snagit[.]zip | Triage

Sharing

Copy URL

Twitter E-mail

General

Target

snagit.zip
Size

16.3MB
MD5

c8b39cacd8aa44189d99e0c4571038aa
SHA1

e8876f2d7b693792f7e99e6f5d60064770f89385
SHA256

da878200cbf5d3c791682fff7cb276361bf946119756cf7f8e7ec3ff83a464da
SHA512

1734b704e9344d2e54d4b64fe2cb167fb2d4f8c1efade61f2c8f52e4fe91eb56290ca941c6fec88443b243398d26da82ca8dfe189d039c74e67bdf96d2254755
SSDEEP

393216:wEzEMYfIrFa/cDs2wXO6bQKSx8u1+RaFCM1L4OSSHri+:vzEMYfIrFaarKSx8u1tFz1L4nS7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/sk4d.dll

Files

snagit.zip
.zip
Resource/ActiveXInstallService.admx
Resource/AddRemovePrograms.admx
Resource/AppCompat.admx
Resource/AppXRuntime.admx
.xml
Resource/AppxPackageManager.admx
Resource/AttachmentManager.admx
Resource/AuditSettings.admx
.xml
Resource/AutoPlay.admx
Resource/Biometrics.admx
Resource/Bits.admx
Resource/CEIPEnable.admx
Resource/CMap/Identity-H
Resource/CMap/Identity-V
Resource/CMap/UCS2-GBK-EUC
Resource/CMap/UniKS-UTF16-H
Resource/CMap/UniKS-UTF16-V
Resource/COM.admx
Resource/CipherSuiteOrder.admx
Resource/Conf.admx
Resource/ControlPanel.admx
Resource/ControlPanelDisplay.admx
Resource/Cpls.admx
Resource/CredSsp.admx
Resource/CredUI.admx
Resource/CredentialProviders.admx
Resource/CtrlAltDel.admx
Resource/DCOM.admx
Resource/DFS.admx
Resource/DWM.admx
Resource/Desktop.admx
Resource/DeviceCompat.admx
Resource/DeviceInstallation.admx
Resource/DeviceSetup.admx
Resource/DigitalLocker.admx
Resource/DiskDiagnostic.admx
Resource/DiskNVCache.admx
Resource/DiskQuota.admx
Resource/DistributedLinkTracking.admx
Resource/DnsClient.admx
Resource/EAIME.admx
Resource/EarlyLaunchAM.admx
Resource/EdgeUI.admx
Resource/EncryptFilesonMove.admx
Resource/ErrorReporting.admx
Resource/EventForwarding.admx
.xml
Resource/EventLog.admx
Resource/EventViewer.admx
Resource/Explorer.admx
Resource/ExternalBoot.admx
.xml
Resource/FileHistory.admx
Resource/FileRecovery.admx
Resource/FileRevocation.admx
Resource/FileServerVSSProvider.admx
Resource/FileSys.admx
.xml
Resource/Font/AdobePIStd.otf
Resource/Font/CourierStd-Bold.otf
Resource/Font/CourierStd-BoldOblique.otf
Resource/Font/CourierStd-Oblique.otf
Resource/Font/CourierStd.otf
Resource/Font/MinionPro-Bold.otf
Resource/Font/MinionPro-BoldIt.otf
Resource/Font/MinionPro-It.otf
Resource/Font/MinionPro-Regular.otf
Resource/Font/MyriadPro-Bold.otf
Resource/Font/MyriadPro-BoldIt.otf
Resource/Font/MyriadPro-It.otf
Resource/Font/MyriadPro-Regular.otf
Resource/Globalization.admx
Resource/GroupPolicy-Server.admx
Resource/GroupPolicy.admx
Resource/GroupPolicyPreferences.admx
Resource/Help.admx
Resource/HelpAndSupport.admx
Resource/ICM.admx
Resource/IIS.admx
Resource/InkWatson.admx
Resource/Kerberos.admx
Resource/LanmanServer.admx
Resource/LeakDiagnostic.admx
Resource/LinkLayerTopologyDiscovery.admx
Resource/LocationProviderAdm.admx
Resource/Logon.admx
Resource/MMC.admx
Resource/MMCSnapIns2.admx
Resource/MMCSnapins.admx
Resource/MSDT.admx
Resource/MSI.admx
Resource/MediaCenter.admx
Resource/MobilePCMobilityCenter.admx
Resource/MobilePCPresentationSettings.admx
Resource/Msi-FileRecovery.admx
Resource/NAPXPQec.admx
Resource/NCSI.admx
Resource/Netlogon.admx
Resource/NetworkConnections.admx
Resource/NetworkIsolation.admx
Resource/NetworkProjection.admx
Resource/OfflineFiles.admx
Resource/P2P-pnrp.admx
Resource/ParentalControls.admx
Resource/PeerToPeerCaching.admx
Resource/PenTraining.admx
Resource/PerformanceDiagnostics.admx
Resource/PerformancePerftrack.admx
Resource/Power.admx
Resource/PowerShellExecutionPolicy.admx
Resource/PreviousVersions.admx
Resource/Printing.admx
Resource/Printing2.admx
Resource/Programs.admx
Resource/PswdSync.admx
Resource/QOS.admx
Resource/RPC.admx
Resource/RacWmiProv.admx
Resource/Radar.admx
Resource/ReAgent.admx
Resource/Reliability.admx
Resource/RemoteAssistance.admx
Resource/RemovableStorage.admx
Resource/SaslPrep/SaslPrepProfile_norm_bidi.spp
Resource/Scripts.admx
Resource/Securitycenter.admx
Resource/Sensors.admx
Resource/ServerManager.admx
Resource/Servicing.admx
Resource/SettingSync.admx
Resource/Setup.admx
Resource/SharedFolders.admx
Resource/Sharing.admx
Resource/Shell-CommandPrompt-RegEditTools.admx
Resource/ShellWelcomeCenter.admx
Resource/Sidebar.admx
Resource/SkyDrive.admx
.xml
Resource/Smartcard.admx
Resource/Snis.admx
Resource/Snmp.admx
Resource/SoundRec.admx
Resource/StartMenu.admx
Resource/SystemRestore.admx
Resource/TPM.admx
Resource/TabletPCInputPanel.admx
Resource/TabletShell.admx
Resource/TaskScheduler.admx
Resource/Taskbar.admx
Resource/TerminalServer-Server.admx
Resource/TerminalServer.admx
Resource/Thumbnails.admx
Resource/TouchInput.admx
Resource/TypeSupport/Unicode/ICU/icudt26l.dat
Resource/TypeSupport/Unicode/Mappings/Adobe/symbol.txt
Resource/TypeSupport/Unicode/Mappings/Adobe/zdingbat.txt
Resource/TypeSupport/Unicode/Mappings/Mac/CENTEURO.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/CORPCHAR.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/CROATIAN.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/CYRILLIC.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/GREEK.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/ICELAND.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/ROMAN.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/ROMANIAN.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/SYMBOL.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/TURKISH.TXT
Resource/TypeSupport/Unicode/Mappings/Mac/UKRAINE.TXT
Resource/TypeSupport/Unicode/Mappings/win/CP1250.TXT
Resource/TypeSupport/Unicode/Mappings/win/CP1251.TXT
Resource/TypeSupport/Unicode/Mappings/win/CP1252.TXT
Resource/TypeSupport/Unicode/Mappings/win/CP1253.TXT
Resource/TypeSupport/Unicode/Mappings/win/CP1254.TXT
Resource/TypeSupport/Unicode/Mappings/win/CP1257.TXT
Resource/TypeSupport/Unicode/Mappings/win/CP1258.TXT
Resource/UserProfiles.admx
Resource/VolumeEncryption.admx
Resource/W32Time.admx
Resource/WCM.admx
Resource/WDI.admx
Resource/WPN.admx
Resource/WinCal.admx
.xml
Resource/WinInit.admx
Resource/WinLogon.admx
Resource/Windows.admx
Resource/WindowsAnytimeUpgrade.admx
Resource/WindowsBackup.admx
Resource/WindowsColorSystem.admx
Resource/WindowsConnectNow.admx
Resource/WindowsDefender.admx
Resource/WindowsExplorer.admx
Resource/WindowsFileProtection.admx
Resource/WindowsFirewall.admx
Resource/WindowsMail.admx
Resource/WindowsMediaDRM.admx
Resource/WindowsMediaPlayer.admx
Resource/WindowsMessenger.admx
Resource/WindowsProducts.admx
Resource/WindowsRemoteManagement.admx
Resource/WindowsRemoteShell.admx
Resource/WindowsServer.admx
Resource/WindowsUpdate.admx
Resource/Winsrv.admx
Resource/WordWheel.admx
Resource/WorkFolders-Client.admx
Resource/WorkplaceJoin.admx
.xml
Resource/en-US/ActiveXInstallService.adml
.xml
Resource/en-US/AddRemovePrograms.adml
.xml
Resource/en-US/AppCompat.adml
.xml
Resource/en-US/AppXRuntime.adml
.xml
Resource/en-US/AppxPackageManager.adml
.xml
Resource/en-US/AttachmentManager.adml
.xml
Resource/en-US/AuditSettings.adml
.xml
Resource/en-US/AutoPlay.adml
.xml
Resource/en-US/Biometrics.adml
.xml
Resource/en-US/Bits.adml
.xml
Resource/en-US/CEIPEnable.adml
.xml
Resource/en-US/COM.adml
.xml
Resource/en-US/CipherSuiteOrder.adml
.xml
Resource/en-US/Conf.adml
.xml
Resource/en-US/ControlPanel.adml
.xml
Resource/en-US/ControlPanelDisplay.adml
.xml
Resource/en-US/Cpls.adml
.xml
Resource/en-US/CredSsp.adml
.xml
Resource/en-US/CredUI.adml
.xml
Resource/en-US/CredentialProviders.adml
.xml
Resource/en-US/CtrlAltDel.adml
.xml
Resource/en-US/DCOM.adml
.xml
Resource/en-US/DFS.adml
.xml
Resource/en-US/DWM.adml
.xml
Resource/en-US/Desktop.adml
.xml
Resource/en-US/DeviceCompat.adml
.xml
Resource/en-US/DeviceInstallation.adml
.xml
Resource/en-US/DeviceSetup.adml
.xml
Resource/en-US/DigitalLocker.adml
.xml
Resource/en-US/DiskDiagnostic.adml
.xml
Resource/en-US/DiskNVCache.adml
.xml
Resource/en-US/DiskQuota.adml
.xml
Resource/en-US/DistributedLinkTracking.adml
.xml
Resource/en-US/DnsClient.adml
.xml
Resource/en-US/EAIME.adml
.xml
Resource/en-US/EarlyLaunchAM.adml
Resource/en-US/EdgeUI.adml
.xml
Resource/en-US/EncryptFilesonMove.adml
.xml
Resource/en-US/ErrorReporting.adml
.xml
Resource/en-US/EventForwarding.adml
.xml
Resource/en-US/EventLog.adml
.xml
Resource/en-US/EventViewer.adml
.xml
Resource/en-US/Explorer.adml
.xml
Resource/en-US/ExternalBoot.adml
.xml
Resource/en-US/FileHistory.adml
.xml
Resource/en-US/FileRecovery.adml
.xml
Resource/en-US/FileRevocation.adml
.xml
Resource/en-US/FileServerVSSProvider.adml
.xml
Resource/en-US/FileSys.adml
.xml
Resource/en-US/FolderRedirection.adml
.xml
Resource/en-US/FramePanes.adml
.xml
Resource/en-US/GameExplorer.adml
.xml
Resource/en-US/Globalization.adml
.xml
Resource/en-US/GroupPolicy-Server.adml
.xml
Resource/en-US/GroupPolicy.adml
.xml
Resource/en-US/GroupPolicyPreferences.adml
.xml
Resource/en-US/Help.adml
.xml
Resource/en-US/HelpAndSupport.adml
.xml
Resource/en-US/ICM.adml
.xml
Resource/en-US/IIS.adml
.xml
Resource/en-US/InetRes.adml
.xml
Resource/en-US/InkWatson.adml
.xml
Resource/en-US/KDC.adml
.xml
Resource/en-US/Kerberos.adml
.xml
Resource/en-US/LanmanServer.adml
.xml
Resource/en-US/LeakDiagnostic.adml
.xml
Resource/en-US/LinkLayerTopologyDiscovery.adml
.xml
Resource/en-US/LocationProviderAdm.adml
.xml
Resource/en-US/Logon.adml
.xml
Resource/en-US/MMC.adml
.xml
Resource/en-US/MMCSnapIns2.adml
.xml
Resource/en-US/MMCSnapins.adml
.xml
Resource/en-US/MSDT.adml
.xml
Resource/en-US/MSI.adml
.xml
Resource/en-US/MediaCenter.adml
.xml
Resource/en-US/MobilePCMobilityCenter.adml
.xml
Resource/en-US/MobilePCPresentationSettings.adml
.xml
Resource/en-US/Msi-FileRecovery.adml
.xml
Resource/en-US/NAPXPQec.adml
.xml
Resource/en-US/NCSI.adml
.xml
Resource/en-US/Netlogon.adml
.xml
Resource/en-US/NetworkConnections.adml
.xml
Resource/en-US/NetworkIsolation.adml
Resource/en-US/NetworkProjection.adml
.xml
Resource/en-US/OfflineFiles.adml
.xml
Resource/en-US/P2P-pnrp.adml
.xml
Resource/en-US/ParentalControls.adml
.xml
Resource/en-US/PeerToPeerCaching.adml
.xml
Resource/en-US/PenTraining.adml
.xml
Resource/en-US/PerformanceDiagnostics.adml
.xml
Resource/en-US/PerformancePerftrack.adml
.xml
Resource/en-US/Power.adml
.xml
Resource/en-US/PowerShellExecutionPolicy.adml
.xml
Resource/en-US/PreviousVersions.adml
.xml
Resource/en-US/Printing.adml
.xml
Resource/en-US/Printing2.adml
.xml
Resource/en-US/Programs.adml
.xml
Resource/en-US/PswdSync.adml
.xml
Resource/en-US/QOS.adml
.xml
Resource/en-US/RPC.adml
.xml
Resource/en-US/RacWmiProv.adml
.xml
Resource/en-US/Radar.adml
.xml
Resource/en-US/ReAgent.adml
.xml
Resource/en-US/Reliability.adml
.xml
Resource/en-US/RemoteAssistance.adml
.xml
Resource/en-US/RemovableStorage.adml
.xml
Resource/en-US/Scripts.adml
.xml
Resource/en-US/Securitycenter.adml
.xml
Resource/en-US/Sensors.adml
.xml
Resource/en-US/ServerManager.adml
.xml
Resource/en-US/Servicing.adml
.xml
Resource/en-US/SettingSync.adml
.xml
Resource/en-US/Setup.adml
.xml
Resource/en-US/SharedFolders.adml
.xml
Resource/en-US/Sharing.adml
.xml
Resource/en-US/Shell-CommandPrompt-RegEditTools.adml
.xml
Resource/en-US/ShellWelcomeCenter.adml
.xml
Resource/en-US/Sidebar.adml
.xml
Resource/en-US/SkyDrive.adml
.xml
Resource/en-US/Smartcard.adml
.xml
Resource/en-US/Snis.adml
.xml
Resource/en-US/Snmp.adml
.xml
Resource/en-US/SoundRec.adml
.xml
Resource/en-US/StartMenu.adml
.xml
Resource/en-US/SystemRestore.adml
.xml
Resource/en-US/TPM.adml
.xml
Resource/en-US/TabletPCInputPanel.adml
.xml
Resource/en-US/TabletShell.adml
.xml
Resource/en-US/TaskScheduler.adml
.xml
Resource/en-US/Taskbar.adml
.xml
Resource/en-US/TerminalServer-Server.adml
.xml
Resource/en-US/TerminalServer.adml
.xml
Resource/en-US/Thumbnails.adml
.xml
Resource/en-US/TouchInput.adml
.xml
Resource/en-US/UserProfiles.adml
.xml
Resource/en-US/VolumeEncryption.adml
.xml
Resource/en-US/W32Time.adml
.xml
Resource/en-US/WCM.adml
.xml
Resource/en-US/WDI.adml
.xml
Resource/en-US/WPN.adml
.xml
Resource/en-US/WinCal.adml
.xml
Resource/en-US/WinInit.adml
.xml
Resource/en-US/WinLogon.adml
.xml
Resource/en-US/Windows.adml
.xml
Resource/en-US/WindowsAnytimeUpgrade.adml
.xml
Resource/en-US/WindowsBackup.adml
.xml
Resource/en-US/WindowsColorSystem.adml
.xml
Resource/en-US/WindowsConnectNow.adml
.xml
Resource/en-US/WindowsDefender.adml
Resource/en-US/WindowsExplorer.adml
.xml
Resource/en-US/WindowsFileProtection.adml
.xml
Resource/en-US/WindowsFirewall.adml
.xml
Resource/en-US/WindowsMail.adml
.xml
Resource/en-US/WindowsMediaDRM.adml
.xml
Resource/en-US/WindowsMediaPlayer.adml
.xml
Resource/en-US/WindowsMessenger.adml
.xml
Resource/en-US/WindowsProducts.adml
.xml
Resource/en-US/WindowsRemoteManagement.adml
.xml
Resource/en-US/WindowsRemoteShell.adml
.xml
Resource/en-US/WindowsServer.adml
.xml
Resource/en-US/WindowsUpdate.adml
.xml
Resource/en-US/Winsrv.adml
.xml
Resource/en-US/WordWheel.adml
.xml
Resource/en-US/WorkFolders-Client.adml
.xml
Resource/en-US/WorkplaceJoin.adml
.xml
Resource/en-US/fthsvc.adml
.xml
Resource/en-US/hotspotauth.adml
.xml
Resource/en-US/iSCSI.adml
.xml
Resource/en-US/msched.adml
.xml
Resource/en-US/nca.adml
Resource/en-US/pca.adml
.xml
Resource/en-US/sdiageng.adml
.xml
Resource/en-US/srm-fci.adml
.xml
Resource/en-US/tcpip.adml
.xml
Resource/en-US/wlansvc.adml
.xml
Resource/en-US/wwansvc.adml
.xml
Resource/hotspotauth.admx
Resource/iSCSI.admx
Resource/inetres.admx
.xml
Resource/kdc.admx
Resource/msched.admx
.xml
Resource/nca.admx
Resource/pca.admx
Resource/sdiageng.admx
Resource/srm-fci.admx
Resource/tcpip.admx
.xml
Resource/wlansvc.admx
.xml
Resource/wwansvc.admx
.xml
Setup.exe
.exe windows:5 windows x86 arch:x86

