ThriveLauncher_Windows_Installer_2[.]0[.]3[.]0[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

ThriveLauncher_Windows_Installer_2.0.3.0.exe
Size

37.5MB
MD5

2fa4529a012e5d45c5d61579fa597f31
SHA1

9f4f00e660387c5c1e1052e9de0d12aa0e26eca8
SHA256

fee1bc7a3556dbb9236b7eea805b4f1adf5464bb5166c9006df03cf217c92c16
SHA512

fcd0ea96c366f2aed5573cd89961e2321099a96e04fdfd31a95a71ce8f7465a62de301d2ed58016c075f9775437294319a9f03cee21aacb1624b995b871a9295
SSDEEP

786432:+zrtgFHME6SkKlU1uLUicoRHQE0/J46hu3CgON76R2jv03y33vE:+zpOZ69KWUYEwEMJ4m+NS0ev03+3vE

Score

3^/10

Malware Config

Signatures

Unsigned PE 14 IoCs

Checks for missing Authenticode signature.

resource
ThriveLauncher_Windows_Installer_2.0.3.0.exe
unpack001/$PLUGINSDIR/StartMenu.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/$PLUGINSDIR/nsDialogs.dll
unpack001/ThriveLauncher.exe
unpack001/tools/7zip/7za.dll
unpack001/tools/7zip/7za.exe
unpack001/tools/7zip/7zxa.dll
unpack001/tools/pck/godotpcktool.exe
unpack001/uninstall.exe
unpack002/$PLUGINSDIR/System.dll
unpack002/$PLUGINSDIR/UserInfo.dll
unpack002/$PLUGINSDIR/nsDialogs.dll

Files

ThriveLauncher_Windows_Installer_2.0.3.0.exe
.exe windows:4 windows x86 arch:x86

61259b55b8912888e90f516ca08dc514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/StartMenu.dll
.dll windows:4 windows x86 arch:x86

80469f6834e579db68a646d49780b9d5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrcatW
FindClose
FindNextFileW
lstrcmpW
GetModuleHandleW
lstrcmpiW
MulDiv
lstrcpynW
GlobalAlloc
lstrcpyW
FindFirstFileW
GlobalFree

user32

GetMessageW
TranslateMessage
PostMessageW
DispatchMessageW
GetDlgItem
GetWindowLongW
CheckDlgButton
ShowWindow
LoadIconW
GetClientRect
MoveWindow
DestroyWindow
GetWindowRect
ReleaseDC
GetDC
EnableWindow
SetWindowTextW
SendMessageW
IsDlgButtonChecked
GetWindowTextW
CreateDialogParamW
SetWindowLongW
wsprintfW
ScreenToClient
IsDialogMessageW
CallWindowProcW

gdi32

GetTextMetricsW
SelectObject

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListW

ole32

CoTaskMemFree

Exports

Exports

Init
Select
Show

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 578B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

5e62e8e248e7364886b604bd1fcf4c13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameW

kernel32

GlobalFree
GetVersion
GlobalAlloc
CloseHandle
GetModuleHandleA
GetLastError
GetCurrentProcess
GetCurrentThread
GetProcAddress
lstrcpynW

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 705B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

6b5c4f7d679059f68f1269aad3a5cecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
LICENSE.md
README.txt
ThriveLauncher.exe
.exe windows:6 windows x64 arch:x64

dfa4b7e43927c69560b31967c9d4722b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\_work\1\s\artifacts\obj\coreclr\windows.x64.Release\Corehost.Static\singlefilehost.pdb

Imports

kernel32

MultiByteToWideChar
GetTickCount
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleW
FlushInstructionCache
RtlLookupFunctionEntry
RtlDeleteFunctionTable
InterlockedPushEntrySList
InterlockedFlushSList
InitializeSListHead
GetTickCount64
DuplicateHandle
QueueUserAPC
WaitForSingleObjectEx
SetThreadPriority
GetThreadPriority
ResumeThread
GetCurrentThreadId
Sleep
TlsAlloc
GetCurrentThread
CreateThread
WaitForMultipleObjectsEx
SignalObjectAndWait
RtlCaptureContext
SetThreadStackGuarantee
VirtualQuery
GetStdHandle
WideCharToMultiByte
GetConsoleOutputCP
MapViewOfFileEx
UnmapViewOfFile
GetStringTypeExW
SetEvent
GetCurrentProcessorNumber
GlobalMemoryStatusEx
CreateIoCompletionPort
PostQueuedCompletionStatus
SleepEx
GetQueuedCompletionStatus
InterlockedPopEntrySList
GetCurrentProcessorNumberEx
ExitProcess
CreateMemoryResourceNotification
GetProcessAffinityMask
SetThreadIdealProcessorEx
GetThreadIdealProcessorEx
GetLargePageMinimum
VirtualUnlock
GetLogicalProcessorInformation
SetThreadGroupAffinity
SetThreadAffinityMask
IsProcessInJob
QueryInformationJobObject
K32GetProcessMemoryInfo
VirtualAlloc
VirtualFree
VirtualProtect
SwitchToThread
CloseThreadpoolTimer
CreateThreadpoolTimer
SetThreadpoolTimer
GetFileSize
GetEnvironmentVariableW
SetEnvironmentVariableW
CreateEventW
ResetEvent
CreateSemaphoreExW
ReleaseSemaphore
CreateMutexW
ReleaseMutex
GetThreadContext
SuspendThread
SetThreadContext
GetEnabledXStateFeatures
InitializeContext
RtlRestoreContext
RtlInstallFunctionTableCallback
GetSystemDefaultLCID
GetUserDefaultLCID
RtlUnwind
LoadLibraryExW
HeapAlloc
HeapFree
GetProcessHeap
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
FormatMessageW
OutputDebugStringA
GetACP
LCMapStringEx
LocalFree
VerSetConditionMask
VerifyVersionInfoW
FindClose
GetModuleFileNameW
FindNextFileW
QueryThreadCycleTime
VirtualAllocExNuma
GetNumaProcessorNodeEx
GetNumaHighestNodeNumber
GetLogicalProcessorInformationEx
GetThreadGroupAffinity
GetSystemTimes
GetSystemTimeAsFileTime
CreateFileMappingW
CreateProcessW
GetCPInfo
CreateFileW
GetFileAttributesExW
GetTempPathW
GetCurrentDirectoryW
FindFirstFileExW
GetFullPathNameW
OpenProcess
LoadLibraryExA
OpenEventW
ExitThread
HeapReAlloc
CreateNamedPipeA
WaitForMultipleObjects
DisconnectNamedPipe
CreateFileA
CancelIoEx
GetOverlappedResult
ConnectNamedPipe
FlushFileBuffers
MapViewOfFile
GetActiveProcessorGroupCount
GetSystemTime
SetConsoleCtrlHandler
GetLocaleInfoEx
GetUserDefaultLocaleName
RtlAddFunctionTable
CreateDirectoryW
RemoveDirectoryW
GetFileSizeEx
LoadLibraryA
IsWow64Process
InitializeCriticalSectionAndSpinCount
AddVectoredExceptionHandler
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetCurrentProcessId
RaiseFailFastException
FreeLibrary
RaiseException
WaitForSingleObject
TlsSetValue
TlsGetValue
GetSystemInfo
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WriteFile
GetProcessTimes
GetCommandLineW
ReadFile
SetFilePointer
GetProcAddress
GetModuleHandleExW
SetErrorMode
CloseHandle
GetCurrentProcess
FlushProcessWriteBuffers
SetLastError
GetLastError
OutputDebugStringW
SetXStateFeaturesMask
DebugBreak
DecodePointer
GetStringTypeW
RtlVirtualUnwind
IsProcessorFeaturePresent
RtlUnwindEx
EncodePointer
TlsFree
RtlPcToFileHeader
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
TryEnterCriticalSection
GetExitCodeThread
CreateFileMappingA

advapi32

RegGetValueW
SetKernelObjectSecurity
GetSidSubAuthorityCount
GetSidSubAuthority
GetTokenInformation
DeregisterEventSource
ReportEventW
RegisterEventSourceW
RegQueryValueExW
RegOpenKeyExW
RegCloseKey
EventRegister
AdjustTokenPrivileges
OpenProcessToken
LookupPrivilegeValueW
SetThreadToken
RevertToSelf
OpenThreadToken
EventWriteTransfer
EventWrite

ole32

CoTaskMemAlloc
CoTaskMemFree
CoWaitForMultipleHandles
IIDFromString
CLSIDFromProgID
CoGetMarshalSizeMax
CoMarshalInterface
CoCreateGuid
CoGetObjectContext
CoRegisterInitializeSpy
CoGetContextToken
CoGetClassObject
CoCreateFreeThreadedMarshaler
CreateStreamOnHGlobal
StringFromGUID2
CoInitializeEx
CoUninitialize
CoUnmarshalInterface
CoRevokeInitializeSpy
CoReleaseMarshalData

oleaut32

SafeArrayAllocData
SafeArrayGetElemsize
SysStringByteLen
SysAllocStringByteLen
SafeArrayCreateVector
SafeArrayPutElement
LoadRegTypeLi
CreateErrorInfo
SafeArrayAllocDescriptorEx
VarCyFromDec
VariantInit
VariantClear
SafeArraySetRecordInfo
VariantChangeType
SafeArrayGetVartype
LoadTypeLibEx
QueryPathOfRegTypeLi
SafeArrayDestroy
SafeArrayGetLBound
SafeArrayGetDim
SysAllocStringLen
SysStringLen
SysAllocString
SetErrorInfo
GetErrorInfo
SysFreeString
VariantChangeTypeEx
GetRecordInfoFromTypeInfo

user32

MessageBoxW
LoadStringW

version

VerQueryValueW
GetFileVersionInfoExW
GetFileVersionInfoSizeExW

shell32

ShellExecuteW

api-ms-win-crt-string-l1-1-0

strncmp
wcsncmp
iswupper
towlower
isalpha
isdigit
wcstok_s
strnlen
iswascii
towupper
wcscat_s
strcspn
wcscpy_s
_stricmp
strlen
isupper
strcmp
_wcsnicmp
_wcsdup
wcsncpy_s
tolower
islower
strtok_s
isspace
_strdup
__strncnt
strncpy_s
strcpy_s
wcsncat_s
strncat_s
strcat_s
iswspace
wcsnlen
_strnicmp
_wcsicmp

api-ms-win-crt-stdio-l1-1-0

fwrite
__stdio_common_vswprintf_s
__p__commode
_set_fmode
__stdio_common_vsnprintf_s
__stdio_common_vfwprintf
_flushall
_wfopen
_wfsopen
fseek
__stdio_common_vfprintf
ftell
__stdio_common_vsprintf_s
fputws
__acrt_iob_func
fflush
_fileno
_dup
_setmode
setvbuf
fputwc
_get_stream_buffer_pointers
_fseeki64
fread
fsetpos
ungetc
fgetpos
fgetc
fputc
__stdio_common_vswprintf
fclose
fgets
__stdio_common_vsscanf
fopen
fputs
__stdio_common_vsnwprintf_s
_putws

api-ms-win-crt-runtime-l1-1-0

terminate
_errno
_beginthreadex
abort
exit
_initialize_onexit_table
_register_onexit_function
_crt_atexit
_cexit
_seh_filter_exe
_set_app_type
_invalid_parameter_noinfo_noreturn
_configure_wide_argv
_initialize_wide_environment
_get_initial_wide_environment
_initterm
_initterm_e
_exit
_controlfp_s
__p___argc
__p___wargv
_c_exit
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo
_wcserror

api-ms-win-crt-convert-l1-1-0

atol
_ltow_s
strtoull
_atoi64
strtoul
wcstoul
_wtoi
_wcstoui64
_itow_s

api-ms-win-crt-heap-l1-1-0

calloc
free
_set_new_mode
malloc
realloc

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-math-l1-1-0

ceil
atanf
atan2f
atan2
atan
asinf
asin
acosf
modff
cos
powf
pow
floorf
log2
atanh
acosh
cosf
cbrt
asinh
asinhf
ilogbf
atanhf
cbrtf
acoshf
log2f
fma
fmaf
fmod
cosh
coshf
modf
exp
expf
_fdopen
floor
_copysign
_copysignf
_isnanf
__setusermatherr
_isnan
ceilf
fmodf
ilogb
frexp
log
log10
log10f
logf
_finite
sin
sinf
sinh
sinhf
sqrt
sqrtf
tan
tanf
tanh
acos
tanhf

api-ms-win-crt-time-l1-1-0

_time64
wcsftime
_gmtime64_s

api-ms-win-crt-locale-l1-1-0

_configthreadlocale
_lock_locales
_unlock_locales
setlocale
__pctype_func
___lc_locale_name_func
___lc_codepage_func
___mb_cur_max_func
localeconv

api-ms-win-crt-filesystem-l1-1-0

_wrename
_wremove
_unlock_file
_lock_file

Exports

Exports

CLRJitAttachState
DotNetRuntimeInfo
MetaDataGetDispenser
g_CLREngineMetrics

Sections

.text
Size: 6.0MB - Virtual size: 6.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.CLR_UEF
Size: 512B - Virtual size: 271B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Section
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libHarfBuzzSharp.dll
.dll windows:6 windows x64 arch:x64

24746f1e7a3f00835993ed8d16f1ef5f

Code Sign

33:00:00:02:cc:8e:b5:96:a6:bd:d1:c9:4e:00:00:00:00:02:cc
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

24:16:82:eb:5d:b7:88:75:69:3f:ab:b7:9b:49:0b:ea:1d:95:82:00:c5:bc:fc:08:76:c6:51:e6:8e:33:b6:2b
Signer

Actual PE Digest

24:16:82:eb:5d:b7:88:75:69:3f:ab:b7:9b:49:0b:ea:1d:95:82:00:c5:bc:fc:08:76:c6:51:e6:8e:33:b6:2b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\native\windows\libHarfBuzzSharp\bin\x64\Release\libHarfBuzzSharp.pdb

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateFileW
UnmapViewOfFile
CloseHandle
GetFileSize
DeleteCriticalSection
CreateFileMappingW
MapViewOfFile
WriteConsoleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
RaiseException
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
RtlPcToFileHeader
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
HeapAlloc
HeapReAlloc
HeapFree
GetACP
ReadFile
GetConsoleMode
ReadConsoleW
GetStdHandle
GetFileType
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetStringTypeW
SetStdHandle
FlushFileBuffers
WriteFile
GetConsoleCP
SetFilePointerEx
HeapSize
SetEndOfFile

Exports

Exports

hb_aat_layout_feature_type_get_name_id
hb_aat_layout_feature_type_get_selector_infos
hb_aat_layout_get_feature_types
hb_aat_layout_has_positioning
hb_aat_layout_has_substitution
hb_aat_layout_has_tracking
hb_blob_copy_writable_or_fail
hb_blob_create
hb_blob_create_from_file
hb_blob_create_from_file_or_fail
hb_blob_create_or_fail
hb_blob_create_sub_blob
hb_blob_destroy
hb_blob_get_data
hb_blob_get_data_writable
hb_blob_get_empty
hb_blob_get_length
hb_blob_get_user_data
hb_blob_is_immutable
hb_blob_make_immutable
hb_blob_reference
hb_blob_set_user_data
hb_buffer_add
hb_buffer_add_codepoints
hb_buffer_add_latin1
hb_buffer_add_utf16
hb_buffer_add_utf32
hb_buffer_add_utf8
hb_buffer_allocation_successful
hb_buffer_append
hb_buffer_clear_contents
hb_buffer_create
hb_buffer_deserialize_glyphs
hb_buffer_deserialize_unicode
hb_buffer_destroy
hb_buffer_diff
hb_buffer_get_cluster_level
hb_buffer_get_content_type
hb_buffer_get_direction
hb_buffer_get_empty
hb_buffer_get_flags
hb_buffer_get_glyph_infos
hb_buffer_get_glyph_positions
hb_buffer_get_invisible_glyph
hb_buffer_get_language
hb_buffer_get_length
hb_buffer_get_replacement_codepoint
hb_buffer_get_script
hb_buffer_get_segment_properties
hb_buffer_get_unicode_funcs
hb_buffer_get_user_data
hb_buffer_guess_segment_properties
hb_buffer_has_positions
hb_buffer_normalize_glyphs
hb_buffer_pre_allocate
hb_buffer_reference
hb_buffer_reset
hb_buffer_reverse
hb_buffer_reverse_clusters
hb_buffer_reverse_range
hb_buffer_serialize
hb_buffer_serialize_format_from_string
hb_buffer_serialize_format_to_string
hb_buffer_serialize_glyphs
hb_buffer_serialize_list_formats
hb_buffer_serialize_unicode
hb_buffer_set_cluster_level
hb_buffer_set_content_type
hb_buffer_set_direction
hb_buffer_set_flags
hb_buffer_set_invisible_glyph
hb_buffer_set_language
hb_buffer_set_length
hb_buffer_set_message_func
hb_buffer_set_replacement_codepoint
hb_buffer_set_script
hb_buffer_set_segment_properties
hb_buffer_set_unicode_funcs
hb_buffer_set_user_data
hb_color_get_alpha
hb_color_get_blue
hb_color_get_green
hb_color_get_red
hb_direction_from_string
hb_direction_to_string
hb_face_builder_add_table
hb_face_builder_create
hb_face_collect_unicodes
hb_face_collect_variation_selectors
hb_face_collect_variation_unicodes
hb_face_count
hb_face_create
hb_face_create_for_tables
hb_face_destroy
hb_face_get_empty
hb_face_get_glyph_count
hb_face_get_index
hb_face_get_table_tags
hb_face_get_upem
hb_face_get_user_data
hb_face_is_immutable
hb_face_make_immutable
hb_face_reference
hb_face_reference_blob
hb_face_reference_table
hb_face_set_glyph_count
hb_face_set_index
hb_face_set_upem
hb_face_set_user_data
hb_feature_from_string
hb_feature_to_string
hb_font_add_glyph_origin_for_direction
hb_font_create
hb_font_create_sub_font
hb_font_destroy
hb_font_funcs_create
hb_font_funcs_destroy
hb_font_funcs_get_empty
hb_font_funcs_get_user_data
hb_font_funcs_is_immutable
hb_font_funcs_make_immutable
hb_font_funcs_reference
hb_font_funcs_set_font_h_extents_func
hb_font_funcs_set_font_v_extents_func
hb_font_funcs_set_glyph_contour_point_func
hb_font_funcs_set_glyph_extents_func
hb_font_funcs_set_glyph_from_name_func
hb_font_funcs_set_glyph_func
hb_font_funcs_set_glyph_h_advance_func
hb_font_funcs_set_glyph_h_advances_func
hb_font_funcs_set_glyph_h_kerning_func
hb_font_funcs_set_glyph_h_origin_func
hb_font_funcs_set_glyph_name_func
hb_font_funcs_set_glyph_v_advance_func
hb_font_funcs_set_glyph_v_advances_func
hb_font_funcs_set_glyph_v_kerning_func
hb_font_funcs_set_glyph_v_origin_func
hb_font_funcs_set_nominal_glyph_func
hb_font_funcs_set_nominal_glyphs_func
hb_font_funcs_set_user_data
hb_font_funcs_set_variation_glyph_func
hb_font_get_empty
hb_font_get_extents_for_direction
hb_font_get_face
hb_font_get_glyph
hb_font_get_glyph_advance_for_direction
hb_font_get_glyph_advances_for_direction
hb_font_get_glyph_contour_point
hb_font_get_glyph_contour_point_for_origin
hb_font_get_glyph_extents
hb_font_get_glyph_extents_for_origin
hb_font_get_glyph_from_name
hb_font_get_glyph_h_advance
hb_font_get_glyph_h_advances
hb_font_get_glyph_h_kerning
hb_font_get_glyph_h_origin
hb_font_get_glyph_kerning_for_direction
hb_font_get_glyph_name
hb_font_get_glyph_origin_for_direction
hb_font_get_glyph_v_advance
hb_font_get_glyph_v_advances
hb_font_get_glyph_v_kerning
hb_font_get_glyph_v_origin
hb_font_get_h_extents
hb_font_get_nominal_glyph
hb_font_get_nominal_glyphs
hb_font_get_parent
hb_font_get_ppem
hb_font_get_ptem
hb_font_get_scale
hb_font_get_user_data
hb_font_get_v_extents
hb_font_get_var_coords_normalized
hb_font_get_variation_glyph
hb_font_glyph_from_string
hb_font_glyph_to_string
hb_font_is_immutable
hb_font_make_immutable
hb_font_reference
hb_font_set_face
hb_font_set_funcs
hb_font_set_funcs_data
hb_font_set_parent
hb_font_set_ppem
hb_font_set_ptem
hb_font_set_scale
hb_font_set_user_data
hb_font_set_var_coords_design
hb_font_set_var_coords_normalized
hb_font_set_var_named_instance
hb_font_set_variations
hb_font_subtract_glyph_origin_for_direction
hb_glyph_info_get_glyph_flags
hb_language_from_string
hb_language_get_default
hb_language_to_string
hb_map_allocation_successful
hb_map_clear
hb_map_create
hb_map_del
hb_map_destroy
hb_map_get
hb_map_get_empty
hb_map_get_population
hb_map_get_user_data
hb_map_has
hb_map_is_empty
hb_map_reference
hb_map_set
hb_map_set_user_data
hb_ot_color_glyph_get_layers
hb_ot_color_glyph_reference_png
hb_ot_color_glyph_reference_svg
hb_ot_color_has_layers
hb_ot_color_has_palettes
hb_ot_color_has_png
hb_ot_color_has_svg
hb_ot_color_palette_color_get_name_id
hb_ot_color_palette_get_colors
hb_ot_color_palette_get_count
hb_ot_color_palette_get_flags
hb_ot_color_palette_get_name_id
hb_ot_font_set_funcs
hb_ot_layout_collect_features
hb_ot_layout_collect_lookups
hb_ot_layout_feature_get_characters
hb_ot_layout_feature_get_lookups
hb_ot_layout_feature_get_name_ids
hb_ot_layout_feature_with_variations_get_lookups
hb_ot_layout_get_attach_points
hb_ot_layout_get_baseline
hb_ot_layout_get_glyph_class
hb_ot_layout_get_glyphs_in_class
hb_ot_layout_get_ligature_carets
hb_ot_layout_get_size_params
hb_ot_layout_has_glyph_classes
hb_ot_layout_has_positioning
hb_ot_layout_has_substitution
hb_ot_layout_language_find_feature
hb_ot_layout_language_get_feature_indexes
hb_ot_layout_language_get_feature_tags
hb_ot_layout_language_get_required_feature
hb_ot_layout_language_get_required_feature_index
hb_ot_layout_lookup_collect_glyphs
hb_ot_layout_lookup_get_glyph_alternates
hb_ot_layout_lookup_substitute_closure
hb_ot_layout_lookup_would_substitute
hb_ot_layout_lookups_substitute_closure
hb_ot_layout_script_find_language
hb_ot_layout_script_get_language_tags
hb_ot_layout_script_select_language
hb_ot_layout_table_choose_script
hb_ot_layout_table_find_feature_variations
hb_ot_layout_table_find_script
hb_ot_layout_table_get_feature_tags
hb_ot_layout_table_get_lookup_count
hb_ot_layout_table_get_script_tags
hb_ot_layout_table_select_script
hb_ot_math_get_constant
hb_ot_math_get_glyph_assembly
hb_ot_math_get_glyph_italics_correction
hb_ot_math_get_glyph_kerning
hb_ot_math_get_glyph_top_accent_attachment
hb_ot_math_get_glyph_variants
hb_ot_math_get_min_connector_overlap
hb_ot_math_has_data
hb_ot_math_is_glyph_extended_shape
hb_ot_meta_get_entry_tags
hb_ot_meta_reference_entry
hb_ot_metrics_get_position
hb_ot_metrics_get_variation
hb_ot_metrics_get_x_variation
hb_ot_metrics_get_y_variation
hb_ot_name_get_utf16
hb_ot_name_get_utf32
hb_ot_name_get_utf8
hb_ot_name_list_names
hb_ot_shape_glyphs_closure
hb_ot_shape_plan_collect_lookups
hb_ot_tag_from_language
hb_ot_tag_to_language
hb_ot_tag_to_script
hb_ot_tags_from_script
hb_ot_tags_from_script_and_language
hb_ot_tags_to_script_and_language
hb_ot_var_find_axis
hb_ot_var_find_axis_info
hb_ot_var_get_axes
hb_ot_var_get_axis_count
hb_ot_var_get_axis_infos
hb_ot_var_get_named_instance_count
hb_ot_var_has_data
hb_ot_var_named_instance_get_design_coords
hb_ot_var_named_instance_get_postscript_name_id
hb_ot_var_named_instance_get_subfamily_name_id
hb_ot_var_normalize_coords
hb_ot_var_normalize_variations
hb_script_from_iso15924_tag
hb_script_from_string
hb_script_get_horizontal_direction
hb_script_to_iso15924_tag
hb_segment_properties_equal
hb_segment_properties_hash
hb_set_add
hb_set_add_range
hb_set_allocation_successful
hb_set_clear
hb_set_copy
hb_set_create
hb_set_del
hb_set_del_range
hb_set_destroy
hb_set_get_empty
hb_set_get_max
hb_set_get_min
hb_set_get_population
hb_set_get_user_data
hb_set_has
hb_set_intersect
hb_set_invert
hb_set_is_empty
hb_set_is_equal
hb_set_is_subset
hb_set_next
hb_set_next_range
hb_set_previous
hb_set_previous_range
hb_set_reference
hb_set_set
hb_set_set_user_data
hb_set_subtract
hb_set_symmetric_difference
hb_set_union
hb_shape
hb_shape_full
hb_shape_list_shapers
hb_shape_plan_create
hb_shape_plan_create2
hb_shape_plan_create_cached
hb_shape_plan_create_cached2
hb_shape_plan_destroy
hb_shape_plan_execute
hb_shape_plan_get_empty
hb_shape_plan_get_shaper
hb_shape_plan_get_user_data
hb_shape_plan_reference
hb_shape_plan_set_user_data
hb_tag_from_string
hb_tag_to_string
hb_unicode_combining_class
hb_unicode_compose
hb_unicode_decompose
hb_unicode_decompose_compatibility
hb_unicode_eastasian_width
hb_unicode_funcs_create
hb_unicode_funcs_destroy
hb_unicode_funcs_get_default
hb_unicode_funcs_get_empty
hb_unicode_funcs_get_parent
hb_unicode_funcs_get_user_data
hb_unicode_funcs_is_immutable
hb_unicode_funcs_make_immutable
hb_unicode_funcs_reference
hb_unicode_funcs_set_combining_class_func
hb_unicode_funcs_set_compose_func
hb_unicode_funcs_set_decompose_compatibility_func
hb_unicode_funcs_set_decompose_func
hb_unicode_funcs_set_eastasian_width_func
hb_unicode_funcs_set_general_category_func
hb_unicode_funcs_set_mirroring_func
hb_unicode_funcs_set_script_func
hb_unicode_funcs_set_user_data
hb_unicode_general_category
hb_unicode_mirroring
hb_unicode_script
hb_variation_from_string
hb_variation_to_string
hb_version
hb_version_atleast
hb_version_string

Sections

.text
Size: 616KB - Virtual size: 616KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 227KB - Virtual size: 226KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libSkiaSharp.dll
.dll windows:6 windows x64 arch:x64

ffe661c0b06e35c1f2a6559c922e2926

Code Sign

33:00:00:02:cc:8e:b5:96:a6:bd:d1:c9:4e:00:00:00:00:02:cc
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/05/2022, 20:46

Not After

11/05/2023, 20:46

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

71:f9:60:c6:cd:00:f6:62:5e:7b:c8:98:d2:aa:a8:49:f1:8c:ba:a5:98:28:f0:b1:2f:93:1d:2d:f9:5d:93:92
Signer

Actual PE Digest

71:f9:60:c6:cd:00:f6:62:5e:7b:c8:98:d2:aa:a8:49:f1:8c:ba:a5:98:28:f0:b1:2f:93:1d:2d:f9:5d:93:92

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\1\s\externals\skia\out\windows\x64\libSkiaSharp.pdb

Imports

ole32

CoCreateGuid
CoCreateInstance

fontsub

CreateFontPackage

user32

SystemParametersInfoW

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
CompareStringW
CreateEventW
CreateFileMappingA
CreateFileW
CreateSemaphoreA
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExA
FindNextFileA
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileSizeEx
GetFileType
GetLastError
GetLocaleInfoW
GetModuleFileNameA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTime
GetSystemTimeAsFileTime
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
RtlCaptureContext
RtlLookupFunctionEntry
RtlPcToFileHeader
RtlUnwind
RtlUnwindEx
RtlVirtualUnwind
SetEndOfFile
SetEnvironmentVariableA
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

KeepSkiaCSymbols
gr_backendrendertarget_delete
gr_backendrendertarget_get_backend
gr_backendrendertarget_get_gl_framebufferinfo
gr_backendrendertarget_get_height
gr_backendrendertarget_get_samples
gr_backendrendertarget_get_stencils
gr_backendrendertarget_get_width
gr_backendrendertarget_is_valid
gr_backendrendertarget_new_gl
gr_backendrendertarget_new_metal
gr_backendrendertarget_new_vulkan
gr_backendtexture_delete
gr_backendtexture_get_backend
gr_backendtexture_get_gl_textureinfo
gr_backendtexture_get_height
gr_backendtexture_get_width
gr_backendtexture_has_mipmaps
gr_backendtexture_is_valid
gr_backendtexture_new_gl
gr_backendtexture_new_metal
gr_backendtexture_new_vulkan
gr_direct_context_abandon_context
gr_direct_context_dump_memory_statistics
gr_direct_context_flush
gr_direct_context_flush_and_submit
gr_direct_context_free_gpu_resources
gr_direct_context_get_resource_cache_limit
gr_direct_context_get_resource_cache_usage
gr_direct_context_is_abandoned
gr_direct_context_make_gl
gr_direct_context_make_gl_with_options
gr_direct_context_make_metal
gr_direct_context_make_metal_with_options
gr_direct_context_make_vulkan
gr_direct_context_make_vulkan_with_options
gr_direct_context_perform_deferred_cleanup
gr_direct_context_purge_unlocked_resources
gr_direct_context_purge_unlocked_resources_bytes
gr_direct_context_release_resources_and_abandon_context
gr_direct_context_reset_context
gr_direct_context_set_resource_cache_limit
gr_direct_context_submit
gr_glinterface_assemble_gl_interface
gr_glinterface_assemble_gles_interface
gr_glinterface_assemble_interface
gr_glinterface_assemble_webgl_interface
gr_glinterface_create_native_interface
gr_glinterface_has_extension
gr_glinterface_unref
gr_glinterface_validate
gr_recording_context_get_backend
gr_recording_context_get_max_surface_sample_count_for_color_type
gr_recording_context_unref
gr_vk_extensions_delete
gr_vk_extensions_has_extension
gr_vk_extensions_init
gr_vk_extensions_new
sk_3dview_apply_to_canvas
sk_3dview_destroy
sk_3dview_dot_with_normal
sk_3dview_get_matrix
sk_3dview_new
sk_3dview_restore
sk_3dview_rotate_x_degrees
sk_3dview_rotate_x_radians
sk_3dview_rotate_y_degrees
sk_3dview_rotate_y_radians
sk_3dview_rotate_z_degrees
sk_3dview_rotate_z_radians
sk_3dview_save
sk_3dview_translate
sk_bitmap_destructor
sk_bitmap_erase
sk_bitmap_erase_rect
sk_bitmap_extract_alpha
sk_bitmap_extract_subset
sk_bitmap_get_addr
sk_bitmap_get_addr_16
sk_bitmap_get_addr_32
sk_bitmap_get_addr_8
sk_bitmap_get_byte_count
sk_bitmap_get_info
sk_bitmap_get_pixel_color
sk_bitmap_get_pixel_colors
sk_bitmap_get_pixels
sk_bitmap_get_row_bytes
sk_bitmap_install_mask_pixels
sk_bitmap_install_pixels
sk_bitmap_install_pixels_with_pixmap
sk_bitmap_is_immutable
sk_bitmap_is_null
sk_bitmap_make_shader
sk_bitmap_new
sk_bitmap_notify_pixels_changed
sk_bitmap_peek_pixels
sk_bitmap_ready_to_draw
sk_bitmap_reset
sk_bitmap_set_immutable
sk_bitmap_set_pixels
sk_bitmap_swap
sk_bitmap_try_alloc_pixels
sk_bitmap_try_alloc_pixels_with_flags
sk_canvas_clear
sk_canvas_clear_color4f
sk_canvas_clip_path_with_operation
sk_canvas_clip_rect_with_operation
sk_canvas_clip_region
sk_canvas_clip_rrect_with_operation
sk_canvas_concat
sk_canvas_destroy
sk_canvas_discard
sk_canvas_draw_annotation
sk_canvas_draw_arc
sk_canvas_draw_atlas
sk_canvas_draw_circle
sk_canvas_draw_color
sk_canvas_draw_color4f
sk_canvas_draw_drawable
sk_canvas_draw_drrect
sk_canvas_draw_image
sk_canvas_draw_image_lattice
sk_canvas_draw_image_nine
sk_canvas_draw_image_rect
sk_canvas_draw_line
sk_canvas_draw_link_destination_annotation
sk_canvas_draw_named_destination_annotation
sk_canvas_draw_oval
sk_canvas_draw_paint
sk_canvas_draw_patch
sk_canvas_draw_path
sk_canvas_draw_picture
sk_canvas_draw_point
sk_canvas_draw_points
sk_canvas_draw_rect
sk_canvas_draw_region
sk_canvas_draw_round_rect
sk_canvas_draw_rrect
sk_canvas_draw_simple_text
sk_canvas_draw_text_blob
sk_canvas_draw_url_annotation
sk_canvas_draw_vertices
sk_canvas_flush
sk_canvas_get_device_clip_bounds
sk_canvas_get_local_clip_bounds
sk_canvas_get_save_count
sk_canvas_get_total_matrix
sk_canvas_is_clip_empty
sk_canvas_is_clip_rect
sk_canvas_new_from_bitmap
sk_canvas_quick_reject
sk_canvas_reset_matrix
sk_canvas_restore
sk_canvas_restore_to_count
sk_canvas_rotate_degrees
sk_canvas_rotate_radians
sk_canvas_save
sk_canvas_save_layer
sk_canvas_scale
sk_canvas_set_matrix
sk_canvas_skew
sk_canvas_translate
sk_codec_destroy
sk_codec_get_encoded_format
sk_codec_get_frame_count
sk_codec_get_frame_info
sk_codec_get_frame_info_for_index
sk_codec_get_info
sk_codec_get_origin
sk_codec_get_pixels
sk_codec_get_repetition_count
sk_codec_get_scaled_dimensions
sk_codec_get_scanline_order
sk_codec_get_scanlines
sk_codec_get_valid_subset
sk_codec_incremental_decode
sk_codec_min_buffered_bytes_needed
sk_codec_new_from_data
sk_codec_new_from_stream
sk_codec_next_scanline
sk_codec_output_scanline
sk_codec_skip_scanlines
sk_codec_start_incremental_decode
sk_codec_start_scanline_decode
sk_color4f_from_color
sk_color4f_to_color
sk_color_get_bit_shift
sk_color_premultiply
sk_color_premultiply_array
sk_color_unpremultiply
sk_color_unpremultiply_array
sk_colorfilter_new_color_matrix
sk_colorfilter_new_compose
sk_colorfilter_new_high_contrast
sk_colorfilter_new_lighting
sk_colorfilter_new_luma_color
sk_colorfilter_new_mode
sk_colorfilter_new_table
sk_colorfilter_new_table_argb
sk_colorfilter_unref
sk_colorspace_equals
sk_colorspace_gamma_close_to_srgb
sk_colorspace_gamma_is_linear
sk_colorspace_icc_profile_delete
sk_colorspace_icc_profile_get_buffer
sk_colorspace_icc_profile_get_to_xyzd50
sk_colorspace_icc_profile_new
sk_colorspace_icc_profile_parse
sk_colorspace_is_numerical_transfer_fn
sk_colorspace_is_srgb
sk_colorspace_make_linear_gamma
sk_colorspace_make_srgb_gamma
sk_colorspace_new_icc
sk_colorspace_new_rgb
sk_colorspace_new_srgb
sk_colorspace_new_srgb_linear
sk_colorspace_primaries_to_xyzd50
sk_colorspace_ref
sk_colorspace_to_profile
sk_colorspace_to_xyzd50
sk_colorspace_transfer_fn_eval
sk_colorspace_transfer_fn_invert
sk_colorspace_transfer_fn_named_2dot2
sk_colorspace_transfer_fn_named_hlg
sk_colorspace_transfer_fn_named_linear
sk_colorspace_transfer_fn_named_pq
sk_colorspace_transfer_fn_named_rec2020
sk_colorspace_transfer_fn_named_srgb
sk_colorspace_unref
sk_colorspace_xyz_concat
sk_colorspace_xyz_invert
sk_colorspace_xyz_named_adobe_rgb
sk_colorspace_xyz_named_display_p3
sk_colorspace_xyz_named_rec2020
sk_colorspace_xyz_named_srgb
sk_colorspace_xyz_named_xyz
sk_colortable_count
sk_colortable_new
sk_colortable_read_colors
sk_colortable_unref
sk_colortype_get_default_8888
sk_compatpaint_clone
sk_compatpaint_delete
sk_compatpaint_get_font
sk_compatpaint_get_text_align
sk_compatpaint_get_text_encoding
sk_compatpaint_make_font
sk_compatpaint_new
sk_compatpaint_new_with_font
sk_compatpaint_reset
sk_compatpaint_set_text_align
sk_compatpaint_set_text_encoding
sk_data_get_bytes
sk_data_get_data
sk_data_get_size
sk_data_new_empty
sk_data_new_from_file
sk_data_new_from_stream
sk_data_new_subset
sk_data_new_uninitialized
sk_data_new_with_copy
sk_data_new_with_proc
sk_data_ref
sk_data_unref
sk_document_abort
sk_document_begin_page
sk_document_close
sk_document_create_pdf_from_stream
sk_document_create_pdf_from_stream_with_metadata
sk_document_create_xps_from_stream
sk_document_end_page
sk_document_unref
sk_drawable_draw
sk_drawable_get_bounds
sk_drawable_get_generation_id
sk_drawable_new_picture_snapshot
sk_drawable_notify_drawing_changed
sk_drawable_unref
sk_dynamicmemorywstream_copy_to
sk_dynamicmemorywstream_destroy
sk_dynamicmemorywstream_detach_as_data
sk_dynamicmemorywstream_detach_as_stream
sk_dynamicmemorywstream_new
sk_dynamicmemorywstream_write_to_stream
sk_filestream_destroy
sk_filestream_is_valid
sk_filestream_new
sk_filewstream_destroy
sk_filewstream_is_valid
sk_filewstream_new
sk_font_break_text
sk_font_delete
sk_font_get_edging
sk_font_get_hinting
sk_font_get_metrics
sk_font_get_path
sk_font_get_paths
sk_font_get_pos
sk_font_get_scale_x
sk_font_get_size
sk_font_get_skew_x
sk_font_get_typeface
sk_font_get_widths_bounds
sk_font_get_xpos
sk_font_is_baseline_snap
sk_font_is_embedded_bitmaps
sk_font_is_embolden
sk_font_is_force_auto_hinting
sk_font_is_linear_metrics
sk_font_is_subpixel
sk_font_measure_text
sk_font_measure_text_no_return
sk_font_new
sk_font_new_with_values
sk_font_set_baseline_snap
sk_font_set_edging
sk_font_set_embedded_bitmaps
sk_font_set_embolden
sk_font_set_force_auto_hinting
sk_font_set_hinting
sk_font_set_linear_metrics
sk_font_set_scale_x
sk_font_set_size
sk_font_set_skew_x
sk_font_set_subpixel
sk_font_set_typeface
sk_font_text_to_glyphs
sk_font_unichar_to_glyph
sk_font_unichars_to_glyphs
sk_fontmgr_count_families
sk_fontmgr_create_default
sk_fontmgr_create_from_data
sk_fontmgr_create_from_file
sk_fontmgr_create_from_stream
sk_fontmgr_create_styleset
sk_fontmgr_get_family_name
sk_fontmgr_match_face_style
sk_fontmgr_match_family
sk_fontmgr_match_family_style
sk_fontmgr_match_family_style_character
sk_fontmgr_ref_default
sk_fontmgr_unref
sk_fontstyle_delete
sk_fontstyle_get_slant
sk_fontstyle_get_weight
sk_fontstyle_get_width
sk_fontstyle_new
sk_fontstyleset_create_empty
sk_fontstyleset_create_typeface
sk_fontstyleset_get_count
sk_fontstyleset_get_style
sk_fontstyleset_match_style
sk_fontstyleset_unref
sk_graphics_dump_memory_statistics
sk_graphics_get_font_cache_count_limit
sk_graphics_get_font_cache_count_used
sk_graphics_get_font_cache_limit
sk_graphics_get_font_cache_point_size_limit
sk_graphics_get_font_cache_used
sk_graphics_get_resource_cache_single_allocation_byte_limit
sk_graphics_get_resource_cache_total_byte_limit
sk_graphics_get_resource_cache_total_bytes_used
sk_graphics_init
sk_graphics_purge_all_caches
sk_graphics_purge_font_cache
sk_graphics_purge_resource_cache
sk_graphics_set_font_cache_count_limit
sk_graphics_set_font_cache_limit
sk_graphics_set_font_cache_point_size_limit
sk_graphics_set_resource_cache_single_allocation_byte_limit
sk_graphics_set_resource_cache_total_byte_limit
sk_image_encode
sk_image_encode_specific
sk_image_get_alpha_type
sk_image_get_color_type
sk_image_get_colorspace
sk_image_get_height
sk_image_get_unique_id
sk_image_get_width
sk_image_is_alpha_only
sk_image_is_lazy_generated
sk_image_is_texture_backed
sk_image_is_valid
sk_image_make_non_texture_image
sk_image_make_raster_image
sk_image_make_shader
sk_image_make_subset
sk_image_make_texture_image
sk_image_make_with_filter
sk_image_make_with_filter_legacy
sk_image_new_from_adopted_texture
sk_image_new_from_bitmap
sk_image_new_from_encoded
sk_image_new_from_picture
sk_image_new_from_texture
sk_image_new_raster
sk_image_new_raster_copy
sk_image_new_raster_copy_with_pixmap
sk_image_new_raster_data
sk_image_peek_pixels
sk_image_read_pixels
sk_image_read_pixels_into_pixmap
sk_image_ref
sk_image_ref_encoded
sk_image_scale_pixels
sk_image_unref
sk_imagefilter_croprect_destructor
sk_imagefilter_croprect_get_flags
sk_imagefilter_croprect_get_rect
sk_imagefilter_croprect_new
sk_imagefilter_croprect_new_with_rect
sk_imagefilter_new_alpha_threshold
sk_imagefilter_new_arithmetic
sk_imagefilter_new_blur
sk_imagefilter_new_color_filter
sk_imagefilter_new_compose
sk_imagefilter_new_dilate
sk_imagefilter_new_displacement_map_effect
sk_imagefilter_new_distant_lit_diffuse
sk_imagefilter_new_distant_lit_specular
sk_imagefilter_new_drop_shadow
sk_imagefilter_new_drop_shadow_only
sk_imagefilter_new_erode
sk_imagefilter_new_image_source
sk_imagefilter_new_image_source_default
sk_imagefilter_new_magnifier
sk_imagefilter_new_matrix
sk_imagefilter_new_matrix_convolution
sk_imagefilter_new_merge
sk_imagefilter_new_offset
sk_imagefilter_new_paint
sk_imagefilter_new_picture
sk_imagefilter_new_picture_with_croprect
sk_imagefilter_new_point_lit_diffuse
sk_imagefilter_new_point_lit_specular
sk_imagefilter_new_spot_lit_diffuse
sk_imagefilter_new_spot_lit_specular
sk_imagefilter_new_tile
sk_imagefilter_new_xfermode
sk_imagefilter_unref
sk_jpegencoder_encode
sk_manageddrawable_new
sk_manageddrawable_set_procs
sk_manageddrawable_unref
sk_managedstream_destroy
sk_managedstream_new
sk_managedstream_set_procs
sk_managedtracememorydump_delete
sk_managedtracememorydump_new
sk_managedtracememorydump_set_procs
sk_managedwstream_destroy
sk_managedwstream_new
sk_managedwstream_set_procs
sk_mask_alloc_image
sk_mask_compute_image_size
sk_mask_compute_total_image_size
sk_mask_free_image
sk_mask_get_addr
sk_mask_get_addr_1
sk_mask_get_addr_32
sk_mask_get_addr_8
sk_mask_get_addr_lcd_16
sk_mask_is_empty
sk_maskfilter_new_blur
sk_maskfilter_new_blur_with_flags
sk_maskfilter_new_clip
sk_maskfilter_new_gamma
sk_maskfilter_new_shader
sk_maskfilter_new_table
sk_maskfilter_ref
sk_maskfilter_unref
sk_matrix44_as_col_major
sk_matrix44_as_row_major
sk_matrix44_destroy
sk_matrix44_determinant
sk_matrix44_equals
sk_matrix44_get
sk_matrix44_get_type
sk_matrix44_invert
sk_matrix44_map2
sk_matrix44_map_scalars
sk_matrix44_new
sk_matrix44_new_concat
sk_matrix44_new_copy
sk_matrix44_new_identity
sk_matrix44_new_matrix
sk_matrix44_post_concat
sk_matrix44_post_scale
sk_matrix44_post_translate
sk_matrix44_pre_concat
sk_matrix44_pre_scale
sk_matrix44_pre_translate
sk_matrix44_preserves_2d_axis_alignment
sk_matrix44_set
sk_matrix44_set_3x3_row_major
sk_matrix44_set_col_major
sk_matrix44_set_concat
sk_matrix44_set_identity
sk_matrix44_set_rotate_about_degrees
sk_matrix44_set_rotate_about_radians

Sections

.text
Size: 7.1MB - Virtual size: 7.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gehcont
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 62B

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
revision.txt
tools/7zip/7za.dll
.dll windows:4 windows x86 arch:x86

86ff62e98e38e08e8f5f4fc28a790db4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SysAllocString
SysFreeString
VariantCopy
VariantClear

user32

CharUpperW

msvcrt

_adjust_fdiv
_initterm
_onexit
__dllonexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_except_handler3
_beginthreadex
memset
realloc
strlen
wcscmp
memcpy
memmove
free
_CxxThrowException
malloc
memcmp
_purecall
__CxxFrameHandler

kernel32

InitializeCriticalSection
ReleaseSemaphore
CreateSemaphoreW
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
VirtualFree
VirtualAlloc
QueryPerformanceCounter
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
WaitForMultipleObjects
GetSystemInfo
WriteFile
ReadFile
GetFileAttributesW
GetModuleHandleA
FindFirstFileW
FindClose
GetCurrentThreadId
GetTickCount
GetCurrentProcessId
GetLastError
CloseHandle
CreateFileW
SetFileAttributesW
GetProcAddress
CreateDirectoryW
DeleteFileW
SetLastError
GetTempPathW

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/7zip/7za.exe
.exe windows:4 windows x86 arch:x86

00610cd693a2c7bea922440646a9789b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantCopy
SysAllocStringLen
SysAllocString
SysFreeString
SysStringLen
VariantClear

user32

CharPrevExA
CharUpperW

advapi32

SetFileSecurityW
OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
GetFileSecurityW

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
exit
_XcptFilter
_exit
_onexit
__dllonexit
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_beginthreadex
realloc
strlen
memset
wcscmp
wcsstr
strcmp
memmove
fputs
fputc
fflush
fgetc
fclose
_iob
free
_CxxThrowException
malloc
memcmp
_purecall
memcpy
__CxxFrameHandler
_isatty
_fileno

kernel32

ResetEvent
CreateSemaphoreW
CreateEventW
WaitForSingleObject
ReleaseSemaphore
InitializeCriticalSection
VirtualAlloc
SetEvent
SetFileAttributesW
QueryPerformanceCounter
LocalFileTimeToFileTime
SetConsoleMode
GetConsoleMode
GetVersionExW
SetFileApisToOEM
GetCommandLineW
GetConsoleScreenBufferInfo
SetConsoleCtrlHandler
FileTimeToLocalFileTime
DeleteCriticalSection
GetProcessTimes
OpenEventW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
SetProcessAffinityMask
WaitForMultipleObjects
EnterCriticalSection
LeaveCriticalSection
GetStdHandle
GetSystemTimeAsFileTime
FileTimeToDosDateTime
DosDateTimeToFileTime
GlobalMemoryStatus
GetSystemInfo
FileTimeToSystemTime
CompareFileTime
GetCurrentProcess
GetDiskFreeSpaceW
GetFileInformationByHandle
SetEndOfFile
WriteFile
ReadFile
DeviceIoControl
SetFilePointer
GetFileSize
GetLogicalDriveStringsW
GetLastError
MultiByteToWideChar
WideCharToMultiByte
FreeLibrary
LoadLibraryW
GetModuleFileNameW
LocalFree
FormatMessageW
CloseHandle
SetFileTime
CreateFileW
GetFileAttributesW
RemoveDirectoryW
MoveFileW
GetProcAddress
GetModuleHandleW
CreateDirectoryW
DeleteFileW
SetLastError
SetCurrentDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetCurrentProcessId
GetTickCount
GetCurrentThreadId
FindClose
FindFirstFileW
FindNextFileW
GetModuleHandleA
VirtualFree

Sections

.text
Size: 557KB - Virtual size: 556KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 808B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
tools/7zip/7zxa.dll
.dll windows:4 windows x86 arch:x86

908c97ab3d49ec0444e23f019632c00a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

SysAllocStringByteLen
SysAllocStringLen
SysFreeString
VariantClear

msvcrt

strlen
memset
_beginthreadex
_except_handler3
??1type_info@@UAE@XZ
?terminate@@YAXXZ
__dllonexit
_onexit
_initterm
_adjust_fdiv
free
malloc
_CxxThrowException
memcpy
memmove
memcmp
_purecall
__CxxFrameHandler

kernel32

InitializeCriticalSection
ResetEvent
SetEvent
CreateEventW
WaitForSingleObject
CloseHandle
VirtualFree
VirtualAlloc
EnterCriticalSection
LeaveCriticalSection
GetVersionExW
WaitForMultipleObjects
GetSystemInfo
GetLastError
DeleteCriticalSection

Exports

Exports

CreateDecoder
CreateEncoder
CreateObject
GetHandlerProperty
GetHandlerProperty2
GetHashers
GetIsArc
GetMethodProperty
GetNumberOfFormats
GetNumberOfMethods
SetCaseSensitive
SetCodecs
SetLargePageMode

Sections

.text
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
tools/7zip/License.txt
tools/pck/LICENSE
tools/pck/LibraryLicenses.txt
tools/pck/godotpcktool.exe
.exe windows:4 windows x86 arch:x86

5bb1452e5670915e59f6ff7a1269b95a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileW
CreateHardLinkW
CreateSemaphoreA
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EnterCriticalSection
FindFirstVolumeW
FindNextVolumeW
FindVolumeClose
FormatMessageA
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetStartupInfoA
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadPriority
GetTickCount64
GetVolumeInformationW
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MoveFileExW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
RaiseException
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEndOfFile
SetEvent
SetFilePointer
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte

msvcrt

__getmainargs
__initenv
__mb_cur_max
__p__acmdln
__p__commode
__p__fmode
__set_app_type
__setusermatherr
_amsg_exit
_beginthreadex
_cexit
_endthreadex
_errno
_close
_filelengthi64
_fileno
_findclose
_fstat64
_get_osfhandle
_initterm
_iob
_lseeki64
_onexit
_setjmp3
_telli64
_ultoa
_wchdir
_wchmod
_wfopen
_wfullpath
_wgetcwd
_wmkdir
_wopen
abort
atoi
calloc
exit
fclose
fflush
fgetpos
fopen
fprintf
fputc
fputs
fread
free
fsetpos
fwrite
getc
getwc
islower
isspace
isupper
iswctype
localeconv
malloc
memchr
memcmp
memcpy
memmove
memset
printf
putc
putwc
realloc
setlocale
setvbuf
signal
strchr
strcmp
strcoll
strerror
strftime
strlen
strncmp
strtol
strxfrm
towlower
towupper
ungetc
ungetwc
vfprintf
wcscat
wcscmp
wcscoll
wcscpy
wcsftime
wcslen
wcsxfrm
_wutime
_wstat64
_wfindnext
_wfindfirst
longjmp
_write
_strdup
_read
_fileno
_fdopen
_close

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.eh_fram
Size: 310KB - Virtual size: 309KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninstall.exe
.exe windows:4 windows x86 arch:x86

61259b55b8912888e90f516ca08dc514

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
CopyFileW
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 220KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 662B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

5e62e8e248e7364886b604bd1fcf4c13

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
GetUserNameW

kernel32

GlobalFree
GetVersion
GlobalAlloc
CloseHandle
GetModuleHandleA
GetLastError
GetCurrentProcess
GetCurrentThread
GetProcAddress
lstrcpynW

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 705B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/modern-wizard.bmp
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

6b5c4f7d679059f68f1269aad3a5cecd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesW
lstrcpyW
MulDiv
lstrlenW
HeapFree
GetCurrentDirectoryW
lstrcmpiW
GetProcessHeap
HeapReAlloc
GlobalFree
lstrcpynW
GlobalAlloc
SetCurrentDirectoryW
HeapAlloc

user32

DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetPropW
CharPrevW
DrawFocusRect
GetWindowLongW
DrawTextW
GetClientRect
SetWindowLongW
GetDlgItem
GetSysColor
SetWindowPos
CreateDialogParamW
MapDialogRect
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharNextW
SendMessageW
MapWindowPoints
RemovePropW
GetWindowTextW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 638B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61259b55b8912888e90f516ca08dc514

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 128KB

.ndata Size: - Virtual size: 220KB

.rsrc Size: 120KB - Virtual size: 119KB

80469f6834e579db68a646d49780b9d5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

ole32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 10KB

.rsrc Size: 512B - Virtual size: 296B

.reloc Size: 1024B - Virtual size: 578B

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 8KB - Virtual size: 8KB

.rdata Size: 1024B - Virtual size: 867B

.data Size: 512B - Virtual size: 120B

.reloc Size: 1024B - Virtual size: 662B

5e62e8e248e7364886b604bd1fcf4c13

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

Exports

Exports

Sections

.text Size: 1024B - Virtual size: 714B

.rdata Size: 1024B - Virtual size: 705B

.data Size: 512B - Virtual size: 104B

.reloc Size: 512B - Virtual size: 240B

6b5c4f7d679059f68f1269aad3a5cecd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 128KB

.ndata
Size: - Virtual size: 220KB

.rsrc
Size: 120KB - Virtual size: 119KB

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 10KB

.rsrc
Size: 512B - Virtual size: 296B

.reloc
Size: 1024B - Virtual size: 578B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 662B

.text
Size: 1024B - Virtual size: 714B

.rdata
Size: 1024B - Virtual size: 705B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 512B - Virtual size: 240B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 8KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 638B

.text
Size: 6.0MB - Virtual size: 6.0MB

.CLR_UEF
Size: 512B - Virtual size: 271B

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 28KB - Virtual size: 120KB

.pdata
Size: 215KB - Virtual size: 214KB

.didat
Size: 512B - Virtual size: 24B

Section
Size: 512B - Virtual size: 8B

_RDATA
Size: 77KB - Virtual size: 76KB

.rsrc
Size: 1.4MB - Virtual size: 1.4MB

.reloc
Size: 28KB - Virtual size: 28KB

33:00:00:02:cc:8e:b5:96:a6:bd:d1:c9:4e:00:00:00:00:02:cc
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

24:16:82:eb:5d:b7:88:75:69:3f:ab:b7:9b:49:0b:ea:1d:95:82:00:c5:bc:fc:08:76:c6:51:e6:8e:33:b6:2b
Signer

.text
Size: 616KB - Virtual size: 616KB

.rdata
Size: 227KB - Virtual size: 226KB

.data
Size: 5KB - Virtual size: 9KB

.pdata
Size: 30KB - Virtual size: 30KB

_RDATA
Size: 512B - Virtual size: 252B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 2KB - Virtual size: 2KB