Mirillis Action! Super Lite 2024-04-06 v1[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

Mirillis Action! Super Lite 2024-04-06 v1.zip
Size

9.3MB
MD5

517a714d153a2dac9934edfc3fbea609
SHA1

99cde04afd5f7a5e674c8cfccc12ae2c611210b7
SHA256

5b138cb3f6332a460386a37a41ad22f466119b62d0e47b283437dac77d85b270
SHA512

22de5ee016b4dc443a7ee1002bd7b2474f19f0f522aa0af61b3d3d243980ec15fa0495893128d85f895734ac2d562dab4d26e27bc5c06bc68d6d642d6af23f28
SSDEEP

196608:oPaw9CGhP3ATwB+5hn4FJGaPQPe4N36tfg22p883e5NnLpTMb5:oPa4hPcwUTqPENKtfOcFpIl

Score

7^/10

vmprotect

Malware Config

Signatures

VMProtect packed file 2 IoCs

Detects executables packed with VMProtect commercial packer.

vmprotect

resource	yara_rule
static1/unpack001/Mirillis Action! Super Lite 2024-04-06 v1/Action_x64.bin	vmprotect
static1/unpack001/Mirillis Action! Super Lite 2024-04-06 v1/Action_x86.bin	vmprotect

Unsigned PE 16 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/_ActionLoader.exe
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/actiondraw.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/aenc.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/amdHDR.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/amd_ags_x86.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/audiocapture.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/crashdump.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/dbghelp.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/libhdr.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/mfxenc.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/muxer.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/rcu.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/res0409.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/res0409_ex.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/ui_res.dll
unpack001/Mirillis Action! Super Lite 2024-04-06 v1/vcap.dll

Files

Mirillis Action! Super Lite 2024-04-06 v1.zip
.zip
Mirillis Action! Super Lite 2024-04-06 v1/AG.config
Mirillis Action! Super Lite 2024-04-06 v1/AGServer.dll
.dll windows:6 windows x86 arch:x86

dcd43c0ad5a03532ac52b4f120a2d03b

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

d0:e5:1c:9c:9a:ce:b9:3a:8a:7b:4a:71:04:3c:7a:4f:f6:ec:b5:21
Signer

Actual PE Digest

d0:e5:1c:9c:9a:ce:b9:3a:8a:7b:4a:71:04:3c:7a:4f:f6:ec:b5:21

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Sources\broadcaster_workspace\broadcaster_workspace\audiograb\AG\Release\AGServer.pdb

Imports

avrt

AvSetMmThreadPriority
AvSetMmThreadCharacteristicsW

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeW
GetFileVersionInfoW
GetFileVersionInfoSizeA

kernel32

HeapSize
CreateFileW
SetStdHandle
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
CreateThread
FreeLibrary
CloseHandle
GetLastError
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
SleepEx
CreateEventA
Sleep
QueueUserAPC
GetCurrentProcess
ResumeThread
GetProcessId
GetProcAddress
LoadLibraryA
ReadFile
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetCurrentThreadId
SetThreadPriority
CreateProcessW
OpenProcess
GetWindowsDirectoryW
Wow64DisableWow64FsRedirection
Wow64RevertWow64FsRedirection
IsWow64Process
GetSystemWow64DirectoryA
GetModuleFileNameW
GetModuleHandleW
CreateMailslotW
GetMailslotInfo
lstrlenW
VirtualQuery
GetModuleHandleA
RtlCaptureContext
CreateFileA
SetUnhandledExceptionFilter
AddVectoredExceptionHandler
GetCurrentProcessId
TerminateProcess
SwitchToThread
GetCurrentThread
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
OpenFileMappingA
InterlockedExchange
HeapCreate
VirtualProtect
HeapFree
InterlockedCompareExchange
Thread32Next
Thread32First
SuspendThread
CreateToolhelp32Snapshot
HeapReAlloc
HeapAlloc
HeapDestroy
GetThreadContext
FlushInstructionCache
SetThreadContext
OpenThread
VirtualFree
VirtualAlloc
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
FormatMessageW
EncodePointer
DecodePointer
SetLastError
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
LoadLibraryExW
SetConsoleCtrlHandler
GetStdHandle
GetFileType
GetModuleHandleExW
WriteConsoleW
ExitProcess
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetConsoleMode
ReadConsoleW
SetFilePointerEx
WriteFile
GetConsoleOutputCP
GetFileSizeEx
OutputDebugStringW
FlushFileBuffers
GetTimeZoneInformation
FindClose
SetEndOfFile

user32

CallNextHookEx

ole32

CoCreateInstance
CoInitialize
CoTaskMemFree
CoInitializeEx

Exports

Exports

AG_64201
_LoaderProc@12

Sections

.text
Size: 575KB - Virtual size: 575KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msvcjmc
Size: 1024B - Virtual size: 666B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UWP2
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/Action.exe
.exe windows:5 windows x86 arch:x86

41fa32740ca163dcc6b99ae6871eb538

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

53:2f:e7:fa:85:79:f0:13:72:63:c6:aa:da:82:64:06:68:ab:c4:76
Signer

Actual PE Digest

53:2f:e7:fa:85:79:f0:13:72:63:c6:aa:da:82:64:06:68:ab:c4:76

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\splash_pro_1_0_rep\Monflo\Release\Action.pdb

Imports

kernel32

GetDiskFreeSpaceW
GetSystemTimeAsFileTime
GetTickCount64
InterlockedDecrement
ExitProcess
GetCommandLineW
GetNativeSystemInfo
SetThreadPriority
FlushFileBuffers
SetFileAttributesW
FindFirstChangeNotificationW
CompareFileTime
FindCloseChangeNotification
FindNextChangeNotification
GetFileAttributesExW
GetCurrentThread
GetTempPathW
GetWindowsDirectoryW
SleepConditionVariableCS
VirtualAlloc
InitializeConditionVariable
LeaveCriticalSection
EnterCriticalSection
WakeAllConditionVariable
VirtualProtect
WideCharToMultiByte
Sleep
CreateThread
GetModuleHandleW
GetFileSize
SetFilePointer
WaitForSingleObject
CreateEventW
ReadFile
InterlockedIncrement
RaiseException
InitializeCriticalSection
VirtualFree
WriteFile
SetFilePointerEx
CreateFileW
ReleaseSemaphore
CreateSemaphoreW
CloseHandle
FreeLibrary
CreateDirectoryW
GetPrivateProfileStringW
LoadLibraryW
GetFileAttributesW
GetModuleFileNameW
GetPrivateProfileIntW
GetProcAddress
GetSystemInfo
GetModuleHandleA
GetUserDefaultUILanguage
GetTickCount
OpenFileMappingW
GetExitCodeThread
CreateMutexW
LocalFree
DeleteFileW
OpenSemaphoreW
QueryPerformanceFrequency
GetVolumePathNameW
GetFileTime
CreateToolhelp32Snapshot
FindNextFileW
Process32NextW
QueryDosDeviceW
SetCurrentDirectoryW
GlobalMemoryStatusEx
CreateFileMappingW
IsWow64Process
LocalAlloc
ProcessIdToSessionId
Process32FirstW
LoadLibraryA
FindClose
MoveFileW
GetCurrentDirectoryW
GetLastError
WritePrivateProfileStringW
TerminateProcess
GetTimeFormatW
GetExitCodeProcess
GetVersionExW
CopyFileW
GetSystemDirectoryW
OpenProcess
QueryFullProcessImageNameW
GetProcessHeap
FindFirstFileExW
HeapFree
QueryPerformanceCounter
GetCurrentProcess
SetDllDirectoryW
CreateProcessW
VirtualQuery
UnmapViewOfFile
MapViewOfFile
FindFirstFileW
HeapSize
HeapReAlloc
HeapAlloc
HeapDestroy
DeleteCriticalSection
GetThreadPriority
ResetEvent
CreateSemaphoreA
InitializeCriticalSectionAndSpinCount
SetEvent
TryEnterCriticalSection
CreateEventA
CreateWaitableTimerW
CancelWaitableTimer
SetWaitableTimer
ReleaseMutex
LockFile
UnlockFile
ExitThread
IsBadReadPtr
DeleteTimerQueueTimer
CreateTimerQueueTimer
lstrlenA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
InterlockedExchange
SetPriorityClass
GetDateFormatW
GetCurrentThreadId
GetLocalTime
CompareStringW
GetCurrentProcessId
GetDiskFreeSpaceExW
GetFileSizeEx
MultiByteToWideChar

user32

SetFocus
WaitMessage
TranslateMessage
GetCursorInfo
InvalidateRect
BringWindowToTop
PeekMessageW
MonitorFromWindow
GetClientRect
WindowFromPoint
LoadCursorW
SetForegroundWindow
DrawTextW
PostMessageW
SetActiveWindow
SetCursor
DestroyWindow
ReleaseDC
GetDC
GetWindowRect
DefWindowProcW
GetRawInputData
GetRawInputDeviceInfoW
RegisterRawInputDevices
CreateWindowExW
SetWindowLongW
GetWindowLongW
LoadIconW
GetRawInputDeviceList
CopyImage
CopyIcon
DestroyCursor
RegisterClassExW
BeginPaint
TrackMouseEvent
KillTimer
UnregisterClassW
SetTimer
EndPaint
CopyRect
DestroyMenu
GetSystemMetrics
MessageBoxW
GetMenuItemCount
CreatePopupMenu
GetDesktopWindow
GetAsyncKeyState
TrackPopupMenuEx
ShowCursor
InsertMenuItemW
EnumDisplayMonitors
IsWindowVisible
ReleaseCapture
EnumChildWindows
RedrawWindow
GetCapture
IsWindowEnabled
MonitorFromPoint
LoadStringW
MonitorFromRect
GetWindowThreadProcessId
UpdateWindow
GetForegroundWindow
SetWindowPos
GetCursorPos
ShowWindow
GetCursor
EnableWindow
GetMonitorInfoW
DispatchMessageW
CharUpperBuffW
GetIconInfoExW
IntersectRect
TranslateAcceleratorW
GetMessageW
FindWindowW
LoadAcceleratorsW
AttachThreadInput
UpdateLayeredWindow
wsprintfW
CharLowerW
GetWindowTextLengthW
SetWindowTextW
DrawIconEx
GetIconInfo
GetParent
UnhookWinEvent
SetWinEventHook
ClientToScreen
SetWindowRgn
DestroyIcon
PostQuitMessage
TrackPopupMenu
ShowWindowAsync
RegisterWindowMessageW
IsIconic
LoadImageW
GetFocus
CharLowerBuffW
SetParent
EnumWindows
PtInRect
AppendMenuW
GetWindowTextW
RegisterDeviceNotificationW
SendMessageTimeoutW
GetActiveWindow
IsWindow
FindWindowExW
AdjustWindowRectEx
UnhookWindowsHookEx
RegisterClassW
EnumDisplayDevicesW
MessageBoxA
DeferWindowPos
BeginDeferWindowPos
SendMessageW
EndDeferWindowPos
mouse_event
GetMessagePos
MoveWindow
SetCapture
EqualRect
GetKeyState
ScreenToClient
GetClassNameW

gdi32

SetBrushOrgEx
GetStretchBltMode
SetBkColor
CombineRgn
CreateRectRgn
GetDeviceCaps
GetStockObject
CreateSolidBrush
CreatePen
CreateFontW
Rectangle
CreateCompatibleDC
SelectObject
DeleteObject
SetBkMode
CreateDIBSection
DeleteDC
SetTextColor
LineTo
BitBlt
MoveToEx
SetStretchBltMode
GetObjectW
StretchBlt
GetBitmapBits
AddFontMemResourceEx
GetPixel

advapi32

RegQueryValueExA
RegDeleteValueW
ConvertSidToStringSidW
LookupAccountSidW
CreateWellKnownSid
AdjustTokenPrivileges
CheckTokenMembership
LookupPrivilegeValueW
GetTokenInformation
OpenProcessToken
GetSecurityDescriptorDacl
FreeSid
IsValidSid
SetEntriesInAclW
AllocateAndInitializeSid
GetAce
SetSecurityDescriptorDacl
GetFileSecurityW
RegOpenKeyExW
RegCloseKey
GetSidSubAuthority
GetSidSubAuthorityCount
GetAclInformation
InitializeSecurityDescriptor
RegQueryValueExW
RegOpenKeyExA
RegSetValueExW
RegCreateKeyExW

shell32

SHGetFolderPathW
CommandLineToArgvW
SHGetFileInfoW
ord727
SHCreateItemFromParsingName
ord155
SHOpenFolderAndSelectItems
Shell_NotifyIconW
ord190
DragFinish
DragQueryFileW
DragAcceptFiles
ShellExecuteExW
ShellExecuteW

ole32

PropVariantClear
CoFreeUnusedLibraries
CoInitializeSecurity
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoInitialize
CoInitializeEx
CoCreateInstance

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

msvcr90

_CxxThrowException
memset
ldexp
strncmp
__CxxFrameHandler
wcslen
_stricmp
wcsncmp
wcscat_s
__libm_sse2_asinf
memmove
?what@exception@std@@UBEPBDXZ
??1exception@std@@UAE@XZ
??0exception@std@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABV01@@Z
_invalid_parameter_noinfo
_wcsicmp
_itoa_s
memmove_s
sscanf_s
fputs
fopen_s
strcpy_s
_snprintf_s
memcpy
__iob_func
strcpy
_strnicmp
sscanf
isspace
strlen
fgets
strcmp
calloc
_strdup
_CIsin
_CIcos
_CIpow
_CIsqrt
_CIexp
floor
_CIatan
_wassert
_controlfp_s
_invoke_watson
__CxxFrameHandler3
_except_handler4_common
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_crt_debugger_hook
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_configthreadlocale
_initterm_e
_initterm
_wcmdln
wcsncpy_s
_vsnwprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
malloc
free
_aligned_free
_aligned_malloc
sprintf_s
_wtoi
_wcsnicmp
swscanf_s
wcscpy_s
exit
wcsstr
_wfopen_s
rewind
fgetws
fread
ftell
fseek
fclose
rand
srand
fwprintf
_wfsopen
fprintf
fwrite
sprintf
_wgetenv
atoi
fgetc
wprintf
tolower
fopen
wcspbrk
_itow_s
_purecall
fputws
realloc
towupper
getenv
fwprintf_s
printf_s
qsort
swprintf_s
printf
strstr
_time64
_fseeki64
strtoul
??_V@YAXPAX@Z
_vscwprintf
??_U@YAPAXI@Z
vswprintf_s
memcpy_s
_unlock
__dllonexit
_encode_pointer
_lock
_onexit
_decode_pointer
_amsg_exit
__wgetmainargs
_cexit
_exit
_XcptFilter
_CIlog

msvcp90

??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@PBD@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@ABV01@@Z
??4?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@ABV01@@Z
??0?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??$?8DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??$?9DU?$char_traits@D@std@@V?$allocator@D@1@@std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDI@Z
??Y?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV01@PBD@Z
??0?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@PB_W@Z
??1?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAE@XZ
??4?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAAV01@ABV01@@Z
??A?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QAEAA_WI@Z
?substr@?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@QBE?AV12@II@Z

d3dx9_40

D3DXLoadSurfaceFromFileW
D3DXCreateTextureFromFileExW
D3DXSaveSurfaceToFileW
D3DXCreateSprite
D3DXCreateTextureFromFileInMemoryEx
D3DXGetImageInfoFromFileW
D3DXMatrixTransformation2D

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

winmm

timeSetEvent
mixerOpen
mixerClose
mixerGetLineInfoW
timeGetDevCaps
timeBeginPeriod
timeEndPeriod
PlaySoundW
timeKillEvent
timeGetTime

msimg32

AlphaBlend

psapi

EnumProcesses
GetModuleFileNameExW

shlwapi

PathFileExistsW
PathStripPathW
PathIsNetworkPathW

winhttp

WinHttpSendRequest
WinHttpConnect
WinHttpCloseHandle
WinHttpQueryDataAvailable
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpReadData
WinHttpSetOption
WinHttpQueryHeaders
WinHttpWriteData
WinHttpReceiveResponse
WinHttpOpen
WinHttpQueryOption

comctl32

ord413
ord412
ord380
ord410

wtsapi32

WTSRegisterSessionNotification
WTSFreeMemory
WTSEnumerateProcessesW

avrt

AvRevertMmThreadCharacteristics
AvSetMmThreadCharacteristicsW
AvSetMmThreadPriority

apu2enc

_APU2Init@0

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

ws2_32

WSAGetLastError
getaddrinfo
inet_addr
send
closesocket
bind
WSAStartup
connect
ioctlsocket
recv
shutdown
htonl
ntohl
WSACleanup
sendto
setsockopt
getsockname
ntohs
socket
htons

secur32

ApplyControlToken
DecryptMessage
FreeCredentialsHandle
DeleteSecurityContext
AcquireCredentialsHandleA
QueryContextAttributesW
EncryptMessage
FreeContextBuffer
InitializeSecurityContextA

crypt32

CertNameToStrA
CertVerifyCertificateChainPolicy
CertGetIssuerCertificateFromStore
CertGetCertificateChain
CertFreeCertificateContext
CertFreeCertificateChain

dxva2

GetNumberOfPhysicalMonitorsFromHMONITOR

ddraw

DirectDrawCreateEx

d3d9

Direct3DCreate9

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text1
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 401KB - Virtual size: 400KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.4MB - Virtual size: 16.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 512B - Virtual size: 200B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/Action_x64.bin
.exe windows:5 windows x64 arch:x64

5a1704e960dd2d486b9da13679a3b041

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

c6:a1:14:a2:14:55:ad:46:3f:56:70:28:5f:41:37:3b:4f:86:11:c8
Signer

Actual PE Digest

c6:a1:14:a2:14:55:ad:46:3f:56:70:28:5f:41:37:3b:4f:86:11:c8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

IsDebuggerPresent
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

DispatchMessageW

gdi32

GetStockObject

advapi32

AdjustTokenPrivileges

shell32

SHGetFolderPathW

msvcr90

__dllonexit

ddraw

DirectDrawCreate

d3d9

Direct3DCreate9

d3d10

D3D10CreateDevice

d3d11

D3D11CreateDeviceAndSwapChain

psapi

GetModuleBaseNameW

crypt32

CertFreeCertificateContext

winmm

timeSetEvent

wtsapi32

WTSFreeMemory

Sections

.text
Size: - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/Action_x86.bin
.exe windows:5 windows x86 arch:x86

ad70b0faf0281c1e1e911da177da9af4

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5a:06:f0:01:92:20:ab:97:31:c0:58:88:e8:ab:4e:d0:4d:b1:99:d0
Signer

Actual PE Digest

5a:06:f0:01:92:20:ab:97:31:c0:58:88:e8:ab:4e:d0:4d:b1:99:d0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExW
OpenFileMappingW
GetModuleFileNameW
GetModuleHandleA
LoadLibraryA
LocalAlloc
LocalFree
GetModuleFileNameA
ExitProcess

user32

GetMonitorInfoW

gdi32

GetStockObject

advapi32

CreateWellKnownSid

shell32

ShellExecuteW

msvcr90

_unlock

ddraw

DirectDrawCreate

d3d8

Direct3DCreate8

d3d9

Direct3DCreate9

d3d10

D3D10CreateDevice

d3d11

D3D11CreateDeviceAndSwapChain

psapi

EnumProcessModules

crypt32

CertFreeCertificateContext

winmm

timeSetEvent

wtsapi32

WTSFreeMemory

Sections

.text
Size: - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: - Virtual size: 935KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 264B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/D3DX9_40.dll
.dll windows:6 windows x86 arch:x86

e22d801543b0946d1782f9cb30c03d6c

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0f:78:4d:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/08/2007, 00:23

Not After

23/02/2009, 00:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4f:da:d8:ce:1c:dd:8e:b2:b6:04:c5:f4:de:f5:45:86:f3:a0:c1:a7
Signer

Actual PE Digest

4f:da:d8:ce:1c:dd:8e:b2:b6:04:c5:f4:de:f5:45:86:f3:a0:c1:a7

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3dx9_40.pdb

Imports

msvcrt

_isatty
_write
_lseeki64
_fileno
__pioinfo
__badioinfo
wctomb
_itoa
_snprintf
isleadbyte
?terminate@@YAXXZ
_onexit
_lock
__dllonexit
_unlock
_amsg_exit
_initterm
_XcptFilter
tolower
_CIcosh
_CIsinh
_CItan
_CItanh
_fpclass
srand
strtod
fread
fflush
fwrite
abort
_tempnam
exit
atof
atol
isxdigit
_ultoa
wcstombs
_CIexp
_isnan
rand
strncmp
isalnum
isalpha
atoi
toupper
floor
_strtime
_strdate
sscanf
isspace
isdigit
_setjmp3
longjmp
ldexp
frexp
calloc
realloc
_CIlog
setlocale
_strdup
free
_clearfp
ceil
_controlfp
malloc
_CIatan
_CIcos
_CIasin
_finite
_CIsin
_CIatan2
_CIacos
memmove
qsort
_CIfmod
_purecall
_stricmp
modf
iswspace
iswalpha
iswdigit
iswpunct
_CIsqrt
memcpy
memset
_CIpow
??2@YAPAXI@Z
??3@YAXPAX@Z
_iob
strchr
_vsnprintf
strrchr
_strnicmp
_CxxThrowException
??1type_info@@UAE@XZ
_errno
__CxxFrameHandler

gdi32

DeleteObject
GetGlyphOutlineA
GetCharacterPlacementA
GetCharacterPlacementW
GetObjectA
GetObjectW
SelectObject
DeleteDC
CreateDIBSection
SetTextColor
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
TranslateCharsetInfo
GetCurrentObject
GetOutlineTextMetricsA
GetGlyphOutlineW
GetTextMetricsA

kernel32

IsBadCodePtr
ExpandEnvironmentStringsA
SetEndOfFile
GlobalMemoryStatus
GetTempFileNameW
MoveFileW
MoveFileA
DeleteFileW
SetFilePointer
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
CompareStringA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
CreateFileW
FormatMessageA
LocalFree
GetFileSizeEx
GetFullPathNameA
GetLastError
IsBadReadPtr
WriteFile
GetTempPathA
GetTempFileNameA
CreateFileA
ReadFile
CloseHandle
DeleteFileA
InterlockedDecrement
InterlockedIncrement
IsProcessorFeaturePresent
VirtualFree
GetACP
WideCharToMultiByte
MultiByteToWideChar
OutputDebugStringA
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetVersionExA
GetVersion
GetSystemInfo
GetProcAddress
VirtualAlloc
GetProcessHeap
HeapFree
HeapAlloc
DisableThreadLibraryCalls
IsBadWritePtr
WaitForSingleObject
ReleaseMutex
CreateMutexA
Sleep
InterlockedExchange
InterlockedCompareExchange
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsSetValue
HeapDestroy
TlsGetValue
FindResourceW
GetEnvironmentVariableA
HeapCreate
lstrcmpiA
IsDBCSLeadByte

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA

Exports

Exports

D3DXAssembleShader
D3DXAssembleShaderFromFileA
D3DXAssembleShaderFromFileW
D3DXAssembleShaderFromResourceA
D3DXAssembleShaderFromResourceW
D3DXBoxBoundProbe
D3DXCheckCubeTextureRequirements
D3DXCheckTextureRequirements
D3DXCheckVersion
D3DXCheckVolumeTextureRequirements
D3DXCleanMesh
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXCompileShader
D3DXCompileShaderFromFileA
D3DXCompileShaderFromFileW
D3DXCompileShaderFromResourceA
D3DXCompileShaderFromResourceW
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXComputeIMTFromPerTexelSignal
D3DXComputeIMTFromPerVertexSignal
D3DXComputeIMTFromSignal
D3DXComputeIMTFromTexture
D3DXComputeNormalMap
D3DXComputeNormals
D3DXComputeTangent
D3DXComputeTangentFrame
D3DXComputeTangentFrameEx
D3DXConcatenateMeshes
D3DXConvertMeshSubsetToSingleStrip
D3DXConvertMeshSubsetToStrips
D3DXCreateAnimationController
D3DXCreateBox
D3DXCreateBuffer
D3DXCreateCompressedAnimationSet
D3DXCreateCubeTexture
D3DXCreateCubeTextureFromFileA
D3DXCreateCubeTextureFromFileExA
D3DXCreateCubeTextureFromFileExW
D3DXCreateCubeTextureFromFileInMemory
D3DXCreateCubeTextureFromFileInMemoryEx
D3DXCreateCubeTextureFromFileW
D3DXCreateCubeTextureFromResourceA
D3DXCreateCubeTextureFromResourceExA
D3DXCreateCubeTextureFromResourceExW
D3DXCreateCubeTextureFromResourceW
D3DXCreateCylinder
D3DXCreateEffect
D3DXCreateEffectCompiler
D3DXCreateEffectCompilerFromFileA
D3DXCreateEffectCompilerFromFileW
D3DXCreateEffectCompilerFromResourceA
D3DXCreateEffectCompilerFromResourceW
D3DXCreateEffectEx
D3DXCreateEffectFromFileA
D3DXCreateEffectFromFileExA
D3DXCreateEffectFromFileExW
D3DXCreateEffectFromFileW
D3DXCreateEffectFromResourceA
D3DXCreateEffectFromResourceExA
D3DXCreateEffectFromResourceExW
D3DXCreateEffectFromResourceW
D3DXCreateEffectPool
D3DXCreateFontA
D3DXCreateFontIndirectA
D3DXCreateFontIndirectW
D3DXCreateFontW
D3DXCreateFragmentLinker
D3DXCreateFragmentLinkerEx
D3DXCreateKeyframedAnimationSet
D3DXCreateLine
D3DXCreateMatrixStack
D3DXCreateMesh
D3DXCreateMeshFVF
D3DXCreateNPatchMesh
D3DXCreatePMeshFromStream
D3DXCreatePRTBuffer
D3DXCreatePRTBufferTex
D3DXCreatePRTCompBuffer
D3DXCreatePRTEngine
D3DXCreatePatchMesh
D3DXCreatePolygon
D3DXCreateRenderToEnvMap
D3DXCreateRenderToSurface
D3DXCreateSPMesh
D3DXCreateSkinInfo
D3DXCreateSkinInfoFVF
D3DXCreateSkinInfoFromBlendedMesh
D3DXCreateSphere
D3DXCreateSprite
D3DXCreateTeapot
D3DXCreateTextA
D3DXCreateTextW
D3DXCreateTexture
D3DXCreateTextureFromFileA
D3DXCreateTextureFromFileExA
D3DXCreateTextureFromFileExW
D3DXCreateTextureFromFileInMemory
D3DXCreateTextureFromFileInMemoryEx
D3DXCreateTextureFromFileW
D3DXCreateTextureFromResourceA
D3DXCreateTextureFromResourceExA
D3DXCreateTextureFromResourceExW
D3DXCreateTextureFromResourceW
D3DXCreateTextureGutterHelper
D3DXCreateTextureShader
D3DXCreateTorus
D3DXCreateVolumeTexture
D3DXCreateVolumeTextureFromFileA
D3DXCreateVolumeTextureFromFileExA
D3DXCreateVolumeTextureFromFileExW
D3DXCreateVolumeTextureFromFileInMemory
D3DXCreateVolumeTextureFromFileInMemoryEx
D3DXCreateVolumeTextureFromFileW
D3DXCreateVolumeTextureFromResourceA
D3DXCreateVolumeTextureFromResourceExA
D3DXCreateVolumeTextureFromResourceExW
D3DXCreateVolumeTextureFromResourceW
D3DXDebugMute
D3DXDeclaratorFromFVF
D3DXDisassembleEffect
D3DXDisassembleShader
D3DXFVFFromDeclarator
D3DXFileCreate
D3DXFillCubeTexture
D3DXFillCubeTextureTX
D3DXFillTexture
D3DXFillTextureTX
D3DXFillVolumeTexture
D3DXFillVolumeTextureTX
D3DXFilterTexture
D3DXFindShaderComment
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFrameAppendChild
D3DXFrameCalculateBoundingSphere
D3DXFrameDestroy
D3DXFrameFind
D3DXFrameNumNamedMatrices
D3DXFrameRegisterNamedMatrices
D3DXFresnelTerm
D3DXGatherFragments
D3DXGatherFragmentsFromFileA
D3DXGatherFragmentsFromFileW
D3DXGatherFragmentsFromResourceA
D3DXGatherFragmentsFromResourceW
D3DXGenerateOutputDecl
D3DXGeneratePMesh
D3DXGetDeclLength
D3DXGetDeclVertexSize
D3DXGetDriverLevel
D3DXGetFVFVertexSize
D3DXGetImageInfoFromFileA
D3DXGetImageInfoFromFileInMemory
D3DXGetImageInfoFromFileW
D3DXGetImageInfoFromResourceA
D3DXGetImageInfoFromResourceW
D3DXGetPixelShaderProfile
D3DXGetShaderConstantTable
D3DXGetShaderConstantTableEx
D3DXGetShaderInputSemantics
D3DXGetShaderOutputSemantics
D3DXGetShaderSamplers
D3DXGetShaderSize
D3DXGetShaderVersion
D3DXGetVertexShaderProfile
D3DXIntersect
D3DXIntersectSubset
D3DXIntersectTri
D3DXLoadMeshFromXA
D3DXLoadMeshFromXInMemory
D3DXLoadMeshFromXResource
D3DXLoadMeshFromXW
D3DXLoadMeshFromXof
D3DXLoadMeshHierarchyFromXA
D3DXLoadMeshHierarchyFromXInMemory
D3DXLoadMeshHierarchyFromXW
D3DXLoadPRTBufferFromFileA
D3DXLoadPRTBufferFromFileW
D3DXLoadPRTCompBufferFromFileA
D3DXLoadPRTCompBufferFromFileW
D3DXLoadPatchMeshFromXof
D3DXLoadSkinMeshFromXof
D3DXLoadSurfaceFromFileA
D3DXLoadSurfaceFromFileInMemory
D3DXLoadSurfaceFromFileW
D3DXLoadSurfaceFromMemory
D3DXLoadSurfaceFromResourceA
D3DXLoadSurfaceFromResourceW
D3DXLoadSurfaceFromSurface
D3DXLoadVolumeFromFileA
D3DXLoadVolumeFromFileInMemory
D3DXLoadVolumeFromFileW
D3DXLoadVolumeFromMemory
D3DXLoadVolumeFromResourceA
D3DXLoadVolumeFromResourceW
D3DXLoadVolumeFromVolume
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXOptimizeFaces
D3DXOptimizeVertices
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXPreprocessShader
D3DXPreprocessShaderFromFileA
D3DXPreprocessShaderFromFileW
D3DXPreprocessShaderFromResourceA
D3DXPreprocessShaderFromResourceW
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXRectPatchSize
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHMultiply2
D3DXSHMultiply3
D3DXSHMultiply4
D3DXSHMultiply5
D3DXSHMultiply6
D3DXSHPRTCompSplitMeshSC
D3DXSHPRTCompSuperCluster
D3DXSHProjectCubeMap
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSaveMeshHierarchyToFileA
D3DXSaveMeshHierarchyToFileW
D3DXSaveMeshToXA
D3DXSaveMeshToXW
D3DXSavePRTBufferToFileA
D3DXSavePRTBufferToFileW
D3DXSavePRTCompBufferToFileA
D3DXSavePRTCompBufferToFileW
D3DXSaveSurfaceToFileA
D3DXSaveSurfaceToFileInMemory
D3DXSaveSurfaceToFileW
D3DXSaveTextureToFileA
D3DXSaveTextureToFileInMemory
D3DXSaveTextureToFileW
D3DXSaveVolumeToFileA
D3DXSaveVolumeToFileInMemory
D3DXSaveVolumeToFileW
D3DXSimplifyMesh
D3DXSphereBoundProbe
D3DXSplitMesh
D3DXTessellateNPatches
D3DXTessellateRectPatch
D3DXTessellateTriPatch
D3DXTriPatchSize
D3DXUVAtlasCreate
D3DXUVAtlasPack
D3DXUVAtlasPartition
D3DXValidMesh
D3DXValidPatchMesh
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray
D3DXWeldVertices

Sections

.text
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/ImageProcessing.dll
.dll windows:6 windows x86 arch:x86

4036c8366936a4ce112e5e3d49c0a079

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

50:46:f9:bb:c6:ae:ba:27:4d:31:44:50:b7:fa:8f:c0
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Mirillis,O=Mirillis,L=Zielona Gora,ST=woj. Lubuskie,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

b5:02:46:0e:f1:40:5f:e3:ec:6f:7e:f0:3a:ba:d5:66:25:c7:2d:a0
Signer

Actual PE Digest

b5:02:46:0e:f1:40:5f:e3:ec:6f:7e:f0:3a:ba:d5:66:25:c7:2d:a0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Sources\broadcaster_workspace\broadcaster_workspace\imageprocessing\IP\Release\ImageProcessing.pdb

Imports

kernel32

GetCurrentProcess
TerminateProcess
GetCurrentThreadId
CloseHandle
GetProcAddress
GetCurrentProcessId
FreeLibrary
SetUnhandledExceptionFilter
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
EncodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
InterlockedFlushSList
SetLastError
RtlUnwind
GetStdHandle
GetFileType
GetModuleFileNameA
GetModuleHandleExW
WriteConsoleW
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
HeapFree
HeapAlloc
LCMapStringW
GetACP
WriteFile
GetConsoleCP
GetConsoleMode
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
CreateFileW
FlushFileBuffers
SetStdHandle
SetFilePointerEx
HeapSize
HeapReAlloc
SetEndOfFile
ReadFile
ReadConsoleW
DecodePointer

Exports

Exports

IP_64201

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/_ActionLoader.exe
.exe windows:4 windows x86 arch:x86

f4639a0b3116c2cfc71144b88a929cfd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW

shell32

SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW

ole32

CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree

comctl32

ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create

user32

MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics

gdi32

GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor

kernel32

lstrcmpiA
CreateFileW
GetTempFileNameW
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
WriteFile
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
SetEnvironmentVariableW

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/_TutorialAndUsage.txt
Mirillis Action! Super Lite 2024-04-06 v1/action_x64.dll
.dll windows:6 windows x64 arch:x64

021c75dce7ec9f849e27a1d9d86d3364

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1b:72:4b:83:9d:eb:80:0a:96:27:00:5b:e5:14:e4:6f:54:cc:ea:cd
Signer

Actual PE Digest

1b:72:4b:83:9d:eb:80:0a:96:27:00:5b:e5:14:e4:6f:54:cc:ea:cd

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Work\Action5\action_core\x64\Release\action_x64.pdb

Imports

kernel32

ProcessIdToSessionId
GetTickCount
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LocalAlloc
LocalFree
CreateSemaphoreW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
RtlUnwind
SwitchToThread
DecodePointer
GetFileAttributesW
GetTempPathW
SetErrorMode
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetTickCount64
GetSystemDirectoryW
VirtualProtect
VirtualQuery
FreeLibrary
LoadLibraryW
CreateThread
GetCurrentProcessId
GetCurrentProcess
Sleep
WaitForSingleObject
LoadLibraryExA
SetEndOfFile
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
ReleaseSemaphore
FindNextFileA
FindFirstFileExA
FindClose
SetFilePointerEx
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CompareStringW
MultiByteToWideChar
GetLastError
DuplicateHandle
CloseHandle
OpenSemaphoreW
QueueUserAPC
CreateRemoteThread
GetCurrentThread
SetThreadPriority
ResumeThread
GetStringTypeW
CreateEventExW
GetModuleHandleExW
GetLocalTime
GetDateFormatW
GetTimeFormatW
HeapSize
GetACP
CreateFileW
WriteFile
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
SleepEx
CreateEventA
GetProcessId
LoadLibraryA
WriteConsoleW
GetFileType
GetStdHandle
WideCharToMultiByte
GetModuleFileNameA
ExitProcess
IsValidCodePage
OutputDebugStringW
CreateFileMappingA
OpenFileMappingA
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
OpenThread
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
Thread32First
Thread32Next
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetSystemInfo
VirtualAlloc
VirtualFree
EncodePointer
SetLastError
RaiseException
RtlPcToFileHeader
InterlockedFlushSList
RtlUnwindEx

user32

CharLowerBuffW
FindWindowExW
DefWindowProcW
RegisterClassW
UnregisterClassW
CreateWindowExW
IsChild
DestroyWindow
IsWindowVisible
IsIconic
GetSystemMetrics
GetForegroundWindow
WindowFromDC
GetDC
GetWindowDC
ReleaseDC
InvalidateRect
GetClientRect
GetWindowRect
EqualRect
GetWindowLongW
GetDesktopWindow
GetParent
EnumChildWindows
GetClassNameW
GetWindowThreadProcessId
IntersectRect
SetRect
MonitorFromPoint
ClientToScreen
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
LoadIconW
LoadCursorW
CallNextHookEx

gdi32

GetPixel
SetPixelV
GetStockObject
GetPixelFormat
GetDeviceCaps

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

dxgi

CreateDXGIFactory1

d3d11

D3D11CreateDevice

winhttp

WinHttpReadData
WinHttpQueryOption
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpSendRequest
WinHttpConnect
WinHttpSetStatusCallback
WinHttpOpen
WinHttpCloseHandle
WinHttpReceiveResponse

Exports

Exports

Deinit
LoaderProc

Sections

.text
Size: 610KB - Virtual size: 610KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.4MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.UWP
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UWP3
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msvcjmc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UWP2
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/action_x86.dll
.dll windows:6 windows x86 arch:x86

be4e71fefd7a9c385e8fbb21d153366f

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1b:0e:f4:43:1e:6a:24:29:74:60:29:d5:fa:3a:76:0e:c3:d0:f6:29
Signer

Actual PE Digest

1b:0e:f4:43:1e:6a:24:29:74:60:29:d5:fa:3a:76:0e:c3:d0:f6:29

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Work\Action5\action_core\Release\action_x86.pdb

Imports

kernel32

ProcessIdToSessionId
GetTickCount
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LocalAlloc
LocalFree
CreateSemaphoreW
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
SwitchToThread
LoadLibraryExA
GetSystemInfo
GetFileAttributesW
GetTempPathW
SetErrorMode
QueryPerformanceCounter
QueryPerformanceFrequency
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetTickCount64
GetSystemDirectoryW
VirtualProtect
VirtualQuery
FreeLibrary
LoadLibraryW
CreateThread
GetCurrentProcessId
GetCurrentProcess
Sleep
WaitForSingleObject
DecodePointer
SetEndOfFile
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
ReleaseSemaphore
IsValidCodePage
FindNextFileA
FindFirstFileExA
FindClose
SetFilePointerEx
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetConsoleMode
GetConsoleCP
FlushFileBuffers
CompareStringW
MultiByteToWideChar
GetLastError
DuplicateHandle
CloseHandle
OpenSemaphoreW
QueueUserAPC
CreateRemoteThread
GetCurrentThread
SetThreadPriority
ResumeThread
GetStringTypeW
CreateEventExW
GetModuleHandleExW
GetLocalTime
GetDateFormatW
GetTimeFormatW
HeapSize
GetACP
CreateFileW
WriteFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeCriticalSectionAndSpinCount
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
SleepEx
CreateEventA
GetProcessId
LoadLibraryA
WriteConsoleW
GetFileType
GetStdHandle
WideCharToMultiByte
GetModuleFileNameA
ExitProcess
GetOEMCP
OutputDebugStringW
CreateFileMappingA
OpenFileMappingA
HeapCreate
HeapDestroy
HeapAlloc
HeapReAlloc
HeapFree
OpenThread
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
Thread32First
Thread32Next
ReadFile
LoadLibraryExW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
VirtualAlloc
VirtualFree
EncodePointer
SetLastError
RaiseException
InterlockedFlushSList
RtlUnwind

