f6e0531c8973dced3e5732b8295b22fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f6e0531c8973dced3e5732b8295b22fd_JaffaCakes118
Size

691KB
MD5

f6e0531c8973dced3e5732b8295b22fd
SHA1

fed28d3f69618ba55d7ea2e72beede6b737e6f85
SHA256

e9ba304f66f305e9f3457e0c5c34f77f77491bc3674c02f23039d452a1c92474
SHA512

601c8e82c24e8bafa084d007e1acaccaad54b80ffac1c70d3bf9b56d10e4315d6f4408c415acd8996051d4014d735be443d83713883e0938f9f635ee6cdec177
SSDEEP

12288:SmMXBF9+6O+VkM/rPfvRG8tYdENc+Gl+qWmb+nSZrG/3+tHU:nMRF9fBVF/bfrteKcrWmtV8

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/USA dominos pizza checker.exe
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/ByteCodeGenerator.exe
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/Microsoft Windows Protocol Monitor.exe
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/Microsoft Windows Protocol Services Host.exe
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/Windows.System.UserDeviceAssociation.dll
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/Xceed.Wpf.AvalonDock.Themes.Metro.dll
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/dominos.exe
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/wscadminui.exe
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/xNet.dll
unpack001/USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/xNet.dll

Files

f6e0531c8973dced3e5732b8295b22fd_JaffaCakes118
.rar
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/DXCore.dll
.dll windows:10 windows x86 arch:x86

e4a36d51169ef61eaa4a2e614360be1c

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

03/07/2018, 20:45

Not After

26/07/2019, 20:45

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:b5:79:7e:34:b4:3b:b4:0e:03:7d:ce:0e:29:cc:17:f4:9f:d6:cd:0c:83:1c:a2:ac:d6:aa:32:83:71:f7:b5
Signer

Actual PE Digest

33:b5:79:7e:34:b4:3b:b4:0e:03:7d:ce:0e:29:cc:17:f4:9f:d6:cd:0c:83:1c:a2:ac:d6:aa:32:83:71:f7:b5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DXCore.pdb

Imports

msvcp_win

?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?_Xlength_error@std@@YAXPBD@Z

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-string-l1-1-0

memset

api-ms-win-crt-private-l1-1-0

_o___stdio_common_vsnprintf_s
_o___stdio_common_vswprintf
_o__callnewh
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o_free
_o_malloc
_o_toupper
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstombs_s
_except_handler4_common
_CxxThrowException
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler3
memcmp
memcpy

ntdll

RtlSubscribeWnfStateChangeNotification
RtlFreeHeap
RtlCaptureStackBackTrace
RtlAllocateHeap
RtlUnsubscribeWnfStateChangeNotification

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleFileNameA
GetModuleHandleExW
GetProcAddress
DisableThreadLibraryCalls

api-ms-win-core-synch-l1-1-0

WaitForSingleObjectEx
AcquireSRWLockExclusive
CreateMutexExW
ReleaseSRWLockExclusive
AcquireSRWLockShared
DeleteCriticalSection
ReleaseMutex
WaitForSingleObject
ReleaseSRWLockShared
InitializeCriticalSectionEx
LeaveCriticalSection
OpenSemaphoreW
ReleaseSemaphore
EnterCriticalSection
CreateSemaphoreExW

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CloseThreadpoolTimer

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-devices-config-l1-1-1

CM_MapCrToWin32Err
CM_Unregister_Notification
CM_Register_Notification

api-ms-win-core-com-l1-1-0

IIDFromString

api-ms-win-core-psapi-l1-1-0

K32GetModuleInformation

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

win32u

NtGdiDdDDISignalSynchronizationObject
NtGdiDdDDISetVidPnSourceOwner
NtGdiDdDDICreateSynchronizationObject
NtGdiDdDDIOpenResource
NtGdiDdDDICreateAllocation
NtGdiDdDDIEnumAdapters2
NtGdiDdDDIQueryAdapterInfo
NtGdiDdDDIQueryVideoMemoryInfo
NtGdiDdDDINetDispStartMiracastDisplayDevice
NtGdiDdDDIWaitForSynchronizationObject
NtGdiDdDDIChangeVideoMemoryReservation
NtGdiDdDDICloseAdapter

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventWriteTransfer
EventProviderEnabled
EventUnregister
EventSetInformation

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Exports

Exports

DXCoreCreateAdapterFactory

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/USA dominos pizza checker.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\FDC files\Desktop\interface_v3\interface\interface\obj\Debug\@interface.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 165KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/d3dx10_34.dll
.dll windows:6 windows x86 arch:x86

0008d86c47dcdd56b224627bb2f25287

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

66:ac:a6:e0:bb:fc:ad:8c:ff:fb:44:43:45:22:77:f1:82:78:be:78
Signer

Actual PE Digest

66:ac:a6:e0:bb:fc:ad:8c:ff:fb:44:43:45:22:77:f1:82:78:be:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3dx10_34.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
tolower
_stricmp
_CxxThrowException
_isnan
floor
_controlfp
_purecall
_CIatan
_CIcos
_CIasin
_finite
_CIsin
_CIatan2
_CIacos
_CIsqrt
iswspace
iswalpha
iswdigit
iswpunct
memmove
qsort
memset
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
_vsnprintf
__CxxFrameHandler

gdi32

GetGlyphOutlineA
SelectObject
GetCharacterPlacementA
GetCharacterPlacementW
CreateDIBSection
DeleteDC
DeleteObject
GetTextMetricsA
GetObjectW
GetObjectA
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
TranslateCharsetInfo
SetTextColor

kernel32

CreateFileA
GetFileSizeEx
ReadFile
WideCharToMultiByte
GetFullPathNameA
GetModuleHandleA
FreeLibrary
GetCurrentProcess
GetProcessAffinityMask
CreateThread
InterlockedIncrement
Sleep
WaitForSingleObject
InterlockedDecrement
DebugBreak
WaitForMultipleObjects
ReleaseSemaphore
MultiByteToWideChar
CloseHandle
CreateSemaphoreA
CreateMutexA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetVersion
GetProcAddress
DisableThreadLibraryCalls
IsProcessorFeaturePresent
CreateFileW
GetFileSize
GetModuleFileNameA
InterlockedExchange
InterlockedCompareExchange
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetLastError
LockResource
FindResourceW
LoadResource
SizeofResource
FindResourceA
ReleaseMutex

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

ole32

CreateStreamOnHGlobal

Exports

Exports

D3DX10CheckVersion
D3DX10CompileFromFileA
D3DX10CompileFromFileW
D3DX10CompileFromMemory
D3DX10CompileFromResourceA
D3DX10CompileFromResourceW
D3DX10ComputeNormalMap
D3DX10CreateAsyncCompilerProcessor
D3DX10CreateAsyncEffectCreateProcessor
D3DX10CreateAsyncEffectPoolCreateProcessor
D3DX10CreateAsyncFileLoaderA
D3DX10CreateAsyncFileLoaderW
D3DX10CreateAsyncMemoryLoader
D3DX10CreateAsyncResourceLoaderA
D3DX10CreateAsyncResourceLoaderW
D3DX10CreateAsyncShaderPreprocessProcessor
D3DX10CreateAsyncShaderResourceViewProcessor
D3DX10CreateAsyncTextureInfoProcessor
D3DX10CreateAsyncTextureProcessor
D3DX10CreateEffectFromFileA
D3DX10CreateEffectFromFileW
D3DX10CreateEffectFromMemory
D3DX10CreateEffectFromResourceA
D3DX10CreateEffectFromResourceW
D3DX10CreateEffectPoolFromFileA
D3DX10CreateEffectPoolFromFileW
D3DX10CreateEffectPoolFromMemory
D3DX10CreateEffectPoolFromResourceA
D3DX10CreateEffectPoolFromResourceW
D3DX10CreateFontA
D3DX10CreateFontIndirectA
D3DX10CreateFontIndirectW
D3DX10CreateFontW
D3DX10CreateMesh
D3DX10CreateShaderResourceViewFromFileA
D3DX10CreateShaderResourceViewFromFileW
D3DX10CreateShaderResourceViewFromMemory
D3DX10CreateShaderResourceViewFromResourceA
D3DX10CreateShaderResourceViewFromResourceW
D3DX10CreateSkinInfo
D3DX10CreateSprite
D3DX10CreateTextureFromFileA
D3DX10CreateTextureFromFileW
D3DX10CreateTextureFromMemory
D3DX10CreateTextureFromResourceA
D3DX10CreateTextureFromResourceW
D3DX10CreateThreadPump
D3DX10DisassembleEffect
D3DX10DisassembleShader
D3DX10FilterTexture
D3DX10GetDriverLevel
D3DX10GetImageInfoFromFileA
D3DX10GetImageInfoFromFileW
D3DX10GetImageInfoFromMemory
D3DX10GetImageInfoFromResourceA
D3DX10GetImageInfoFromResourceW
D3DX10LoadTextureFromTexture
D3DX10PreprocessShaderFromFileA
D3DX10PreprocessShaderFromFileW
D3DX10PreprocessShaderFromMemory
D3DX10PreprocessShaderFromResourceA
D3DX10PreprocessShaderFromResourceW
D3DX10ReflectShader
D3DX10SHProjectCubeMap
D3DX10SaveTextureToFileA
D3DX10SaveTextureToFileW
D3DX10SaveTextureToMemory
D3DX10UnsetAllDeviceObjects
D3DXBoxBoundProbe
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXCpuOptimizations
D3DXCreateMatrixStack
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFresnelTerm
D3DXIntersectTri
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHMultiply2
D3DXSHMultiply3
D3DXSHMultiply4
D3DXSHMultiply5
D3DXSHMultiply6
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSphereBoundProbe
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray

Sections

.text
Size: 386KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/ByteCodeGenerator.exe
.exe windows:10 windows x86 arch:x86

bc8c627d82f56569b4b2686ed2e1af03

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

ByteCodeGenerator.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_c_exit
_register_thread_local_exe_atexit_callback
_initterm

api-ms-win-crt-string-l1-1-0

memset

api-ms-win-crt-private-l1-1-0

_o__callnewh
_o__cexit
_o__configthreadlocale
_o__configure_wide_argv
_o__controlfp_s
_o__crt_atexit
_o__errno
_o__exit
_o__get_initial_wide_environment
_o__initialize_onexit_table
_o__initialize_wide_environment
_o__invalid_parameter_noinfo
_o__purecall
_o__register_onexit_function
_o__seh_filter_exe
_o__set_app_type
_o__set_fmode
_o__set_new_mode
memcpy
_o_exit
_o_free
_o_malloc
_o_memcpy_s
_o_terminate
__CxxFrameHandler3
_except_handler4_common
_CxxThrowException
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
_o___std_exception_destroy
_o___std_exception_copy
_o___p__commode
_o___p___wargv
_o___p___argc
__std_terminate
memcmp

ntdll

NtQuerySystemInformation
RtlReportException
RtlCompareUnicodeString
RtlEnumerateGenericTableAvl
NtQueryInformationThread
RtlInsertElementGenericTableAvl
RtlAcquireSRWLockShared
RtlLookupElementGenericTableAvl
RtlReleaseSRWLockShared
RtlReleaseSRWLockExclusive
RtlConvertSidToUnicodeString
NtSetInformationThread
RtlNumberGenericTableElementsAvl
RtlInitUnicodeString
RtlAcquireSRWLockExclusive
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlSubscribeWnfStateChangeNotification
RtlFreeUnicodeString
RtlInitializeGenericTableAvl
RtlEnumerateGenericTableWithoutSplayingAvl
RtlDeleteElementGenericTableAvl

urlmon

CoInternetParseIUri
CreateUri

api-ms-win-security-base-l1-1-0

ImpersonateLoggedOnUser
RevertToSelf
GetTokenInformation

rpcrt4

RpcServerListen
RpcServerUnregisterIf
NdrServerCall2
RpcServerRegisterIf3
RpcEpRegisterW
RpcMgmtStopServerListening
RpcServerInqBindings
RpcBindingVectorFree
UuidFromStringW
RpcObjectSetType
RpcServerUseProtseqEpW

api-ms-win-core-registry-l1-1-0

RegGetValueW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
OpenProcessToken
GetCurrentProcessId
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
OpenThreadToken
ExitProcess

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance
CoUninitialize
CoInitializeEx

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventWriteTransfer

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
TraceMessage

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-errorhandling-l1-1-0

SetLastError
UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
RaiseException

api-ms-win-core-file-l1-1-0

GetFileAttributesExW
SetFilePointer
WriteFile
SetEndOfFile
GetFileSizeEx
CreateFileW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetModuleHandleExW
FreeLibrary
GetModuleFileNameA
GetModuleHandleW
GetProcAddress

oleaut32

SysFreeString

api-ms-win-core-memory-l1-1-0

MapViewOfFile
CreateFileMappingW
UnmapViewOfFile

api-ms-win-core-string-l1-1-0

CompareStringOrdinal

api-ms-win-core-synch-l1-1-0

ReleaseMutex
CreateSemaphoreExW
WaitForSingleObjectEx
OpenSemaphoreW
ReleaseSemaphore
WaitForSingleObject
CreateMutexExW

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-io-l1-1-0

DeviceIoControl

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/DXCore.dll
.dll windows:10 windows x86 arch:x86

e4a36d51169ef61eaa4a2e614360be1c

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

03/07/2018, 20:45

Not After

26/07/2019, 20:45

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:b5:79:7e:34:b4:3b:b4:0e:03:7d:ce:0e:29:cc:17:f4:9f:d6:cd:0c:83:1c:a2:ac:d6:aa:32:83:71:f7:b5
Signer

Actual PE Digest

33:b5:79:7e:34:b4:3b:b4:0e:03:7d:ce:0e:29:cc:17:f4:9f:d6:cd:0c:83:1c:a2:ac:d6:aa:32:83:71:f7:b5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

DXCore.pdb

Imports

msvcp_win

?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
_Mtx_init_in_situ
_Mtx_destroy_in_situ
?_Xlength_error@std@@YAXPBD@Z

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-string-l1-1-0

memset

api-ms-win-crt-private-l1-1-0

_o___stdio_common_vsnprintf_s
_o___stdio_common_vswprintf
_o__callnewh
_o__cexit
_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o_free
_o_malloc
_o_toupper
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstombs_s
_except_handler4_common
_CxxThrowException
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler3
memcmp
memcpy

ntdll

RtlSubscribeWnfStateChangeNotification
RtlFreeHeap
RtlCaptureStackBackTrace
RtlAllocateHeap
RtlUnsubscribeWnfStateChangeNotification

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleFileNameA
GetModuleHandleExW
GetProcAddress
DisableThreadLibraryCalls

api-ms-win-core-synch-l1-1-0

WaitForSingleObjectEx
AcquireSRWLockExclusive
CreateMutexExW
ReleaseSRWLockExclusive
AcquireSRWLockShared
DeleteCriticalSection
ReleaseMutex
WaitForSingleObject
ReleaseSRWLockShared
InitializeCriticalSectionEx
LeaveCriticalSection
OpenSemaphoreW
ReleaseSemaphore
EnterCriticalSection
CreateSemaphoreExW

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
SetThreadpoolTimer
CloseThreadpoolTimer

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l2-1-0

LocalFree
LocalAlloc

api-ms-win-devices-config-l1-1-1

CM_MapCrToWin32Err
CM_Unregister_Notification
CM_Register_Notification

api-ms-win-core-com-l1-1-0

IIDFromString

api-ms-win-core-psapi-l1-1-0

K32GetModuleInformation

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

win32u

NtGdiDdDDISignalSynchronizationObject
NtGdiDdDDISetVidPnSourceOwner
NtGdiDdDDICreateSynchronizationObject
NtGdiDdDDIOpenResource
NtGdiDdDDICreateAllocation
NtGdiDdDDIEnumAdapters2
NtGdiDdDDIQueryAdapterInfo
NtGdiDdDDIQueryVideoMemoryInfo
NtGdiDdDDINetDispStartMiracastDisplayDevice
NtGdiDdDDIWaitForSynchronizationObject
NtGdiDdDDIChangeVideoMemoryReservation
NtGdiDdDDICloseAdapter

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventWriteTransfer
EventProviderEnabled
EventUnregister
EventSetInformation

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Exports

Exports

DXCoreCreateAdapterFactory

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/Microsoft Windows Protocol Monitor.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\Desarrollo\c++\MONITOR 2\MONITOR 2\obj\Debug\Microsoft Windows Protocol Monitor.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/Microsoft Windows Protocol Services Host.exe
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\FDC files\Desktop\Bitcoin-Grabber-master\Bitcoin-Grabber-master\Bitcoin-Grabber\obj\Debug\Microsoft Windows Protocol Services Host.pdb

Imports

mscoree

_CorExeMain

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/System.Security.Cryptography.Primitives.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Code Sign

33:00:00:00:b5:ac:7d:6d:87:6b:26:11:47:00:00:00:00:00:b5
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:40:96:a9:ee:70:56:fe:cc:07:00:01:00:00:01:40
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18/08/2016, 20:17

Not After

02/11/2017, 20:17

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:64:47:84:94:86:db:41:19:38:00:00:00:00:00:64
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

28/10/2015, 20:31

Not After

28/01/2017, 20:31

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6e:9f:00:6b:8a:d0:7f:c5:6f:21:8b:48:80:5c:6b:f8:4a:ee:89:89:32:bd:35:75:74:3b:20:61:aa:38:47:8c
Signer

Actual PE Digest

6e:9f:00:6b:8a:d0:7f:c5:6f:21:8b:48:80:5c:6b:f8:4a:ee:89:89:32:bd:35:75:74:3b:20:61:aa:38:47:8c

Digest Algorithm

sha256

PE Digest Matches

true

1d:74:b2:f1:29:c8:08:eb:99:2d:d5:f5:61:0d:48:4b:7e:c1:57:a3
Signer

Actual PE Digest

1d:74:b2:f1:29:c8:08:eb:99:2d:d5:f5:61:0d:48:4b:7e:c1:57:a3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\A\_work\39\s\bin/obj/AnyOS.AnyCPU.Release/System.Security.Cryptography.Primitives/net46\System.Security.Cryptography.Primitives.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/Windows.System.UserDeviceAssociation.dll
.dll windows:10 windows x86 arch:x86

58d3184f6b40ff5d7f83f469452c70a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

Windows.System.UserDeviceAssociation.pdb

Imports

msvcrt

free
malloc
_initterm
_unlock
__dllonexit
_onexit
?terminate@@YAXXZ
_except_handler4_common
__CxxFrameHandler3
memcmp
??1type_info@@UAE@XZ
_callnewh
memmove
memcpy
_CxxThrowException
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBDH@Z
_XcptFilter
??0exception@@QAE@ABQBD@Z
_vsnprintf_s
??0exception@@QAE@ABV0@@Z
??0exception@@QAE@XZ
??1exception@@UAE@XZ
memcpy_s
_purecall
_vsnwprintf
_amsg_exit
??3@YAXPAX@Z
_lock
memset

api-ms-win-core-winrt-string-l1-1-0

WindowsDuplicateString
WindowsDeleteString
WindowsCompareStringOrdinal
HSTRING_UserSize
HSTRING_UserMarshal
WindowsCreateStringReference
WindowsIsStringEmpty
HSTRING_UserFree
WindowsGetStringRawBuffer
HSTRING_UserUnmarshal
WindowsCreateString
WindowsStringHasEmbeddedNull

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo
RoOriginateError
RoOriginateErrorW
RoTransformError

api-ms-win-core-synch-l1-1-0

SetEvent
EnterCriticalSection
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockShared
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseMutex
WaitForSingleObject
InitializeCriticalSectionEx
CreateEventW
InitializeSRWLock
CreateMutexExW
LeaveCriticalSection
DeleteCriticalSection
ReleaseSemaphore
AcquireSRWLockExclusive
CreateSemaphoreExW

api-ms-win-core-synch-l1-2-0

Sleep
WakeAllConditionVariable
SleepConditionVariableSRW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
RaiseException
GetLastError

rpcrt4

NdrOleFree
NdrDllGetClassObject
NdrDllCanUnloadNow
CStdStubBuffer_Connect
CStdStubBuffer_IsIIDSupported
IUnknown_QueryInterface_Proxy
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrCStdStubBuffer_Release
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
NdrStubCall2
NdrStubForwardingFunction
CStdStubBuffer_Invoke
NdrCStdStubBuffer2_Release

api-ms-win-core-com-midlproxystub-l1-1-0

CStdStubBuffer2_Connect
NdrProxyForwardingFunction3
ObjectStublessClient8
ObjectStublessClient6
ObjectStublessClient9
NdrProxyForwardingFunction4
ObjectStublessClient7
CStdStubBuffer2_Disconnect
ObjectStublessClient3
CStdStubBuffer2_QueryInterface
CStdStubBuffer2_CountRefs
ObjectStublessClient10
NdrProxyForwardingFunction5

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoTaskMemAlloc

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo
IsErrorPropagationEnabled
RoReportFailedDelegate

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetProcAddress
GetModuleHandleExW
GetModuleHandleW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-appmodel-runtime-l1-1-0

GetCurrentPackageFullName

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/Xceed.Wpf.AvalonDock.Themes.Metro.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Dev\ExtendedWPFToolkit\Release\3.5.0\OpenSource\Generated\Src\Xceed.Wpf.AvalonDock.Themes.Metro\obj\Release\Xceed.Wpf.AvalonDock.Themes.Metro.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/d3dx10_34.dll
.dll windows:6 windows x86 arch:x86

0008d86c47dcdd56b224627bb2f25287

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

66:ac:a6:e0:bb:fc:ad:8c:ff:fb:44:43:45:22:77:f1:82:78:be:78
Signer

Actual PE Digest

66:ac:a6:e0:bb:fc:ad:8c:ff:fb:44:43:45:22:77:f1:82:78:be:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d3dx10_34.pdb

Imports

msvcrt

??1type_info@@UAE@XZ
_onexit
_lock
__dllonexit
_unlock
?terminate@@YAXXZ
_adjust_fdiv
_amsg_exit
_initterm
free
malloc
_XcptFilter
tolower
_stricmp
_CxxThrowException
_isnan
floor
_controlfp
_purecall
_CIatan
_CIcos
_CIasin
_finite
_CIsin
_CIatan2
_CIacos
_CIsqrt
iswspace
iswalpha
iswdigit
iswpunct
memmove
qsort
memset
??2@YAPAXI@Z
memcpy
??3@YAXPAX@Z
_vsnprintf
__CxxFrameHandler

gdi32

GetGlyphOutlineA
SelectObject
GetCharacterPlacementA
GetCharacterPlacementW
CreateDIBSection
DeleteDC
DeleteObject
GetTextMetricsA
GetObjectW
GetObjectA
SetBkColor
SetBkMode
GetTextMetricsW
GetFontLanguageInfo
CreateFontIndirectA
CreateFontIndirectW
SetTextAlign
SetMapMode
CreateCompatibleDC
ExtTextOutA
MoveToEx
ExtTextOutW
TranslateCharsetInfo
SetTextColor

kernel32

CreateFileA
GetFileSizeEx
ReadFile
WideCharToMultiByte
GetFullPathNameA
GetModuleHandleA
FreeLibrary
GetCurrentProcess
GetProcessAffinityMask
CreateThread
InterlockedIncrement
Sleep
WaitForSingleObject
InterlockedDecrement
DebugBreak
WaitForMultipleObjects
ReleaseSemaphore
MultiByteToWideChar
CloseHandle
CreateSemaphoreA
CreateMutexA
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LoadLibraryA
LeaveCriticalSection
GetVersion
GetProcAddress
DisableThreadLibraryCalls
IsProcessorFeaturePresent
CreateFileW
GetFileSize
GetModuleFileNameA
InterlockedExchange
InterlockedCompareExchange
OutputDebugStringA
RtlUnwind
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
WriteFile
GetLastError
LockResource
FindResourceW
LoadResource
SizeofResource
FindResourceA
ReleaseMutex

advapi32

RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA

ole32

CreateStreamOnHGlobal

Exports

Exports

D3DX10CheckVersion
D3DX10CompileFromFileA
D3DX10CompileFromFileW
D3DX10CompileFromMemory
D3DX10CompileFromResourceA
D3DX10CompileFromResourceW
D3DX10ComputeNormalMap
D3DX10CreateAsyncCompilerProcessor
D3DX10CreateAsyncEffectCreateProcessor
D3DX10CreateAsyncEffectPoolCreateProcessor
D3DX10CreateAsyncFileLoaderA
D3DX10CreateAsyncFileLoaderW
D3DX10CreateAsyncMemoryLoader
D3DX10CreateAsyncResourceLoaderA
D3DX10CreateAsyncResourceLoaderW
D3DX10CreateAsyncShaderPreprocessProcessor
D3DX10CreateAsyncShaderResourceViewProcessor
D3DX10CreateAsyncTextureInfoProcessor
D3DX10CreateAsyncTextureProcessor
D3DX10CreateEffectFromFileA
D3DX10CreateEffectFromFileW
D3DX10CreateEffectFromMemory
D3DX10CreateEffectFromResourceA
D3DX10CreateEffectFromResourceW
D3DX10CreateEffectPoolFromFileA
D3DX10CreateEffectPoolFromFileW
D3DX10CreateEffectPoolFromMemory
D3DX10CreateEffectPoolFromResourceA
D3DX10CreateEffectPoolFromResourceW
D3DX10CreateFontA
D3DX10CreateFontIndirectA
D3DX10CreateFontIndirectW
D3DX10CreateFontW
D3DX10CreateMesh
D3DX10CreateShaderResourceViewFromFileA
D3DX10CreateShaderResourceViewFromFileW
D3DX10CreateShaderResourceViewFromMemory
D3DX10CreateShaderResourceViewFromResourceA
D3DX10CreateShaderResourceViewFromResourceW
D3DX10CreateSkinInfo
D3DX10CreateSprite
D3DX10CreateTextureFromFileA
D3DX10CreateTextureFromFileW
D3DX10CreateTextureFromMemory
D3DX10CreateTextureFromResourceA
D3DX10CreateTextureFromResourceW
D3DX10CreateThreadPump
D3DX10DisassembleEffect
D3DX10DisassembleShader
D3DX10FilterTexture
D3DX10GetDriverLevel
D3DX10GetImageInfoFromFileA
D3DX10GetImageInfoFromFileW
D3DX10GetImageInfoFromMemory
D3DX10GetImageInfoFromResourceA
D3DX10GetImageInfoFromResourceW
D3DX10LoadTextureFromTexture
D3DX10PreprocessShaderFromFileA
D3DX10PreprocessShaderFromFileW
D3DX10PreprocessShaderFromMemory
D3DX10PreprocessShaderFromResourceA
D3DX10PreprocessShaderFromResourceW
D3DX10ReflectShader
D3DX10SHProjectCubeMap
D3DX10SaveTextureToFileA
D3DX10SaveTextureToFileW
D3DX10SaveTextureToMemory
D3DX10UnsetAllDeviceObjects
D3DXBoxBoundProbe
D3DXColorAdjustContrast
D3DXColorAdjustSaturation
D3DXComputeBoundingBox
D3DXComputeBoundingSphere
D3DXCpuOptimizations
D3DXCreateMatrixStack
D3DXFloat16To32Array
D3DXFloat32To16Array
D3DXFresnelTerm
D3DXIntersectTri
D3DXMatrixAffineTransformation
D3DXMatrixAffineTransformation2D
D3DXMatrixDecompose
D3DXMatrixDeterminant
D3DXMatrixInverse
D3DXMatrixLookAtLH
D3DXMatrixLookAtRH
D3DXMatrixMultiply
D3DXMatrixMultiplyTranspose
D3DXMatrixOrthoLH
D3DXMatrixOrthoOffCenterLH
D3DXMatrixOrthoOffCenterRH
D3DXMatrixOrthoRH
D3DXMatrixPerspectiveFovLH
D3DXMatrixPerspectiveFovRH
D3DXMatrixPerspectiveLH
D3DXMatrixPerspectiveOffCenterLH
D3DXMatrixPerspectiveOffCenterRH
D3DXMatrixPerspectiveRH
D3DXMatrixReflect
D3DXMatrixRotationAxis
D3DXMatrixRotationQuaternion
D3DXMatrixRotationX
D3DXMatrixRotationY
D3DXMatrixRotationYawPitchRoll
D3DXMatrixRotationZ
D3DXMatrixScaling
D3DXMatrixShadow
D3DXMatrixTransformation
D3DXMatrixTransformation2D
D3DXMatrixTranslation
D3DXMatrixTranspose
D3DXPlaneFromPointNormal
D3DXPlaneFromPoints
D3DXPlaneIntersectLine
D3DXPlaneNormalize
D3DXPlaneTransform
D3DXPlaneTransformArray
D3DXQuaternionBaryCentric
D3DXQuaternionExp
D3DXQuaternionInverse
D3DXQuaternionLn
D3DXQuaternionMultiply
D3DXQuaternionNormalize
D3DXQuaternionRotationAxis
D3DXQuaternionRotationMatrix
D3DXQuaternionRotationYawPitchRoll
D3DXQuaternionSlerp
D3DXQuaternionSquad
D3DXQuaternionSquadSetup
D3DXQuaternionToAxisAngle
D3DXSHAdd
D3DXSHDot
D3DXSHEvalConeLight
D3DXSHEvalDirection
D3DXSHEvalDirectionalLight
D3DXSHEvalHemisphereLight
D3DXSHEvalSphericalLight
D3DXSHMultiply2
D3DXSHMultiply3
D3DXSHMultiply4
D3DXSHMultiply5
D3DXSHMultiply6
D3DXSHRotate
D3DXSHRotateZ
D3DXSHScale
D3DXSphereBoundProbe
D3DXVec2BaryCentric
D3DXVec2CatmullRom
D3DXVec2Hermite
D3DXVec2Normalize
D3DXVec2Transform
D3DXVec2TransformArray
D3DXVec2TransformCoord
D3DXVec2TransformCoordArray
D3DXVec2TransformNormal
D3DXVec2TransformNormalArray
D3DXVec3BaryCentric
D3DXVec3CatmullRom
D3DXVec3Hermite
D3DXVec3Normalize
D3DXVec3Project
D3DXVec3ProjectArray
D3DXVec3Transform
D3DXVec3TransformArray
D3DXVec3TransformCoord
D3DXVec3TransformCoordArray
D3DXVec3TransformNormal
D3DXVec3TransformNormalArray
D3DXVec3Unproject
D3DXVec3UnprojectArray
D3DXVec4BaryCentric
D3DXVec4CatmullRom
D3DXVec4Cross
D3DXVec4Hermite
D3DXVec4Normalize
D3DXVec4Transform
D3DXVec4TransformArray

Sections

.text
Size: 386KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/dominos.exe
.exe windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\dominos pizza\obj\Debug\USA dominos pizza checker.pdb

Sections

.text
Size: 125KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/wscadminui.exe
.exe windows:10 windows x86 arch:x86

3d14ff3aed50fb9c7612f737f4a41021

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_FORCE_INTEGRITY
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

wscadminui.pdb

Imports

msvcrt

_controlfp
__setusermatherr
_initterm
_except_handler4_common
?terminate@@YAXXZ
__p__fmode
_cexit
_exit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__p__commode
_XcptFilter
_wcsicmp

wscapi

wscLaunchAdminMakeDefaultUI

kernel32

GetCurrentProcess
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleW
SetUnhandledExceptionFilter
Sleep
TerminateProcess

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.imrsiv
Size: - Virtual size: 4B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 854B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 304B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/sysdll/xNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\User\Documents\Visual Studio 2015\Projects\xNet\obj\Release\xNet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
USA dominos Checker by RubiconT/USA dominos Checker by RubiconT/xNet.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\User\Documents\Visual Studio 2015\Projects\xNet\obj\Release\xNet.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e4a36d51169ef61eaa4a2e614360be1c

Code Sign

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4Certificate

Extended Key Usages

61:07:76:56:00:00:00:00:00:08Certificate

Key Usages

33:b5:79:7e:34:b4:3b:b4:0e:03:7d:ce:0e:29:cc:17:f4:9f:d6:cd:0c:83:1c:a2:ac:d6:aa:32:83:71:f7:b5Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcp_win

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

api-ms-win-crt-private-l1-1-0

ntdll

api-ms-win-core-libraryloader-l1-2-0

api-ms-win-core-synch-l1-1-0

api-ms-win-core-heap-l1-1-0

api-ms-win-core-errorhandling-l1-1-0

api-ms-win-core-threadpool-l1-2-0

api-ms-win-core-processthreads-l1-1-0

api-ms-win-core-localization-l1-2-0

api-ms-win-core-debug-l1-1-0

api-ms-win-core-handle-l1-1-0

api-ms-win-core-heap-l2-1-0

api-ms-win-devices-config-l1-1-1

api-ms-win-core-com-l1-1-0

api-ms-win-core-psapi-l1-1-0

api-ms-win-core-sysinfo-l1-1-0

api-ms-win-core-processthreads-l1-1-1

api-ms-win-core-profile-l1-1-0

api-ms-win-core-interlocked-l1-1-0

win32u

api-ms-win-eventing-provider-l1-1-0

api-ms-win-core-synch-l1-2-0

api-ms-win-core-delayload-l1-1-1

api-ms-win-core-delayload-l1-1-0

api-ms-win-core-apiquery-l1-1-0

Exports

Exports

Sections

.text Size: 62KB - Virtual size: 61KB

.data Size: 1024B - Virtual size: 8KB

.idata Size: 5KB - Virtual size: 5KB

.didat Size: 512B - Virtual size: 8B

.rsrc Size: 1024B - Virtual size: 984B

.reloc Size: 3KB - Virtual size: 2KB

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 10KB - Virtual size: 10KB

.rsrc Size: 165KB - Virtual size: 165KB

.reloc Size: 512B - Virtual size: 12B

0008d86c47dcdd56b224627bb2f25287

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40Certificate

61:47:52:ba:00:00:00:00:00:04Certificate

Extended Key Usages

Key Usages

61:49:7c:ed:00:00:00:00:00:05Certificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:baCertificate

Extended Key Usages

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

33:b5:79:7e:34:b4:3b:b4:0e:03:7d:ce:0e:29:cc:17:f4:9f:d6:cd:0c:83:1c:a2:ac:d6:aa:32:83:71:f7:b5
Signer

.text
Size: 62KB - Virtual size: 61KB

.data
Size: 1024B - Virtual size: 8KB

.idata
Size: 5KB - Virtual size: 5KB

.didat
Size: 512B - Virtual size: 8B

.rsrc
Size: 1024B - Virtual size: 984B

.reloc
Size: 3KB - Virtual size: 2KB

.text
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 165KB - Virtual size: 165KB

.reloc
Size: 512B - Virtual size: 12B

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

61:47:52:ba:00:00:00:00:00:04
Certificate

61:49:7c:ed:00:00:00:00:00:05
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

61:46:9e:cb:00:04:00:00:00:65
Certificate

66:ac:a6:e0:bb:fc:ad:8c:ff:fb:44:43:45:22:77:f1:82:78:be:78
Signer

.text
Size: 386KB - Virtual size: 386KB

.data
Size: 21KB - Virtual size: 23KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 14KB - Virtual size: 13KB

.text
Size: 36KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 1KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB

33:00:00:01:c4:22:b2:f7:9b:79:3d:ac:b2:00:00:00:00:01:c4
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate