EMP
Overview
overview
3Static
static
3EMP.dll
windows11-21h2-x64
1Launcher.exe
windows11-21h2-x64
1RDR2.exe
windows11-21h2-x64
1Red Dead R...R2.exe
windows11-21h2-x64
1Red Dead R...64.dll
windows11-21h2-x64
1Red Dead R...64.dll
windows11-21h2-x64
1Red Dead R...v7.dll
windows11-21h2-x64
1Red Dead R...ss.dll
windows11-21h2-x64
1Red Dead R...64.dll
windows11-21h2-x64
1bink2w64.dll
windows11-21h2-x64
1launc.dll
windows11-21h2-x64
1orig_socialclub.dll
windows11-21h2-x64
1socialclub.dll
windows11-21h2-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
EMP.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral2
Sample
Launcher.exe
Resource
win11-20240221-en
windows11-21h2-x64
1 signatures
600 seconds
Behavioral task
behavioral3
Sample
RDR2.exe
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral4
Sample
Red Dead Redemption 2/RDR2.exe
Resource
win11-20240221-en
windows11-21h2-x64
4 signatures
600 seconds
Behavioral task
behavioral5
Sample
Red Dead Redemption 2/amd_ags_x64.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral6
Sample
Red Dead Redemption 2/bink2w64.dll
Resource
win11-20240214-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral7
Sample
Red Dead Redemption 2/dxilconv7.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral8
Sample
Red Dead Redemption 2/nvngx_dlss.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral9
Sample
Red Dead Redemption 2/oo2core_5_win64.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral10
Sample
bink2w64.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral11
Sample
launc.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral12
Sample
orig_socialclub.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
Behavioral task
behavioral13
Sample
socialclub.dll
Resource
win11-20240221-en
windows11-21h2-x64
0 signatures
600 seconds
General
-
Target
test.zip
-
Size
135.9MB
-
MD5
c87448de5d38128fe6a7f8743d66ff73
-
SHA1
3d324747fd7f810b032479fd89bb01bf5fb4313d
-
SHA256
2c0373685d470e98dd1e557562e6fccb64d37e6fd15378e334f2ca73930fd9b6
-
SHA512
16b2e7deb668d593d96c9527dacbd628407eb1bda01e9b975bd333feb4a80835d16e88ee85ffe9fdb52e943a1e6217d0956e229000bce756232f96d4f9b44604
-
SSDEEP
3145728:+6D1o9czemPy2Bc3JuBflNzdO2CvR0hLXQtnfKiNSgX4:+6+0c3JuBXk2CvqLX2i8SgI
Score
3/10
Malware Config
Signatures
-
Unsigned PE 8 IoCs
Checks for missing Authenticode signature.
resource unpack001/EMP.dll unpack001/Launcher.exe unpack001/Red Dead Redemption 2/amd_ags_x64.dll unpack001/Red Dead Redemption 2/bink2w64.dll unpack001/Red Dead Redemption 2/oo2core_5_win64.dll unpack001/bink2w64.dll unpack001/launc.dll unpack001/socialclub.dll
Files
-
test.zip.zip
-
EMP.dll.dll windows:6 windows x64 arch:x64
fc7124d57387852c0a6a634e9130bf57
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsProcessorFeaturePresent
LoadLibraryA
UnhandledExceptionFilter
GetProcAddress
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
Exports
Exports
Sections
.text Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.emp0 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data2 Size: 92KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.EMP Size: 204KB - Virtual size: 204KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data3 Size: 612KB - Virtual size: 612KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.emp1 Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.emp0 Size: 1012KB - Virtual size: 1012KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.emp0 Size: 1015KB - Virtual size: 1015KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.emp0 Size: 1016KB - Virtual size: 1016KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 648B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 233B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
Launcher.exe.exe windows:6 windows x64 arch:x64
e87d728eb2608eb6567741c80b0539c3
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
kernel32
ReadFile
WriteFile
CloseHandle
WaitForSingleObject
CreateProcessA
CreateNamedPipeA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
WriteConsoleW
RtlPcToFileHeader
RaiseException
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
GetStdHandle
GetModuleFileNameW
ExitProcess
GetModuleHandleExW
HeapAlloc
HeapFree
LCMapStringW
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
GetStringTypeW
GetProcessHeap
FlushFileBuffers
GetConsoleCP
GetConsoleMode
GetFileSizeEx
SetFilePointerEx
HeapSize
HeapReAlloc
CreateFileW
Sections
.text Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 148B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 17KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
RDR2.exe.exe windows:6 windows x64 arch:x64
c3ab37042c9add426f1d508266b201e7
Code Sign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2013, 12:00Not After22/10/2028, 12:00SubjectCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:65:f4:57:25:17:cb:cc:aa:8b:37:76:58:0a:8d:3dCertificate
IssuerCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/02/2020, 00:00Not After17/02/2023, 12:00SubjectCN=Rockstar Games\, Inc.,OU=Rockstar Games,O=Rockstar Games\, Inc.,L=New York,ST=New York,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
a1:c3:0e:71:dd:46:59:c7:52:a4:62:8c:da:05:e6:b4:e7:e6:2d:ecSigner
Actual PE Digesta1:c3:0e:71:dd:46:59:c7:52:a4:62:8c:da:05:e6:b4:e7:e6:2d:ecDigest Algorithmsha1PE Digest MatchesfalseHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
X:\rdr3\dlc\titleupdate\build\dev_live\game_win64_master.pdb
Imports
kernel32
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
GetNumaHighestNodeNumber
GetVersionExW
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
ReadConsoleW
FlushFileBuffers
HeapReAlloc
GetCurrentDirectoryW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
DeleteTimerQueueTimer
IsValidLocale
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
GetACP
FreeLibraryAndExitThread
GetModuleHandleExW
HeapSize
GetFullPathNameA
GetDriveTypeW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
SetConsoleTitleA
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
GetConsoleWindow
GetModuleHandleA
WriteConsoleA
AllocConsole
GetFullPathNameW
CompareFileTime
lstrcmpA
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
GetUserDefaultLCID
GetFileSize
GetPhysicallyInstalledSystemMemory
TerminateProcess
GetSystemDirectoryW
OutputDebugStringW
FindFirstFileExW
DuplicateHandle
LoadLibraryW
WaitNamedPipeW
TransactNamedPipe
CreateNamedPipeW
SetNamedPipeHandleState
LockFileEx
UnlockFileEx
GetFileType
SleepEx
CreateProcessW
GetVersion
GetStdHandle
InitializeSListHead
IsProcessorFeaturePresent
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetStringTypeW
LCMapStringW
CompareStringW
GetTickCount
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
SetLastError
GetCPInfo
RaiseException
DecodePointer
EncodePointer
RtlPcToFileHeader
FormatMessageW
GetLocaleInfoW
InitializeCriticalSection
GetThreadContext
GetSystemTimeAsFileTime
GetOverlappedResult
CreateFileA
VerifyVersionInfoW
CreateEventExA
VerSetConditionMask
GetSystemDefaultUILanguage
GlobalAddAtomA
LocalFree
QueryPerformanceCounter
GetCommandLineW
CloseHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
OpenProcess
GetModuleFileNameW
CreateToolhelp32Snapshot
Process32First
Process32Next
K32EnumProcessModules
K32GetModuleFileNameExA
GetProcessHandleCount
DeleteFileW
QueryPerformanceFrequency
ExitProcess
FindClose
FindFirstFileExA
FindNextFileA
GetDiskFreeSpaceExA
GlobalMemoryStatusEx
GetVersionExA
GetNativeSystemInfo
FreeLibrary
GetModuleFileNameA
LoadLibraryA
WideCharToMultiByte
LCIDToLocaleName
GetUserDefaultUILanguage
VirtualAlloc
VirtualProtect
GetProcAddress
VirtualQueryEx
ReadProcessMemory
GetWriteWatch
ResetWriteWatch
GetModuleHandleExA
GetDiskFreeSpaceExW
MultiByteToWideChar
CreateFileW
ReadFile
SetFilePointer
CreateEventA
Sleep
lstrcmpW
GetCommandLineA
CreateDirectoryW
FindFirstFileW
FindNextFileW
OutputDebugStringA
SetUnhandledExceptionFilter
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ReleaseSemaphore
ReleaseMutex
CreateMutexA
CreateThread
GetCurrentThread
GetCurrentThreadId
OpenThread
SetThreadPriority
GetThreadPriority
ResumeThread
SetPriorityClass
GetSystemInfo
GetLocalTime
VirtualFree
GetModuleHandleW
LoadLibraryExW
GetProcessAffinityMask
SetThreadAffinityMask
CreateSemaphoreA
GetSystemDefaultLocaleName
WerRegisterFile
WerSetFlags
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointerEx
SetFileTime
WriteFile
GetTempPathW
ResetEvent
MapViewOfFile
UnmapViewOfFile
FormatMessageA
CreateFileMappingA
MoveFileExW
MoveFileWithProgressW
FileTimeToSystemTime
LocalAlloc
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
K32EnumProcesses
K32GetProcessImageFileNameA
VirtualQuery
user32
SetWindowsHookExA
CallNextHookEx
CreateIconIndirect
ShowWindow
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetWindowThreadProcessId
UnhookWindowsHookEx
EnumDisplayDevicesA
EnumDisplaySettingsW
EnumDisplaySettingsA
ChangeDisplaySettingsExA
GetDesktopWindow
GetWindowLongA
AdjustWindowRectEx
AdjustWindowRect
SetActiveWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
PostMessageA
RegisterRawInputDevices
GetRawInputData
LoadCursorA
EnumDisplayDevicesW
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
ShowCursor
SetPropA
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyExW
MapVirtualKeyW
MapVirtualKeyA
RegisterTouchWindow
CloseTouchInputHandle
GetTouchInputInfo
keybd_event
VkKeyScanExW
GetKeyState
CharNextA
GetDoubleClickTime
PostMessageW
SendMessageW
GetMessageExtraInfo
GetKeyboardLayout
GetKeyboardLayoutList
UnloadKeyboardLayout
ActivateKeyboardLayout
LoadKeyboardLayoutW
GetCursorInfo
MonitorFromPoint
ClipCursor
MonitorFromWindow
MessageBoxW
SystemParametersInfoA
MessageBoxA
LoadStringW
TranslateMessage
DispatchMessageA
PeekMessageA
WaitMessage
DestroyWindow
SetWindowPos
SetFocus
GetSystemMetrics
UpdateWindow
SetForegroundWindow
SetWindowTextA
GetClientRect
GetWindowRect
SetRect
GetWindowLongPtrA
SetWindowLongPtrA
GetParent
LoadIconA
DestroyIcon
iphlpapi
GetBestRoute
GetIpForwardTable2
FreeMibTable
GetIpAddrTable
dsound
ord1
ord9
ord3
ord6
ord8
winmm
timeGetTime
timeBeginPeriod
timeEndPeriod
emp
EMP
mfplat
MFCreateMediaType
MFShutdown
MFCreateAttributes
MFStartup
MFCreateSourceResolver
MFGetSystemTime
mfreadwrite
MFCreateSourceReaderFromMediaSource
propsys
PropVariantGetStringElem
PropVariantToInt64
ws2_32
WSAGetLastError
getsockopt
recvfrom
sendto
shutdown
send
freeaddrinfo
htonl
WSAStartup
getnameinfo
ntohl
select
setsockopt
gethostname
gethostbyname
socket
WSACleanup
recv
ntohs
listen
inet_addr
htons
WSAAddressToStringA
getsockname
ioctlsocket
connect
closesocket
bind
accept
getaddrinfo
__WSAFDIsSet
comctl32
ord345
crypt32
CryptMsgGetParam
CryptQueryObject
CertFindCertificateInStore
CertGetNameStringA
wintrust
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
imm32
ImmGetCandidateListW
ImmSetCompositionStringW
ImmGetCompositionStringW
ImmReleaseContext
ImmGetConversionStatus
ImmGetContext
ImmSetConversionStatus
dinput8
DirectInput8Create
xinput9_1_0
XInputSetState
XInputGetState
oo2core_5_win64
OodleLZ_GetDecodeBufferSize
OodleNetwork1UDP_StateCompacted_MaxSize
OodleNetwork1UDP_Decode
OodleNetwork1UDP_Encode
OodleNetwork1UDP_State_Size
OodleNetwork1_Shared_SetWindow
OodleNetwork1_CompressedBufferSizeNeeded
OodleNetwork1_Shared_Size
OodleNetwork1UDP_State_Uncompact
OodleLZ_Decompress
OodleLZ_GetCompressedBufferSizeNeeded
OodleLZDecoder_DecodeSome
OodleLZDecoder_Destroy
OodleLZDecoder_MemorySizeNeeded
OodleLZDecoder_Create
amd_ags_x64
agsInit
d3d9
Direct3DCreate9Ex
bcrypt
BCryptGenRandom
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptSetProperty
BCryptCloseAlgorithmProvider
BCryptGenerateSymmetricKey
BCryptFinishHash
BCryptHashData
BCryptGenerateKeyPair
BCryptEncrypt
BCryptDecrypt
BCryptExportKey
BCryptImportKeyPair
BCryptFinalizeKeyPair
BCryptDestroyKey
BCryptDestroySecret
BCryptSecretAgreement
BCryptDeriveKey
BCryptCreateHash
rpcrt4
UuidCreateSequential
version
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
bink2w64
BinkStartAsyncThread
BinkSetSoundSystem
BinkSetWillLoop
BinkWait
BinkOpenDirectSound
BinkSetMemory
BinkWaitStopAsyncThreadsMulti
BinkRequestStopAsyncThreadsMulti
BinkDoFrameAsyncWait
BinkDoFrameAsyncMulti
BinkOpenWithOptions
BinkGetFrameBuffersInfo
BinkRegisterFrameBuffers
BinkSetOSFileCallbacks
BinkShouldSkip
BinkSetVolume
BinkGetPlatformInfo
BinkFreeGlobals
BinkGetKeyFrame
BinkGoto
BinkPause
BinkClose
BinkNextFrame
gdi32
CreateBitmap
GetStockObject
DeleteObject
advapi32
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
SystemFunction036
CryptAcquireContextA
RegGetValueW
shell32
ShellExecuteW
SHGetFolderPathW
ShellExecuteA
SHGetKnownFolderPath
SHGetSpecialFolderPathA
ShellExecuteExW
ole32
PropVariantClear
CoInitialize
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoCreateInstance
oleaut32
SysFreeString
VariantClear
SysStringLen
SysAllocString
Exports
Exports
NVSDK_NGX_D3D12_AllocateParameters
NVSDK_NGX_D3D12_CreateFeature
NVSDK_NGX_D3D12_DestroyParameters
NVSDK_NGX_D3D12_EvaluateFeature
NVSDK_NGX_D3D12_EvaluateFeature_C
NVSDK_NGX_D3D12_GetCapabilityParameters
NVSDK_NGX_D3D12_GetParameters
NVSDK_NGX_D3D12_GetScratchBufferSize
NVSDK_NGX_D3D12_ReleaseFeature
NVSDK_NGX_D3D12_Shutdown
NVSDK_NGX_Parameter_GetD
NVSDK_NGX_Parameter_GetD3d11Resource
NVSDK_NGX_Parameter_GetD3d12Resource