8d2a7253d77cd215b215cefcfd6ff847

Code Sign

27:b8:de:4c:3f:63:fe:ae:04:71:f7:04:11:76:3d:db
Certificate

Issuer

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

29/08/2023, 07:31

Not After

28/08/2024, 07:31

Subject

CN=FATİH RAMAZAN ÇIKAN,OU=IT,O=FATİH RAMAZAN ÇIKAN,L=ISPARTA,C=TR

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Code Signing 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

Issuer

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Not Before

02/11/2023, 08:32

Not After

30/10/2034, 08:32

Subject

CN=Certum Timestamp 2023,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

Issuer

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

19/05/2021, 05:32

Not After

18/05/2036, 05:32

Subject

CN=Certum Timestamping 2021 CA,O=Asseco Data Systems S.A.,C=PL

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

31/05/2021, 06:43

Not After

17/09/2029, 06:43

Subject

CN=Certum Trusted Network CA 2,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0d:4a:eb:7f:df:9a:87:c3:d6:74:b2:b9:bd:a8:32:85:cf:b2:a5:09:95:9e:fc:86:78:16:0e:0e:17:79:84:b9
Signer

Actual PE Digest

0d:4a:eb:7f:df:9a:87:c3:d6:74:b2:b9:bd:a8:32:85:cf:b2:a5:09:95:9e:fc:86:78:16:0e:0e:17:79:84:b9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

sndPlaySoundW
timeGetTime

oleacc

LresultFromObject

shlwapi

PathRelativePathToW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW
GetDefaultPrinterW
EnumPrintersW

comdlg32

ChooseColorW
GetSaveFileNameW
GetOpenFileNameW

comctl32

ImageList_GetImageInfo
FlatSB_SetScrollInfo
InitCommonControls
ImageList_DragMove
ImageList_Destroy
_TrackMouseEvent
ImageList_DragShowNolock
ImageList_Add
FlatSB_SetScrollProp
ImageList_GetDragImage
ImageList_Create
ImageList_EndDrag
ImageList_DrawEx
ImageList_SetImageCount
FlatSB_GetScrollPos
FlatSB_SetScrollPos
InitializeFlatSB
ImageList_Copy
FlatSB_GetScrollInfo
ImageList_Write
ImageList_SetBkColor
ImageList_GetBkColor
ImageList_BeginDrag
ImageList_GetIcon
ImageList_Replace
ImageList_GetImageCount
ImageList_DragEnter
ImageList_GetIconSize
ImageList_SetIconSize
ImageList_Read
ImageList_DragLeave
ImageList_LoadImageW
ImageList_Draw
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetOverlayImage

shell32

SHBrowseForFolderW
SHGetMalloc
SHGetDesktopFolder
DragQueryFileW
DragAcceptFiles
Shell_NotifyIconW
ShellExecuteW
SHGetPathFromIDListW

user32

CopyImage
SetMenuItemInfoW
GetMenuItemInfoW
DefFrameProcW
GetDlgCtrlID
FrameRect
RegisterWindowMessageW
GetMenuStringW
FillRect
SendMessageA
IsClipboardFormatAvailable
EnumWindows
ShowOwnedPopups
GetClassInfoW
GetScrollRange
SetActiveWindow
GetActiveWindow
DrawEdge
GetKeyboardLayoutList
LoadBitmapW
EnumChildWindows
GetScrollBarInfo
UnhookWindowsHookEx
SetCapture
GetCapture
ShowCaret
CreatePopupMenu
GetMenuItemID
CharLowerBuffW
PostMessageW
SetWindowLongW
IsZoomed
SetParent
DrawMenuBar
GetClientRect
IsChild
IsIconic
CallNextHookEx
ShowWindow
GetWindowTextW
SetForegroundWindow
GetAsyncKeyState
IsDialogMessageW
DestroyWindow
RegisterClassW
EndMenu
CharNextW
GetFocus
GetDC
SetFocus
ReleaseDC
GetClassLongW
SetScrollRange
DrawTextW
PeekMessageA
MessageBeep
SetClassLongW
RemovePropW
GetSubMenu
DestroyIcon
IsWindowVisible
DispatchMessageA
UnregisterClassW
GetTopWindow
SendMessageW
NotifyWinEvent
LoadStringW
CreateMenu
CharLowerW
SetWindowRgn
SetWindowPos
GetMenuItemCount
GetSysColorBrush
GetWindowDC
DrawTextExW
EnumClipboardFormats
GetScrollInfo
SetWindowTextW
GetMessageExtraInfo
GetSysColor
EnableScrollBar
TrackPopupMenu
DrawIconEx
GetClassNameW
GetMessagePos
GetIconInfo
SetScrollInfo
GetKeyNameTextW
GetDesktopWindow
SetCursorPos
GetCursorPos
SetMenu
GetMenuState
GetMenu
SetRect
GetKeyState
IsCharAlphaW
GetCursor
KillTimer
WaitMessage
TranslateMDISysAccel
GetWindowPlacement
CreateWindowExW
ChildWindowFromPoint
GetDCEx
PeekMessageW
MonitorFromWindow
AnimateWindow
SetTimer
WindowFromPoint
DrawStateW
BeginPaint
RegisterClipboardFormatW
MapVirtualKeyW
OffsetRect
IsWindowUnicode
DispatchMessageW
CreateAcceleratorTableW
DefMDIChildProcW
GetSystemMenu
SetScrollPos
GetScrollPos
InflateRect
DrawFocusRect
ReleaseCapture
LoadCursorW
ScrollWindow
GetLastActivePopup
GetSystemMetrics
CharUpperBuffW
SetClipboardData
GetClipboardData
ClientToScreen
SetWindowPlacement
GetMonitorInfoW
CheckMenuItem
CharUpperW
DefWindowProcW
GetForegroundWindow
EnableWindow
GetWindowThreadProcessId
RedrawWindow
EndPaint
MsgWaitForMultipleObjectsEx
LoadKeyboardLayoutW
ActivateKeyboardLayout
GetParent
MonitorFromRect
InsertMenuItemW
GetPropW
MessageBoxW
SetPropW
UpdateWindow
MsgWaitForMultipleObjects
DestroyMenu
SetWindowsHookExW
EmptyClipboard
GetDlgItem
AdjustWindowRectEx
IsWindow
DrawIcon
EnumThreadWindows
InvalidateRect
SetKeyboardState
GetKeyboardState
ScreenToClient
DrawFrameControl
IsCharAlphaNumericW
SetCursor
CreateIcon
RemoveMenu
GetKeyboardLayoutNameW
OpenClipboard
TranslateMessage
MapWindowPoints
EnumDisplayMonitors
CountClipboardFormats
CallWindowProcW
CloseClipboard
DestroyCursor
CopyIcon
PostQuitMessage
ShowScrollBar
EnableMenuItem
HideCaret
FindWindowExW
MonitorFromPoint
LoadIconW
SystemParametersInfoW
GetWindow
GetWindowRect
GetWindowLongW
InsertMenuW
IsWindowEnabled
IsDialogMessageA
FindWindowW
GetKeyboardLayout
DeleteMenu

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

oleaut32

GetErrorInfo
SysFreeString
VariantClear
VariantInit
SysReAllocStringLen
SafeArrayCreate
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
VariantCopy
VariantChangeType
VariantCopyInd

advapi32

RegSetValueExW
RegConnectRegistryW
RegEnumKeyExW
RegLoadKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryInfoKeyW
RegUnLoadKeyW
RegSaveKeyW
RegDeleteValueW
RegReplaceKeyW
RegFlushKey
RegQueryValueExW
RegEnumValueW
RegCloseKey
RegCreateKeyExW
RegRestoreKeyW

netapi32

NetWkstaGetInfo
NetApiBufferFree

msvcrt

isupper
isalpha
isalnum
toupper
memchr
memcmp
memcpy
memset
isprint
isspace
iscntrl
isxdigit
ispunct
isgraph
islower
tolower

winhttp

WinHttpGetIEProxyConfigForCurrentUser
WinHttpSetTimeouts
WinHttpSetStatusCallback
WinHttpConnect
WinHttpReceiveResponse
WinHttpQueryAuthSchemes
WinHttpGetProxyForUrl
WinHttpReadData
WinHttpCloseHandle
WinHttpQueryHeaders
WinHttpOpenRequest
WinHttpAddRequestHeaders
WinHttpOpen
WinHttpWriteData
WinHttpSetCredentials
WinHttpQueryDataAvailable
WinHttpSetOption
WinHttpSendRequest
WinHttpQueryOption

kernel32

QueryDosDeviceW
GetACP
LocalFree
CloseHandle
GetCurrentProcessId
SizeofResource
VirtualProtect
TerminateThread
QueryPerformanceFrequency
IsDebuggerPresent
FindNextFileW
GetFullPathNameW
VirtualFree
ExitProcess
HeapAlloc
GetCPInfoExW
GlobalSize
RtlUnwind
GetCPInfo
EnumSystemLocalesW
GetStdHandle
GetTimeZoneInformation
FileTimeToLocalFileTime
GetModuleHandleW
FreeLibrary
TryEnterCriticalSection
HeapDestroy
FileTimeToDosDateTime
ReadFile
HeapSize
GetLastError
GetModuleFileNameW
SetLastError
GlobalAlloc
GlobalUnlock
FindResourceW
CreateThread
CompareStringW
MapViewOfFile
CreateMutexW
LoadLibraryA
ResetEvent
GetVolumeInformationW
MulDiv
FreeResource
GetDriveTypeW
GetVersion
RaiseException
GlobalAddAtomW
FormatMessageW
SwitchToThread
GetExitCodeThread
OutputDebugStringW
GetCurrentThread
LoadLibraryExW
LockResource
FileTimeToSystemTime
GetCurrentThreadId
UnhandledExceptionFilter
VirtualQuery
GlobalFindAtomW
VirtualQueryEx
GlobalFree
Sleep
EnterCriticalSection
SetFilePointer
LoadResource
SuspendThread
GetTickCount
GetFileSize
GetStartupInfoW
GlobalDeleteAtom
GetFileAttributesW
InitializeCriticalSection
GetThreadPriority
GetCurrentProcess
SetThreadPriority
GlobalLock
VirtualAlloc
GetTempPathW
GetSystemInfo
GetCommandLineW
LeaveCriticalSection
GetProcAddress
ResumeThread
GetLogicalDriveStringsW
GetVersionExW
VerifyVersionInfoW
HeapCreate
LCMapStringW
GetDiskFreeSpaceW
VerSetConditionMask
FindFirstFileW
GetUserDefaultUILanguage
UnmapViewOfFile
GlobalHandle
lstrlenW
QueryPerformanceCounter
SetEndOfFile
lstrcmpW
HeapFree
WideCharToMultiByte
FindClose
MultiByteToWideChar
LoadLibraryW
SetEvent
CreateFileW
GetLocaleInfoW
EnumResourceNamesW
DeleteFileW
GetEnvironmentVariableW
GetLocalTime
WaitForSingleObject
WriteFile
CreateFileMappingW
ExitThread
DeleteCriticalSection
GetDateFormatW
TlsGetValue
SetErrorMode
GetComputerNameW
IsValidLocale
TlsSetValue
GetSystemDefaultUILanguage
EnumCalendarInfoW
LocalAlloc
RemoveDirectoryW
CreateEventW
WaitForMultipleObjectsEx
GetThreadLocale
SetThreadLocale

shfolder

SHGetFolderPathW

ole32

IsEqualGUID
OleInitialize
OleUninitialize
CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree
CoTaskMemAlloc

gdi32

Pie
SetBkMode
CreateCompatibleBitmap
GetEnhMetaFileHeader
RectVisible
AngleArc
ResizePalette
SetAbortProc
SetTextColor
StretchBlt
RoundRect
RestoreDC
SetRectRgn
GetTextMetricsW
GetWindowOrgEx
CreatePalette
PolyBezierTo
CreateICW
CreateDCW
GetStockObject
CreateSolidBrush
GetBkMode
Polygon
MoveToEx
PlayEnhMetaFile
Ellipse
StartPage
GetBitmapBits
StartDocW
AbortDoc
GetSystemPaletteEntries
GetEnhMetaFileBits
GetEnhMetaFilePaletteEntries
CreatePenIndirect
CreateFontIndirectW
PolyBezier
EndDoc
GetObjectW
GetWinMetaFileBits
SetROP2
GetEnhMetaFileDescriptionW
ArcTo
Arc
SelectPalette
ExcludeClipRect
MaskBlt
SetWindowOrgEx
EndPage
DeleteEnhMetaFile
Chord
SetDIBits
SetViewportOrgEx
CreateRectRgn
RealizePalette
SetDIBColorTable
GetDIBColorTable
CreateBrushIndirect
PatBlt
SetEnhMetaFileBits
Rectangle
SaveDC
DeleteDC
BitBlt
FrameRgn
GetDeviceCaps
GetTextExtentPoint32W
GetClipBox
IntersectClipRect
Polyline
CreateBitmap
SetWinMetaFileBits
CombineRgn
GetStretchBltMode
CreateDIBitmap
SetStretchBltMode
GetDIBits
CreateDIBSection
LineTo
GetRgnBox
EnumFontsW
CreateHalftonePalette
SelectObject
DeleteObject
ExtFloodFill
UnrealizeObject
CopyEnhMetaFileW
SetBkColor
CreateCompatibleDC
GetBrushOrgEx
GetCurrentPositionEx
SetDCPenColor
GetNearestPaletteIndex
GetTextExtentPointW
ExtTextOutW
SetBrushOrgEx
GetPixel
GdiFlush
SetPixel
EnumFontFamiliesExW
StretchDIBits
GetPaletteEntries

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr

Sections

.text
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 139KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 128KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 153B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: - Virtual size: 92B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 93B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 395KB - Virtual size: 395KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 450KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
chimb.mp4
haustellum.torrent
sk4d.dll
.dll windows:6 windows x86 arch:x86

07f32d8ab79b9482618710670d853c9a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoCreateGuid
CoCreateInstance

fontsub

CreateFontPackage

user32

SystemParametersInfoW

opengl32

wglGetCurrentContext
wglGetProcAddress

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
CloseHandle
CompareStringW
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateSemaphoreA
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleMode
GetConsoleOutputCP
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentStringsW
GetFileInformationByHandle
GetFileSizeEx
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoEx
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTime
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetUserDefaultLCID
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSListHead
InitializeSRWLock
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringEx
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
ResetEvent
RtlUnwind
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SleepConditionVariableCS
SleepConditionVariableSRW
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

gr4d_backendrendertarget_create_gl
gr4d_backendrendertarget_create_mtl
gr4d_backendrendertarget_create_vk
gr4d_backendrendertarget_destroy
gr4d_backendrendertarget_get_backend_api
gr4d_backendrendertarget_get_height
gr4d_backendrendertarget_get_sample_count
gr4d_backendrendertarget_get_stencil_bits
gr4d_backendrendertarget_get_width
gr4d_backendrendertarget_is_valid
gr4d_backendsemaphore_create
gr4d_backendsemaphore_destroy
gr4d_backendsemaphore_init_vulkan
gr4d_backendsurfacemutablestate_create
gr4d_backendsurfacemutablestate_destroy
gr4d_backendtexture_create_gl
gr4d_backendtexture_create_mtl
gr4d_backendtexture_create_vk
gr4d_backendtexture_destroy
gr4d_backendtexture_get_backend_api
gr4d_backendtexture_get_gl_framebuffer_info
gr4d_backendtexture_get_height
gr4d_backendtexture_get_width
gr4d_backendtexture_has_mipmaps
gr4d_backendtexture_is_valid
gr4d_directcontext_abandon_context
gr4d_directcontext_create_texture
gr4d_directcontext_create_texture2
gr4d_directcontext_create_texture3
gr4d_directcontext_delete_texture
gr4d_directcontext_dump_memory_statistics
gr4d_directcontext_flush
gr4d_directcontext_flush_and_submit
gr4d_directcontext_free_gpu_resources
gr4d_directcontext_get_backend_api
gr4d_directcontext_get_max_surface_sample_count_for_color_type
gr4d_directcontext_get_resource_cache_limit
gr4d_directcontext_get_resource_cache_usage
gr4d_directcontext_is_abandoned
gr4d_directcontext_make_gl
gr4d_directcontext_make_metal
gr4d_directcontext_make_vulkan
gr4d_directcontext_perform_deferred_cleanup
gr4d_directcontext_purge_unlocked_resources
gr4d_directcontext_purge_unlocked_resources2
gr4d_directcontext_release_resources_and_abandon_context
gr4d_directcontext_reset_context
gr4d_directcontext_set_resource_cache_limit
gr4d_directcontext_submit
gr4d_gl_interface_has_extension
gr4d_gl_interface_make_assembled
gr4d_gl_interface_make_assembled_gl
gr4d_gl_interface_make_assembled_gles
gr4d_gl_interface_make_assembled_webgl
gr4d_gl_interface_make_native
gr4d_gl_interface_validate
gr4d_persistentcachebaseclass_create
gr4d_persistentcachebaseclass_destroy
gr4d_persistentcachebaseclass_set_procs
gr4d_shadererrorhandlerbaseclass_create
gr4d_shadererrorhandlerbaseclass_destroy
gr4d_shadererrorhandlerbaseclass_set_procs
gr4d_vk_extensions_create
gr4d_vk_extensions_destroy
gr4d_vk_extensions_has_extension
gr4d_vk_extensions_init
sk4d_animatedwebpencoder_encode_to_file
sk4d_animatedwebpencoder_encode_to_stream
sk4d_animcodecplayer_destroy
sk4d_animcodecplayer_get_dimensions
sk4d_animcodecplayer_get_duration
sk4d_animcodecplayer_get_frame
sk4d_animcodecplayer_make_from_file
sk4d_animcodecplayer_make_from_stream
sk4d_animcodecplayer_seek
sk4d_blender_make_arithmetic
sk4d_blender_make_mode
sk4d_canvas_clear
sk4d_canvas_clear2
sk4d_canvas_clip_path
sk4d_canvas_clip_rect
sk4d_canvas_clip_region
sk4d_canvas_clip_rrect
sk4d_canvas_clip_shader
sk4d_canvas_concat
sk4d_canvas_concat2
sk4d_canvas_destroy
sk4d_canvas_discard
sk4d_canvas_draw_annotation
sk4d_canvas_draw_arc
sk4d_canvas_draw_atlas
sk4d_canvas_draw_circle
sk4d_canvas_draw_color
sk4d_canvas_draw_color2
sk4d_canvas_draw_glyphs
sk4d_canvas_draw_glyphs2
sk4d_canvas_draw_image
sk4d_canvas_draw_image_lattice
sk4d_canvas_draw_image_nine
sk4d_canvas_draw_image_rect
sk4d_canvas_draw_line
sk4d_canvas_draw_oval
sk4d_canvas_draw_paint
sk4d_canvas_draw_patch
sk4d_canvas_draw_path
sk4d_canvas_draw_picture
sk4d_canvas_draw_point
sk4d_canvas_draw_points
sk4d_canvas_draw_rect
sk4d_canvas_draw_region
sk4d_canvas_draw_rrect
sk4d_canvas_draw_rrect2
sk4d_canvas_draw_rrect_difference
sk4d_canvas_draw_simple_text
sk4d_canvas_draw_text_blob
sk4d_canvas_draw_vertices
sk4d_canvas_get_base_props
sk4d_canvas_get_device_clip_bounds
sk4d_canvas_get_local_clip_bounds
sk4d_canvas_get_local_to_device
sk4d_canvas_get_local_to_device_as_3x3
sk4d_canvas_get_save_count
sk4d_canvas_get_top_props
sk4d_canvas_make_surface
sk4d_canvas_quick_reject
sk4d_canvas_quick_reject2
sk4d_canvas_reset_matrix
sk4d_canvas_restore
sk4d_canvas_restore_to_count
sk4d_canvas_rotate
sk4d_canvas_rotate2
sk4d_canvas_save
sk4d_canvas_save_layer
sk4d_canvas_save_layer_alpha
sk4d_canvas_scale
sk4d_canvas_set_matrix
sk4d_canvas_set_matrix2
sk4d_canvas_skew
sk4d_canvas_translate
sk4d_codec_destroy
sk4d_codec_get_dimensions
sk4d_codec_get_encoded_image_format
sk4d_codec_get_image
sk4d_codec_get_pixels
sk4d_codec_make_from_file
sk4d_codec_make_from_stream
sk4d_codec_make_with_copy
sk4d_codec_make_without_copy
sk4d_colorfilter_make_blend
sk4d_colorfilter_make_blend2
sk4d_colorfilter_make_compose
sk4d_colorfilter_make_high_contrast
sk4d_colorfilter_make_hsla_matrix
sk4d_colorfilter_make_lighting
sk4d_colorfilter_make_linear_to_srgb_gamma
sk4d_colorfilter_make_luma_color
sk4d_colorfilter_make_matrix
sk4d_colorfilter_make_overdraw
sk4d_colorfilter_make_table
sk4d_colorspace_gamma_close_to_srgb
sk4d_colorspace_gamma_is_linear
sk4d_colorspace_is_equal
sk4d_colorspace_is_numerical_transfer_fn
sk4d_colorspace_is_srgb
sk4d_colorspace_make
sk4d_colorspace_make_linear_gamma
sk4d_colorspace_make_rgb
sk4d_colorspace_make_srgb
sk4d_colorspace_make_srgb_gamma
sk4d_colorspace_make_srgb_linear
sk4d_colorspace_ref
sk4d_colorspace_to_profile
sk4d_colorspace_to_xyz
sk4d_colorspace_unref
sk4d_colorspaceiccprofile_destroy
sk4d_colorspaceiccprofile_get_buffer
sk4d_colorspaceiccprofile_make_with_parse
sk4d_colorspaceiccprofile_to_xyz
sk4d_colorspaceprimaries_to_xyz
sk4d_colorspacetransferfn_invert
sk4d_colorspacetransferfn_transform
sk4d_data_make_empty
sk4d_data_make_with_copy
sk4d_data_ref
sk4d_data_unref
sk4d_document_begin_page
sk4d_document_close
sk4d_document_end_page
sk4d_document_make_pdf
sk4d_document_make_pdf2
sk4d_document_make_xps
sk4d_document_terminate
sk4d_font_create
sk4d_font_create2
sk4d_font_destroy
sk4d_font_get_baseline_snap
sk4d_font_get_edging
sk4d_font_get_embedded_bitmaps
sk4d_font_get_embolden
sk4d_font_get_force_auto_hinting
sk4d_font_get_glyphs
sk4d_font_get_glyphs_count
sk4d_font_get_hinting
sk4d_font_get_horizontal_positions
sk4d_font_get_intercepts
sk4d_font_get_linear_metrics
sk4d_font_get_metrics
sk4d_font_get_path
sk4d_font_get_paths
sk4d_font_get_positions
sk4d_font_get_scale_x
sk4d_font_get_size
sk4d_font_get_skew_x
sk4d_font_get_subpixel
sk4d_font_get_typeface
sk4d_font_get_typeface_or_default
sk4d_font_get_widths_bounds
sk4d_font_is_equal
sk4d_font_measure_text
sk4d_font_set_baseline_snap
sk4d_font_set_edging
sk4d_font_set_embedded_bitmaps
sk4d_font_set_embolden
sk4d_font_set_force_auto_hinting
sk4d_font_set_hinting
sk4d_font_set_linear_metrics
sk4d_font_set_scale_x
sk4d_font_set_size
sk4d_font_set_skew_x
sk4d_font_set_subpixel
sk4d_font_set_typeface
sk4d_font_unichar_to_glyph
sk4d_font_unichars_to_glyphs
sk4d_graphics_allow_jit
sk4d_graphics_dump_memory_statistics
sk4d_graphics_get_font_cache_count_limit
sk4d_graphics_get_font_cache_count_used
sk4d_graphics_get_font_cache_limit
sk4d_graphics_get_font_cache_used
sk4d_graphics_get_resource_cache_single_allocation_byte_limit
sk4d_graphics_get_resource_cache_total_byte_limit
sk4d_graphics_get_resource_cache_total_bytes_used
sk4d_graphics_init
sk4d_graphics_purge_all_caches
sk4d_graphics_purge_font_cache
sk4d_graphics_purge_resource_cache
sk4d_graphics_set_font_cache_count_limit
sk4d_graphics_set_font_cache_limit
sk4d_graphics_set_resource_cache_single_allocation_byte_limit
sk4d_graphics_set_resource_cache_total_byte_limit
sk4d_image_encode_to_file
sk4d_image_encode_to_stream
sk4d_image_get_alpha_type
sk4d_image_get_color_space
sk4d_image_get_color_type
sk4d_image_get_height
sk4d_image_get_image_info
sk4d_image_get_unique_id
sk4d_image_get_width
sk4d_image_is_lazy_generated
sk4d_image_is_texture_backed
sk4d_image_is_valid
sk4d_image_make_cross_context
sk4d_image_make_from_adopted_texture
sk4d_image_make_from_encoded_file
sk4d_image_make_from_encoded_stream
sk4d_image_make_from_picture
sk4d_image_make_from_raster
sk4d_image_make_from_texture
sk4d_image_make_non_texture_image
sk4d_image_make_raster_copy
sk4d_image_make_raster_image
sk4d_image_make_raw_shader
sk4d_image_make_shader
sk4d_image_make_subset
sk4d_image_make_texture_image
sk4d_image_make_with_filter
sk4d_image_peek_pixels
sk4d_image_read_pixels
sk4d_image_scale_pixels
sk4d_imageencoder_encode_to_file
sk4d_imageencoder_encode_to_stream
sk4d_imagefilter_can_compute_fast_bounds
sk4d_imagefilter_compute_fast_bounds
sk4d_imagefilter_make_alpha_threshold
sk4d_imagefilter_make_arithmetic
sk4d_imagefilter_make_blend
sk4d_imagefilter_make_blur
sk4d_imagefilter_make_colorfilter
sk4d_imagefilter_make_compose
sk4d_imagefilter_make_dilate
sk4d_imagefilter_make_displacement_map
sk4d_imagefilter_make_distant_lit_diffuse
sk4d_imagefilter_make_distant_lit_specular
sk4d_imagefilter_make_drop_shadow
sk4d_imagefilter_make_drop_shadow_only
sk4d_imagefilter_make_erode
sk4d_imagefilter_make_image
sk4d_imagefilter_make_magnifier
sk4d_imagefilter_make_matrix_convolution
sk4d_imagefilter_make_matrix_transform
sk4d_imagefilter_make_merge
sk4d_imagefilter_make_offset
sk4d_imagefilter_make_picture
sk4d_imagefilter_make_point_lit_diffuse
sk4d_imagefilter_make_point_lit_specular
sk4d_imagefilter_make_runtime_shader
sk4d_imagefilter_make_runtime_shader2
sk4d_imagefilter_make_shader
sk4d_imagefilter_make_spot_lit_diffuse
sk4d_imagefilter_make_spot_lit_specular
sk4d_imagefilter_make_tile
sk4d_imagefilter_make_with_local_matrix
sk4d_maskfilter_make_blur
sk4d_maskfilter_make_shader
sk4d_maskfilter_make_table
sk4d_maskfilter_make_table_clip
sk4d_maskfilter_make_table_gamma
sk4d_opbuilder_add
sk4d_opbuilder_create
sk4d_opbuilder_destroy
sk4d_opbuilder_detach
sk4d_paint_create
sk4d_paint_create2
sk4d_paint_destroy
sk4d_paint_get_alpha
sk4d_paint_get_alphaf
sk4d_paint_get_anti_alias
sk4d_paint_get_blender
sk4d_paint_get_color
sk4d_paint_get_color_filter
sk4d_paint_get_colorf
sk4d_paint_get_dither
sk4d_paint_get_fill_path
sk4d_paint_get_image_filter
sk4d_paint_get_mask_filter
sk4d_paint_get_path_effect
sk4d_paint_get_shader
sk4d_paint_get_stroke_cap
sk4d_paint_get_stroke_join
sk4d_paint_get_stroke_miter
sk4d_paint_get_stroke_width
sk4d_paint_get_style
sk4d_paint_reset
sk4d_paint_set_alpha
sk4d_paint_set_alphaf
sk4d_paint_set_antialias
sk4d_paint_set_argb
sk4d_paint_set_blender
sk4d_paint_set_color
sk4d_paint_set_color_filter
sk4d_paint_set_colorf
sk4d_paint_set_dither
sk4d_paint_set_image_filter
sk4d_paint_set_mask_filter
sk4d_paint_set_path_effect
sk4d_paint_set_shader
sk4d_paint_set_stroke_cap
sk4d_paint_set_stroke_join
sk4d_paint_set_stroke_miter
sk4d_paint_set_stroke_width
sk4d_paint_set_style
sk4d_paragraph_destroy
sk4d_paragraph_did_exceed_max_lines
sk4d_paragraph_get_alphabetic_baseline
sk4d_paragraph_get_glyph_position_at_coordinate
sk4d_paragraph_get_height
sk4d_paragraph_get_ideographic_baseline
sk4d_paragraph_get_line_metrics
sk4d_paragraph_get_longest_line
sk4d_paragraph_get_max_intrinsic_width
sk4d_paragraph_get_max_width
sk4d_paragraph_get_min_intrinsic_width
sk4d_paragraph_get_rects_for_placeholders
sk4d_paragraph_get_rects_for_range
sk4d_paragraph_get_word_boundary
sk4d_paragraph_layout
sk4d_paragraph_paint
sk4d_paragraph_to_path
sk4d_paragraph_visit
sk4d_paragraphbuilder_add_placeholder
sk4d_paragraphbuilder_add_text
sk4d_paragraphbuilder_build
sk4d_paragraphbuilder_create
sk4d_paragraphbuilder_create2
sk4d_paragraphbuilder_destroy
sk4d_paragraphbuilder_pop
sk4d_paragraphbuilder_push_style
sk4d_paragraphstyle_create
sk4d_paragraphstyle_destroy
sk4d_paragraphstyle_disable_hinting
sk4d_paragraphstyle_get_ellipsis
sk4d_paragraphstyle_get_height
sk4d_paragraphstyle_get_max_lines
sk4d_paragraphstyle_get_strut_style
sk4d_paragraphstyle_get_text_align
sk4d_paragraphstyle_get_text_direction
sk4d_paragraphstyle_get_text_height_behaviors
sk4d_paragraphstyle_get_text_style
sk4d_paragraphstyle_set_ellipsis
sk4d_paragraphstyle_set_height
sk4d_paragraphstyle_set_max_lines
sk4d_paragraphstyle_set_strut_style
sk4d_paragraphstyle_set_text_align
sk4d_paragraphstyle_set_text_direction
sk4d_paragraphstyle_set_text_height_behaviors
sk4d_paragraphstyle_set_text_style
sk4d_particleeffect_get_position
sk4d_particleeffect_get_rate
sk4d_particleeffect_get_uniform
sk4d_particleeffect_get_uniform_count
sk4d_particleeffect_get_uniform_data
sk4d_particleeffect_get_uniform_data_count
sk4d_particleeffect_get_uniform_name
sk4d_particleeffect_init
sk4d_particleeffect_make_from_file
sk4d_particleeffect_make_from_stream
sk4d_particleeffect_render
sk4d_particleeffect_set_position
sk4d_particleeffect_set_rate
sk4d_particleeffect_set_uniform
sk4d_particleeffect_start
sk4d_particleeffect_update
sk4d_path_contains
sk4d_path_convert_conic_to_quads
sk4d_path_create
sk4d_path_create2
sk4d_path_destroy
sk4d_path_get_bounds
sk4d_path_get_fill_type
sk4d_path_get_last_point
sk4d_path_get_segment_masks
sk4d_path_get_tight_bounds
sk4d_path_interpolate
sk4d_path_is_convex
sk4d_path_is_empty
sk4d_path_is_finite
sk4d_path_is_interpolatable
sk4d_path_is_last_contour_closed
sk4d_path_is_line
sk4d_path_is_oval
sk4d_path_is_rect
sk4d_path_is_rrect
sk4d_path_op
sk4d_path_serialize_to_stream
sk4d_path_to_svg
sk4d_path_transform
sk4d_pathbuilder_add_arc
sk4d_pathbuilder_add_circle
sk4d_pathbuilder_add_oval
sk4d_pathbuilder_add_path
sk4d_pathbuilder_add_polygon
sk4d_pathbuilder_add_rect
sk4d_pathbuilder_add_rrect
sk4d_pathbuilder_arc_to
sk4d_pathbuilder_arc_to2
sk4d_pathbuilder_arc_to3
sk4d_pathbuilder_close
sk4d_pathbuilder_conic_to
sk4d_pathbuilder_create
sk4d_pathbuilder_create2
sk4d_pathbuilder_cubic_to
sk4d_pathbuilder_destroy
sk4d_pathbuilder_detach
sk4d_pathbuilder_get_bounds
sk4d_pathbuilder_get_fill_type
sk4d_pathbuilder_inc_reserve
sk4d_pathbuilder_line_to
sk4d_pathbuilder_move_to
sk4d_pathbuilder_offset
sk4d_pathbuilder_polyline_to
sk4d_pathbuilder_quad_to
sk4d_pathbuilder_r_conic_to
sk4d_pathbuilder_r_cubic_to
sk4d_pathbuilder_r_line_to
sk4d_pathbuilder_r_quad_to
sk4d_pathbuilder_reset
sk4d_pathbuilder_set_filltype
sk4d_pathbuilder_snapshot
sk4d_pathbuilder_toggle_inverse_filltype
sk4d_patheffect_make_1dpath
sk4d_patheffect_make_2dline
sk4d_patheffect_make_2dpath
sk4d_patheffect_make_compose
sk4d_patheffect_make_corner
sk4d_patheffect_make_dash
sk4d_patheffect_make_discrete
sk4d_patheffect_make_matrix
sk4d_patheffect_make_merge
sk4d_patheffect_make_stroke
sk4d_patheffect_make_stroke_and_fill
sk4d_patheffect_make_sum
sk4d_patheffect_make_translate
sk4d_patheffect_make_trim
sk4d_pathiterator_create
sk4d_pathiterator_destroy
sk4d_pathiterator_next
sk4d_pathmeasure_create
sk4d_pathmeasure_destroy
sk4d_pathmeasure_get_length

Sections

.text
Size: 7.2MB - Virtual size: 7.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10.7MB - Virtual size: 10.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 29B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.voltbl
Size: 512B - Virtual size: 334B

.reloc
Size: 218KB - Virtual size: 218KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
updater.dll
.exe windows:5 windows x64 arch:x64

06d97da48524bf3797bec414d0c42fbd

Code Sign

09:4b:5f:50:17:8c:1e:bb:a2:1f:63:7c:16:21:57:ee
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/10/2020, 00:00

Not After

23/11/2021, 12:00

Subject

SERIALNUMBER=911101083302797532,CN=Nox Limited,O=Nox Limited,ST=北京市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c09e6b5b7e6b780e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e58c97e4baace5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:4b:5f:50:17:8c:1e:bb:a2:1f:63:7c:16:21:57:ee
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

13/10/2020, 00:00

Not After

23/11/2021, 12:00

Subject

SERIALNUMBER=911101083302797532,CN=Nox Limited,O=Nox Limited,ST=北京市,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#0c09e6b5b7e6b780e58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e58c97e4baace5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:84:d6:d7:ac:16:44:7e:77:11:6f:c8:11:f3:93:e2:62:25:7d:89:36:91:e9:7e:68:fc:29:e6:b6:ee:75:a0
Signer

Actual PE Digest

0b:84:d6:d7:ac:16:44:7e:77:11:6f:c8:11:f3:93:e2:62:25:7d:89:36:91:e9:7e:68:fc:29:e6:b6:ee:75:a0

Digest Algorithm

sha256

PE Digest Matches

true

74:aa:47:7e:60:7a:2d:57:d4:7f:92:2a:7a:27:05:1e:86:00:f0:78
Signer

Actual PE Digest

74:aa:47:7e:60:7a:2d:57:d4:7f:92:2a:7a:27:05:1e:86:00:f0:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\VirtualBox\VirtualBox-5.2.36\out\win.amd64\release\obj\VBoxNetDHCP\VBoxNetDHCP.pdb

Imports

msvcr100

__setusermatherr
_commode
_fmode
__set_app_type
?terminate@@YAXXZ
?_type_info_dtor_internal_method@type_info@@QEAAXXZ
__crt_debugger_hook
_configthreadlocale
_initterm_e
_initterm
??0exception@std@@QEAA@AEBQEBDH@Z
_acmdln
_cexit
_ismbblead
_exit
_XcptFilter
__getmainargs
_amsg_exit
_onexit
_lock
__dllonexit
_unlock
__C_specific_handler
memset
memcmp
?what@exception@std@@UEBAPEBDXZ
??1exception@std@@UEAA@XZ
??3@YAXPEAX@Z
__CxxFrameHandler3
memcpy
memmove
_purecall
exit
__argv
__argc
??0exception@std@@QEAA@AEBV01@@Z
_CxxThrowException
??2@YAPEAX_K@Z
??0exception@std@@QEAA@AEBQEBD@Z

msvcp100

?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z

user32

DefWindowProcW
MsgWaitForMultipleObjects
PostQuitMessage
UnregisterClassW
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
SetWindowPos
CreateWindowExW
RegisterClassW
PostThreadMessageW
PeekMessageW

ole32

CoCreateFreeThreadedMarshaler
CoCreateInstance
CoInitializeEx

oleaut32

LoadRegTypeLi
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreate
SysFreeString
SysAllocStringByteLen

vboxrt

?getAttributeValue@ElementNode@xml@@QEBA_NPEBDPEA_K0@Z
?findChildElementNS@ElementNode@xml@@QEBAPEBV12@PEBD0@Z
RTNetStrToMacAddr
?getAttributeValue@ElementNode@xml@@QEBA_NPEBDPEAVRTCString@@0@Z
??1XmlFileWriter@xml@@QEAA@XZ
?write@XmlFileWriter@xml@@QEAAXPEBD_N@Z
??0XmlFileWriter@xml@@QEAA@AEAVDocument@1@@Z
?setAttribute@ElementNode@xml@@QEAAPEAVAttributeNode@2@PEBD0@Z
??1Document@xml@@QEAA@XZ
?createRootElement@Document@xml@@QEAAPEAVElementNode@2@PEBD0@Z
??0Document@xml@@QEAA@XZ
??1XmlFileParser@xml@@QEAA@XZ
??1NodesLoop@xml@@QEAA@XZ
?forAllNodes@NodesLoop@xml@@QEBAPEBVElementNode@2@XZ
??0NodesLoop@xml@@QEAA@AEBVElementNode@1@PEBD@Z
?nameEqualsNS@Node@xml@@QEBA_NPEBD0@Z
?getRootElement@Document@xml@@QEAAPEAVElementNode@2@XZ
?read@XmlFileParser@xml@@QEAAXAEBVRTCString@@AEAVDocument@2@@Z
??0RTCString@@QEAA@PEBD@Z
??0XmlFileParser@xml@@QEAA@XZ
SUPR3CallVMMR0Ex
RTNetUDPChecksum
RTNetIPv4FinalizeChecksum
RTNetTCPChecksum
RTNetIPv6PseudoChecksumEx
RTNetIPv4PseudoChecksum
RTNetIPv4HdrChecksum
RTNetIPv4IsUDPSizeValid
RTNetIPv4IsUDPValid
RTNetIPv4IsHdrValid
RTNetIPv4UDPChecksum
RTRandU32
RTCritSectEnter
?getAttributeValue@ElementNode@xml@@QEBA_NPEBDPEAI0@Z
RTLogLoggerEx
RTLogRelGetDefaultInstanceEx
RTProcShortName
RTMemAllocTag
RTStrCopy
SUPR3LoadVMM
RTPathExecDir
SUPR3Init
SUPR3Term
RTBldCfgVersion
RTBldCfgRevision
RTMemFree
RTGetOpt
RTGetOptInit
RTStrToUInt32
RTStrStr
??0RTCString@@QEAA@XZ
??_7RTCString@@6B@
?cleanup@RTCString@@IEAAXXZ
?c_str@RTCString@@QEBAPEBDXZ
RTNetStrToIPv4Addr
g_pStdErr
RTStrmPrintf
RTNetIPv4IsDHCPValid
?printfV@RTCString@@QEAAAEAV1@PEBDPEAD@Z
??1RTCString@@UEAA@XZ
RTUtf16Cmp
RTCritSectDelete
RTCritSectInit
?setAttribute@ElementNode@xml@@QEAAPEAVAttributeNode@2@PEBDAEBVRTCString@@@Z
?createChild@ElementNode@xml@@QEAAPEAV12@PEBD@Z
?setAttribute@ElementNode@xml@@QEAAPEAVAttributeNode@2@PEBD_K@Z
RTStrPrintf
RTTimeMilliTS
RTStrToUInt8Ex
RTStrToUInt32Ex
??4RTCString@@QEAAAEAV0@AEBV0@@Z
RTR3InitExe
RTMsgInitFailure
RTThreadCreate
RTThreadGetNative
RTThreadWait
RTGetOptPrintError
RTCritSectLeave
RTPrintf
?setAttribute@ElementNode@xml@@QEAAPEAVAttributeNode@2@PEBDI@Z
RTStrNLen
RTStrToUtf16ExTag
RTStrCalcUtf16LenEx
RTUtf16Len
RTUtf16ToUtf8ExTag
RTThreadSelf
RTLdrGetSymbol
RTLdrLoad
RTPathAppend
RTPathAppPrivateArch
RTErrConvertFromWin32

kernel32

GetModuleHandleW
EncodePointer
DecodePointer
Sleep
GetStartupInfoW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLastError
GetModuleHandleExW
VirtualProtect
GetProcAddress
CreateMutexW
SetLastError
DuplicateHandle
GetCurrentThread
CloseHandle

rpcrt4

CStdStubBuffer_Invoke

Exports

Exports

TrustedMain

Sections

.text
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64/Data
.exe windows:6 windows x64 arch:x64

8d739494d9fbb88c9dabc3d06906254c

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

16/09/2022, 00:00

Not After

17/09/2025, 23:59

Subject

CN=AVG Technologies USA\, LLC,O=AVG Technologies USA\, LLC,L=Redwood City,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

14/07/2023, 00:00

Not After

13/10/2034, 23:59

Subject

CN=DigiCert Timestamp 2023,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

00:4b:6e:b9:2e:17:08:d5:a1:18:0c:22:ff:2c:93:93:ac:60:e9:39:63:b3:00:02:b8:0b:9e:1e:31:b5:99:e7
Signer

Actual PE Digest

00:4b:6e:b9:2e:17:08:d5:a1:18:0c:22:ff:2c:93:93:ac:60:e9:39:63:b3:00:02:b8:0b:9e:1e:31:b5:99:e7

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\BUILD\work\e0dd96435fde7cb0\BUILDS\Release\x64\afwServ.pdb

Imports

rpcrt4

RpcBindingFromStringBindingW
RpcStringFreeW
RpcStringBindingComposeW
I_RpcBindingInqLocalClientPID
NdrServerCallAll
UuidCreate
NdrClientCall3
UuidCreateSequential
RpcBindingFree
NdrServerCall2

afwcoreclient

?Get@CAfwAppInfoList@@QEAA_NKAEAW4_EAppPathType@@AEAU_GUID@@AEAPEB_W222@Z
??1CAfwCoreClient@@UEAA@XZ
?Config_SetValue@CAfwCoreClient@@SAKUXMLNode@@PEB_W11@Z
?Rules_EnumAppList@CAfwCoreClient@@QEAAPEAVCAfwAppInfoList@@K@Z
??0CAfwCoreClient@@QEAA@XZ
?Rules_GetApps@CAfwCoreClient@@QEAA_NAEAV?$map@VCGUID@@V?$shared_ptr@VCAfwApplication@@@std@@U?$less@VCGUID@@@3@V?$allocator@U?$pair@$$CBVCGUID@@V?$shared_ptr@VCAfwApplication@@@std@@@std@@@3@@std@@@Z
?Rules_GetGroups@CAfwCoreClient@@QEAA_NAEAV?$map@VCGUID@@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@U?$less@VCGUID@@@3@V?$allocator@U?$pair@$$CBVCGUID@@V?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@std@@@3@@std@@@Z
?Rules_DeleteApp@CAfwCoreClient@@QEAAKVCGUID@@_N@Z
?Count@CAfwAppInfoList@@QEAA_KXZ
?Release@CAfwAppInfoList@@QEAAXXZ
?Rules_LoadGroups@CAfwCoreClient@@QEAAKPEAK@Z
?Rules_GetGroupByGuid@CAfwCoreClient@@QEAAPEAVCAfwAppGroup@@VCGUID@@@Z
?Rules_ReleaseGroupObj@CAfwCoreClient@@QEAAXPEAVCAfwAppGroup@@@Z
?Rules_CreateNewApp@CAfwCoreClient@@QEAAPEAVCAfwApplication@@PEB_W0@Z
?Rules_CreateNewGroup@CAfwCoreClient@@QEAAPEAVCAfwAppGroup@@PEB_W0@Z
?Rules_AddAppIntoGroup@CAfwCoreClient@@QEAAKVCGUID@@0@Z
?Rules_CommitGroupChanges@CAfwCoreClient@@QEAAKXZ
?Rules_CommitAppChange@CAfwCoreClient@@QEAAKPEAVCAfwApplication@@_N@Z
??1CAfwApplication@@QEAA@XZ
?ReloadConfigAndRules@CAfwCoreClient@@QEAAKXZ
?Rules_SetPacketRules@CAfwCoreClient@@QEAAKPEAUAFW_PACKET_RULE@@_KVCGUID@@@Z
?Rules_ReleasePacketRulesBuffer@CAfwCoreClient@@QEAAXPEAUAFW_PACKET_RULE@@_K@Z
?Rules_GetPacketRules@CAfwCoreClient@@QEAAKPEAPEAUAFW_PACKET_RULE@@PEA_KVCGUID@@@Z
?UpdateConnectionInfo@CAfwCoreClient@@QEAA_NPEAVIAfwConnectionCallback@@@Z
?ReleaseConnectionInfo@CAfwCoreClient@@QEAA_NPEAVIAfwConnectionCallback@@@Z
?Rules_DeleteGroup@CAfwCoreClient@@QEAAKVCGUID@@@Z
?Rules_EnumGroupsGuids@CAfwCoreClient@@QEAAKQEAVCGUID@@K@Z

afwrpc

afwRpcInitServer
afwRpcStopServer
afwRpcCreateBindingAndConnectUuid
afwRpcDisconnect
afwFree
afwAlloc

wsock32

getservbyport
ntohs

ashbase

notEventId

aavmrpch

AavmRpcCreateBinding
AavmRpcIsProductExpired
AavmRpcDestroyBinding

libcrypto-3-x64

SHA256_Init
SHA1_Final
SHA256_Final
SHA512_Final
SHA512_Init
SHA512_Update
SHA1_Init
SHA1_Update
SHA256_Update

dll_loader

?load_dll@dll_loader@asw@@YAPEAUHINSTANCE__@@PEB_W0@Z
?free_dll@dll_loader@asw@@YA_NPEAUHINSTANCE__@@@Z

wtsapi32

WTSQuerySessionInformationW
WTSFreeMemory
WTSEnumerateSessionsW

shell32

ord165
SHGetFolderPathW

aswcmnis

sha256Final
sha256Update
sha256Init

aswcmnos

dep_fsCloseFile
dep_fsReadFile
dep_fsCreateFromHandle
dep_fsOpenFile
dep_fsGetFileSizeHandle
cmnosMiniInit

aswcmnbs

svcIsServiceInstalled
svcServiceUninstall
secOpenSharedEvent
svcServiceStart
secIsSelfDefenseEnabled
secIsServiceProtectionEnabled
fsGetAvastDataPath
secPreventHookDllInjection
cmnbFree
ConvertGuidPathDosPath
ConvertNtPathToDosPath
secCreateSharedMutex
secIsRpcClientTrusted
secCreateSharedFileMapping
ConvertDosPathToGuidPathKernel
svcServiceInstall
secIsProcessTrusted
fsGetAvastLogPath
secCreateSharedEvent
GetHardwareId
ConvertDosPathToNtPath
fsGetAvastFwDataPath
cmnbInit

ntdll

NtClose
RtlDllShutdownInProgress
RtlVirtualUnwind
RtlLookupFunctionEntry
NtSystemDebugControl
VerSetConditionMask
NtQueryInformationProcess
NtOpenKey
RtlCaptureContext
NtQueryKey
NtDeleteKey
NtSetInformationThread

kernel32

ReleaseSRWLockExclusive
AcquireSRWLockExclusive
FormatMessageA
GetLocaleInfoEx
WakeAllConditionVariable
SleepConditionVariableSRW
InitializeSListHead
GlobalMemoryStatusEx
CompareStringW
FindVolumeClose
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
CancelIo
GetOverlappedResult
GetStartupInfoW
GetVolumePathNamesForVolumeNameW
FindNextVolumeW
QueryDosDeviceW
FindFirstVolumeW
K32GetMappedFileNameW
GetDiskFreeSpaceExW
CopyFileW
SetFileAttributesW
ExpandEnvironmentStringsW
MultiByteToWideChar
GetLastError
LoadLibraryA
GetProcAddress
GetModuleHandleW
LoadLibraryExW
HeapFree
HeapAlloc
GetProcessHeap
SetDllDirectoryW
DeleteCriticalSection
Sleep
SetEvent
CloseHandle
InitializeCriticalSectionEx
GetModuleFileNameW
SetLastError
GetSystemTimeAsFileTime
HeapSetInformation
SetCurrentDirectoryW
QueueUserWorkItem
GetModuleHandleExW
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
WideCharToMultiByte
GetWindowsDirectoryW
RaiseException
TerminateProcess
GetCurrentProcess
OpenThread
GetCurrentThreadId
WaitForSingleObject
GetTickCount
CreateNamedPipeW
CreateEventW
CreateThread
ReleaseMutex
GetCurrentProcessId
TerminateThread
FreeLibrary
UnmapViewOfFile
DeviceIoControl
GetQueuedCompletionStatus
ProcessIdToSessionId
LoadLibraryW
GetSystemInfo
CreateIoCompletionPort
SetThreadPriority
MapViewOfFile
OpenProcess
GetLongPathNameW
GetTickCount64
ResetEvent
CreateFileW
LocalFree
CreateDirectoryW
GetModuleFileNameA
InitializeProcThreadAttributeList
UpdateProcThreadAttribute
GetSystemDirectoryW
GetFileAttributesW
VerifyVersionInfoW
OutputDebugStringW
DeleteFileW
CreateProcessW
GetExitCodeProcess
FindFirstFileW
ReadProcessMemory
CheckRemoteDebuggerPresent
VirtualProtect
FlushInstructionCache
FindClose
GetProcessId
GetEnvironmentVariableW
SetEnvironmentVariableW
TlsFree
TlsAlloc
TlsSetValue
TlsGetValue
SetErrorMode
SetUnhandledExceptionFilter
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
VirtualQuery
GetNativeSystemInfo
DuplicateHandle
GetSystemTimes
GetProcessTimes
QueryFullProcessImageNameW
GetPriorityClass
GetThreadPriority
K32EnumProcesses
GetThreadTimes
K32GetProcessMemoryInfo
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
GetProcessHandleCount
CompareFileTime
GetFileAttributesExW
WaitForMultipleObjects
GetCurrentThread
LoadLibraryExA
QueryPerformanceFrequency
QueryPerformanceCounter
QueryThreadCycleTime
DeleteProcThreadAttributeList
K32GetProcessImageFileNameW
GetThreadId
WriteFile
ReadFile
UnlockFileEx
LockFileEx
GetFileSizeEx

user32

GetSystemMetrics
GetGUIThreadInfo
SendMessageCallbackW
IsHungAppWindow
MsgWaitForMultipleObjects
PeekMessageW
DispatchMessageW
RegisterClassExW
GetClassInfoExW

advapi32

StartServiceW
RegDeleteTreeW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyExW
RegEnumKeyW
CryptReleaseContext
CryptGenRandom
CryptAcquireContextW
FreeSid
AllocateAndInitializeSid
ImpersonateSelf
AdjustTokenPrivileges
LookupPrivilegeValueW
QueryServiceStatus
CloseServiceHandle
QueryServiceStatusEx
OpenServiceW
OpenSCManagerW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryValueExW
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
CheckTokenMembership
DuplicateToken
EqualSid
OpenProcessToken
GetTokenInformation
OpenThreadToken
RevertToSelf
QueryServiceConfigW

ole32

CoUninitialize
CoCreateInstance
CoGetObject
CoInitializeEx
StringFromGUID2

msvcp140

?sgetc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?sbumpc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?uflow@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAGXZ
?_Unlock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?_Lock@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAAXXZ
?sync@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JXZ
?xsgetn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEA_W_J@Z
?xsputn@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAA_JPEB_W_J@Z
?setbuf@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAPEAV12@PEA_W_J@Z
?imbue@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@MEAAXAEBVlocale@2@@Z
?_Ipfx@?$basic_istream@_WU?$char_traits@_W@std@@@std@@QEAA_N_N@Z
?snextc@?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@QEAAGXZ
?setstate@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEAAXH_N@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IEAA@XZ
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QEAA@PEAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
_Thrd_detach
_Thrd_join
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?uncaught_exceptions@std@@YAHXZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UEAA@XZ
??Bios_base@std@@QEBA_NXZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_J@Z
?put@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QEBA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AEAVios_base@2@DPEBUtm@@PEBD3@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@2V0locale@2@A
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
?toupper@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
_Query_perf_frequency
_Query_perf_counter
?__ExceptionPtrCopyException@@YAXPEAXPEBX1@Z
?good@ios_base@std@@QEBA_NXZ
_Thrd_id
?_Xinvalid_argument@std@@YAXPEBD@Z
_Cnd_do_broadcast_at_thread_exit
?fail@ios_base@std@@QEBA_NXZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?toupper@?$ctype@_W@std@@QEBAPEB_WPEA_WPEB_W@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?write@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@PEB_W_J@Z
?eof@ios_base@std@@QEBA_NXZ
_Thrd_sleep
?widen@?$basic_ios@_WU?$char_traits@_W@std@@@std@@QEBA_WD@Z
?put@?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QEAAAEAV12@_W@Z
?is@?$ctype@_W@std@@QEBA_NF_W@Z
?_Winerror_map@std@@YAHH@Z
?_Syserror_map@std@@YAPEBDH@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
_Unlock_shared_ptr_spin_lock
_Lock_shared_ptr_spin_lock
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@K@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
_Mbrtowc
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?_Throw_Cpp_error@std@@YAXH@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?classic@locale@std@@SAAEBV12@XZ
?_Xbad_alloc@std@@YAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
?id@?$numpunct@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Xlength_error@std@@YAXPEBD@Z
_Mtx_destroy_in_situ
?__ExceptionPtrDestroy@@YAXPEAX@Z
_Mtx_lock
_Mtx_init_in_situ
_Mtx_unlock
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBADD@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Incref@facet@locale@std@@UEAAXXZ
??Bid@locale@std@@QEAA_KXZ
?_Gettrue@_Locinfo@std@@QEBAPEBDXZ
?_Getfalse@_Locinfo@std@@QEBAPEBDXZ
?_Getlconv@_Locinfo@std@@QEBAPEBUlconv@@XZ
?_Getcvt@_Locinfo@std@@QEBA?AU_Cvtvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?id@?$numpunct@_W@std@@2V0locale@2@A
_Xtime_get_ticks
?tolower@?$ctype@_W@std@@QEBA_W_W@Z
?_Getcat@?$ctype@_W@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?id@?$ctype@_W@std@@2V0locale@2@A
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ

msvcp140_atomic_wait

__std_atomic_wait_direct
__std_atomic_notify_all_direct

powrprof

CallNtPowerInformation

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_name
wcsstr
__std_terminate
_purecall
__std_exception_copy
wcsrchr
__C_specific_handler
__std_type_info_compare
wcschr
__RTDynamicCast
_CxxThrowException
memcmp
memmove
memset
__current_exception
__RTtypeid
__current_exception_context
memchr
strchr
memcpy
__std_exception_destroy

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free
_callnewh
realloc
_set_new_mode

api-ms-win-crt-math-l1-1-0

modf
_isnan
_finite
_fdclass
__setusermatherr
_ldclass
_dsign
_fdsign
_ldsign
_dclass

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_set_app_type
_configure_wide_argv
_errno
_initterm
_register_thread_local_exe_atexit_callback
_beginthreadex
exit
_cexit
abort
_seh_filter_exe
_invalid_parameter_noinfo_noreturn
_exit
_c_exit
_initialize_onexit_table
_get_wide_winmain_command_line
terminate
_register_onexit_function
_crt_atexit
_initialize_wide_environment

api-ms-win-crt-stdio-l1-1-0

_set_fmode
fwrite
fflush
__stdio_common_vswprintf
_wfopen
__stdio_common_vsprintf_s
__p__commode
__stdio_common_vswprintf_s
__acrt_iob_func
__stdio_common_vsscanf
__stdio_common_vsprintf
fclose

api-ms-win-crt-string-l1-1-0

isdigit
wcscpy_s
wcsncpy
_wcsicmp
wcscat_s
towupper
_wcsnicmp
strncpy_s
wcsncmp
strcpy_s
_stricmp
strcmp

api-ms-win-crt-time-l1-1-0

_time64
_gmtime64

api-ms-win-crt-convert-l1-1-0

wcstoul
_wtoll
_i64tow_s
_wtoi64
wcstol
wcstoll
_wtoi
_itow_s
strtoul

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

iphlpapi

GetAdaptersInfo
GetTcpTable
SetTcpEntry

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shlwapi

PathRemoveFileSpecW
PathFindFileNameW
PathAppendW

Exports

Exports

asw_process_storage_allocate_connector
asw_process_storage_deallocate_connector
on_avast_dll_unload
onexit_register_connector_avast_2

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 489KB - Virtual size: 489KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 133KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
x64/Templates/Caratula.xml
x64/Templates/CaratulaAEC.xml
x64/Templates/CaratulaLibrosDte.xml
x64/Templates/ConfigComplementos.rpt
x64/Templates/DTECompraInt.xml
x64/Templates/DTEReportes_.xml
x64/Templates/DetalleLibro.xml
x64/Templates/DetalleLibroGuia.xml
x64/Templates/Dte.xml
x64/Templates/DteAEC.xml
x64/Templates/DteExp.xml
x64/Templates/DteLiqFact.xml
x64/Templates/InformeDoctosProcesados.rpt
x64/Templates/Libro.rpt
x64/Templates/LibroCompra.rpt
x64/Templates/LibroF.rpt
x64/Templates/LibroGuia.rpt
x64/Templates/ReporteCliente.rpt
x64/Templates/ResumenPerLibro.xml
x64/Templates/ResumenPerLibroGuia.xml
x64/Templates/ResumenSegLibro.xml
x64/Templates/ResumenSegLibroGuia.xml
x64/Templates/Schemas/SchemaDoctoXML/DTE_v10.xsd
.xml
x64/Templates/Schemas/SchemaDoctoXML/SchemaDoctoXML.xsd
.xml
x64/Templates/Schemas/SchemaDoctoXML/SiiTypes_v10.xsd
.xml
x64/Templates/Schemas/SchemaDoctoXML/xmldsignature_v10.xsd
.xml
x64/Templates/TemplateCorreoCliente.htm
.html
x64/Templates/XmlLibros.xml
x64/modules/config/config.ini
x64/runlm.dll
.exe windows:4 windows x64 arch:x64

338b4e6629e889aab50c18a596740af9

Code Sign

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:ca:71:4a:c0:6f:07:d2:fd:2c:38:f6:61:20:63
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/04/2022, 00:00

Not After

11/04/2025, 23:59

Subject

SERIALNUMBER=91510107MA654N9046,CN=Chengdu ShanHe Information Technology Co.\, Ltd.,O=Chengdu ShanHe Information Technology Co.\, Ltd.,L=Chengdu,ST=Sichuan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130e5775686f75204469737472696374,1.3.6.1.4.1.311.60.2.1.2=#13075369636875616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:5b:97:5e:d8:eb:41:a4:dc:54:ac:49:7f:08:c0:e2
Certificate

Issuer

CN=EC-ACC,OU=Serveis Publics de Certificacio+OU=Vegeu https://www.catcert.net/verarrel (c)03+OU=Jerarquia Entitats de Certificacio Catalanes,O=Agencia Catalana de Certificacio (NIF Q-0801176-I),C=ES

Not Before

06/06/2023, 09:02

Not After

05/06/2027, 09:02

Subject

CN=Servei de segellat de temps de PSIS,O=Consorci Administració Oberta de Catalunya (NIF Q-0801175-A),C=ES

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:9b:1b:57:9e:8e:21:32:e2:39:07:bd:a7:77:75:5c
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2013, 12:00

Not After

15/01/2038, 12:00

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:48:ca:71:4a:c0:6f:07:d2:fd:2c:38:f6:61:20:63
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

13/04/2022, 00:00

Not After

11/04/2025, 23:59

Subject

SERIALNUMBER=91510107MA654N9046,CN=Chengdu ShanHe Information Technology Co.\, Ltd.,O=Chengdu ShanHe Information Technology Co.\, Ltd.,L=Chengdu,ST=Sichuan,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.1=#130e5775686f75204469737472696374,1.3.6.1.4.1.311.60.2.1.2=#13075369636875616e,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:5b:97:5e:d8:eb:41:a4:dc:54:ac:49:7f:08:c0:e2
Certificate

Issuer

CN=EC-ACC,OU=Serveis Publics de Certificacio+OU=Vegeu https://www.catcert.net/verarrel (c)03+OU=Jerarquia Entitats de Certificacio Catalanes,O=Agencia Catalana de Certificacio (NIF Q-0801176-I),C=ES

Not Before

06/06/2023, 09:02

Not After

05/06/2027, 09:02

Subject

CN=Servei de segellat de temps de PSIS,O=Consorci Administració Oberta de Catalunya (NIF Q-0801175-A),C=ES

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

8d:a8:41:df:51:63:4b:5c:29:e4:ad:05:8a:80:0c:43:36:1d:b1:f5:9a:fa:2c:5c:ed:b8:f0:ea:be:83:76:af
Signer

Actual PE Digest

8d:a8:41:df:51:63:4b:5c:29:e4:ad:05:8a:80:0c:43:36:1d:b1:f5:9a:fa:2c:5c:ed:b8:f0:ea:be:83:76:af

Digest Algorithm

sha256

PE Digest Matches

true

59:1c:0c:06:ed:20:d4:1e:2a:5d:6a:09:0b:3d:ef:c8:de:52:00:de
Signer

Actual PE Digest

59:1c:0c:06:ed:20:d4:1e:2a:5d:6a:09:0b:3d:ef:c8:de:52:00:de

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

PDB Paths

Imports

cygwin1

__cxa_atexit
__errno
__getreent
__main
_dll_crt0
_impure_ptr
calloc
cygwin_detach_dll
cygwin_internal
dll_dllcrt0
exit
fgets
fprintf
free
fwrite
getopt
getpid
isalnum
isprint
malloc
memcpy
memset
nanosleep
optarg
opterr
optopt
perror
posix_memalign
printf
puts
realloc
setbuf
snprintf
strchr
strlen
strncat
strncpy
strtoul
time
tolower

cygnettle-6

nettle_base64_decode_final
nettle_base64_decode_init
nettle_base64_decode_update
nettle_base64_encode_final
nettle_base64_encode_init
nettle_base64_encode_update

cygstdc++-6

_ZNSt8ios_base4InitC1Ev
_ZNSt8ios_base4InitD1Ev
__cxa_guard_acquire
__cxa_guard_release

kernel32

GetModuleHandleA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buildid
Size: 512B - Virtual size: 53B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 432B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 392B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d2a7253d77cd215b215cefcfd6ff847

Code Sign

27:b8:de:4c:3f:63:fe:ae:04:71:f7:04:11:76:3d:dbCertificate

Extended Key Usages

Key Usages

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39Certificate

Extended Key Usages

Key Usages

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31Certificate

Extended Key Usages

Key Usages

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87Certificate

Extended Key Usages

Key Usages

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27Certificate

Key Usages

0d:4a:eb:7f:df:9a:87:c3:d6:74:b2:b9:bd:a8:32:85:cf:b2:a5:09:95:9e:fc:86:78:16:0e:0e:17:79:84:b9Signer

Headers

DLL Characteristics

File Characteristics

Imports

winmm

oleacc

shlwapi

winspool.drv

comdlg32

comctl32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

shfolder

ole32

gdi32

Exports

Exports

Sections

.text Size: 4.4MB - Virtual size: 4.4MB

.itext Size: 11KB - Virtual size: 10KB

.data Size: 139KB - Virtual size: 138KB

.bss Size: - Virtual size: 128KB

.idata Size: 15KB - Virtual size: 14KB

.didata Size: 3KB - Virtual size: 3KB

.edata Size: 512B - Virtual size: 153B

.tls Size: - Virtual size: 92B

.rdata Size: 512B - Virtual size: 93B

.reloc Size: 395KB - Virtual size: 395KB

.rsrc Size: 450KB - Virtual size: 450KB

07f32d8ab79b9482618710670d853c9a

Headers

DLL Characteristics

File Characteristics

Imports

ole32

fontsub

user32

opengl32

kernel32

Exports

Exports

Sections

.text Size: 7.2MB - Virtual size: 7.2MB

.rdata Size: 10.7MB - Virtual size: 10.7MB

.data Size: 27KB - Virtual size: 51KB

.00cfg Size: 512B - Virtual size: 8B

.tls Size: 512B - Virtual size: 29B

.voltbl Size: 512B - Virtual size: 334B

.reloc Size: 218KB - Virtual size: 218KB

06d97da48524bf3797bec414d0c42fbd

Code Sign

27:b8:de:4c:3f:63:fe:ae:04:71:f7:04:11:76:3d:db
Certificate

99:a3:80:0a:26:55:3b:65:ab:dc:6e:84:a6:b3:ea:39
Certificate

09:c5:cc:f8:bb:66:7d:71:37:aa:c1:59:80:06:cb:31
Certificate

e7:ff:69:c7:3b:35:ce:4b:91:26:d8:74:7c:68:a5:87
Certificate

1b:b5:8f:25:2a:df:23:00:49:28:c9:ae:3d:7e:ed:27
Certificate

0d:4a:eb:7f:df:9a:87:c3:d6:74:b2:b9:bd:a8:32:85:cf:b2:a5:09:95:9e:fc:86:78:16:0e:0e:17:79:84:b9
Signer

.text
Size: 4.4MB - Virtual size: 4.4MB

.itext
Size: 11KB - Virtual size: 10KB

.data
Size: 139KB - Virtual size: 138KB

.bss
Size: - Virtual size: 128KB

.idata
Size: 15KB - Virtual size: 14KB

.didata
Size: 3KB - Virtual size: 3KB

.edata
Size: 512B - Virtual size: 153B

.tls
Size: - Virtual size: 92B

.rdata
Size: 512B - Virtual size: 93B

.reloc
Size: 395KB - Virtual size: 395KB

.rsrc
Size: 450KB - Virtual size: 450KB

.text
Size: 7.2MB - Virtual size: 7.2MB

.rdata
Size: 10.7MB - Virtual size: 10.7MB

.data
Size: 27KB - Virtual size: 51KB

.00cfg
Size: 512B - Virtual size: 8B

.tls
Size: 512B - Virtual size: 29B

.voltbl
Size: 512B - Virtual size: 334B

.reloc
Size: 218KB - Virtual size: 218KB

09:4b:5f:50:17:8c:1e:bb:a2:1f:63:7c:16:21:57:ee
Certificate

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

09:4b:5f:50:17:8c:1e:bb:a2:1f:63:7c:16:21:57:ee
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

0b:84:d6:d7:ac:16:44:7e:77:11:6f:c8:11:f3:93:e2:62:25:7d:89:36:91:e9:7e:68:fc:29:e6:b6:ee:75:a0
Signer

74:aa:47:7e:60:7a:2d:57:d4:7f:92:2a:7a:27:05:1e:86:00:f0:78
Signer

.text
Size: 70KB - Virtual size: 70KB

.rdata
Size: 33KB - Virtual size: 33KB

.data
Size: 3KB - Virtual size: 4KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 152KB - Virtual size: 151KB

.reloc
Size: 1KB - Virtual size: 1KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

04:35:60:3f:7a:88:8a:e1:6c:05:b0:0f:15:3c:c6:fc
Certificate

05:44:af:f3:94:9d:08:39:a6:bf:db:3f:5f:e5:61:16
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

00:4b:6e:b9:2e:17:08:d5:a1:18:0c:22:ff:2c:93:93:ac:60:e9:39:63:b3:00:02:b8:0b:9e:1e:31:b5:99:e7
Signer