user32

CharLowerBuffW
FindWindowExW
DefWindowProcW
RegisterClassW
UnregisterClassW
CreateWindowExW
IsChild
DestroyWindow
IsWindowVisible
IsIconic
GetSystemMetrics
GetForegroundWindow
WindowFromDC
GetDC
GetWindowDC
ReleaseDC
InvalidateRect
GetClientRect
GetWindowRect
EqualRect
GetWindowLongW
GetDesktopWindow
GetParent
EnumChildWindows
GetClassNameW
GetWindowThreadProcessId
IntersectRect
SetRect
MonitorFromPoint
ClientToScreen
EnumDisplayMonitors
GetMonitorInfoW
MonitorFromWindow
LoadIconW
LoadCursorW
CallNextHookEx

gdi32

GetPixel
SetPixelV
GetStockObject
GetPixelFormat
GetDeviceCaps

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

version

VerQueryValueA
GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

CoInitialize
CoTaskMemFree
CoCreateInstance

dxgi

CreateDXGIFactory1

d3d11

D3D11CreateDevice

winhttp

WinHttpConnect
WinHttpQueryDataAvailable
WinHttpReadData
WinHttpQueryOption
WinHttpSetOption
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpSetStatusCallback
WinHttpOpen
WinHttpSendRequest
WinHttpReceiveResponse

Exports

Exports

_Deinit@4
_LoaderProc@12

Sections

.text
Size: 475KB - Virtual size: 474KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4.4MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UWP
Size: 512B - Virtual size: 60B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UWP3
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.msvcjmc
Size: 512B - Virtual size: 503B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UWP2
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/actiondraw.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/aenc.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/amdHDR.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/amd_ags_x86.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/apu2enc.dll
.dll windows:5 windows x86 arch:x86

798ee97932a07b2710dc7bc51fff68df

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

fc:a9:eb:09:af:90:59:37:63:62:80:a2:39:e3:05:10:27:58:2d:26
Signer

Actual PE Digest

fc:a9:eb:09:af:90:59:37:63:62:80:a2:39:e3:05:10:27:58:2d:26

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\splash_pro_1_0_rep\Action!\apu2enc\Release\apu2enc.pdb

Imports

kernel32

GetModuleFileNameW
GetLastError
GetModuleHandleW
InitializeCriticalSection
LoadLibraryW
LeaveCriticalSection
SetLastError
GetProcAddress
EnterCriticalSection
VirtualProtect
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
GetSystemTimeAsFileTime
InterlockedExchange

user32

CharLowerBuffW

msvcr90

_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_initterm_e
_decode_pointer
_encoded_null
free
_malloc_crt
_encode_pointer
wcscpy_s
wcsstr
??2@YAPAXI@Z
??3@YAXPAX@Z
_initterm

Exports

Exports

_APU2Init@0

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/audiocapture.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/audiodec.dll
.dll windows:5 windows x86 arch:x86

53f5bc00b9e77111d64083c333007bb5

Code Sign

4e:96:c1:ba:06:25:8a:0c:2a:ba:27:62:5e:90:64:d3
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29/10/2015, 11:55

Not After

19/01/2027, 11:55

Subject

CN=Certum Extended Validation Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

1a:d3:e0:4d:47:f8:9d:b0:92:a2:5d:ff:4a:4c:cb:6b
Certificate

Issuer

CN=Certum Extended Validation Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

01/07/2019, 09:32

Not After

30/06/2022, 09:32

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

53:e9:b3:c1:db:b5:e8:0d:18:52:63:40:49:dd:32:aa:fd:f6:fc:10
Signer

Actual PE Digest

53:e9:b3:c1:db:b5:e8:0d:18:52:63:40:49:dd:32:aa:fd:f6:fc:10

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dsound

ord1

winmm

mixerGetControlDetailsW
mixerSetControlDetails
mixerGetLineControlsW
timeKillEvent
timeBeginPeriod
timeSetEvent
mixerGetLineInfoW
mixerClose
mixerOpen
timeEndPeriod

kernel32

TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
LocalAlloc
LocalFree
ReleaseSemaphore
CreateSemaphoreW
QueryPerformanceFrequency
QueryPerformanceCounter
Sleep
CreateThread
SetThreadPriority
GetTickCount
SetFilePointer
ReadFile
GetModuleFileNameW
GetModuleHandleW
GetConsoleWindow
GetFileSize
LoadLibraryW
GetProcAddress
FreeLibrary
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
SetEvent
InterlockedIncrement
InterlockedDecrement
lstrcmpW
CreateEventW
ResetEvent
WaitForMultipleObjects
GetCurrentProcess
GetCurrentThreadId
InterlockedExchange
GetThreadPriority
GetCurrentThread
GetLastError
GetVersionExW
InterlockedCompareExchange

user32

GetForegroundWindow
PostThreadMessageW
RegisterWindowMessageW
GetQueueStatus
PeekMessageW
MsgWaitForMultipleObjects
DispatchMessageW

ole32

CoInitialize
CoUninitialize
CoCreateInstance
CoTaskMemFree
PropVariantClear
CoTaskMemAlloc
CoFreeUnusedLibraries

oleaut32

VariantInit

msvcr90

_CIcos
_CIsin
_CIsqrt
_CIlog
floor
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?terminate@@YAXXZ
_except_handler4_common
_onexit
_lock
__dllonexit
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_CIpow
_adjust_fdiv
_amsg_exit
_initterm_e
malloc
free
fclose
strncmp
_aligned_malloc
_aligned_free
frexp
ldexp
??3@YAXPAX@Z
??2@YAPAXI@Z
printf
fprintf
qsort
wcscpy_s
__iob_func
_fseeki64
fread
ftell
__CxxFrameHandler3
memcpy
_purecall
memset
_wtoi
_vsnwprintf
_encode_pointer
_malloc_crt
_encoded_null
_decode_pointer
_initterm

wintrust

WinVerifyTrust

Exports

Exports

audio_exp_smb_1
audio_exp_smb_10
audio_exp_smb_11
audio_exp_smb_12
audio_exp_smb_13
audio_exp_smb_14
audio_exp_smb_15
audio_exp_smb_16
audio_exp_smb_17
audio_exp_smb_18
audio_exp_smb_19
audio_exp_smb_2
audio_exp_smb_20
audio_exp_smb_21
audio_exp_smb_22
audio_exp_smb_23
audio_exp_smb_24
audio_exp_smb_25
audio_exp_smb_26
audio_exp_smb_27
audio_exp_smb_28
audio_exp_smb_29
audio_exp_smb_3
audio_exp_smb_30
audio_exp_smb_31
audio_exp_smb_4
audio_exp_smb_5
audio_exp_smb_6
audio_exp_smb_7
audio_exp_smb_8
audio_exp_smb_9

Sections

.text
Size: 226KB - Virtual size: 225KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 71KB - Virtual size: 442KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/avcdec.dll
.dll windows:5 windows x86 arch:x86

90841400e37f58599ca55b0bcc19f21e

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

bc:2c:9f:12:b0:f0:4d:e5:15:5d:1a:42:2b:04:8e:ee:d4:49:c0:f5
Signer

Actual PE Digest

bc:2c:9f:12:b0:f0:4d:e5:15:5d:1a:42:2b:04:8e:ee:d4:49:c0:f5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\splash_pro_1_0_rep\video\avcdec\avcdec_dll\avcdec_dll\Release\avcdec_dll.pdb

Imports

kernel32

CloseHandle
WaitForSingleObject
ReleaseSemaphore
CreateThread
GetTickCount
Sleep
ExitThread
CreateSemaphoreW
SetThreadPriority
FreeLibrary
LoadLibraryW
GetProcAddress
GetCurrentProcessId
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetModuleHandleW
InterlockedExchange
GetCurrentThreadId
GetCurrentProcess
ResetEvent
SetEvent
CreateEventW
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetSystemTimeAsFileTime
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement

user32

MonitorFromWindow
EnumDisplayDevicesW
GetDesktopWindow
IsWindow

ole32

CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree
CoCreateInstance
CoFreeUnusedLibraries

msvcr90

_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QAEXXZ
_amsg_exit
_initterm_e
_initterm
_encoded_null
_malloc_crt
_encode_pointer
_vsnwprintf
_wtoi
__iob_func
memset
_purecall
memcpy
__CxxFrameHandler3
??2@YAPAXI@Z
??3@YAXPAX@Z
qsort
_aligned_malloc
malloc
printf
_aligned_free
free
_decode_pointer

Exports

Exports

avcdec_exp_smb_1
avcdec_exp_smb_10
avcdec_exp_smb_11
avcdec_exp_smb_12
avcdec_exp_smb_13
avcdec_exp_smb_14
avcdec_exp_smb_15
avcdec_exp_smb_16
avcdec_exp_smb_17
avcdec_exp_smb_18
avcdec_exp_smb_19
avcdec_exp_smb_2
avcdec_exp_smb_20
avcdec_exp_smb_3
avcdec_exp_smb_5
avcdec_exp_smb_6
avcdec_exp_smb_7
avcdec_exp_smb_9

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/crashdump.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/dbghelp.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/dxgrab.dll
.dll windows:6 windows x86 arch:x86

827c6080b36db4f437638575c5d655bd

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

9d:bc:63:e3:f6:aa:36:c7:ec:86:2d:5a:1b:d7:cf:48:1f:4e:fb:12
Signer

Actual PE Digest

9d:bc:63:e3:f6:aa:36:c7:ec:86:2d:5a:1b:d7:cf:48:1f:4e:fb:12

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\mirillis_sdk_sandbox\workspace\dxgrab_1.1.0.0\release\bin\x86_32\dxgrab.pdb

Imports

d3d11

D3D11CreateDevice

dxgi

CreateDXGIFactory1

d3dcompiler_47

D3DCompile

kernel32

CreateFileW
WriteConsoleW
DecodePointer
HeapAlloc
GetProcAddress
GetModuleHandleW
CloseHandle
ResetEvent
CreateMutexW
WaitForSingleObject
ReleaseMutex
CreateEventW
SetEvent
LoadLibraryW
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwind
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
QueryPerformanceFrequency
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
TrySubmitThreadpoolCallback
HeapFree
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStdHandle
GetFileType
GetStringTypeW
HeapSize
HeapReAlloc
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx

oleaut32

SysFreeString
SysAllocString
SysStringLen
SetErrorInfo
GetErrorInfo

ole32

CoGetApartmentType
CoGetObjectContext
CoCreateFreeThreadedMarshaler

Exports

Exports

MRLSDXGRAB_PROC0

Sections

.text
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/exclude.txt
Mirillis Action! Super Lite 2024-04-06 v1/fman.dll
.dll windows:5 windows x86 arch:x86

cc59d3c7ff2893436259a71db5909870

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

71:a0:b7:36:95:dd:b1:af:c2:3b:2b:9a:18:ee:54:cb
Certificate

Issuer

CN=thawte Primary Root CA,OU=Certification Services Division+OU=(c) 2006 thawte\, Inc. - For authorized use only,O=thawte\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

50:46:f9:bb:c6:ae:ba:27:4d:31:44:50:b7:fa:8f:c0
Certificate

Issuer

CN=thawte SHA256 Code Signing CA,O=thawte\, Inc.,C=US

Not Before

22/06/2017, 00:00

Not After

22/06/2019, 23:59

Subject

CN=Mirillis,O=Mirillis,L=Zielona Gora,ST=woj. Lubuskie,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

a1:c2:a9:e2:ab:74:0c:82:5b:44:f1:d3:da:f2:4a:29:a8:72:c4:8e
Signer

Actual PE Digest

a1:c2:a9:e2:ab:74:0c:82:5b:44:f1:d3:da:f2:4a:29:a8:72:c4:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindFirstFileW
GetLogicalDriveStringsW
GetFileAttributesW
GetLongPathNameW
GetShortPathNameW
WideCharToMultiByte
FindNextFileW
GetConsoleOutputCP
WriteConsoleA
CreateFileA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
FindClose
FindFirstChangeNotificationW
WaitForMultipleObjects
FindNextChangeNotification
ReleaseMutex
CreateMutexW
GetExitCodeThread
GetLastError
WaitForSingleObject
CreateThread
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
RaiseException
WriteConsoleW
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlUnwind
HeapFree
GetCurrentThreadId
GetCommandLineA
HeapAlloc
WriteFile
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
EnterCriticalSection
LeaveCriticalSection
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
HeapCreate
HeapDestroy
VirtualFree
VirtualAlloc
HeapReAlloc
GetModuleHandleA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LoadLibraryA
GetLocaleInfoA
InterlockedExchange
InitializeCriticalSectionAndSpinCount
GetStringTypeA
GetStringTypeW
InitializeCriticalSection

user32

BeginDeferWindowPos
EndDeferWindowPos
GetClientRect
CreateWindowExW
AdjustWindowRect
ShowWindow
SetWindowLongW
DestroyWindow
PostMessageW
DeferWindowPos
SetWindowPos
GetDC
ReleaseDC
UnregisterClassW
LoadCursorW
RegisterClassExW
GetWindowLongW
DefWindowProcW
TrackMouseEvent

gdi32

CreateFontW
CreateCompatibleDC
SelectObject
GetTextExtentPoint32W
CreateDIBSection
SetBkColor
SetBkMode
SetTextColor
TextOutW
GetDIBits
DeleteDC
DeleteObject
StretchDIBits

Exports

Exports

FM_smb1
FM_smb2
FM_smb3
FM_smb4
FM_smb5
FM_smb6
FM_smb7
FM_smb8
FM_smb9

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/lang/English.xml
Mirillis Action! Super Lite 2024-04-06 v1/lang_ex/English.xml
Mirillis Action! Super Lite 2024-04-06 v1/libhdr.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/mfxenc.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/mfxenc_1_31.dll
.dll windows:6 windows x86 arch:x86

fea83998371efdcb08b6402ba08f52c4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4e:96:c1:ba:06:25:8a:0c:2a:ba:27:62:5e:90:64:d3
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

29/10/2015, 11:55

Not After

19/01/2027, 11:55

Subject

CN=Certum Extended Validation Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1a:d3:e0:4d:47:f8:9d:b0:92:a2:5d:ff:4a:4c:cb:6b
Certificate

Issuer

CN=Certum Extended Validation Code Signing CA SHA2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

01/07/2019, 09:32

Not After

30/06/2022, 09:32

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftKernelCodeSigning

Key Usages

KeyUsageDigitalSignature

d8:cd:2e:fa:74:76:a8:e0:17:72:64:a9:ca:fc:0e:74:c5:d7:f8:e8
Signer

Actual PE Digest

d8:cd:2e:fa:74:76:a8:e0:17:72:64:a9:ca:fc:0e:74:c5:d7:f8:e8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
GetModuleFileNameW
FreeLibrary
GetModuleHandleExW
LoadLibraryExW
SwitchToThread
SetErrorMode
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetFileAttributesW
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
FindNextFileW
FindFirstFileW
FindClose
MultiByteToWideChar
GetProcAddress
GetCurrentProcess
GetModuleHandleW
RaiseException
RtlUnwind
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
ExitProcess
HeapFree
HeapAlloc
GetStdHandle
GetFileType
CloseHandle
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
SetStdHandle
CreateFileW
GetStringTypeW
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
HeapSize
HeapReAlloc
SetFilePointerEx
ReadFile
ReadConsoleW
SetEndOfFile
WriteConsoleW
DecodePointer

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegCloseKey
RegQueryValueExW

Exports

Exports

MRLSMFXENC_PROC0
MRLSMFXENC_PROC1
MRLSMFXENC_PROC10
MRLSMFXENC_PROC11
MRLSMFXENC_PROC12
MRLSMFXENC_PROC13
MRLSMFXENC_PROC14
MRLSMFXENC_PROC2
MRLSMFXENC_PROC3
MRLSMFXENC_PROC4
MRLSMFXENC_PROC5
MRLSMFXENC_PROC6
MRLSMFXENC_PROC7
MRLSMFXENC_PROC8
MRLSMFXENC_PROC9

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/muxer.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/rcu.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/res0409.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/res0409_ex.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/tldr.dll
.dll windows:6 windows x86 arch:x86

531adab61c35a97496b18e5594706953

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

18:a5:0b:68:c8:ce:55:19:dd:04:9e:bb:80:89:29:b5:a4:9d:92:74
Signer

Actual PE Digest

18:a5:0b:68:c8:ce:55:19:dd:04:9e:bb:80:89:29:b5:a4:9d:92:74

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\Sources\broadcaster_workspace\broadcaster_workspace\tubloader\tubloader-git\build_win32\tldr.pdb

Imports

httpapi

HttpRemoveUrl
HttpAddUrl
HttpCreateHttpHandle
HttpTerminate
HttpSendHttpResponse
HttpReceiveHttpRequest
HttpInitialize

kernel32

WaitForSingleObject
Sleep
CreateThread
GetVersionExW
FreeLibrary
GetModuleHandleW
GetProcAddress
HeapFree
SetDllDirectoryW
MultiByteToWideChar
WideCharToMultiByte
ReleaseMutex
CreateMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
TerminateProcess
CreateProcessW
GetTickCount
GetModuleFileNameW
GetFileSizeEx
HeapAlloc
GetLastError
CloseHandle
GetCurrentDirectoryW
GetProcessHeap
LoadLibraryA
GetFileAttributesW
CreateDirectoryW
IsWow64Process
GetExitCodeThread
InterlockedFlushSList
RtlUnwind
OutputDebugStringW
WriteConsoleW
SetEndOfFile
HeapSize
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
CreateEventW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
GetStringTypeW
InitializeCriticalSectionEx
LocalFree
EncodePointer
DecodePointer
LCMapStringEx
GetCPInfo
SetLastError
ReadFile
ExitProcess
GetModuleHandleExW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetExitCodeProcess
GetFileAttributesExW
RaiseException
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
HeapReAlloc
GetTimeZoneInformation
FlushFileBuffers
WriteFile
GetConsoleOutputCP
SetStdHandle
CreateFileW

user32

SetWindowLongW
GetWindowLongW
ShowWindow
DestroyWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
DefWindowProcW
PostMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
PostThreadMessageW
UnregisterClassW

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegGetValueW
RegSetKeyValueW

winhttp

WinHttpConnect
WinHttpReadData
WinHttpWriteData
WinHttpQueryDataAvailable
WinHttpQueryOption
WinHttpSetOption
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpSendRequest
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpOpen

ole32

CoTaskMemFree

shell32

SHGetKnownFolderPath

Exports

Exports

TLDR_smb_1
TLDR_smb_10
TLDR_smb_11
TLDR_smb_12
TLDR_smb_13
TLDR_smb_14
TLDR_smb_15
TLDR_smb_16
TLDR_smb_2
TLDR_smb_3
TLDR_smb_4
TLDR_smb_5
TLDR_smb_6
TLDR_smb_7
TLDR_smb_8
TLDR_smb_9

Sections

.text
Size: 477KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/ui_res.dll
.dll windows:5 windows x86 arch:x86

d056332cf3b8d6b9c5dfda1fdbccf8ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcr90

_lock
__dllonexit
_except_handler4_common
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_onexit
_encode_pointer

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/vcap.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Mirillis Action! Super Lite 2024-04-06 v1/welcome_screen.dll
.dll windows:5 windows x86 arch:x86

d056332cf3b8d6b9c5dfda1fdbccf8ca

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

Issuer

CN=Certum Extended Validation Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

30/06/2022, 06:46

Not After

29/06/2025, 06:46

Subject

SERIALNUMBER=0000356397,CN=Mirillis Sp. z o.o.,O=Mirillis Sp. z o.o.,POSTALCODE=65-410,STREET=Fabryczna 14B/1,L=Zielona Góra,ST=lubuskie,C=PL,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c0d5a69656c6f6e612047c3b37261,1.3.6.1.4.1.311.60.2.1.2=#13086c756275736b6965,1.3.6.1.4.1.311.60.2.1.3=#1302504c

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

20:c3:4e:66:c6:a8:85:6b:c3:be:e1:c0:f3:cb:af:a4:46:79:f9:47
Signer

Actual PE Digest

20:c3:4e:66:c6:a8:85:6b:c3:be:e1:c0:f3:cb:af:a4:46:79:f9:47

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

f:\splash_pro_1_0_rep\Monflo\welcome_gfx\welcome_screen\Release\welcome_screen.pdb

Imports

msvcr90

_lock
__dllonexit
_except_handler4_common
_unlock
__clean_type_info_names_internal
_crt_debugger_hook
__CppXcptFilter
_adjust_fdiv
_amsg_exit
_initterm_e
_initterm
_decode_pointer
_encoded_null
free
_malloc_crt
_onexit
_encode_pointer

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
Sleep
InterlockedExchange
GetSystemTimeAsFileTime

Exports

Exports

_WelcomeScreenGetGfx@8

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.1MB - Virtual size: 4.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 868B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dcd43c0ad5a03532ac52b4f120a2d03b

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89Certificate

Extended Key Usages

Key Usages

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7cCertificate

Extended Key Usages

Key Usages

d0:e5:1c:9c:9a:ce:b9:3a:8a:7b:4a:71:04:3c:7a:4f:f6:ec:b5:21Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

avrt

version

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 575KB - Virtual size: 575KB

.rdata Size: 99KB - Virtual size: 98KB

.data Size: 7KB - Virtual size: 13KB

.msvcjmc Size: 1024B - Virtual size: 666B

.UWP2 Size: 512B - Virtual size: 8B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 24KB - Virtual size: 24KB

41fa32740ca163dcc6b99ae6871eb538

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16Certificate

Extended Key Usages

Key Usages

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89Certificate

Extended Key Usages

Key Usages

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7cCertificate

Extended Key Usages

Key Usages

53:2f:e7:fa:85:79:f0:13:72:63:c6:aa:da:82:64:06:68:ab:c4:76Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

msvcr90

msvcp90

d3dx9_40

d3d11

dxgi

winmm

msimg32

psapi

shlwapi

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

d0:e5:1c:9c:9a:ce:b9:3a:8a:7b:4a:71:04:3c:7a:4f:f6:ec:b5:21
Signer

.text
Size: 575KB - Virtual size: 575KB

.rdata
Size: 99KB - Virtual size: 98KB

.data
Size: 7KB - Virtual size: 13KB

.msvcjmc
Size: 1024B - Virtual size: 666B

.UWP2
Size: 512B - Virtual size: 8B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 24KB - Virtual size: 24KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

53:2f:e7:fa:85:79:f0:13:72:63:c6:aa:da:82:64:06:68:ab:c4:76
Signer

.text
Size: 2.0MB - Virtual size: 2.0MB

.text1
Size: 512B - Virtual size: 32B

.rdata
Size: 401KB - Virtual size: 400KB

.data
Size: 2.4MB - Virtual size: 16.9MB

.data1
Size: 512B - Virtual size: 200B

.rsrc
Size: 4.0MB - Virtual size: 4.0MB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

bb:f0:cc:b5:b7:b8:31:fd:21:ae:32:77:8a:e4:0c:89
Certificate

3a:e7:ce:4a:9f:3f:b0:1c:f0:65:7f:22:d7:15:1e:7c
Certificate

c6:a1:14:a2:14:55:ad:46:3f:56:70:28:5f:41:37:3b:4f:86:11:c8
Signer

.text
Size: - Virtual size: 57KB

.rdata
Size: - Virtual size: 27KB

.data
Size: - Virtual size: 21KB

.pdata
Size: - Virtual size: 2KB

.vmp0
Size: - Virtual size: 1.2MB

.vmp1
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 512B - Virtual size: 24B

.rsrc
Size: 48KB - Virtual size: 48KB

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate