDeviceCaps
SelectPalette
RealizePalette
GetObjectW
CreateFontIndirectW
CreatePen
Rectangle
SelectObject
MoveToEx
LineTo
CreateSolidBrush
GetStockObject
SetTextColor
SetBkMode
DeleteObject
GetClipRgn
ExcludeClipRect
SelectClipRgn
GetTextExtentPointW
GetCharWidthW
DPtoLP
SetTextAlign
SetROP2
LPtoDP
SetBkColor
Polygon
TextOutW
SetPolyFillMode
GetTextMetricsW
GetNearestPaletteIndex
CreateHatchBrush
SetDIBits
CreateCompatibleBitmap
CreateRectRgn
CreateBitmap

comdlg32

GetSaveFileNameW
GetOpenFileNameW

shell32

ShellExecuteExW
DragAcceptFiles
DragQueryFileW

Exports

Exports

NoAmdPwrXpressRequestHighPerformance
NoNvOptimEnablement
zi32Support

Sections

.text
Size: 612KB - Virtual size: 611KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 297KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Extracted

Signatures

Files

Password: key_afg

Password: key_afg

850ed9fffc9a75f2316a2b644c3389db

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3eCertificate

Extended Key Usages

Key Usages

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

61:1c:b2:8a:00:00:00:00:00:26Certificate

Key Usages

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20Certificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

e0:1c:47:2f:33:77:cb:24:86:e5:e2:61:b5:19:1e:bc:e0:8a:17:fe:33:f9:8f:2e:aa:a6:88:97:28:c9:05:c5Signer

1e:63:86:b8:16:95:ec:b3:10:3b:b5:ce:f2:fb:d8:b3:87:6d:35:e6Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

vcruntime140

vcruntime140_1

msvcp140

kernel32

rpcrt4

ntdll

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-convert-l1-1-0

api-ms-win-crt-heap-l1-1-0

api-ms-win-crt-environment-l1-1-0

api-ms-win-crt-locale-l1-1-0

api-ms-win-crt-math-l1-1-0

api-ms-win-crt-filesystem-l1-1-0

api-ms-win-crt-utility-l1-1-0

api-ms-win-crt-time-l1-1-0

ws2_32

Exports

Exports

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.zero Size: - Virtual size: 64KB

.rdata Size: 2.0MB - Virtual size: 2.0MB

.data Size: 39KB - Virtual size: 128KB

.pdata Size: 255KB - Virtual size: 255KB

.didat Size: 512B - Virtual size: 448B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 54KB - Virtual size: 53KB

Password: key_afg

850ed9fffc9a75f2316a2b644c3389db

Code Sign

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3eCertificate

Extended Key Usages

Key Usages

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36Certificate

Extended Key Usages

Key Usages

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate

Extended Key Usages

Key Usages

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

e0:1c:47:2f:33:77:cb:24:86:e5:e2:61:b5:19:1e:bc:e0:8a:17:fe:33:f9:8f:2e:aa:a6:88:97:28:c9:05:c5
Signer

1e:63:86:b8:16:95:ec:b3:10:3b:b5:ce:f2:fb:d8:b3:87:6d:35:e6
Signer

.text
Size: 4.4MB - Virtual size: 4.4MB

.zero
Size: - Virtual size: 64KB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 39KB - Virtual size: 128KB

.pdata
Size: 255KB - Virtual size: 255KB

.didat
Size: 512B - Virtual size: 448B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 54KB - Virtual size: 53KB

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

61:1c:b2:8a:00:00:00:00:00:26
Certificate

0f:52:65:06:cc:82:88:11:7d:a6:be:d3:a5:ab:ec:20
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

e0:1c:47:2f:33:77:cb:24:86:e5:e2:61:b5:19:1e:bc:e0:8a:17:fe:33:f9:8f:2e:aa:a6:88:97:28:c9:05:c5
Signer

1e:63:86:b8:16:95:ec:b3:10:3b:b5:ce:f2:fb:d8:b3:87:6d:35:e6
Signer

.text
Size: 4.4MB - Virtual size: 4.4MB

.zero
Size: - Virtual size: 64KB

.rdata
Size: 2.0MB - Virtual size: 2.0MB

.data
Size: 39KB - Virtual size: 128KB

.pdata
Size: 255KB - Virtual size: 255KB

.didat
Size: 512B - Virtual size: 448B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 54KB - Virtual size: 53KB

.text
Size: 35KB - Virtual size: 35KB

.rsrc
Size: 1024B - Virtual size: 576B

.reloc
Size: 512B - Virtual size: 12B

51:ca:00:98:16:fd:bd:80:f1:20:e0:15:ee:75:82:3e
Certificate

2f:45:11:39:51:2f:34:c8:c5:28:b9:0b:ca:47:1f:76:7b:83:c8:36
Certificate

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate