RevoUninstaller_Portable[.]rar

Sharing

Copy URL

Twitter E-mail

General

Target

RevoUninstaller_Portable.rar
Size

16.1MB
MD5

be827194e27ac4d1d3755d7222f2c33a
SHA1

7a68ac30df363cb34275245007795463d923fc7f
SHA256

67f0cc7ae1209e4e0a6c14552807569ab350e59d7635b17369275750384f6559
SHA512

0850ca065d48c000b61cfe5c3790ec6d7e092c9fd7985c0b9863c2ed0b9c8c2712e9aeeb4bb0701fcf76c6c8e6d3c25ccc694465dafd882249446e4108fb4c71
SSDEEP

393216:OBAjyzprnviCVLV24HBd+Bzyj6p+Z2Bea8zmgbX:OXVDVAqDkYIB3KJbX

Score

4^/10

pdf link

Malware Config

Signatures

HTTP links in PDF interactive object 2 IoCs

Detects HTTP links in interactive objects within PDF files.

pdf link

resource	yara_rule
static1/unpack001/RevoUninstaller_Portable/Revo Uninstaller Help.pdf	pdf_with_link_action
static1/unpack004/RevoUninstaller_Portable/Revo Uninstaller Help.pdf	pdf_with_link_action

One or more HTTP URLs in PDF identified
Detects presence of HTTP links in PDF files.
pdf link

Files

RevoUninstaller_Portable.rar
.rar

Password: zz
RevoUninstaller_Portable/LicenseAgreement.txt
RevoUninstaller_Portable/Revo Uninstaller Help.pdf
.pdf
Password: zz
- http://www.revouninstaller.com/
RevoUninstaller_Portable/RevoUPort.exe
.exe windows:5 windows x86 arch:x86

Password: zz

f1701f0b31fe827683fdfb65eb40b138

Code Sign

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

02/08/2018, 00:00

Not After

06/08/2021, 12:00

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024247

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

02/08/2018, 00:00

Not After

06/08/2021, 12:00

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024247

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

94:78:65:fa:a2:e2:37:2d:53:8a:82:5c:0a:2a:06:f8:90:32:c9:2a:57:7a:dd:ce:2b:d7:45:21:ab:76:17:35
Signer

Actual PE Digest

94:78:65:fa:a2:e2:37:2d:53:8a:82:5c:0a:2a:06:f8:90:32:c9:2a:57:7a:dd:ce:2b:d7:45:21:ab:76:17:35

Digest Algorithm

sha256

PE Digest Matches

true

ff:19:79:9e:b8:b7:b7:df:ff:53:a2:05:81:19:47:f3:8b:f5:91:11
Signer

Actual PE Digest

ff:19:79:9e:b8:b7:b7:df:ff:53:a2:05:81:19:47:f3:8b:f5:91:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\Projects\RevoUninFreePort\Release\RevoUPort.pdb

Imports

shlwapi

PathQuoteSpacesW
PathRemoveFileSpecW

kernel32

VirtualFree
GetModuleFileNameW
IsWow64Process
GetCurrentProcess
CreateProcessW
CloseHandle
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RevoUninstaller_Portable/RevoUninstaller_Portable.zip
.zip

Password: zz
RevoUninstaller_Portable/LicenseAgreement.txt
RevoUninstaller_Portable/Revo Uninstaller Help.pdf
.pdf
Password: zz
- http://www.revouninstaller.com/
RevoUninstaller_Portable/RevoUPort.exe
.exe windows:5 windows x86 arch:x86

Password: zz

f1701f0b31fe827683fdfb65eb40b138

Code Sign

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

02/08/2018, 00:00

Not After

06/08/2021, 12:00

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024247

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

02/08/2018, 00:00

Not After

06/08/2021, 12:00

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.3=#13024247

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

94:78:65:fa:a2:e2:37:2d:53:8a:82:5c:0a:2a:06:f8:90:32:c9:2a:57:7a:dd:ce:2b:d7:45:21:ab:76:17:35
Signer

Actual PE Digest

94:78:65:fa:a2:e2:37:2d:53:8a:82:5c:0a:2a:06:f8:90:32:c9:2a:57:7a:dd:ce:2b:d7:45:21:ab:76:17:35

Digest Algorithm

sha256

PE Digest Matches

true

ff:19:79:9e:b8:b7:b7:df:ff:53:a2:05:81:19:47:f3:8b:f5:91:11
Signer

Actual PE Digest

ff:19:79:9e:b8:b7:b7:df:ff:53:a2:05:81:19:47:f3:8b:f5:91:11

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\Projects\RevoUninFreePort\Release\RevoUPort.pdb

Imports

shlwapi

PathQuoteSpacesW
PathRemoveFileSpecW

kernel32

VirtualFree
GetModuleFileNameW
IsWow64Process
GetCurrentProcess
CreateProcessW
CloseHandle
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
GetLastError
InterlockedDecrement
HeapCreate
HeapFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
VirtualAlloc
HeapReAlloc
RtlUnwind
HeapSize
GetLocaleInfoA
WideCharToMultiByte
GetStringTypeA
MultiByteToWideChar
GetStringTypeW
LCMapStringA
LCMapStringW

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 149KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RevoUninstaller_Portable/lang/Estonian.ini
RevoUninstaller_Portable/lang/albanian.ini
RevoUninstaller_Portable/lang/arabic.ini
RevoUninstaller_Portable/lang/armenian.ini
RevoUninstaller_Portable/lang/azerbaijani.ini
RevoUninstaller_Portable/lang/bengali.ini
RevoUninstaller_Portable/lang/bulgarian.ini
RevoUninstaller_Portable/lang/czech.ini
RevoUninstaller_Portable/lang/danish.ini
RevoUninstaller_Portable/lang/dutch.ini
RevoUninstaller_Portable/lang/english.ini
RevoUninstaller_Portable/lang/finnish.ini
RevoUninstaller_Portable/lang/french.ini
RevoUninstaller_Portable/lang/georgian.ini
RevoUninstaller_Portable/lang/german.ini
RevoUninstaller_Portable/lang/gujarati.ini
RevoUninstaller_Portable/lang/hebrew.ini
RevoUninstaller_Portable/lang/hellenic.ini
RevoUninstaller_Portable/lang/hindi.ini
RevoUninstaller_Portable/lang/hrvatski.ini
RevoUninstaller_Portable/lang/hungarian.ini
RevoUninstaller_Portable/lang/indonesian.ini
RevoUninstaller_Portable/lang/italiano.ini
RevoUninstaller_Portable/lang/japanese.ini
RevoUninstaller_Portable/lang/korean.ini
RevoUninstaller_Portable/lang/kurdish.ini
RevoUninstaller_Portable/lang/macedonian.ini
RevoUninstaller_Portable/lang/norwegian.ini
RevoUninstaller_Portable/lang/persian.ini
RevoUninstaller_Portable/lang/polish.ini
RevoUninstaller_Portable/lang/portuguese.ini
RevoUninstaller_Portable/lang/portuguese_standard.ini
RevoUninstaller_Portable/lang/portuguesebrazil.ini
RevoUninstaller_Portable/lang/romanian.ini
RevoUninstaller_Portable/lang/russian.ini
RevoUninstaller_Portable/lang/serbian.ini
RevoUninstaller_Portable/lang/serbianLatin.ini
RevoUninstaller_Portable/lang/simplifiedchinese.ini
RevoUninstaller_Portable/lang/slovak.ini
RevoUninstaller_Portable/lang/slovenian.ini
RevoUninstaller_Portable/lang/spanish.ini
RevoUninstaller_Portable/lang/swedish.ini
RevoUninstaller_Portable/lang/thai.ini
RevoUninstaller_Portable/lang/traditionalchinese.ini
RevoUninstaller_Portable/lang/turkish.ini
RevoUninstaller_Portable/lang/ukrainian.ini
RevoUninstaller_Portable/lang/vietnamese.ini
RevoUninstaller_Portable/x64/RevoUn.exe
.exe windows:5 windows x64 arch:x64

Password: zz

5e47d37b066dc138e4b1489ac28d33df

Code Sign

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/07/2021, 00:00

Not After

06/08/2024, 23:59

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,1.3.6.1.4.1.311.60.2.1.3=#13024247,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/07/2021, 00:00

Not After

06/08/2024, 23:59

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,1.3.6.1.4.1.311.60.2.1.3=#13024247,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:45:e2:e7:38:df:cc:c2:cd:13:9a:f5:0d:56:66:15:93:a6:cd:1a:d1:ca:6b:96:58:e2:ec:4d:24:cc:16:e3
Signer

Actual PE Digest

99:45:e2:e7:38:df:cc:c2:cd:13:9a:f5:0d:56:66:15:93:a6:cd:1a:d1:ca:6b:96:58:e2:ec:4d:24:cc:16:e3

Digest Algorithm

sha256

PE Digest Matches

true

ae:e8:51:32:15:24:1c:6b:a8:70:19:a5:d2:df:f3:c7:3e:19:2f:68
Signer

Actual PE Digest

ae:e8:51:32:15:24:1c:6b:a8:70:19:a5:d2:df:f3:c7:3e:19:2f:68

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Work\VSRevo\Windows\Projects\VSProjectII\x64\Release Portable Portable\RevoUn.pdb

Imports

comctl32

ord17
_TrackMouseEvent
ImageList_Duplicate

shlwapi

StrCatW
PathFileExistsW
PathFindExtensionW
PathAppendW
PathFindFileNameW
StrFormatByteSizeW
PathRemoveBackslashW
PathIsDirectoryW
StrStrIW
PathIsDirectoryEmptyW
StrCmpW
StrFormatKBSizeW
PathRemoveArgsW
SHDeleteValueW
SHDeleteKeyW
PathStripToRootW
StrToIntW
PathQuoteSpacesW
PathAddBackslashW
PathMatchSpecW
PathRemoveExtensionW
StrStrW
ord487
PathIsRootW
PathUnExpandEnvStringsW
SHQueryValueExW
PathUnquoteSpacesW
PathRemoveFileSpecW
StrCpyW
PathIsUNCW
PathGetArgsW
StrCmpIW

psapi

EnumProcesses
GetProcessImageFileNameW
GetModuleFileNameExW

msi

ord217
ord173

advapi32

RegNotifyChangeKeyValue
GetTokenInformation
RegQueryValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
SetSecurityInfo
SetEntriesInAclW
OpenProcessToken
RegDeleteKeyExW
FreeSid
SetNamedSecurityInfoW
AllocateAndInitializeSid
ConvertSidToStringSidW
LookupAccountNameW
RegUnLoadKeyW
RegSetValueExW
RegSetKeySecurity
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegLoadKeyW
RegGetKeySecurity
RegFlushKey
RegEnumKeyExW
RegCreateKeyExW
RegConnectRegistryW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenSCManagerW
OpenServiceW
CloseServiceHandle
DeleteService
RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
GetUserNameW

wininet

FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
FindCloseUrlCache

kernel32

OutputDebugStringA
GetVersionExA
GetCurrentProcessId
GetTempPathA
AreFileApisANSI
DeleteFileA
TlsAlloc
VirtualAllocEx
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAlloc
VirtualFree
GetVersion
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
GetLocaleInfoW
GetLongPathNameW
GetLogicalDriveStringsW
QueryDosDeviceW
VerSetConditionMask
VerifyVersionInfoW
GetUserDefaultLangID
GetCommandLineW
GetShortPathNameW
GlobalSize
CopyFileW
GlobalFree
SetThreadPriority
SuspendThread
GetModuleHandleA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
lstrcmpA
lstrlenA
GlobalGetAtomNameW
GetThreadLocale
GetVolumeInformationW
CompareStringA
LoadLibraryExW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntW
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
GetCurrentThreadId
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetFileSizeEx
GetFileTime
GetSystemDirectoryW
GetCurrentDirectoryW
GetProfileIntW
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VirtualProtect
VirtualQuery
GetCPInfo
ExitThread
CreateThread
RtlUnwindEx
RaiseException
RtlPcToFileHeader
ExitProcess
HeapQueryInformation
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetDriveTypeA
SetEnvironmentVariableA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
FlushFileBuffers
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
SetPriorityClass
GetPriorityClass
GetThreadPriority
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
GetCurrencyFormatW
FindResourceExW
WinExec
IsBadWritePtr
IsBadReadPtr
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
HeapFree
QueryPerformanceCounter
HeapAlloc
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
GetComputerNameW
WaitForMultipleObjects
CreateEventW
GetModuleFileNameW
GetTempFileNameW
WideCharToMultiByte
TerminateProcess
DuplicateHandle
LocalFree
GetCurrentProcess
GetEnvironmentVariableW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetVersionExW
CompareFileTime
GetTempPathW
SystemTimeToFileTime
GetSystemTime
GetDiskFreeSpaceExW
DeviceIoControl
lstrcmpiW
lstrlenW
GetUserDefaultUILanguage
GetBinaryTypeW
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
GetDriveTypeW
GetLogicalDrives
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
SetEvent
ResumeThread
ResetEvent
SetFileAttributesW
RemoveDirectoryW
OpenProcess
WriteFile
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
CreateProcessW
MoveFileW
lstrcatW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
lstrcmpW
lstrcpyW
GetFullPathNameW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
GetLastError
CreateDirectoryW
Sleep
MoveFileExW
WaitForSingleObject
FindResourceW
LoadResource
LockResource
SizeofResource
MulDiv
TlsSetValue

user32

MessageBeep
GetNextDlgGroupItem
PostThreadMessageW
GetDCEx
CopyAcceleratorTableW
UnionRect
CreateMenu
InvalidateRgn
GetTabbedTextExtentA
UnregisterClassW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
DeleteMenu
IsRectEmpty
CharNextW
MapVirtualKeyW
GetKeyNameTextW
IsZoomed
CharUpperW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
BringWindowToTop
SetParent
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreateDialogIndirectParamW
GetNextDlgTabItem
MoveWindow
GetMenuItemInfoW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
ScrollWindow
SetMenu
ShowScrollBar
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
IsWindowEnabled
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
GetWindow
EndPaint
BeginPaint
IntersectRect
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
GetMenuState
GetMenuStringW
AppendMenuW
RemoveMenu
GetActiveWindow
GetDoubleClickTime
IsCharAlphaW
MessageBoxW
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
MsgWaitForMultipleObjects
GetSubMenu
GetMenuItemID
GetMenuItemCount
IsWindowVisible
TrackPopupMenu
InsertMenuW
CreatePopupMenu
PeekMessageW
GetWindowThreadProcessId
WindowFromPoint
ReleaseCapture
SetCapture
DrawIcon
IsIconic
PtInRect
SetLayeredWindowAttributes
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
DrawStateW
FrameRect
MapVirtualKeyExW
EnableScrollBar
IsClipboardFormatAvailable
EnumChildWindows
FindWindowW
GetWindowDC
SetForegroundWindow
GetForegroundWindow
SystemParametersInfoW
SetWindowRgn
LoadBitmapW
GetSysColorBrush
SetRect
GetMessagePos
DrawFrameControl
FillRect
SetWindowLongW
GetWindowLongW
LockWindowUpdate
GetClassNameW
EqualRect
SetScrollRange
GetScrollPos
GetScrollRange
GetDesktopWindow
GetMonitorInfoW
MonitorFromWindow
LoadMenuW
DestroyMenu
LoadIconW
LoadStringW
InflateRect
OffsetRect
GetCursorPos
ReleaseDC
GetDC
SetScrollPos
ShowWindow
SetWindowPos
RedrawWindow
SetFocus
SetRectEmpty
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
KillTimer
wsprintfW
TranslateAcceleratorW
CloseClipboard
GetClipboardData
IsCharAlphaNumericW
GetIconInfo
DrawIconEx
DrawFocusRect
DestroyCursor
GetWindowRgn
GetCursor
DestroyAcceleratorTable
CreateIconIndirect
IsMenu
CreateAcceleratorTableW
LoadMenuIndirectW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
WindowFromDC
GetAsyncKeyState
WaitMessage
SetClipboardData
EmptyClipboard
OpenClipboard
CreateWindowExW
PostMessageW
SetCursor
CopyRect
LoadAcceleratorsW
ClientToScreen
SendMessageW
GetParent
UpdateWindow
DestroyIcon
LoadImageW
GetSysColor
GetDlgItem
EnableWindow
InvalidateRect
GetSystemMenu
GetSystemMetrics
GetFocus
SetTimer
GetClassInfoW
DefWindowProcW
LoadCursorW
GetWindowLongPtrW
IsChild
BeginDeferWindowPos
ScreenToClient
DeferWindowPos
EndDeferWindowPos
IsWindow
GetClientRect
GetWindowRect
DispatchMessageA
EndDialog

gdi32

PatBlt
SetRectRgn
CreateRectRgnIndirect
SetBkColor
CreateDCW
CopyMetaFileW
StretchBlt
GetDIBits
CombineRgn
CreateRectRgn
Rectangle
Ellipse
CreatePatternBrush
CreateFontW
SetDIBColorTable
SelectObject
DeleteDC
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateCompatibleDC
LPtoDP
CreateBitmap
GetWindowOrgEx
GetStockObject
SaveDC
GetRgnBox
GetViewportOrgEx
OffsetRgn
GetTextAlign
StretchDIBits
GetTextFaceW
GetROP2
GetPolyFillMode
Polygon
CreateEllipticRgn
CreateEllipticRgnIndirect
GetTextCharset
EnumFontFamiliesW
CreatePalette
PlayEnhMetaFile
GetCharWidthW
GetEnhMetaFileW
GetMetaFileW
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
CreateDIBitmap
EnumFontFamiliesExW
GetBkMode
RoundRect
FrameRgn
FillRgn
RealizePalette
CreateRoundRectRgn
CreatePolygonRgn
GetStretchBltMode
SetPixelV
SetPixel
GetNearestColor
PtInRegion
GetTextColor
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
GetDCOrgEx
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
SelectPalette
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
GetTextMetricsW
GetDeviceCaps
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
GetObjectW
GetBkColor
BitBlt
DPtoLP
GetMapMode
CreateCompatibleBitmap
CreateDIBSection
GetTextExtentPoint32A

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetDesktopFolder
CommandLineToArgvW
ShellExecuteW
DragQueryFileW
SHBrowseForFolderW
ShellExecuteExW
ord92
SHFileOperationW
SHGetFolderPathW
DragFinish
ExtractIconW
SHAddToRecentDocs
SHEmptyRecycleBinW
SHAppBarMessage
SHGetFileInfoW
Shell_NotifyIconW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleLoadFromStream
CreateStreamOnHGlobal
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleSaveToStream
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
WriteClassStm
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleTranslateAccelerator
IsAccelerator
ReleaseStgMedium

oleaut32

VarI4FromStr
VarR8FromStr
VarDiv
VarBstrFromR8
OleCreatePictureIndirect
VarMul
SysAllocString
VarCyFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysFreeString
VarDateFromStr
VariantClear
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy

urlmon

URLDownloadToFileW

gdiplus

GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdipCloneImage
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

PlaySoundW

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RevoUninstaller_Portable/x86/RevoUn.exe
.exe windows:5 windows x86 arch:x86

Password: zz

23ed9301d28cb73b64627fd6034f0594

Code Sign

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/07/2021, 00:00

Not After

06/08/2024, 23:59

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,1.3.6.1.4.1.311.60.2.1.3=#13024247,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/07/2021, 00:00

Not After

06/08/2024, 23:59

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,1.3.6.1.4.1.311.60.2.1.3=#13024247,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:39:2e:95:56:1c:16:20:8e:f9:f6:3a:de:35:39:ec:7f:2a:ec:c3:b6:7c:ad:8e:a0:d4:74:e1:02:3d:ce:17
Signer

Actual PE Digest

0d:39:2e:95:56:1c:16:20:8e:f9:f6:3a:de:35:39:ec:7f:2a:ec:c3:b6:7c:ad:8e:a0:d4:74:e1:02:3d:ce:17

Digest Algorithm

sha256

PE Digest Matches

true

b8:c8:02:1e:41:72:5a:20:eb:80:65:c1:7f:aa:bb:95:1a:6f:3d:ba
Signer

Actual PE Digest

b8:c8:02:1e:41:72:5a:20:eb:80:65:c1:7f:aa:bb:95:1a:6f:3d:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Work\VSRevo\Windows\Projects\VSProjectII\Release Portable\RevoUn.pdb

Imports

comctl32

ord17
_TrackMouseEvent
ImageList_Duplicate

shlwapi

StrCatW
PathFileExistsW
PathFindExtensionW
PathAppendW
PathFindFileNameW
StrFormatByteSizeW
PathRemoveBackslashW
PathIsDirectoryW
StrStrIW
PathIsDirectoryEmptyW
StrCmpW
StrFormatKBSizeW
PathRemoveArgsW
SHDeleteValueW
SHDeleteKeyW
PathStripToRootW
StrToIntW
PathQuoteSpacesW
PathAddBackslashW
PathMatchSpecW
PathRemoveExtensionW
StrStrW
ord487
PathIsRootW
PathUnExpandEnvStringsW
SHQueryValueExW
PathUnquoteSpacesW
PathRemoveFileSpecW
StrCpyW
PathIsUNCW
PathGetArgsW
StrCmpIW

psapi

EnumProcesses
GetProcessImageFileNameW
GetModuleFileNameExW

msi

ord217
ord173

advapi32

GetTokenInformation
AdjustTokenPrivileges
RegQueryValueW
LookupPrivilegeValueW
SetSecurityInfo
SetEntriesInAclW
OpenProcessToken
RegEnumValueW
FreeSid
SetNamedSecurityInfoW
AllocateAndInitializeSid
ConvertSidToStringSidW
LookupAccountNameW
RegUnLoadKeyW
RegSetValueExW
RegSetKeySecurity
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegLoadKeyW
RegGetKeySecurity
RegFlushKey
RegEnumKeyExW
RegCreateKeyExW
RegConnectRegistryW
RegDeleteKeyW
RegEnumKeyW
GetUserNameW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenSCManagerW
OpenServiceW
CloseServiceHandle
DeleteService
RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegNotifyChangeKeyValue

wininet

FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
FindCloseUrlCache

kernel32

GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
GetCurrentProcessId
GetTempPathA
AreFileApisANSI
DeleteFileA
TlsAlloc
VirtualAllocEx
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAlloc
VirtualFree
GetVersion
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
GetLocaleInfoW
GetLongPathNameW
IsWow64Process
GetLogicalDriveStringsW
QueryDosDeviceW
VerSetConditionMask
VerifyVersionInfoW
GetUserDefaultLangID
GetCommandLineW
GetShortPathNameW
GlobalSize
CopyFileW
GlobalFree
SetThreadPriority
SuspendThread
GetModuleHandleA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
lstrcmpA
lstrlenA
GlobalGetAtomNameW
GetThreadLocale
GetVolumeInformationW
CompareStringA
LoadLibraryExW
CreateFileMappingW
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntW
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetFileSizeEx
GetFileTime
GetSystemDirectoryW
GetCurrentDirectoryW
GetProfileIntW
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualQuery
GetCPInfo
ExitThread
CreateThread
RtlUnwind
RaiseException
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetDriveTypeA
SetEnvironmentVariableA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
FlushFileBuffers
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
SetPriorityClass
GetPriorityClass
GetThreadPriority
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
GetCurrencyFormatW
FindResourceExW
WinExec
IsBadWritePtr
IsBadReadPtr
InterlockedCompareExchange
HeapFree
QueryPerformanceCounter
HeapAlloc
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
GetComputerNameW
WaitForMultipleObjects
CreateEventW
GetModuleFileNameW
GetTempFileNameW
WideCharToMultiByte
TerminateProcess
DuplicateHandle
LocalFree
GetCurrentProcess
GetEnvironmentVariableW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetVersionExW
CompareFileTime
GetTempPathW
SystemTimeToFileTime
GetSystemTime
GetDiskFreeSpaceExW
DeviceIoControl
lstrcmpiW
InterlockedExchange
lstrlenW
GetUserDefaultUILanguage
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
GetDriveTypeW
GetLogicalDrives
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
SetEvent
ResumeThread
ResetEvent
SetFileAttributesW
RemoveDirectoryW
OpenProcess
WriteFile
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
CreateProcessW
MoveFileW
lstrcatW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
lstrcmpW
lstrcpyW
GetFullPathNameW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
GetLastError
CreateDirectoryW
Sleep
MoveFileExW
WaitForSingleObject
FindResourceW
LoadResource
LockResource
SizeofResource
MulDiv
EnumResourceLanguagesW

user32

MessageBeep
GetNextDlgGroupItem
PostThreadMessageW
GetDCEx
CopyAcceleratorTableW
UnionRect
CreateMenu
InvalidateRgn
GetTabbedTextExtentA
UnregisterClassW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
DeleteMenu
IsRectEmpty
CharNextW
MapVirtualKeyW
GetKeyNameTextW
IsZoomed
CharUpperW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
BringWindowToTop
SetParent
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetWindowTextLengthW
CheckMenuItem
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMenuItemInfoW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
ScrollWindow
SetMenu
ShowScrollBar
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowTextW
IsWindowEnabled
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
GetWindow
EndPaint
BeginPaint
IntersectRect
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
GetMenuState
GetMenuStringW
AppendMenuW
RemoveMenu
GetDoubleClickTime
IsCharAlphaW
MessageBoxW
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
MsgWaitForMultipleObjects
GetSubMenu
GetMenuItemID
GetMenuItemCount
IsWindowVisible
TrackPopupMenu
InsertMenuW
CreatePopupMenu
PeekMessageW
GetWindowThreadProcessId
WindowFromPoint
ReleaseCapture
SetCapture
DrawIcon
IsIconic
PtInRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
DrawStateW
FrameRect
MapVirtualKeyExW
EnableScrollBar
IsClipboardFormatAvailable
SetLayeredWindowAttributes
EnumChildWindows
FindWindowW
GetWindowDC
SetForegroundWindow
GetForegroundWindow
SystemParametersInfoW
SetWindowRgn
LoadBitmapW
GetSysColorBrush
SetRect
GetMessagePos
DrawFrameControl
FillRect
SetWindowLongW
LockWindowUpdate
GetClassNameW
EqualRect
SetScrollRange
GetScrollPos
GetScrollRange
GetDesktopWindow
GetMonitorInfoW
MonitorFromWindow
LoadMenuW
DestroyMenu
LoadIconW
LoadStringW
InflateRect
OffsetRect
GetCursorPos
ReleaseDC
GetDC
SetScrollPos
ShowWindow
SetWindowPos
RedrawWindow
SetFocus
SetRectEmpty
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
KillTimer
wsprintfW
TranslateAcceleratorW
CloseClipboard
GetClipboardData
IsCharAlphaNumericW
GetIconInfo
DrawIconEx
DrawFocusRect
DestroyCursor
GetWindowRgn
GetCursor
DestroyAcceleratorTable
CreateIconIndirect
IsMenu
CreateAcceleratorTableW
LoadMenuIndirectW
WindowFromDC
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetAsyncKeyState
WaitMessage
SetClipboardData
EmptyClipboard
OpenClipboard
CreateWindowExW
PostMessageW
SetCursor
CopyRect
LoadAcceleratorsW
ClientToScreen
SendMessageW
GetParent
UpdateWindow
DestroyIcon
LoadImageW
GetSysColor
GetDlgItem
EnableWindow
InvalidateRect
GetSystemMenu
GetSystemMetrics
GetFocus
SetTimer
GetClassInfoW
DefWindowProcW
LoadCursorW
GetWindowLongW
IsChild
BeginDeferWindowPos
ScreenToClient
DeferWindowPos
EndDeferWindowPos
IsWindow
GetClientRect
GetWindowRect
GetActiveWindow
EnableMenuItem

gdi32

SaveDC
CreatePatternBrush
PatBlt
SetRectRgn
CreateRectRgnIndirect
SetBkColor
CreateDCW
CopyMetaFileW
StretchBlt
GetDIBits
CombineRgn
CreateRectRgn
RestoreDC
Ellipse
GetStockObject
CreateFontW
SetDIBColorTable
SelectObject
DeleteDC
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateCompatibleDC
GetWindowOrgEx
Rectangle
SetBkMode
GetRgnBox
GetViewportOrgEx
OffsetRgn
GetTextAlign
StretchDIBits
GetTextFaceW
GetROP2
GetPolyFillMode
Polygon
CreateEllipticRgn
CreateEllipticRgnIndirect
GetTextCharset
GetCharWidthW
EnumFontFamiliesW
CreatePalette
PlayEnhMetaFile
GetEnhMetaFileW
GetMetaFileW
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
CreateDIBitmap
EnumFontFamiliesExW
GetBkMode
RoundRect
FrameRgn
FillRgn
RealizePalette
CreateRoundRectRgn
CreatePolygonRgn
GetStretchBltMode
SetPixelV
SetPixel
GetNearestColor
PtInRegion
GetTextColor
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
GetDCOrgEx
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
SelectPalette
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetTextMetricsW
GetDeviceCaps
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
GetObjectW
GetBkColor
BitBlt
DPtoLP
GetMapMode
CreateCompatibleBitmap
CreateDIBSection
CreateBitmap
LPtoDP
GetTextExtentPoint32A

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetDesktopFolder
CommandLineToArgvW
ShellExecuteW
DragQueryFileW
SHBrowseForFolderW
ShellExecuteExW
ord92
SHFileOperationW
SHGetFolderPathW
DragFinish
ExtractIconW
SHAddToRecentDocs
SHEmptyRecycleBinW
SHAppBarMessage
SHGetFileInfoW
Shell_NotifyIconW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleLoadFromStream
CreateStreamOnHGlobal
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleSaveToStream
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
WriteClassStm
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleTranslateAccelerator
IsAccelerator
ReleaseStgMedium

oleaut32

VarMul
VarR8FromStr
VarBstrFromR8
VarI4FromStr
OleCreatePictureIndirect
VarDiv
SysAllocString
VarCyFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysFreeString
VarDateFromStr
VariantClear
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy

urlmon

URLDownloadToFileW

gdiplus

GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdipCloneImage
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

PlaySoundW

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 804KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RevoUninstaller_Portable/arm_report.dat
RevoUninstaller_Portable/ctrlbars.dat
RevoUninstaller_Portable/lang/Estonian.ini
RevoUninstaller_Portable/lang/albanian.ini
RevoUninstaller_Portable/lang/arabic.ini
RevoUninstaller_Portable/lang/armenian.ini
RevoUninstaller_Portable/lang/azerbaijani.ini
RevoUninstaller_Portable/lang/bengali.ini
RevoUninstaller_Portable/lang/bulgarian.ini
RevoUninstaller_Portable/lang/czech.ini
RevoUninstaller_Portable/lang/danish.ini
RevoUninstaller_Portable/lang/dutch.ini
RevoUninstaller_Portable/lang/english.ini
RevoUninstaller_Portable/lang/finnish.ini
RevoUninstaller_Portable/lang/french.ini
RevoUninstaller_Portable/lang/georgian.ini
RevoUninstaller_Portable/lang/german.ini
RevoUninstaller_Portable/lang/gujarati.ini
RevoUninstaller_Portable/lang/hebrew.ini
RevoUninstaller_Portable/lang/hellenic.ini
RevoUninstaller_Portable/lang/hindi.ini
RevoUninstaller_Portable/lang/hrvatski.ini
RevoUninstaller_Portable/lang/hungarian.ini
RevoUninstaller_Portable/lang/indonesian.ini
RevoUninstaller_Portable/lang/italiano.ini
RevoUninstaller_Portable/lang/japanese.ini
RevoUninstaller_Portable/lang/korean.ini
RevoUninstaller_Portable/lang/kurdish.ini
RevoUninstaller_Portable/lang/macedonian.ini
RevoUninstaller_Portable/lang/norwegian.ini
RevoUninstaller_Portable/lang/persian.ini
RevoUninstaller_Portable/lang/polish.ini
RevoUninstaller_Portable/lang/portuguese.ini
RevoUninstaller_Portable/lang/portuguese_standard.ini
RevoUninstaller_Portable/lang/portuguesebrazil.ini
RevoUninstaller_Portable/lang/romanian.ini
RevoUninstaller_Portable/lang/russian.ini
RevoUninstaller_Portable/lang/serbian.ini
RevoUninstaller_Portable/lang/serbianLatin.ini
RevoUninstaller_Portable/lang/simplifiedchinese.ini
RevoUninstaller_Portable/lang/slovak.ini
RevoUninstaller_Portable/lang/slovenian.ini
RevoUninstaller_Portable/lang/spanish.ini
RevoUninstaller_Portable/lang/swedish.ini
RevoUninstaller_Portable/lang/thai.ini
RevoUninstaller_Portable/lang/traditionalchinese.ini
RevoUninstaller_Portable/lang/turkish.ini
RevoUninstaller_Portable/lang/ukrainian.ini
RevoUninstaller_Portable/lang/vietnamese.ini
RevoUninstaller_Portable/settings.ini
RevoUninstaller_Portable/un_report.dat
RevoUninstaller_Portable/winapp_report.dat
RevoUninstaller_Portable/x64/RevoUn.exe
.exe windows:5 windows x64 arch:x64

Password: zz

5e47d37b066dc138e4b1489ac28d33df

Code Sign

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/07/2021, 00:00

Not After

06/08/2024, 23:59

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,1.3.6.1.4.1.311.60.2.1.3=#13024247,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/07/2021, 00:00

Not After

06/08/2024, 23:59

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,1.3.6.1.4.1.311.60.2.1.3=#13024247,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:45:e2:e7:38:df:cc:c2:cd:13:9a:f5:0d:56:66:15:93:a6:cd:1a:d1:ca:6b:96:58:e2:ec:4d:24:cc:16:e3
Signer

Actual PE Digest

99:45:e2:e7:38:df:cc:c2:cd:13:9a:f5:0d:56:66:15:93:a6:cd:1a:d1:ca:6b:96:58:e2:ec:4d:24:cc:16:e3

Digest Algorithm

sha256

PE Digest Matches

true

ae:e8:51:32:15:24:1c:6b:a8:70:19:a5:d2:df:f3:c7:3e:19:2f:68
Signer

Actual PE Digest

ae:e8:51:32:15:24:1c:6b:a8:70:19:a5:d2:df:f3:c7:3e:19:2f:68

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Work\VSRevo\Windows\Projects\VSProjectII\x64\Release Portable Portable\RevoUn.pdb

Imports

comctl32

ord17
_TrackMouseEvent
ImageList_Duplicate

shlwapi

StrCatW
PathFileExistsW
PathFindExtensionW
PathAppendW
PathFindFileNameW
StrFormatByteSizeW
PathRemoveBackslashW
PathIsDirectoryW
StrStrIW
PathIsDirectoryEmptyW
StrCmpW
StrFormatKBSizeW
PathRemoveArgsW
SHDeleteValueW
SHDeleteKeyW
PathStripToRootW
StrToIntW
PathQuoteSpacesW
PathAddBackslashW
PathMatchSpecW
PathRemoveExtensionW
StrStrW
ord487
PathIsRootW
PathUnExpandEnvStringsW
SHQueryValueExW
PathUnquoteSpacesW
PathRemoveFileSpecW
StrCpyW
PathIsUNCW
PathGetArgsW
StrCmpIW

psapi

EnumProcesses
GetProcessImageFileNameW
GetModuleFileNameExW

msi

ord217
ord173

advapi32

RegNotifyChangeKeyValue
GetTokenInformation
RegQueryValueW
AdjustTokenPrivileges
LookupPrivilegeValueW
SetSecurityInfo
SetEntriesInAclW
OpenProcessToken
RegDeleteKeyExW
FreeSid
SetNamedSecurityInfoW
AllocateAndInitializeSid
ConvertSidToStringSidW
LookupAccountNameW
RegUnLoadKeyW
RegSetValueExW
RegSetKeySecurity
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegLoadKeyW
RegGetKeySecurity
RegFlushKey
RegEnumKeyExW
RegCreateKeyExW
RegConnectRegistryW
RegDeleteKeyW
RegEnumKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenSCManagerW
OpenServiceW
CloseServiceHandle
DeleteService
RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegEnumValueW
GetUserNameW

wininet

FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
FindCloseUrlCache

kernel32

OutputDebugStringA
GetVersionExA
GetCurrentProcessId
GetTempPathA
AreFileApisANSI
DeleteFileA
TlsAlloc
VirtualAllocEx
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAlloc
VirtualFree
GetVersion
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
GetLocaleInfoW
GetLongPathNameW
GetLogicalDriveStringsW
QueryDosDeviceW
VerSetConditionMask
VerifyVersionInfoW
GetUserDefaultLangID
GetCommandLineW
GetShortPathNameW
GlobalSize
CopyFileW
GlobalFree
SetThreadPriority
SuspendThread
GetModuleHandleA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
lstrcmpA
lstrlenA
GlobalGetAtomNameW
GetThreadLocale
GetVolumeInformationW
CompareStringA
LoadLibraryExW
EnumResourceLanguagesW
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntW
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
GetCurrentThreadId
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetFileSizeEx
GetFileTime
GetSystemDirectoryW
GetCurrentDirectoryW
GetProfileIntW
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VirtualProtect
VirtualQuery
GetCPInfo
ExitThread
CreateThread
RtlUnwindEx
RaiseException
RtlPcToFileHeader
ExitProcess
HeapQueryInformation
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
EncodePointer
DecodePointer
FlsGetValue
FlsSetValue
FlsFree
FlsAlloc
HeapSetInformation
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetDriveTypeA
SetEnvironmentVariableA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
FlushFileBuffers
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
SetPriorityClass
GetPriorityClass
GetThreadPriority
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
GetCurrencyFormatW
FindResourceExW
WinExec
IsBadWritePtr
IsBadReadPtr
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
HeapFree
QueryPerformanceCounter
HeapAlloc
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
GetComputerNameW
WaitForMultipleObjects
CreateEventW
GetModuleFileNameW
GetTempFileNameW
WideCharToMultiByte
TerminateProcess
DuplicateHandle
LocalFree
GetCurrentProcess
GetEnvironmentVariableW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetVersionExW
CompareFileTime
GetTempPathW
SystemTimeToFileTime
GetSystemTime
GetDiskFreeSpaceExW
DeviceIoControl
lstrcmpiW
lstrlenW
GetUserDefaultUILanguage
GetBinaryTypeW
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
GetDriveTypeW
GetLogicalDrives
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
SetEvent
ResumeThread
ResetEvent
SetFileAttributesW
RemoveDirectoryW
OpenProcess
WriteFile
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
CreateProcessW
MoveFileW
lstrcatW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
lstrcmpW
lstrcpyW
GetFullPathNameW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
GetLastError
CreateDirectoryW
Sleep
MoveFileExW
WaitForSingleObject
FindResourceW
LoadResource
LockResource
SizeofResource
MulDiv
TlsSetValue

user32

MessageBeep
GetNextDlgGroupItem
PostThreadMessageW
GetDCEx
CopyAcceleratorTableW
UnionRect
CreateMenu
InvalidateRgn
GetTabbedTextExtentA
UnregisterClassW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
DeleteMenu
IsRectEmpty
CharNextW
MapVirtualKeyW
GetKeyNameTextW
IsZoomed
CharUpperW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
BringWindowToTop
SetParent
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
EnableMenuItem
CheckMenuItem
CreateDialogIndirectParamW
GetNextDlgTabItem
MoveWindow
GetMenuItemInfoW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
ScrollWindow
SetMenu
ShowScrollBar
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthW
GetWindowTextW
IsWindowEnabled
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
GetWindow
EndPaint
BeginPaint
IntersectRect
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
GetMenuState
GetMenuStringW
AppendMenuW
RemoveMenu
GetActiveWindow
GetDoubleClickTime
IsCharAlphaW
MessageBoxW
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
MsgWaitForMultipleObjects
GetSubMenu
GetMenuItemID
GetMenuItemCount
IsWindowVisible
TrackPopupMenu
InsertMenuW
CreatePopupMenu
PeekMessageW
GetWindowThreadProcessId
WindowFromPoint
ReleaseCapture
SetCapture
DrawIcon
IsIconic
PtInRect
SetLayeredWindowAttributes
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
DrawStateW
FrameRect
MapVirtualKeyExW
EnableScrollBar
IsClipboardFormatAvailable
EnumChildWindows
FindWindowW
GetWindowDC
SetForegroundWindow
GetForegroundWindow
SystemParametersInfoW
SetWindowRgn
LoadBitmapW
GetSysColorBrush
SetRect
GetMessagePos
DrawFrameControl
FillRect
SetWindowLongW
GetWindowLongW
LockWindowUpdate
GetClassNameW
EqualRect
SetScrollRange
GetScrollPos
GetScrollRange
GetDesktopWindow
GetMonitorInfoW
MonitorFromWindow
LoadMenuW
DestroyMenu
LoadIconW
LoadStringW
InflateRect
OffsetRect
GetCursorPos
ReleaseDC
GetDC
SetScrollPos
ShowWindow
SetWindowPos
RedrawWindow
SetFocus
SetRectEmpty
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
KillTimer
wsprintfW
TranslateAcceleratorW
CloseClipboard
GetClipboardData
IsCharAlphaNumericW
GetIconInfo
DrawIconEx
DrawFocusRect
DestroyCursor
GetWindowRgn
GetCursor
DestroyAcceleratorTable
CreateIconIndirect
IsMenu
CreateAcceleratorTableW
LoadMenuIndirectW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
WindowFromDC
GetAsyncKeyState
WaitMessage
SetClipboardData
EmptyClipboard
OpenClipboard
CreateWindowExW
PostMessageW
SetCursor
CopyRect
LoadAcceleratorsW
ClientToScreen
SendMessageW
GetParent
UpdateWindow
DestroyIcon
LoadImageW
GetSysColor
GetDlgItem
EnableWindow
InvalidateRect
GetSystemMenu
GetSystemMetrics
GetFocus
SetTimer
GetClassInfoW
DefWindowProcW
LoadCursorW
GetWindowLongPtrW
IsChild
BeginDeferWindowPos
ScreenToClient
DeferWindowPos
EndDeferWindowPos
IsWindow
GetClientRect
GetWindowRect
DispatchMessageA
EndDialog

gdi32

PatBlt
SetRectRgn
CreateRectRgnIndirect
SetBkColor
CreateDCW
CopyMetaFileW
StretchBlt
GetDIBits
CombineRgn
CreateRectRgn
Rectangle
Ellipse
CreatePatternBrush
CreateFontW
SetDIBColorTable
SelectObject
DeleteDC
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateCompatibleDC
LPtoDP
CreateBitmap
GetWindowOrgEx
GetStockObject
SaveDC
GetRgnBox
GetViewportOrgEx
OffsetRgn
GetTextAlign
StretchDIBits
GetTextFaceW
GetROP2
GetPolyFillMode
Polygon
CreateEllipticRgn
CreateEllipticRgnIndirect
GetTextCharset
EnumFontFamiliesW
CreatePalette
PlayEnhMetaFile
GetCharWidthW
GetEnhMetaFileW
GetMetaFileW
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
CreateDIBitmap
EnumFontFamiliesExW
GetBkMode
RoundRect
FrameRgn
FillRgn
RealizePalette
CreateRoundRectRgn
CreatePolygonRgn
GetStretchBltMode
SetPixelV
SetPixel
GetNearestColor
PtInRegion
GetTextColor
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
GetDCOrgEx
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
SelectPalette
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
GetTextMetricsW
GetDeviceCaps
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
GetObjectW
GetBkColor
BitBlt
DPtoLP
GetMapMode
CreateCompatibleBitmap
CreateDIBSection
GetTextExtentPoint32A

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetDesktopFolder
CommandLineToArgvW
ShellExecuteW
DragQueryFileW
SHBrowseForFolderW
ShellExecuteExW
ord92
SHFileOperationW
SHGetFolderPathW
DragFinish
ExtractIconW
SHAddToRecentDocs
SHEmptyRecycleBinW
SHAppBarMessage
SHGetFileInfoW
Shell_NotifyIconW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleLoadFromStream
CreateStreamOnHGlobal
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleSaveToStream
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
WriteClassStm
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleTranslateAccelerator
IsAccelerator
ReleaseStgMedium

oleaut32

VarI4FromStr
VarR8FromStr
VarDiv
VarBstrFromR8
OleCreatePictureIndirect
VarMul
SysAllocString
VarCyFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysFreeString
VarDateFromStr
VariantClear
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy

urlmon

URLDownloadToFileW

gdiplus

GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdipCloneImage
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

PlaySoundW

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 306KB - Virtual size: 305KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE

data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
RevoUninstaller_Portable/x64/button.bmp
RevoUninstaller_Portable/x86/RevoUn.exe
.exe windows:5 windows x86 arch:x86

23ed9301d28cb73b64627fd6034f0594

Code Sign

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/07/2021, 00:00

Not After

06/08/2024, 23:59

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,1.3.6.1.4.1.311.60.2.1.3=#13024247,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

Issuer

CN=DigiCert Global Root G3,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

Issuer

CN=DigiCert Global G3 Code Signing ECC SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

27/07/2021, 00:00

Not After

06/08/2024, 23:59

Subject

SERIALNUMBER=200204019,CN=VS Revo Group Ltd.,O=VS Revo Group Ltd.,L=Ruse,C=BG,1.3.6.1.4.1.311.60.2.1.3=#13024247,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:39:2e:95:56:1c:16:20:8e:f9:f6:3a:de:35:39:ec:7f:2a:ec:c3:b6:7c:ad:8e:a0:d4:74:e1:02:3d:ce:17
Signer

Actual PE Digest

0d:39:2e:95:56:1c:16:20:8e:f9:f6:3a:de:35:39:ec:7f:2a:ec:c3:b6:7c:ad:8e:a0:d4:74:e1:02:3d:ce:17

Digest Algorithm

sha256

PE Digest Matches

true

b8:c8:02:1e:41:72:5a:20:eb:80:65:c1:7f:aa:bb:95:1a:6f:3d:ba
Signer

Actual PE Digest

b8:c8:02:1e:41:72:5a:20:eb:80:65:c1:7f:aa:bb:95:1a:6f:3d:ba

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

C:\Work\VSRevo\Windows\Projects\VSProjectII\Release Portable\RevoUn.pdb

Imports

comctl32

ord17
_TrackMouseEvent
ImageList_Duplicate

shlwapi

StrCatW
PathFileExistsW
PathFindExtensionW
PathAppendW
PathFindFileNameW
StrFormatByteSizeW
PathRemoveBackslashW
PathIsDirectoryW
StrStrIW
PathIsDirectoryEmptyW
StrCmpW
StrFormatKBSizeW
PathRemoveArgsW
SHDeleteValueW
SHDeleteKeyW
PathStripToRootW
StrToIntW
PathQuoteSpacesW
PathAddBackslashW
PathMatchSpecW
PathRemoveExtensionW
StrStrW
ord487
PathIsRootW
PathUnExpandEnvStringsW
SHQueryValueExW
PathUnquoteSpacesW
PathRemoveFileSpecW
StrCpyW
PathIsUNCW
PathGetArgsW
StrCmpIW

psapi

EnumProcesses
GetProcessImageFileNameW
GetModuleFileNameExW

msi

ord217
ord173

advapi32

GetTokenInformation
AdjustTokenPrivileges
RegQueryValueW
LookupPrivilegeValueW
SetSecurityInfo
SetEntriesInAclW
OpenProcessToken
RegEnumValueW
FreeSid
SetNamedSecurityInfoW
AllocateAndInitializeSid
ConvertSidToStringSidW
LookupAccountNameW
RegUnLoadKeyW
RegSetValueExW
RegSetKeySecurity
RegSaveKeyW
RegRestoreKeyW
RegReplaceKeyW
RegLoadKeyW
RegGetKeySecurity
RegFlushKey
RegEnumKeyExW
RegCreateKeyExW
RegConnectRegistryW
RegDeleteKeyW
RegEnumKeyW
GetUserNameW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
OpenSCManagerW
OpenServiceW
CloseServiceHandle
DeleteService
RegOpenKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegNotifyChangeKeyValue

wininet

FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW
FindCloseUrlCache

kernel32

GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
GetCurrentThreadId
OutputDebugStringA
GetVersionExA
GetCurrentProcessId
GetTempPathA
AreFileApisANSI
DeleteFileA
TlsAlloc
VirtualAllocEx
VirtualFreeEx
ReadProcessMemory
WriteProcessMemory
VirtualAlloc
VirtualFree
GetVersion
SystemTimeToTzSpecificLocalTime
GetUserDefaultLCID
GetLocaleInfoW
GetLongPathNameW
IsWow64Process
GetLogicalDriveStringsW
QueryDosDeviceW
VerSetConditionMask
VerifyVersionInfoW
GetUserDefaultLangID
GetCommandLineW
GetShortPathNameW
GlobalSize
CopyFileW
GlobalFree
SetThreadPriority
SuspendThread
GetModuleHandleA
CompareStringW
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
FreeResource
lstrcmpA
lstrlenA
GlobalGetAtomNameW
GetThreadLocale
GetVolumeInformationW
CompareStringA
LoadLibraryExW
CreateFileMappingW
ConvertDefaultLocale
GetCurrentThread
GetPrivateProfileIntW
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsSetValue
LocalReAlloc
TlsFree
GlobalFlags
SetErrorMode
GetFileSizeEx
GetFileTime
GetSystemDirectoryW
GetCurrentDirectoryW
GetProfileIntW
GetStartupInfoW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
VirtualQuery
GetCPInfo
ExitThread
CreateThread
RtlUnwind
RaiseException
ExitProcess
GetStdHandle
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
GetStartupInfoA
GetACP
GetOEMCP
IsValidCodePage
GetTimeZoneInformation
LCMapStringW
LCMapStringA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetStringTypeA
GetStringTypeW
GetConsoleCP
GetConsoleMode
GetFileInformationByHandle
PeekNamedPipe
GetCurrentDirectoryA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetStdHandle
GetDriveTypeA
SetEnvironmentVariableA
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
FlushFileBuffers
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
WaitForSingleObjectEx
LockFile
FlushViewOfFile
UnlockFile
SetPriorityClass
GetPriorityClass
GetThreadPriority
GetTimeFormatW
GetDateFormatW
GetNumberFormatW
GetCurrencyFormatW
FindResourceExW
WinExec
IsBadWritePtr
IsBadReadPtr
InterlockedCompareExchange
HeapFree
QueryPerformanceCounter
HeapAlloc
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
TryEnterCriticalSection
SetFilePointer
HeapCompact
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
FreeLibrary
FileTimeToLocalFileTime
FileTimeToSystemTime
GetComputerNameW
WaitForMultipleObjects
CreateEventW
GetModuleFileNameW
GetTempFileNameW
WideCharToMultiByte
TerminateProcess
DuplicateHandle
LocalFree
GetCurrentProcess
GetEnvironmentVariableW
GetPrivateProfileStringW
GetPrivateProfileSectionNamesW
GetPrivateProfileSectionW
WritePrivateProfileStringW
GetVersionExW
CompareFileTime
GetTempPathW
SystemTimeToFileTime
GetSystemTime
GetDiskFreeSpaceExW
DeviceIoControl
lstrcmpiW
InterlockedExchange
lstrlenW
GetUserDefaultUILanguage
GetProcAddress
GetModuleHandleW
LoadLibraryW
SetLastError
GetDriveTypeW
GetLogicalDrives
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
MultiByteToWideChar
SetEvent
ResumeThread
ResetEvent
SetFileAttributesW
RemoveDirectoryW
OpenProcess
WriteFile
CreateFileW
GlobalUnlock
GlobalLock
GlobalAlloc
CloseHandle
CreateProcessW
MoveFileW
lstrcatW
GetWindowsDirectoryW
ExpandEnvironmentStringsW
lstrcmpW
lstrcpyW
GetFullPathNameW
DeleteFileW
FindClose
FindNextFileW
FindFirstFileW
GetLastError
CreateDirectoryW
Sleep
MoveFileExW
WaitForSingleObject
FindResourceW
LoadResource
LockResource
SizeofResource
MulDiv
EnumResourceLanguagesW

user32

MessageBeep
GetNextDlgGroupItem
PostThreadMessageW
GetDCEx
CopyAcceleratorTableW
UnionRect
CreateMenu
InvalidateRgn
GetTabbedTextExtentA
UnregisterClassW
ShowOwnedPopups
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
PostQuitMessage
DeleteMenu
IsRectEmpty
CharNextW
MapVirtualKeyW
GetKeyNameTextW
IsZoomed
CharUpperW
UnpackDDElParam
ReuseDDElParam
InsertMenuItemW
BringWindowToTop
SetParent
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
ModifyMenuW
GetWindowTextLengthW
CheckMenuItem
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMenuItemInfoW
RegisterWindowMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
SetPropW
GetPropW
RemovePropW
GetLastActivePopup
SetActiveWindow
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
ScrollWindow
SetMenu
ShowScrollBar
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
GetScrollInfo
SetScrollInfo
SetWindowPlacement
CallWindowProcW
GetMenu
SystemParametersInfoA
GetWindowPlacement
GetWindowTextW
IsWindowEnabled
MoveWindow
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SendDlgItemMessageW
GetWindow
EndPaint
BeginPaint
IntersectRect
SetWindowsHookExW
CallNextHookEx
GetKeyState
ValidateRect
GetMenuState
GetMenuStringW
AppendMenuW
RemoveMenu
GetDoubleClickTime
IsCharAlphaW
MessageBoxW
DispatchMessageA
DispatchMessageW
TranslateMessage
GetMessageA
GetMessageW
IsWindowUnicode
MsgWaitForMultipleObjects
GetSubMenu
GetMenuItemID
GetMenuItemCount
IsWindowVisible
TrackPopupMenu
InsertMenuW
CreatePopupMenu
PeekMessageW
GetWindowThreadProcessId
WindowFromPoint
ReleaseCapture
SetCapture
DrawIcon
IsIconic
PtInRect
TranslateMDISysAccel
DrawMenuBar
DefMDIChildProcW
DefFrameProcW
DrawStateW
FrameRect
MapVirtualKeyExW
EnableScrollBar
IsClipboardFormatAvailable
SetLayeredWindowAttributes
EnumChildWindows
FindWindowW
GetWindowDC
SetForegroundWindow
GetForegroundWindow
SystemParametersInfoW
SetWindowRgn
LoadBitmapW
GetSysColorBrush
SetRect
GetMessagePos
DrawFrameControl
FillRect
SetWindowLongW
LockWindowUpdate
GetClassNameW
EqualRect
SetScrollRange
GetScrollPos
GetScrollRange
GetDesktopWindow
GetMonitorInfoW
MonitorFromWindow
LoadMenuW
DestroyMenu
LoadIconW
LoadStringW
InflateRect
OffsetRect
GetCursorPos
ReleaseDC
GetDC
SetScrollPos
ShowWindow
SetWindowPos
RedrawWindow
SetFocus
SetRectEmpty
TabbedTextOutW
DrawTextW
DrawTextExW
GrayStringW
KillTimer
wsprintfW
TranslateAcceleratorW
CloseClipboard
GetClipboardData
IsCharAlphaNumericW
GetIconInfo
DrawIconEx
DrawFocusRect
DestroyCursor
GetWindowRgn
GetCursor
DestroyAcceleratorTable
CreateIconIndirect
IsMenu
CreateAcceleratorTableW
LoadMenuIndirectW
WindowFromDC
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
GetAsyncKeyState
WaitMessage
SetClipboardData
EmptyClipboard
OpenClipboard
CreateWindowExW
PostMessageW
SetCursor
CopyRect
LoadAcceleratorsW
ClientToScreen
SendMessageW
GetParent
UpdateWindow
DestroyIcon
LoadImageW
GetSysColor
GetDlgItem
EnableWindow
InvalidateRect
GetSystemMenu
GetSystemMetrics
GetFocus
SetTimer
GetClassInfoW
DefWindowProcW
LoadCursorW
GetWindowLongW
IsChild
BeginDeferWindowPos
ScreenToClient
DeferWindowPos
EndDeferWindowPos
IsWindow
GetClientRect
GetWindowRect
GetActiveWindow
EnableMenuItem

gdi32

SaveDC
CreatePatternBrush
PatBlt
SetRectRgn
CreateRectRgnIndirect
SetBkColor
CreateDCW
CopyMetaFileW
StretchBlt
GetDIBits
CombineRgn
CreateRectRgn
RestoreDC
Ellipse
GetStockObject
CreateFontW
SetDIBColorTable
SelectObject
DeleteDC
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateCompatibleDC
GetWindowOrgEx
Rectangle
SetBkMode
GetRgnBox
GetViewportOrgEx
OffsetRgn
GetTextAlign
StretchDIBits
GetTextFaceW
GetROP2
GetPolyFillMode
Polygon
CreateEllipticRgn
CreateEllipticRgnIndirect
GetTextCharset
GetCharWidthW
EnumFontFamiliesW
CreatePalette
PlayEnhMetaFile
GetEnhMetaFileW
GetMetaFileW
DeleteEnhMetaFile
CloseEnhMetaFile
CreateEnhMetaFileW
EndDoc
AbortDoc
SetAbortProc
EndPage
StartPage
CreateDIBitmap
EnumFontFamiliesExW
GetBkMode
RoundRect
FrameRgn
FillRgn
RealizePalette
CreateRoundRectRgn
CreatePolygonRgn
GetStretchBltMode
SetPixelV
SetPixel
GetNearestColor
PtInRegion
GetTextColor
DeleteMetaFile
CloseMetaFile
CreateMetaFileW
GetDCOrgEx
CreateSolidBrush
ExtCreatePen
CreatePen
PlayMetaFile
SelectPalette
ExtSelectClipRgn
GetCurrentPositionEx
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
StartDocW
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipRgn
SetTextAlign
MoveToEx
LineTo
IntersectClipRect
ExcludeClipRect
GetClipBox
SetMapMode
SetTextColor
SetStretchBltMode
SetROP2
SetPolyFillMode
GetTextMetricsW
GetDeviceCaps
GetTextExtentPoint32W
CreateFontIndirectW
DeleteObject
GetObjectW
GetBkColor
BitBlt
DPtoLP
GetMapMode
CreateCompatibleBitmap
CreateDIBSection
CreateBitmap
LPtoDP
GetTextExtentPoint32A

msimg32

AlphaBlend

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
OpenPrinterW
ClosePrinter

shell32

SHGetMalloc
SHGetPathFromIDListW
SHGetDesktopFolder
CommandLineToArgvW
ShellExecuteW
DragQueryFileW
SHBrowseForFolderW
ShellExecuteExW
ord92
SHFileOperationW
SHGetFolderPathW
DragFinish
ExtractIconW
SHAddToRecentDocs
SHEmptyRecycleBinW
SHAppBarMessage
SHGetFileInfoW
Shell_NotifyIconW

oledlg

OleUIBusyW

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleLoadFromStream
CreateStreamOnHGlobal
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
OleSaveToStream
OleDuplicateData
CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoInitializeEx
CoUninitialize
CoInitialize
CoCreateInstance
CoRevokeClassObject
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter
WriteClassStm
DoDragDrop
RegisterDragDrop
CoLockObjectExternal
RevokeDragDrop
OleGetClipboard
OleTranslateAccelerator
IsAccelerator
ReleaseStgMedium

oleaut32

VarMul
VarR8FromStr
VarBstrFromR8
VarI4FromStr
OleCreatePictureIndirect
VarDiv
SysAllocString
VarCyFromStr
VariantTimeToSystemTime
SystemTimeToVariantTime
VarBstrFromDate
SysFreeString
VarDateFromStr
VariantClear
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SysAllocStringLen
VariantChangeType
VariantInit
OleCreateFontIndirect
VariantCopy
SafeArrayDestroy

urlmon

URLDownloadToFileW

gdiplus

GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImagePaletteSize
GdipDrawImageI
GdipDeleteGraphics
GdipGetImageGraphicsContext
GdipDisposeImage
GdipAlloc
GdipFree
GdipCloneImage
GdipGetImagePalette
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdiplusShutdown

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

winmm

PlaySoundW

rpcrt4

UuidToStringW
UuidCreate
RpcStringFreeW

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 804KB - Virtual size: 804KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7.3MB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: zz

Password: zz

Password: zz

f1701f0b31fe827683fdfb65eb40b138

Code Sign

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

94:78:65:fa:a2:e2:37:2d:53:8a:82:5c:0a:2a:06:f8:90:32:c9:2a:57:7a:dd:ce:2b:d7:45:21:ab:76:17:35Signer

ff:19:79:9e:b8:b7:b7:df:ff:53:a2:05:81:19:47:f3:8b:f5:91:11Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

shlwapi

kernel32

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 3KB - Virtual size: 6KB

.rsrc Size: 149KB - Virtual size: 148KB

Password: zz

Password: zz

Password: zz

f1701f0b31fe827683fdfb65eb40b138

Code Sign

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6Certificate

Extended Key Usages

Key Usages

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1bCertificate

Extended Key Usages

Key Usages

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6Certificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41Certificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

94:78:65:fa:a2:e2:37:2d:53:8a:82:5c:0a:2a:06:f8:90:32:c9:2a:57:7a:dd:ce:2b:d7:45:21:ab:76:17:35Signer

ff:19:79:9e:b8:b7:b7:df:ff:53:a2:05:81:19:47:f3:8b:f5:91:11Signer

Headers

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

94:78:65:fa:a2:e2:37:2d:53:8a:82:5c:0a:2a:06:f8:90:32:c9:2a:57:7a:dd:ce:2b:d7:45:21:ab:76:17:35
Signer

ff:19:79:9e:b8:b7:b7:df:ff:53:a2:05:81:19:47:f3:8b:f5:91:11
Signer

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 149KB - Virtual size: 148KB

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

0d:7a:ae:3b:36:08:69:a3:ba:28:bd:7d:1f:d0:b8:f6
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

94:78:65:fa:a2:e2:37:2d:53:8a:82:5c:0a:2a:06:f8:90:32:c9:2a:57:7a:dd:ce:2b:d7:45:21:ab:76:17:35
Signer

ff:19:79:9e:b8:b7:b7:df:ff:53:a2:05:81:19:47:f3:8b:f5:91:11
Signer

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 3KB - Virtual size: 6KB

.rsrc
Size: 149KB - Virtual size: 148KB

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

0f:b8:a7:40:b9:15:8d:03:51:43:bc:59:d9:f0:40:29
Certificate

07:ed:13:4b:1e:cf:56:1a:9e:b5:b0:53:88:bf:f0:47
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

99:45:e2:e7:38:df:cc:c2:cd:13:9a:f5:0d:56:66:15:93:a6:cd:1a:d1:ca:6b:96:58:e2:ec:4d:24:cc:16:e3
Signer

ae:e8:51:32:15:24:1c:6b:a8:70:19:a5:d2:df:f3:c7:3e:19:2f:68
Signer