NVSDK_NGX_Parameter_GetF
NVSDK_NGX_Parameter_GetI
NVSDK_NGX_Parameter_GetUI
NVSDK_NGX_Parameter_GetULL
NVSDK_NGX_Parameter_GetVoidPointer
NVSDK_NGX_Parameter_SetD
NVSDK_NGX_Parameter_SetD3d11Resource
NVSDK_NGX_Parameter_SetD3d12Resource
NVSDK_NGX_Parameter_SetF
NVSDK_NGX_Parameter_SetI
NVSDK_NGX_Parameter_SetUI
NVSDK_NGX_Parameter_SetULL
NVSDK_NGX_Parameter_SetVoidPointer
NVSDK_NGX_VULKAN_AllocateParameters
NVSDK_NGX_VULKAN_CreateFeature
NVSDK_NGX_VULKAN_DestroyParameters
NVSDK_NGX_VULKAN_EvaluateFeature
NVSDK_NGX_VULKAN_EvaluateFeature_C
NVSDK_NGX_VULKAN_GetCapabilityParameters
NVSDK_NGX_VULKAN_GetParameters
NVSDK_NGX_VULKAN_GetScratchBufferSize
NVSDK_NGX_VULKAN_Init
NVSDK_NGX_VULKAN_ReleaseFeature
NVSDK_NGX_VULKAN_RequiredExtensions
NVSDK_NGX_VULKAN_Shutdown
Sections
.text Size: 51.2MB - Virtual size: 51.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 6.2MB - Virtual size: 6.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 5.4MB - Virtual size: 35.5MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
CPADinfo Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 390KB - Virtual size: 390KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 877KB - Virtual size: 877KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 19.4MB - Virtual size: 19.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
Red Dead Redemption 2/RDR2.exe.exe windows:6 windows x64 arch:x64
5e2006de648f40302a37952a5fd0b3ce
Code Sign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2013, 12:00Not After22/10/2028, 12:00SubjectCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:65:f4:57:25:17:cb:cc:aa:8b:37:76:58:0a:8d:3dCertificate
IssuerCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/02/2020, 00:00Not After17/02/2023, 12:00SubjectCN=Rockstar Games\, Inc.,OU=Rockstar Games,O=Rockstar Games\, Inc.,L=New York,ST=New York,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
37:9a:63:88:c7:c6:8b:35:11:53:93:18:04:8b:3d:34:fa:f5:22:d1Signer
Actual PE Digest37:9a:63:88:c7:c6:8b:35:11:53:93:18:04:8b:3d:34:fa:f5:22:d1Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
X:\rdr3\dlc\titleupdate\build\dev_live\game_win64_master.pdb
Imports
kernel32
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
GetNumaHighestNodeNumber
GetVersionExW
WriteConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
SetStdHandle
SetEnvironmentVariableW
SetEnvironmentVariableA
ReadConsoleW
FlushFileBuffers
HeapReAlloc
GetCurrentDirectoryW
GetConsoleMode
GetConsoleCP
GetTimeZoneInformation
EnumSystemLocalesW
DeleteTimerQueueTimer
IsValidLocale
GetTimeFormatW
GetDateFormatW
SetConsoleCtrlHandler
GetACP
FreeLibraryAndExitThread
GetModuleHandleExW
HeapSize
GetFullPathNameA
GetDriveTypeW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
SetConsoleTitleA
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
GetConsoleWindow
GetModuleHandleA
WriteConsoleA
AllocConsole
GetFullPathNameW
CompareFileTime
lstrcmpA
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
SignalObjectAndWait
GetUserDefaultLCID
GetFileSize
GetPhysicallyInstalledSystemMemory
TerminateProcess
GetSystemDirectoryW
OutputDebugStringW
FindFirstFileExW
DuplicateHandle
LoadLibraryW
WaitNamedPipeW
TransactNamedPipe
CreateNamedPipeW
SetNamedPipeHandleState
LockFileEx
UnlockFileEx
GetFileType
SleepEx
CreateProcessW
GetVersion
GetStdHandle
InitializeSListHead
IsProcessorFeaturePresent
GetStartupInfoW
UnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WaitForSingleObjectEx
GetStringTypeW
LCMapStringW
CompareStringW
GetTickCount
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
SwitchToThread
CreateEventW
SetLastError
GetCPInfo
RaiseException
DecodePointer
EncodePointer
RtlPcToFileHeader
FormatMessageW
GetLocaleInfoW
InitializeCriticalSection
GetThreadContext
GetSystemTimeAsFileTime
GetOverlappedResult
CreateFileA
VerifyVersionInfoW
CreateEventExA
VerSetConditionMask
GetSystemDefaultUILanguage
GlobalAddAtomA
LocalFree
QueryPerformanceCounter
GetCommandLineW
CloseHandle
WaitForSingleObject
GetCurrentProcess
GetCurrentProcessId
OpenProcess
GetModuleFileNameW
CreateToolhelp32Snapshot
Process32First
Process32Next
K32EnumProcessModules
K32GetModuleFileNameExA
GetProcessHandleCount
DeleteFileW
QueryPerformanceFrequency
ExitProcess
FindClose
FindFirstFileExA
FindNextFileA
GetDiskFreeSpaceExA
GlobalMemoryStatusEx
GetVersionExA
GetNativeSystemInfo
FreeLibrary
GetModuleFileNameA
LoadLibraryA
WideCharToMultiByte
LCIDToLocaleName
GetUserDefaultUILanguage
VirtualAlloc
VirtualProtect
GetProcAddress
VirtualQueryEx
ReadProcessMemory
GetWriteWatch
ResetWriteWatch
GetModuleHandleExA
GetDiskFreeSpaceExW
MultiByteToWideChar
CreateFileW
ReadFile
SetFilePointer
CreateEventA
Sleep
lstrcmpW
GetCommandLineA
CreateDirectoryW
FindFirstFileW
FindNextFileW
OutputDebugStringA
SetUnhandledExceptionFilter
GetLastError
HeapAlloc
HeapFree
GetProcessHeap
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
SetEvent
ReleaseSemaphore
ReleaseMutex
CreateMutexA
CreateThread
GetCurrentThread
GetCurrentThreadId
OpenThread
SetThreadPriority
GetThreadPriority
ResumeThread
SetPriorityClass
GetSystemInfo
GetLocalTime
VirtualFree
GetModuleHandleW
LoadLibraryExW
GetProcessAffinityMask
SetThreadAffinityMask
CreateSemaphoreA
GetSystemDefaultLocaleName
WerRegisterFile
WerSetFlags
FileTimeToLocalFileTime
GetFileAttributesW
GetFileAttributesExW
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointerEx
SetFileTime
WriteFile
GetTempPathW
ResetEvent
MapViewOfFile
UnmapViewOfFile
FormatMessageA
CreateFileMappingA
MoveFileExW
MoveFileWithProgressW
FileTimeToSystemTime
LocalAlloc
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
K32EnumProcesses
K32GetProcessImageFileNameA
VirtualQuery
user32
SetWindowsHookExA
CallNextHookEx
CreateIconIndirect
ShowWindow
DisplayConfigGetDeviceInfo
QueryDisplayConfig
GetWindowThreadProcessId
UnhookWindowsHookEx
EnumDisplayDevicesA
EnumDisplaySettingsW
EnumDisplaySettingsA
ChangeDisplaySettingsExA
GetDesktopWindow
GetWindowLongA
AdjustWindowRectEx
AdjustWindowRect
SetActiveWindow
CreateWindowExW
RegisterClassW
DefWindowProcW
PostMessageA
RegisterRawInputDevices
GetRawInputData
LoadCursorA
EnumDisplayDevicesW
ScreenToClient
ClientToScreen
GetCursorPos
SetCursor
SetCursorPos
ShowCursor
SetPropA
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
MapVirtualKeyExW
MapVirtualKeyW
MapVirtualKeyA
RegisterTouchWindow
CloseTouchInputHandle
GetTouchInputInfo
keybd_event
VkKeyScanExW
GetKeyState
CharNextA
GetDoubleClickTime
PostMessageW
SendMessageW
GetMessageExtraInfo
GetKeyboardLayout
GetKeyboardLayoutList
UnloadKeyboardLayout
ActivateKeyboardLayout
LoadKeyboardLayoutW
GetCursorInfo
MonitorFromPoint
ClipCursor
MonitorFromWindow
MessageBoxW
SystemParametersInfoA
MessageBoxA
LoadStringW
TranslateMessage
DispatchMessageA
PeekMessageA
WaitMessage
DestroyWindow
SetWindowPos
SetFocus
GetSystemMetrics
UpdateWindow
SetForegroundWindow
SetWindowTextA
GetClientRect
GetWindowRect
SetRect
GetWindowLongPtrA
SetWindowLongPtrA
GetParent
LoadIconA
DestroyIcon
iphlpapi
GetBestRoute
GetIpForwardTable2
FreeMibTable
GetIpAddrTable
dsound
ord1
ord9
ord3
ord6
ord8
winmm
timeGetTime
timeBeginPeriod
timeEndPeriod
mf
MFGetService
mfplat
MFCreateMediaType
MFShutdown
MFCreateAttributes
MFStartup
MFCreateSourceResolver
MFGetSystemTime
mfreadwrite
MFCreateSourceReaderFromMediaSource
propsys
PropVariantGetStringElem
PropVariantToInt64
ws2_32
WSAGetLastError
getsockopt
recvfrom
sendto
shutdown
send
freeaddrinfo
htonl
WSAStartup
getnameinfo
ntohl
select
setsockopt
gethostname
gethostbyname
socket
WSACleanup
recv
ntohs
listen
inet_addr
htons
WSAAddressToStringA
getsockname
ioctlsocket
connect
closesocket
bind
accept
getaddrinfo
__WSAFDIsSet
comctl32
ord345
crypt32
CryptMsgGetParam
CryptQueryObject
CertFindCertificateInStore
CertGetNameStringA
wintrust
WTHelperProvDataFromStateData
WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
imm32
ImmGetCandidateListW
ImmSetCompositionStringW
ImmGetCompositionStringW
ImmReleaseContext
ImmGetConversionStatus
ImmGetContext
ImmSetConversionStatus
dinput8
DirectInput8Create
xinput9_1_0
XInputSetState
XInputGetState
oo2core_5_win64
OodleLZ_GetDecodeBufferSize
OodleNetwork1UDP_StateCompacted_MaxSize
OodleNetwork1UDP_Decode
OodleNetwork1UDP_Encode
OodleNetwork1UDP_State_Size
OodleNetwork1_Shared_SetWindow
OodleNetwork1_CompressedBufferSizeNeeded
OodleNetwork1_Shared_Size
OodleNetwork1UDP_State_Uncompact
OodleLZ_Decompress
OodleLZ_GetCompressedBufferSizeNeeded
OodleLZDecoder_DecodeSome
OodleLZDecoder_Destroy
OodleLZDecoder_MemorySizeNeeded
OodleLZDecoder_Create
amd_ags_x64
agsInit
d3d9
Direct3DCreate9Ex
bcrypt
BCryptGenRandom
BCryptDestroyHash
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptSetProperty
BCryptCloseAlgorithmProvider
BCryptGenerateSymmetricKey
BCryptFinishHash
BCryptHashData
BCryptGenerateKeyPair
BCryptEncrypt
BCryptDecrypt
BCryptExportKey
BCryptImportKeyPair
BCryptFinalizeKeyPair
BCryptDestroyKey
BCryptDestroySecret
BCryptSecretAgreement
BCryptDeriveKey
BCryptCreateHash
rpcrt4
UuidCreateSequential
version
VerQueryValueA
GetFileVersionInfoSizeW
GetFileVersionInfoW
bink2w64
BinkStartAsyncThread
BinkSetSoundSystem
BinkSetWillLoop
BinkWait
BinkOpenDirectSound
BinkSetMemory
BinkWaitStopAsyncThreadsMulti
BinkRequestStopAsyncThreadsMulti
BinkDoFrameAsyncWait
BinkDoFrameAsyncMulti
BinkOpenWithOptions
BinkGetFrameBuffersInfo
BinkRegisterFrameBuffers
BinkSetOSFileCallbacks
BinkShouldSkip
BinkSetVolume
BinkGetPlatformInfo
BinkFreeGlobals
BinkGetKeyFrame
BinkGoto
BinkPause
BinkClose
BinkNextFrame
gdi32
CreateBitmap
GetStockObject
DeleteObject
advapi32
RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegQueryValueExW
RegOpenKeyExW
SystemFunction036
CryptAcquireContextA
RegGetValueW
shell32
ShellExecuteW
SHGetFolderPathW
ShellExecuteA
SHGetKnownFolderPath
SHGetSpecialFolderPathA
ShellExecuteExW
ole32
PropVariantClear
CoInitialize
CoSetProxyBlanket
CoInitializeEx
CoUninitialize
CoTaskMemFree
CoCreateInstance
oleaut32
SysFreeString
VariantClear
SysStringLen
SysAllocString
Exports
Exports
NVSDK_NGX_D3D12_AllocateParameters
NVSDK_NGX_D3D12_CreateFeature
NVSDK_NGX_D3D12_DestroyParameters
NVSDK_NGX_D3D12_EvaluateFeature
NVSDK_NGX_D3D12_EvaluateFeature_C
NVSDK_NGX_D3D12_GetCapabilityParameters
NVSDK_NGX_D3D12_GetParameters
NVSDK_NGX_D3D12_GetScratchBufferSize
NVSDK_NGX_D3D12_ReleaseFeature
NVSDK_NGX_D3D12_Shutdown
NVSDK_NGX_Parameter_GetD
NVSDK_NGX_Parameter_GetD3d11Resource
NVSDK_NGX_Parameter_GetD3d12Resource
NVSDK_NGX_Parameter_GetF
NVSDK_NGX_Parameter_GetI
NVSDK_NGX_Parameter_GetUI
NVSDK_NGX_Parameter_GetULL
NVSDK_NGX_Parameter_GetVoidPointer
NVSDK_NGX_Parameter_SetD
NVSDK_NGX_Parameter_SetD3d11Resource
NVSDK_NGX_Parameter_SetD3d12Resource
NVSDK_NGX_Parameter_SetF
NVSDK_NGX_Parameter_SetI
NVSDK_NGX_Parameter_SetUI
NVSDK_NGX_Parameter_SetULL
NVSDK_NGX_Parameter_SetVoidPointer
NVSDK_NGX_VULKAN_AllocateParameters
NVSDK_NGX_VULKAN_CreateFeature
NVSDK_NGX_VULKAN_DestroyParameters
NVSDK_NGX_VULKAN_EvaluateFeature
NVSDK_NGX_VULKAN_EvaluateFeature_C
NVSDK_NGX_VULKAN_GetCapabilityParameters
NVSDK_NGX_VULKAN_GetParameters
NVSDK_NGX_VULKAN_GetScratchBufferSize
NVSDK_NGX_VULKAN_Init
NVSDK_NGX_VULKAN_ReleaseFeature
NVSDK_NGX_VULKAN_RequiredExtensions
NVSDK_NGX_VULKAN_Shutdown
Sections
.text Size: 51.2MB - Virtual size: 51.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 6.2MB - Virtual size: 6.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5.4MB - Virtual size: 35.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
CPADinfo Size: 512B - Virtual size: 512B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 390KB - Virtual size: 390KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 877KB - Virtual size: 877KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 19.4MB - Virtual size: 19.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
Red Dead Redemption 2/amd_ags_x64.dll.dll windows:6 windows x64 arch:x64
d053afd36908958b18ac62b67d0d9f2f
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
kernel32
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetProcAddress
LoadLibraryW
SetEnvironmentVariableW
WriteConsoleW
CreateFileW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
GetLastError
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapAlloc
HeapFree
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
SetFilePointerEx
CloseHandle
user32
EnumDisplayDevicesA
Exports
Exports
agsCheckDriverVersion
agsDeInit
agsDriverExtensionsDX11_BeginUAVOverlap
agsDriverExtensionsDX11_CreateBuffer
agsDriverExtensionsDX11_CreateDevice
agsDriverExtensionsDX11_CreateFromDevice
agsDriverExtensionsDX11_CreateTexture1D
agsDriverExtensionsDX11_CreateTexture2D
agsDriverExtensionsDX11_CreateTexture3D
agsDriverExtensionsDX11_Destroy
agsDriverExtensionsDX11_DestroyDevice
agsDriverExtensionsDX11_EndUAVOverlap
agsDriverExtensionsDX11_GetMaxClipRects
agsDriverExtensionsDX11_IASetPrimitiveTopology
agsDriverExtensionsDX11_MultiDrawIndexedInstancedIndirect
agsDriverExtensionsDX11_MultiDrawIndexedInstancedIndirectCountIndirect
agsDriverExtensionsDX11_MultiDrawInstancedIndirect
agsDriverExtensionsDX11_MultiDrawInstancedIndirectCountIndirect
agsDriverExtensionsDX11_NotifyResourceBeginAllAccess
agsDriverExtensionsDX11_NotifyResourceEndAllAccess
agsDriverExtensionsDX11_NotifyResourceEndWrites
agsDriverExtensionsDX11_NumPendingAsyncCompileJobs
agsDriverExtensionsDX11_SetClipRects
agsDriverExtensionsDX11_SetDepthBounds
agsDriverExtensionsDX11_SetDiskShaderCacheEnabled
agsDriverExtensionsDX11_SetMaxAsyncCompileThreadCount
agsDriverExtensionsDX11_SetViewBroadcastMasks
agsDriverExtensionsDX11_WriteBreadcrumb
agsDriverExtensionsDX12_CreateCommandList
agsDriverExtensionsDX12_CreateDevice
agsDriverExtensionsDX12_CreateFromDevice
agsDriverExtensionsDX12_CreateGraphicsPipelineState
agsDriverExtensionsDX12_Destroy
agsDriverExtensionsDX12_DestroyCommandList
agsDriverExtensionsDX12_DestroyDevice
agsDriverExtensionsDX12_PopMarker
agsDriverExtensionsDX12_PushMarker
agsDriverExtensionsDX12_SetDepthBounds
agsDriverExtensionsDX12_SetMarker
agsInit
agsSetDisplayMode
Sections
.text Size: 101KB - Virtual size: 100KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 46KB - Virtual size: 46KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Red Dead Redemption 2/bink2w64.dll.dll windows:5 windows x64 arch:x64
412987031e83dbf89a8c4b92c5c45092
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\devel\projects\bink\build\bink2w64.pdb
Imports
user32
GetWindowLongPtrA
GetTopWindow
GetWindowLongA
GetDesktopWindow
GetActiveWindow
GetWindowThreadProcessId
GetWindow
MessageBoxA
kernel32
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
GetSystemTimeAsFileTime
RtlUnwindEx
GetWindowsDirectoryA
GetSystemDirectoryA
GetModuleFileNameA
SetErrorMode
Sleep
GetProcAddress
LoadLibraryA
GetSystemInfo
GetModuleHandleA
GetCurrentProcessId
OutputDebugStringA
QueryPerformanceCounter
GetTickCount
GetEnvironmentVariableA
QueryPerformanceFrequency
CreateFileA
SetFilePointer
ReadFile
CloseHandle
RemoveVectoredExceptionHandler
WaitForSingleObject
GetCurrentThread
InitializeCriticalSection
LeaveCriticalSection
CreateSemaphoreA
SetThreadPriority
ReleaseSemaphore
RaiseException
GetLastError
EnterCriticalSection
AddVectoredExceptionHandler
GetThreadPriority
CreateMutexA
DeleteCriticalSection
GetCurrentThreadId
ReleaseMutex
ResumeThread
CreateThread
HeapAlloc
HeapFree
HeapCreate
HeapSize
InitializeCriticalSectionAndSpinCount
WriteFile
HeapReAlloc
HeapDestroy
GetLocaleInfoA
FlsSetValue
GetCommandLineA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
SetLastError
FlsAlloc
GetModuleHandleW
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapSetInformation
ole32
CoCreateInstance
CoInitializeEx
winmm
timeBeginPeriod
timeEndPeriod
timeGetTime
waveOutWrite
waveOutPause
waveOutRestart
waveOutReset
waveOutSetVolume
waveOutUnprepareHeader
waveOutOpen
waveOutPrepareHeader
waveOutClose
Exports
Exports
BinkAllocateFrameBuffers
BinkClose
BinkCloseTrack
BinkControlBackgroundIO
BinkCopyToBuffer
BinkCopyToBufferRect
BinkDoFrame
BinkDoFrameAsync
BinkDoFrameAsyncMulti
BinkDoFrameAsyncWait
BinkDoFramePlane
BinkFreeGlobals
BinkGetError
BinkGetFrameBuffersInfo
BinkGetGPUDataBuffersInfo
BinkGetKeyFrame
BinkGetPlatformInfo
BinkGetRealtime
BinkGetRects
BinkGetSummary
BinkGetTrackData
BinkGetTrackID
BinkGetTrackMaxSize
BinkGetTrackType
BinkGoto
BinkLogoAddress
BinkNextFrame
BinkOpen
BinkOpenDirectSound
BinkOpenMiles
BinkOpenTrack
BinkOpenWaveOut
BinkOpenWithOptions
BinkOpenXAudio2
BinkOpenXAudio27
BinkOpenXAudio28
BinkPause
BinkRegisterFrameBuffers
BinkRegisterGPUDataBuffers
BinkRequestStopAsyncThread
BinkRequestStopAsyncThreadsMulti
BinkService
BinkSetError
BinkSetFileOffset
BinkSetFrameRate
BinkSetIO
BinkSetIOSize
BinkSetMemory
BinkSetOSFileCallbacks
BinkSetPan
BinkSetSimulate
BinkSetSoundOnOff
BinkSetSoundSystem
BinkSetSoundSystem2
BinkSetSoundTrack
BinkSetSpeakerVolumes
BinkSetVideoOnOff
BinkSetVolume
BinkSetWillLoop
BinkShouldSkip
BinkStartAsyncThread
BinkUtilCPUs
BinkUtilFree
BinkUtilMalloc
BinkUtilMutexCreate
BinkUtilMutexDestroy
BinkUtilMutexLock
BinkUtilMutexLockTimeOut
BinkUtilMutexUnlock
BinkWait
BinkWaitStopAsyncThread
BinkWaitStopAsyncThreadsMulti
RADTimerRead
Sections
.text Size: 254KB - Virtual size: 254KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 42KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 43KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Red Dead Redemption 2/dxilconv7.dll.dll windows:10 windows x64 arch:x64
9e35b454840dc0e1b3af2140266a90b5
Code Sign
33:00:00:01:1f:97:63:0a:33:b9:83:d7:2b:00:00:00:00:01:1fCertificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before24/10/2018, 21:07Not After10/01/2020, 21:07SubjectCN=Microsoft Time-Stamp Service,OU=Microsoft America Operations+OU=Thales TSS ESN:49BC-E37A-233C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:e3:7d:a3:1f:82:84:dc:e4:a1:00:02:00:00:01:e3Certificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02/05/2019, 21:20Not After02/05/2020, 21:20SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:04:35:45:00:00:00:00:00:3fCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before20/09/2018, 17:42Not After09/05/2021, 23:28SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03/04/2007, 12:53Not After03/04/2021, 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:01:51:9e:8d:8f:40:71:a3:0e:41:00:00:00:00:01:51Certificate
IssuerCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before02/05/2019, 21:37Not After02/05/2020, 21:37SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0e:90:d2:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before08/07/2011, 20:59Not After08/07/2026, 21:09SubjectCN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
8b:c7:ca:2d:0f:cf:af:81:f9:9f:52:11:df:38:89:36:b4:1b:58:67:d6:5e:13:2c:41:08:d1:d1:fa:61:67:52Signer
Actual PE Digest8b:c7:ca:2d:0f:cf:af:81:f9:9f:52:11:df:38:89:36:b4:1b:58:67:d6:5e:13:2c:41:08:d1:d1:fa:61:67:52Digest Algorithmsha256PE Digest Matchestrueda:1d:26:54:a5:de:70:2d:2e:7e:d3:55:88:0c:cb:34:44:89:b5:55Signer
Actual PE Digestda:1d:26:54:a5:de:70:2d:2e:7e:d3:55:88:0c:cb:34:44:89:b5:55Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dxilconv7.pdb
Imports
ntdll
RtlPcToFileHeader
RtlUnwindEx
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
kernel32
CreateEventW
GetModuleHandleExW
DisableThreadLibraryCalls
QueryPerformanceFrequency
GetProcAddress
GetCurrentProcessId
FreeLibrary
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
WriteConsoleW
GetCurrentProcess
TerminateProcess
InterlockedFlushSList
GetLastError
SetLastError
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
EncodePointer
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
SetEvent
ResetEvent
GetModuleHandleW
RemoveDirectoryW
FlushFileBuffers
TlsSetValue
MultiByteToWideChar
TlsAlloc
GetCurrentDirectoryW
WideCharToMultiByte
TlsGetValue
TlsFree
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
GetStdHandle
GetConsoleMode
GetProcessTimes
InitializeCriticalSection
CloseHandle
CreateDirectoryW
ReadFile
FindFirstFileW
FindNextFileW
HeapSize
SetFileTime
GetModuleFileNameW
GetTempPathW
CreateHardLinkW
FindClose
CreateFileW
GetFileAttributesW
UnmapViewOfFile
GetFileInformationByHandle
DeleteFileW
MoveFileExW
GetFileType
CreateFileMappingW
MapViewOfFile
InitOnceExecuteOnce
FormatMessageW
ExitProcess
HeapFree
HeapAlloc
SetStdHandle
ReadConsoleW
WriteFile
GetConsoleCP
SetFilePointerEx
SetEndOfFile
FindFirstFileExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
LoadLibraryExW
LCMapStringW
GetProcessHeap
HeapReAlloc
GetStringTypeW
WaitForSingleObjectEx
advapi32
EventRegister
EventUnregister
EventWriteTransfer
ole32
CoTaskMemAlloc
CoTaskMemFree
CoGetMalloc
Exports
Exports
DxcCreateInstance
DxcCreateInstance2
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 227KB - Virtual size: 226KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 996B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Red Dead Redemption 2/index.bin
-
Red Dead Redemption 2/nvngx_dlss.dll.dll windows:6 windows x64 arch:x64
cf3043f31cc6983a66cebef6206d81e9
Code Sign
62:e7:45:e9:21:65:21:3c:97:1f:5c:49:0a:ea:12:a5Certificate
IssuerCN=Symantec Class 3 SHA256 Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USNot Before09/07/2018, 00:00Not After09/07/2021, 23:59SubjectCN=NVIDIA Corporation,OU=IT-MIS,O=NVIDIA Corporation,L=Santa Clara,ST=California,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
7c:1b:35:35:4a:e7:db:74:e7:41:5f:11:69:ca:6b:a8Certificate
IssuerCN=VeriSign Universal Root Certification Authority,OU=VeriSign Trust Network+OU=(c) 2008 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=USNot Before22/07/2014, 00:00Not After21/07/2024, 23:59SubjectCN=Symantec Class 3 SHA256 Code Signing CA - G2,OU=Symantec Trust Network,O=Symantec Corporation,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageCertSign
KeyUsageCRLSign
13:13:c7:27:fc:45:83:b7:e4:44:e8:35:33:b7:c8:8a:f4:46:59:9a:cb:50:ed:6b:6b:a8:f1:1b:75:f6:d3:b5Signer
Actual PE Digest13:13:c7:27:fc:45:83:b7:e4:44:e8:35:33:b7:c8:8a:f4:46:59:9a:cb:50:ed:6b:6b:a8:f1:1b:75:f6:d3:b5Digest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\dvs\p4\build\sw\devrel\libdev\NGX\snippets\rel_2_2\source\features\dlaa\_out\wddm_amd64_release\default\nvngx_dlss.pdb
Imports
advapi32
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
kernel32
SetEndOfFile
WriteConsoleW
MultiByteToWideChar
WideCharToMultiByte
SetLastError
GetModuleFileNameW
LocalAlloc
CreateFileW
GetFileAttributesW
GetSystemDirectoryW
GetModuleHandleExA
GetLastError
CloseHandle
LoadLibraryW
GetProcAddress
LocalFree
VerSetConditionMask
GetModuleHandleW
FreeLibrary
VerifyVersionInfoW
LoadLibraryExW
GetStdHandle
WriteConsoleA
OutputDebugStringA
GetCurrentProcessId
Sleep
EnterCriticalSection
DeleteCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
QueryPerformanceCounter
QueryPerformanceFrequency
EncodePointer
DecodePointer
GetCPInfo
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
CompareStringW
LCMapStringW
GetStringTypeW
SetEvent
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
SignalObjectAndWait
SwitchToThread
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
GetVersionExW
VirtualAlloc
VirtualFree
VirtualProtect
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
RtlPcToFileHeader
RaiseException
RtlUnwindEx
GetFileType
HeapAlloc
HeapFree
HeapReAlloc
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetACP
SetStdHandle
ReadFile
GetConsoleMode
ReadConsoleW
FlushFileBuffers
WriteFile
GetConsoleCP
GetDateFormatW
GetTimeFormatW
SetFilePointerEx
HeapSize
GetTimeZoneInformation
GetProcessHeap
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
Exports
Exports
NGX_SNIPPETS_GetRequiredDriverSupport
NVSDK_NGX_D3D11_CreateFeature
NVSDK_NGX_D3D11_EvaluateFeature
NVSDK_NGX_D3D11_GetScratchBufferSize
NVSDK_NGX_D3D11_Init
NVSDK_NGX_D3D11_Init_Ext
NVSDK_NGX_D3D11_PopulateParameters_Impl
NVSDK_NGX_D3D11_ReleaseFeature
NVSDK_NGX_D3D11_Shutdown
NVSDK_NGX_D3D11_Shutdown1
NVSDK_NGX_D3D12_CreateFeature
NVSDK_NGX_D3D12_EvaluateFeature
NVSDK_NGX_D3D12_GetScratchBufferSize
NVSDK_NGX_D3D12_Init
NVSDK_NGX_D3D12_Init_Ext
NVSDK_NGX_D3D12_PopulateParameters_Impl
NVSDK_NGX_D3D12_ReleaseFeature
NVSDK_NGX_D3D12_Shutdown
NVSDK_NGX_D3D12_Shutdown1
NVSDK_NGX_GetAPIVersion
NVSDK_NGX_GetApplicationId
NVSDK_NGX_GetDriverVersion
NVSDK_NGX_GetDriverVersionEx
NVSDK_NGX_GetGPUArchitecture
NVSDK_NGX_GetSnippetVersion
NVSDK_NGX_SetInfoCallback
NVSDK_NGX_SetTelemetryCallback
NVSDK_NGX_VULKAN_CreateFeature
NVSDK_NGX_VULKAN_CreateFeature1
NVSDK_NGX_VULKAN_EvaluateFeature
NVSDK_NGX_VULKAN_GetScratchBufferSize
NVSDK_NGX_VULKAN_Init
NVSDK_NGX_VULKAN_Init_Ext
NVSDK_NGX_VULKAN_PopulateParameters_Impl
NVSDK_NGX_VULKAN_ReleaseFeature
NVSDK_NGX_VULKAN_Shutdown
NVSDK_NGX_VULKAN_Shutdown1
Sections
.text Size: 543KB - Virtual size: 543KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 178KB - Virtual size: 178KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 13.0MB - Virtual size: 13.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 27KB - Virtual size: 27KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.tls Size: 512B - Virtual size: 9B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
Red Dead Redemption 2/oo2core_5_win64.dll.dll windows:6 windows x64 arch:x64
27ec2696a0cb1f37c0bceda9b4a4beae
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
v:\devel\projects\oodle2\cdepbuild\win64_release_dll\oo2core_5_win64.pdb
Imports
kernel32
OutputDebugStringA
HeapAlloc
HeapFree
GetProcessHeap
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineA
GetCurrentThreadId
EncodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
SetLastError
RtlPcToFileHeader
RaiseException
DecodePointer
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetProcAddress
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
GetStringTypeW
LCMapStringW
WriteFile
GetModuleFileNameW
LoadLibraryExW
HeapReAlloc
OutputDebugStringW
HeapSize
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
CloseHandle
CreateFileW
Exports
Exports
OodleHuffman_CountHistoArrayU8
OodleHuffman_DecodeArrayU8
OodleHuffman_EncodeArrayU8
OodleLZDecoder_Create
OodleLZDecoder_DecodeSome
OodleLZDecoder_Destroy
OodleLZDecoder_MakeValidCircularWindowSize
OodleLZDecoder_MemorySizeNeeded
OodleLZDecoder_Reset
OodleLZ_CheckSeekTableCRCs
OodleLZ_Compress
OodleLZ_CompressContext_Alloc
OodleLZ_CompressContext_Free
OodleLZ_CompressContext_Reset
OodleLZ_CompressOptions_GetDefault
OodleLZ_CompressOptions_Validate
OodleLZ_CompressWithContext
OodleLZ_CompressionLevel_GetName
OodleLZ_Compressor_GetName
OodleLZ_CreateSeekTable
OodleLZ_Decompress
OodleLZ_FillSeekTable
OodleLZ_FindSeekEntry
OodleLZ_FreeSeekTable
OodleLZ_GetChunkCompressor
OodleLZ_GetCompressedBufferSizeNeeded
OodleLZ_GetCompressedStepForRawStep
OodleLZ_GetDecodeBufferSize
OodleLZ_GetInPlaceDecodeBufferSize
OodleLZ_GetNumSeekChunks
OodleLZ_GetSeekEntryPackedPos
OodleLZ_GetSeekTableMemorySizeNeeded
OodleLZ_GetZipLikeCompressionSettings
OodleLZ_MakeSeekChunkLen
OodleLZ_ThreadPhased_BlockDecoderMemorySizeNeeded
OodleNetwork1TCP_Decode
OodleNetwork1TCP_Encode
OodleNetwork1TCP_State_InitAsCopy
OodleNetwork1TCP_State_Reset
OodleNetwork1TCP_State_Size
OodleNetwork1TCP_Train
OodleNetwork1UDP_Decode
OodleNetwork1UDP_Encode
OodleNetwork1UDP_StateCompacted_MaxSize
OodleNetwork1UDP_State_Compact
OodleNetwork1UDP_State_Size
OodleNetwork1UDP_State_Uncompact
OodleNetwork1UDP_Train
OodleNetwork1_CompressedBufferSizeNeeded
OodleNetwork1_SelectDictionaryFromPackets
OodleNetwork1_SelectDictionaryFromPackets_Trials
OodleNetwork1_Shared_SetWindow
OodleNetwork1_Shared_Size
OodlePlugin_DisplayAssertion_Default
OodlePlugin_Free_Default
OodlePlugin_MallocAligned_Default
OodlePlugin_Printf_Default
OodlePlugins_SetAllocators
OodlePlugins_SetAssertion
OodlePlugins_SetPrintf
Oodle_CheckVersion
Oodle_GetConfigValues
Oodle_LogHeader
Oodle_SetConfigValues
Sections
.text Size: 722KB - Virtual size: 722KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 163KB - Virtual size: 163KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 8KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 16KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
bink2w64.dll.dll windows:5 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\devel\projects\bink\build\bink2w64.pdb
Exports
Exports
BinkAllocateFrameBuffers
BinkClose
BinkCloseTrack
BinkControlBackgroundIO
BinkCopyToBuffer
BinkCopyToBufferRect
BinkDoFrame
BinkDoFrameAsync
BinkDoFrameAsyncMulti
BinkDoFrameAsyncWait
BinkDoFramePlane
BinkFreeGlobals
BinkGetError
BinkGetFrameBuffersInfo
BinkGetGPUDataBuffersInfo
BinkGetKeyFrame
BinkGetPlatformInfo
BinkGetRealtime
BinkGetRects
BinkGetSummary
BinkGetTrackData
BinkGetTrackID
BinkGetTrackMaxSize
BinkGetTrackType
BinkGoto
BinkLogoAddress
BinkNextFrame
BinkOpen
BinkOpenDirectSound
BinkOpenMiles
BinkOpenTrack
BinkOpenWaveOut
BinkOpenWithOptions
BinkOpenXAudio2
BinkOpenXAudio27
BinkOpenXAudio28
BinkPause
BinkRegisterFrameBuffers
BinkRegisterGPUDataBuffers
BinkRequestStopAsyncThread
BinkRequestStopAsyncThreadsMulti
BinkService
BinkSetError
BinkSetFileOffset
BinkSetFrameRate
BinkSetIO
BinkSetIOSize
BinkSetMemory
BinkSetOSFileCallbacks
BinkSetPan
BinkSetSimulate
BinkSetSoundOnOff
BinkSetSoundSystem
BinkSetSoundSystem2
BinkSetSoundTrack
BinkSetSpeakerVolumes
BinkSetVideoOnOff
BinkSetVolume
BinkSetWillLoop
BinkShouldSkip
BinkStartAsyncThread
BinkUtilCPUs
BinkUtilFree
BinkUtilMalloc
BinkUtilMutexCreate
BinkUtilMutexDestroy
BinkUtilMutexLock
BinkUtilMutexLockTimeOut
BinkUtilMutexUnlock
BinkWait
BinkWaitStopAsyncThread
BinkWaitStopAsyncThreadsMulti
RADTimerRead
Sections
.text Size: 254KB - Virtual size: 254KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 42KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 43KB - Virtual size: 149KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 9KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
launc.dll.dll windows:6 windows x64 arch:x64
61b600bbe9dc564b84bc868e3bd45e1b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
user32
MessageBoxA
kernel32
IsProcessorFeaturePresent
WriteConsoleW
GetCommandLineA
GetFileAttributesA
GetFileAttributesW
CloseHandle
GetCurrentProcess
GetCurrentProcessId
TerminateProcess
GetCurrentThread
CreateProcessA
OpenProcess
GetModuleFileNameA
GetModuleHandleA
LoadLibraryExW
LocalAlloc
LocalFree
lstrcmpA
lstrcpyA
CreateToolhelp32Snapshot
Process32First
Process32Next
K32EnumProcessModules
K32GetModuleFileNameExA
GetEnvironmentVariableA
GetEnvironmentVariableW
GetLastError
SetLastError
WaitForSingleObject
ExitProcess
GetExitCodeProcess
ResumeThread
CreateProcessW
VirtualAllocEx
VirtualProtectEx
VirtualQueryEx
ReadProcessMemory
WriteProcessMemory
IsWow64Process
GetCurrentThreadId
SuspendThread
GetThreadContext
SetThreadContext
FlushInstructionCache
VirtualAlloc
VirtualProtect
VirtualFree
VirtualQuery
DebugBreak
GetFileSize
SetFilePointer
WriteFile
CreateFileMappingW
MapViewOfFileEx
UnmapViewOfFile
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryExA
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
CreateFileW
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
LCMapStringW
GetProcessHeap
SetFilePointerEx
GetStringTypeW
SetStdHandle
HeapSize
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
Exports
Exports
launc
Sections
.text Size: 148KB - Virtual size: 147KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourc Size: 26KB - Virtual size: 26KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.detourd Size: 512B - Virtual size: 72B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
_RDATA Size: 512B - Virtual size: 148B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
orig_socialclub.dll.dll windows:6 windows x64 arch:x64
10905a809762ce4065fcd9e230794cdb
Code Sign
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before22/10/2013, 12:00Not After22/10/2028, 12:00SubjectCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
0f:65:f4:57:25:17:cb:cc:aa:8b:37:76:58:0a:8d:3dCertificate
IssuerCN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/02/2020, 00:00Not After17/02/2023, 12:00SubjectCN=Rockstar Games\, Inc.,OU=Rockstar Games,O=Rockstar Games\, Inc.,L=New York,ST=New York,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
c0:20:fd:c2:96:a6:cf:ee:9d:3e:8b:ef:f1:77:12:58:f1:36:53:4bSigner
Actual PE Digestc0:20:fd:c2:96:a6:cf:ee:9d:3e:8b:ef:f1:77:12:58:f1:36:53:4bDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
X:\rgsc\src\release\rage\suite\src\rgsc\rgsc\x64\Final\socialclub.pdb
Imports
kernel32
CreateFileMappingW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateNamedPipeW
CancelIo
RtlUnwind
UnregisterWaitEx
GetCurrentThreadId
GetCurrentDirectoryW
GetComputerNameW
GetVolumeInformationA
GetEnvironmentVariableA
GetFileAttributesExW
WideCharToMultiByte
GetProcAddress
GetModuleHandleExW
WaitForMultipleObjects
GetModuleHandleW
GetModuleFileNameW
GetVersionExW
SystemTimeToFileTime
CopyFileW
LocalFileTimeToFileTime
Sleep
DuplicateHandle
MultiByteToWideChar
OutputDebugStringW
SetEnvironmentVariableW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExW
FindFirstFileExA
ReadConsoleW
HeapQueryInformation
WriteConsoleW
SetStdHandle
SetConsoleCtrlHandler
HeapReAlloc
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetTimeFormatW
GetDateFormatW
GetTimeZoneInformation
FlushFileBuffers
GetFileType
GetStdHandle
GetACP
HeapSize
GetConsoleMode
GetConsoleCP
InterlockedFlushSList
InterlockedPushEntrySList
RtlPcToFileHeader
RtlUnwindEx
InitializeCriticalSection
InitializeSListHead
GetStartupInfoW
CreateFileW
DeleteFileW
SetFilePointer
WriteFile
OutputDebugStringA
CloseHandle
GetLastError
SetLastError
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetCurrentProcessId
CreateProcessW
GetTickCount
GetModuleHandleA
FormatMessageA
GetCommandLineW
LocalFree
RtlCaptureStackBackTrace
IsDebuggerPresent
GetCurrentProcess
GetCurrentThread
lstrlenW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
TryEnterCriticalSection
DeleteCriticalSection
RaiseException
CreateThread
FormatMessageW
ExpandEnvironmentStringsW
CreateEventW
GetCommandLineA
GetEnvironmentVariableW
QueryPerformanceCounter
QueryPerformanceFrequency
HeapAlloc
HeapFree
GetProcessHeap
SetEvent
ReleaseSemaphore
CreateMutexA
CreateEventA
GetExitCodeProcess
OpenThread
SetThreadPriority
SetThreadPriorityBoost
GetThreadPriority
ExitThread
ResumeThread
CreateProcessA
SetPriorityClass
GetPriorityClass
GetThreadId
OpenProcess
GlobalMemoryStatusEx
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQueryEx
FreeLibrary
GetProcessAffinityMask
SetThreadAffinityMask
SetThreadIdealProcessor
CreateSemaphoreA
LoadLibraryA
GetUserDefaultUILanguage
CreateToolhelp32Snapshot
Process32FirstW
Process32NextW
Process32First
Process32Next
K32EnumProcessModules
K32GetModuleFileNameExW
K32GetPerformanceInfo
GetVersionExA
GetModuleFileNameA
GlobalAlloc
GlobalLock
GlobalUnlock
LocalAlloc
LocalLock
LocalUnlock
MulDiv
CreateDirectoryW
FileTimeToLocalFileTime
FindClose
FindFirstFileW
FindNextFileW
GetDiskFreeSpaceExW
GetFileAttributesW
ReadFile
RemoveDirectoryW
SetEndOfFile
SetFileAttributesW
SetFilePointerEx
SetFileTime
GetTempPathW
ResetEvent
ExitProcess
TerminateProcess
GetSystemTime
GetLocalTime
MoveFileExW
MoveFileWithProgressW
FileTimeToSystemTime
CreateFileA
DeleteFileA
ConnectNamedPipe
DisconnectNamedPipe
GetOverlappedResult
CancelIoEx
CreateNamedPipeA
LoadLibraryExW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
RegisterWaitForSingleObject
advapi32
ConvertStringSecurityDescriptorToSecurityDescriptorW
InitializeSecurityDescriptor
RegQueryValueExA
RegCreateKeyExA
RegSetValueExW
RegQueryInfoKeyW
RegNotifyChangeKeyValue
RegEnumValueW
RegOpenKeyExW
RegQueryValueExW
OpenProcessToken
CreateWellKnownSid
GetTokenInformation
SetEntriesInAclW
GetSecurityInfo
SetSecurityInfo
ConvertSidToStringSidW
SetSecurityDescriptorDacl
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegEnumKeyExW
RegCreateKeyExW
RegDeleteValueW
shell32
SHGetFolderPathA
SHGetFolderPathW
SHGetSpecialFolderPathA
ShellExecuteA
CommandLineToArgvW
SHCreateDirectoryExW
imagehlp
SymGetModuleBase64
SymGetLineFromAddr64
SymInitialize
SymFromAddr
SymFunctionTableAccess64
SymSetOptions
StackWalk64
wininet
InternetGetConnectedState
version
VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueA
shlwapi
PathFindFileNameW
SHDeleteKeyW
SHStrDupW
winmm
timeBeginPeriod
timeEndPeriod
timeGetTime
ws2_32
freeaddrinfo
WSAGetLastError
setsockopt
send
select
recv
ntohs
listen
shutdown
htons
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
__WSAFDIsSet
getaddrinfo
sendto
recvfrom
WSACleanup
getsockopt
WSAStartup
gethostname
gethostbyname
socket
inet_addr
bcrypt
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptGenRandom
BCryptSetProperty
BCryptCloseAlgorithmProvider
BCryptGenerateSymmetricKey
BCryptGenerateKeyPair
BCryptFinishHash
BCryptHashData
BCryptCreateHash
BCryptDeriveKey
BCryptSecretAgreement
BCryptDestroySecret
BCryptDestroyKey
BCryptFinalizeKeyPair
BCryptImportKeyPair
BCryptExportKey
BCryptEncrypt
BCryptDecrypt
BCryptDestroyHash
rpcrt4
UuidCreateSequential
user32
DispatchMessageW
PeekMessageW
UnregisterClassW
RegisterClassExW
CreateWindowExW
CallMsgFilterW
GetQueueStatus
MsgWaitForMultipleObjectsEx
GetWindowLongPtrA
GetWindowPlacement
PtInRect
ScreenToClient
ClientToScreen
GetCursorPos
SetCursorPos
GetForegroundWindow
ReleaseCapture
SetCapture
GetCapture
SendMessageW
GetCursorInfo
MessageBoxW
wsprintfW
WaitForInputIdle
CharUpperW
GetKeyState
SetPropW
GetPropW
RemovePropW
GetWindowLongPtrW
SetWindowLongPtrW
GetClassNameW
SystemParametersInfoW
DefWindowProcW
LoadStringA
TranslateMessage
DispatchMessageA
PeekMessageA
SendMessageA
WaitMessage
PostQuitMessage
IsWindow
DestroyWindow
ShowWindow
FlashWindowEx
MoveWindow
SetWindowPos
CreateDialogIndirectParamA
GetDlgItem
CheckDlgButton
GetDialogBaseUnits
OpenClipboard
CloseClipboard
SetClipboardData
EmptyClipboard
SetFocus
GetActiveWindow
GetAsyncKeyState
SetTimer
KillTimer
EnableWindow
GetSystemMetrics
GetSystemMenu
EnableMenuItem
DrawIcon
DrawTextA
SetForegroundWindow
BeginPaint
EndPaint
RedrawWindow
SetWindowTextA
GetWindowTextA
GetClientRect
GetWindowRect
MessageBoxA
MessageBeep
GetSysColor
LoadCursorW
SetRect
FillRect
SetWindowLongPtrA
GetParent
GetClassNameA
GetLastActivePopup
LoadIconA
DestroyIcon
IsDialogMessageA
WinHelpA
SystemParametersInfoA
MonitorFromPoint
GetMonitorInfoA
PostMessageW
CallWindowProcW
UpdateWindow
ShowCursor
SetCursor
GetWindowThreadProcessId
gdi32
SetTextColor
SetBkColor
SelectObject
GetTextExtentPoint32A
DeleteObject
DeleteDC
CreateSolidBrush
CreateFontIndirectA
CreateDCA
ole32
PropVariantClear
Sections
.text Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 914KB - Virtual size: 913KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 29KB - Virtual size: 5.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 234KB - Virtual size: 233KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 43KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
socialclub.dll.dll windows:6 windows x64 arch:x64
14aa4c267f6bfe1fb074a3c884ad6e3d
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Imports
shell32
SHGetFolderPathW
kernel32
RtlUnwind
CreateDirectoryW
GetFileAttributesW
GetModuleFileNameW
GetLastError
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetModuleHandleW
GetProcAddress
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
WriteConsoleW
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetFileType
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
SetStdHandle
CreateFileW
HeapSize
SetEndOfFile
Exports
Exports
getInterface
Sections
.text Size: 366KB - Virtual size: 365KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 111KB - Virtual size: 111KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 9KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 148B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