f4e41f19395251ee15683ed797e7f04b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f4e41f19395251ee15683ed797e7f04b_JaffaCakes118
Size

1.4MB
MD5

f4e41f19395251ee15683ed797e7f04b
SHA1

72d5a637d51e3e2c6fb442513a6bc60fe070973a
SHA256

16ee7e004bd4f9ec334884b9e630378eb14f301ac56ed922f986cec31ce95823
SHA512

9c6759b3aae0ccdf9315c76c3d6829e76ee5ac1916781b6995aed875ff1326bfd457df27025df2e78d3cdbbc43dab19d4c6b61d59d524035ff06098b170940ff
SSDEEP

24576:dcK/ahP2rvBXNTkOjru8Jkbx6I7WPLnHOa6iqlKhQpWp/HRMDShiwkO451t5:557jy60j6mcyg9gx1O43t5

Score

3^/10

Malware Config

Signatures

Unsigned PE 21 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/System3.dll
unpack001/$PLUGINSDIR/UAC.dll
unpack001/$PLUGINSDIR/UserInfo.dll
unpack001/$PLUGINSDIR/nsExec.dll
unpack001/$R2/freebl3.dll
unpack001/$R2/nspr4.dll
unpack001/$R2/nss3.dll
unpack001/$R2/nssutil3.dll
unpack001/$R2/plc4.dll
unpack001/$R2/plds4.dll
unpack001/$R2/softokn3.dll
unpack001/$R2/sqlite3.dll
unpack001/$TEMP/$_2_/freebl3.dll
unpack001/$TEMP/$_2_/nspr4.dll
unpack001/$TEMP/$_2_/nss3.dll
unpack001/$TEMP/$_2_/nssutil3.dll
unpack001/$TEMP/$_2_/plc4.dll
unpack001/$TEMP/$_2_/plds4.dll
unpack001/$TEMP/$_2_/softokn3.dll
unpack001/$TEMP/$_2_/sqlite3.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

f4e41f19395251ee15683ed797e7f04b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

27/03/2015, 00:00

Not After

26/03/2016, 23:59

Subject

CN=\"SISTEMA LTD\",O=\"SISTEMA LTD\",L=Cherepovec,ST=Cherepovec,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4c:1c:79:07:23:75:1e:1b:fd:ce:15:ca:13:12:24:cb:21:9a:0f:15
Signer

Actual PE Digest

4c:1c:79:07:23:75:1e:1b:fd:ce:15:ca:13:12:24:cb:21:9a:0f:15

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 80KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System3.dll
.dll windows:4 windows x86 arch:x86

8c8a576201f68de1a3f26fc723b9f30f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MultiByteToWideChar
GlobalFree
GlobalSize
lstrcpynA
lstrcpyA
GetProcAddress
VirtualFree
FreeLibrary
lstrlenA
LoadLibraryA
GetModuleHandleA
GlobalAlloc
WideCharToMultiByte
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 851B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UAC.dll
.dll windows:5 windows x86 arch:x86

09a3e096fa98fc82beb9603daab2ea15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Z:\Projects\ABHTMLv6\ABHTML\Components\Installer\Windows\UAC\Release\UAC.pdb

Imports

kernel32

CreateProcessW
lstrlenW
GetVersionExW
SetLastError
GetProcAddress
lstrcmpiW
GetCurrentThreadId
GetCommandLineW
UnmapViewOfFile
WaitForSingleObject
GetCurrentProcessId
SetEvent
DuplicateHandle
SetCurrentDirectoryW
GetLastError
CreateFileMappingW
CreateEventW
GetExitCodeThread
CreateThread
Sleep
OpenProcess
GetExitCodeProcess
GetModuleHandleW
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
FormatMessageW
LocalFree
CloseHandle
GetModuleFileNameW
lstrcatW
GetPrivateProfileIntW
IsProcessorFeaturePresent
GetPrivateProfileStringW
LoadLibraryA
GlobalFree
MapViewOfFile
GlobalAlloc

user32

SetWindowsHookExW
DispatchMessageW
TranslateMessage
IsDialogMessageW
PeekMessageW
MsgWaitForMultipleObjects
DefWindowProcW
PostMessageW
CreateWindowExW
GetWindowThreadProcessId
CallWindowProcW
SetWindowPos
GetWindowRect
GetClientRect
GetClassNameW
LoadIconW
CreateDialogParamW
SetForegroundWindow
CallNextHookEx
UnhookWindowsHookEx
CharNextW
DialogBoxIndirectParamW
MessageBoxW
EndDialog
SetWindowLongW
LoadImageW
DestroyWindow
EnableWindow
FindWindowExW
IsWindowVisible
SendMessageW
GetDlgItem
ShowWindow
wsprintfW
LoadStringW
GetWindowLongW

advapi32

GetUserNameW
QueryServiceStatus
OpenServiceW
OpenSCManagerW
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
CloseServiceHandle

shell32

ShellExecuteExW

ole32

CoInitialize

Exports

Exports

_

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/UserInfo.dll
.dll windows:4 windows x86 arch:x86

afa8e526425f3585465337467d0b5909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
GetCurrentThread
lstrcpynA
GetCurrentProcess
GetModuleHandleA
GetProcAddress
GetLastError
GlobalFree
CloseHandle
GlobalAlloc

advapi32

OpenProcessToken
GetTokenInformation
AllocateAndInitializeSid
EqualSid
FreeSid
GetUserNameA
OpenThreadToken

Exports

Exports

GetAccountType
GetName
GetOriginalAccountType

Sections

.text
Size: 1024B - Virtual size: 741B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 673B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 190B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsExec.dll
.dll windows:4 windows x86 arch:x86

d83f71e61ee459ee63ca3e829966a9dc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetExitCodeProcess
WaitForSingleObject
Sleep
TerminateProcess
lstrcpyA
lstrcpynA
GlobalReAlloc
GlobalUnlock
GlobalSize
ReadFile
PeekNamedPipe
GetTickCount
CreateProcessA
GetStartupInfoA
CreatePipe
GetVersionExA
GetModuleHandleA
DeleteFileA
lstrcmpiA
lstrlenA
lstrcatA
CloseHandle
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
CreateFileA
CopyFileA
GetTempFileNameA
GlobalFree
GlobalAlloc
GetModuleFileNameA
ExitProcess
GetCommandLineA
GetProcAddress
GlobalLock
GetCurrentProcess

user32

SendMessageA
OemToCharBuffA
CharNextA
wsprintfA
CharPrevA
FindWindowExA

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Exports

Exports

Exec
ExecToLog
ExecToStack

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 410B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsProcess.dll
.dll windows:5 windows x86 arch:x86

a49b0342971aa199fc6349725b90146d

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

27/03/2015, 00:00

Not After

26/03/2016, 23:59

Subject

CN=\"SISTEMA LTD\",O=\"SISTEMA LTD\",L=Cherepovec,ST=Cherepovec,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

70:0b:cd:4b:71:6f:43:f0:52:b3:e7:ae:e3:92:59:10:94:2f:72:16
Signer

Actual PE Digest

70:0b:cd:4b:71:6f:43:f0:52:b3:e7:ae:e3:92:59:10:94:2f:72:16

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
OpenProcess
lstrcpynA
lstrlenA
LoadLibraryA
lstrcmpiA
WideCharToMultiByte
FreeLibrary
LocalFree
LocalAlloc
GetProcAddress
LoadLibraryW
GetVersionExA
GlobalFree
GlobalAlloc

user32

GetWindowThreadProcessId
EnumWindows
wsprintfA
PostMessageA

Exports

Exports

_CloseProcess
_FindProcess
_KillProcess
_Unload

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 250B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/Chromium.dll
.dll windows:6 windows x86 arch:x86

f2358c15a68c5e7ba6256467178b2b1b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

27/03/2015, 00:00

Not After

26/03/2016, 23:59

Subject

CN=\"SISTEMA LTD\",O=\"SISTEMA LTD\",L=Cherepovec,ST=Cherepovec,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

57:43:54:70:ae:59:5d:1e:dd:3a:c8:fa:80:61:f5:a1:85:92:c6:85
Signer

Actual PE Digest

57:43:54:70:ae:59:5d:1e:dd:3a:c8:fa:80:61:f5:a1:85:92:c6:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nss3

PK11_GetInternalSlot
PK11_FreeSymKey
PK11_ImportSymKey
PK11_DestroyContext
PK11_FreeSlot
NSS_NoDB_Init
PK11_DigestFinal
PK11_DigestOp
PK11_DigestBegin
PK11_CreateContextBySymKey

kernel32

UnhandledExceptionFilter
GetCPInfo
GetCommandLineA
ExitProcess
HeapReAlloc
GetSystemDirectoryW
GetWindowsDirectoryW
GetModuleFileNameW
LocalFree
GetCurrentDirectoryW
CreateFileW
GetFileAttributesW
GetVolumeInformationW
ReadFile
WriteFile
GetTempPathW
CloseHandle
GetLastError
SetLastError
GetCurrentProcess
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FlushFileBuffers
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
GetCurrentProcessId
MultiByteToWideChar
WideCharToMultiByte
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsDebuggerPresent
RaiseException
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetVersionExW
GetNativeSystemInfo
GetComputerNameW
WriteConsoleW
GetModuleHandleExW
GetStdHandle
IsProcessorFeaturePresent
GetFileType
SetStdHandle
GetFullPathNameW
GetProcessHeap
HeapAlloc
HeapFree
RtlUnwind
GetStringTypeW
DecodePointer
EncodePointer
TerminateProcess
GetStartupInfoW
LCMapStringW
HeapSize
GetConsoleCP
GetConsoleMode
ReadConsoleW
OutputDebugStringW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
QueryPerformanceCounter

advapi32

CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
LookupAccountNameW
ConvertSidToStringSidW

shell32

SHGetFolderPathW

winmm

timeGetTime

Exports

Exports

?GenerateDeviceIdLikePrefMetricsServiceDid@hash_calculation@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV23@@Z
?GetChromeHashSeed@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W10@Z
?GetDeviceId@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetDigestString@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@111@Z
?GetHashSeed@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W10I@Z
?GetYandexHashSeed@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W10@Z

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/KompexSQLiteWrapper.dll
.dll windows:5 windows x86 arch:x86

b79ba4ab2edf6a6d884a8363550f0fa8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

27/03/2015, 00:00

Not After

26/03/2016, 23:59

Subject

CN=\"SISTEMA LTD\",O=\"SISTEMA LTD\",L=Cherepovec,ST=Cherepovec,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9f:1f:ca:d8:34:ae:48:10:59:d9:30:50:39:c9:6b:fa:a0:7d:8a:86
Signer

Actual PE Digest

9f:1f:ca:d8:34:ae:48:10:59:d9:30:50:39:c9:6b:fa:a0:7d:8a:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
GetFileSize
CreateMutexW
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FreeLibrary
HeapAlloc
SystemTimeToFileTime
QueryPerformanceCounter
HeapFree
WaitForSingleObject
InterlockedCompareExchange
UnlockFile
LockFile
OutputDebugStringW
GetTickCount
UnlockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
Sleep
FormatMessageW
HeapDestroy
LeaveCriticalSection
GetFileAttributesA
HeapCreate
HeapValidate
GetFileAttributesW
ReadFile
CreateFileW
MultiByteToWideChar
FlushFileBuffers
GetTempPathW
GetLastError
GetProcAddress
HeapSize
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
OutputDebugStringA
GetVersionExA
CloseHandle
DeleteFileW
GetCurrentProcessId
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
ExitProcess
GetStdHandle
GetModuleFileNameW
GetTimeZoneInformation
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoW
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableA

Exports

Exports

??0SQLiteBlob@Kompex@@QAE@ABV01@@Z
??0SQLiteBlob@Kompex@@QAE@PAVSQLiteDatabase@1@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11_JW4BLOB_ACCESS_MODE@1@@Z
??0SQLiteBlob@Kompex@@QAE@XZ
??0SQLiteDatabase@Kompex@@QAE@ABV01@@Z
??0SQLiteDatabase@Kompex@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HPBD@Z
??0SQLiteDatabase@Kompex@@QAE@PBDH0@Z
??0SQLiteDatabase@Kompex@@QAE@PB_W@Z
??0SQLiteDatabase@Kompex@@QAE@XZ
??0SQLiteException@Kompex@@QAE@ABV01@@Z
??0SQLiteException@Kompex@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IPBD@Z
??0SQLiteException@Kompex@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IV23@@Z
??0SQLiteStatement@Kompex@@QAE@ABV01@@Z
??0SQLiteStatement@Kompex@@QAE@PAVSQLiteDatabase@1@@Z
??1SQLiteBlob@Kompex@@UAE@XZ
??1SQLiteDatabase@Kompex@@UAE@XZ
??1SQLiteException@Kompex@@QAE@XZ
??1SQLiteStatement@Kompex@@UAE@XZ
??4SQLiteBlob@Kompex@@QAEAAV01@ABV01@@Z
??4SQLiteDatabase@Kompex@@QAEAAV01@ABV01@@Z
??4SQLiteException@Kompex@@QAEAAV01@ABV01@@Z
??4SQLiteStatement@Kompex@@QAEAAV01@ABV01@@Z
??_7SQLiteBlob@Kompex@@6B@
??_7SQLiteDatabase@Kompex@@6B@
??_7SQLiteStatement@Kompex@@6B@
?ActivateProfiling@SQLiteDatabase@Kompex@@QBEXXZ
?ActivateTracing@SQLiteDatabase@Kompex@@QBEXXZ
?AssignColumnNumberToColumnName@SQLiteStatement@Kompex@@ABEXXZ
?BeginTransaction@SQLiteStatement@Kompex@@QAEXXZ
?BindBlob@SQLiteStatement@Kompex@@QBEXHPBXH@Z
?BindBool@SQLiteStatement@Kompex@@QBEXH_N@Z
?BindDouble@SQLiteStatement@Kompex@@QBEXHN@Z
?BindInt64@SQLiteStatement@Kompex@@QBEXH_J@Z
?BindInt@SQLiteStatement@Kompex@@QBEXHH@Z
?BindNull@SQLiteStatement@Kompex@@QBEXH@Z
?BindString16@SQLiteStatement@Kompex@@QBEXHPB_W@Z
?BindString@SQLiteStatement@Kompex@@QBEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?BindZeroBlob@SQLiteStatement@Kompex@@QBEXHH@Z
?CheckColumnNumber@SQLiteStatement@Kompex@@IBEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?CheckDatabase@SQLiteStatement@Kompex@@IBEXXZ
?CheckStatement@SQLiteStatement@Kompex@@IBEXXZ
?CleanUpFailedMemoryDatabase@SQLiteDatabase@Kompex@@AAEXPAUsqlite3@@0_N1PAUsqlite3_stmt@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?CleanUpTransaction@SQLiteStatement@Kompex@@IAEXXZ
?ClearBindings@SQLiteStatement@Kompex@@QBEXXZ
?Close@SQLiteDatabase@Kompex@@QAEXXZ
?CloseBlob@SQLiteBlob@Kompex@@QAEXXZ
?CommitTransaction@SQLiteStatement@Kompex@@QAEXXZ
?CreateModule@SQLiteDatabase@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBUsqlite3_module@@PAXP6AX2@Z@Z
?Execute@SQLiteStatement@Kompex@@QBEXXZ
?ExecuteAndFree@SQLiteStatement@Kompex@@QAEXXZ
?FetchRow@SQLiteStatement@Kompex@@QBE_NXZ
?FreeQuery@SQLiteStatement@Kompex@@QAEXXZ
?GetAssignedColumnNumber@SQLiteStatement@Kompex@@ABEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetAutoCommit@SQLiteDatabase@Kompex@@QBEHXZ
?GetBlobHandle@SQLiteBlob@Kompex@@IBEPAUsqlite3_blob@@XZ
?GetBlobSize@SQLiteBlob@Kompex@@QBEHXZ
?GetColumnBlob@SQLiteStatement@Kompex@@QBEPBXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnBlob@SQLiteStatement@Kompex@@QBEPBXH@Z
?GetColumnBool@SQLiteStatement@Kompex@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnBool@SQLiteStatement@Kompex@@QBE_NH@Z
?GetColumnBytes16@SQLiteStatement@Kompex@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnBytes16@SQLiteStatement@Kompex@@QBEHH@Z
?GetColumnBytes@SQLiteStatement@Kompex@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnBytes@SQLiteStatement@Kompex@@QBEHH@Z
?GetColumnCString@SQLiteStatement@Kompex@@QBEPBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnCString@SQLiteStatement@Kompex@@QBEPBEH@Z
?GetColumnCount@SQLiteStatement@Kompex@@QBEHXZ
?GetColumnDatabaseName16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDatabaseName16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnDatabaseName@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDatabaseName@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnDeclaredDatatype16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDeclaredDatatype16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnDeclaredDatatype@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDeclaredDatatype@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnDouble@SQLiteStatement@Kompex@@QBENABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDouble@SQLiteStatement@Kompex@@QBENH@Z
?GetColumnInt64@SQLiteStatement@Kompex@@QBE_JABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnInt64@SQLiteStatement@Kompex@@QBE_JH@Z
?GetColumnInt@SQLiteStatement@Kompex@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnInt@SQLiteStatement@Kompex@@QBEHH@Z
?GetColumnName16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnName16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnName@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnName@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnOriginName16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnOriginName16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnOriginName@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnOriginName@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnString16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnString16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnString@SQLiteStatement@Kompex@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?GetColumnString@SQLiteStatement@Kompex@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?GetColumnTableName16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnTableName16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnTableName@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnTableName@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnType@SQLiteStatement@Kompex@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnType@SQLiteStatement@Kompex@@QBEHH@Z
?GetDataCount@SQLiteStatement@Kompex@@QBEHXZ
?GetDatabaseChanges@SQLiteDatabase@Kompex@@QBEHXZ
?GetDatabaseHandle@SQLiteDatabase@Kompex@@QBEPAUsqlite3@@XZ
?GetLastInsertRowId@SQLiteDatabase@Kompex@@QBE_JXZ
?GetLibVersionNumber@SQLiteDatabase@Kompex@@QBEHXZ
?GetMemoryHighwaterMark@SQLiteDatabase@Kompex@@QBE_J_N@Z
?GetMemoryUsage@SQLiteDatabase@Kompex@@QBE_JXZ
?GetNumberOfRows@SQLiteStatement@Kompex@@QAEIXZ
?GetSqlResultBlob@SQLiteStatement@Kompex@@QAEPBXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBX@Z
?GetSqlResultBlob@SQLiteStatement@Kompex@@QAEPBXPBDPBX@Z
?GetSqlResultBlob@SQLiteStatement@Kompex@@QAEPBXPB_WPBX@Z
?GetSqlResultCString@SQLiteStatement@Kompex@@QAEPBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBE@Z
?GetSqlResultCString@SQLiteStatement@Kompex@@QAEPBEPBDPBE@Z
?GetSqlResultCString@SQLiteStatement@Kompex@@QAEPBEPB_WPBE@Z
?GetSqlResultDouble@SQLiteStatement@Kompex@@QAENABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@N@Z
?GetSqlResultDouble@SQLiteStatement@Kompex@@QAENPBDN@Z
?GetSqlResultDouble@SQLiteStatement@Kompex@@QAENPB_WN@Z
?GetSqlResultInt64@SQLiteStatement@Kompex@@QAE_JABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_J@Z
?GetSqlResultInt64@SQLiteStatement@Kompex@@QAE_JPBD_J@Z
?GetSqlResultInt64@SQLiteStatement@Kompex@@QAE_JPB_W_J@Z
?GetSqlResultInt@SQLiteStatement@Kompex@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?GetSqlResultInt@SQLiteStatement@Kompex@@QAEHPBDH@Z
?GetSqlResultInt@SQLiteStatement@Kompex@@QAEHPB_WH@Z
?GetSqlResultString16@SQLiteStatement@Kompex@@QAEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PA_W@Z
?GetSqlResultString16@SQLiteStatement@Kompex@@QAEPA_WPBDPA_W@Z
?GetSqlResultString16@SQLiteStatement@Kompex@@QAEPA_WPB_WPA_W@Z
?GetSqlResultString@SQLiteStatement@Kompex@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@0@Z
?GetSqlResultString@SQLiteStatement@Kompex@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDABV34@@Z
?GetSqlResultString@SQLiteStatement@Kompex@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_WABV34@@Z
?GetStatementHandle@SQLiteStatement@Kompex@@IBEPAUsqlite3_stmt@@XZ
?GetString@SQLiteException@Kompex@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetTable@SQLiteStatement@Kompex@@QBEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@G@Z
?GetTableColumnMetadata@SQLiteStatement@Kompex@@QBEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?GetTotalDatabaseChanges@SQLiteDatabase@Kompex@@QBEHXZ
?InterruptDatabaseOperation@SQLiteDatabase@Kompex@@QBEXXZ
?IsDatabaseReadOnly@SQLiteDatabase@Kompex@@QAE_NXZ
?MoveDatabaseToMemory@SQLiteDatabase@Kompex@@QAEXW4UtfEncoding@12@@Z
?Mprintf@SQLiteStatement@Kompex@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDZZ
?Open@SQLiteDatabase@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HPBD@Z
?Open@SQLiteDatabase@Kompex@@QAEXPBDH0@Z
?Open@SQLiteDatabase@Kompex@@QAEXPB_W@Z
?OpenBlob@SQLiteBlob@Kompex@@QAEXPAVSQLiteDatabase@2@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11_JW4BLOB_ACCESS_MODE@2@@Z
?Prepare@SQLiteStatement@Kompex@@IAEXPBD@Z
?Prepare@SQLiteStatement@Kompex@@IAEXPB_W@Z
?ProcessDDLRow@SQLiteDatabase@Kompex@@KAHPAXHPAPAD1@Z
?ProcessDMLRow@SQLiteDatabase@Kompex@@KAHPAXHPAPAD1@Z
?ProfileOutput@SQLiteDatabase@Kompex@@KAXPAXPBD_K@Z
?ReadBlob@SQLiteBlob@Kompex@@QAEXPAXHH@Z
?ReleaseMemory@SQLiteDatabase@Kompex@@QAEXXZ
?ReleaseMemory@SQLiteDatabase@Kompex@@QBEHH@Z
?Reset@SQLiteStatement@Kompex@@QBEXXZ
?RollbackTransaction@SQLiteStatement@Kompex@@QAEXXZ
?SaveDatabaseFromMemoryToFile@SQLiteDatabase@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveDatabaseFromMemoryToFile@SQLiteDatabase@Kompex@@QAEXPB_W@Z
?SecureTransaction@SQLiteStatement@Kompex@@QAEXPBD@Z
?SecureTransaction@SQLiteStatement@Kompex@@QAEXPB_W@Z
?SecureTransaction@SQLiteStatement@Kompex@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetSoftHeapLimit@SQLiteDatabase@Kompex@@QBEXH@Z
?Show@SQLiteException@Kompex@@QBEXXZ
?Sql@SQLiteStatement@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Sql@SQLiteStatement@Kompex@@QAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?Sql@SQLiteStatement@Kompex@@QAEXPBD@Z
?Sql@SQLiteStatement@Kompex@@QAEXPB_W@Z
?SqlAggregateFuncResult@SQLiteStatement@Kompex@@QAEMABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SqlAggregateFuncResult@SQLiteStatement@Kompex@@QAEMPA_W@Z
?SqlAggregateFuncResult@SQLiteStatement@Kompex@@QAEMPBD@Z
?SqlResultBlob@SQLiteStatement@Kompex@@IAEPBXPBX@Z
?SqlResultCString@SQLiteStatement@Kompex@@IAEPBEPBE@Z
?SqlResultString16@SQLiteStatement@Kompex@@IAEPA_WPA_W@Z
?SqlStatement@SQLiteStatement@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SqlStatement@SQLiteStatement@Kompex@@QAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?SqlStatement@SQLiteStatement@Kompex@@QAEXPBD@Z
?SqlStatement@SQLiteStatement@Kompex@@QAEXPB_W@Z
?Step@SQLiteStatement@Kompex@@IBE_NXZ
?TakeSnapshot@SQLiteDatabase@Kompex@@IAEXPAUsqlite3@@@Z
?TraceOutput@SQLiteDatabase@Kompex@@KAXPAXPBD@Z
?Transaction@SQLiteStatement@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Transaction@SQLiteStatement@Kompex@@QAEXPBD@Z
?Transaction@SQLiteStatement@Kompex@@QAEXPB_W@Z
?Vmprintf@SQLiteStatement@Kompex@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDPAD@Z
?WriteBlob@SQLiteBlob@Kompex@@QAEXPBXHH@Z

Sections

.text
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/TkArOdh.dll
.dll windows:5 windows x86 arch:x86

8c41216a4e0bacf1f6215cbdddaf88e4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

27/03/2015, 00:00

Not After

26/03/2016, 23:59

Subject

CN=\"SISTEMA LTD\",O=\"SISTEMA LTD\",L=Cherepovec,ST=Cherepovec,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

92:07:9d:2b:1e:75:a3:de:71:6f:96:32:fd:a2:f5:19:77:4d:02:3e
Signer

Actual PE Digest

92:07:9d:2b:1e:75:a3:de:71:6f:96:32:fd:a2:f5:19:77:4d:02:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

chromium

?GetDigestString@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@111@Z
?GetHashSeed@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W10I@Z
?GenerateDeviceIdLikePrefMetricsServiceDid@hash_calculation@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV23@@Z
?GetDeviceId@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

kompexsqlitewrapper

?SaveDatabaseFromMemoryToFile@SQLiteDatabase@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Close@SQLiteDatabase@Kompex@@QAEXXZ
??1SQLiteDatabase@Kompex@@UAE@XZ
??0SQLiteDatabase@Kompex@@QAE@PB_W@Z
??1SQLiteStatement@Kompex@@UAE@XZ
?GetSqlResultCString@SQLiteStatement@Kompex@@QAEPBEPBDPBE@Z
??0SQLiteStatement@Kompex@@QAE@PAVSQLiteDatabase@1@@Z

kernel32

WideCharToMultiByte
SizeofResource
MultiByteToWideChar
lstrlenW
GetLastError
LockResource
lstrlenA
FreeLibrary
WriteFile
LoadLibraryW
GetProcAddress
LoadResource
DeleteFileW
WaitForSingleObject
GetModuleHandleExA
GetCurrentProcess
Thread32First
Sleep
Thread32Next
GetModuleFileNameW
LocalAlloc
LocalFree
InterlockedDecrement
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
FindResourceW
FindResourceExW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetStdHandle
WriteConsoleW
CreateFileA
SetEndOfFile
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetLocaleInfoW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
InitializeCriticalSection
MoveFileA
GetCPInfo
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
CreateDirectoryA
GetCurrentThreadId
GetCommandLineA
RtlUnwind
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
IsProcessorFeaturePresent
HeapCreate
ExitProcess
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
GetACP
GetOEMCP

user32

SendMessageW
EnumThreadWindows

advapi32

RegOpenKeyExA
RegCloseKey
OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
GetLengthSid
DuplicateTokenEx
CreateProcessAsUserW
CopySid
RegQueryValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString
GetErrorInfo
VariantInit
SysAllocStringLen
VariantClear

shlwapi

PathIsDirectoryW
PathFileExistsW
PathIsDirectoryEmptyW

Sections

.text
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/freebl3.dll
.dll windows:6 windows x86 arch:x86

68765e49af812cea06653c4ddee9320d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nssutil3

SECITEM_ZfreeItem_Util
SECITEM_CompareItem_Util
SECOID_FindOIDTag_Util
PORT_ArenaAlloc_Util
SECITEM_FreeItem_Util
SECITEM_CopyItem_Util
SECITEM_AllocItem_Util
PORT_FreeArena_Util
PORT_ArenaZAlloc_Util
PORT_NewArena_Util
NSS_SecureMemcmp
PORT_GetError_Util
PORT_ZFree_Util
PORT_ZAlloc_Util
PORT_SetError_Util
PORT_Free_Util
PORT_Alloc_Util

nspr4

PR_Free
PR_Seek
PR_Read
PR_Close
PR_Open
PR_GetLibraryFilePathname
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_WaitCondVar
PR_DestroyCondVar
PR_NewCondVar
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_CallOnce

advapi32

SystemFunction036

kernel32

CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
HeapReAlloc
LCMapStringW
CompareStringW
CreateFileW
GetStringTypeW
OutputDebugStringW
LoadLibraryExW
RtlUnwind
SetEnvironmentVariableA
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
GetDiskFreeSpaceA
GetLogicalDrives
QueryPerformanceCounter
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GlobalMemoryStatus
GetVolumeInformationA
GetComputerNameA
GetSystemTimeAsFileTime
GetLastError
HeapFree
HeapAlloc
IsProcessorFeaturePresent
GetCommandLineA
IsDebuggerPresent
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
SetLastError
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetFileType
GetStartupInfoW
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

FREEBL_GetVector

Sections

.text
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/nspr4.dll
.dll windows:6 windows x86 arch:x86

a6070e3824e66675bb029a2cf7952a4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

OpenProcessToken
AddAccessAllowedAce
AllocateAndInitializeSid
CopySid
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

ws2_32

socket
shutdown
setsockopt
sendto
send
select
recvfrom
recv
listen
getsockname
getpeername
ioctlsocket
connect
closesocket
accept
__WSAFDIsSet
WSAStartup
WSACleanup
gethostname
WSAGetLastError
getsockopt
getprotobyname
getprotobynumber
gethostbyname
gethostbyaddr
ntohs
ntohl
htons
htonl
bind

winmm

timeGetTime

kernel32

SetEndOfFile
ReadConsoleW
CreateFileW
GetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
FileTimeToLocalFileTime
HeapSize
OutputDebugStringW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
WriteConsoleW
SetFilePointerEx
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
GetFileAttributesExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
DebugBreak
OutputDebugStringA
EnterCriticalSection
WideCharToMultiByte
GetLastError
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryExW
MultiByteToWideChar
GetSystemInfo
GlobalMemoryStatusEx
CloseHandle
CreatePipe
GetStdHandle
TlsGetValue
DeleteCriticalSection
TlsSetValue
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
CreateProcessA
GetSystemTime
GetVersionExA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
FormatMessageA
CreateFileMappingA
SystemTimeToFileTime
GetCurrentProcess
ReleaseSemaphore
CreateSemaphoreA
GetThreadContext
IsDebuggerPresent
DuplicateHandle
RaiseException
Sleep
GetCurrentThread
SetThreadPriority
SuspendThread
ResumeThread
TlsAlloc
TlsFree
CreateDirectoryA
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
GetFileAttributesExA
GetFileInformationByHandle
LockFile
ReadFile
RemoveDirectoryA
SetFilePointer
UnlockFile
WriteFile
GetHandleInformation
SetHandleInformation
MoveFileA
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
OpenSemaphoreA
QueryPerformanceCounter
GetTickCount
OpenFileMappingA
IsProcessorFeaturePresent
HeapFree
HeapAlloc
HeapReAlloc
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
CreateThread
GetCurrentThreadId
ExitThread
GetSystemTimeAsFileTime
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetStartupInfoW
GetProcessHeap
GetConsoleCP
GetConsoleMode
RtlUnwind
GetFileType
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
FindFirstFileExW
SetEnvironmentVariableW

Exports

Exports

GetExecutionEnvironment
LL_MaxInt
LL_MaxUint
LL_MinInt
LL_Zero
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddToCounter
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AssertCurrentThreadInMonitor
PR_AssertCurrentThreadOwnsLock
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_BlockInterrupt
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CSetOnMonitorRecycle
PR_CWait
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_CancelJob
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateAlarm
PR_CreateCounter
PR_CreateFileMap
PR_CreateIOLayer
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateOrderedLock
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateThreadPool
PR_CreateTrace
PR_CreateWaitGroup
PR_DecrementCounter
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyCounter
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyOrderedLock
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyTrace
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindFunctionSymbolAndLibrary
PR_FindNextCounterQname
PR_FindNextCounterRname
PR_FindNextTraceQname
PR_FindNextTraceRname
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetConnectStatus
PR_GetCounter
PR_GetCounterHandleFromName
PR_GetCounterNameFromHandle
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMemMapAlignment
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPathSeparator
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetPipeMethods
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetRandomNoise
PR_GetSP
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSysfdTableMax
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadName
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetTraceEntries
PR_GetTraceHandleFromName
PR_GetTraceNameFromHandle
PR_GetTraceOption
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_GetVersion
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportPipe
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_IncrementCounter
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinJob
PR_JoinThread
PR_JoinThreadPool
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LockOrderedLock
PR_LogFlush
PR_LogPrint
PR_MakeDir
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenFile
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_ParseTimeStringToExplodedTime
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_QueueJob
PR_QueueJob_Accept
PR_QueueJob_Connect
PR_QueueJob_Read
PR_QueueJob_Timer
PR_QueueJob_Write
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_RecordTraceEntries
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetCounter
PR_SetCurrentThreadName
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetSysfdTableSize
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_SetTraceOption
PR_ShowStatus
PR_Shutdown
PR_ShutdownThreadPool
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SubtractFromCounter
PR_SuspendAll
PR_Sync
PR_SyncMemMap
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_Trace
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnblockInterrupt
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_UnlockOrderedLock
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
PT_FPrintStats
SetExecutionEnvironment
_PR_AddSleepQ
_PR_CreateThread
_PR_DelSleepQ
_PR_GetPrimordialCPU
_PR_MD_FREE_CV
_PR_MD_INIT_LOCKS
_PR_MD_NEW_CV
_PR_MD_NEW_LOCK
_PR_MD_NOTIFYALL_CV
_PR_MD_NOTIFY_CV
_PR_MD_UNLOCK
_PR_MD_WAIT_CV
_PR_NativeCreateThread
_pr_push_ipv6toipv4_layer
_pr_test_ipv6_socket
libVersionPoint

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/nss3.dll
.dll windows:6 windows x86 arch:x86

9e2f8a8cfc34da6dfd8f2fda9de568a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nssutil3

DER_GetUInteger
PORT_UCS4_UTF8Conversion
PORT_ISO88591_UTF8Conversion
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
SEC_ASN1EncoderSetNotifyProc_Util
NSS_Get_SEC_T61StringTemplate
DER_StoreHeader
DER_LengthLength
NSS_Get_SEC_SetOfAnyTemplate_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1EncoderStart_Util
SEC_QuickDERDecodeItem_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderClearNotifyProc_Util
SECOID_KnownCertExtenOID
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1DecoderStart_Util
DER_EncodeTimeChoice_Util
DER_DecodeTimeChoice_Util
CERT_GenTime2FormattedAscii_Util
DER_GeneralizedTimeToTime_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeChoiceDayToAscii_Util
DER_GeneralizedDayToAscii_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
DER_AsciiToTime_Util
NSS_Get_SEC_IA5StringTemplate_Util
PORT_RegExpCaseSearch
PORT_RegExpValid
SECITEM_HashCompare
SECITEM_Hash
NSS_Get_SEC_SkipTemplate
SEC_ASN1EncoderClearNotifyProc_Util
SEC_StringToOID
NSSUTIL_MkNSSString
NSSUTIL_ArgParseCipherFlags
NSSUTIL_MkModuleSpec
NSSUTIL_ArgParseModuleSpec
NSSUTIL_MkSlotString
NSSUTIL_ArgParseSlotInfo
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_ArgReadLong
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgGetLabel
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgStrip
NSSUTIL_ArgFetchValue
SECOID_FindOIDByMechanism
PORT_LoadLibraryFromOrigin
NSS_Get_SEC_ObjectIDTemplate_Util
SGN_DecodeDigestInfo
_SGN_VerifyPKCS1DigestInfo
NSS_Get_SEC_BitStringTemplate_Util
NSS_GetAlgorithmPolicy
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_GeneralizedTimeTemplate_Util
DER_SetUInteger
NSS_Get_SEC_AnyTemplate_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_UnlockWrite_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_LockRead_Util
NSSRWLock_Destroy_Util
NSSRWLock_New_Util
NSSBase64_EncodeItem_Util
NSSBase64_DecodeBuffer_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Decoder_Create_Util
BTOA_ConvertItemToAscii_Util
ATOB_ConvertAsciiToItem_Util
ATOB_AsciiToData_Util
BTOA_DataToAscii_Util
SEC_ASN1LengthLength_Util
SEC_ASN1DecodeInteger_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderSetStreaming_Util
PORT_Alloc_Util
DER_TimeToUTCTime_Util
DER_GetInteger_Util
DER_Lengths_Util
DER_Encode_Util
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_DestroyDigestInfo_Util
SGN_CreateDigestInfo_Util
SECOID_AddEntry_Util
SECOID_FindOIDTagDescription_Util
SECOID_CompareAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_GetAlgorithmTag_Util
SECOID_CopyAlgorithmID_Util
SECOID_SetAlgorithmID_Util
SECOID_FindOIDByTag_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECITEM_ZfreeItem_Util
SECITEM_FreeItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_DupItem_Util
SECITEM_CopyItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_CompareItem_Util
SECITEM_AllocItem_Util
NSS_PutEnv_Util
PORT_UCS2_UTF8Conversion_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_UCS2_ASCIIConversion_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaRelease_Util
PORT_ArenaMark_Util
PORT_ArenaGrow_Util
PORT_FreeArena_Util
PORT_ArenaZAlloc_Util
PORT_ArenaAlloc_Util
PORT_NewArena_Util
PORT_GetError_Util
PORT_ZFree_Util
NSSUTIL_DoubleEscape
NSS_InitializePRErrorTable
SECOID_Shutdown
SECOID_Init
PORT_SetError_Util
PORT_Strdup_Util
PORT_Free_Util
PORT_ZAlloc_Util
PORT_Realloc_Util
NSS_Get_SEC_PrintableStringTemplate

plc4

PL_strcasecmp
PL_strncasecmp
PL_Base64Encode
PL_strncpyz
PL_strcatn
PL_strlen
PL_strcat
PL_strstr
PL_strnstr
PL_strdup
PL_strfree

plds4

PL_NewHashTable
PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_CompareValues
PL_HashTableEnumerateEntries
PL_InitArenaPool
PL_FinishArenaPool
PL_ArenaAllocate
PL_ArenaRelease
PL_HashString
PL_CompareStrings

nspr4

PR_Unlock
PR_htons
PR_ErrorToString
PR_Send
PR_Shutdown
PR_Listen
PR_Bind
PR_Accept
PR_ConnectContinue
PR_FindFunctionSymbol
PR_DestroyRWLock
PR_Realloc
PR_Malloc
PR_GetThreadPrivate
PR_SetThreadPrivate
PR_NewThreadPrivateIndex
PR_Free
PR_Calloc
PR_sprintf_append
PR_GetError
PR_htonl
PR_ConvertIPv4AddrToIPv6
PR_NetAddrToString
PR_SetErrorText
PR_Sleep
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_LogPrint
PR_NewLogModule
PR_FindSymbol
PR_UnloadLibrary
PR_LoadLibrary
PR_CallOnceWithArg
PR_IntervalNow
PR_GetEnv
PR_Poll
PR_ExitMonitor
PR_EnterMonitor
PR_DestroyMonitor
PR_NewMonitor
PR_InitializeNetAddr
PR_EnumerateHostEnt
PR_GetHostByName
PR_StringToNetAddr
PR_snprintf
PR_Recv
PR_Connect
PR_NewTCPSocket
PR_Write
PR_Close
PR_SecondsToInterval
PR_TicksPerSecond
PR_Now
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_WaitCondVar
PR_NewCondVar
PR_Lock
PR_DestroyLock
PR_NewLock
PR_smprintf_free
PR_smprintf
PR_CallOnce

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetProcessHeap
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetFileType
GetStdHandle
RtlUnwind
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
CloseHandle
HeapFree
AreFileApisANSI
GetProcAddress
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
DeleteCriticalSection
DecodePointer
EncodePointer
MultiByteToWideChar
SetLastError
GetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetStringTypeW
CompareStringW
LCMapStringW
GetModuleFileNameW
SetEnvironmentVariableA
HeapAlloc
LoadLibraryExW
GetFileAttributesExW
HeapReAlloc
SetStdHandle
SetFilePointerEx
WriteConsoleW
OutputDebugStringW
HeapSize
CreateFileW
SetEndOfFile
ReadFile
ReadConsoleW
GetEnvironmentStringsW

Exports

Exports

ATOB_AsciiToData
ATOB_ConvertAsciiToItem
BTOA_ConvertItemToAscii
BTOA_DataToAscii
CERT_AddCertToListHead
CERT_AddCertToListSorted
CERT_AddCertToListTail
CERT_AddExtension
CERT_AddExtensionByOID
CERT_AddOCSPAcceptableResponses
CERT_AddOKDomainName
CERT_AddRDN
CERT_AllocCERTRevocationFlags
CERT_AsciiToName
CERT_CRLCacheRefreshIssuer
CERT_CacheCRL
CERT_CacheOCSPResponseFromSideChannel
CERT_CertChainFromCert
CERT_CertListFromCert
CERT_CertTimesValid
CERT_ChangeCertTrust
CERT_CheckCertUsage
CERT_CheckCertValidTimes
CERT_CheckNameSpace
CERT_CheckOCSPStatus
CERT_ClearOCSPCache
CERT_CompareCerts
CERT_CompareName
CERT_CompareValidityTimes
CERT_CompleteCRLDecodeEntries
CERT_CopyName
CERT_CopyRDN
CERT_CreateAVA
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateEncodedOCSPErrorResponse
CERT_CreateEncodedOCSPSuccessResponse
CERT_CreateName
CERT_CreateOCSPCertID
CERT_CreateOCSPRequest
CERT_CreateOCSPSingleResponseGood
CERT_CreateOCSPSingleResponseRevoked
CERT_CreateOCSPSingleResponseUnknown
CERT_CreateRDN
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_DecodeAVAValue
CERT_DecodeAltNameExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeAuthKeyID
CERT_DecodeBasicConstraintValue
CERT_DecodeCRLDistributionPoints
CERT_DecodeCertificatePoliciesExtension
CERT_DecodeDERCrl
CERT_DecodeDERCrlWithFlags
CERT_DecodeGeneralName
CERT_DecodeNameConstraintsExtension
CERT_DecodeOCSPRequest
CERT_DecodeOCSPResponse
CERT_DecodeOidSequence
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DecodeTrustString
CERT_DecodeUserNotice
CERT_DerNameToAscii
CERT_DestroyCERTRevocationFlags
CERT_DestroyCertArray
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificatePoliciesExtension
CERT_DestroyCertificateRequest
CERT_DestroyName
CERT_DestroyOCSPCertID
CERT_DestroyOCSPRequest
CERT_DestroyOCSPResponse
CERT_DestroyOidSequence
CERT_DestroyUserNotice
CERT_DestroyValidity
CERT_DisableOCSPChecking
CERT_DisableOCSPDefaultResponder
CERT_DistNamesFromCertList
CERT_DupCertList
CERT_DupCertificate
CERT_DupDistNames
CERT_EnableOCSPChecking
CERT_EnableOCSPDefaultResponder
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeCRLDistributionPoints
CERT_EncodeCertPoliciesExtension
CERT_EncodeGeneralName
CERT_EncodeInfoAccessExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodeNameConstraintsExtension
CERT_EncodeNoticeReference
CERT_EncodeOCSPRequest
CERT_EncodePolicyConstraintsExtension
CERT_EncodePolicyMappingExtension
CERT_EncodeSubjectKeyID
CERT_EncodeUserNotice
CERT_ExtractPublicKey
CERT_FilterCertListByCANames
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindCRLEntryReasonExten
CERT_FindCRLNumberExten
CERT_FindCertByDERCert
CERT_FindCertByIssuerAndSN
CERT_FindCertByName
CERT_FindCertByNickname
CERT_FindCertByNicknameOrEmailAddr
CERT_FindCertByNicknameOrEmailAddrForUsage
CERT_FindCertBySubjectKeyID
CERT_FindCertExtension
CERT_FindCertIssuer
CERT_FindKeyUsageExtension
CERT_FindNameConstraintsExten
CERT_FindSMimeProfile
CERT_FindSubjectKeyIDExtension
CERT_FindUserCertByUsage
CERT_FindUserCertsByUsage
CERT_FinishCertificateRequestAttributes
CERT_FinishExtensions
CERT_ForcePostMethodForOCSP
CERT_FormatName
CERT_FreeDistNames
CERT_FreeNicknames
CERT_GenTime2FormattedAscii
CERT_GetAVATag
CERT_GetCertChainFromCert
CERT_GetCertEmailAddress
CERT_GetCertIssuerAndSN
CERT_GetCertNicknames
CERT_GetCertTimes
CERT_GetCertTrust
CERT_GetCertUid
CERT_GetCertificateNames
CERT_GetCertificateRequestExtensions
CERT_GetClassicOCSPDisabledPolicy
CERT_GetClassicOCSPEnabledHardFailurePolicy
CERT_GetClassicOCSPEnabledSoftFailurePolicy
CERT_GetCommonName
CERT_GetConstrainedCertificateNames
CERT_GetCountryName
CERT_GetDBContentVersion
CERT_GetDefaultCertDB
CERT_GetDomainComponentName
CERT_GetEncodedOCSPResponse
CERT_GetFirstEmailAddress
CERT_GetGeneralNameTypeFromString
CERT_GetLocalityName
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
CERT_GetOCSPAuthorityInfoAccessLocation
CERT_GetOCSPResponseStatus
CERT_GetOCSPStatusForCertID
CERT_GetOidString
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_GetPKIXVerifyNistRevocationPolicy
CERT_GetPrevGeneralName
CERT_GetPrevNameConstraint
CERT_GetSSLCACerts
CERT_GetSlopTime
CERT_GetStateName
CERT_GetSubjectNameDigest
CERT_GetSubjectPublicKeyDigest
CERT_GetUsePKIXForValidation
CERT_GetValidDNSPatternsFromCert
CERT_Hexify
CERT_ImportCAChain
CERT_ImportCAChainTrusted
CERT_ImportCRL
CERT_ImportCerts
CERT_IsCACert
CERT_IsCADERCert
CERT_IsRootDERCert
CERT_IsUserCert
CERT_KeyFromDERCrl
CERT_MakeCANickname
CERT_MergeExtensions
CERT_NameToAscii
CERT_NameToAsciiInvertible
CERT_NewCertList
CERT_NewTempCertificate
CERT_NicknameStringsFromCertList
CERT_OCSPCacheSettings
CERT_OpenCertDBFilename
CERT_PKIXVerifyCert
CERT_PostOCSPRequest
CERT_RFC1485_EscapeAndQuote
CERT_RegisterAlternateOCSPAIAInfoCallBack
CERT_RemoveCertListNode
CERT_SaveSMimeProfile
CERT_SetOCSPDefaultResponder
CERT_SetOCSPFailureMode
CERT_SetOCSPTimeout
CERT_SetSlopTime
CERT_SetUsePKIXForValidation
CERT_StartCRLEntryExtensions
CERT_StartCRLExtensions
CERT_StartCertExtensions
CERT_StartCertificateRequestAttributes
CERT_UncacheCRL
CERT_VerifyCACertForUsage
CERT_VerifyCert
CERT_VerifyCertName
CERT_VerifyCertNow
CERT_VerifyCertificate
CERT_VerifyCertificateNow
CERT_VerifyOCSPResponseSignature
CERT_VerifySignedData
CERT_VerifySignedDataWithPublicKey
CERT_VerifySignedDataWithPublicKeyInfo
DER_AsciiToTime
DER_DecodeTimeChoice
DER_Encode
DER_EncodeTimeChoice
DER_GeneralizedDayToAscii
DER_GeneralizedTimeToTime
DER_GetInteger
DER_Lengths
DER_TimeChoiceDayToAscii
DER_TimeToGeneralizedTime
DER_TimeToGeneralizedTimeArena
DER_TimeToUTCTime
DER_UTCDayToAscii
DER_UTCTimeToAscii
DER_UTCTimeToTime
DSAU_DecodeDerSig
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSig
DSAU_EncodeDerSigWithLen
HASH_Begin
HASH_Clone
HASH_Create
HASH_Destroy
HASH_End
HASH_GetHashObject
HASH_GetHashObjectByOidTag
HASH_GetHashTypeByOidTag
HASH_GetType
HASH_HashBuf
HASH_ResultLen
HASH_ResultLenByOidTag
HASH_ResultLenContext
HASH_Update
NSSBase64Decoder_Create
NSSBase64Decoder_Destroy
NSSBase64Decoder_Update
NSSBase64Encoder_Create
NSSBase64Encoder_Destroy
NSSBase64Encoder_Update
NSSBase64_DecodeBuffer
NSSBase64_EncodeItem
NSSRWLock_Destroy
NSSRWLock_HaveWriteLock
NSSRWLock_LockRead
NSSRWLock_LockWrite
NSSRWLock_New
NSSRWLock_UnlockRead
NSSRWLock_UnlockWrite
NSS_GetVersion
NSS_Get_CERT_CertificateRequestTemplate
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_CrlTemplate
NSS_Get_CERT_IssuerAndSNTemplate
NSS_Get_CERT_NameTemplate
NSS_Get_CERT_SequenceOfCertExtensionTemplate
NSS_Get_CERT_SetOfSignedCrlTemplate
NSS_Get_CERT_SignedCrlTemplate
NSS_Get_CERT_SignedDataTemplate
NSS_Get_CERT_SubjectPublicKeyInfoTemplate
NSS_Get_CERT_TimeChoiceTemplate
NSS_Get_SECKEY_DSAPublicKeyTemplate
NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate
NSS_Get_SECKEY_PrivateKeyInfoTemplate
NSS_Get_SECKEY_RSAPSSParamsTemplate
NSS_Get_SECKEY_RSAPublicKeyTemplate
NSS_Get_SECOID_AlgorithmIDTemplate
NSS_Get_SEC_AnyTemplate
NSS_Get_SEC_BMPStringTemplate
NSS_Get_SEC_BitStringTemplate
NSS_Get_SEC_BooleanTemplate
NSS_Get_SEC_GeneralizedTimeTemplate
NSS_Get_SEC_IA5StringTemplate
NSS_Get_SEC_IntegerTemplate
NSS_Get_SEC_NullTemplate
NSS_Get_SEC_ObjectIDTemplate
NSS_Get_SEC_OctetStringTemplate
NSS_Get_SEC_PointerToAnyTemplate
NSS_Get_SEC_PointerToOctetStringTemplate
NSS_Get_SEC_SetOfAnyTemplate
NSS_Get_SEC_SignedCertificateTemplate
NSS_Get_SEC_UTCTimeTemplate
NSS_Get_SEC_UTF8StringTemplate
NSS_Get_sgn_DigestInfoTemplate
NSS_Init
NSS_InitContext
NSS_InitReadWrite
NSS_InitWithMerge
NSS_Initialize
NSS_IsInitialized
NSS_NoDB_Init
NSS_PutEnv
NSS_RegisterShutdown
NSS_Shutdown
NSS_ShutdownContext
NSS_UnregisterShutdown
NSS_VersionCheck
PBE_CreateContext
PBE_DestroyContext
PBE_GenerateBits
PK11SDR_Decrypt
PK11SDR_Encrypt
PK11_AlgtagToMechanism
PK11_Authenticate
PK11_BlockData
PK11_ChangePW
PK11_CheckSSOPassword
PK11_CheckUserPassword
PK11_CipherOp
PK11_CloneContext
PK11_ConfigurePKCS11
PK11_ConvertSessionPrivKeyToTokenPrivKey
PK11_ConvertSessionSymKeyToTokenSymKey
PK11_CopySymKeyForSigning
PK11_CopyTokenPrivKeyToSessionPrivKey
PK11_CreateContextBySymKey
PK11_CreateDigestContext
PK11_CreateGenericObject
PK11_CreateMergeLog
PK11_CreatePBEAlgorithmID
PK11_CreatePBEParams
PK11_CreatePBEV2AlgorithmID
PK11_DEREncodePublicKey
PK11_Decrypt
PK11_DeleteTokenCertAndKey
PK11_DeleteTokenPrivateKey
PK11_DeleteTokenPublicKey
PK11_DeleteTokenSymKey
PK11_Derive
PK11_DeriveWithFlags
PK11_DeriveWithFlagsPerm
PK11_DeriveWithTemplate
PK11_DestroyContext
PK11_DestroyGenericObject
PK11_DestroyGenericObjects
PK11_DestroyMergeLog
PK11_DestroyObject
PK11_DestroyPBEParams
PK11_DestroyTokenObject
PK11_DigestBegin
PK11_DigestFinal
PK11_DigestKey
PK11_DigestOp
PK11_DoesMechanism
PK11_Encrypt
PK11_ExportDERPrivateKeyInfo
PK11_ExportEncryptedPrivKeyInfo
PK11_ExportEncryptedPrivateKeyInfo
PK11_ExportPrivKeyInfo
PK11_ExportPrivateKeyInfo
PK11_ExtractKeyValue
PK11_Finalize
PK11_FindBestKEAMatch
PK11_FindCertAndKeyByRecipientList
PK11_FindCertAndKeyByRecipientListNew
PK11_FindCertByIssuerAndSN
PK11_FindCertFromDERCert
PK11_FindCertFromDERCertItem
PK11_FindCertFromNickname
PK11_FindCertInSlot
PK11_FindCertsFromEmailAddress
PK11_FindCertsFromNickname
PK11_FindFixedKey
PK11_FindGenericObjects
PK11_FindKeyByAnyCert
PK11_FindKeyByDERCert
PK11_FindKeyByKeyID
PK11_FindPrivateKeyFromCert
PK11_FindSlotByName
PK11_FindSlotsByNames
PK11_FortezzaHasKEA
PK11_FortezzaMapSig
PK11_FreeSlot
PK11_FreeSlotList
PK11_FreeSlotListElement
PK11_FreeSymKey
PK11_GenerateFortezzaIV
PK11_GenerateKeyPair
PK11_GenerateKeyPairWithFlags
PK11_GenerateKeyPairWithOpFlags
PK11_GenerateNewParam
PK11_GenerateRandom
PK11_GenerateRandomOnSlot
PK11_GetAllSlotsForCert
PK11_GetAllTokens
PK11_GetBestKeyLength
PK11_GetBestSlot
PK11_GetBestSlotMultiple
PK11_GetBestSlotMultipleWithAttributes
PK11_GetBestSlotWithAttributes
PK11_GetBestWrapMechanism
PK11_GetBlockSize
PK11_GetCertFromPrivateKey
PK11_GetCurrentWrapIndex
PK11_GetDefaultArray
PK11_GetDefaultFlags
PK11_GetDisabledReason
PK11_GetFirstSafe
PK11_GetIVLength
PK11_GetInternalKeySlot
PK11_GetInternalSlot
PK11_GetKeyData
PK11_GetKeyGen
PK11_GetKeyLength
PK11_GetKeyStrength
PK11_GetKeyType
PK11_GetLowLevelKeyIDForCert
PK11_GetLowLevelKeyIDForPrivateKey
PK11_GetMechanism
PK11_GetMinimumPwdLength
PK11_GetModInfo
PK11_GetModule
PK11_GetModuleID
PK11_GetNextGenericObject
PK11_GetNextSafe
PK11_GetNextSymKey
PK11_GetPBECryptoMechanism
PK11_GetPBEIV
PK11_GetPQGParamsFromPrivateKey
PK11_GetPadMechanism
PK11_GetPrevGenericObject
PK11_GetPrivateKeyNickname
PK11_GetPrivateModulusLen
PK11_GetPublicKeyNickname
PK11_GetSlotFromKey
PK11_GetSlotFromPrivateKey
PK11_GetSlotID
PK11_GetSlotInfo
PK11_GetSlotName
PK11_GetSlotPWValues
PK11_GetSlotSeries
PK11_GetSymKeyHandle
PK11_GetSymKeyNickname
PK11_GetSymKeyType
PK11_GetSymKeyUserData
PK11_GetTokenInfo
PK11_GetTokenName
PK11_GetWindow
PK11_GetWrapKey
PK11_HasRootCerts
PK11_HashBuf
PK11_IVFromParam
PK11_ImportCRL
PK11_ImportCert
PK11_ImportCertForKey
PK11_ImportCertForKeyToSlot
PK11_ImportDERCert
PK11_ImportDERCertForKey
PK11_ImportDERPrivateKeyInfo
PK11_ImportDERPrivateKeyInfoAndReturnKey
PK11_ImportEncryptedPrivateKeyInfo
PK11_ImportEncryptedPrivateKeyInfoAndReturnKey
PK11_ImportPrivateKeyInfo
PK11_ImportPrivateKeyInfoAndReturnKey
PK11_ImportPublicKey
PK11_ImportSymKey
PK11_ImportSymKeyWithFlags
PK11_InitPin
PK11_IsDisabled
PK11_IsFIPS
PK11_IsFriendly
PK11_IsHW
PK11_IsInternal
PK11_IsInternalKeySlot
PK11_IsLoggedIn
PK11_IsPresent
PK11_IsReadOnly
PK11_IsRemovable
PK11_KeyForCertExists
PK11_KeyForDERCertExists
PK11_KeyGen
PK11_KeyGenWithTemplate
PK11_LinkGenericObject
PK11_ListCerts
PK11_ListCertsInSlot
PK11_ListFixedKeysInSlot
PK11_ListPrivKeysInSlot
PK11_ListPrivateKeysInSlot
PK11_ListPublicKeysInSlot
PK11_LoadPrivKey
PK11_Logout
PK11_LogoutAll

Sections

.text
Size: 717KB - Virtual size: 717KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/nssutil3.dll
.dll windows:6 windows x86 arch:x86

6ba16e7e12b3827a81a688ff0a5191a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

plc4

PL_strlen
PL_strcasecmp
PL_strpbrk
PL_strncasecmp

plds4

PL_FinishArenaPool
PL_FreeArenaPool
PL_InitArenaPool
PL_CompareValues
PL_ArenaAllocate
PL_HashTableLookup
PL_HashTableAdd
PL_HashTableDestroy
PL_NewHashTable
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_HashTableLookupConst

nspr4

PR_smprintf_free
PR_smprintf
PR_Access
PR_Rename
PR_Delete
PR_GetError
PR_FormatTime
PR_LocalTimeParameters
PR_GetEnv
PR_GetDirectorySeparator
PR_GetLibraryFilePathname
PR_LoadLibraryWithFlags
PR_GetCurrentThread
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_WaitCondVar
PR_DestroyCondVar
PR_NewCondVar
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_Free
PR_Realloc
PR_Calloc
PR_Malloc
PR_SetError
PR_CallOnce
PR_ErrorInstallTable
PR_GMTParameters
PR_ImplodeTime
PR_ExplodeTime

kernel32

GetTimeZoneInformation
HeapSize
OutputDebugStringW
HeapReAlloc
GetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
LoadLibraryExW
GetModuleFileNameW
SetEndOfFile
WriteConsoleW
SetFilePointerEx
ReadConsoleW
ReadFile
FlushFileBuffers
HeapAlloc
LCMapStringW
CompareStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetProcessHeap
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
SetStdHandle
AreFileApisANSI
GetModuleHandleExW
ExitProcess
CreateFileW
GetConsoleMode
SetEnvironmentVariableA
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
SetEnvironmentVariableW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetLastError
MultiByteToWideChar
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
CloseHandle
HeapFree
GetStdHandle
GetFileType
DeleteCriticalSection
RtlUnwind
WriteFile
GetConsoleCP

Exports

Exports

ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
CERT_GenTime2FormattedAscii_Util
DER_AsciiToTime_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedDayToAscii_Util
DER_GeneralizedTimeToTime_Util
DER_GetInteger_Util
DER_GetUInteger
DER_LengthLength
DER_Lengths_Util
DER_SetUInteger
DER_StoreHeader
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToUTCTime_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
NSSBase64Decoder_Create_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_Destroy_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_New_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgParseCipherFlags
NSSUTIL_ArgParseModuleSpec
NSSUTIL_ArgParseSlotFlags
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgReadLong
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSSUTIL_DoubleEscape
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_GetVersion
NSSUTIL_MkModuleSpec
NSSUTIL_MkNSSString
NSSUTIL_MkSlotString
NSSUTIL_Quote
NSSUTIL_QuoteSize
NSS_GetAlgorithmPolicy
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_BooleanTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PointerToOctetStringTemplate_Util
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_SetOfAnyTemplate_Util
NSS_Get_SEC_SkipTemplate
NSS_Get_SEC_T61StringTemplate
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_Get_sgn_DigestInfoTemplate_Util
NSS_InitializePRErrorTable
NSS_PutEnv_Util
NSS_SecureMemcmp
NSS_SetAlgorithmPolicy
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_ISO88591_UTF8Conversion
PORT_LoadLibraryFromOrigin
PORT_NewArena_Util
PORT_Realloc_Util
PORT_RegExpCaseSearch
PORT_RegExpSearch
PORT_RegExpValid
PORT_SetError_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_Strdup_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_UCS4_UTF8Conversion
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocArray
SECITEM_AllocItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupArray
SECITEM_DupItem_Util
SECITEM_FreeArray
SECITEM_FreeItem_Util
SECITEM_Hash
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_ReallocItem
SECITEM_ReallocItemV2
SECITEM_ZfreeArray
SECITEM_ZfreeItem_Util
SECOID_AddEntry_Util
SECOID_CompareAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDByTag_Util
SECOID_FindOIDTagDescription_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_KnownCertExtenOID
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeInteger_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1LengthLength_Util
SEC_QuickDERDecodeItem_Util
SEC_StringToOID
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CreateDigestInfo_Util
SGN_DecodeDigestInfo
SGN_DestroyDigestInfo_Util
UTIL_SetForkState
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_GetSecmodName
_SGN_VerifyPKCS1DigestInfo

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/plc4.dll
.dll windows:6 windows x86 arch:x86

4598533a0c3b6c5ddb9612a89de425ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nspr4

PR_SetError
PR_Calloc
PR_ErrorToName
PR_GetOSError
PR_GetError
PR_fprintf
PR_GetSpecialFD
PR_Free
PR_Malloc

kernel32

Sleep
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
GetProcessHeap
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
IsProcessorFeaturePresent
SetLastError
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
RtlUnwind
HeapReAlloc
HeapSize
LCMapStringW

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/plds4.dll
.dll windows:6 windows x86 arch:x86

4f9a53fbf939884bc7e65bde68799fc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nspr4

PR_CallOnce
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_CeilingLog2
PR_Free
PR_Malloc

kernel32

TlsAlloc
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetCommandLineA
GetCurrentThreadId
IsProcessorFeaturePresent
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
PL_SizeOfArenaPoolExcludingPool
libVersionPoint

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/softokn3.dll
.dll windows:6 windows x86 arch:x86

f62703f3be4a59d359a62952d431248f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sqlite3

sqlite3_file_control
sqlite3_reset
sqlite3_finalize
sqlite3_column_int
sqlite3_column_bytes
sqlite3_column_blob
sqlite3_step
sqlite3_bind_text
sqlite3_bind_int
sqlite3_bind_blob
sqlite3_prepare_v2
sqlite3_open
sqlite3_free
sqlite3_mprintf
sqlite3_busy_timeout
sqlite3_exec
sqlite3_close

nssutil3

SECOID_GetAlgorithmTag_Util
PORT_Alloc_Util
PORT_Free_Util
PORT_SetError_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
SECITEM_CopyItem_Util
PORT_ZAlloc_Util
SECITEM_CompareItem_Util
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgGetLabel
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_ArgFetchValue
_NSSUTIL_EvaluateConfigDir
PORT_Strdup_Util
SECOID_FindOIDByMechanism
SGN_DestroyDigestInfo_Util
SGN_CreateDigestInfo_Util
DER_Encode_Util
_SGN_VerifyPKCS1DigestInfo
NSS_Get_SEC_OctetStringTemplate_Util
SEC_QuickDERDecodeItem_Util
_NSSUTIL_GetSecmodName
NSSUTIL_DoModuleDBFunction
UTIL_SetForkState
SECOID_Shutdown
SECOID_Init
DER_SetUInteger
SECITEM_HashCompare
PORT_ArenaAlloc_Util
PORT_GetError_Util
PORT_ArenaGrow_Util
PORT_Realloc_Util
SECOID_DestroyAlgorithmID_Util
PORT_ZFree_Util
SECOID_CopyAlgorithmID_Util
SECOID_SetAlgorithmID_Util
DER_GetInteger_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1DecodeItem_Util
SECITEM_ZfreeItem_Util
SECITEM_FreeItem_Util
SECITEM_DupItem_Util
SECITEM_AllocItem_Util
PORT_FreeArena_Util

plc4

PL_strncasecmp
PL_strcasecmp

plds4

PL_NewHashTable
PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_HashTableLookupConst
PL_CompareValues
PL_HashTableEnumerateEntries

nspr4

PR_CallOnce
PR_SetError
PR_Free
PR_snprintf
PR_GetEnv
PR_LoadLibraryWithFlags
PR_UnloadLibrary
PR_FindFunctionSymbol
PR_GetLibraryFilePathname
PR_Lock
PR_Unlock
PR_GetDirectorySeparator
PR_SecondsToInterval
PR_NewLock
PR_DestroyLock
PR_Sleep
PR_smprintf_free
PR_IntervalNow
PR_MillisecondsToInterval
PR_GetCurrentThread
PR_Now
PR_Access
PR_NewMonitor
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_smprintf

kernel32

SetFileAttributesW
GetFileAttributesExW
CloseHandle
CreateFileW
FlushFileBuffers
HeapSize
WriteConsoleW
SetStdHandle
HeapReAlloc
OutputDebugStringW
LoadLibraryExW
RtlUnwind
SetEnvironmentVariableA
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
CompareStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
AreFileApisANSI
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapFree
GetLastError
IsProcessorFeaturePresent
IsDebuggerPresent
GetTempPathA

Exports

Exports

C_GetFunctionList
FC_GetFunctionList
NSC_GetFunctionList
NSC_ModuleDBFunc

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$R2/sqlite3.dll
.dll windows:6 windows x86 arch:x86

08e0c5c4d25d1d7e6ba2923f9444c9ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
AreFileApisANSI
GetSystemTime
LocalFree
GetTempPathA
GetCurrentProcessId
DeleteFileW
CloseHandle
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetProcAddress
GetLastError
GetTempPathW
FlushFileBuffers
MultiByteToWideChar
CreateFileW
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
Sleep
LoadLibraryW
WideCharToMultiByte
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
WaitForSingleObject
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
FreeLibrary
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetStdHandle
GetModuleFileNameW
GetTimeZoneInformation
GetFileType
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
CompareStringW
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
SetStdHandle
SetFilePointerEx
WriteConsoleW

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_data_count
sqlite3_db_handle
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_load_extension
sqlite3_malloc
sqlite3_mprintf
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_realloc
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_sleep
sqlite3_snprintf
sqlite3_step
sqlite3_thread_cleanup
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vmprintf
sqlite3_wal_checkpoint

Sections

.text
Size: 457KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/Chromium.dll
.dll windows:6 windows x86 arch:x86

f2358c15a68c5e7ba6256467178b2b1b

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

27/03/2015, 00:00

Not After

26/03/2016, 23:59

Subject

CN=\"SISTEMA LTD\",O=\"SISTEMA LTD\",L=Cherepovec,ST=Cherepovec,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

57:43:54:70:ae:59:5d:1e:dd:3a:c8:fa:80:61:f5:a1:85:92:c6:85
Signer

Actual PE Digest

57:43:54:70:ae:59:5d:1e:dd:3a:c8:fa:80:61:f5:a1:85:92:c6:85

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nss3

PK11_GetInternalSlot
PK11_FreeSymKey
PK11_ImportSymKey
PK11_DestroyContext
PK11_FreeSlot
NSS_NoDB_Init
PK11_DigestFinal
PK11_DigestOp
PK11_DigestBegin
PK11_CreateContextBySymKey

kernel32

UnhandledExceptionFilter
GetCPInfo
GetCommandLineA
ExitProcess
HeapReAlloc
GetSystemDirectoryW
GetWindowsDirectoryW
GetModuleFileNameW
LocalFree
GetCurrentDirectoryW
CreateFileW
GetFileAttributesW
GetVolumeInformationW
ReadFile
WriteFile
GetTempPathW
CloseHandle
GetLastError
SetLastError
GetCurrentProcess
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FlushFileBuffers
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
GetModuleHandleW
GetProcAddress
SetUnhandledExceptionFilter
GetCurrentProcessId
MultiByteToWideChar
WideCharToMultiByte
Sleep
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
IsDebuggerPresent
RaiseException
GetCurrentThreadId
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
QueryPerformanceFrequency
GetSystemTimeAsFileTime
GetVersionExW
GetNativeSystemInfo
GetComputerNameW
WriteConsoleW
GetModuleHandleExW
GetStdHandle
IsProcessorFeaturePresent
GetFileType
SetStdHandle
GetFullPathNameW
GetProcessHeap
HeapAlloc
HeapFree
RtlUnwind
GetStringTypeW
DecodePointer
EncodePointer
TerminateProcess
GetStartupInfoW
LCMapStringW
HeapSize
GetConsoleCP
GetConsoleMode
ReadConsoleW
OutputDebugStringW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDriveTypeW
QueryPerformanceCounter

advapi32

CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
LookupAccountNameW
ConvertSidToStringSidW

shell32

SHGetFolderPathW

winmm

timeGetTime

Exports

Exports

?GenerateDeviceIdLikePrefMetricsServiceDid@hash_calculation@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV23@@Z
?GetChromeHashSeed@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W10@Z
?GetDeviceId@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetDigestString@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@111@Z
?GetHashSeed@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W10I@Z
?GetYandexHashSeed@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W10@Z

Sections

.text
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/KompexSQLiteWrapper.dll
.dll windows:5 windows x86 arch:x86

b79ba4ab2edf6a6d884a8363550f0fa8

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

27/03/2015, 00:00

Not After

26/03/2016, 23:59

Subject

CN=\"SISTEMA LTD\",O=\"SISTEMA LTD\",L=Cherepovec,ST=Cherepovec,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

9f:1f:ca:d8:34:ae:48:10:59:d9:30:50:39:c9:6b:fa:a0:7d:8a:86
Signer

Actual PE Digest

9f:1f:ca:d8:34:ae:48:10:59:d9:30:50:39:c9:6b:fa:a0:7d:8a:86

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameW
GetFullPathNameA
HeapReAlloc
CreateFileA
GetFileSize
CreateMutexW
SetFilePointer
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
FreeLibrary
HeapAlloc
SystemTimeToFileTime
QueryPerformanceCounter
HeapFree
WaitForSingleObject
InterlockedCompareExchange
UnlockFile
LockFile
OutputDebugStringW
GetTickCount
UnlockFileEx
GetProcessHeap
GetSystemTimeAsFileTime
FormatMessageA
WriteFile
InitializeCriticalSection
WideCharToMultiByte
LoadLibraryW
Sleep
FormatMessageW
HeapDestroy
LeaveCriticalSection
GetFileAttributesA
HeapCreate
HeapValidate
GetFileAttributesW
ReadFile
CreateFileW
MultiByteToWideChar
FlushFileBuffers
GetTempPathW
GetLastError
GetProcAddress
HeapSize
LockFileEx
EnterCriticalSection
GetDiskFreeSpaceW
LoadLibraryA
CreateFileMappingA
CreateFileMappingW
GetDiskFreeSpaceA
GetSystemInfo
GetFileAttributesExW
DeleteCriticalSection
OutputDebugStringA
GetVersionExA
CloseHandle
DeleteFileW
GetCurrentProcessId
GetTempPathA
LocalFree
GetSystemTime
AreFileApisANSI
DeleteFileA
InterlockedIncrement
InterlockedDecrement
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
GetCurrentThreadId
GetCommandLineA
GetCPInfo
RaiseException
RtlUnwind
LCMapStringW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
ExitProcess
GetStdHandle
GetModuleFileNameW
GetTimeZoneInformation
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetLocaleInfoW
GetACP
GetOEMCP
IsValidCodePage
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetConsoleCP
GetConsoleMode
WriteConsoleW
SetStdHandle
CompareStringW
SetEnvironmentVariableA

Exports

Exports

??0SQLiteBlob@Kompex@@QAE@ABV01@@Z
??0SQLiteBlob@Kompex@@QAE@PAVSQLiteDatabase@1@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11_JW4BLOB_ACCESS_MODE@1@@Z
??0SQLiteBlob@Kompex@@QAE@XZ
??0SQLiteDatabase@Kompex@@QAE@ABV01@@Z
??0SQLiteDatabase@Kompex@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HPBD@Z
??0SQLiteDatabase@Kompex@@QAE@PBDH0@Z
??0SQLiteDatabase@Kompex@@QAE@PB_W@Z
??0SQLiteDatabase@Kompex@@QAE@XZ
??0SQLiteException@Kompex@@QAE@ABV01@@Z
??0SQLiteException@Kompex@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IPBD@Z
??0SQLiteException@Kompex@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@IV23@@Z
??0SQLiteStatement@Kompex@@QAE@ABV01@@Z
??0SQLiteStatement@Kompex@@QAE@PAVSQLiteDatabase@1@@Z
??1SQLiteBlob@Kompex@@UAE@XZ
??1SQLiteDatabase@Kompex@@UAE@XZ
??1SQLiteException@Kompex@@QAE@XZ
??1SQLiteStatement@Kompex@@UAE@XZ
??4SQLiteBlob@Kompex@@QAEAAV01@ABV01@@Z
??4SQLiteDatabase@Kompex@@QAEAAV01@ABV01@@Z
??4SQLiteException@Kompex@@QAEAAV01@ABV01@@Z
??4SQLiteStatement@Kompex@@QAEAAV01@ABV01@@Z
??_7SQLiteBlob@Kompex@@6B@
??_7SQLiteDatabase@Kompex@@6B@
??_7SQLiteStatement@Kompex@@6B@
?ActivateProfiling@SQLiteDatabase@Kompex@@QBEXXZ
?ActivateTracing@SQLiteDatabase@Kompex@@QBEXXZ
?AssignColumnNumberToColumnName@SQLiteStatement@Kompex@@ABEXXZ
?BeginTransaction@SQLiteStatement@Kompex@@QAEXXZ
?BindBlob@SQLiteStatement@Kompex@@QBEXHPBXH@Z
?BindBool@SQLiteStatement@Kompex@@QBEXH_N@Z
?BindDouble@SQLiteStatement@Kompex@@QBEXHN@Z
?BindInt64@SQLiteStatement@Kompex@@QBEXH_J@Z
?BindInt@SQLiteStatement@Kompex@@QBEXHH@Z
?BindNull@SQLiteStatement@Kompex@@QBEXH@Z
?BindString16@SQLiteStatement@Kompex@@QBEXHPB_W@Z
?BindString@SQLiteStatement@Kompex@@QBEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?BindZeroBlob@SQLiteStatement@Kompex@@QBEXHH@Z
?CheckColumnNumber@SQLiteStatement@Kompex@@IBEXHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?CheckDatabase@SQLiteStatement@Kompex@@IBEXXZ
?CheckStatement@SQLiteStatement@Kompex@@IBEXXZ
?CleanUpFailedMemoryDatabase@SQLiteDatabase@Kompex@@AAEXPAUsqlite3@@0_N1PAUsqlite3_stmt@@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?CleanUpTransaction@SQLiteStatement@Kompex@@IAEXXZ
?ClearBindings@SQLiteStatement@Kompex@@QBEXXZ
?Close@SQLiteDatabase@Kompex@@QAEXXZ
?CloseBlob@SQLiteBlob@Kompex@@QAEXXZ
?CommitTransaction@SQLiteStatement@Kompex@@QAEXXZ
?CreateModule@SQLiteDatabase@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBUsqlite3_module@@PAXP6AX2@Z@Z
?Execute@SQLiteStatement@Kompex@@QBEXXZ
?ExecuteAndFree@SQLiteStatement@Kompex@@QAEXXZ
?FetchRow@SQLiteStatement@Kompex@@QBE_NXZ
?FreeQuery@SQLiteStatement@Kompex@@QAEXXZ
?GetAssignedColumnNumber@SQLiteStatement@Kompex@@ABEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetAutoCommit@SQLiteDatabase@Kompex@@QBEHXZ
?GetBlobHandle@SQLiteBlob@Kompex@@IBEPAUsqlite3_blob@@XZ
?GetBlobSize@SQLiteBlob@Kompex@@QBEHXZ
?GetColumnBlob@SQLiteStatement@Kompex@@QBEPBXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnBlob@SQLiteStatement@Kompex@@QBEPBXH@Z
?GetColumnBool@SQLiteStatement@Kompex@@QBE_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnBool@SQLiteStatement@Kompex@@QBE_NH@Z
?GetColumnBytes16@SQLiteStatement@Kompex@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnBytes16@SQLiteStatement@Kompex@@QBEHH@Z
?GetColumnBytes@SQLiteStatement@Kompex@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnBytes@SQLiteStatement@Kompex@@QBEHH@Z
?GetColumnCString@SQLiteStatement@Kompex@@QBEPBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnCString@SQLiteStatement@Kompex@@QBEPBEH@Z
?GetColumnCount@SQLiteStatement@Kompex@@QBEHXZ
?GetColumnDatabaseName16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDatabaseName16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnDatabaseName@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDatabaseName@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnDeclaredDatatype16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDeclaredDatatype16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnDeclaredDatatype@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDeclaredDatatype@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnDouble@SQLiteStatement@Kompex@@QBENABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnDouble@SQLiteStatement@Kompex@@QBENH@Z
?GetColumnInt64@SQLiteStatement@Kompex@@QBE_JABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnInt64@SQLiteStatement@Kompex@@QBE_JH@Z
?GetColumnInt@SQLiteStatement@Kompex@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnInt@SQLiteStatement@Kompex@@QBEHH@Z
?GetColumnName16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnName16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnName@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnName@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnOriginName16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnOriginName16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnOriginName@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnOriginName@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnString16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnString16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnString@SQLiteStatement@Kompex@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@@Z
?GetColumnString@SQLiteStatement@Kompex@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?GetColumnTableName16@SQLiteStatement@Kompex@@QBEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnTableName16@SQLiteStatement@Kompex@@QBEPA_WH@Z
?GetColumnTableName@SQLiteStatement@Kompex@@QBEPBDABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnTableName@SQLiteStatement@Kompex@@QBEPBDH@Z
?GetColumnType@SQLiteStatement@Kompex@@QBEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?GetColumnType@SQLiteStatement@Kompex@@QBEHH@Z
?GetDataCount@SQLiteStatement@Kompex@@QBEHXZ
?GetDatabaseChanges@SQLiteDatabase@Kompex@@QBEHXZ
?GetDatabaseHandle@SQLiteDatabase@Kompex@@QBEPAUsqlite3@@XZ
?GetLastInsertRowId@SQLiteDatabase@Kompex@@QBE_JXZ
?GetLibVersionNumber@SQLiteDatabase@Kompex@@QBEHXZ
?GetMemoryHighwaterMark@SQLiteDatabase@Kompex@@QBE_J_N@Z
?GetMemoryUsage@SQLiteDatabase@Kompex@@QBE_JXZ
?GetNumberOfRows@SQLiteStatement@Kompex@@QAEIXZ
?GetSqlResultBlob@SQLiteStatement@Kompex@@QAEPBXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBX@Z
?GetSqlResultBlob@SQLiteStatement@Kompex@@QAEPBXPBDPBX@Z
?GetSqlResultBlob@SQLiteStatement@Kompex@@QAEPBXPB_WPBX@Z
?GetSqlResultCString@SQLiteStatement@Kompex@@QAEPBEABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBE@Z
?GetSqlResultCString@SQLiteStatement@Kompex@@QAEPBEPBDPBE@Z
?GetSqlResultCString@SQLiteStatement@Kompex@@QAEPBEPB_WPBE@Z
?GetSqlResultDouble@SQLiteStatement@Kompex@@QAENABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@N@Z
?GetSqlResultDouble@SQLiteStatement@Kompex@@QAENPBDN@Z
?GetSqlResultDouble@SQLiteStatement@Kompex@@QAENPB_WN@Z
?GetSqlResultInt64@SQLiteStatement@Kompex@@QAE_JABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@_J@Z
?GetSqlResultInt64@SQLiteStatement@Kompex@@QAE_JPBD_J@Z
?GetSqlResultInt64@SQLiteStatement@Kompex@@QAE_JPB_W_J@Z
?GetSqlResultInt@SQLiteStatement@Kompex@@QAEHABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@H@Z
?GetSqlResultInt@SQLiteStatement@Kompex@@QAEHPBDH@Z
?GetSqlResultInt@SQLiteStatement@Kompex@@QAEHPB_WH@Z
?GetSqlResultString16@SQLiteStatement@Kompex@@QAEPA_WABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PA_W@Z
?GetSqlResultString16@SQLiteStatement@Kompex@@QAEPA_WPBDPA_W@Z
?GetSqlResultString16@SQLiteStatement@Kompex@@QAEPA_WPB_WPA_W@Z
?GetSqlResultString@SQLiteStatement@Kompex@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV34@0@Z
?GetSqlResultString@SQLiteStatement@Kompex@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDABV34@@Z
?GetSqlResultString@SQLiteStatement@Kompex@@QAE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_WABV34@@Z
?GetStatementHandle@SQLiteStatement@Kompex@@IBEPAUsqlite3_stmt@@XZ
?GetString@SQLiteException@Kompex@@QBE?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@XZ
?GetTable@SQLiteStatement@Kompex@@QBEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@G@Z
?GetTableColumnMetadata@SQLiteStatement@Kompex@@QBEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@0@Z
?GetTotalDatabaseChanges@SQLiteDatabase@Kompex@@QBEHXZ
?InterruptDatabaseOperation@SQLiteDatabase@Kompex@@QBEXXZ
?IsDatabaseReadOnly@SQLiteDatabase@Kompex@@QAE_NXZ
?MoveDatabaseToMemory@SQLiteDatabase@Kompex@@QAEXW4UtfEncoding@12@@Z
?Mprintf@SQLiteStatement@Kompex@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDZZ
?Open@SQLiteDatabase@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HPBD@Z
?Open@SQLiteDatabase@Kompex@@QAEXPBDH0@Z
?Open@SQLiteDatabase@Kompex@@QAEXPB_W@Z
?OpenBlob@SQLiteBlob@Kompex@@QAEXPAVSQLiteDatabase@2@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@11_JW4BLOB_ACCESS_MODE@2@@Z
?Prepare@SQLiteStatement@Kompex@@IAEXPBD@Z
?Prepare@SQLiteStatement@Kompex@@IAEXPB_W@Z
?ProcessDDLRow@SQLiteDatabase@Kompex@@KAHPAXHPAPAD1@Z
?ProcessDMLRow@SQLiteDatabase@Kompex@@KAHPAXHPAPAD1@Z
?ProfileOutput@SQLiteDatabase@Kompex@@KAXPAXPBD_K@Z
?ReadBlob@SQLiteBlob@Kompex@@QAEXPAXHH@Z
?ReleaseMemory@SQLiteDatabase@Kompex@@QAEXXZ
?ReleaseMemory@SQLiteDatabase@Kompex@@QBEHH@Z
?Reset@SQLiteStatement@Kompex@@QBEXXZ
?RollbackTransaction@SQLiteStatement@Kompex@@QAEXXZ
?SaveDatabaseFromMemoryToFile@SQLiteDatabase@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SaveDatabaseFromMemoryToFile@SQLiteDatabase@Kompex@@QAEXPB_W@Z
?SecureTransaction@SQLiteStatement@Kompex@@QAEXPBD@Z
?SecureTransaction@SQLiteStatement@Kompex@@QAEXPB_W@Z
?SecureTransaction@SQLiteStatement@Kompex@@QAEXV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SetSoftHeapLimit@SQLiteDatabase@Kompex@@QBEXH@Z
?Show@SQLiteException@Kompex@@QBEXXZ
?Sql@SQLiteStatement@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Sql@SQLiteStatement@Kompex@@QAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?Sql@SQLiteStatement@Kompex@@QAEXPBD@Z
?Sql@SQLiteStatement@Kompex@@QAEXPB_W@Z
?SqlAggregateFuncResult@SQLiteStatement@Kompex@@QAEMABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SqlAggregateFuncResult@SQLiteStatement@Kompex@@QAEMPA_W@Z
?SqlAggregateFuncResult@SQLiteStatement@Kompex@@QAEMPBD@Z
?SqlResultBlob@SQLiteStatement@Kompex@@IAEPBXPBX@Z
?SqlResultCString@SQLiteStatement@Kompex@@IAEPBEPBE@Z
?SqlResultString16@SQLiteStatement@Kompex@@IAEPA_WPA_W@Z
?SqlStatement@SQLiteStatement@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?SqlStatement@SQLiteStatement@Kompex@@QAEXABV?$basic_string@_WU?$char_traits@_W@std@@V?$allocator@_W@2@@std@@@Z
?SqlStatement@SQLiteStatement@Kompex@@QAEXPBD@Z
?SqlStatement@SQLiteStatement@Kompex@@QAEXPB_W@Z
?Step@SQLiteStatement@Kompex@@IBE_NXZ
?TakeSnapshot@SQLiteDatabase@Kompex@@IAEXPAUsqlite3@@@Z
?TraceOutput@SQLiteDatabase@Kompex@@KAXPAXPBD@Z
?Transaction@SQLiteStatement@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Transaction@SQLiteStatement@Kompex@@QAEXPBD@Z
?Transaction@SQLiteStatement@Kompex@@QAEXPB_W@Z
?Vmprintf@SQLiteStatement@Kompex@@SA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PBDPAD@Z
?WriteBlob@SQLiteBlob@Kompex@@QAEXPBXHH@Z

Sections

.text
Size: 424KB - Virtual size: 424KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/TkArOdh.dll
.dll windows:5 windows x86 arch:x86

8c41216a4e0bacf1f6215cbdddaf88e4

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

27/03/2015, 00:00

Not After

26/03/2016, 23:59

Subject

CN=\"SISTEMA LTD\",O=\"SISTEMA LTD\",L=Cherepovec,ST=Cherepovec,C=RU

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

92:07:9d:2b:1e:75:a3:de:71:6f:96:32:fd:a2:f5:19:77:4d:02:3e
Signer

Actual PE Digest

92:07:9d:2b:1e:75:a3:de:71:6f:96:32:fd:a2:f5:19:77:4d:02:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

chromium

?GetDigestString@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV23@111@Z
?GetHashSeed@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@PB_W10I@Z
?GenerateDeviceIdLikePrefMetricsServiceDid@hash_calculation@@YAXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAV23@@Z
?GetDeviceId@hash_calculation@@YA_NAAV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z

kompexsqlitewrapper

?SaveDatabaseFromMemoryToFile@SQLiteDatabase@Kompex@@QAEXABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
?Close@SQLiteDatabase@Kompex@@QAEXXZ
??1SQLiteDatabase@Kompex@@UAE@XZ
??0SQLiteDatabase@Kompex@@QAE@PB_W@Z
??1SQLiteStatement@Kompex@@UAE@XZ
?GetSqlResultCString@SQLiteStatement@Kompex@@QAEPBEPBDPBE@Z
??0SQLiteStatement@Kompex@@QAE@PAVSQLiteDatabase@1@@Z

kernel32

WideCharToMultiByte
SizeofResource
MultiByteToWideChar
lstrlenW
GetLastError
LockResource
lstrlenA
FreeLibrary
WriteFile
LoadLibraryW
GetProcAddress
LoadResource
DeleteFileW
WaitForSingleObject
GetModuleHandleExA
GetCurrentProcess
Thread32First
Sleep
Thread32Next
GetModuleFileNameW
LocalAlloc
LocalFree
InterlockedDecrement
GetLocaleInfoA
GetUserDefaultLCID
GetSystemTimeAsFileTime
FindResourceW
FindResourceExW
EnumSystemLocalesA
IsValidLocale
CreateFileW
SetStdHandle
WriteConsoleW
CreateFileA
SetEndOfFile
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetLocaleInfoW
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
InterlockedIncrement
InterlockedCompareExchange
InterlockedExchange
GetStringTypeW
EncodePointer
DecodePointer
InitializeCriticalSection
MoveFileA
GetCPInfo
VirtualProtect
VirtualAlloc
GetModuleHandleW
GetSystemInfo
VirtualQuery
CreateDirectoryA
GetCurrentThreadId
GetCommandLineA
RtlUnwind
LCMapStringW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoW
IsProcessorFeaturePresent
HeapCreate
ExitProcess
ReadFile
SetFilePointer
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CloseHandle
GetACP
GetOEMCP

user32

SendMessageW
EnumThreadWindows

advapi32

RegOpenKeyExA
RegCloseKey
OpenProcessToken
GetTokenInformation
ConvertSidToStringSidW
GetLengthSid
DuplicateTokenEx
CreateProcessAsUserW
CopySid
RegQueryValueExA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

oleaut32

SysFreeString
SysAllocString
GetErrorInfo
VariantInit
SysAllocStringLen
VariantClear

shlwapi

PathIsDirectoryW
PathFileExistsW
PathIsDirectoryEmptyW

Sections

.text
Size: 389KB - Virtual size: 389KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/freebl3.dll
.dll windows:6 windows x86 arch:x86

68765e49af812cea06653c4ddee9320d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nssutil3

SECITEM_ZfreeItem_Util
SECITEM_CompareItem_Util
SECOID_FindOIDTag_Util
PORT_ArenaAlloc_Util
SECITEM_FreeItem_Util
SECITEM_CopyItem_Util
SECITEM_AllocItem_Util
PORT_FreeArena_Util
PORT_ArenaZAlloc_Util
PORT_NewArena_Util
NSS_SecureMemcmp
PORT_GetError_Util
PORT_ZFree_Util
PORT_ZAlloc_Util
PORT_SetError_Util
PORT_Free_Util
PORT_Alloc_Util

nspr4

PR_Free
PR_Seek
PR_Read
PR_Close
PR_Open
PR_GetLibraryFilePathname
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_WaitCondVar
PR_DestroyCondVar
PR_NewCondVar
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_CallOnce

advapi32

SystemFunction036

kernel32

CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
HeapSize
HeapReAlloc
LCMapStringW
CompareStringW
CreateFileW
GetStringTypeW
OutputDebugStringW
LoadLibraryExW
RtlUnwind
SetEnvironmentVariableA
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
InitializeCriticalSectionAndSpinCount
GetDiskFreeSpaceA
GetLogicalDrives
QueryPerformanceCounter
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
GlobalMemoryStatus
GetVolumeInformationA
GetComputerNameA
GetSystemTimeAsFileTime
GetLastError
HeapFree
HeapAlloc
IsProcessorFeaturePresent
GetCommandLineA
IsDebuggerPresent
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
SetLastError
GetProcessHeap
GetStdHandle
WriteFile
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetFileType
GetStartupInfoW
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter

Exports

Exports

FREEBL_GetVector

Sections

.text
Size: 284KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/nspr4.dll
.dll windows:6 windows x86 arch:x86

a6070e3824e66675bb029a2cf7952a4f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

OpenProcessToken
AddAccessAllowedAce
AllocateAndInitializeSid
CopySid
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

ws2_32

socket
shutdown
setsockopt
sendto
send
select
recvfrom
recv
listen
getsockname
getpeername
ioctlsocket
connect
closesocket
accept
__WSAFDIsSet
WSAStartup
WSACleanup
gethostname
WSAGetLastError
getsockopt
getprotobyname
getprotobynumber
gethostbyname
gethostbyaddr
ntohs
ntohl
htons
htonl
bind

winmm

timeGetTime

kernel32

SetEndOfFile
ReadConsoleW
CreateFileW
GetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
FileTimeToLocalFileTime
HeapSize
OutputDebugStringW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
GetStringTypeW
WriteConsoleW
SetFilePointerEx
SetStdHandle
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
GetModuleFileNameA
GetFileAttributesExW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
DebugBreak
OutputDebugStringA
EnterCriticalSection
WideCharToMultiByte
GetLastError
FreeLibrary
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
LoadLibraryExW
MultiByteToWideChar
GetSystemInfo
GlobalMemoryStatusEx
CloseHandle
CreatePipe
GetStdHandle
TlsGetValue
DeleteCriticalSection
TlsSetValue
GetEnvironmentStrings
FreeEnvironmentStringsA
FlushFileBuffers
WaitForSingleObject
TerminateProcess
GetExitCodeProcess
CreateProcessA
GetSystemTime
GetVersionExA
MapViewOfFile
FlushViewOfFile
UnmapViewOfFile
FormatMessageA
CreateFileMappingA
SystemTimeToFileTime
GetCurrentProcess
ReleaseSemaphore
CreateSemaphoreA
GetThreadContext
IsDebuggerPresent
DuplicateHandle
RaiseException
Sleep
GetCurrentThread
SetThreadPriority
SuspendThread
ResumeThread
TlsAlloc
TlsFree
CreateDirectoryA
CreateFileA
DeleteFileA
FindClose
FindFirstFileA
FindNextFileA
GetFileAttributesExA
GetFileInformationByHandle
LockFile
ReadFile
RemoveDirectoryA
SetFilePointer
UnlockFile
WriteFile
GetHandleInformation
SetHandleInformation
MoveFileA
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
OpenSemaphoreA
QueryPerformanceCounter
GetTickCount
OpenFileMappingA
IsProcessorFeaturePresent
HeapFree
HeapAlloc
HeapReAlloc
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
CreateThread
GetCurrentThreadId
ExitThread
GetSystemTimeAsFileTime
GetCommandLineA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetStartupInfoW
GetProcessHeap
GetConsoleCP
GetConsoleMode
RtlUnwind
GetFileType
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetTimeZoneInformation
FindFirstFileExW
SetEnvironmentVariableW

Exports

Exports

GetExecutionEnvironment
LL_MaxInt
LL_MaxUint
LL_MinInt
LL_Zero
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddToCounter
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AssertCurrentThreadInMonitor
PR_AssertCurrentThreadOwnsLock
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_BlockInterrupt
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CSetOnMonitorRecycle
PR_CWait
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_CancelJob
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateAlarm
PR_CreateCounter
PR_CreateFileMap
PR_CreateIOLayer
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateOrderedLock
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateThreadPool
PR_CreateTrace
PR_CreateWaitGroup
PR_DecrementCounter
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyCounter
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyOrderedLock
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyTrace
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindFunctionSymbolAndLibrary
PR_FindNextCounterQname
PR_FindNextCounterRname
PR_FindNextTraceQname
PR_FindNextTraceRname
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetConnectStatus
PR_GetCounter
PR_GetCounterHandleFromName
PR_GetCounterNameFromHandle
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMemMapAlignment
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPathSeparator
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetPipeMethods
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetRandomNoise
PR_GetSP
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSysfdTableMax
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadName
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetTraceEntries
PR_GetTraceHandleFromName
PR_GetTraceNameFromHandle
PR_GetTraceOption
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_GetVersion
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportPipe
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_IncrementCounter
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinJob
PR_JoinThread
PR_JoinThreadPool
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LockOrderedLock
PR_LogFlush
PR_LogPrint
PR_MakeDir
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenFile
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_ParseTimeStringToExplodedTime
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_QueueJob
PR_QueueJob_Accept
PR_QueueJob_Connect
PR_QueueJob_Read
PR_QueueJob_Timer
PR_QueueJob_Write
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_RecordTraceEntries
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetCounter
PR_SetCurrentThreadName
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetSysfdTableSize
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_SetTraceOption
PR_ShowStatus
PR_Shutdown
PR_ShutdownThreadPool
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SubtractFromCounter
PR_SuspendAll
PR_Sync
PR_SyncMemMap
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_Trace
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnblockInterrupt
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_UnlockOrderedLock
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
PT_FPrintStats
SetExecutionEnvironment
_PR_AddSleepQ
_PR_CreateThread
_PR_DelSleepQ
_PR_GetPrimordialCPU
_PR_MD_FREE_CV
_PR_MD_INIT_LOCKS
_PR_MD_NEW_CV
_PR_MD_NEW_LOCK
_PR_MD_NOTIFYALL_CV
_PR_MD_NOTIFY_CV
_PR_MD_UNLOCK
_PR_MD_WAIT_CV
_PR_NativeCreateThread
_pr_push_ipv6toipv4_layer
_pr_test_ipv6_socket
libVersionPoint

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/nss3.dll
.dll windows:6 windows x86 arch:x86

9e2f8a8cfc34da6dfd8f2fda9de568a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nssutil3

DER_GetUInteger
PORT_UCS4_UTF8Conversion
PORT_ISO88591_UTF8Conversion
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
SEC_ASN1EncoderSetNotifyProc_Util
NSS_Get_SEC_T61StringTemplate
DER_StoreHeader
DER_LengthLength
NSS_Get_SEC_SetOfAnyTemplate_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1EncoderStart_Util
SEC_QuickDERDecodeItem_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderClearNotifyProc_Util
SECOID_KnownCertExtenOID
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1DecoderStart_Util
DER_EncodeTimeChoice_Util
DER_DecodeTimeChoice_Util
CERT_GenTime2FormattedAscii_Util
DER_GeneralizedTimeToTime_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeChoiceDayToAscii_Util
DER_GeneralizedDayToAscii_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
DER_AsciiToTime_Util
NSS_Get_SEC_IA5StringTemplate_Util
PORT_RegExpCaseSearch
PORT_RegExpValid
SECITEM_HashCompare
SECITEM_Hash
NSS_Get_SEC_SkipTemplate
SEC_ASN1EncoderClearNotifyProc_Util
SEC_StringToOID
NSSUTIL_MkNSSString
NSSUTIL_ArgParseCipherFlags
NSSUTIL_MkModuleSpec
NSSUTIL_ArgParseModuleSpec
NSSUTIL_MkSlotString
NSSUTIL_ArgParseSlotInfo
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_ArgReadLong
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgGetLabel
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgStrip
NSSUTIL_ArgFetchValue
SECOID_FindOIDByMechanism
PORT_LoadLibraryFromOrigin
NSS_Get_SEC_ObjectIDTemplate_Util
SGN_DecodeDigestInfo
_SGN_VerifyPKCS1DigestInfo
NSS_Get_SEC_BitStringTemplate_Util
NSS_GetAlgorithmPolicy
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_GeneralizedTimeTemplate_Util
DER_SetUInteger
NSS_Get_SEC_AnyTemplate_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_UnlockWrite_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_LockRead_Util
NSSRWLock_Destroy_Util
NSSRWLock_New_Util
NSSBase64_EncodeItem_Util
NSSBase64_DecodeBuffer_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Decoder_Create_Util
BTOA_ConvertItemToAscii_Util
ATOB_ConvertAsciiToItem_Util
ATOB_AsciiToData_Util
BTOA_DataToAscii_Util
SEC_ASN1LengthLength_Util
SEC_ASN1DecodeInteger_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderSetStreaming_Util
PORT_Alloc_Util
DER_TimeToUTCTime_Util
DER_GetInteger_Util
DER_Lengths_Util
DER_Encode_Util
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_DestroyDigestInfo_Util
SGN_CreateDigestInfo_Util
SECOID_AddEntry_Util
SECOID_FindOIDTagDescription_Util
SECOID_CompareAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_GetAlgorithmTag_Util
SECOID_CopyAlgorithmID_Util
SECOID_SetAlgorithmID_Util
SECOID_FindOIDByTag_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECITEM_ZfreeItem_Util
SECITEM_FreeItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_DupItem_Util
SECITEM_CopyItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_CompareItem_Util
SECITEM_AllocItem_Util
NSS_PutEnv_Util
PORT_UCS2_UTF8Conversion_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_UCS2_ASCIIConversion_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaRelease_Util
PORT_ArenaMark_Util
PORT_ArenaGrow_Util
PORT_FreeArena_Util
PORT_ArenaZAlloc_Util
PORT_ArenaAlloc_Util
PORT_NewArena_Util
PORT_GetError_Util
PORT_ZFree_Util
NSSUTIL_DoubleEscape
NSS_InitializePRErrorTable
SECOID_Shutdown
SECOID_Init
PORT_SetError_Util
PORT_Strdup_Util
PORT_Free_Util
PORT_ZAlloc_Util
PORT_Realloc_Util
NSS_Get_SEC_PrintableStringTemplate

plc4

PL_strcasecmp
PL_strncasecmp
PL_Base64Encode
PL_strncpyz
PL_strcatn
PL_strlen
PL_strcat
PL_strstr
PL_strnstr
PL_strdup
PL_strfree

plds4

PL_NewHashTable
PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_CompareValues
PL_HashTableEnumerateEntries
PL_InitArenaPool
PL_FinishArenaPool
PL_ArenaAllocate
PL_ArenaRelease
PL_HashString
PL_CompareStrings

nspr4

PR_Unlock
PR_htons
PR_ErrorToString
PR_Send
PR_Shutdown
PR_Listen
PR_Bind
PR_Accept
PR_ConnectContinue
PR_FindFunctionSymbol
PR_DestroyRWLock
PR_Realloc
PR_Malloc
PR_GetThreadPrivate
PR_SetThreadPrivate
PR_NewThreadPrivateIndex
PR_Free
PR_Calloc
PR_sprintf_append
PR_GetError
PR_htonl
PR_ConvertIPv4AddrToIPv6
PR_NetAddrToString
PR_SetErrorText
PR_Sleep
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_LogPrint
PR_NewLogModule
PR_FindSymbol
PR_UnloadLibrary
PR_LoadLibrary
PR_CallOnceWithArg
PR_IntervalNow
PR_GetEnv
PR_Poll
PR_ExitMonitor
PR_EnterMonitor
PR_DestroyMonitor
PR_NewMonitor
PR_InitializeNetAddr
PR_EnumerateHostEnt
PR_GetHostByName
PR_StringToNetAddr
PR_snprintf
PR_Recv
PR_Connect
PR_NewTCPSocket
PR_Write
PR_Close
PR_SecondsToInterval
PR_TicksPerSecond
PR_Now
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_WaitCondVar
PR_NewCondVar
PR_Lock
PR_DestroyLock
PR_NewLock
PR_smprintf_free
PR_smprintf
PR_CallOnce

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetProcessHeap
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetStartupInfoW
GetFileType
GetStdHandle
RtlUnwind
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
CloseHandle
HeapFree
AreFileApisANSI
GetProcAddress
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
DeleteCriticalSection
DecodePointer
EncodePointer
MultiByteToWideChar
SetLastError
GetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThreadId
GetCommandLineA
IsProcessorFeaturePresent
IsDebuggerPresent
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetStringTypeW
CompareStringW
LCMapStringW
GetModuleFileNameW
SetEnvironmentVariableA
HeapAlloc
LoadLibraryExW
GetFileAttributesExW
HeapReAlloc
SetStdHandle
SetFilePointerEx
WriteConsoleW
OutputDebugStringW
HeapSize
CreateFileW
SetEndOfFile
ReadFile
ReadConsoleW
GetEnvironmentStringsW

Exports

Exports

ATOB_AsciiToData
ATOB_ConvertAsciiToItem
BTOA_ConvertItemToAscii
BTOA_DataToAscii
CERT_AddCertToListHead
CERT_AddCertToListSorted
CERT_AddCertToListTail
CERT_AddExtension
CERT_AddExtensionByOID
CERT_AddOCSPAcceptableResponses
CERT_AddOKDomainName
CERT_AddRDN
CERT_AllocCERTRevocationFlags
CERT_AsciiToName
CERT_CRLCacheRefreshIssuer
CERT_CacheCRL
CERT_CacheOCSPResponseFromSideChannel
CERT_CertChainFromCert
CERT_CertListFromCert
CERT_CertTimesValid
CERT_ChangeCertTrust
CERT_CheckCertUsage
CERT_CheckCertValidTimes
CERT_CheckNameSpace
CERT_CheckOCSPStatus
CERT_ClearOCSPCache
CERT_CompareCerts
CERT_CompareName
CERT_CompareValidityTimes
CERT_CompleteCRLDecodeEntries
CERT_CopyName
CERT_CopyRDN
CERT_CreateAVA
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateEncodedOCSPErrorResponse
CERT_CreateEncodedOCSPSuccessResponse
CERT_CreateName
CERT_CreateOCSPCertID
CERT_CreateOCSPRequest
CERT_CreateOCSPSingleResponseGood
CERT_CreateOCSPSingleResponseRevoked
CERT_CreateOCSPSingleResponseUnknown
CERT_CreateRDN
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_DecodeAVAValue
CERT_DecodeAltNameExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeAuthKeyID
CERT_DecodeBasicConstraintValue
CERT_DecodeCRLDistributionPoints
CERT_DecodeCertificatePoliciesExtension
CERT_DecodeDERCrl
CERT_DecodeDERCrlWithFlags
CERT_DecodeGeneralName
CERT_DecodeNameConstraintsExtension
CERT_DecodeOCSPRequest
CERT_DecodeOCSPResponse
CERT_DecodeOidSequence
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DecodeTrustString
CERT_DecodeUserNotice
CERT_DerNameToAscii
CERT_DestroyCERTRevocationFlags
CERT_DestroyCertArray
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificatePoliciesExtension
CERT_DestroyCertificateRequest
CERT_DestroyName
CERT_DestroyOCSPCertID
CERT_DestroyOCSPRequest
CERT_DestroyOCSPResponse
CERT_DestroyOidSequence
CERT_DestroyUserNotice
CERT_DestroyValidity
CERT_DisableOCSPChecking
CERT_DisableOCSPDefaultResponder
CERT_DistNamesFromCertList
CERT_DupCertList
CERT_DupCertificate
CERT_DupDistNames
CERT_EnableOCSPChecking
CERT_EnableOCSPDefaultResponder
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeCRLDistributionPoints
CERT_EncodeCertPoliciesExtension
CERT_EncodeGeneralName
CERT_EncodeInfoAccessExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodeNameConstraintsExtension
CERT_EncodeNoticeReference
CERT_EncodeOCSPRequest
CERT_EncodePolicyConstraintsExtension
CERT_EncodePolicyMappingExtension
CERT_EncodeSubjectKeyID
CERT_EncodeUserNotice
CERT_ExtractPublicKey
CERT_FilterCertListByCANames
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindCRLEntryReasonExten
CERT_FindCRLNumberExten
CERT_FindCertByDERCert
CERT_FindCertByIssuerAndSN
CERT_FindCertByName
CERT_FindCertByNickname
CERT_FindCertByNicknameOrEmailAddr
CERT_FindCertByNicknameOrEmailAddrForUsage
CERT_FindCertBySubjectKeyID
CERT_FindCertExtension
CERT_FindCertIssuer
CERT_FindKeyUsageExtension
CERT_FindNameConstraintsExten
CERT_FindSMimeProfile
CERT_FindSubjectKeyIDExtension
CERT_FindUserCertByUsage
CERT_FindUserCertsByUsage
CERT_FinishCertificateRequestAttributes
CERT_FinishExtensions
CERT_ForcePostMethodForOCSP
CERT_FormatName
CERT_FreeDistNames
CERT_FreeNicknames
CERT_GenTime2FormattedAscii
CERT_GetAVATag
CERT_GetCertChainFromCert
CERT_GetCertEmailAddress
CERT_GetCertIssuerAndSN
CERT_GetCertNicknames
CERT_GetCertTimes
CERT_GetCertTrust
CERT_GetCertUid
CERT_GetCertificateNames
CERT_GetCertificateRequestExtensions
CERT_GetClassicOCSPDisabledPolicy
CERT_GetClassicOCSPEnabledHardFailurePolicy
CERT_GetClassicOCSPEnabledSoftFailurePolicy
CERT_GetCommonName
CERT_GetConstrainedCertificateNames
CERT_GetCountryName
CERT_GetDBContentVersion
CERT_GetDefaultCertDB
CERT_GetDomainComponentName
CERT_GetEncodedOCSPResponse
CERT_GetFirstEmailAddress
CERT_GetGeneralNameTypeFromString
CERT_GetLocalityName
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
CERT_GetOCSPAuthorityInfoAccessLocation
CERT_GetOCSPResponseStatus
CERT_GetOCSPStatusForCertID
CERT_GetOidString
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_GetPKIXVerifyNistRevocationPolicy
CERT_GetPrevGeneralName
CERT_GetPrevNameConstraint
CERT_GetSSLCACerts
CERT_GetSlopTime
CERT_GetStateName
CERT_GetSubjectNameDigest
CERT_GetSubjectPublicKeyDigest
CERT_GetUsePKIXForValidation
CERT_GetValidDNSPatternsFromCert
CERT_Hexify
CERT_ImportCAChain
CERT_ImportCAChainTrusted
CERT_ImportCRL
CERT_ImportCerts
CERT_IsCACert
CERT_IsCADERCert
CERT_IsRootDERCert
CERT_IsUserCert
CERT_KeyFromDERCrl
CERT_MakeCANickname
CERT_MergeExtensions
CERT_NameToAscii
CERT_NameToAsciiInvertible
CERT_NewCertList
CERT_NewTempCertificate
CERT_NicknameStringsFromCertList
CERT_OCSPCacheSettings
CERT_OpenCertDBFilename
CERT_PKIXVerifyCert
CERT_PostOCSPRequest
CERT_RFC1485_EscapeAndQuote
CERT_RegisterAlternateOCSPAIAInfoCallBack
CERT_RemoveCertListNode
CERT_SaveSMimeProfile
CERT_SetOCSPDefaultResponder
CERT_SetOCSPFailureMode
CERT_SetOCSPTimeout
CERT_SetSlopTime
CERT_SetUsePKIXForValidation
CERT_StartCRLEntryExtensions
CERT_StartCRLExtensions
CERT_StartCertExtensions
CERT_StartCertificateRequestAttributes
CERT_UncacheCRL
CERT_VerifyCACertForUsage
CERT_VerifyCert
CERT_VerifyCertName
CERT_VerifyCertNow
CERT_VerifyCertificate
CERT_VerifyCertificateNow
CERT_VerifyOCSPResponseSignature
CERT_VerifySignedData
CERT_VerifySignedDataWithPublicKey
CERT_VerifySignedDataWithPublicKeyInfo
DER_AsciiToTime
DER_DecodeTimeChoice
DER_Encode
DER_EncodeTimeChoice
DER_GeneralizedDayToAscii
DER_GeneralizedTimeToTime
DER_GetInteger
DER_Lengths
DER_TimeChoiceDayToAscii
DER_TimeToGeneralizedTime
DER_TimeToGeneralizedTimeArena
DER_TimeToUTCTime
DER_UTCDayToAscii
DER_UTCTimeToAscii
DER_UTCTimeToTime
DSAU_DecodeDerSig
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSig
DSAU_EncodeDerSigWithLen
HASH_Begin
HASH_Clone
HASH_Create
HASH_Destroy
HASH_End
HASH_GetHashObject
HASH_GetHashObjectByOidTag
HASH_GetHashTypeByOidTag
HASH_GetType
HASH_HashBuf
HASH_ResultLen
HASH_ResultLenByOidTag
HASH_ResultLenContext
HASH_Update
NSSBase64Decoder_Create
NSSBase64Decoder_Destroy
NSSBase64Decoder_Update
NSSBase64Encoder_Create
NSSBase64Encoder_Destroy
NSSBase64Encoder_Update
NSSBase64_DecodeBuffer
NSSBase64_EncodeItem
NSSRWLock_Destroy
NSSRWLock_HaveWriteLock
NSSRWLock_LockRead
NSSRWLock_LockWrite
NSSRWLock_New
NSSRWLock_UnlockRead
NSSRWLock_UnlockWrite
NSS_GetVersion
NSS_Get_CERT_CertificateRequestTemplate
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_CrlTemplate
NSS_Get_CERT_IssuerAndSNTemplate
NSS_Get_CERT_NameTemplate
NSS_Get_CERT_SequenceOfCertExtensionTemplate
NSS_Get_CERT_SetOfSignedCrlTemplate
NSS_Get_CERT_SignedCrlTemplate
NSS_Get_CERT_SignedDataTemplate
NSS_Get_CERT_SubjectPublicKeyInfoTemplate
NSS_Get_CERT_TimeChoiceTemplate
NSS_Get_SECKEY_DSAPublicKeyTemplate
NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate
NSS_Get_SECKEY_PrivateKeyInfoTemplate
NSS_Get_SECKEY_RSAPSSParamsTemplate
NSS_Get_SECKEY_RSAPublicKeyTemplate
NSS_Get_SECOID_AlgorithmIDTemplate
NSS_Get_SEC_AnyTemplate
NSS_Get_SEC_BMPStringTemplate
NSS_Get_SEC_BitStringTemplate
NSS_Get_SEC_BooleanTemplate
NSS_Get_SEC_GeneralizedTimeTemplate
NSS_Get_SEC_IA5StringTemplate
NSS_Get_SEC_IntegerTemplate
NSS_Get_SEC_NullTemplate
NSS_Get_SEC_ObjectIDTemplate
NSS_Get_SEC_OctetStringTemplate
NSS_Get_SEC_PointerToAnyTemplate
NSS_Get_SEC_PointerToOctetStringTemplate
NSS_Get_SEC_SetOfAnyTemplate
NSS_Get_SEC_SignedCertificateTemplate
NSS_Get_SEC_UTCTimeTemplate
NSS_Get_SEC_UTF8StringTemplate
NSS_Get_sgn_DigestInfoTemplate
NSS_Init
NSS_InitContext
NSS_InitReadWrite
NSS_InitWithMerge
NSS_Initialize
NSS_IsInitialized
NSS_NoDB_Init
NSS_PutEnv
NSS_RegisterShutdown
NSS_Shutdown
NSS_ShutdownContext
NSS_UnregisterShutdown
NSS_VersionCheck
PBE_CreateContext
PBE_DestroyContext
PBE_GenerateBits
PK11SDR_Decrypt
PK11SDR_Encrypt
PK11_AlgtagToMechanism
PK11_Authenticate
PK11_BlockData
PK11_ChangePW
PK11_CheckSSOPassword
PK11_CheckUserPassword
PK11_CipherOp
PK11_CloneContext
PK11_ConfigurePKCS11
PK11_ConvertSessionPrivKeyToTokenPrivKey
PK11_ConvertSessionSymKeyToTokenSymKey
PK11_CopySymKeyForSigning
PK11_CopyTokenPrivKeyToSessionPrivKey
PK11_CreateContextBySymKey
PK11_CreateDigestContext
PK11_CreateGenericObject
PK11_CreateMergeLog
PK11_CreatePBEAlgorithmID
PK11_CreatePBEParams
PK11_CreatePBEV2AlgorithmID
PK11_DEREncodePublicKey
PK11_Decrypt
PK11_DeleteTokenCertAndKey
PK11_DeleteTokenPrivateKey
PK11_DeleteTokenPublicKey
PK11_DeleteTokenSymKey
PK11_Derive
PK11_DeriveWithFlags
PK11_DeriveWithFlagsPerm
PK11_DeriveWithTemplate
PK11_DestroyContext
PK11_DestroyGenericObject
PK11_DestroyGenericObjects
PK11_DestroyMergeLog
PK11_DestroyObject
PK11_DestroyPBEParams
PK11_DestroyTokenObject
PK11_DigestBegin
PK11_DigestFinal
PK11_DigestKey
PK11_DigestOp
PK11_DoesMechanism
PK11_Encrypt
PK11_ExportDERPrivateKeyInfo
PK11_ExportEncryptedPrivKeyInfo
PK11_ExportEncryptedPrivateKeyInfo
PK11_ExportPrivKeyInfo
PK11_ExportPrivateKeyInfo
PK11_ExtractKeyValue
PK11_Finalize
PK11_FindBestKEAMatch
PK11_FindCertAndKeyByRecipientList
PK11_FindCertAndKeyByRecipientListNew
PK11_FindCertByIssuerAndSN
PK11_FindCertFromDERCert
PK11_FindCertFromDERCertItem
PK11_FindCertFromNickname
PK11_FindCertInSlot
PK11_FindCertsFromEmailAddress
PK11_FindCertsFromNickname
PK11_FindFixedKey
PK11_FindGenericObjects
PK11_FindKeyByAnyCert
PK11_FindKeyByDERCert
PK11_FindKeyByKeyID
PK11_FindPrivateKeyFromCert
PK11_FindSlotByName
PK11_FindSlotsByNames
PK11_FortezzaHasKEA
PK11_FortezzaMapSig
PK11_FreeSlot
PK11_FreeSlotList
PK11_FreeSlotListElement
PK11_FreeSymKey
PK11_GenerateFortezzaIV
PK11_GenerateKeyPair
PK11_GenerateKeyPairWithFlags
PK11_GenerateKeyPairWithOpFlags
PK11_GenerateNewParam
PK11_GenerateRandom
PK11_GenerateRandomOnSlot
PK11_GetAllSlotsForCert
PK11_GetAllTokens
PK11_GetBestKeyLength
PK11_GetBestSlot
PK11_GetBestSlotMultiple
PK11_GetBestSlotMultipleWithAttributes
PK11_GetBestSlotWithAttributes
PK11_GetBestWrapMechanism
PK11_GetBlockSize
PK11_GetCertFromPrivateKey
PK11_GetCurrentWrapIndex
PK11_GetDefaultArray
PK11_GetDefaultFlags
PK11_GetDisabledReason
PK11_GetFirstSafe
PK11_GetIVLength
PK11_GetInternalKeySlot
PK11_GetInternalSlot
PK11_GetKeyData
PK11_GetKeyGen
PK11_GetKeyLength
PK11_GetKeyStrength
PK11_GetKeyType
PK11_GetLowLevelKeyIDForCert
PK11_GetLowLevelKeyIDForPrivateKey
PK11_GetMechanism
PK11_GetMinimumPwdLength
PK11_GetModInfo
PK11_GetModule
PK11_GetModuleID
PK11_GetNextGenericObject
PK11_GetNextSafe
PK11_GetNextSymKey
PK11_GetPBECryptoMechanism
PK11_GetPBEIV
PK11_GetPQGParamsFromPrivateKey
PK11_GetPadMechanism
PK11_GetPrevGenericObject
PK11_GetPrivateKeyNickname
PK11_GetPrivateModulusLen
PK11_GetPublicKeyNickname
PK11_GetSlotFromKey
PK11_GetSlotFromPrivateKey
PK11_GetSlotID
PK11_GetSlotInfo
PK11_GetSlotName
PK11_GetSlotPWValues
PK11_GetSlotSeries
PK11_GetSymKeyHandle
PK11_GetSymKeyNickname
PK11_GetSymKeyType
PK11_GetSymKeyUserData
PK11_GetTokenInfo
PK11_GetTokenName
PK11_GetWindow
PK11_GetWrapKey
PK11_HasRootCerts
PK11_HashBuf
PK11_IVFromParam
PK11_ImportCRL
PK11_ImportCert
PK11_ImportCertForKey
PK11_ImportCertForKeyToSlot
PK11_ImportDERCert
PK11_ImportDERCertForKey
PK11_ImportDERPrivateKeyInfo
PK11_ImportDERPrivateKeyInfoAndReturnKey
PK11_ImportEncryptedPrivateKeyInfo
PK11_ImportEncryptedPrivateKeyInfoAndReturnKey
PK11_ImportPrivateKeyInfo
PK11_ImportPrivateKeyInfoAndReturnKey
PK11_ImportPublicKey
PK11_ImportSymKey
PK11_ImportSymKeyWithFlags
PK11_InitPin
PK11_IsDisabled
PK11_IsFIPS
PK11_IsFriendly
PK11_IsHW
PK11_IsInternal
PK11_IsInternalKeySlot
PK11_IsLoggedIn
PK11_IsPresent
PK11_IsReadOnly
PK11_IsRemovable
PK11_KeyForCertExists
PK11_KeyForDERCertExists
PK11_KeyGen
PK11_KeyGenWithTemplate
PK11_LinkGenericObject
PK11_ListCerts
PK11_ListCertsInSlot
PK11_ListFixedKeysInSlot
PK11_ListPrivKeysInSlot
PK11_ListPrivateKeysInSlot
PK11_ListPublicKeysInSlot
PK11_LoadPrivKey
PK11_Logout
PK11_LogoutAll

Sections

.text
Size: 717KB - Virtual size: 717KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/nssutil3.dll
.dll windows:6 windows x86 arch:x86

6ba16e7e12b3827a81a688ff0a5191a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

plc4

PL_strlen
PL_strcasecmp
PL_strpbrk
PL_strncasecmp

plds4

PL_FinishArenaPool
PL_FreeArenaPool
PL_InitArenaPool
PL_CompareValues
PL_ArenaAllocate
PL_HashTableLookup
PL_HashTableAdd
PL_HashTableDestroy
PL_NewHashTable
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_HashTableLookupConst

nspr4

PR_smprintf_free
PR_smprintf
PR_Access
PR_Rename
PR_Delete
PR_GetError
PR_FormatTime
PR_LocalTimeParameters
PR_GetEnv
PR_GetDirectorySeparator
PR_GetLibraryFilePathname
PR_LoadLibraryWithFlags
PR_GetCurrentThread
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_WaitCondVar
PR_DestroyCondVar
PR_NewCondVar
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_Free
PR_Realloc
PR_Calloc
PR_Malloc
PR_SetError
PR_CallOnce
PR_ErrorInstallTable
PR_GMTParameters
PR_ImplodeTime
PR_ExplodeTime

kernel32

GetTimeZoneInformation
HeapSize
OutputDebugStringW
HeapReAlloc
GetCurrentDirectoryW
GetFullPathNameW
PeekNamedPipe
GetFileInformationByHandle
FileTimeToLocalFileTime
LoadLibraryExW
GetModuleFileNameW
SetEndOfFile
WriteConsoleW
SetFilePointerEx
ReadConsoleW
ReadFile
FlushFileBuffers
HeapAlloc
LCMapStringW
CompareStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetProcessHeap
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
SetStdHandle
AreFileApisANSI
GetModuleHandleExW
ExitProcess
CreateFileW
GetConsoleMode
SetEnvironmentVariableA
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
SetEnvironmentVariableW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetLastError
MultiByteToWideChar
WideCharToMultiByte
EncodePointer
DecodePointer
EnterCriticalSection
LeaveCriticalSection
CloseHandle
HeapFree
GetStdHandle
GetFileType
DeleteCriticalSection
RtlUnwind
WriteFile
GetConsoleCP

Exports

Exports

ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
CERT_GenTime2FormattedAscii_Util
DER_AsciiToTime_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedDayToAscii_Util
DER_GeneralizedTimeToTime_Util
DER_GetInteger_Util
DER_GetUInteger
DER_LengthLength
DER_Lengths_Util
DER_SetUInteger
DER_StoreHeader
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToUTCTime_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
NSSBase64Decoder_Create_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_Destroy_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_New_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgParseCipherFlags
NSSUTIL_ArgParseModuleSpec
NSSUTIL_ArgParseSlotFlags
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgReadLong
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSSUTIL_DoubleEscape
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_GetVersion
NSSUTIL_MkModuleSpec
NSSUTIL_MkNSSString
NSSUTIL_MkSlotString
NSSUTIL_Quote
NSSUTIL_QuoteSize
NSS_GetAlgorithmPolicy
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_BooleanTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PointerToOctetStringTemplate_Util
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_SetOfAnyTemplate_Util
NSS_Get_SEC_SkipTemplate
NSS_Get_SEC_T61StringTemplate
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_Get_sgn_DigestInfoTemplate_Util
NSS_InitializePRErrorTable
NSS_PutEnv_Util
NSS_SecureMemcmp
NSS_SetAlgorithmPolicy
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_ISO88591_UTF8Conversion
PORT_LoadLibraryFromOrigin
PORT_NewArena_Util
PORT_Realloc_Util
PORT_RegExpCaseSearch
PORT_RegExpSearch
PORT_RegExpValid
PORT_SetError_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_Strdup_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_UCS4_UTF8Conversion
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocArray
SECITEM_AllocItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupArray
SECITEM_DupItem_Util
SECITEM_FreeArray
SECITEM_FreeItem_Util
SECITEM_Hash
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_ReallocItem
SECITEM_ReallocItemV2
SECITEM_ZfreeArray
SECITEM_ZfreeItem_Util
SECOID_AddEntry_Util
SECOID_CompareAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDByTag_Util
SECOID_FindOIDTagDescription_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_KnownCertExtenOID
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeInteger_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1LengthLength_Util
SEC_QuickDERDecodeItem_Util
SEC_StringToOID
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CreateDigestInfo_Util
SGN_DecodeDigestInfo
SGN_DestroyDigestInfo_Util
UTIL_SetForkState
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_GetSecmodName
_SGN_VerifyPKCS1DigestInfo

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/plc4.dll
.dll windows:6 windows x86 arch:x86

4598533a0c3b6c5ddb9612a89de425ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nspr4

PR_SetError
PR_Calloc
PR_ErrorToName
PR_GetOSError
PR_GetError
PR_fprintf
PR_GetSpecialFD
PR_Free
PR_Malloc

kernel32

Sleep
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetStringTypeW
GetLastError
HeapFree
HeapAlloc
GetCommandLineA
GetCurrentThreadId
GetProcessHeap
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetStdHandle
WriteFile
GetModuleFileNameW
IsProcessorFeaturePresent
SetLastError
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsDebuggerPresent
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
OutputDebugStringW
RtlUnwind
HeapReAlloc
HeapSize
LCMapStringW

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/plds4.dll
.dll windows:6 windows x86 arch:x86

4f9a53fbf939884bc7e65bde68799fc4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nspr4

PR_CallOnce
PR_Unlock
PR_Lock
PR_DestroyLock
PR_NewLock
PR_CeilingLog2
PR_Free
PR_Malloc

kernel32

TlsAlloc
CreateFileW
CloseHandle
WriteConsoleW
SetFilePointerEx
SetStdHandle
GetConsoleMode
GetConsoleCP
FlushFileBuffers
GetCommandLineA
GetCurrentThreadId
IsProcessorFeaturePresent
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameA
HeapFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
EnterCriticalSection
LeaveCriticalSection
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
IsDebuggerPresent
WriteFile
GetModuleFileNameW
LoadLibraryExW
RtlUnwind
HeapAlloc
HeapReAlloc
GetStringTypeW
OutputDebugStringW
HeapSize
LCMapStringW

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
PL_SizeOfArenaPoolExcludingPool
libVersionPoint

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/softokn3.dll
.dll windows:6 windows x86 arch:x86

f62703f3be4a59d359a62952d431248f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

sqlite3

sqlite3_file_control
sqlite3_reset
sqlite3_finalize
sqlite3_column_int
sqlite3_column_bytes
sqlite3_column_blob
sqlite3_step
sqlite3_bind_text
sqlite3_bind_int
sqlite3_bind_blob
sqlite3_prepare_v2
sqlite3_open
sqlite3_free
sqlite3_mprintf
sqlite3_busy_timeout
sqlite3_exec
sqlite3_close

nssutil3

SECOID_GetAlgorithmTag_Util
PORT_Alloc_Util
PORT_Free_Util
PORT_SetError_Util
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
PORT_NewArena_Util
PORT_ArenaZAlloc_Util
SECITEM_CopyItem_Util
PORT_ZAlloc_Util
SECITEM_CompareItem_Util
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgGetLabel
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_ArgFetchValue
_NSSUTIL_EvaluateConfigDir
PORT_Strdup_Util
SECOID_FindOIDByMechanism
SGN_DestroyDigestInfo_Util
SGN_CreateDigestInfo_Util
DER_Encode_Util
_SGN_VerifyPKCS1DigestInfo
NSS_Get_SEC_OctetStringTemplate_Util
SEC_QuickDERDecodeItem_Util
_NSSUTIL_GetSecmodName
NSSUTIL_DoModuleDBFunction
UTIL_SetForkState
SECOID_Shutdown
SECOID_Init
DER_SetUInteger
SECITEM_HashCompare
PORT_ArenaAlloc_Util
PORT_GetError_Util
PORT_ArenaGrow_Util
PORT_Realloc_Util
SECOID_DestroyAlgorithmID_Util
PORT_ZFree_Util
SECOID_CopyAlgorithmID_Util
SECOID_SetAlgorithmID_Util
DER_GetInteger_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1DecodeItem_Util
SECITEM_ZfreeItem_Util
SECITEM_FreeItem_Util
SECITEM_DupItem_Util
SECITEM_AllocItem_Util
PORT_FreeArena_Util

plc4

PL_strncasecmp
PL_strcasecmp

plds4

PL_NewHashTable
PL_HashTableDestroy
PL_HashTableAdd
PL_HashTableRemove
PL_HashTableLookup
PL_HashTableLookupConst
PL_CompareValues
PL_HashTableEnumerateEntries

nspr4

PR_CallOnce
PR_SetError
PR_Free
PR_snprintf
PR_GetEnv
PR_LoadLibraryWithFlags
PR_UnloadLibrary
PR_FindFunctionSymbol
PR_GetLibraryFilePathname
PR_Lock
PR_Unlock
PR_GetDirectorySeparator
PR_SecondsToInterval
PR_NewLock
PR_DestroyLock
PR_Sleep
PR_smprintf_free
PR_IntervalNow
PR_MillisecondsToInterval
PR_GetCurrentThread
PR_Now
PR_Access
PR_NewMonitor
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_smprintf

kernel32

SetFileAttributesW
GetFileAttributesExW
CloseHandle
CreateFileW
FlushFileBuffers
HeapSize
WriteConsoleW
SetStdHandle
HeapReAlloc
OutputDebugStringW
LoadLibraryExW
RtlUnwind
SetEnvironmentVariableA
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LCMapStringW
CompareStringW
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetProcessHeap
AreFileApisANSI
GetModuleHandleExW
ExitProcess
WideCharToMultiByte
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DecodePointer
EncodePointer
GetProcAddress
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
Sleep
InitializeCriticalSectionAndSpinCount
SetUnhandledExceptionFilter
UnhandledExceptionFilter
MultiByteToWideChar
SetLastError
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetCurrentThreadId
GetCommandLineA
HeapAlloc
HeapFree
GetLastError
IsProcessorFeaturePresent
IsDebuggerPresent
GetTempPathA

Exports

Exports

C_GetFunctionList
FC_GetFunctionList
NSC_GetFunctionList
NSC_ModuleDBFunc

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/$_2_/sqlite3.dll
.dll windows:6 windows x86 arch:x86

08e0c5c4d25d1d7e6ba2923f9444c9ee

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
AreFileApisANSI
GetSystemTime
LocalFree
GetTempPathA
GetCurrentProcessId
DeleteFileW
CloseHandle
GetVersionExA
OutputDebugStringA
GetFileAttributesExW
GetSystemInfo
GetDiskFreeSpaceA
CreateFileMappingW
CreateFileMappingA
LoadLibraryA
GetDiskFreeSpaceW
LockFileEx
HeapSize
GetProcAddress
GetLastError
GetTempPathW
FlushFileBuffers
MultiByteToWideChar
CreateFileW
ReadFile
GetFileAttributesW
HeapValidate
HeapCreate
GetFileAttributesA
HeapDestroy
FormatMessageW
Sleep
LoadLibraryW
WideCharToMultiByte
WriteFile
FormatMessageA
GetSystemTimeAsFileTime
GetProcessHeap
UnlockFileEx
GetTickCount
OutputDebugStringW
LockFile
UnlockFile
WaitForSingleObject
HeapFree
QueryPerformanceCounter
SystemTimeToFileTime
HeapAlloc
FreeLibrary
SetEndOfFile
UnmapViewOfFile
MapViewOfFile
SetFilePointer
CreateMutexW
GetFileSize
CreateFileA
HeapReAlloc
GetFullPathNameA
GetFullPathNameW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetStdHandle
GetModuleFileNameW
GetTimeZoneInformation
GetFileType
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
CompareStringW
LCMapStringW
GetStringTypeW
GetConsoleCP
GetConsoleMode
SetEnvironmentVariableA
SetStdHandle
SetFilePointerEx
WriteConsoleW

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_bind_blob
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_value
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_changes
sqlite3_clear_bindings
sqlite3_close
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_complete
sqlite3_complete16
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_module
sqlite3_data_count
sqlite3_db_handle
sqlite3_declare_vtab
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_exec
sqlite3_expired
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_interrupt
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_load_extension
sqlite3_malloc
sqlite3_mprintf
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare_v2
sqlite3_profile
sqlite3_progress_handler
sqlite3_realloc
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_value
sqlite3_rollback_hook
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_sleep
sqlite3_snprintf
sqlite3_step
sqlite3_thread_cleanup
sqlite3_total_changes
sqlite3_trace
sqlite3_transfer_bindings
sqlite3_update_hook
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_numeric_type
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vmprintf
sqlite3_wal_checkpoint

Sections

.text
Size: 457KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3bCertificate

Extended Key Usages

Key Usages

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50Certificate

Extended Key Usages

Key Usages

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4dCertificate

Extended Key Usages

Key Usages

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2aCertificate

Extended Key Usages

Key Usages

4c:1c:79:07:23:75:1e:1b:fd:ce:15:ca:13:12:24:cb:21:9a:0f:15Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 80KB

.rsrc Size: 17KB - Virtual size: 17KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

8c8a576201f68de1a3f26fc723b9f30f

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 851B

.data Size: 512B - Virtual size: 104B

.reloc Size: 1024B - Virtual size: 610B

09a3e096fa98fc82beb9603daab2ea15

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

shell32

ole32

Exports

Exports

Sections

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

4c:1c:79:07:23:75:1e:1b:fd:ce:15:ca:13:12:24:cb:21:9a:0f:15
Signer

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 80KB

.rsrc
Size: 17KB - Virtual size: 17KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 851B

.data
Size: 512B - Virtual size: 104B

.reloc
Size: 1024B - Virtual size: 610B

.text
Size: 14KB - Virtual size: 13KB

.data
Size: 512B - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 1024B - Virtual size: 741B

.rdata
Size: 1024B - Virtual size: 673B

.data
Size: 512B - Virtual size: 88B

.reloc
Size: 512B - Virtual size: 190B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 410B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

70:0b:cd:4b:71:6f:43:f0:52:b3:e7:ae:e3:92:59:10:94:2f:72:16
Signer

.text
Size: 1KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 910B

.data
Size: - Virtual size: 1KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 512B - Virtual size: 250B

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

45:c7:15:a0:e1:cd:be:0a:83:38:df:4c:17:6f:25:4d
Certificate