f04ef392-b940-42a9-970a-14da3d2be148[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

f04ef392-b940-42a9-970a-14da3d2be148.zip
Size

233.1MB
MD5

e2b2ab6585e4c532bc4320bd959f3b6b
SHA1

abba556495f1b2625bf9bc525af42ac94b742ef5
SHA256

7177bd0b0f9d0997b8a76bdf6fbd9696d8f37eb7eb16b5c619bc158143c22464
SHA512

a7364b3b3ad63bcf2c1296b3896865aef338b605566ba8f9bcb89981d662be381f27696e59b88ba315e30de43be1a4325153de205a81b7a6f418a4d98bae6266
SSDEEP

6291456:tTI9gGimGWpuySirUcHl8+Zn32QBAqUHfSkHkw7y:tTGUjWpuySil8anmQBJUSkpu

Score

3^/10

Malware Config

Signatures

Unsigned PE 33 IoCs

Checks for missing Authenticode signature.

resource
unpack001/files/libs/WWanHC.dll
unpack001/files/libs/WwaApi.dll
unpack001/files/libs/WwaExt.dll
unpack001/files/libs/WwanRadioManager.dll
unpack001/files/libs/Wwanpref.dll
unpack001/files/libs/XAudio2_8.dll
unpack001/files/libs/XAudio2_9.dll
unpack001/files/libs/XInput1_4.dll
unpack001/files/libs/XInput9_1_0.dll
unpack001/files/libs/XInputUap.dll
unpack001/files/libs/XamlTileRender.dll
unpack001/files/libs/XblAuthManager.dll
unpack001/files/libs/XblAuthManagerProxy.dll
unpack001/files/libs/XblAuthTokenBrokerExt.dll
unpack001/files/libs/XblGameSave.dll
unpack001/files/libs/XblGameSaveExt.dll
unpack001/files/libs/XblGameSaveProxy.dll
unpack001/files/libs/XboxGipRadioManager.dll
unpack001/files/libs/XboxNetApiSvc.dll
unpack001/files/libs/XpsDocumentTargetPrint.dll
unpack001/files/libs/XpsGdiConverter.dll
unpack001/files/libs/XpsPrint.dll
unpack001/files/libs/wwancfg.dll
unpack001/files/libs/wwanconn.dll
unpack001/files/libs/wwanmm.dll
unpack001/files/libs/wwanprotdim.dll
unpack001/files/libs/wwansvc.dll
unpack001/files/libs/xboxgipsvc.dll
unpack001/files/libs/xboxgipsynthetic.dll
unpack001/files/libs/xmlfilter.dll
unpack001/files/libs/xmlprovi.dll
unpack001/files/libs/xolehlp.dll
unpack001/lnstaIler.exe

Files

f04ef392-b940-42a9-970a-14da3d2be148.zip
.zip
amsvcp120.dll
.dll windows:6 windows x86 arch:x86

6ccda270a497a2c5a36a7f385cc9910d

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13
Signer

Actual PE Digest

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13

Digest Algorithm

sha256

PE Digest Matches

true

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e
Signer

Actual PE Digest

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp120.i386.pdb

Imports

msvcr120

?what@exception@std@@UBEPBDXZ
_CxxThrowException
__CxxFrameHandler3
fclose
fflush
fgetc
fgetpos
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
_lock_file
_unlock_file
memcpy_s
memset
_fsopen
fseek
_wfsopen
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Free@Concurrency@@YAXPAX@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0critical_section@Concurrency@@QAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
?wait@event@Concurrency@@QAEII@Z
?set@event@Concurrency@@QAEXXZ
ldexp
sprintf_s
strcspn
wcslen
_Strftime
_Wcsftime
strcmp
setlocale
_malloc_crt
_realloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fgetwc
fputwc
ungetwc
__uncaught_exception
_errno
memcmp
_wcsdup
___lc_locale_name_func
___lc_collate_cp_func
__crtCompareStringA
__crtLCMapStringA
___lc_codepage_func
_ismbblead
remove
rename
_wremove
strcpy_s
wcscpy_s
_wgetcwd
_wchdir
_wmkdir
_wrmdir
??1bad_cast@std@@UAE@XZ
_getcwd
_chdir
_mkdir
_rmdir
__crtIsPackagedApp
__crtCreateSymbolicLinkW
__crtGetFileInformationByHandleEx
__crtSetFileInformationByHandle
_calloc_crt
??0_Condition_variable@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
__crtSleep
_beginthreadex
_endthreadex
?lock@critical_section@Concurrency@@QAEXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?unlock@critical_section@Concurrency@@QAEXXZ
?terminate@@YAXXZ
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
calloc
??0operation_timed_out@Concurrency@@QAE@XZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
??0bad_target@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
?Log2@details@Concurrency@@YAKI@Z
_lock
_unlock
__pctype_func
isupper
__crtGetLocaleInfoEx
islower
__crtLCMapStringW
isspace
tolower
memchr
sqrt
isdigit
isxdigit
isalnum
__crtCompareStringW
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
_initterm
_initterm_e
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__clean_type_info_names_internal
??0bad_cast@std@@QAE@ABV01@@Z
_W_Gettnames
_W_Getmonths
_W_Getdays
_Gettnames
_Getmonths
_Getdays
localeconv
??0bad_cast@std@@QAE@PBD@Z
??_V@YAXPAX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
memmove
strlen
memcpy
malloc
free
___mb_cur_max_func
_purecall
rand_s
fputs
fputc
__iob_func
abort
log
__crtInitializeCriticalSectionEx
??3@YAXPAX@Z
??2@YAPAXI@Z
_wrename

kernel32

GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
AreFileApisANSI
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QAE@ABU01@@Z
??0_Container_base12@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Pad@std@@QAE@ABV01@@Z
??0_Pad@std@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDH@std@@MAE@XZ
??1?$codecvt@GDH@std@@MAE@XZ
??1?$codecvt@_WDH@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Container_base12@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Pad@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1agent@Concurrency@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Container_base0@std@@QAEAAU01@ABU01@@Z
??4_Container_base12@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Pad@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7_Pad@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDH@std@@QAEXXZ
??_F?$codecvt@GDH@std@@QAEXXZ
??_F?$codecvt@_WDH@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?_10@placeholders@std@@3V?$_Ph@$09@2@A
?_11@placeholders@std@@3V?$_Ph@$0L@@2@A
?_12@placeholders@std@@3V?$_Ph@$0M@@2@A
?_13@placeholders@std@@3V?$_Ph@$0N@@2@A
?_14@placeholders@std@@3V?$_Ph@$0O@@2@A
?_15@placeholders@std@@3V?$_Ph@$0P@@2@A
?_16@placeholders@std@@3V?$_Ph@$0BA@@2@A
?_17@placeholders@std@@3V?$_Ph@$0BB@@2@A
?_18@placeholders@std@@3V?$_Ph@$0BC@@2@A
?_19@placeholders@std@@3V?$_Ph@$0BD@@2@A
?_1@placeholders@std@@3V?$_Ph@$00@2@A
?_20@placeholders@std@@3V?$_Ph@$0BE@@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_4@placeholders@std@@3V?$_Ph@$03@2@A
?_5@placeholders@std@@3V?$_Ph@$04@2@A
?_6@placeholders@std@@3V?$_Ph@$05@2@A
?_7@placeholders@std@@3V?$_Ph@$06@2@A
?_8@placeholders@std@@3V?$_Ph@$07@2@A
?_9@placeholders@std@@3V?$_Ph@$08@2@A
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Close_dir@sys@tr2@std@@YAXPAX@Z
?_Copy_file@sys@tr2@std@@YAHPBD0_N@Z
?_Copy_file@sys@tr2@std@@YAHPB_W0_N@Z
?_Current_get@sys@tr2@std@@YAPADAAY0BAE@D@Z
?_Current_get@sys@tr2@std@@YAPA_WAAY0BAE@_W@Z
?_Current_set@sys@tr2@std@@YA_NPBD@Z
?_Current_set@sys@tr2@std@@YA_NPB_W@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Equivalent@sys@tr2@std@@YAHPBD0@Z
?_Equivalent@sys@tr2@std@@YAHPB_W0@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_File_size@sys@tr2@std@@YA_KPBD@Z
?_File_size@sys@tr2@std@@YA_KPB_W@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z
?_Future_error_map@std@@YAPBDH@Z
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/libEGL.dll
.dll windows:6 windows x86 arch:x86

48c72c12b3685003a84e2caf235b2330

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fd:86:6f:d5:3e:03:39:78:5d:dc:76:c5:2a:2b:ad:5d:d5:81:ff:08
Signer

Actual PE Digest

fd:86:6f:d5:3e:03:39:78:5d:dc:76:c5:2a:2b:ad:5d:d5:81:ff:08

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libglesv2

?SwapInterval@egl@@YGIPAXH@Z
?BindAPI@egl@@YGII@Z
?QueryAPI@egl@@YGIXZ
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?ReleaseThread@egl@@YGIXZ
?WaitClient@egl@@YGIXZ
?GetCurrentContext@egl@@YGPAXXZ
?CreateSync@egl@@YGPAXPAXIPBH@Z
?DestroySync@egl@@YGIPAX0@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?SurfaceAttrib@egl@@YGIPAX0HH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?DestroyImage@egl@@YGIPAX0@Z
?GetPlatformDisplay@egl@@YGPAXIPAXPBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?WaitSync@egl@@YGIPAX0H@Z
?QuerySurfacePointerANGLE@egl@@YGIPAX0HPAPAX@Z
?PostSubBufferNV@egl@@YGIPAX0HHHH@Z
?GetPlatformDisplayEXT@egl@@YGPAXIPAXPBH@Z
?ReleaseTexImage@egl@@YGIPAX0H@Z
?BindTexImage@egl@@YGIPAX0H@Z
?WaitNative@egl@@YGIH@Z
?WaitGL@egl@@YGIXZ
?Terminate@egl@@YGIPAX@Z
?SwapBuffers@egl@@YGIPAX0@Z
?QuerySurface@egl@@YGIPAX0HPAH@Z
?QueryString@egl@@YGPBDPAXH@Z
?QueryContext@egl@@YGIPAX0HPAH@Z
?MakeCurrent@egl@@YGIPAX000@Z
?Initialize@egl@@YGIPAXPAH1@Z
?GetProcAddress@egl@@YGP6AXXZPBD@Z
?GetError@egl@@YGHXZ
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetCurrentSurface@egl@@YGPAXH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentDisplay@egl@@YGPAXXZ
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroyContext@egl@@YGIPAX0@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?GetSyncAttrib@egl@@YGIPAX0HPAH@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z

msvcr120

__crtTerminateProcess
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
__crtUnhandledException

kernel32

IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglCopyBuffers
eglCreateContext
eglCreateImage
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformWindowSurface
eglCreateSync
eglCreateWindowSurface
eglDestroyContext
eglDestroyImage
eglDestroySurface
eglDestroySync
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglInitialize
eglMakeCurrent
eglPostSubBufferNV
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
dll/ssleay32.dll
.dll windows:6 windows x86 arch:x86

073d57b7886016768db36f2bc192c07c

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:d9:0a:97:a3:a4:0d:99:7f:0c:54:f0:e0:d8:61:41:86:36:62:83
Signer

Actual PE Digest

2b:d9:0a:97:a3:a4:0d:99:7f:0c:54:f0:e0:d8:61:41:86:36:62:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\bas\browserautomationstudiobuild\build32\builddevrelease\openssl\src\openssl-1.0.1f\out32dll\ssleay32.pdb

Imports

libeay32

ord188
ord181
ord52
ord85
ord490
ord252
ord222
ord3873
ord2630
ord2821
ord3109
ord269
ord290
ord281
ord641
ord754
ord857
ord654
ord2206
ord2201
ord911
ord3906
ord493
ord3836
ord289
ord464
ord3245
ord3244
ord3844
ord2936
ord323
ord3841
ord3874
ord1202
ord2894
ord3067
ord961
ord89
ord109
ord3896
ord3879
ord3239
ord170
ord909
ord912
ord66
ord111
ord110
ord151
ord123
ord118
ord120
ord128
ord2760
ord495
ord498
ord4540
ord202
ord203
ord201
ord219
ord3837
ord3899
ord3883
ord276
ord274
ord256
ord3315
ord2927
ord285
ord4119
ord4430
ord4233
ord4474
ord4369
ord4245
ord1070
ord4488
ord3695
ord3570
ord2924
ord2929
ord3010
ord3178
ord2578
ord3663
ord3422
ord3729
ord3575
ord3512
ord3608
ord3459
ord3480
ord3550
ord3666
ord3644
ord866
ord635
ord2747
ord2784
ord2572
ord964
ord965
ord3489
ord907
ord87
ord486
ord497
ord484
ord205
ord206
ord216
ord363
ord2712
ord2925
ord3165
ord268
ord333
ord316
ord282
ord4125
ord4262
ord4164
ord1071
ord2877
ord3711
ord3682
ord3719
ord577
ord763
ord572
ord4046
ord481
ord3528
ord3418
ord1096
ord1097
ord78
ord95
ord3816
ord3888
ord3891
ord2589
ord2915
ord1144
ord1145
ord3823
ord3846
ord2292
ord1081
ord187
ord623
ord622
ord679
ord3857
ord267
ord503
ord1012
ord3631
ord3479
ord3664
ord3737
ord3633
ord3675
ord341
ord176
ord266
ord264
ord3314
ord3312
ord3313
ord541
ord3925
ord3922
ord3124
ord2702
ord2898
ord4144
ord4372
ord3782
ord2400
ord4174
ord3866
ord313
ord3724
ord3767
ord3758
ord3704
ord3647
ord3365
ord3766
ord3460
ord4114
ord3783
ord3454
ord3394
ord3754
ord1655
ord914
ord1041
ord1027
ord1025
ord1004
ord1007
ord1005
ord3826
ord53
ord67
ord65
ord74
ord98
ord58
ord892
ord890
ord897
ord2257
ord248
ord364
ord4331
ord4513
ord1010
ord629
ord626
ord628
ord630
ord3437
ord3527
ord3378
ord3610
ord3414
ord3495
ord3399
ord3559
ord575
ord636
ord2051
ord2478
ord246
ord3657
ord3396
ord93
ord1100
ord1023
ord2524
ord3505
ord3595
ord657
ord401
ord891
ord887
ord889
ord4045
ord2475
ord368
ord370
ord367
ord369
ord1671
ord189
ord1147
ord314
ord315
ord4383
ord4320
ord956
ord750
ord3205
ord279
ord283
ord748
ord280
ord774
ord751
ord2181
ord1959
ord400
ord399
ord3513
ord716
ord822
ord718
ord824
ord8
ord7
ord3700
ord32
ord3623
ord37
ord35
ord703
ord1091
ord88
ord2426
ord86
ord680
ord1101
ord299
ord304
ord329
ord318
ord325
ord959
ord4601
ord3155
ord2996
ord4615
ord4637
ord4656
ord3795
ord3807
ord3914
ord292
ord293
ord2252
ord91
ord955
ord225
ord247
ord125
ord129
ord4572
ord4580
ord4576
ord4570
ord4578
ord4582
ord4573
ord4577
ord4581
ord4575
ord4584
ord903
ord910
ord904
ord901
ord905
ord2411
ord1653
ord1654
ord168
ord167
ord1011
ord169

msvcr120

__CppXcptFilter
_amsg_exit
free
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
_errno
strchr
_ftime64
strncmp
strncpy
fprintf
__iob_func
memmove
memset
memcpy
_time64
abort

kernel32

GetLastError
IsProcessorFeaturePresent
EncodePointer
DecodePointer
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
SetLastError

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SRP_generate_client_master_secret
SRP_generate_server_master_secret
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_id
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set1_param
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_SESSION_free
SSL_SESSION_get0_peer
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set1_id_context
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_cache_hit
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_export_keying_material
SSL_free
SSL_get0_next_proto_negotiated
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_selected_srtp_profile
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_debug
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_psk_client_callback
SSL_set_psk_server_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_state
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_1_client_method
TLSv1_1_method
TLSv1_1_server_method
TLSv1_2_client_method
TLSv1_2_method
TLSv1_2_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/1.rar
.rar
files/libs/New folder.rar
.rar
files/libs/Qt5Core.dll
.dll windows:6 windows x86 arch:x86

5dc4b26565969216fe39584905c80ce1

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

db:22:d5:6b:c2:89:6d:23:69:f7:ff:48:80:e1:43:c4:2d:ab:59:8a
Signer

Actual PE Digest

db:22:d5:6b:c2:89:6d:23:69:f7:ff:48:80:e1:43:c4:2d:ab:59:8a

Digest Algorithm

sha1

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateThread
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GetThreadPriority
TerminateThread
ResumeThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemInfo
WaitForMultipleObjects
ResetEvent
GetStartupInfoW
GetSystemTime
GetLocalTime
CompareStringW
GetUserDefaultLCID
QueryPerformanceCounter
QueryPerformanceFrequency
GetTickCount
GetDateFormatW
GetTimeFormatW
GetLocaleInfoW
GetCurrencyFormatW
GetUserDefaultUILanguage
GetTimeZoneInformation
GetGeoInfoW
GetUserGeoID
LCMapStringW
CreateFileW
GetFileAttributesExW
FlushFileBuffers
GetFileType
GetLogicalDrives
ReadFile
SetEndOfFile
SetFilePointerEx
WriteFile
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
MoveFileExW
OpenProcess
FreeLibrary
LoadLibraryA
FindCloseChangeNotification
FindFirstChangeNotificationW
FindNextChangeNotification
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
DeleteFileW
FindClose
FindFirstFileW
SwitchToThread
GetFileInformationByHandle
GetFullPathNameW
GetLongPathNameW
RemoveDirectoryW
GetTempPathW
SetErrorMode
DeviceIoControl
LoadLibraryW
CopyFileW
MoveFileW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
FindFirstFileExW
FindNextFileW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStdHandle
SetFilePointer
ConnectNamedPipe
CreateNamedPipeW
TerminateProcess
GetExitCodeProcess
CreateProcessW
CreateIoCompletionPort
GetQueuedCompletionStatus
PostQueuedCompletionStatus
ReleaseSemaphore
ReleaseMutex
CreateMutexW
CreateSemaphoreW
PeekNamedPipe
CancelIo
GetModuleHandleA
GetOverlappedResult
GetDiskFreeSpaceExW
GetDriveTypeW
GetVolumeInformationW
GetVolumePathNameW
GetVolumeNameForVolumeMountPointW
GetModuleFileNameW
GetSystemDirectoryW
GetCommandLineW
GetCurrentProcessId
VirtualQuery
OpenFileMappingW
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
IsProcessorFeaturePresent
IsDebuggerPresent
DecodePointer
EncodePointer
VirtualFree
VirtualAlloc
Sleep
WaitForSingleObject
DuplicateHandle
CreateEventW
WaitForSingleObjectEx
SetEvent
CloseHandle
GetConsoleWindow
OutputDebugStringW
FormatMessageW
LocalFree
GetProcAddress
GetModuleHandleW
GetNativeSystemInfo
GetFileAttributesW
GetLastError

user32

DefWindowProcW
RegisterClassW
MessageBoxW
PeekMessageW
PostThreadMessageW
EnumWindows
GetWindowThreadProcessId
DispatchMessageW
PostMessageW
GetWindowLongW
CharNextExA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
SetWindowLongW
UnregisterClassW
KillTimer
SetTimer
MsgWaitForMultipleObjectsEx
GetQueueStatus
DestroyWindow
CreateWindowExW
TranslateMessage

shell32

SHGetSpecialFolderPathW
CommandLineToArgvW

ole32

CoCreateInstance
CoInitialize
CoCreateGuid
CoTaskMemFree
CoUninitialize

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
OpenProcessToken
CopySid
FreeSid
GetLengthSid
GetTokenInformation
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumValueW
RegFlushKey
RegSetValueExW
RegEnumKeyExW

ws2_32

WSAStartup
WSACleanup
WSAAsyncSelect
gethostname

mpr

WNetGetUniversalNameW

msvcp120

?_Winerror_map@std@@YAPBDH@Z
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ
?_Syserror_map@std@@YAPBDH@Z
?_Orphan_all@_Container_base0@std@@QAEXXZ

msvcr120

_except1
_vsnprintf_s
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
??1type_info@@UAE@XZ
_except_handler4_common
__clean_type_info_names_internal
_lseek
__argc
wcschr
_snwprintf
_wchmod
_waccess
_onexit
__dllonexit
__argv
strrchr
_open
_strdup
isdigit
_lock
_unlock
_initterm_e
_calloc_crt
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
memmove
_CxxThrowException
__CxxFrameHandler3
memcpy
??_V@YAXPAX@Z
memset
getenv_s
rand
srand
_putenv_s
?terminate@@YAXXZ
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??1exception@std@@UAE@XZ
?what@exception@std@@UBEPBDXZ
free
malloc
realloc
exit
__iob_func
fflush
fprintf
strncpy
??0exception@std@@QAE@XZ
??4exception@std@@QAEAAV01@ABV01@@Z
_errno
_beginthreadex
_endthreadex
strcpy_s
strncmp
strncpy_s
fputs
_get_timezone
_get_tzname
_tzset
_localtime64_s
_mktime64
floor
_libm_sse2_asin_precise
_libm_sse2_cos_precise
_libm_sse2_pow_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
rand_s
_CIatan2
_libm_sse2_acos_precise
_clearfp
_control87
ceil
strchr
sprintf
memchr
strerror
_vsnprintf
calloc
_ftelli64
_lseeki64
_environ
fclose
feof
fgets
fread
_fseeki64
fwrite
_close
_read
_write
_fileno
_wgetdcwd
_get_osfhandle
_open_osfhandle
_getdrive

Exports

Exports

??0?$QList@VQItemSelectionRange@@@@QAE@$$QAV0@@Z
??0?$QList@VQItemSelectionRange@@@@QAE@ABV0@@Z
??0?$QList@VQItemSelectionRange@@@@QAE@V?$initializer_list@VQItemSelectionRange@@@std@@@Z
??0?$QList@VQItemSelectionRange@@@@QAE@XZ
??0?$QVector@VQPoint@@@@QAE@$$QAV0@@Z
??0?$QVector@VQPoint@@@@QAE@ABV0@@Z
??0?$QVector@VQPoint@@@@QAE@H@Z
??0?$QVector@VQPoint@@@@QAE@HABVQPoint@@@Z
??0?$QVector@VQPoint@@@@QAE@V?$initializer_list@VQPoint@@@std@@@Z
??0?$QVector@VQPoint@@@@QAE@XZ
??0?$QVector@VQPointF@@@@QAE@$$QAV0@@Z
??0?$QVector@VQPointF@@@@QAE@ABV0@@Z
??0?$QVector@VQPointF@@@@QAE@H@Z
??0?$QVector@VQPointF@@@@QAE@HABVQPointF@@@Z
??0?$QVector@VQPointF@@@@QAE@V?$initializer_list@VQPointF@@@std@@@Z
??0?$QVector@VQPointF@@@@QAE@XZ
??0?$QVector@VQXmlStreamAttribute@@@@QAE@$$QAV0@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QAE@ABV0@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QAE@H@Z
??0?$QVector@VQXmlStreamAttribute@@@@QAE@HABVQXmlStreamAttribute@@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QAE@V?$initializer_list@VQXmlStreamAttribute@@@std@@@Z
??0?$QVector@VQXmlStreamAttribute@@@@QAE@XZ
??0Connection@QMetaObject@@AAE@PAX@Z
??0Connection@QMetaObject@@QAE@$$QAV01@@Z
??0Connection@QMetaObject@@QAE@ABV01@@Z
??0Connection@QMetaObject@@QAE@XZ
??0ConverterState@QTextCodec@@QAE@V?$QFlags@W4ConversionFlag@QTextCodec@@@@@Z
??0ExceptionHolder@QtPrivate@@QAE@ABV01@@Z
??0ExceptionHolder@QtPrivate@@QAE@PAVQException@@@Z
??0ExceptionStore@QtPrivate@@QAE@ABV01@@Z
??0ExceptionStore@QtPrivate@@QAE@XZ
??0QAbstractAnimation@@IAE@AAVQAbstractAnimationPrivate@@PAVQObject@@@Z
??0QAbstractAnimation@@QAE@PAVQObject@@@Z
??0QAbstractAnimationTimer@@QAE@XZ
??0QAbstractDynamicMetaObject@@QAE@ABU0@@Z
??0QAbstractDynamicMetaObject@@QAE@XZ
??0QAbstractEventDispatcher@@IAE@AAVQAbstractEventDispatcherPrivate@@PAVQObject@@@Z
??0QAbstractEventDispatcher@@QAE@PAVQObject@@@Z
??0QAbstractEventDispatcherPrivate@@QAE@ABV0@@Z
??0QAbstractEventDispatcherPrivate@@QAE@XZ
??0QAbstractFileEngine@@IAE@AAVQAbstractFileEnginePrivate@@@Z
??0QAbstractFileEngine@@IAE@XZ
??0QAbstractFileEngineHandler@@QAE@ABV0@@Z
??0QAbstractFileEngineHandler@@QAE@XZ
??0QAbstractFileEngineIterator@@QAE@V?$QFlags@W4Filter@QDir@@@@ABVQStringList@@@Z
??0QAbstractItemModel@@IAE@AAVQAbstractItemModelPrivate@@PAVQObject@@@Z
??0QAbstractItemModel@@QAE@PAVQObject@@@Z
??0QAbstractItemModelPrivate@@QAE@ABV0@@Z
??0QAbstractItemModelPrivate@@QAE@XZ
??0QAbstractListModel@@IAE@AAVQAbstractItemModelPrivate@@PAVQObject@@@Z
??0QAbstractListModel@@QAE@PAVQObject@@@Z
??0QAbstractNativeEventFilter@@QAE@XZ
??0QAbstractProxyModel@@IAE@AAVQAbstractProxyModelPrivate@@PAVQObject@@@Z
??0QAbstractProxyModel@@QAE@PAVQObject@@@Z
??0QAbstractProxyModelPrivate@@QAE@ABV0@@Z
??0QAbstractProxyModelPrivate@@QAE@XZ
??0QAbstractState@@IAE@AAVQAbstractStatePrivate@@PAVQState@@@Z
??0QAbstractState@@IAE@PAVQState@@@Z
??0QAbstractTableModel@@IAE@AAVQAbstractItemModelPrivate@@PAVQObject@@@Z
??0QAbstractTableModel@@QAE@PAVQObject@@@Z
??0QAbstractTransition@@IAE@AAVQAbstractTransitionPrivate@@PAVQState@@@Z
??0QAbstractTransition@@QAE@PAVQState@@@Z
??0QAbstractTransitionPrivate@@QAE@ABV0@@Z
??0QAbstractTransitionPrivate@@QAE@XZ
??0QAnimationDriver@@IAE@AAVQAnimationDriverPrivate@@PAVQObject@@@Z
??0QAnimationDriver@@QAE@PAVQObject@@@Z
??0QAnimationDriverPrivate@@QAE@ABV0@@Z
??0QAnimationDriverPrivate@@QAE@XZ
??0QAnimationGroup@@IAE@AAVQAnimationGroupPrivate@@PAVQObject@@@Z
??0QAnimationGroup@@QAE@PAVQObject@@@Z
??0QAssociativeIterable@@QAE@VQAssociativeIterableImpl@QtMetaTypePrivate@@@Z
??0QBasicTimer@@QAE@XZ
??0QBitArray@@QAE@$$QAV0@@Z
??0QBitArray@@QAE@ABV0@@Z
??0QBitArray@@QAE@H_N@Z
??0QBitArray@@QAE@XZ
??0QBitRef@@AAE@AAVQBitArray@@H@Z
??0QBuffer@@QAE@PAVQByteArray@@PAVQObject@@@Z
??0QBuffer@@QAE@PAVQObject@@@Z
??0QByteArray@@QAE@$$QAV0@@Z
??0QByteArray@@QAE@ABV0@@Z
??0QByteArray@@QAE@HD@Z
??0QByteArray@@QAE@HW4Initialization@Qt@@@Z
??0QByteArray@@QAE@PBDH@Z
??0QByteArray@@QAE@UQByteArrayDataPtr@@@Z
??0QByteArray@@QAE@XZ
??0QByteArrayMatcher@@QAE@ABV0@@Z
??0QByteArrayMatcher@@QAE@ABVQByteArray@@@Z
??0QByteArrayMatcher@@QAE@PBDH@Z
??0QByteArrayMatcher@@QAE@XZ
??0QByteRef@@AAE@AAVQByteArray@@H@Z
??0QChar@@QAE@D@Z
??0QChar@@QAE@E@Z
??0QChar@@QAE@EE@Z
??0QChar@@QAE@F@Z
??0QChar@@QAE@G@Z
??0QChar@@QAE@H@Z
??0QChar@@QAE@I@Z
??0QChar@@QAE@UQLatin1Char@@@Z
??0QChar@@QAE@W4SpecialCharacter@0@@Z
??0QChar@@QAE@XZ
??0QCharRef@@AAE@AAVQString@@H@Z
??0QChildEvent@@QAE@ABV0@@Z
??0QChildEvent@@QAE@W4Type@QEvent@@PAVQObject@@@Z
??0QCollator@@QAE@$$QAV0@@Z
??0QCollator@@QAE@ABV0@@Z
??0QCollator@@QAE@ABVQLocale@@@Z
??0QCollatorPrivate@@QAE@XZ
??0QCollatorSortKey@@IAE@PAVQCollatorSortKeyPrivate@@@Z
??0QCollatorSortKey@@QAE@ABV0@@Z
??0QCollatorSortKeyPrivate@@QAE@ABVQString@@@Z
??0QCommandLineOption@@QAE@ABV0@@Z
??0QCommandLineOption@@QAE@ABVQString@@000@Z
??0QCommandLineOption@@QAE@ABVQString@@@Z
??0QCommandLineOption@@QAE@ABVQStringList@@@Z
??0QCommandLineOption@@QAE@ABVQStringList@@ABVQString@@11@Z
??0QCommandLineParser@@QAE@XZ
??0QCoreApplication@@IAE@AAVQCoreApplicationPrivate@@@Z
??0QCoreApplication@@QAE@AAHPAPADH@Z
??0QCoreApplicationPrivate@@QAE@AAHPAPADI@Z
??0QCoreApplicationPrivate@@QAE@ABV0@@Z
??0QCryptographicHash@@QAE@W4Algorithm@0@@Z
??0QDaemonThread@@QAE@PAVQObject@@@Z
??0QDataStream@@QAE@ABVQByteArray@@@Z
??0QDataStream@@QAE@PAVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QDataStream@@QAE@PAVQIODevice@@@Z
??0QDataStream@@QAE@XZ
??0QDate@@AAE@_J@Z
??0QDate@@QAE@HHH@Z
??0QDate@@QAE@XZ
??0QDateTime@@QAE@ABV0@@Z
??0QDateTime@@QAE@ABVQDate@@@Z
??0QDateTime@@QAE@ABVQDate@@ABVQTime@@ABVQTimeZone@@@Z
??0QDateTime@@QAE@ABVQDate@@ABVQTime@@W4TimeSpec@Qt@@@Z
??0QDateTime@@QAE@ABVQDate@@ABVQTime@@W4TimeSpec@Qt@@H@Z
??0QDateTime@@QAE@XZ
??0QDateTimeParser@@QAE@ABV0@@Z
??0QDateTimeParser@@QAE@W4Type@QVariant@@W4Context@0@@Z
??0QDebug@@QAE@ABV0@@Z
??0QDebug@@QAE@PAVQIODevice@@@Z
??0QDebug@@QAE@PAVQString@@@Z
??0QDebug@@QAE@W4QtMsgType@@@Z
??0QDebugStateSaver@@QAE@AAVQDebug@@@Z
??0QDeferredDeleteEvent@@QAE@ABV0@@Z
??0QDeferredDeleteEvent@@QAE@XZ
??0QDir@@IAE@AAVQDirPrivate@@@Z
??0QDir@@QAE@ABV0@@Z
??0QDir@@QAE@ABVQString@@0V?$QFlags@W4SortFlag@QDir@@@@V?$QFlags@W4Filter@QDir@@@@@Z
??0QDir@@QAE@ABVQString@@@Z
??0QDirIterator@@QAE@ABVQDir@@V?$QFlags@W4IteratorFlag@QDirIterator@@@@@Z
??0QDirIterator@@QAE@ABVQString@@ABVQStringList@@V?$QFlags@W4Filter@QDir@@@@V?$QFlags@W4IteratorFlag@QDirIterator@@@@@Z
??0QDirIterator@@QAE@ABVQString@@V?$QFlags@W4Filter@QDir@@@@V?$QFlags@W4IteratorFlag@QDirIterator@@@@@Z
??0QDirIterator@@QAE@ABVQString@@V?$QFlags@W4IteratorFlag@QDirIterator@@@@@Z
??0QDynamicMetaObjectData@@QAE@ABU0@@Z
??0QDynamicMetaObjectData@@QAE@XZ
??0QDynamicPropertyChangeEvent@@QAE@ABV0@@Z
??0QDynamicPropertyChangeEvent@@QAE@ABVQByteArray@@@Z
??0QEasingCurve@@QAE@$$QAV0@@Z
??0QEasingCurve@@QAE@ABV0@@Z
??0QEasingCurve@@QAE@W4Type@0@@Z
??0QElapsedTimer@@QAE@XZ
??0QEvent@@QAE@ABV0@@Z
??0QEvent@@QAE@W4Type@0@@Z
??0QEventDispatcherWin32@@IAE@AAVQEventDispatcherWin32Private@@PAVQObject@@@Z
??0QEventDispatcherWin32@@QAE@PAVQObject@@@Z
??0QEventDispatcherWin32Private@@QAE@ABV0@@Z
??0QEventDispatcherWin32Private@@QAE@XZ
??0QEventLoop@@QAE@PAVQObject@@@Z
??0QEventLoopLocker@@QAE@PAVQEventLoop@@@Z
??0QEventLoopLocker@@QAE@PAVQThread@@@Z
??0QEventLoopLocker@@QAE@XZ
??0QEventTransition@@IAE@AAVQEventTransitionPrivate@@PAVQObject@@W4Type@QEvent@@PAVQState@@@Z
??0QEventTransition@@IAE@AAVQEventTransitionPrivate@@PAVQState@@@Z
??0QEventTransition@@QAE@PAVQObject@@W4Type@QEvent@@PAVQState@@@Z
??0QEventTransition@@QAE@PAVQState@@@Z
??0QEventTransitionPrivate@@QAE@ABV0@@Z
??0QEventTransitionPrivate@@QAE@XZ
??0QException@@QAE@ABV0@@Z
??0QException@@QAE@XZ
??0QFSFileEngine@@IAE@AAVQFSFileEnginePrivate@@@Z
??0QFSFileEngine@@QAE@ABVQString@@@Z
??0QFSFileEngine@@QAE@XZ
??0QFactoryInterface@@QAE@ABU0@@Z
??0QFactoryInterface@@QAE@XZ
??0QFactoryLoader@@QAE@PBDABVQString@@W4CaseSensitivity@Qt@@@Z
??0QFile@@IAE@AAVQFilePrivate@@PAVQObject@@@Z
??0QFile@@QAE@ABVQString@@@Z
??0QFile@@QAE@ABVQString@@PAVQObject@@@Z
??0QFile@@QAE@PAVQObject@@@Z
??0QFile@@QAE@XZ
??0QFileDevice@@IAE@AAVQFileDevicePrivate@@PAVQObject@@@Z
??0QFileDevice@@IAE@PAVQObject@@@Z
??0QFileDevice@@IAE@XZ
??0QFileInfo@@QAE@ABV0@@Z
??0QFileInfo@@QAE@ABVQDir@@ABVQString@@@Z
??0QFileInfo@@QAE@ABVQFile@@@Z
??0QFileInfo@@QAE@ABVQString@@@Z
??0QFileInfo@@QAE@PAVQFileInfoPrivate@@@Z
??0QFileInfo@@QAE@XZ
??0QFileSelector@@QAE@PAVQObject@@@Z
??0QFileSelectorPrivate@@QAE@ABV0@@Z
??0QFileSelectorPrivate@@QAE@XZ
??0QFileSystemWatcher@@QAE@ABVQStringList@@PAVQObject@@@Z
??0QFileSystemWatcher@@QAE@PAVQObject@@@Z
??0QFinalState@@IAE@AAVQFinalStatePrivate@@PAVQState@@@Z
??0QFinalState@@QAE@PAVQState@@@Z
??0QFinalStatePrivate@@QAE@ABV0@@Z
??0QFinalStatePrivate@@QAE@XZ
??0QFutureInterfaceBase@@QAE@ABV0@@Z
??0QFutureInterfaceBase@@QAE@W4State@0@@Z
??0QFutureWatcherBase@@QAE@PAVQObject@@@Z
??0QGenericArgument@@QAE@PBDPBX@Z
??0QGenericReturnArgument@@QAE@PBDPAX@Z
??0QHistoryState@@QAE@PAVQState@@@Z
??0QHistoryState@@QAE@W4HistoryType@0@PAVQState@@@Z
??0QIODevice@@IAE@AAVQIODevicePrivate@@PAVQObject@@@Z
??0QIODevice@@QAE@PAVQObject@@@Z
??0QIODevice@@QAE@XZ
??0QIODevicePrivate@@QAE@ABV0@@Z
??0QIODevicePrivate@@QAE@XZ
??0QIdentityProxyModel@@IAE@AAVQIdentityProxyModelPrivate@@PAVQObject@@@Z
??0QIdentityProxyModel@@QAE@PAVQObject@@@Z
??0QItemSelection@@QAE@ABV0@@Z
??0QItemSelection@@QAE@ABVQModelIndex@@0@Z
??0QItemSelection@@QAE@XZ
??0QItemSelectionModel@@IAE@AAVQItemSelectionModelPrivate@@PAVQAbstractItemModel@@@Z
??0QItemSelectionModel@@QAE@PAVQAbstractItemModel@@@Z
??0QItemSelectionModel@@QAE@PAVQAbstractItemModel@@PAVQObject@@@Z
??0QItemSelectionRange@@QAE@$$QAV0@@Z
??0QItemSelectionRange@@QAE@ABV0@@Z
??0QItemSelectionRange@@QAE@ABVQModelIndex@@0@Z
??0QItemSelectionRange@@QAE@ABVQModelIndex@@@Z
??0QItemSelectionRange@@QAE@XZ
??0QJsonArray@@AAE@PAVData@QJsonPrivate@@PAVArray@2@@Z
??0QJsonArray@@QAE@ABV0@@Z
??0QJsonArray@@QAE@V?$initializer_list@VQJsonValue@@@std@@@Z
??0QJsonArray@@QAE@XZ
??0QJsonDocument@@AAE@PAVData@QJsonPrivate@@@Z
??0QJsonDocument@@QAE@ABV0@@Z
??0QJsonDocument@@QAE@ABVQJsonArray@@@Z
??0QJsonDocument@@QAE@ABVQJsonObject@@@Z
??0QJsonDocument@@QAE@XZ
??0QJsonObject@@AAE@PAVData@QJsonPrivate@@PAVObject@2@@Z
??0QJsonObject@@QAE@ABV0@@Z
??0QJsonObject@@QAE@V?$initializer_list@U?$QPair@VQString@@VQJsonValue@@@@@std@@@Z
??0QJsonObject@@QAE@XZ
??0QJsonValue@@AAE@PAVData@QJsonPrivate@@PAVBase@2@ABVValue@2@@Z
??0QJsonValue@@AAE@PBX@Z
??0QJsonValue@@QAE@ABV0@@Z
??0QJsonValue@@QAE@ABVQJsonArray@@@Z
??0QJsonValue@@QAE@ABVQJsonObject@@@Z
??0QJsonValue@@QAE@ABVQString@@@Z
??0QJsonValue@@QAE@H@Z
??0QJsonValue@@QAE@N@Z
??0QJsonValue@@QAE@PBD@Z
??0QJsonValue@@QAE@VQLatin1String@@@Z
??0QJsonValue@@QAE@W4Type@0@@Z
??0QJsonValue@@QAE@_J@Z
??0QJsonValue@@QAE@_N@Z
??0QJsonValueRef@@QAE@PAVQJsonArray@@H@Z
??0QJsonValueRef@@QAE@PAVQJsonObject@@H@Z
??0QLibrary@@QAE@ABVQString@@0PAVQObject@@@Z
??0QLibrary@@QAE@ABVQString@@HPAVQObject@@@Z
??0QLibrary@@QAE@ABVQString@@PAVQObject@@@Z
??0QLibrary@@QAE@PAVQObject@@@Z
??0QLibraryInfo@@AAE@XZ
??0QLine@@QAE@ABVQPoint@@0@Z
??0QLine@@QAE@HHHH@Z
??0QLine@@QAE@XZ
??0QLineF@@QAE@ABVQLine@@@Z
??0QLineF@@QAE@ABVQPointF@@0@Z
??0QLineF@@QAE@NNNN@Z
??0QLineF@@QAE@XZ
??0QLocale@@AAE@AAVQLocalePrivate@@@Z
??0QLocale@@QAE@ABV0@@Z
??0QLocale@@QAE@ABVQString@@@Z
??0QLocale@@QAE@W4Language@0@W4Country@0@@Z
??0QLocale@@QAE@W4Language@0@W4Script@0@W4Country@0@@Z
??0QLocale@@QAE@XZ
??0QLockFile@@QAE@ABVQString@@@Z
??0QLoggingCategory@@QAE@PBD@Z
??0QLoggingCategory@@QAE@PBDW4QtMsgType@@@Z
??0QMessageAuthenticationCode@@QAE@W4Algorithm@QCryptographicHash@@ABVQByteArray@@@Z
??0QMessageLogger@@QAE@PBDH00@Z
??0QMessageLogger@@QAE@PBDH0@Z
??0QMessageLogger@@QAE@XZ
??0QMetaCallEvent@@QAE@ABV0@@Z
??0QMetaCallEvent@@QAE@GGP6AXPAVQObject@@W4Call@QMetaObject@@HPAPAX@ZPBV1@HHPAH2PAVQSemaphore@@@Z
??0QMetaCallEvent@@QAE@PAVQSlotObjectBase@QtPrivate@@PBVQObject@@HHPAHPAPAXPAVQSemaphore@@@Z
??0QMetaClassInfo@@QAE@XZ
??0QMetaEnum@@QAE@XZ
??0QMetaEnumBuilder@@AAE@PBVQMetaObjectBuilder@@H@Z
??0QMetaEnumBuilder@@QAE@XZ
??0QMetaMethod@@QAE@XZ
??0QMetaMethodBuilder@@AAE@PBVQMetaObjectBuilder@@H@Z
??0QMetaMethodBuilder@@QAE@XZ
??0QMetaObjectBuilder@@QAE@PBUQMetaObject@@V?$QFlags@W4AddMember@QMetaObjectBuilder@@@@@Z
??0QMetaObjectBuilder@@QAE@XZ
??0QMetaProperty@@QAE@XZ
??0QMetaPropertyBuilder@@AAE@PBVQMetaObjectBuilder@@H@Z
??0QMetaPropertyBuilder@@QAE@XZ
??0QMetaStringTable@@QAE@ABV0@@Z
??0QMetaStringTable@@QAE@ABVQByteArray@@@Z
??0QMetaType@@AAE@ABV0@@Z
??0QMetaType@@AAE@W4ExtensionFlag@0@PBVQMetaTypeInterface@@P6APAXPBX@ZP6AXPAX@ZP6AXAAVQDataStream@@2@ZP6AX64@ZP6APAX42@Z5IIHPBUQMetaObject@@@Z
??0QMetaType@@QAE@H@Z
??0QMimeData@@QAE@XZ
??0QMimeDatabase@@QAE@XZ
??0QMimeType@@QAE@ABV0@@Z
??0QMimeType@@QAE@ABVQMimeTypePrivate@@@Z
??0QMimeType@@QAE@XZ
??0QModelIndex@@AAE@HHIPBVQAbstractItemModel@@@Z
??0QModelIndex@@AAE@HHPAXPBVQAbstractItemModel@@@Z
??0QModelIndex@@QAE@XZ
??0QMutex@@QAE@W4RecursionMode@0@@Z
??0QMutexLocker@@QAE@PAVQBasicMutex@@@Z
??0QMutexPool@@QAE@ABV0@@Z
??0QMutexPool@@QAE@W4RecursionMode@QMutex@@H@Z
??0QNonContiguousByteDevice@@IAE@XZ
??0QObject@@IAE@AAVQObjectPrivate@@PAV0@@Z
??0QObject@@QAE@PAV0@@Z
??0QObjectCleanupHandler@@QAE@XZ
??0QObjectData@@QAE@ABV0@@Z
??0QObjectData@@QAE@XZ
??0QObjectPrivate@@QAE@ABV0@@Z
??0QObjectPrivate@@QAE@H@Z
??0QObjectUserData@@QAE@ABV0@@Z
??0QObjectUserData@@QAE@XZ
??0QParallelAnimationGroup@@IAE@AAVQParallelAnimationGroupPrivate@@PAVQObject@@@Z
??0QParallelAnimationGroup@@QAE@PAVQObject@@@Z
??0QPauseAnimation@@QAE@HPAVQObject@@@Z
??0QPauseAnimation@@QAE@PAVQObject@@@Z
??0QPersistentModelIndex@@QAE@$$QAV0@@Z
??0QPersistentModelIndex@@QAE@ABV0@@Z
??0QPersistentModelIndex@@QAE@ABVQModelIndex@@@Z
??0QPersistentModelIndex@@QAE@XZ
??0QPluginLoader@@QAE@ABVQString@@PAVQObject@@@Z
??0QPluginLoader@@QAE@PAVQObject@@@Z
??0QPoint@@QAE@HH@Z
??0QPoint@@QAE@XZ
??0QPointF@@QAE@ABVQPoint@@@Z
??0QPointF@@QAE@NN@Z
??0QPointF@@QAE@XZ
??0QProcess@@QAE@PAVQObject@@@Z
??0QProcessEnvironment@@QAE@ABV0@@Z
??0QProcessEnvironment@@QAE@XZ
??0QPropertyAnimation@@QAE@PAVQObject@@@Z
??0QPropertyAnimation@@QAE@PAVQObject@@ABVQByteArray@@0@Z
??0QReadLocker@@QAE@PAVQReadWriteLock@@@Z
??0QReadWriteLock@@QAE@W4RecursionMode@0@@Z
??0QRect@@QAE@ABVQPoint@@0@Z
??0QRect@@QAE@ABVQPoint@@ABVQSize@@@Z
??0QRect@@QAE@HHHH@Z
??0QRect@@QAE@XZ
??0QRectF@@QAE@ABVQPointF@@0@Z
??0QRectF@@QAE@ABVQPointF@@ABVQSizeF@@@Z
??0QRectF@@QAE@ABVQRect@@@Z
??0QRectF@@QAE@NNNN@Z
??0QRectF@@QAE@XZ
??0QRegExp@@QAE@ABV0@@Z
??0QRegExp@@QAE@ABVQString@@W4CaseSensitivity@Qt@@W4PatternSyntax@0@@Z
??0QRegExp@@QAE@XZ
??0QRegularExpression@@AAE@AAUQRegularExpressionPrivate@@@Z
??0QRegularExpression@@QAE@ABV0@@Z
??0QRegularExpression@@QAE@ABVQString@@V?$QFlags@W4PatternOption@QRegularExpression@@@@@Z
??0QRegularExpression@@QAE@XZ
??0QRegularExpressionMatch@@AAE@AAUQRegularExpressionMatchPrivate@@@Z
??0QRegularExpressionMatch@@QAE@ABV0@@Z
??0QRegularExpressionMatch@@QAE@XZ
??0QRegularExpressionMatchIterator@@AAE@AAUQRegularExpressionMatchIteratorPrivate@@@Z
??0QRegularExpressionMatchIterator@@QAE@ABV0@@Z
??0QRegularExpressionMatchIterator@@QAE@XZ
??0QResource@@QAE@ABVQString@@ABVQLocale@@@Z
??0QRunnable@@QAE@ABV0@@Z
??0QRunnable@@QAE@XZ
??0QSaveFile@@QAE@ABVQString@@@Z
??0QSaveFile@@QAE@ABVQString@@PAVQObject@@@Z
??0QSaveFile@@QAE@PAVQObject@@@Z
??0QSemaphore@@QAE@H@Z
??0QSequentialAnimationGroup@@IAE@AAVQSequentialAnimationGroupPrivate@@PAVQObject@@@Z
??0QSequentialAnimationGroup@@QAE@PAVQObject@@@Z
??0QSequentialIterable@@QAE@VQSequentialIterableImpl@QtMetaTypePrivate@@@Z
??0QSettings@@QAE@ABVQString@@0PAVQObject@@@Z
??0QSettings@@QAE@ABVQString@@W4Format@0@PAVQObject@@@Z
??0QSettings@@QAE@PAVQObject@@@Z
??0QSettings@@QAE@W4Format@0@W4Scope@0@ABVQString@@2PAVQObject@@@Z
??0QSettings@@QAE@W4Scope@0@ABVQString@@1PAVQObject@@@Z
??0QSharedData@@QAE@ABV0@@Z
??0QSharedData@@QAE@XZ
??0QSharedMemory@@QAE@ABVQString@@PAVQObject@@@Z
??0QSharedMemory@@QAE@PAVQObject@@@Z
??0QSignalMapper@@QAE@PAVQObject@@@Z
??0QSignalTransition@@QAE@PAVQState@@@Z
??0QSignalTransition@@QAE@PBVQObject@@PBDPAVQState@@@Z
??0QSize@@QAE@HH@Z
??0QSize@@QAE@XZ
??0QSizeF@@QAE@ABVQSize@@@Z
??0QSizeF@@QAE@NN@Z
??0QSizeF@@QAE@XZ
??0QSocketNotifier@@QAE@HW4Type@0@PAVQObject@@@Z
??0QSortFilterProxyModel@@QAE@PAVQObject@@@Z
??0QState@@IAE@AAVQStatePrivate@@PAV0@@Z
??0QState@@QAE@PAV0@@Z
??0QState@@QAE@W4ChildMode@0@PAV0@@Z
??0QStateMachine@@IAE@AAVQStateMachinePrivate@@PAVQObject@@@Z
??0QStateMachine@@QAE@PAVQObject@@@Z
??0QStateMachine@@QAE@W4ChildMode@QState@@PAVQObject@@@Z
??0QStateMachinePrivate@@QAE@XZ
??0QStatePrivate@@QAE@ABV0@@Z
??0QStatePrivate@@QAE@XZ
??0QStorageInfo@@QAE@ABV0@@Z
??0QStorageInfo@@QAE@ABVQDir@@@Z
??0QStorageInfo@@QAE@ABVQString@@@Z
??0QStorageInfo@@QAE@XZ
??0QString@@QAE@$$QAV0@@Z
??0QString@@QAE@ABUNull@0@@Z
??0QString@@QAE@ABV0@@Z
??0QString@@QAE@ABVQByteArray@@@Z
??0QString@@QAE@HVQChar@@@Z
??0QString@@QAE@HW4Initialization@Qt@@@Z
??0QString@@QAE@PBD@Z
??0QString@@QAE@PBVQChar@@H@Z
??0QString@@QAE@UQStringDataPtr@@@Z
??0QString@@QAE@VQChar@@@Z
??0QString@@QAE@VQLatin1String@@@Z
??0QString@@QAE@XZ
??0QStringListModel@@QAE@ABVQStringList@@PAVQObject@@@Z
??0QStringListModel@@QAE@PAVQObject@@@Z
??0QStringMatcher@@QAE@ABV0@@Z
??0QStringMatcher@@QAE@ABVQString@@W4CaseSensitivity@Qt@@@Z
??0QStringMatcher@@QAE@PBVQChar@@HW4CaseSensitivity@Qt@@@Z
??0QStringMatcher@@QAE@XZ
??0QStringRef@@QAE@$$QAV0@@Z
??0QStringRef@@QAE@ABV0@@Z
??0QStringRef@@QAE@PBVQString@@@Z
??0QStringRef@@QAE@PBVQString@@HH@Z
??0QStringRef@@QAE@XZ
??0QSystemError@@QAE@HW4ErrorScope@0@@Z
??0QSystemError@@QAE@XZ
??0QSystemLocale@@AAE@_N@Z
??0QSystemLocale@@QAE@ABV0@@Z
??0QSystemLocale@@QAE@XZ
??0QSystemSemaphore@@QAE@ABVQString@@HW4AccessMode@0@@Z
??0QTemporaryDir@@QAE@ABVQString@@@Z
??0QTemporaryDir@@QAE@XZ
??0QTemporaryFile@@QAE@ABVQString@@@Z
??0QTemporaryFile@@QAE@ABVQString@@PAVQObject@@@Z
??0QTemporaryFile@@QAE@PAVQObject@@@Z
??0QTemporaryFile@@QAE@XZ
??0QTextBoundaryFinder@@QAE@ABV0@@Z
??0QTextBoundaryFinder@@QAE@W4BoundaryType@0@ABVQString@@@Z
??0QTextBoundaryFinder@@QAE@W4BoundaryType@0@PBVQChar@@HPAEH@Z
??0QTextBoundaryFinder@@QAE@XZ
??0QTextCodec@@IAE@XZ
??0QTextDecoder@@QAE@PBVQTextCodec@@@Z
??0QTextDecoder@@QAE@PBVQTextCodec@@V?$QFlags@W4ConversionFlag@QTextCodec@@@@@Z
??0QTextEncoder@@QAE@PBVQTextCodec@@@Z
??0QTextEncoder@@QAE@PBVQTextCodec@@V?$QFlags@W4ConversionFlag@QTextCodec@@@@@Z
??0QTextStream@@QAE@ABVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QTextStream@@QAE@PAU_iobuf@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QTextStream@@QAE@PAVQByteArray@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QTextStream@@QAE@PAVQIODevice@@@Z
??0QTextStream@@QAE@PAVQString@@V?$QFlags@W4OpenModeFlag@QIODevice@@@@@Z
??0QTextStream@@QAE@XZ
??0QTextStreamManipulator@@QAE@P8QTextStream@@AEXH@ZH@Z
??0QTextStreamManipulator@@QAE@P8QTextStream@@AEXVQChar@@@Z0@Z
??0QThread@@IAE@AAVQThreadPrivate@@PAVQObject@@@Z
??0QThread@@QAE@PAVQObject@@@Z
??0QThreadPool@@QAE@PAVQObject@@@Z
??0QThreadPoolPrivate@@QAE@XZ
??0QThreadStorageData@@QAE@P6AXPAX@Z@Z
??0QTime@@AAE@H@Z
??0QTime@@QAE@HHHH@Z
??0QTime@@QAE@XZ
??0QTimeLine@@QAE@HPAVQObject@@@Z
??0QTimeZone@@AAE@AAVQTimeZonePrivate@@@Z
??0QTimeZone@@QAE@ABV0@@Z
??0QTimeZone@@QAE@ABVQByteArray@@@Z
??0QTimeZone@@QAE@ABVQByteArray@@HABVQString@@1W4Country@QLocale@@1@Z
??0QTimeZone@@QAE@H@Z
??0QTimeZone@@QAE@XZ
??0QTimeZonePrivate@@QAE@ABV0@@Z
??0QTimeZonePrivate@@QAE@XZ
??0QTimer@@QAE@PAVQObject@@@Z
??0QTimerEvent@@QAE@ABV0@@Z
??0QTimerEvent@@QAE@H@Z
??0QTranslator@@QAE@PAVQObject@@@Z
??0QUnhandledException@@QAE@ABV0@@Z
??0QUnhandledException@@QAE@XZ
??0QUnifiedTimer@@AAE@XZ
??0QUrl@@QAE@$$QAV0@@Z
??0QUrl@@QAE@ABV0@@Z
??0QUrl@@QAE@ABVQString@@W4ParsingMode@0@@Z
??0QUrl@@QAE@XZ
??0QUrlQuery@@QAE@ABV0@@Z
??0QUrlQuery@@QAE@ABVQString@@@Z
??0QUrlQuery@@QAE@ABVQUrl@@@Z
??0QUrlQuery@@QAE@XZ
??0QUuid@@QAE@ABU_GUID@@@Z
??0QUuid@@QAE@ABVQByteArray@@@Z

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/WWanAPI.dll
.dll windows:10 windows x64 arch:x64

62426dff5b4dd2cfcc29d2b43cc5bd2d

Code Sign

33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:30

Not After

03/03/2021, 18:30

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

50:67:7c:02:4e:d9:e7:b2:48:5e:3a:67:f5:fe:76:2e:a2:b1:02:b1:af:9f:27:b7:ef:b1:a6:21:40:e9:d7:39
Signer

Actual PE Digest

50:67:7c:02:4e:d9:e7:b2:48:5e:3a:67:f5:fe:76:2e:a2:b1:02:b1:af:9f:27:b7:ef:b1:a6:21:40:e9:d7:39

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wwanapi.pdb

Imports

msvcrt

_onexit
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_initterm
_lock
memcmp
memcpy
memmove
__dllonexit
__CxxFrameHandler3
_amsg_exit
_unlock
wcsncmp
??0exception@@QEAA@XZ
_XcptFilter
_CxxThrowException
memmove_s
_callnewh
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBV0@@Z
memcpy_s
??0exception@@QEAA@AEBQEBDH@Z
malloc
free
wcscpy_s
calloc
_purecall
__C_specific_handler
?name@type_info@@QEBAPEBDXZ
_wtoi
iswdigit
toupper
memset

oleaut32

SafeArrayUnaccessData
SafeArrayAccessData
VariantInit
VariantClear
VariantChangeType
SysAllocString
SafeArrayCreate
SafeArrayCopy
SafeArrayGetLBound
SafeArrayPutElement
SysStringLen
SafeArrayDestroy
SysFreeString
GetRecordInfoFromGuids
SafeArrayCreateEx
SafeArrayGetUBound
SafeArrayRedim

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
ReleaseSRWLockExclusive
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSection
CreateEventW
LeaveCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionAndSpinCount
SetEvent
DeleteCriticalSection

api-ms-win-eventing-classicprovider-l1-1-0

RegisterTraceGuidsW
GetTraceLoggerHandle
GetTraceEnableLevel
UnregisterTraceGuids
TraceMessage
GetTraceEnableFlags

api-ms-win-core-libraryloader-l1-2-0

FreeLibraryAndExitThread
DisableThreadLibraryCalls
GetModuleHandleExW
GetModuleFileNameA

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventWriteTransfer
EventRegister
EventProviderEnabled
EventSetInformation

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
GetLastError
RaiseException
UnhandledExceptionFilter

api-ms-win-core-com-l1-1-0

StringFromGUID2
StringFromIID
CoInitializeEx
IIDFromString
CoUninitialize
CoTaskMemFree
CoSetProxyBlanket
CoTaskMemAlloc
CoCreateInstance

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW

api-ms-win-core-synch-l1-2-0

WakeAllConditionVariable
Sleep
SleepConditionVariableSRW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThread
GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
CreateThread
GetCurrentProcess
OpenThreadToken

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetTickCount64

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-debug-l1-1-0

OutputDebugStringA

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

api-ms-win-service-management-l1-1-0

OpenServiceW
OpenSCManagerW
CloseServiceHandle

api-ms-win-service-private-l1-1-0

UnsubscribeServiceChangeNotifications
SubscribeServiceChangeNotifications
I_QueryTagInformation

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus

api-ms-win-core-threadpool-l1-2-0

FreeLibraryWhenCallbackReturns
CloseThreadpoolWork
CreateThreadpoolWork
SubmitThreadpoolWork

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-handle-l1-1-0

CloseHandle

ntdll

RtlNtStatusToDosError
RtlUnsubscribeWnfNotificationWaitForCompletion
RtlQueryPackageIdentity
RtlIpv6AddressToStringW
RtlSubscribeWnfStateChangeNotification
RtlIpv6StringToAddressW
RtlIpv4StringToAddressW
RtlQueryWnfStateData
RtlIpv4AddressToStringW

api-ms-win-security-base-l1-1-0

ImpersonateSelf
RevertToSelf
GetTokenInformation

api-ms-win-appmodel-runtime-l1-1-0

PackageFamilyNameFromFullName

rpcrt4

I_RpcBindingInqLocalClientPID

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-psapi-l1-1-0

K32GetModuleFileNameExW

wwapi

Wwan2QueryDeviceServiceSupportedCommands
WwanSetProfile
WwanSetSmsConfiguration
WwanSmsDelete
WwanSmsRead
WwanRegister
WwanDisconnect
Wwan2SendDeviceServiceCommand
WwanSetInterface
WwanScan
Wwan2CloseDeviceServiceCommandSession
Wwan2WriteDeviceServiceData
WwanGetProfileIstream
WwanGetProfileList
WwanQueryInterface
WwanEnumerateInterfaces
WwanRegisterNotification
Wwan2OpenDeviceServiceCommandSession
Wwan2CloseHandle
Wwan2SubscribePowerStateEvents
Wwan2RegisterNotification
WwanOpenHandle
WwanCloseHandle
Wwan2CloseDeviceServiceDataSession
Wwan2OpenHandle
Wwan2OpenDeviceServiceDataSession
Wwan2EnumerateDeviceServices
Wwan2QueryInterfaces
WwanSmsSend
WwanConnect
WwanDeleteProfile

crypt32

CryptProtectData
CryptUnprotectData

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/WWanHC.dll
.dll windows:10 windows x64 arch:x64

c35b63755b14592ff6b7c81f17517477

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wwanHC.pdb

Imports

msvcrt

memcpy
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??1type_info@@UEAA@XZ
_lock
_unlock
??3@YAXPEAX@Z
memmove
_onexit
_XcptFilter
memset
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
_callnewh
_amsg_exit
_initterm
__dllonexit
?terminate@@YAXXZ
wcsnlen
memcpy_s
_vscwprintf
vswprintf_s
wcsstr
toupper
memmove_s
free
malloc
_purecall
__C_specific_handler
__CxxFrameHandler3
wcscmp

ntdll

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

kernel32

HeapDestroy
GetProcessHeap
HeapAlloc
HeapFree
SizeofResource
LockResource
LoadResource
FindResourceExW
FormatMessageW
LocalFree
GetModuleFileNameA
GetTickCount
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LocalAlloc
HeapSize
GetCurrentThreadId
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
DisableThreadLibraryCalls
GetLastError
Sleep
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
HeapReAlloc

advapi32

CloseServiceHandle
EventRegister
EventWriteTransfer
TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
OpenSCManagerW
OpenServiceW
QueryServiceStatusEx
EventProviderEnabled
StartServiceW
EventUnregister
EventSetInformation

user32

UnregisterClassA
LoadStringW

wwapi

WwanCloseHandle
WwanQueryInterface
WwanFreeMemory
WwanSetInterface
WwanOpenHandle

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/WwaApi.dll
.dll regsvr32 windows:10 windows x64 arch:x64

a5b7d2505e937b6cd5627f4f9370c5b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WwaApi.pdb

Imports

msvcrt

memcpy_s
_purecall
malloc
free
_XcptFilter
_amsg_exit
_initterm
__C_specific_handler
_lock
_unlock
__dllonexit
_onexit
memcmp
_vsnwprintf
memset

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoMarshalInterface
CreateStreamOnHGlobal
CoReleaseMarshalData
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoWaitForMultipleHandles
CoGetApartmentType

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-winrt-error-l1-1-0

RoTransformError
RoOriginateErrorW
SetRestrictedErrorInfo
GetRestrictedErrorInfo
RoOriginateError

api-ms-win-core-winrt-error-l1-1-1

IsErrorPropagationEnabled
RoReportFailedDelegate
RoGetMatchingRestrictedErrorInfo

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsCreateString
HSTRING_UserUnmarshal64
HSTRING_UserUnmarshal
WindowsDeleteString
HSTRING_UserFree
HSTRING_UserSize64
HSTRING_UserFree64
WindowsDuplicateString
HSTRING_UserSize
HSTRING_UserMarshal64
WindowsIsStringEmpty
WindowsCompareStringOrdinal
WindowsStringHasEmbeddedNull
WindowsGetStringRawBuffer
HSTRING_UserMarshal

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceLoggerHandle

api-ms-win-core-misc-l1-1-0

Sleep
FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-processthreads-l1-1-0

OpenProcessToken
GetCurrentProcessId
TerminateProcess
GetCurrentProcess
GetCurrentThreadId

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
InitializeSRWLock
LeaveCriticalSection
SetEvent
DeleteCriticalSection
InitializeCriticalSectionEx
CreateSemaphoreExW
ReleaseSemaphore
WaitForSingleObject
ReleaseMutex
WaitForSingleObjectEx
OpenSemaphoreW
CreateMutexExW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
CreateEventExW

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
GetLastError

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleW
LoadLibraryExW
GetModuleHandleExW
LoadStringW
FreeLibrary
GetModuleFileNameA

api-ms-win-downlevel-advapi32-l1-1-0

GetTokenInformation

api-ms-win-downlevel-kernel32-l1-1-0

QueueUserWorkItem

api-ms-win-downlevel-shlwapi-l2-1-0

SHGetThreadRef

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolQueueTask

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlIsCriticalSectionLocked
RtlDeleteCriticalSection

rpcrt4

IUnknown_QueryInterface_Proxy
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
NdrStubCall3
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_Connect
CStdStubBuffer_QueryInterface
NdrCStdStubBuffer_Release
NdrCStdStubBuffer2_Release
NdrDllGetClassObject
NdrDllCanUnloadNow
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_Invoke
NdrStubForwardingFunction

urlmon

CreateUri

combase

ord10
ord20
ord15
ord9
ord16
ord8
ord7
ord5
ord34
ord33
ord18
CStdStubBuffer2_QueryInterface
ord12
ord6
CStdStubBuffer2_Disconnect
ord22
ord14
ord19
CStdStubBuffer2_Connect
ord11
ord13
ord32
CStdStubBuffer2_CountRefs
ord21
ord2
ord17

oleaut32

SysStringLen
SysAllocString
SysAllocStringLen
SysFreeString

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 190KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/WwaExt.dll
.dll windows:10 windows x64 arch:x64

c8e91ea002440c7101b3d460d03f9e4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WwaExt.pdb

Imports

msvcrt

_unlock
_lock
__dllonexit
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
memset
_onexit
free
_purecall
malloc
memcpy_s
_vsnwprintf

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameA
FreeLibrary
GetProcAddress

api-ms-win-core-synch-l1-1-0

WaitForSingleObjectEx
ReleaseMutex
WaitForSingleObject
ReleaseSemaphore
OpenSemaphoreW
CreateSemaphoreExW
CreateMutexExW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
SetLastError
UnhandledExceptionFilter
GetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
RegisterTraceGuidsW
GetTraceEnableLevel
GetTraceEnableFlags
TraceMessage
UnregisterTraceGuids

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

ntdll

RtlIsCriticalSectionLocked
RtlDeleteCriticalSection

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

combase

ord90
ord157

Exports

Exports

CheckAllowDiagnosticsMode
DetermineCurrentDisplayRotationAngle
DllMain
ExtensionModulePreActivate
GetExtensionHostModuleCount
GetExtensionHostModuleFactory
GetExtensionWebModuleCount
GetExtensionWebModuleFactory
GetExtensionWebMultiThreadedModuleCount
GetExtensionWebMultiThreadedModuleFactory
ProcessDisplayRotation
SetPhoneWerParameters
StaticExtensionInitialization
StaticExtensionUnInitialization
WWABehaviorEnabled

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/WwanRadioManager.dll
.dll windows:10 windows x64 arch:x64

82d3870e32f87cb2c7c0272f4097410c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WwanRadioManager.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__purecall
_o__recalloc
_o__register_onexit_function
_o__resetstkoflw
_o__seh_filter_dll
memmove
_o_calloc
_o_free
_o_malloc
_o_toupper
__CxxFrameHandler3
_CxxThrowException
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o__cexit
_o__callnewh
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__C_specific_handler
__std_terminate
__CxxFrameHandler4
memcpy

api-ms-win-crt-string-l1-1-0

memset

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
EtwTraceMessage
EtwGetTraceEnableLevel
EtwGetTraceEnableFlags
RtlCaptureContext
NtQueryWnfStateData
EtwRegisterTraceGuidsW
EtwGetTraceLoggerHandle
EtwUnregisterTraceGuids

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleHandleExW
GetProcAddress
GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

ResetEvent
InitializeCriticalSectionAndSpinCount
SetEvent
CreateEventW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
AcquireSRWLockExclusive
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseMutex
WaitForSingleObject
ReleaseSemaphore
CreateSemaphoreExW
CreateMutexExW
ReleaseSRWLockExclusive

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapSize
HeapAlloc
HeapFree
HeapReAlloc
HeapDestroy

api-ms-win-core-errorhandling-l1-1-0

RaiseException
UnhandledExceptionFilter
GetLastError
SetLastError
SetUnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
CreateThread
GetCurrentProcess
TerminateProcess
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

api-ms-win-core-synch-l1-2-0

Sleep

iphlpapi

ConvertInterfaceGuidToLuid
GetIfEntry2

api-ms-win-service-management-l1-1-0

OpenServiceW
OpenSCManagerW
CloseServiceHandle

api-ms-win-service-management-l2-1-0

NotifyServiceStatusChangeW

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventRegister
EventProviderEnabled
EventSetInformation
EventUnregister

api-ms-win-core-heap-l2-1-0

LocalAlloc

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 476B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/Wwanpref.dll
.dll windows:10 windows x64 arch:x64

1b38dd4bf3318d1b6425e428dd735c98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wwanpref.pdb

Imports

msvcrt

_XcptFilter
_amsg_exit
_errno
realloc
_lock
_unlock
_callnewh
wcsstr
wcsncpy_s
malloc
free
_initterm
memcpy_s
__C_specific_handler
__dllonexit
_onexit
??1type_info@@UEAA@XZ
memset
__CxxFrameHandler3
_CxxThrowException
_purecall
wcscmp

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

kernel32

UnhandledExceptionFilter
ReleaseActCtx
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
Sleep
SizeofResource
CreateActCtxW
ActivateActCtx
SetLastError
EnterCriticalSection
GetModuleHandleExW
OutputDebugStringA
GetModuleFileNameW
LeaveCriticalSection
InitializeCriticalSection
FindActCtxSectionStringW
DeactivateActCtx
QueryActCtxW
MultiByteToWideChar
GetLastError
RaiseException
LoadLibraryW
FindResourceExW
LoadResource
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
FreeLibrary
lstrcmpiW
LoadLibraryExW
lstrlenW
lstrlenA

advapi32

GetTraceLoggerHandle
RegOpenKeyExW
UnregisterTraceGuids
RegisterTraceGuidsW
RegCloseKey
RegQueryInfoKeyW
RegCreateKeyExW
TraceMessage
RegDeleteValueW
RegEnumKeyExW
GetTraceEnableFlags
RegSetValueExW
GetTraceEnableLevel

oleaut32

VarUI4FromStr

shell32

ord155
SHCreateItemInKnownFolder
ShellExecuteExW
SHGetIDListFromObject
ord18

user32

UnregisterClassA
SetMenuDefaultItem
InsertMenuW
LoadStringW
CharNextW
CharLowerW

api-ms-win-core-com-l1-1-0

CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc
IIDFromString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain

Sections

.text
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XAudio2_8.dll
.dll windows:10 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

xaudio2_8.pdb

Exports

Exports

CreateAudioReverb
CreateAudioVolumeMeter
CreateFX
X3DAudioCalculate
X3DAudioInitialize
XAudio2Create
XAudio2CreateWithVersionInfo

Sections

.rdata
Size: 1024B - Virtual size: 732B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
files/libs/XAudio2_9.dll
.dll windows:10 windows x64 arch:x64

4b7d7e0a9f1167b635f71347ca9cdb73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XAudio2_9.pdb

Imports

msvcrt

__dllonexit
_unlock
_purecall
_vsnprintf
_lock
_XcptFilter
_onexit
sqrt
_aligned_free
_aligned_malloc
wcscpy_s
malloc
_clearfp
_control87
_vsnwprintf
memcpy_s
??3@YAXPEAX@Z
sin
memcpy
cos
floorf
memcmp
memset
sqrtf
_callnewh
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_CxxThrowException
__CxxFrameHandler3
memmove
??1type_info@@UEAA@XZ
_amsg_exit
__C_specific_handler
free
_initterm
acosf
atan2f
cosf
exp
floor
log
pow
powf
sinf
tanf

api-ms-win-core-synch-l1-1-0

ReleaseSemaphore
CreateEventA
LeaveCriticalSection
ResetEvent
CreateMutexExW
WaitForSingleObjectEx
CreateEventExA
DeleteCriticalSection
InitializeCriticalSection
OpenSemaphoreW
WaitForSingleObject
SetEvent
CreateEventW
CreateWaitableTimerExW
ReleaseMutex
TryEnterCriticalSection
SetWaitableTimer
CreateSemaphoreExW
CancelWaitableTimer
WaitForMultipleObjectsEx
EnterCriticalSection

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapDestroy
HeapSize
GetProcessHeap
HeapCreate
HeapFree

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak
OutputDebugStringA

api-ms-win-core-com-l1-1-0

CoCreateInstance
PropVariantClear
CoTaskMemAlloc
CoTaskMemFree
StringFromGUID2
CoCreateGuid

api-ms-win-core-errorhandling-l1-1-0

RaiseException
GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError

api-ms-win-core-synch-l1-2-0

SleepConditionVariableCS
Sleep
InitializeConditionVariable
WakeAllConditionVariable

api-ms-win-core-processthreads-l1-1-0

ResumeThread
GetCurrentProcessId
GetThreadPriority
GetCurrentThreadId
TerminateProcess
SetThreadPriority
CreateThread
GetCurrentThread
GetCurrentProcess

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventSetInformation
EventRegister
EventWriteTransfer

api-ms-win-core-processtopology-obsolete-l1-1-0

GetProcessAffinityMask
SetThreadAffinityMask

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetModuleHandleExW
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleW

api-ms-win-core-sysinfo-l1-1-0

GetSystemInfo
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

mmdevapi

ord17

avrt

AvSetMmThreadPriority
AvSetMmThreadCharacteristicsA
AvRevertMmThreadCharacteristics

api-ms-win-core-synch-l1-2-1

CreateSemaphoreW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW

api-ms-win-core-string-l1-1-0

CompareStringOrdinal

api-ms-win-core-registry-l1-1-0

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyExA
RegQueryValueExA

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-featurestaging-l1-1-0

UnsubscribeFeatureStateChangeNotification
RecordFeatureUsage
SubscribeFeatureStateChangeNotification

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

CreateAudioReverb
CreateAudioReverbV2_8
CreateAudioVolumeMeter
CreateFX
X3DAudioCalculate
X3DAudioInitialize
XAudio2Create
XAudio2CreateV2_9
XAudio2CreateWithSharedContexts
XAudio2CreateWithVersionInfo

Sections

.text
Size: 446KB - Virtual size: 445KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.no_bbt
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XInput1_4.dll
.dll windows:10 windows x64 arch:x64

d05a85d591f6e82ba032f8ecb86de7bf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XInput1_4.pdb

Imports

msvcrt

_initterm
memcpy
malloc
free
_amsg_exit
_XcptFilter
_wcsnicmp
__C_specific_handler
_vsnwprintf
memset

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
UnregisterTraceGuids
RegisterTraceGuidsW
TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetVersionExW
GetSystemInfo
GetTickCount

api-ms-win-core-quirks-l1-1-0

QuirkIsEnabled

api-ms-win-security-base-l1-1-0

GetTokenInformation

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
GetProcAddress
FreeLibrary
LoadLibraryExW
LoadLibraryExA

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
GetLastError
SetLastError

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce
Sleep

api-ms-win-core-synch-l1-1-0

DeleteCriticalSection
ResetEvent
LeaveCriticalSection
SetEvent
CreateEventW
AcquireSRWLockExclusive
InitializeCriticalSection
WaitForSingleObject
ReleaseSRWLockExclusive
EnterCriticalSection

api-ms-win-core-processthreads-l1-1-0

CreateThread
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess

api-ms-win-core-io-l1-1-0

DeviceIoControl
GetOverlappedResult

api-ms-win-core-com-l1-1-0

CoCreateInstance

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventWriteTransfer
EventRegister
EventSetInformation

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-devices-query-l1-1-0

DevCloseObjectQuery
DevCreateObjectQuery

api-ms-win-rtcore-ntuser-private-l1-1-4

ord2597

devobj

DevObjGetDeviceProperty
DevObjCreateDeviceInfoList
DevObjGetClassDevs
DevObjEnumDeviceInfo
DevObjEnumDeviceInterfaces
DevObjGetDeviceInterfaceDetail
DevObjDestroyDeviceInfoList

api-ms-win-downlevel-kernel32-l1-1-0

QueueUserWorkItem

api-ms-win-core-memory-l1-1-0

VirtualQuery
VirtualProtect

Exports

Exports

DllMain
XInputEnable
XInputGetAudioDeviceIds
XInputGetBatteryInformation
XInputGetCapabilities
XInputGetKeystroke
XInputGetState
XInputSetState

Sections

.text
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XInput9_1_0.dll
.dll windows:10 windows x64 arch:x64

63d93368171f55b978aaeadef4dc5439

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XInput9_1_0.pdb

Imports

msvcrt

__C_specific_handler
_XcptFilter
_initterm
malloc
free
_amsg_exit

kernel32

Sleep
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
FreeLibrary
LoadLibraryExW
GetProcAddress
QueryPerformanceCounter
GetCurrentProcessId

Exports

Exports

DllMain
XInputGetCapabilities
XInputGetDSoundAudioDeviceGuids
XInputGetState
XInputSetState

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XInputUap.dll
.dll windows:10 windows x64 arch:x64

ba5cafa611966aacf9d4221b03f1679e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XInputUap.pdb

Imports

msvcrt

_initterm
malloc
free
__C_specific_handler
_XcptFilter
_purecall
_onexit
__CxxFrameHandler3
_lock
??3@YAXPEAX@Z
??1type_info@@UEAA@XZ
_unlock
_amsg_exit
__dllonexit
memcpy_s
_vsnwprintf
_callnewh
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memmove
memset

api-ms-win-core-libraryloader-l1-2-0

LoadLibraryExW
GetProcAddress
GetModuleHandleW
GetModuleHandleExW
GetModuleFileNameA
FreeLibrary

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
ReleaseMutex
CreateMutexExW
WaitForSingleObjectEx
LeaveCriticalSection
ReleaseSemaphore
CreateSemaphoreExW
EnterCriticalSection
OpenSemaphoreW
InitializeCriticalSectionEx
DeleteCriticalSection

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
RaiseException
SetLastError

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventUnregister
EventWriteTransfer
EventRegister

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount64
GetTickCount

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsDeleteString
WindowsGetStringRawBuffer

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

Exports

Exports

DllMain
XInputEnable
XInputGetAudioDeviceIds
XInputGetBatteryInformation
XInputGetCapabilities
XInputGetKeystroke
XInputGetState
XInputSetState

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/X_80.contrast-black.png
.png
files/libs/X_80.contrast-white.png
.png
files/libs/X_80.png
.png
files/libs/XamlTileRender.dll
.dll windows:10 windows x64 arch:x64

676fc741c159ab63dd398a1039a81679

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XamlTileRender.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o__wcsicmp
_o__wtoi
_o_free
_o_iswspace
_o_malloc
_o_terminate
_o_towlower
_o_wcstoul
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o__configure_narrow_argv
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o__crt_atexit
_o__cexit
_o__callnewh
__std_terminate
__CxxFrameHandler4
memcmp
memcpy

api-ms-win-crt-string-l1-1-0

memset
wcscmp

shcore

ord244
SHTaskPoolQueueTask

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleW
GetModuleFileNameA
GetModuleHandleExW

api-ms-win-core-synch-l1-2-0

InitOnceComplete
InitOnceBeginInitialize
InitOnceExecuteOnce

api-ms-win-core-synch-l1-1-0

ReleaseSRWLockExclusive
AcquireSRWLockExclusive
ReleaseMutex
WaitForSingleObjectEx
WaitForSingleObject
OpenSemaphoreW
ReleaseSemaphore
ReleaseSRWLockShared
CreateMutexExW
CreateSemaphoreExW
AcquireSRWLockShared
InitializeSRWLock
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionEx
DeleteCriticalSection
CreateEventW
InitializeCriticalSectionAndSpinCount

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
RaiseException
SetLastError
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-winrt-string-l1-1-0

WindowsDuplicateString
WindowsPreallocateStringBuffer
WindowsDeleteStringBuffer
WindowsPromoteStringBuffer
WindowsDeleteString
WindowsCreateStringReference
WindowsCreateString
WindowsGetStringRawBuffer
WindowsIsStringEmpty
WindowsStringHasEmbeddedNull

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcess
TerminateProcess
GetCurrentProcessId

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoOriginateErrorW
GetRestrictedErrorInfo
RoTransformError
SetRestrictedErrorInfo
RoFailFastWithErrorContext

api-ms-win-core-localization-l1-2-0

GetLocaleInfoEx
FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoIncrementMTAUsage
CoGetObjectContext
CoTaskMemFree

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory
RoActivateInstance

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlCaptureContext
RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InterlockedPushEntrySList
InitializeSListHead

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventSetInformation
EventRegister
EventWriteTransfer

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer
CreateThreadpoolTimer

api-ms-win-core-winrt-error-l1-1-1

RoReportFailedDelegate
RoGetMatchingRestrictedErrorInfo
IsErrorPropagationEnabled
RoOriginateLanguageException

msvcp_win

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

oleaut32

SysStringLen
SysFreeString

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XblAuthManager.dll
.dll windows:10 windows x64 arch:x64

c9fe76fa00dbca05f5e9e8985d7ca489

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XblAuthManager.pdb

Imports

msvcp_win

?_Xbad_alloc@std@@YAXXZ
?tolower@?$ctype@G@std@@QEBAPEBGPEAGPEBG@Z
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Xout_of_range@std@@YAXPEBD@Z
?tolower@?$ctype@G@std@@QEBAGG@Z
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?is@?$ctype@G@std@@QEBA_NFG@Z
??1_Locinfo@std@@QEAA@XZ
??1_Lockit@std@@QEAA@XZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
??0_Lockit@std@@QEAA@H@Z
_Wcscoll
_Wcsxfrm
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?id@?$ctype@G@std@@2V0locale@2@A
??Bid@locale@std@@QEAA_KXZ
?id@?$collate@G@std@@2V0locale@2@A

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e

api-ms-win-crt-private-l1-1-0

_o__i64tow_s
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__mkgmtime64
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsicmp
_o__wcsnicmp
_o__wcstoui64
_o__wctime64_s
memmove
_o__wtoi64
_o_free
_o_iswdigit
_o_malloc
_o_realloc
_o_terminate
_o_towlower
_o_towupper
_o_wcstol
_o_wcstoul
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o__crt_atexit
_o__execute_onexit_table
_o__configure_narrow_argv
_o__errno
_o__cexit
_o__callnewh
strrchr
wcsstr
wcschr
strchr
wcsrchr
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
__std_terminate
__CxxFrameHandler4
memcmp
memcpy

api-ms-win-crt-string-l1-1-0

wcscmp
wcsncmp
wcsnlen
memset

api-ms-win-core-com-l1-1-0

CoInitializeSecurity
CoRegisterClassObject
CoTaskMemFree
CoDecrementMTAUsage
CoGetCallContext
CoImpersonateClient
CoCreateInstance
CoCreateGuid
CoTaskMemAlloc
CoReleaseServerProcess
CoWaitForMultipleHandles
StringFromGUID2
CoAddRefServerProcess
CoRevertToSelf
CoDisconnectContext
CoRevokeClassObject
CoGetStandardMarshal
CoResumeClassObjects
CoCreateFreeThreadedMarshaler

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
GetModuleHandleExW
GetProcAddress
GetModuleFileNameA
DisableThreadLibraryCalls

api-ms-win-power-setting-l1-1-0

PowerSettingUnregisterNotification
PowerSettingRegisterNotification

api-ms-win-security-base-l1-1-0

RevertToSelf
ImpersonateLoggedOnUser
MakeAbsoluteSD
GetTokenInformation
DuplicateTokenEx
AdjustTokenPrivileges
DuplicateToken

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceExecuteOnce

api-ms-win-core-synch-l1-1-0

InitializeSRWLock
CreateSemaphoreExW
ReleaseSemaphore
OpenSemaphoreW
AcquireSRWLockExclusive
WaitForSingleObject
ReleaseMutex
CreateEventExW
ReleaseSRWLockShared
SetEvent
CreateMutexExW
AcquireSRWLockShared
ReleaseSRWLockExclusive
LeaveCriticalSection
EnterCriticalSection
CreateEventW
DeleteCriticalSection
ResetEvent
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeCriticalSection
WaitForMultipleObjectsEx
WaitForSingleObjectEx

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetLastError
SetUnhandledExceptionFilter
RaiseException

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference
WindowsDuplicateString
WindowsIsStringEmpty
WindowsCompareStringOrdinal
WindowsStringHasEmbeddedNull
WindowsCreateString
WindowsGetStringRawBuffer
WindowsDeleteString
WindowsGetStringLen

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventRegister
EventSetInformation
EventUnregister

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId
GetCurrentThread
OpenProcessToken
SetThreadToken
OpenThreadToken

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoInitialize
RoUninitialize
RoRevokeActivationFactories
RoGetActivationFactory
RoRegisterActivationFactories

api-ms-win-core-winrt-error-l1-1-0

RoOriginateErrorW
RoTransformError
RoOriginateError

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-service-core-l1-1-0

SetServiceStatus
RegisterServiceCtrlHandlerExW

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent
OpenProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount64
GetSystemTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

combase

ord66
ord68
ord69
ord67

appxalluserstore

FamilyMonikerStringToSid

wininet

InternetSetOptionW
InternetQueryOptionW

api-ms-win-crt-time-l1-1-0

_time64

api-ms-win-core-registry-l1-1-0

RegDeleteKeyExW
RegOpenCurrentUser
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
RegGetValueW
RegEnumValueW
RegDeleteTreeW

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer

ntdll

RtlFreeSid
DbgPrintEx
NtQueryInformationToken
RtlIpv4AddressToStringW
RtlSubscribeWnfStateChangeNotification
RtlQueryWnfStateData
RtlPublishWnfStateData
RtlUnsubscribeWnfStateChangeNotification

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueTimer
CreateTimerQueueTimer
ChangeTimerQueueTimer
QueueUserWorkItem

crypt32

CertAddEncodedCertificateToStore
CertFindCertificateInStore
CertOpenStore
CertAddCertificateContextToStore
CertCloseStore
CertEnumCertificatesInStore
CertFreeCertificateContext
CertCompareCertificate
CertDeleteCertificateFromStore
CertDuplicateCertificateContext
CryptQueryObject
CertGetCertificateContextProperty

winhttp

WinHttpSetTimeouts
WinHttpConnect
WinHttpOpenRequest
WinHttpOpen
WinHttpSetStatusCallback
WinHttpSetDefaultProxyConfiguration
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpReadData
WinHttpCloseHandle
WinHttpSetOption
WinHttpSendRequest
WinHttpCrackUrl

api-ms-win-security-capability-l1-1-0

CapabilityCheck

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
CompareStringOrdinal
MultiByteToWideChar

api-ms-win-core-psapi-l1-1-0

K32GetModuleFileNameExW

oleaut32

SysFreeString

api-ms-win-core-heap-l2-1-0

LocalFree

bcrypt

BCryptFinalizeKeyPair
BCryptGenerateKeyPair
BCryptOpenAlgorithmProvider
BCryptDestroyKey
BCryptSignHash
BCryptExportKey
BCryptGetProperty
BCryptCreateHash
BCryptHashData
BCryptCloseAlgorithmProvider
BCryptDestroyHash
BCryptFinishHash
BCryptImportKeyPair

api-ms-win-core-registry-l1-1-1

RegDeleteKeyValueW
RegSetKeyValueW

api-ms-win-security-lsalookup-l2-1-0

LookupPrivilegeValueW

api-ms-win-core-shutdown-l1-1-0

InitiateSystemShutdownExW

iphlpapi

GetAdaptersAddresses

ws2_32

htonl
WSAGetLastError
InetPtonW

api-ms-win-core-file-l1-1-0

GetFileAttributesExW
WriteFile
GetFileSize
GetFileAttributesW
CreateDirectoryW
DeleteFileW
CreateFileW
ReadFile
FindFirstFileW
FindClose
FindNextFileW

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx

api-ms-win-service-management-l1-1-0

StartServiceW
OpenServiceW
OpenSCManagerW
CloseServiceHandle

api-ms-win-service-winsvc-l1-1-0

QueryServiceStatus
ControlService

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile
CreateFileMappingW
MapViewOfFile

userenv

ExpandEnvironmentStringsForUserW

api-ms-win-security-credentials-l1-1-0

CredWriteW
CredDeleteW
CredFree
CredReadW

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

rpcrt4

RpcSsDestroyClientContext
RpcAsyncCompleteCall
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcAsyncInitializeHandle
RpcStringFreeW
RpcBindingFree
RpcBindingSetAuthInfoExW
RpcAsyncCancelCall
Ndr64AsyncClientCall

ncrypt

NCryptStreamOpenToUnprotect
NCryptCloseProtectionDescriptor
NCryptStreamClose
NCryptStreamUpdate
NCryptCreateProtectionDescriptor
NCryptStreamOpenToProtect

sspicli

LogonUserExExW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-appmodel-identity-l1-2-0

AppContainerDeriveSidFromMoniker

api-ms-win-appmodel-runtime-l1-1-0

GetPackagesByPackageFamily
GetPackageFamilyName

urlmon

CreateUri

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

Exports

Exports

ServiceMain

Sections

.text
Size: 828KB - Virtual size: 827KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XblAuthManagerProxy.dll
.dll windows:10 windows x64 arch:x64

554b9d3fc531eb6bf112868ddfed781a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XblAuthManagerProxy.pdb

Imports

msvcrt

malloc
_lock
_unlock
__dllonexit
_callnewh
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
_initterm
?what@exception@@UEBAPEBDXZ
_CxxThrowException
_onexit
_amsg_exit
memcmp
_XcptFilter
_purecall
??3@YAXPEAX@Z
memcpy
memmove
??1type_info@@UEAA@XZ
free
__CxxFrameHandler3
??1exception@@UEAA@XZ
__C_specific_handler
memset

ntdll

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

rpcrt4

CStdStubBuffer_Invoke
CStdStubBuffer_Connect
CStdStubBuffer_Disconnect
CStdStubBuffer_QueryInterface
CStdStubBuffer_CountRefs
CStdStubBuffer_IsIIDSupported
NdrStubCall3
IUnknown_QueryInterface_Proxy
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
IUnknown_Release_Proxy
CStdStubBuffer_AddRef
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
IUnknown_AddRef_Proxy
NdrStubForwardingFunction
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrCStdStubBuffer2_Release

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce
Sleep

api-ms-win-core-winrt-string-l1-1-0

HSTRING_UserSize64
HSTRING_UserUnmarshal64
HSTRING_UserFree64
HSTRING_UserFree
HSTRING_UserMarshal
HSTRING_UserMarshal64
HSTRING_UserUnmarshal
HSTRING_UserSize

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError

api-ms-win-core-synch-l1-1-0

ReleaseSRWLockExclusive
AcquireSRWLockShared
AcquireSRWLockExclusive
ReleaseSRWLockShared

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TerminateProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoCreateInstance
CoGetStandardMarshal
CoTaskMemFree

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

api-ms-win-core-registry-l1-1-0

RegGetValueW

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient12
ObjectStublessClient22
ObjectStublessClient4
ObjectStublessClient26
CStdAsyncStubBuffer_QueryInterface
CStdAsyncStubBuffer_Invoke
CStdAsyncStubBuffer_AddRef
ObjectStublessClient5
CStdAsyncStubBuffer_Connect
ObjectStublessClient28
ObjectStublessClient27
ObjectStublessClient3
CStdAsyncStubBuffer_Disconnect
CStdAsyncStubBuffer_Release
ObjectStublessClient25
ObjectStublessClient24
CStdStubBuffer2_Connect
NdrProxyForwardingFunction3
ObjectStublessClient21
ObjectStublessClient16
ObjectStublessClient10
ObjectStublessClient17
ObjectStublessClient9
ObjectStublessClient8
ObjectStublessClient6
NdrProxyForwardingFunction5
NdrProxyForwardingFunction4
ObjectStublessClient19
CStdStubBuffer2_QueryInterface
ObjectStublessClient13
ObjectStublessClient7
CStdStubBuffer2_Disconnect
ObjectStublessClient23
ObjectStublessClient15
ObjectStublessClient20
ObjectStublessClient18
ObjectStublessClient14
CStdStubBuffer2_CountRefs
ObjectStublessClient11

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

DllCanUnloadNow
DllGetClassObject

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XblAuthTokenBrokerExt.dll
.dll windows:10 windows x64 arch:x64

832310b8ecc7bdbeed37ba8537682837

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XblAuthTokenBrokerExt.pdb

Imports

api-ms-win-crt-string-l1-1-0

memset
wcsnlen

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
memmove
_o__wcsicmp
_o_free
_o_malloc
_o_realloc
__C_specific_handler
__CxxFrameHandler3
_CxxThrowException
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o__cexit
_o__callnewh
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o__crt_atexit
_o___std_exception_copy
_o__configure_narrow_argv
wcschr
__std_terminate
__CxxFrameHandler4
memcmp
memcpy

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringLen
WindowsDeleteString
WindowsStringHasEmbeddedNull
WindowsIsStringEmpty
WindowsGetStringRawBuffer
WindowsCreateString
WindowsCreateStringReference

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventSetInformation
EventWriteTransfer

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
GetCurrentProcess
OpenProcessToken

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetModuleHandleW
GetModuleHandleExW
DisableThreadLibraryCalls
GetProcAddress

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
RaiseException

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionAndSpinCount
CreateEventW
InitializeSRWLock
LeaveCriticalSection
ReleaseSemaphore
ReleaseMutex
DeleteCriticalSection
InitializeCriticalSectionEx
CreateSemaphoreExW
SetEvent
WaitForSingleObjectEx
EnterCriticalSection
ReleaseSRWLockShared
CreateMutexExW
ReleaseSRWLockExclusive
OpenSemaphoreW
WaitForSingleObject
AcquireSRWLockShared
AcquireSRWLockExclusive

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoCreateInstance

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoOriginateErrorW
RoTransformError

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-synch-l1-2-0

InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
SetThreadpoolTimer

api-ms-win-core-string-l1-1-0

WideCharToMultiByte

api-ms-win-security-base-l1-1-0

GetTokenInformation

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

msvcp_win

?_Xlength_error@std@@YAXPEBD@Z

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-stateseparation-helpers-l1-1-0

GetPersistedRegistryLocationW

Exports

Exports

DllCanUnloadNow
DllGetActivationFactory
DllGetClassObject

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XblGameSave.dll
.dll windows:10 windows x64 arch:x64

7e80c7b4f275c9ea605678d912adb2c4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XblGameSave.pdb

Imports

msvcrt

__C_specific_handler
??0exception@@QEAA@AEBQEBDH@Z
??1type_info@@UEAA@XZ
_lock
_unlock
__dllonexit
malloc
_initterm
??_V@YAXPEAX@Z
_vsnprintf
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBV0@@Z
?what@exception@@UEBAPEBDXZ
_onexit
memmove
__CxxFrameHandler3
free
??3@YAXPEAX@Z
_amsg_exit
_XcptFilter
_callnewh
_purecall
_CxxThrowException
??0bad_cast@@QEAA@AEBV0@@Z
??1bad_cast@@UEAA@XZ
??0bad_cast@@QEAA@PEBD@Z
strchr
realloc
towupper
wcscat_s
??8type_info@@QEBAHAEBV0@@Z
_ultow_s
memmove_s
_wcstoui64
_wcsicmp
wcsstr
wcsncpy_s
wcscpy_s
_wtoi64
wcschr
wcsncmp
swscanf_s
_wtoi
tolower
setlocale
memcpy
___mb_cur_max_func
_errno
___lc_handle_func
___lc_codepage_func
__pctype_func
calloc
__crtLCMapStringW
___lc_collate_cp_func
memcmp
__crtCompareStringW
abort
??1exception@@UEAA@XZ
??0exception@@QEAA@XZ
_vsnprintf_s
memcpy_s
_vsnwprintf
?terminate@@YAXXZ
memset

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
OpenThreadToken
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleExW
GetModuleFileNameA
GetModuleHandleW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetLastError
RaiseException
SetUnhandledExceptionFilter

api-ms-win-core-synch-l1-1-0

SetEvent
ResetEvent
CreateSemaphoreExW
InitializeCriticalSectionEx
InitializeCriticalSection
ReleaseSemaphore
CreateMutexExW
ReleaseMutex
WaitForSingleObjectEx
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
WaitForSingleObject
CreateEventW
DeleteCriticalSection
InitializeSRWLock
EnterCriticalSection
ReleaseSRWLockShared
OpenSemaphoreW
LeaveCriticalSection

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-com-l1-1-0

CoReleaseServerProcess
CoFreeUnusedLibraries
CoCreateInstance
CoInitializeEx
CoAddRefServerProcess
CoUninitialize
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoTaskMemFree
CoSetProxyBlanket
CoSwitchCallContext
StringFromGUID2
CoCreateGuid
CoRevertToSelf
CoImpersonateClient
CoRevokeClassObject
CoEnableCallCancellation
CoDecrementMTAUsage
CoCancelCall
CoDisableCallCancellation
CoInitializeSecurity
CoRegisterClassObject
CoResumeClassObjects
CoDisconnectContext

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoUninitialize
RoInitialize
RoRegisterActivationFactories
RoGetActivationFactory
RoRevokeActivationFactories

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsCreateStringReference
WindowsCompareStringOrdinal
WindowsGetStringLen
WindowsIsStringEmpty
WindowsStringHasEmbeddedNull
WindowsDeleteString
WindowsDuplicateString
WindowsGetStringRawBuffer

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventSetInformation
EventUnregister
EventWriteTransfer

api-ms-win-core-winrt-error-l1-1-0

RoOriginateErrorW
RoOriginateError
RoTransformError

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-service-core-l1-1-0

SetServiceStatus
RegisterServiceCtrlHandlerExW

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
WakeAllConditionVariable
Sleep
InitOnceExecuteOnce

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW
ConvertStringSidToSidW

api-ms-win-security-base-l1-1-0

MakeAbsoluteSD
RevertToSelf
ImpersonateLoggedOnUser

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetTickCount64
GetSystemTime

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegDeleteKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteValueW
RegCreateKeyExW
RegDeleteTreeW
RegGetValueW
RegCloseKey
RegOpenKeyExW
RegSetValueExW

api-ms-win-core-threadpool-l1-2-0

WaitForThreadpoolTimerCallbacks
CreateThreadpoolTimer
SetThreadpoolTimer
SetThreadpoolWait
CloseThreadpoolTimer
WaitForThreadpoolWaitCallbacks
CreateThreadpoolWait
CloseThreadpoolWork
CloseThreadpoolWait
CreateThreadpoolWork
SubmitThreadpoolWork
WaitForThreadpoolWorkCallbacks

api-ms-win-power-setting-l1-1-0

PowerSettingRegisterNotification
PowerSettingUnregisterNotification

api-ms-win-service-management-l1-1-0

OpenSCManagerW
CloseServiceHandle
OpenServiceW

api-ms-win-service-management-l2-1-0

ChangeServiceConfigW

oleaut32

VariantInit

api-ms-win-security-lsalookup-l2-1-0

LookupAccountSidW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-file-l1-1-0

FindClose
GetFileInformationByHandle
CreateDirectoryW
CreateFileW
SetFilePointerEx
SetEndOfFile
FindNextFileW
FindFirstFileW
ReadFile
WriteFile
CompareFileTime
GetFileSizeEx
GetFileAttributesW

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
SystemTimeToFileTime

rpcrt4

NdrServerCallAll
NdrServerCall2
RpcRevertToSelfEx
RpcImpersonateClient
RpcServerUnregisterIf
RpcBindingVectorFree
RpcServerUseProtseqW
RpcServerInqBindings
RpcServerRegisterIf3
RpcEpRegisterW
RpcEpUnregister
UuidFromStringW

api-ms-win-core-string-l1-1-0

GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueTimer
CreateTimerQueueTimer

ntdll

NtFlushBuffersFileEx
NtSetInformationFile
RtlDosPathNameToNtPathName_U
NtQueryInformationToken
DbgPrintEx
NtQueryWnfStateData
RtlUnsubscribeWnfStateChangeNotification
RtlCapabilityCheck
RtlInitUnicodeString
RtlIsMultiSessionSku
RtlSubscribeWnfStateChangeNotification

combase

ord67
ord69
ord68
ord66

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

Exports

Exports

ServiceMain

Sections

.text
Size: 841KB - Virtual size: 840KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RT_CODE
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 347KB - Virtual size: 346KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XblGameSaveExt.dll
.dll windows:10 windows x64 arch:x64

439a5494913805c562813ed13f86862c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XblGameSaveExt.pdb

Imports

msvcrt

__dllonexit
__C_specific_handler
__CxxFrameHandler3
_unlock
_onexit
_initterm
malloc
memcmp
free
_amsg_exit
_vsnwprintf
_wcsicmp
_lock
wcsncmp
qsort_s
wcschr
_vsnprintf
_wcsnicmp
swscanf_s
_callnewh
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_CxxThrowException
memcpy
memmove
??1type_info@@UEAA@XZ
_XcptFilter
??3@YAXPEAX@Z
memcpy_s
_purecall
memset

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress

api-ms-win-core-synch-l1-1-0

CreateWaitableTimerExW
SetWaitableTimer
CreateMutexExW
CancelWaitableTimer
ReleaseSRWLockShared
OpenSemaphoreW
WaitForSingleObjectEx
AcquireSRWLockShared
ReleaseMutex
InitializeSRWLock
WaitForSingleObject
SetEvent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
ReleaseSemaphore
OpenEventW
CreateEventW
LeaveCriticalSection
CreateSemaphoreExW
InitializeCriticalSection
DeleteCriticalSection

api-ms-win-core-heap-l1-1-0

HeapReAlloc
GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
GetLastError
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

GetCurrentThread
GetCurrentProcessId
CreateThread
ResumeThread
GetCurrentThreadId
QueueUserAPC
TerminateProcess
GetCurrentProcess

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsCreateStringReference
WindowsGetStringRawBuffer
WindowsCreateString

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceFrequency
QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventSetInformation
EventUnregister
EventWriteTransfer

api-ms-win-core-com-l1-1-0

CoUninitialize
CoInitializeEx
CoCreateGuid
CoTaskMemFree
CoGetMalloc
CoWaitForMultipleHandles
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
CoGetCallContext

dnsapi

DnsQueryEx
DnsRecordListUnmapV4MappedAAAAInPlace
DnsFree

api-ms-win-core-registry-l1-1-0

RegGetValueW
RegCloseKey
RegOpenKeyExW

winhttp

WinHttpCloseHandle
WinHttpCrackUrl
WinHttpCreateUrl
WinHttpQueryHeaders
WinHttpQueryOption
WinHttpReadData
WinHttpWriteData
WinHttpReceiveResponse
WinHttpSetStatusCallback
WinHttpSetTimeouts
WinHttpOpenRequest
WinHttpConnect
WinHttpSetOption
WinHttpSendRequest
WinHttpOpen

api-ms-win-core-errorhandling-l1-1-2

RaiseFailFastException

api-ms-win-core-file-l1-1-0

GetFileSizeEx
DeleteFileW
CreateFileW

crypt32

CertVerifyCertificateChainPolicy
CertGetCertificateChain
CertFreeCertificateChain
CertGetCertificateContextProperty
CertFreeCertificateContext

api-ms-win-core-processenvironment-l1-1-0

GetEnvironmentVariableW

api-ms-win-core-path-l1-1-0

PathCchAddExtension
PathCchAppend

rpcrt4

UuidCreateSequential

api-ms-win-core-threadpool-legacy-l1-1-0

UnregisterWaitEx

api-ms-win-core-kernel32-legacy-l1-1-0

RegisterWaitForSingleObject

api-ms-win-mm-time-l1-1-0

timeBeginPeriod
timeEndPeriod

ntdll

RtlIpv4StringToAddressExW
NtQueryObject
RtlIpv6StringToAddressExW
RtlGetLastWin32Error
RtlIpv4AddressToStringExW
RtlIpv6AddressToStringExW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte

Exports

Exports

XblGameSave_GetUserStorageRoot
XblGameSave_NTMSCreateInstance
XblGameSave_NTMSServerStart
XblGameSave_NTMSServerStop

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 612B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XblGameSaveProxy.dll
.dll regsvr32 windows:10 windows x64 arch:x64

c16d46dedf9fc2ba917bcf7f71dbf80f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XblGameSaveProxy.pdb

Imports

msvcrt

_amsg_exit
_XcptFilter
__C_specific_handler
_initterm
free
malloc
memcmp

rpcrt4

CStdStubBuffer_Connect
IUnknown_QueryInterface_Proxy
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrDllRegisterProxy
NdrDllUnregisterProxy
CStdStubBuffer_Disconnect
CStdStubBuffer_DebugServerRelease
NdrOleAllocate
CStdStubBuffer_QueryInterface
CStdStubBuffer_Invoke
CStdStubBuffer_CountRefs
IUnknown_Release_Proxy
IUnknown_AddRef_Proxy
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_IsIIDSupported
NdrOleFree

api-ms-win-core-winrt-string-l1-1-0

HSTRING_UserMarshal64
HSTRING_UserUnmarshal
HSTRING_UserMarshal
HSTRING_UserFree
HSTRING_UserSize64
HSTRING_UserFree64
HSTRING_UserSize
HSTRING_UserUnmarshal64

api-ms-win-core-com-midlproxystub-l1-1-0

ObjectStublessClient3
CStdAsyncStubBuffer_AddRef
ObjectStublessClient6
ObjectStublessClient13
CStdAsyncStubBuffer_Invoke
ObjectStublessClient7
CStdAsyncStubBuffer_QueryInterface
ObjectStublessClient8
ObjectStublessClient9
ObjectStublessClient12
CStdAsyncStubBuffer_Disconnect
ObjectStublessClient10
ObjectStublessClient5
CStdAsyncStubBuffer_Connect
CStdAsyncStubBuffer_Release
ObjectStublessClient11
ObjectStublessClient4

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
GetCurrentProcessId
TerminateProcess
GetCurrentProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
GetProxyDllInfo

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XboxGipRadioManager.dll
.dll regsvr32 windows:10 windows x64 arch:x64

261c24b57ec8d0d6368e6850f42def73

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XboxGipRadioManager.pdb

Imports

msvcrt

_lock
__CxxFrameHandler3
_errno
??1type_info@@UEAA@XZ
_onexit
?terminate@@YAXXZ
_CxxThrowException
_initterm
_amsg_exit
_XcptFilter
_callnewh
vswprintf_s
_vscwprintf
_unlock
__dllonexit
memmove_s
wprintf
calloc
_resetstkoflw
_purecall
wcscat_s
wcscpy_s
memcpy_s
free
malloc
wcsncpy_s
__C_specific_handler
realloc
memset

ntdll

RtlLookupFunctionEntry
RtlCaptureContext
EtwUnregisterTraceGuids
RtlVirtualUnwind
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage
EtwRegisterTraceGuidsW

oleaut32

LoadTypeLi
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
RegisterTypeLi
SysFreeString
SysAllocStringLen
SysAllocString

kernel32

Sleep
AcquireSRWLockExclusive
HeapDestroy
GetProcessHeap
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
UnhandledExceptionFilter
ReleaseSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
CreateThread
CreateEventW
SetEvent
DeviceIoControl
OutputDebugStringA
GetTickCount
CreateFileW
FreeLibrary
SetUnhandledExceptionFilter
CloseHandle
GetLastError
GetProcAddress
LoadLibraryExW
GetModuleHandleW
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
lstrcmpiW
GetCurrentThreadId
DeleteCriticalSection
WaitForSingleObject
GetModuleFileNameW
InitializeCriticalSection
LeaveCriticalSection
RaiseException
EnterCriticalSection
FindResourceExW
MultiByteToWideChar
SizeofResource
LoadResource
GetSystemTimeAsFileTime

ole32

CoTaskMemRealloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2

user32

CharNextW
LoadStringW
UnregisterClassA

advapi32

RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegQueryValueExW
RegCreateKeyExW

cfgmgr32

CM_Unregister_Notification
CM_Register_Notification

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 412B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XboxNetApiSvc.dll
.dll windows:10 windows x64 arch:x64

41b0457d980e1d74c5f605e82d3b3bdd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XboxNetApiSvc.pdb

Imports

msvcrt

__CxxFrameHandler3
memcpy_s
_vsnwprintf
wcschr
_ultow_s
realloc
vswprintf_s
_vsnprintf_s
memcmp
memmove_s
wcscpy_s
swprintf_s
_snwprintf_s
strtoul
_wcsicmp
_wcstoui64
memcpy
memmove
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
__C_specific_handler
_initterm
malloc
free
_amsg_exit
_XcptFilter
_purecall
memset

powrprof

PowerSettingRegisterNotification
PowerSettingUnregisterNotification

ntdll

RtlInitUnicodeString
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlCreateServiceSid

api-ms-win-core-com-l1-1-0

CoCreateFreeThreadedMarshaler
CoTaskMemAlloc
CoRevokeClassObject
CoRegisterClassObject
CoResumeClassObjects
CoCreateGuid
CoInitializeEx
CoWaitForMultipleHandles
CoTaskMemFree
CoCreateInstance
CoAddRefServerProcess
CoReleaseServerProcess
CoUninitialize
CoDisconnectContext

api-ms-win-core-synch-l1-2-0

InitOnceExecuteOnce
Sleep

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsIsStringEmpty
WindowsGetStringRawBuffer
WindowsDuplicateString
WindowsCreateStringReference
WindowsCompareStringOrdinal
WindowsStringHasEmbeddedNull
WindowsDeleteString

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-winrt-l1-1-0

RoUninitialize
RoRevokeActivationFactories
RoActivateInstance
RoRegisterActivationFactories
RoInitialize
RoGetActivationFactory

api-ms-win-core-winrt-error-l1-1-0

GetRestrictedErrorInfo
RoOriginateErrorW
RoSetErrorReportingFlags
SetRestrictedErrorInfo
RoTransformError
RoOriginateError

api-ms-win-core-synch-l1-1-0

SetWaitableTimer
DeleteCriticalSection
InitializeSRWLock
AcquireSRWLockShared
InitializeCriticalSection
WaitForMultipleObjectsEx
CreateWaitableTimerExW
SetEvent
WaitForSingleObject
CreateEventW
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
ReleaseSRWLockShared
LeaveCriticalSection
ResetEvent

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
GetTraceEnableLevel
UnregisterTraceGuids
RegisterTraceGuidsW
TraceMessage
GetTraceEnableFlags

api-ms-win-core-libraryloader-l1-2-0

LoadStringW
GetModuleHandleW
DisableThreadLibraryCalls

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter
QueryPerformanceFrequency

api-ms-win-core-handle-l1-1-0

CloseHandle
DuplicateHandle

api-ms-win-service-core-l1-1-0

SetServiceStatus
RegisterServiceCtrlHandlerExW

api-ms-win-core-errorhandling-l1-1-0

RaiseException
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError

api-ms-win-security-sddl-l1-1-0

ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-security-base-l1-1-0

GetTokenInformation
GetLengthSid
EqualSid
CopySid
CreateWellKnownSid

api-ms-win-core-processthreads-l1-1-0

CreateThread
OpenProcessToken
GetCurrentThreadId
GetCurrentThread
TerminateProcess
OpenThreadToken
GetCurrentProcess
GetExitCodeThread
GetCurrentProcessId

api-ms-win-core-sysinfo-l1-1-0

GetVersionExW
GetTickCount
GetSystemTimeAsFileTime
GetTickCount64
GetComputerNameExW

iphlpapi

GetIpNetEntry2
GetIpForwardTable2
GetAdaptersAddresses
FreeMibTable
DeleteIpNetEntry2
InitializeIpForwardEntry
NotifyUnicastIpAddressChange
CancelMibChangeNotify2
NotifyRouteChange2
GetBestRoute2
NotifyIpInterfaceChange

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-file-l1-1-0

CreateFileW
ReadFile
GetFileAttributesW

ws2_32

getsockname
bind
setsockopt
WSAGetLastError
WSASocketW
WSAStartup
WSACleanup
WSAGetOverlappedResult
WSASendTo
FreeAddrInfoW
WSARecvFrom
GetAddrInfoW
GetNameInfoW
getaddrinfo
freeaddrinfo
ntohs
closesocket

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegCloseKey
RegGetValueW
RegOpenKeyExW
RegDeleteValueW
RegSetValueExW

rpcrt4

RpcServerInqCallAttributesW
NdrClientCall3
RpcBindingCreateW
RpcBindingBind
RpcBindingUnbind
RpcBindingFree

api-ms-win-core-winrt-error-l1-1-1

IsErrorPropagationEnabled
RoGetMatchingRestrictedErrorInfo
RoReportFailedDelegate

winhttp

WinHttpOpen
WinHttpSendRequest
WinHttpOpenRequest
WinHttpConnect
WinHttpReceiveResponse
WinHttpQueryHeaders
WinHttpCloseHandle
WinHttpQueryOption
WinHttpReadData

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

crypt32

CryptAcquireCertificatePrivateKey
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CryptDecodeObject
CertStrToNameW
PFXImportCertStore
PFXIsPFXBlob
CertFindCertificateInStore
CertGetCertificateContextProperty
CertGetEnhancedKeyUsage
CertOpenStore
CertGetNameStringW
CertFreeCertificateChain
CertCreateCertificateChainEngine
CertFreeCertificateContext
CryptFindCertificateKeyProvInfo
CryptExportPublicKeyInfo
CertIsRDNAttrsInCertificateName
CryptSignAndEncodeCertificate
CryptStringToBinaryW
CryptBinaryToStringW
CertDeleteCertificateFromStore
CertCloseStore
CertFreeCertificateChainEngine
CertAddCertificateContextToStore
CertCreateCertificateContext
CertEnumCertificatesInStore
CertVerifyTimeValidity

api-ms-win-core-com-l1-1-1

RoGetAgileReference

api-ms-win-service-management-l1-1-0

OpenSCManagerW
OpenServiceW
CloseServiceHandle

api-ms-win-service-core-l1-1-1

EnumServicesStatusExW

api-ms-win-service-management-l2-1-0

QueryServiceConfig2W
QueryServiceStatusEx

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventRegister
EventSetInformation
EventWriteTransfer

api-ms-win-core-timezone-l1-1-0

GetTimeZoneInformation

oleaut32

SysAllocString
VariantClear
SysFreeString
VariantChangeType
VariantInit

api-ms-win-core-winrt-robuffer-l1-1-0

RoGetBufferMarshaler

nsi

NsiGetAllParameters

winnsi

NsiRpcRegisterChangeNotification
NsiRpcDeregisterChangeNotification
NsiConnectToServer
NsiDisconnectFromServer

api-ms-win-downlevel-kernel32-l2-1-0

MulDiv

api-ms-win-appmodel-runtime-l1-1-0

GetApplicationUserModelId
GetPackageFullName

api-ms-win-appmodel-runtime-l1-1-1

GetStagedPackagePathByFullName

ncrypt

NCryptDeleteKey
NCryptExportKey
NCryptSetProperty
NCryptCreatePersistedKey
NCryptOpenStorageProvider
NCryptFinalizeKey
NCryptFreeObject

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

fwpuclnt

IkeextSaDestroyEnumHandle0
FwppGetMD5HashBytes
IkeextSaEnum2
FwpmEngineOpen0
FwpmProviderGetByKey0
FwpmProviderAdd0
FwpmProviderDeleteByKey0
FwpmEngineClose0
FwpmFreeMemory0
FwpmTransactionBegin0
FwpmTransactionCommit0
FwpmTransactionAbort0
FwpmProviderContextAdd2
FwpmProviderContextDeleteByKey0
FwpmProviderContextGetById2
FwpmFilterAdd0
FwpmFilterDeleteById0
IPsecSaContextDeleteById0
IPsecSaContextGetById1
IPsecSaContextCreateEnumHandle0
IPsecSaContextEnum1
IPsecSaContextDestroyEnumHandle0
IPsecSaInitiateAsync0
IkeextSaCreateEnumHandle0

api-ms-win-security-cryptoapi-l1-1-0

CryptReleaseContext
CryptExportKey
CryptDestroyKey
CryptGetProvParam
CryptAcquireContextA

firewallapi

FWDeleteSecurityRealm
FWSetAuthenticationSet
FWDeleteAuthenticationSet
FWAddSecurityRealm
FWOpenPolicyStore
FWAddCryptoSet
FWDeleteCryptoSet
FWEnumProducts
FWClosePolicyStore
FWRevertTransaction
FWGetGlobalConfig
FWAddFirewallRule
FWDeleteFirewallRule
FWGetConfig
FWAddAuthenticationSet
FWFreeProducts

Exports

Exports

ServiceMain

Sections

.text
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XpsDocumentTargetPrint.dll
.dll regsvr32 windows:10 windows x64 arch:x64

462d18eea38c83f5e26842c54a4a845c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

xpsdocumenttargetprint.pdb

Imports

msvcrt

srand
memmove_s
??0exception@@QEAA@AEBQEBDH@Z
rand
time
wcscpy_s
memcmp
memcpy
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
__C_specific_handler
_initterm
free
_amsg_exit
malloc
_XcptFilter
_CxxThrowException
_wcsicmp
_callnewh
swprintf_s
strncmp
??1type_info@@UEAA@XZ
wcsrchr
_vsnprintf
strcspn
localeconv
sprintf_s
_strtoi64
_strtoui64
ldiv
_errno
__pctype_func
___lc_handle_func
___lc_codepage_func
__mb_cur_max
setlocale
__uncaught_exception
__crtGetStringTypeW
__crtLCMapStringW
isupper
__crtLCMapStringA
___mb_cur_max_func
islower
isspace
tolower
memchr
abort
isalnum
isdigit
__CxxFrameHandler3
??0exception@@QEAA@AEBQEBD@Z
?what@exception@@UEBAPEBDXZ
_purecall
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
memset

api-ms-win-core-libraryloader-l1-2-0

GetProcAddress
GetModuleHandleExW
FreeLibrary
GetModuleHandleW
LoadLibraryExW
GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

AcquireSRWLockShared
DeleteCriticalSection
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
EnterCriticalSection
SetEvent
WaitForSingleObject
CreateSemaphoreExW
LeaveCriticalSection
InitializeCriticalSection
CreateEventW
InitializeCriticalSectionAndSpinCount
ReleaseMutex
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseSemaphore
InitializeCriticalSectionEx
ReleaseSRWLockShared
CreateMutexExW

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
SetLastError
SetUnhandledExceptionFilter

api-ms-win-eventing-provider-l1-1-0

EventActivityIdControl
EventSetInformation
EventWrite
EventUnregister
EventRegister
EventEnabled
EventWriteTransfer

api-ms-win-eventing-classicprovider-l1-1-0

RegisterTraceGuidsW
UnregisterTraceGuids
TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
GetCurrentThreadId
TerminateProcess
GetCurrentProcessId
GetProcessTimes

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringA
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceExecuteOnce
InitOnceBeginInitialize
InitOnceComplete

api-ms-win-core-com-l1-1-0

CreateStreamOnHGlobal
CoTaskMemFree
CoSetProxyBlanket
CoCreateInstanceEx
CoGetMalloc
CoUninitialize
CoCreateFreeThreadedMarshaler
CoCreateInstance
CoTaskMemAlloc
CoCreateGuid
StringFromCLSID
CoInitializeEx

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
CloseThreadpoolWork
CloseThreadpoolTimer
CreateThreadpoolWork
WaitForThreadpoolTimerCallbacks
SubmitThreadpoolWork
FreeLibraryWhenCallbackReturns
CreateThreadpoolTimer

api-ms-win-core-heap-l2-1-0

GlobalAlloc
GlobalFree
LocalFree

oleaut32

SetErrorInfo
SysAllocStringLen
SysAllocString
VariantInit
SysFreeString
VariantClear
SysStringLen

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError

rpcrt4

NdrDllGetClassObject
NdrDllUnregisterProxy
NdrDllCanUnloadNow
NdrCStdStubBuffer_Release
NdrStubForwardingFunction
IUnknown_AddRef_Proxy
NdrDllRegisterProxy
NdrOleFree
IUnknown_Release_Proxy
NdrOleAllocate
NdrCStdStubBuffer2_Release
IUnknown_QueryInterface_Proxy
NdrStubCall3
RpcServerInqCallAttributesW
UuidCreateSequential
UuidToStringW
RpcStringFreeW

api-ms-win-core-winrt-string-l1-1-0

WindowsDeleteString
WindowsGetStringRawBuffer

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-file-l1-1-0

CreateDirectoryW
GetFileAttributesW
DeleteFileW
WriteFile

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte
CompareStringW

api-ms-win-security-base-l1-1-0

GetTokenInformation

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-version-l1-1-1

GetFileVersionInfoW
GetFileVersionInfoSizeW

api-ms-win-core-version-l1-1-0

VerQueryValueW

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

ntdll

WinSqmIncrementDWORD
NtQueryInformationToken
WinSqmIsOptedIn
RtlNtStatusToDosError
RtlGetAppContainerSidType
RtlReleaseSRWLockExclusive
RtlAcquireSRWLockExclusive
RtlReleaseSRWLockShared
RtlInitializeSRWLock
RtlAcquireSRWLockShared

api-ms-win-shcore-stream-l1-1-0

SHCreateStreamOnFileW

api-ms-win-shlwapi-ie-l1-1-0

PathIsDirectoryW

xpsservices

ord9
ord8

combase

CStdStubBuffer_AddRef
CStdStubBuffer_DebugServerRelease
ord4
CStdStubBuffer_Disconnect
ord6
CStdStubBuffer2_Disconnect
ord32
ord33
CStdStubBuffer_QueryInterface
ord2
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer2_CountRefs
CStdStubBuffer_Invoke
CStdStubBuffer2_Connect
CStdStubBuffer_Connect
ord3
CStdStubBuffer_IsIIDSupported
ord34
CStdStubBuffer2_QueryInterface
ord35
CStdStubBuffer_CountRefs

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

xmllite

CreateXmlReader

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 283KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XpsGdiConverter.dll
.dll windows:10 windows x64 arch:x64

7d229aee6f417a0016cbdfcdcc0ba99b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XpsGdiConverter.pdb

Imports

msvcrt

powf
sin
_XcptFilter
??8type_info@@QEBAHAEBV0@@Z
fmodf
floorf
floor
cos
ceilf
ceil
memmove
memcpy
??0exception@@QEAA@AEBQEBD@Z
rand
srand
_vsnprintf_s
??0exception@@QEAA@XZ
_purecall
memcmp
_vsnwprintf
__CxxFrameHandler3
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
_amsg_exit
_initterm
__C_specific_handler
??1type_info@@UEAA@XZ
__dllonexit
_onexit
?terminate@@YAXXZ
sqrt
_callnewh
_unlock
atan
memcpy_s
memset
wcsnlen
_lock
malloc
free
acosf
asinf
sqrtf

kernel32

InitializeCriticalSectionEx
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
Sleep
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount
SleepConditionVariableSRW
WakeAllConditionVariable
VirtualQuery
FreeLibrary
LoadLibraryW
InitOnceComplete
InitOnceBeginInitialize
IsDebuggerPresent
DebugBreak
GetModuleHandleW
GetProcessHeap
GetSystemDefaultLCID
CreateMutexExW
GetProcAddress
HeapAlloc
CloseHandle
OpenSemaphoreW
WaitForSingleObjectEx
GetSystemInfo
OutputDebugStringW
GetLastError
FormatMessageW
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
GetModuleHandleExW
ReleaseSemaphore
SetLastError
HeapFree
CreateSemaphoreExW
GetModuleFileNameA
DisableThreadLibraryCalls
RaiseException
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
LoadLibraryExA
VirtualProtect
QueryPerformanceFrequency
VerifyVersionInfoW
VerSetConditionMask
GetCurrentProcessId
GetTickCount64

user32

FillRect

gdi32

CreateSolidBrush
SetMiterLimit
ExtCreatePen
GetMiterLimit
GetPolyFillMode
FillPath
BeginPath
PolyDraw
SelectClipPath
SetPolyFillMode
CreateRectRgn
EndPath
LineTo
SelectClipRgn
MoveToEx
GetTextMetricsW
ExtTextOutW
SaveDC
ModifyWorldTransform
StartPage
CreateDIBSection
CreateCompatibleDC
SetGraphicsMode
AbortDoc
EndDoc
GdiFlush
ResetDCW
StretchDIBits
CreateDCW
GetStockObject
GetDeviceCaps
DeleteDC
ExtEscape
SetStretchBltMode
RestoreDC
StartDocW
EndPage
SetWorldTransform
AddFontMemResourceEx
SelectObject
GetTextFaceW
GetTextAlign
SetTextColor
GetTextColor
DeleteObject
RemoveFontMemResourceEx
CreateFontIndirectW
SetTextAlign
SetBkMode

ole32

CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

oleaut32

SysFreeString
VariantInit

shlwapi

PathIsRelativeW

shell32

SHGetKnownFolderPath

prntvpt

ord4
ord2
ord10
ord8
ord1

advapi32

RegQueryValueExW
UnregisterTraceGuids
RegisterTraceGuidsW
GetTraceEnableLevel
RegCloseKey
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
EventWrite
EventWriteTransfer
EventSetInformation
EventEnabled
EventRegister
TraceMessage
GetTraceLoggerHandle
GetTraceEnableFlags
EventUnregister

d3d11

D3D11CreateDevice

d2d1

ord5
ord1

dwrite

DWriteCreateFactory

Sections

.text
Size: 327KB - Virtual size: 327KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/XpsPrint.dll
.dll windows:10 windows x64 arch:x64

6eca595c8c82f810b21eb481ad76799c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

xpsprint.pdb

Imports

msvcrt

tolower
_amsg_exit
_initterm
islower
_wsetlocale
__crtLCMapStringA
__crtLCMapStringW
_wcsdup
memchr
ldexp
__C_specific_handler
?terminate@@YAXXZ
abort
__dllonexit
_onexit
___mb_cur_max_func
_vsnwprintf
memcpy_s
??3@YAXPEAX@Z
_purecall
??1exception@@UEAA@XZ
??0exception@@QEAA@XZ
??0exception@@QEAA@AEBV0@@Z
__CxxFrameHandler3
_vsnprintf_s
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBQEBDH@Z
_XcptFilter
memcmp
isalnum
isdigit
??0exception@@QEAA@AEBQEBD@Z
??1bad_cast@@UEAA@XZ
??0bad_cast@@QEAA@PEBD@Z
memset
calloc
___lc_codepage_func
___lc_handle_func
isupper
__pctype_func
__uncaught_exception
setlocale
_unlock
_lock
_errno
wcsrchr
_vsnprintf
_finite
_vsnwprintf_l
wcstod
_isnan
memmove
memcpy
_CxxThrowException
_callnewh
strncmp
swprintf_s
_wtof
ldiv
malloc
memmove_s
wcscpy_s
??1type_info@@UEAA@XZ
??_V@YAXPEAX@Z
_wcsicmp
sprintf_s
isspace
free
localeconv
strcspn
??0bad_cast@@QEAA@AEBV0@@Z
_ismbblead

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameA
FreeLibraryAndExitThread
GetModuleHandleW
LoadLibraryExW
GetProcAddress
GetModuleHandleExW
FreeLibrary

api-ms-win-core-synch-l1-1-0

WaitForSingleObject
ReleaseSRWLockExclusive
SetEvent
InitializeCriticalSection
InitializeCriticalSectionEx
CreateEventW
DeleteCriticalSection
ReleaseSRWLockShared
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
AcquireSRWLockShared
EnterCriticalSection
ReleaseSemaphore
CreateSemaphoreExW
WaitForSingleObjectEx
ResetEvent
AcquireSRWLockExclusive
ReleaseMutex
OpenSemaphoreW
CreateMutexExW

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError

api-ms-win-eventing-provider-l1-1-0

EventUnregister
EventSetInformation
EventRegister
EventWriteTransfer
EventEnabled
EventWrite

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceEnableLevel
RegisterTraceGuidsW
UnregisterTraceGuids
GetTraceEnableFlags
GetTraceLoggerHandle
TraceMessage

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
SetThreadToken
ResumeThread
GetCurrentThread
OpenThreadToken
CreateThread
ExitProcess
GetCurrentThreadId
GetCurrentProcess
GetProcessTimes
TlsSetValue
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
IsDebuggerPresent
DebugBreak

api-ms-win-core-handle-l1-1-0

DuplicateHandle
CloseHandle

api-ms-win-core-com-l1-1-0

CoTaskMemFree
CoCreateGuid
CoCreateInstanceEx
CoSetProxyBlanket
CreateStreamOnHGlobal
CoCreateInstance
CoInitializeEx
CoGetMalloc
CoUninitialize
StringFromCLSID
CoTaskMemAlloc

api-ms-win-core-synch-l1-2-0

WakeAllConditionVariable
InitOnceBeginInitialize
InitOnceComplete
Sleep
SleepConditionVariableSRW

api-ms-win-core-threadpool-l1-2-0

SetThreadpoolTimer
CloseThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks

api-ms-win-core-processthreads-l1-1-1

OpenProcess

api-ms-win-core-heap-l2-1-0

GlobalAlloc
GlobalFree
LocalFree

oleaut32

VariantInit
SysAllocStringLen
SysStringLen
VariantClear
SetErrorInfo
SysFreeString
SysAllocString

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-file-l1-2-0

GetTempPathW

api-ms-win-core-registry-l1-1-0

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

api-ms-win-core-string-l1-1-0

GetStringTypeW
CompareStringW
MultiByteToWideChar
WideCharToMultiByte

api-ms-win-core-file-l1-1-0

SetFilePointer
CreateFileW
GetFileAttributesW
FindNextFileW
FlushFileBuffers
FindFirstFileW
WriteFile
DeleteFileW
FindClose
ReadFile
CreateDirectoryW
SetFilePointerEx
SetEndOfFile

api-ms-win-security-base-l1-1-0

GetTokenInformation

rpcrt4

UuidCreateSequential
UuidToStringW
RpcServerInqCallAttributesW
RpcStringFreeW

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-version-l1-1-1

GetFileVersionInfoSizeW
GetFileVersionInfoW

api-ms-win-core-version-l1-1-0

VerQueryValueW

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount
GetTickCount64

api-ms-win-core-util-l1-1-0

EncodePointer
DecodePointer

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

ntdll

RtlReleaseSRWLockShared
RtlInitializeSRWLock
RtlReleaseSRWLockExclusive
RtlAcquireSRWLockExclusive
WinSqmIncrementDWORD
NtQueryInformationToken
RtlNtStatusToDosError
RtlGetAppContainerSidType
RtlAcquireSRWLockShared
WinSqmIsOptedIn

api-ms-win-shcore-stream-l1-1-0

SHCreateStreamOnFileW

api-ms-win-shlwapi-ie-l1-1-0

PathIsDirectoryW

xpsservices

ord8
ord9

winspool.drv

ord361
ord362
GetPrintExecutionData

api-ms-win-core-sysinfo-l1-2-0

VerSetConditionMask

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-kernel32-legacy-l1-1-1

VerifyVersionInfoW

urlmon

CreateUri

xmllite

CreateXmlReader

api-ms-win-core-kernel32-legacy-l1-1-0

RegisterWaitForSingleObject

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueTimer
CreateTimerQueue
DeleteTimerQueueEx
CreateTimerQueueTimer
UnregisterWaitEx
QueueUserWorkItem

Exports

Exports

StartXpsPrintJob
StartXpsPrintJob1

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 323KB - Virtual size: 323KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/libEGL.dll
.dll windows:6 windows x86 arch:x86

48c72c12b3685003a84e2caf235b2330

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fd:86:6f:d5:3e:03:39:78:5d:dc:76:c5:2a:2b:ad:5d:d5:81:ff:08
Signer

Actual PE Digest

fd:86:6f:d5:3e:03:39:78:5d:dc:76:c5:2a:2b:ad:5d:d5:81:ff:08

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

libglesv2

?SwapInterval@egl@@YGIPAXH@Z
?BindAPI@egl@@YGII@Z
?QueryAPI@egl@@YGIXZ
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?ReleaseThread@egl@@YGIXZ
?WaitClient@egl@@YGIXZ
?GetCurrentContext@egl@@YGPAXXZ
?CreateSync@egl@@YGPAXPAXIPBH@Z
?DestroySync@egl@@YGIPAX0@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?SurfaceAttrib@egl@@YGIPAX0HH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?DestroyImage@egl@@YGIPAX0@Z
?GetPlatformDisplay@egl@@YGPAXIPAXPBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?WaitSync@egl@@YGIPAX0H@Z
?QuerySurfacePointerANGLE@egl@@YGIPAX0HPAPAX@Z
?PostSubBufferNV@egl@@YGIPAX0HHHH@Z
?GetPlatformDisplayEXT@egl@@YGPAXIPAXPBH@Z
?ReleaseTexImage@egl@@YGIPAX0H@Z
?BindTexImage@egl@@YGIPAX0H@Z
?WaitNative@egl@@YGIH@Z
?WaitGL@egl@@YGIXZ
?Terminate@egl@@YGIPAX@Z
?SwapBuffers@egl@@YGIPAX0@Z
?QuerySurface@egl@@YGIPAX0HPAH@Z
?QueryString@egl@@YGPBDPAXH@Z
?QueryContext@egl@@YGIPAX0HPAH@Z
?MakeCurrent@egl@@YGIPAX000@Z
?Initialize@egl@@YGIPAXPAH1@Z
?GetProcAddress@egl@@YGP6AXXZPBD@Z
?GetError@egl@@YGHXZ
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetCurrentSurface@egl@@YGPAXH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentDisplay@egl@@YGPAXXZ
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroyContext@egl@@YGIPAX0@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?GetSyncAttrib@egl@@YGIPAX0HPAH@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z

msvcr120

__crtTerminateProcess
_crt_debugger_hook
_except_handler4_common
__clean_type_info_names_internal
_onexit
__dllonexit
_calloc_crt
_unlock
_lock
_initterm_e
_initterm
_malloc_crt
free
_amsg_exit
__CppXcptFilter
__crtUnhandledException

kernel32

IsDebuggerPresent
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
DecodePointer
EncodePointer
IsProcessorFeaturePresent

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglCopyBuffers
eglCreateContext
eglCreateImage
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformWindowSurface
eglCreateSync
eglCreateWindowSurface
eglDestroyContext
eglDestroyImage
eglDestroySurface
eglDestroySync
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglInitialize
eglMakeCurrent
eglPostSubBufferNV
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 388B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/libeay32.dll
.dll windows:6 windows x86 arch:x86

0ab3c0ccca6cffc5857fa9eaa9166822

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

85:cb:51:af:bb:c7:e1:d2:fe:91:ea:b6:8f:f1:94:2c:2c:05:c1:6c
Signer

Actual PE Digest

85:cb:51:af:bb:c7:e1:d2:fe:91:ea:b6:8f:f1:94:2c:2c:05:c1:6c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\bas\browserautomationstudiobuild\build32\builddevrelease\openssl\src\openssl-1.0.1f\out32dll\libeay32.pdb

Imports

ws2_32

sendto
recvfrom
WSACleanup
WSAStartup
getservbyname
gethostbyname
ntohs
ntohl
listen
getsockopt
ioctlsocket
bind
accept
socket
setsockopt
htons
htonl
connect
WSAGetLastError
WSASetLastError
shutdown
send
recv
closesocket

gdi32

SelectObject
GetDeviceCaps
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
GetObjectA

advapi32

RegisterEventSourceA
DeregisterEventSource
ReportEventA

user32

GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

msvcr120

__clean_type_info_names_internal
_onexit
_snprintf
_exit
getenv
strtoul
wcsstr
__iob_func
sscanf
vfprintf
_vsnprintf
raise
realloc
malloc
free
memcpy
_localtime64
_time64
memset
_gmtime64
_stricmp
_strnicmp
_errno
strncpy
memmove
_read
_write
isdigit
isxdigit
fprintf
atoi
sprintf
strstr
fputs
fclose
feof
ferror
fflush
fgets
_fileno
fopen
fread
fseek
ftell
fwrite
_wfopen
_setmode
strchr
perror
_ftime64
qsort
strcmp
_fdopen
_chmod
_open
_stat64i32
strerror
isspace
isalnum
tolower
strncmp
isupper
strrchr
exit
strtol
memchr
signal
_getch
printf
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_except_handler4_common
__CppXcptFilter
_amsg_exit
_malloc_crt
_initterm
_initterm_e
_lock
_unlock
_calloc_crt
__dllonexit

kernel32

FreeLibrary
CloseHandle
FindNextFileA
FindFirstFileA
LoadLibraryA
GetVersion
GetCurrentThreadId
GetLastError
GetFileType
GetStdHandle
SetLastError
MultiByteToWideChar
QueryPerformanceCounter
GetCurrentProcessId
GetTickCount
GetVersionExA
GlobalMemoryStatus
FlushConsoleInputBuffer
IsDebuggerPresent
EncodePointer
IsProcessorFeaturePresent
DecodePointer
GetSystemTimeAsFileTime
FindClose
GetProcAddress
GetModuleHandleA
ExitProcess

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_to_generalizedtime
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_bn_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_asc2bn
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new

Sections

.text
Size: 759KB - Virtual size: 759KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 319KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/msvcp120.dll
.dll windows:6 windows x86 arch:x86

6ccda270a497a2c5a36a7f385cc9910d

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13
Signer

Actual PE Digest

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13

Digest Algorithm

sha256

PE Digest Matches

true

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e
Signer

Actual PE Digest

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcp120.i386.pdb

Imports

msvcr120

?what@exception@std@@UBEPBDXZ
_CxxThrowException
__CxxFrameHandler3
fclose
fflush
fgetc
fgetpos
fsetpos
_fseeki64
fwrite
setvbuf
ungetc
_lock_file
_unlock_file
memcpy_s
memset
_fsopen
fseek
_wfsopen
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?Alloc@Concurrency@@YAPAXI@Z
?Free@Concurrency@@YAXPAX@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0critical_section@Concurrency@@QAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
?wait@event@Concurrency@@QAEII@Z
?set@event@Concurrency@@QAEXXZ
ldexp
sprintf_s
strcspn
wcslen
_Strftime
_Wcsftime
strcmp
setlocale
_malloc_crt
_realloc_crt
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
fgetwc
fputwc
ungetwc
__uncaught_exception
_errno
memcmp
_wcsdup
___lc_locale_name_func
___lc_collate_cp_func
__crtCompareStringA
__crtLCMapStringA
___lc_codepage_func
_ismbblead
remove
rename
_wremove
strcpy_s
wcscpy_s
_wgetcwd
_wchdir
_wmkdir
_wrmdir
??1bad_cast@std@@UAE@XZ
_getcwd
_chdir
_mkdir
_rmdir
__crtIsPackagedApp
__crtCreateSymbolicLinkW
__crtGetFileInformationByHandleEx
__crtSetFileInformationByHandle
_calloc_crt
??0_Condition_variable@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
__crtSleep
_beginthreadex
_endthreadex
?lock@critical_section@Concurrency@@QAEXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?unlock@critical_section@Concurrency@@QAEXXZ
?terminate@@YAXXZ
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
calloc
??0operation_timed_out@Concurrency@@QAE@XZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
??0bad_target@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
?Log2@details@Concurrency@@YAKI@Z
_lock
_unlock
__pctype_func
isupper
__crtGetLocaleInfoEx
islower
__crtLCMapStringW
isspace
tolower
memchr
sqrt
isdigit
isxdigit
isalnum
__crtCompareStringW
__dllonexit
_onexit
??1type_info@@UAE@XZ
__CppXcptFilter
_amsg_exit
_initterm
_initterm_e
_except_handler4_common
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
__clean_type_info_names_internal
??0bad_cast@std@@QAE@ABV01@@Z
_W_Gettnames
_W_Getmonths
_W_Getdays
_Gettnames
_Getmonths
_Getdays
localeconv
??0bad_cast@std@@QAE@PBD@Z
??_V@YAXPAX@Z
??1exception@std@@UAE@XZ
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@XZ
memmove
strlen
memcpy
malloc
free
___mb_cur_max_func
_purecall
rand_s
fputs
fputc
__iob_func
abort
log
__crtInitializeCriticalSectionEx
??3@YAXPAX@Z
??2@YAPAXI@Z
_wrename

kernel32

GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStringTypeW
GetSystemTimeAsFileTime
GetExitCodeThread
GetCurrentThreadId
GetCurrentThread
GetCurrentProcess
WaitForSingleObject
DuplicateHandle
AreFileApisANSI
CreateHardLinkW
CopyFileW
GetLastError
CloseHandle
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
FindNextFileW
FindFirstFileExW
FindClose
CreateFileW
WideCharToMultiByte
MultiByteToWideChar
DecodePointer
EncodePointer
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
DisableThreadLibraryCalls

Exports

Exports

??$_Getvals@_W@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??$_Getvals@_W@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAEX_WABV_Locinfo@1@@Z
??0?$_Yarn@D@std@@QAE@ABV01@@Z
??0?$_Yarn@D@std@@QAE@PBD@Z
??0?$_Yarn@D@std@@QAE@XZ
??0?$_Yarn@_W@std@@QAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_ios@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_ios@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$basic_ios@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N1@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N1@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_istream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N1@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAE@$$QAV01@@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@_N@Z
??0?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAE@W4_Uninitialized@1@_N@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAE@XZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAE@XZ
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@ABV01@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@W4_Uninitialized@1@@Z
??0?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAE@XZ
??0?$codecvt@DDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@DDH@std@@QAE@I@Z
??0?$codecvt@GDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@GDH@std@@QAE@I@Z
??0?$codecvt@_WDH@std@@QAE@ABV_Locinfo@1@I@Z
??0?$codecvt@_WDH@std@@QAE@I@Z
??0?$ctype@D@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@D@std@@QAE@PBF_NI@Z
??0?$ctype@G@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@G@std@@QAE@I@Z
??0?$ctype@_W@std@@QAE@ABV_Locinfo@1@I@Z
??0?$ctype@_W@std@@QAE@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAE@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAE@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IAE@PBDI@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@ABV_Locinfo@1@I@Z
??0?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAE@I@Z
??0Init@ios_base@std@@QAE@XZ
??0_Concurrent_queue_base_v4@details@Concurrency@@IAE@I@Z
??0_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@ABV_Concurrent_queue_base_v4@12@@Z
??0_Container_base12@std@@QAE@ABU01@@Z
??0_Container_base12@std@@QAE@XZ
??0_Facet_base@std@@QAE@ABV01@@Z
??0_Facet_base@std@@QAE@XZ
??0_Init_locks@std@@QAE@XZ
??0_Locimp@locale@std@@AAE@ABV012@@Z
??0_Locimp@locale@std@@AAE@_N@Z
??0_Locinfo@std@@QAE@HPBD@Z
??0_Locinfo@std@@QAE@PBD@Z
??0_Lockit@std@@QAE@H@Z
??0_Lockit@std@@QAE@XZ
??0_Pad@std@@QAE@ABV01@@Z
??0_Pad@std@@QAE@XZ
??0_Runtime_object@details@Concurrency@@QAE@H@Z
??0_Runtime_object@details@Concurrency@@QAE@XZ
??0_Timevec@std@@QAE@ABV01@@Z
??0_Timevec@std@@QAE@PAX@Z
??0_UShinit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??0agent@Concurrency@@QAE@AAVScheduleGroup@1@@Z
??0agent@Concurrency@@QAE@AAVScheduler@1@@Z
??0agent@Concurrency@@QAE@XZ
??0codecvt_base@std@@QAE@I@Z
??0ctype_base@std@@QAE@I@Z
??0facet@locale@std@@IAE@I@Z
??0id@locale@std@@QAE@I@Z
??0ios_base@std@@IAE@XZ
??0time_base@std@@QAE@I@Z
??1?$_Yarn@D@std@@QAE@XZ
??1?$_Yarn@_W@std@@QAE@XZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ios@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_iostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_iostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_istream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_istream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_ostream@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UAE@XZ
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UAE@XZ
??1?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@UAE@XZ
??1?$codecvt@DDH@std@@MAE@XZ
??1?$codecvt@GDH@std@@MAE@XZ
??1?$codecvt@_WDH@std@@MAE@XZ
??1?$ctype@D@std@@MAE@XZ
??1?$ctype@G@std@@MAE@XZ
??1?$ctype@_W@std@@MAE@XZ
??1?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@MAE@XZ
??1?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@MAE@XZ
??1?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@MAE@XZ
??1Init@ios_base@std@@QAE@XZ
??1_Concurrent_queue_base_v4@details@Concurrency@@MAE@XZ
??1_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAE@XZ
??1_Concurrent_vector_base_v4@details@Concurrency@@IAE@XZ
??1_Container_base12@std@@QAE@XZ
??1_Facet_base@std@@UAE@XZ
??1_Init_locks@std@@QAE@XZ
??1_Locimp@locale@std@@MAE@XZ
??1_Locinfo@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ
??1_Pad@std@@QAE@XZ
??1_Timevec@std@@QAE@XZ
??1_UShinit@std@@QAE@XZ
??1_Winit@std@@QAE@XZ
??1agent@Concurrency@@UAE@XZ
??1codecvt_base@std@@UAE@XZ
??1ctype_base@std@@UAE@XZ
??1facet@locale@std@@MAE@XZ
??1ios_base@std@@UAE@XZ
??1time_base@std@@UAE@XZ
??4?$_Iosb@H@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@ABV01@@Z
??4?$_Yarn@D@std@@QAEAAV01@PBD@Z
??4?$_Yarn@_W@std@@QAEAAV01@PB_W@Z
??4?$basic_iostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_iostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_istream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@DU?$char_traits@D@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@GU?$char_traits@G@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_ostream@_WU?$char_traits@_W@std@@@std@@IAEAAV01@$$QAV01@@Z
??4?$basic_streambuf@DU?$char_traits@D@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@GU?$char_traits@G@std@@@std@@IAEAAV01@ABV01@@Z
??4?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@IAEAAV01@ABV01@@Z
??4Init@ios_base@std@@QAEAAV012@ABV012@@Z
??4_Container_base0@std@@QAEAAU01@ABU01@@Z
??4_Container_base12@std@@QAEAAU01@ABU01@@Z
??4_Facet_base@std@@QAEAAV01@ABV01@@Z
??4_Init_locks@std@@QAEAAV01@ABV01@@Z
??4_Pad@std@@QAEAAV01@ABV01@@Z
??4_Timevec@std@@QAEAAV01@ABV01@@Z
??4_UShinit@std@@QAEAAV01@ABV01@@Z
??4_Winit@std@@QAEAAV01@ABV01@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAF@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAG@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAH@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAI@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAJ@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAK@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAM@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAN@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAO@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AAPAX@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_J@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_K@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@AA_N@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??5?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@DU?$char_traits@D@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@GU?$char_traits@G@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PAV?$basic_streambuf@GU?$char_traits@G@std@@@1@@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEAAV01@_N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@F@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@G@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@H@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@I@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@M@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@N@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@O@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV01@AAV01@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAV?$basic_ios@_WU?$char_traits@_W@std@@@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@P6AAAVios_base@1@AAV21@@Z@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PAV?$basic_streambuf@_WU?$char_traits@_W@std@@@1@@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@PBX@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_J@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_K@Z
??6?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEAAV01@_N@Z
??7ios_base@std@@QBE_NXZ
??Bid@locale@std@@QAEIXZ
??Bios_base@std@@QBE_NXZ
??_7?$basic_ios@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ios@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ios@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_iostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_iostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_iostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_istream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_istream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_istream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_ostream@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_ostream@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_ostream@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$basic_streambuf@DU?$char_traits@D@std@@@std@@6B@
??_7?$basic_streambuf@GU?$char_traits@G@std@@@std@@6B@
??_7?$basic_streambuf@_WU?$char_traits@_W@std@@@std@@6B@
??_7?$codecvt@DDH@std@@6B@
??_7?$codecvt@GDH@std@@6B@
??_7?$codecvt@_WDH@std@@6B@
??_7?$ctype@D@std@@6B@
??_7?$ctype@G@std@@6B@
??_7?$ctype@_W@std@@6B@
??_7?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@6B@
??_7?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@6B@
??_7?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@6B@
??_7_Facet_base@std@@6B@
??_7_Locimp@locale@std@@6B@
??_7_Pad@std@@6B@
??_7codecvt_base@std@@6B@
??_7ctype_base@std@@6B@
??_7facet@locale@std@@6B@
??_7ios_base@std@@6B@
??_7time_base@std@@6B@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_istream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@DU?$char_traits@D@std@@@std@@7B?$basic_ostream@DU?$char_traits@D@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_istream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@GU?$char_traits@G@std@@@std@@7B?$basic_ostream@GU?$char_traits@G@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_istream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_iostream@_WU?$char_traits@_W@std@@@std@@7B?$basic_ostream@_WU?$char_traits@_W@std@@@1@@
??_8?$basic_istream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_istream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_istream@_WU?$char_traits@_W@std@@@std@@7B@
??_8?$basic_ostream@DU?$char_traits@D@std@@@std@@7B@
??_8?$basic_ostream@GU?$char_traits@G@std@@@std@@7B@
??_8?$basic_ostream@_WU?$char_traits@_W@std@@@std@@7B@
??_D?$basic_iostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_iostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_iostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_istream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_istream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_istream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_D?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEXXZ
??_D?$basic_ostream@GU?$char_traits@G@std@@@std@@QAEXXZ
??_D?$basic_ostream@_WU?$char_traits@_W@std@@@std@@QAEXXZ
??_F?$codecvt@DDH@std@@QAEXXZ
??_F?$codecvt@GDH@std@@QAEXXZ
??_F?$codecvt@_WDH@std@@QAEXXZ
??_F?$ctype@D@std@@QAEXXZ
??_F?$ctype@G@std@@QAEXXZ
??_F?$ctype@_W@std@@QAEXXZ
??_F?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@QAEXXZ
??_F?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@QAEXXZ
??_F?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@QAEXXZ
??_F_Locinfo@std@@QAEXXZ
??_F_Timevec@std@@QAEXXZ
??_Fcodecvt_base@std@@QAEXXZ
??_Fctype_base@std@@QAEXXZ
??_Ffacet@locale@std@@QAEXXZ
??_Fid@locale@std@@QAEXXZ
??_Ftime_base@std@@QAEXXZ
?GetNextAsyncId@platform@details@Concurrency@@YAIXZ
?NFS_Allocate@details@Concurrency@@YAPAXIIPAX@Z
?NFS_Free@details@Concurrency@@YAXPAX@Z
?NFS_GetLineSize@details@Concurrency@@YAIXZ
?_10@placeholders@std@@3V?$_Ph@$09@2@A
?_11@placeholders@std@@3V?$_Ph@$0L@@2@A
?_12@placeholders@std@@3V?$_Ph@$0M@@2@A
?_13@placeholders@std@@3V?$_Ph@$0N@@2@A
?_14@placeholders@std@@3V?$_Ph@$0O@@2@A
?_15@placeholders@std@@3V?$_Ph@$0P@@2@A
?_16@placeholders@std@@3V?$_Ph@$0BA@@2@A
?_17@placeholders@std@@3V?$_Ph@$0BB@@2@A
?_18@placeholders@std@@3V?$_Ph@$0BC@@2@A
?_19@placeholders@std@@3V?$_Ph@$0BD@@2@A
?_1@placeholders@std@@3V?$_Ph@$00@2@A
?_20@placeholders@std@@3V?$_Ph@$0BE@@2@A
?_2@placeholders@std@@3V?$_Ph@$01@2@A
?_3@placeholders@std@@3V?$_Ph@$02@2@A
?_4@placeholders@std@@3V?$_Ph@$03@2@A
?_5@placeholders@std@@3V?$_Ph@$04@2@A
?_6@placeholders@std@@3V?$_Ph@$05@2@A
?_7@placeholders@std@@3V?$_Ph@$06@2@A
?_8@placeholders@std@@3V?$_Ph@$07@2@A
?_9@placeholders@std@@3V?$_Ph@$08@2@A
?_Addcats@_Locinfo@std@@QAEAAV12@HPBD@Z
?_Addfac@_Locimp@locale@std@@AAEXPAVfacet@23@I@Z
?_Addstd@ios_base@std@@SAXPAV12@@Z
?_Advance@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXXZ
?_Assign@_Concurrent_queue_iterator_base_v4@details@Concurrency@@IAEXABV123@@Z
?_Atexit@@YAXP6AXXZ@Z
?_BADOFF@std@@3_JB
?_Byte_reverse_table@details@Concurrency@@3QBEB
?_C_str@?$_Yarn@D@std@@QBEPBDXZ
?_C_str@?$_Yarn@_W@std@@QBEPB_WXZ
?_Callfns@ios_base@std@@AAEXW4event@12@@Z
?_Clocptr@_Locimp@locale@std@@0PAV123@A
?_Close_dir@sys@tr2@std@@YAXPAX@Z
?_Copy_file@sys@tr2@std@@YAHPBD0_N@Z
?_Copy_file@sys@tr2@std@@YAHPB_W0_N@Z
?_Current_get@sys@tr2@std@@YAPADAAY0BAE@D@Z
?_Current_get@sys@tr2@std@@YAPA_WAAY0BAE@_W@Z
?_Current_set@sys@tr2@std@@YA_NPBD@Z
?_Current_set@sys@tr2@std@@YA_NPB_W@Z
?_Decref@facet@locale@std@@UAEPAV_Facet_base@3@XZ
?_Donarrow@?$ctype@G@std@@IBEDGD@Z
?_Donarrow@?$ctype@_W@std@@IBED_WD@Z
?_Dowiden@?$ctype@G@std@@IBEGD@Z
?_Dowiden@?$ctype@_W@std@@IBE_WD@Z
?_Empty@?$_Yarn@D@std@@QBE_NXZ
?_Empty@?$_Yarn@_W@std@@QBE_NXZ
?_Equivalent@sys@tr2@std@@YAHPBD0@Z
?_Equivalent@sys@tr2@std@@YAHPB_W0@Z
?_Ffmt@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAPADPADDH@Z
?_Ffmt@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAPADPADDH@Z
?_File_size@sys@tr2@std@@YA_KPBD@Z
?_File_size@sys@tr2@std@@YA_KPB_W@Z
?_Findarr@ios_base@std@@AAEAAU_Iosarray@12@H@Z
?_Fiopen@std@@YAPAU_iobuf@@PBDHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PBGHH@Z
?_Fiopen@std@@YAPAU_iobuf@@PB_WHH@Z
?_Fput@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@DU?$char_traits@D@std@@@2@V32@AAVios_base@2@DPBDIIII@Z
?_Fput@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@GU?$char_traits@G@std@@@2@V32@AAVios_base@2@GPBDIIII@Z
?_Fput@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABA?AV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@AAVios_base@2@_WPBDIIII@Z
?_Future_error_map@std@@YAPBDH@Z
?_GetCombinableSize@details@Concurrency@@YAIXZ
?_Getcat@?$codecvt@DDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@GDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$codecvt@_WDH@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@D@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@G@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$ctype@_W@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$num_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@DV?$ostreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@GV?$ostreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@?$time_put@_WV?$ostreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@SAIPAPBVfacet@locale@2@PBV42@@Z
?_Getcat@facet@locale@std@@SAIPAPBV123@PBV23@@Z
?_Getcoll@_Locinfo@std@@QBE?AU_Collvec@@XZ
?_Getctype@_Locinfo@std@@QBE?AU_Ctypevec@@XZ
?_Getcvt@_Locinfo@std@@QBE?AU_Cvtvec@@XZ
?_Getdateorder@_Locinfo@std@@QBEHXZ
?_Getdays@_Locinfo@std@@QBEPBDXZ
?_Getfalse@_Locinfo@std@@QBEPBDXZ
?_Getffld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1AAVios_base@2@PAH@Z
?_Getffldx@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1AAVios_base@2@PAH@Z
?_Getfmt@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getfmt@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@IBE?AV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@V32@0AAVios_base@2@AAHPAUtm@@PBD@Z
?_Getgloballocale@locale@std@@CAPAV_Locimp@12@XZ
?_Getifld@?$num_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@1HABVlocale@2@@Z
?_Getifld@?$num_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHPADAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@1HABVlocale@2@@Z
?_Getint@?$time_get@DV?$istreambuf_iterator@DU?$char_traits@D@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@DU?$char_traits@D@std@@@2@0HHAAHABV?$ctype@D@2@@Z
?_Getint@?$time_get@GV?$istreambuf_iterator@GU?$char_traits@G@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@GU?$char_traits@G@std@@@2@0HHAAHABV?$ctype@G@2@@Z
?_Getint@?$time_get@_WV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@std@@@std@@ABAHAAV?$istreambuf_iterator@_WU?$char_traits@_W@std@@@2@0HHAAHABV?$ctype@_W@2@@Z

Sections

.text
Size: 391KB - Virtual size: 390KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/msvcr120.dll
.dll windows:6 windows x86 arch:x86

aa8d086deb6960b10f8791df466a5610

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/03/2013, 20:08

Not After

27/06/2014, 20:08

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:B8EC-30A4-7144,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/01/2013, 22:33

Not After

24/04/2014, 22:33

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

24/09/2013, 17:41

Not After

24/12/2014, 17:41

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88
Signer

Actual PE Digest

0a:82:cf:f8:a2:0e:57:bd:cc:0a:76:cf:1e:4f:c9:43:8c:94:65:03:5e:34:db:a7:06:0b:42:ee:a6:9d:c2:88

Digest Algorithm

sha256

PE Digest Matches

true

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78
Signer

Actual PE Digest

3f:08:90:50:77:63:e4:04:ba:19:2c:b1:94:32:e7:d0:82:51:35:78

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr120.i386.pdb

Imports

kernel32

EncodePointer
DecodePointer
RaiseException
GetLastError
ExitProcess
GetModuleHandleW
GetModuleHandleExW
GetProcAddress
AreFileApisANSI
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineA
GetCommandLineW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetModuleFileNameA
SetLastError
GetCurrentThread
GetModuleFileNameW
IsProcessorFeaturePresent
GetStdHandle
WriteFile
FindClose
FindFirstFileExA
FindNextFileA
FindFirstFileExW
FindNextFileW
CloseHandle
CreateThread
ExitThread
ResumeThread
LoadLibraryExW
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
Beep
Sleep
GetFullPathNameA
GetCurrentProcessId
GetFileAttributesExW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileExW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
SetEnvironmentVariableA
SetCurrentDirectoryA
GetCurrentDirectoryA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
FreeLibrary
LoadLibraryExA
CreateProcessW
ReadFile
GetTempPathA
GetTempPathW
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
LocalFileTimeToFileTime
SetFileTime
SystemTimeToFileTime
SetLocalTime
InterlockedPopEntrySList
InterlockedFlushSList
QueryDepthSList
InterlockedPushEntrySList
CreateTimerQueue
SetEvent
WaitForSingleObjectEx
UnregisterWait
TlsGetValue
SignalObjectAndWait
TlsSetValue
SetThreadPriority
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetNumaHighestNodeNumber
RegisterWaitForSingleObject
GetLogicalProcessorInformation
RtlCaptureStackBackTrace
GetThreadPriority
GetProcessAffinityMask
SetThreadAffinityMask
TlsAlloc
DeleteTimerQueueTimer
TlsFree
SwitchToThread
TryEnterCriticalSection
SetProcessAffinityMask
VirtualFree
GetVersionExW
VirtualAlloc
VirtualProtect
InitializeSListHead
ReleaseSemaphore
UnregisterWaitEx
LoadLibraryW
OutputDebugStringW
FreeLibraryAndExitThread
GetModuleHandleA
GetThreadTimes
CreateEventW
GetStringTypeW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
RtlUnwind
HeapFree
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapSize
HeapQueryInformation
HeapValidate
HeapCompact
HeapWalk
GetSystemInfo
VirtualQuery
GetFileType
GetStartupInfoW
FileTimeToLocalFileTime
GetFileInformationByHandle
PeekNamedPipe
CreateFileW
GetConsoleMode
ReadConsoleW
GetConsoleCP
SetFilePointerEx
FlushFileBuffers
CreatePipe
SetStdHandle
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ReadConsoleInputW
WriteConsoleW
SetEndOfFile
LockFileEx
UnlockFileEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
GetTickCount
CreateSemaphoreW
SetConsoleCtrlHandler
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringA

Exports

Exports

$I10_OUTPUT
??0?$_SpinWait@$00@details@Concurrency@@QAE@P6AXXZ@Z
??0?$_SpinWait@$0A@@details@Concurrency@@QAE@P6AXXZ@Z
??0SchedulerPolicy@Concurrency@@QAA@IZZ
??0SchedulerPolicy@Concurrency@@QAE@ABV01@@Z
??0SchedulerPolicy@Concurrency@@QAE@XZ
??0_Cancellation_beacon@details@Concurrency@@QAE@XZ
??0_Condition_variable@details@Concurrency@@QAE@XZ
??0_Context@details@Concurrency@@QAE@PAVContext@2@@Z
??0_Interruption_exception@details@Concurrency@@QAE@PBD@Z
??0_Interruption_exception@details@Concurrency@@QAE@XZ
??0_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_ReaderWriterLock@details@Concurrency@@QAE@XZ
??0_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??0_ReentrantLock@details@Concurrency@@QAE@XZ
??0_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??0_Scheduler@details@Concurrency@@QAE@PAVScheduler@2@@Z
??0_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@AAV123@@Z
??0_SpinLock@details@Concurrency@@QAE@ACJ@Z
??0_StructuredTaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@PAV_CancellationTokenState@12@@Z
??0_TaskCollection@details@Concurrency@@QAE@XZ
??0_Timer@details@Concurrency@@IAE@I_N@Z
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0__non_rtti_object@std@@QAE@PBD@Z
??0bad_cast@std@@AAE@PBQBD@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@PBD@Z
??0bad_target@Concurrency@@QAE@XZ
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@PBD@Z
??0context_self_unblock@Concurrency@@QAE@XZ
??0context_unblock_unbalanced@Concurrency@@QAE@PBD@Z
??0context_unblock_unbalanced@Concurrency@@QAE@XZ
??0critical_section@Concurrency@@QAE@XZ
??0default_scheduler_exists@Concurrency@@QAE@PBD@Z
??0default_scheduler_exists@Concurrency@@QAE@XZ
??0event@Concurrency@@QAE@XZ
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??0improper_lock@Concurrency@@QAE@PBD@Z
??0improper_lock@Concurrency@@QAE@XZ
??0improper_scheduler_attach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_attach@Concurrency@@QAE@XZ
??0improper_scheduler_detach@Concurrency@@QAE@PBD@Z
??0improper_scheduler_detach@Concurrency@@QAE@XZ
??0improper_scheduler_reference@Concurrency@@QAE@PBD@Z
??0improper_scheduler_reference@Concurrency@@QAE@XZ
??0invalid_link_target@Concurrency@@QAE@PBD@Z
??0invalid_link_target@Concurrency@@QAE@XZ
??0invalid_multiple_scheduling@Concurrency@@QAE@PBD@Z
??0invalid_multiple_scheduling@Concurrency@@QAE@XZ
??0invalid_operation@Concurrency@@QAE@PBD@Z
??0invalid_operation@Concurrency@@QAE@XZ
??0invalid_oversubscribe_operation@Concurrency@@QAE@PBD@Z
??0invalid_oversubscribe_operation@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_key@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_key@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_thread_specification@Concurrency@@QAE@XZ
??0invalid_scheduler_policy_value@Concurrency@@QAE@PBD@Z
??0invalid_scheduler_policy_value@Concurrency@@QAE@XZ
??0message_not_found@Concurrency@@QAE@PBD@Z
??0message_not_found@Concurrency@@QAE@XZ
??0missing_wait@Concurrency@@QAE@PBD@Z
??0missing_wait@Concurrency@@QAE@XZ
??0nested_scheduler_missing_detach@Concurrency@@QAE@PBD@Z
??0nested_scheduler_missing_detach@Concurrency@@QAE@XZ
??0operation_timed_out@Concurrency@@QAE@PBD@Z
??0operation_timed_out@Concurrency@@QAE@XZ
??0reader_writer_lock@Concurrency@@QAE@XZ
??0scheduler_not_attached@Concurrency@@QAE@PBD@Z
??0scheduler_not_attached@Concurrency@@QAE@XZ
??0scheduler_resource_allocation_error@Concurrency@@QAE@J@Z
??0scheduler_resource_allocation_error@Concurrency@@QAE@PBDJ@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@J@Z
??0scheduler_worker_creation_error@Concurrency@@QAE@PBDJ@Z
??0scoped_lock@critical_section@Concurrency@@QAE@AAV12@@Z
??0scoped_lock@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0scoped_lock_read@reader_writer_lock@Concurrency@@QAE@AAV12@@Z
??0task_canceled@Concurrency@@QAE@PBD@Z
??0task_canceled@Concurrency@@QAE@XZ
??0unsupported_os@Concurrency@@QAE@PBD@Z
??0unsupported_os@Concurrency@@QAE@XZ
??1SchedulerPolicy@Concurrency@@QAE@XZ
??1_Cancellation_beacon@details@Concurrency@@QAE@XZ
??1_Condition_variable@details@Concurrency@@QAE@XZ
??1_NonReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_ReentrantBlockingLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_NonReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_Scoped_lock@_ReentrantPPLLock@details@Concurrency@@QAE@XZ
??1_SpinLock@details@Concurrency@@QAE@XZ
??1_StructuredTaskCollection@details@Concurrency@@QAE@XZ
??1_TaskCollection@details@Concurrency@@QAE@XZ
??1_Timer@details@Concurrency@@MAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1critical_section@Concurrency@@QAE@XZ
??1event@Concurrency@@QAE@XZ
??1exception@std@@UAE@XZ
??1reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock@critical_section@Concurrency@@QAE@XZ
??1scoped_lock@reader_writer_lock@Concurrency@@QAE@XZ
??1scoped_lock_read@reader_writer_lock@Concurrency@@QAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??3@YAXPAXHPBDH@Z
??4?$_SpinWait@$00@details@Concurrency@@QAEAAV012@ABV012@@Z
??4?$_SpinWait@$0A@@details@Concurrency@@QAEAAV012@ABV012@@Z
??4SchedulerPolicy@Concurrency@@QAEAAV01@ABV01@@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@std@@6B@
??_F?$_SpinWait@$00@details@Concurrency@@QAEXXZ
??_F?$_SpinWait@$0A@@details@Concurrency@@QAEXXZ
??_F_Context@details@Concurrency@@QAEXXZ
??_F_Scheduler@details@Concurrency@@QAEXXZ
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
??_V@YAXPAXHPBDH@Z
?Alloc@Concurrency@@YAPAXI@Z
?Block@Context@Concurrency@@SAXXZ
?CaptureCallstack@platform@details@Concurrency@@YAIPAPAXII@Z
?Create@CurrentScheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?Create@Scheduler@Concurrency@@SAPAV12@ABVSchedulerPolicy@2@@Z
?CreateResourceManager@Concurrency@@YAPAUIResourceManager@1@XZ
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@AAVlocation@2@@Z
?CreateScheduleGroup@CurrentScheduler@Concurrency@@SAPAVScheduleGroup@2@XZ
?CurrentContext@Context@Concurrency@@SAPAV12@XZ
?Detach@CurrentScheduler@Concurrency@@SAXXZ
?DisableTracing@Concurrency@@YAJXZ
?EnableTracing@Concurrency@@YAJXZ
?Free@Concurrency@@YAXPAX@Z
?Get@CurrentScheduler@Concurrency@@SAPAVScheduler@2@XZ
?GetCurrentThreadId@platform@details@Concurrency@@YAJXZ
?GetExecutionContextId@Concurrency@@YAIXZ
?GetNumberOfVirtualProcessors@CurrentScheduler@Concurrency@@SAIXZ
?GetOSVersion@Concurrency@@YA?AW4OSVersion@IResourceManager@1@XZ
?GetPolicy@CurrentScheduler@Concurrency@@SA?AVSchedulerPolicy@2@XZ
?GetPolicyValue@SchedulerPolicy@Concurrency@@QBEIW4PolicyElementKey@2@@Z
?GetProcessorCount@Concurrency@@YAIXZ
?GetProcessorNodeCount@Concurrency@@YAIXZ
?GetSchedulerId@Concurrency@@YAIXZ
?GetSharedTimerQueue@details@Concurrency@@YAPAXXZ
?Id@Context@Concurrency@@SAIXZ
?Id@CurrentScheduler@Concurrency@@SAIXZ
?IsAvailableLocation@CurrentScheduler@Concurrency@@SA_NABVlocation@2@@Z
?IsCurrentTaskCollectionCanceling@Context@Concurrency@@SA_NXZ
?Log2@details@Concurrency@@YAKI@Z
?Oversubscribe@Context@Concurrency@@SAX_N@Z
?RegisterShutdownEvent@CurrentScheduler@Concurrency@@SAXPAX@Z
?ResetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXXZ
?ScheduleGroupId@Context@Concurrency@@SAIXZ
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0@Z
?ScheduleTask@CurrentScheduler@Concurrency@@SAXP6AXPAX@Z0AAVlocation@2@@Z
?SetConcurrencyLimits@SchedulerPolicy@Concurrency@@QAEXII@Z
?SetDefaultSchedulerPolicy@Scheduler@Concurrency@@SAXABVSchedulerPolicy@2@@Z
?SetPolicyValue@SchedulerPolicy@Concurrency@@QAEIW4PolicyElementKey@2@I@Z
?VirtualProcessorId@Context@Concurrency@@SAIXZ
?Yield@Context@Concurrency@@SAXXZ
?_Abort@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_Acquire@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_NonReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_Acquire@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Acquire@_ReentrantPPLLock@details@Concurrency@@QAEXPAX@Z
?_AcquireRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_AcquireWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_Cancel@_StructuredTaskCollection@details@Concurrency@@QAEXXZ
?_Cancel@_TaskCollection@details@Concurrency@@QAEXXZ
?_CheckTaskCollection@_UnrealizedChore@details@Concurrency@@IAEXXZ
?_CleanupToken@_StructuredTaskCollection@details@Concurrency@@AAEXXZ
?_ConcRT_CoreAssert@details@Concurrency@@YAXPBD0H@Z
?_ConcRT_Trace@details@Concurrency@@YAXHPB_WZZ
?_Confirm_cancel@_Cancellation_beacon@details@Concurrency@@QAE_NXZ
?_Copy_str@exception@std@@AAEXPBD@Z
?_CurrentContext@_Context@details@Concurrency@@SA?AV123@XZ
?_Current_node@location@Concurrency@@SA?AV12@XZ
?_Destroy@_AsyncTaskCollection@details@Concurrency@@EAEXXZ
?_DoYield@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_DoYield@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_Get@_CurrentScheduler@details@Concurrency@@SA?AV_Scheduler@23@XZ
?_GetConcRTTraceInfo@Concurrency@@YAPBU_CONCRT_TRACE_INFO@details@1@XZ
?_GetConcurrency@details@Concurrency@@YAIXZ
?_GetCurrentInlineDepth@_StackGuard@details@Concurrency@@CAAAIXZ
?_GetNumberOfVirtualProcessors@_CurrentScheduler@details@Concurrency@@SAIXZ
?_GetScheduler@_Scheduler@details@Concurrency@@QAEPAVScheduler@3@XZ
?_Id@_CurrentScheduler@details@Concurrency@@SAIXZ
?_IsCanceling@_StructuredTaskCollection@details@Concurrency@@QAE_NXZ
?_IsCanceling@_TaskCollection@details@Concurrency@@QAE_NXZ
?_IsSynchronouslyBlocked@_Context@details@Concurrency@@QBE_NXZ
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_NewCollection@_AsyncTaskCollection@details@Concurrency@@SAPAV123@PAV_CancellationTokenState@23@@Z
?_NumberOfSpins@?$_SpinWait@$00@details@Concurrency@@IAEKXZ
?_NumberOfSpins@?$_SpinWait@$0A@@details@Concurrency@@IAEKXZ
?_Oversubscribe@_Context@details@Concurrency@@SAX_N@Z
?_Reference@_Scheduler@details@Concurrency@@QAEIXZ
?_Release@_NonReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_NonReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantBlockingLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantLock@details@Concurrency@@QAEXXZ
?_Release@_ReentrantPPLLock@details@Concurrency@@QAEXXZ
?_Release@_Scheduler@details@Concurrency@@QAEIXZ
?_ReleaseRead@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReleaseWrite@_ReaderWriterLock@details@Concurrency@@QAEXXZ
?_ReportUnobservedException@details@Concurrency@@YAXXZ
?_Reset@?$_SpinWait@$00@details@Concurrency@@IAEXXZ
?_Reset@?$_SpinWait@$0A@@details@Concurrency@@IAEXXZ
?_RunAndWait@_StructuredTaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_RunAndWait@_TaskCollection@details@Concurrency@@QAG?AW4_TaskCollectionStatus@23@PAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_StructuredTaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@@Z
?_Schedule@_TaskCollection@details@Concurrency@@QAEXPAV_UnrealizedChore@23@PAVlocation@3@@Z
?_ScheduleTask@_CurrentScheduler@details@Concurrency@@SAXP6AXPAX@Z0@Z
?_SetSpinCount@?$_SpinWait@$00@details@Concurrency@@QAEXI@Z
?_SetSpinCount@?$_SpinWait@$0A@@details@Concurrency@@QAEXI@Z
?_SetUnobservedExceptionHandler@details@Concurrency@@YAXP6AXXZ@Z
?_ShouldSpinAgain@?$_SpinWait@$00@details@Concurrency@@IAE_NXZ
?_ShouldSpinAgain@?$_SpinWait@$0A@@details@Concurrency@@IAE_NXZ
?_SpinOnce@?$_SpinWait@$00@details@Concurrency@@QAE_NXZ
?_SpinOnce@?$_SpinWait@$0A@@details@Concurrency@@QAE_NXZ
?_SpinYield@Context@Concurrency@@SAXXZ
?_Start@_Timer@details@Concurrency@@IAEXXZ
?_Stop@_Timer@details@Concurrency@@IAEXXZ
?_Tidy@exception@std@@AAEXXZ
?_Trace_agents@Concurrency@@YAXW4Agents_EventType@1@_JZZ
?_Trace_ppl_function@Concurrency@@YAXABU_GUID@@EW4ConcRT_EventType@1@@Z
?_TryAcquire@_NonReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantBlockingLock@details@Concurrency@@QAE_NXZ
?_TryAcquire@_ReentrantLock@details@Concurrency@@QAE_NXZ
?_TryAcquireWrite@_ReaderWriterLock@details@Concurrency@@QAE_NXZ
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_UnderlyingYield@details@Concurrency@@YAXXZ
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_Value@_SpinCount@details@Concurrency@@SAIXZ
?_Yield@_Context@details@Concurrency@@SAXXZ
?__ExceptionPtrAssign@@YAXPAXPBX@Z
?__ExceptionPtrCompare@@YA_NPBX0@Z
?__ExceptionPtrCopy@@YAXPAXPBX@Z
?__ExceptionPtrCopyException@@YAXPAXPBX1@Z
?__ExceptionPtrCreate@@YAXPAX@Z
?__ExceptionPtrCurrentException@@YAXPAX@Z
?__ExceptionPtrDestroy@@YAXPAX@Z
?__ExceptionPtrRethrow@@YAXPBX@Z
?__ExceptionPtrSwap@@YAXPAX0@Z
?__ExceptionPtrToBool@@YA_NPBX@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_query_new_handler@@YAP6AHI@ZXZ
?_query_new_mode@@YAHXZ
?_set_new_handler@@YAP6AHI@ZH@Z
?_set_new_handler@@YAP6AHI@ZP6AHI@Z@Z
?_set_new_mode@@YAHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBE_NABV1@@Z
?current@location@Concurrency@@SA?AV12@XZ
?from_numa_node@location@Concurrency@@SA?AV12@G@Z
?get_error_code@scheduler_resource_allocation_error@Concurrency@@QBEJXZ
?lock@critical_section@Concurrency@@QAEXXZ
?lock@reader_writer_lock@Concurrency@@QAEXXZ
?lock_read@reader_writer_lock@Concurrency@@QAEXXZ
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?native_handle@critical_section@Concurrency@@QAEAAV12@XZ
?notify_all@_Condition_variable@details@Concurrency@@QAEXXZ
?notify_one@_Condition_variable@details@Concurrency@@QAEXXZ
?raw_name@type_info@@QBEPBDXZ
?reset@event@Concurrency@@QAEXXZ
?set@event@Concurrency@@QAEXXZ
?set_new_handler@@YAP6AXXZP6AXXZ@Z
?set_task_execution_resources@Concurrency@@YAXGPAU_GROUP_AFFINITY@@@Z
?set_task_execution_resources@Concurrency@@YAXK@Z
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?try_lock@critical_section@Concurrency@@QAE_NXZ
?try_lock@reader_writer_lock@Concurrency@@QAE_NXZ
?try_lock_for@critical_section@Concurrency@@QAE_NI@Z
?try_lock_read@reader_writer_lock@Concurrency@@QAE_NXZ
?unexpected@@YAXXZ
?unlock@critical_section@Concurrency@@QAEXXZ
?unlock@reader_writer_lock@Concurrency@@QAEXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?wait@Concurrency@@YAXI@Z
?wait@_Condition_variable@details@Concurrency@@QAEXAAVcritical_section@3@@Z
?wait@event@Concurrency@@QAEII@Z
?wait_for@_Condition_variable@details@Concurrency@@QAE_NAAVcritical_section@3@I@Z
?wait_for_multiple@event@Concurrency@@SAIPAPAV12@I_NI@Z
?what@exception@std@@UBEPBDXZ
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_Cbuild
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FCbuild
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_LCbuild
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_SetWinRTOutOfMemoryExceptionCallback
_Strftime
_W_Getdays
_W_Getmonths
_W_Gettnames
_Wcsftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___lc_codepage_func
___lc_collate_cp_func
___lc_locale_name_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringEx
__crtCompareStringW
__crtCreateEventExW
__crtCreateSemaphoreExW
__crtCreateSymbolicLinkW
__crtEnumSystemLocalesEx
__crtFlsAlloc
__crtFlsFree
__crtFlsGetValue
__crtFlsSetValue
__crtGetDateFormatEx
__crtGetFileInformationByHandleEx
__crtGetLocaleInfoEx
__crtGetShowWindowMode
__crtGetTickCount64
__crtGetTimeFormatEx
__crtGetUserDefaultLocaleName
__crtInitializeCriticalSectionEx
__crtIsPackagedApp
__crtIsValidLocaleName
__crtLCMapStringA
__crtLCMapStringEx
__crtLCMapStringW
__crtSetFileInformationByHandle
__crtSetThreadStackGuarantee
__crtSetUnhandledExceptionFilter
__crtSleep
__crtTerminateProcess
__crtUnhandledException
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__setlc_active

Sections

.text
Size: 880KB - Virtual size: 880KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/opengl32sw.dll
.dll windows:6 windows x86 arch:x86

55466abe52f1bf0d8df45beaffd68bf3

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b9:8c:ed:1b:1a:19:58:27:d0:c9:30:43:33:50:8d:a3:6a:eb:2b:84
Signer

Actual PE Digest

b9:8c:ed:1b:1a:19:58:27:d0:c9:30:43:33:50:8d:a3:6a:eb:2b:84

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dev\mesa\10.2\src\build\windows-x86\gallium\targets\libgl-gdi\opengl32.pdb

Imports

imagehlp

SymGetSymFromAddr64
SymInitialize
SymGetLineFromAddr64
SymGetModuleBase64
SymFunctionTableAccess64
SymSetOptions
StackWalk64
EnumerateLoadedModules

shell32

CommandLineToArgvW

advapi32

CryptReleaseContext
CryptGenRandom
CryptAcquireContextW

gdi32

GetPixelFormat
StretchDIBits
SetPixelFormat

user32

UnhookWindowsHookEx
ClientToScreen
GetWindowRect
SetWindowsHookExA
GetClientRect
WindowFromDC
GetDC
ReleaseDC
CallNextHookEx
RegisterClassA
LoadCursorA
AdjustWindowRectEx
DefWindowProcA
CreateWindowExA
LoadIconA
DestroyWindow

kernel32

LCMapStringW
CompareStringW
GetTimeFormatW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
SetFilePointer
FindFirstFileW
GetDateFormatW
OutputDebugStringW
WriteConsoleW
GetTimeZoneInformation
SetFilePointerEx
RaiseException
ReadConsoleW
RtlUnwind
FlushFileBuffers
GetCPInfo
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
TlsGetValue
TlsSetValue
Thread32First
Thread32Next
CreateToolhelp32Snapshot
GetCurrentThreadId
TlsAlloc
CloseHandle
GetCurrentProcessId
TlsFree
SetLastError
OutputDebugStringA
WaitForSingleObject
CreateSemaphoreA
ReleaseSemaphore
GetExitCodeThread
QueryPerformanceCounter
Sleep
QueryPerformanceFrequency
GetSystemInfo
GetConsoleWindow
IsDebuggerPresent
FreeLibrary
GetProcAddress
LoadLibraryA
VirtualFree
VirtualAlloc
InterlockedIncrement
InterlockedDecrement
InterlockedExchangeAdd
InterlockedCompareExchange
TryEnterCriticalSection
LocalFree
GetCurrentProcess
GetLastError
FormatMessageA
LoadLibraryW
FlushInstructionCache
VirtualProtect
VirtualQuery
GetFileInformationByHandle
GetFileType
ReadFile
FindClose
SetFileTime
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetModuleFileNameW
GetModuleHandleW
GetTempPathW
GetCurrentDirectoryW
CreateDirectoryW
RemoveDirectoryW
CreateFileW
GetFileAttributesW
DeleteFileW
GetOEMCP
FindNextFileW
MoveFileExW
CreateHardLinkW
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
GetCurrentThread
SetErrorMode
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetProcessTimes
GetStdHandle
GetCommandLineW
GetEnvironmentVariableW
GetConsoleMode
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
TerminateProcess
GetExitCodeProcess
DuplicateHandle
CreateProcessW
SearchPathW
CreateJobObjectW
AssignProcessToJobObject
SetInformationJobObject
GetCommandLineA
HeapFree
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
AreFileApisANSI
HeapAlloc
IsProcessorFeaturePresent
HeapReAlloc
CreateThread
ExitThread
LoadLibraryExW
SetEndOfFile
GetProcessHeap
SetStdHandle
InitializeCriticalSectionAndSpinCount
HeapValidate
HeapWalk
InterlockedExchange
GetStartupInfoW
GetModuleFileNameA
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
CreateSemaphoreW
HeapSize
HeapQueryInformation
WriteFile
GetConsoleCP
FatalAppExitA
IsValidCodePage
GetACP
SetEnvironmentVariableA

Exports

Exports

DrvCopyContext
DrvCreateContext
DrvCreateLayerContext
DrvDeleteContext
DrvDescribeLayerPlane
DrvDescribePixelFormat
DrvGetLayerPaletteEntries
DrvGetProcAddress
DrvPresentBuffers
DrvRealizeLayerPalette
DrvReleaseContext
DrvSetCallbackProcs
DrvSetContext
DrvSetLayerPaletteEntries
DrvSetPixelFormat
DrvShareLists
DrvSwapBuffers
DrvSwapLayerBuffers
DrvValidateVersion
_glActiveProgramEXT@4
_glActiveTexture@4
_glActiveTextureARB@4
_glAlphaFragmentOp1ATI@24
_glAlphaFragmentOp2ATI@36
_glAlphaFragmentOp3ATI@48
_glAlphaFuncx@8
_glAreProgramsResidentNV@12
_glAreTexturesResidentEXT@12
_glArrayElementEXT@4
_glAttachObjectARB@8
_glAttachShader@8
_glBeginConditionalRender@8
_glBeginConditionalRenderNV@8
_glBeginFragmentShaderATI@0
_glBeginPerfMonitorAMD@4
_glBeginQuery@8
_glBeginQueryARB@8
_glBeginQueryIndexed@12
_glBeginTransformFeedback@4
_glBeginTransformFeedbackEXT@4
_glBindAttribLocation@12
_glBindAttribLocationARB@12
_glBindBuffer@8
_glBindBufferARB@8
_glBindBufferBase@12
_glBindBufferBaseEXT@12
_glBindBufferOffsetEXT@16
_glBindBufferRange@20
_glBindBufferRangeEXT@20
_glBindBuffersBase@16
_glBindBuffersRange@24
_glBindFragDataLocation@12
_glBindFragDataLocationEXT@12
_glBindFragDataLocationIndexed@16
_glBindFragmentShaderATI@4
_glBindFramebuffer@8
_glBindFramebufferEXT@8
_glBindImageTexture@28
_glBindImageTextures@12
_glBindProgramARB@8
_glBindProgramNV@8
_glBindRenderbuffer@8
_glBindRenderbufferEXT@8
_glBindSampler@8
_glBindSamplers@12
_glBindTextureEXT@8
_glBindTextures@12
_glBindTransformFeedback@8
_glBindVertexArray@4
_glBindVertexBuffer@16
_glBindVertexBuffers@20
_glBlendColor@16
_glBlendColorEXT@16
_glBlendEquation@4
_glBlendEquationEXT@4
_glBlendEquationIndexedAMD@8
_glBlendEquationSeparate@8
_glBlendEquationSeparateIndexedAMD@12
_glBlendEquationSeparateiARB@12
_glBlendEquationiARB@8
_glBlendFuncIndexedAMD@12
_glBlendFuncSeparate@16
_glBlendFuncSeparateEXT@16
_glBlendFuncSeparateIndexedAMD@20
_glBlendFuncSeparateiARB@20
_glBlendFunciARB@12
_glBlitFramebuffer@40
_glBufferData@16
_glBufferDataARB@16
_glBufferStorage@16
_glBufferSubData@16
_glBufferSubDataARB@16
_glCheckFramebufferStatus@4
_glCheckFramebufferStatusEXT@4
_glClampColor@8
_glClampColorARB@8
_glClearBufferData@20
_glClearBufferSubData@28
_glClearBufferfi@16
_glClearBufferfv@12
_glClearBufferiv@12
_glClearBufferuiv@12
_glClearColorIiEXT@16
_glClearColorIuiEXT@16
_glClearColorx@16
_glClearDepthf@4
_glClearDepthx@4
_glClientActiveTexture@4
_glClientActiveTextureARB@4
_glClientWaitSync@16
_glClipPlanef@8
_glClipPlanex@8
_glColor4x@16
_glColorFragmentOp1ATI@28
_glColorFragmentOp2ATI@40
_glColorFragmentOp3ATI@52
_glColorMaskIndexedEXT@20
_glColorMaski@20
_glColorP3ui@8
_glColorP3uiv@8
_glColorP4ui@8
_glColorP4uiv@8
_glColorPointerEXT@20
_glColorSubTable@24
_glColorTable@24
_glColorTableEXT@24
_glColorTableParameterfv@12
_glColorTableParameteriv@12
_glCompileShader@4
_glCompileShaderARB@4
_glCompressedTexImage1D@28
_glCompressedTexImage1DARB@28
_glCompressedTexImage2D@32
_glCompressedTexImage2DARB@32
_glCompressedTexImage3D@36
_glCompressedTexImage3DARB@36
_glCompressedTexSubImage1D@28
_glCompressedTexSubImage1DARB@28
_glCompressedTexSubImage2D@36
_glCompressedTexSubImage2DARB@36
_glCompressedTexSubImage3D@44
_glCompressedTexSubImage3DARB@44
_glConvolutionFilter1D@24
_glConvolutionFilter2D@28
_glConvolutionParameterf@12
_glConvolutionParameterfv@12
_glConvolutionParameteri@12
_glConvolutionParameteriv@12
_glCopyBufferSubData@20
_glCopyColorSubTable@20
_glCopyColorTable@20
_glCopyConvolutionFilter1D@20
_glCopyConvolutionFilter2D@24
_glCopyTexImage1DEXT@28
_glCopyTexImage2DEXT@32
_glCopyTexSubImage1DEXT@24
_glCopyTexSubImage2DEXT@32
_glCopyTexSubImage3D@36
_glCopyTexSubImage3DEXT@36
_glCreateProgram@0
_glCreateProgramObjectARB@0
_glCreateShader@4
_glCreateShaderObjectARB@4
_glCreateShaderProgramEXT@8
_glDebugMessageCallback@8
_glDebugMessageCallbackARB@8
_glDebugMessageControl@24
_glDebugMessageControlARB@24
_glDebugMessageInsert@24
_glDebugMessageInsertARB@24
_glDeleteBuffers@8
_glDeleteBuffersARB@8
_glDeleteFragmentShaderATI@4
_glDeleteFramebuffers@8
_glDeleteFramebuffersEXT@8
_glDeleteObjectARB@4
_glDeletePerfMonitorsAMD@8
_glDeleteProgram@4
_glDeleteProgramsARB@8
_glDeleteProgramsNV@8
_glDeleteQueries@8
_glDeleteQueriesARB@8
_glDeleteRenderbuffers@8
_glDeleteRenderbuffersEXT@8
_glDeleteSamplers@8
_glDeleteShader@4
_glDeleteSync@4
_glDeleteTexturesEXT@8
_glDeleteTransformFeedbacks@8
_glDeleteVertexArrays@8
_glDepthRangeArrayv@12
_glDepthRangeIndexed@20
_glDepthRangef@8
_glDepthRangex@8
_glDetachObjectARB@8
_glDetachShader@8
_glDisableIndexedEXT@8
_glDisableVertexAttribArray@4
_glDisableVertexAttribArrayARB@4
_glDisablei@8
_glDispatchCompute@12
_glDispatchComputeIndirect@4
_glDrawArraysEXT@12
_glDrawArraysIndirect@8
_glDrawArraysInstanced@16
_glDrawArraysInstancedARB@16
_glDrawArraysInstancedBaseInstance@20
_glDrawArraysInstancedEXT@16
_glDrawBuffers@8
_glDrawBuffersARB@8
_glDrawBuffersATI@8
_glDrawElementsBaseVertex@20
_glDrawElementsIndirect@12
_glDrawElementsInstanced@20
_glDrawElementsInstancedARB@20
_glDrawElementsInstancedBaseInstance@24
_glDrawElementsInstancedBaseVertex@24
_glDrawElementsInstancedBaseVertexBaseInstance@28
_glDrawElementsInstancedEXT@20
_glDrawRangeElements@24
_glDrawRangeElementsBaseVertex@28
_glDrawRangeElementsEXT@24
_glDrawTransformFeedback@8
_glDrawTransformFeedbackInstanced@12
_glDrawTransformFeedbackStream@12
_glDrawTransformFeedbackStreamInstanced@16
_glEGLImageTargetRenderbufferStorageOES@8
_glEGLImageTargetTexture2DOES@8
_glEdgeFlagPointerEXT@12
_glEnableIndexedEXT@8
_glEnableVertexAttribArray@4
_glEnableVertexAttribArrayARB@4
_glEnablei@8
_glEndConditionalRender@0
_glEndConditionalRenderNV@0
_glEndFragmentShaderATI@0
_glEndPerfMonitorAMD@4
_glEndQuery@4
_glEndQueryARB@4
_glEndQueryIndexed@8
_glEndTransformFeedback@0
_glEndTransformFeedbackEXT@0
_glExecuteProgramNV@12
_glFenceSync@8
_glFlushMappedBufferRange@12
_glFogCoordPointer@12
_glFogCoordPointerEXT@12
_glFogCoordd@8
_glFogCoorddEXT@8
_glFogCoorddv@4
_glFogCoorddvEXT@4
_glFogCoordf@4
_glFogCoordfEXT@4
_glFogCoordfv@4
_glFogCoordfvEXT@4
_glFogx@8
_glFogxv@8
_glFramebufferRenderbuffer@16
_glFramebufferRenderbufferEXT@16
_glFramebufferTexture1D@20
_glFramebufferTexture1DEXT@20
_glFramebufferTexture2D@20
_glFramebufferTexture2DEXT@20
_glFramebufferTexture3D@24
_glFramebufferTexture3DEXT@24
_glFramebufferTexture@16
_glFramebufferTextureARB@16
_glFramebufferTextureFaceARB@20
_glFramebufferTextureLayer@20
_glFramebufferTextureLayerARB@20
_glFramebufferTextureLayerEXT@20
_glFrustumf@24
_glFrustumx@24
_glGenBuffers@8
_glGenBuffersARB@8
_glGenFragmentShadersATI@4
_glGenFramebuffers@8
_glGenFramebuffersEXT@8
_glGenPerfMonitorsAMD@8
_glGenProgramsARB@8
_glGenProgramsNV@8
_glGenQueries@8
_glGenQueriesARB@8
_glGenRenderbuffers@8
_glGenRenderbuffersEXT@8
_glGenSamplers@8
_glGenTexturesEXT@8
_glGenTransformFeedbacks@8
_glGenVertexArrays@8
_glGenerateMipmap@4
_glGenerateMipmapEXT@4
_glGetActiveAtomicCounterBufferiv@16
_glGetActiveAttrib@28
_glGetActiveAttribARB@28
_glGetActiveUniform@28
_glGetActiveUniformARB@28
_glGetActiveUniformBlockName@20
_glGetActiveUniformBlockiv@16
_glGetActiveUniformName@20
_glGetActiveUniformsiv@20
_glGetAttachedObjectsARB@16
_glGetAttachedShaders@16
_glGetAttribLocation@8
_glGetAttribLocationARB@8
_glGetBooleanIndexedvEXT@12
_glGetBooleani_v@12
_glGetBufferParameteri64v@12
_glGetBufferParameteriv@12
_glGetBufferParameterivARB@12
_glGetBufferPointerv@12
_glGetBufferPointervARB@12
_glGetBufferSubData@16
_glGetBufferSubDataARB@16
_glGetClipPlanef@8
_glGetClipPlanex@8
_glGetColorTable@16
_glGetColorTableEXT@16
_glGetColorTableParameterfv@12
_glGetColorTableParameterfvEXT@12
_glGetColorTableParameteriv@12
_glGetColorTableParameterivEXT@12
_glGetCompressedTexImage@12
_glGetCompressedTexImageARB@12
_glGetConvolutionFilter@16
_glGetConvolutionParameterfv@12
_glGetConvolutionParameteriv@12
_glGetDebugMessageLog@32
_glGetDebugMessageLogARB@32
_glGetDoublei_v@12
_glGetFixedv@8
_glGetFloati_v@12
_glGetFragDataIndex@8
_glGetFragDataLocation@8
_glGetFragDataLocationEXT@8
_glGetFramebufferAttachmentParameteriv@16
_glGetFramebufferAttachmentParameterivEXT@16
_glGetGraphicsResetStatusARB@0
_glGetHandleARB@4
_glGetHistogram@20
_glGetHistogramParameterfv@12
_glGetHistogramParameteriv@12
_glGetInfoLogARB@16
_glGetInteger64i_v@12
_glGetInteger64v@8
_glGetIntegerIndexedvEXT@12
_glGetIntegeri_v@12
_glGetLightxv@12
_glGetMaterialxv@12
_glGetMinmax@20
_glGetMinmaxParameterfv@12
_glGetMinmaxParameteriv@12
_glGetMultisamplefv@12
_glGetObjectLabel@20
_glGetObjectParameterfvARB@12
_glGetObjectParameterivAPPLE@16
_glGetObjectParameterivARB@12
_glGetObjectPtrLabel@16
_glGetPerfMonitorCounterDataAMD@20
_glGetPerfMonitorCounterInfoAMD@16
_glGetPerfMonitorCounterStringAMD@20
_glGetPerfMonitorCountersAMD@20
_glGetPerfMonitorGroupStringAMD@16
_glGetPerfMonitorGroupsAMD@12
_glGetPointervEXT@8
_glGetProgramBinary@20
_glGetProgramEnvParameterdvARB@12
_glGetProgramEnvParameterfvARB@12
_glGetProgramInfoLog@16
_glGetProgramLocalParameterdvARB@12
_glGetProgramLocalParameterfvARB@12
_glGetProgramNamedParameterdvNV@16
_glGetProgramNamedParameterfvNV@16
_glGetProgramParameterdvNV@16
_glGetProgramParameterfvNV@16
_glGetProgramStringARB@12
_glGetProgramStringNV@12
_glGetProgramiv@12
_glGetProgramivARB@12
_glGetProgramivNV@12
_glGetQueryIndexediv@16
_glGetQueryObjectiv@12
_glGetQueryObjectivARB@12
_glGetQueryObjectuiv@12
_glGetQueryObjectuivARB@12
_glGetQueryiv@12
_glGetQueryivARB@12
_glGetRenderbufferParameteriv@12
_glGetRenderbufferParameterivEXT@12
_glGetSamplerParameterIiv@12
_glGetSamplerParameterIuiv@12
_glGetSamplerParameterfv@12
_glGetSamplerParameteriv@12
_glGetSeparableFilter@24
_glGetShaderInfoLog@16
_glGetShaderPrecisionFormat@16
_glGetShaderSource@16
_glGetShaderSourceARB@16
_glGetShaderiv@12
_glGetStringi@8
_glGetSynciv@20
_glGetTexBumpParameterfvATI@8
_glGetTexBumpParameterivATI@8
_glGetTexEnvxv@12
_glGetTexParameterIiv@12
_glGetTexParameterIivEXT@12
_glGetTexParameterIuiv@12
_glGetTexParameterIuivEXT@12
_glGetTexParameterxv@12
_glGetTrackMatrixivNV@16
_glGetTransformFeedbackVarying@28
_glGetTransformFeedbackVaryingEXT@28
_glGetUniformBlockIndex@8
_glGetUniformIndices@16
_glGetUniformLocation@8
_glGetUniformLocationARB@8
_glGetUniformfv@12
_glGetUniformfvARB@12
_glGetUniformiv@12
_glGetUniformivARB@12
_glGetUniformuiv@12
_glGetUniformuivEXT@12
_glGetVertexAttribIiv@12
_glGetVertexAttribIivEXT@12
_glGetVertexAttribIuiv@12
_glGetVertexAttribIuivEXT@12
_glGetVertexAttribPointerv@12
_glGetVertexAttribPointervARB@12
_glGetVertexAttribPointervNV@12
_glGetVertexAttribdv@12
_glGetVertexAttribdvARB@12
_glGetVertexAttribdvNV@12
_glGetVertexAttribfv@12
_glGetVertexAttribfvARB@12
_glGetVertexAttribfvNV@12
_glGetVertexAttribiv@12
_glGetVertexAttribivARB@12
_glGetVertexAttribivNV@12
_glGetnColorTableARB@20
_glGetnCompressedTexImageARB@16
_glGetnConvolutionFilterARB@20
_glGetnHistogramARB@24
_glGetnMapdvARB@16
_glGetnMapfvARB@16
_glGetnMapivARB@16
_glGetnMinmaxARB@24
_glGetnPixelMapfvARB@12
_glGetnPixelMapuivARB@12
_glGetnPixelMapusvARB@12
_glGetnPolygonStippleARB@8
_glGetnSeparableFilterARB@32
_glGetnTexImageARB@24
_glGetnUniformdvARB@16
_glGetnUniformfvARB@16
_glGetnUniformivARB@16
_glGetnUniformuivARB@16
_glHistogram@16
_glIndexPointerEXT@16
_glInvalidateBufferData@4
_glInvalidateBufferSubData@12
_glInvalidateFramebuffer@12
_glInvalidateSubFramebuffer@28
_glInvalidateTexImage@8
_glInvalidateTexSubImage@32
_glIsBuffer@4
_glIsBufferARB@4
_glIsEnabledIndexedEXT@8
_glIsEnabledi@8
_glIsFramebuffer@4
_glIsFramebufferEXT@4
_glIsProgram@4
_glIsProgramARB@4
_glIsProgramNV@4
_glIsQuery@4
_glIsQueryARB@4
_glIsRenderbuffer@4
_glIsRenderbufferEXT@4
_glIsSampler@4
_glIsShader@4
_glIsSync@4
_glIsTextureEXT@4
_glIsTransformFeedback@4
_glIsVertexArray@4
_glLightModelx@8
_glLightModelxv@8
_glLightx@12
_glLightxv@12
_glLineWidthx@4
_glLinkProgram@4
_glLinkProgramARB@4
_glLoadMatrixx@4
_glLoadProgramNV@16
_glLoadTransposeMatrixd@4
_glLoadTransposeMatrixdARB@4
_glLoadTransposeMatrixf@4
_glLoadTransposeMatrixfARB@4
_glLockArraysEXT@8
_glMapBuffer@8
_glMapBufferARB@8
_glMapBufferRange@16
_glMaterialx@12

Sections

.text
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.2MB - Virtual size: 3.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 421KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 572KB - Virtual size: 571KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/rar.rar
.rar
files/libs/ssleay32.dll
.dll windows:6 windows x86 arch:x86

073d57b7886016768db36f2bc192c07c

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

Issuer

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

09/09/2019, 00:00

Not After

08/09/2024, 23:59

Subject

CN=Artem Shevchenko,O=Artem Shevchenko,POSTALCODE=04050,STREET=Melnikova st. 15\, 5 apt.,L=Kiev,ST=Kiev,C=UA

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

Issuer

CN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=US

Not Before

02/11/2018, 00:00

Not After

31/12/2030, 23:59

Subject

CN=Sectigo RSA Code Signing CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

Issuer

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Not Before

02/05/2019, 00:00

Not After

30/05/2020, 10:48

Subject

CN=Sectigo SHA-1 Time Stamping Signer,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

27/04/2011, 00:00

Not After

30/05/2020, 10:48

Subject

CN=COMODO Time Stamping CA,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

Issuer

CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE

Not Before

07/06/2005, 08:09

Not After

30/05/2020, 10:48

Subject

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:d9:0a:97:a3:a4:0d:99:7f:0c:54:f0:e0:d8:61:41:86:36:62:83
Signer

Actual PE Digest

2b:d9:0a:97:a3:a4:0d:99:7f:0c:54:f0:e0:d8:61:41:86:36:62:83

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\bas\browserautomationstudiobuild\build32\builddevrelease\openssl\src\openssl-1.0.1f\out32dll\ssleay32.pdb

Imports

libeay32

ord188
ord181
ord52
ord85
ord490
ord252
ord222
ord3873
ord2630
ord2821
ord3109
ord269
ord290
ord281
ord641
ord754
ord857
ord654
ord2206
ord2201
ord911
ord3906
ord493
ord3836
ord289
ord464
ord3245
ord3244
ord3844
ord2936
ord323
ord3841
ord3874
ord1202
ord2894
ord3067
ord961
ord89
ord109
ord3896
ord3879
ord3239
ord170
ord909
ord912
ord66
ord111
ord110
ord151
ord123
ord118
ord120
ord128
ord2760
ord495
ord498
ord4540
ord202
ord203
ord201
ord219
ord3837
ord3899
ord3883
ord276
ord274
ord256
ord3315
ord2927
ord285
ord4119
ord4430
ord4233
ord4474
ord4369
ord4245
ord1070
ord4488
ord3695
ord3570
ord2924
ord2929
ord3010
ord3178
ord2578
ord3663
ord3422
ord3729
ord3575
ord3512
ord3608
ord3459
ord3480
ord3550
ord3666
ord3644
ord866
ord635
ord2747
ord2784
ord2572
ord964
ord965
ord3489
ord907
ord87
ord486
ord497
ord484
ord205
ord206
ord216
ord363
ord2712
ord2925
ord3165
ord268
ord333
ord316
ord282
ord4125
ord4262
ord4164
ord1071
ord2877
ord3711
ord3682
ord3719
ord577
ord763
ord572
ord4046
ord481
ord3528
ord3418
ord1096
ord1097
ord78
ord95
ord3816
ord3888
ord3891
ord2589
ord2915
ord1144
ord1145
ord3823
ord3846
ord2292
ord1081
ord187
ord623
ord622
ord679
ord3857
ord267
ord503
ord1012
ord3631
ord3479
ord3664
ord3737
ord3633
ord3675
ord341
ord176
ord266
ord264
ord3314
ord3312
ord3313
ord541
ord3925
ord3922
ord3124
ord2702
ord2898
ord4144
ord4372
ord3782
ord2400
ord4174
ord3866
ord313
ord3724
ord3767
ord3758
ord3704
ord3647
ord3365
ord3766
ord3460
ord4114
ord3783
ord3454
ord3394
ord3754
ord1655
ord914
ord1041
ord1027
ord1025
ord1004
ord1007
ord1005
ord3826
ord53
ord67
ord65
ord74
ord98
ord58
ord892
ord890
ord897
ord2257
ord248
ord364
ord4331
ord4513
ord1010
ord629
ord626
ord628
ord630
ord3437
ord3527
ord3378
ord3610
ord3414
ord3495
ord3399
ord3559
ord575
ord636
ord2051
ord2478
ord246
ord3657
ord3396
ord93
ord1100
ord1023
ord2524
ord3505
ord3595
ord657
ord401
ord891
ord887
ord889
ord4045
ord2475
ord368
ord370
ord367
ord369
ord1671
ord189
ord1147
ord314
ord315
ord4383
ord4320
ord956
ord750
ord3205
ord279
ord283
ord748
ord280
ord774
ord751
ord2181
ord1959
ord400
ord399
ord3513
ord716
ord822
ord718
ord824
ord8
ord7
ord3700
ord32
ord3623
ord37
ord35
ord703
ord1091
ord88
ord2426
ord86
ord680
ord1101
ord299
ord304
ord329
ord318
ord325
ord959
ord4601
ord3155
ord2996
ord4615
ord4637
ord4656
ord3795
ord3807
ord3914
ord292
ord293
ord2252
ord91
ord955
ord225
ord247
ord125
ord129
ord4572
ord4580
ord4576
ord4570
ord4578
ord4582
ord4573
ord4577
ord4581
ord4575
ord4584
ord903
ord910
ord904
ord901
ord905
ord2411
ord1653
ord1654
ord168
ord167
ord1011
ord169

msvcr120

__CppXcptFilter
_amsg_exit
free
_malloc_crt
_initterm
_initterm_e
_crt_debugger_hook
__crtUnhandledException
__crtTerminateProcess
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
__clean_type_info_names_internal
_except_handler4_common
_errno
strchr
_ftime64
strncmp
strncpy
fprintf
__iob_func
memmove
memset
memcpy
_time64
abort

kernel32

GetLastError
IsProcessorFeaturePresent
EncodePointer
DecodePointer
IsDebuggerPresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
SetLastError

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SRP_generate_client_master_secret
SRP_generate_server_master_secret
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_id
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set1_param
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_SESSION_free
SSL_SESSION_get0_peer
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set1_id_context
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_cache_hit
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_export_keying_material
SSL_free
SSL_get0_next_proto_negotiated
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_selected_srtp_profile
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_debug
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_psk_client_callback
SSL_set_psk_server_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_state
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_1_client_method
TLSv1_1_method
TLSv1_1_server_method
TLSv1_2_client_method
TLSv1_2_method
TLSv1_2_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 194KB - Virtual size: 193KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/wwancfg.dll
.dll windows:10 windows x64 arch:x64

49decdfb6773b3da00526a10323a4d5d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wwancfg.pdb

Imports

msvcrt

_callnewh
memcpy
memcpy_s
_wcsicmp
__C_specific_handler
_initterm
malloc
_amsg_exit
_XcptFilter
free
_wtoi
wcsstr
toupper
memcmp
__CxxFrameHandler3
iswdigit
memset

ntdll

EtwGetTraceLoggerHandle
EtwTraceMessage
EtwGetTraceEnableFlags
EtwUnregisterTraceGuids
RtlIpv4AddressToStringW
EtwGetTraceEnableLevel
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlIpv6StringToAddressW
RtlIpv4StringToAddressW
RtlIpv6AddressToStringW
EtwRegisterTraceGuidsW

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException
SetLastError
GetLastError

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
LoadStringW

api-ms-win-core-com-l1-1-0

StringFromGUID2
CoCreateInstance
IIDFromString
CoUninitialize
CoInitializeEx
CLSIDFromString
CoTaskMemFree
StringFromCLSID

api-ms-win-core-synch-l1-1-0

SetEvent
CreateEventW
WaitForMultipleObjectsEx

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-sysinfo-l1-1-0

GetTickCount64
GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime

api-ms-win-core-file-l1-1-0

SetFileInformationByHandle
FileTimeToLocalFileTime
CreateFileW

api-ms-win-core-datetime-l1-1-0

GetDateFormatW
GetTimeFormatW

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-eventing-controller-l1-1-0

StartTraceW
ControlTraceW

api-ms-win-eventing-legacy-l1-1-0

EnableTrace

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-processthreads-l1-1-0

GetCurrentThreadId
TerminateProcess
GetCurrentProcessId
GetCurrentProcess

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

netsh.exe

MatchTagsInCmdLine
RegisterHelper
PrintMessageFromModule
MatchEnumTag
RegisterContext

wwapi

WwanDeleteDMConfigProfile
WwanEnumerateInterfaces
WwanSetProfile
WwanGetProfile
WwanGetProfileList
WwanRegisterNotification
WwanDeleteProfile
WwanDisconnect
WwanAllocateMemory
WwanQueryInterface
WwanScan
WwanCloseHandle
WwanSetInterface
WwanOpenHandle
WwanConnect
WwanSetDMConfigProfile
WwanFreeMemory
WwanGetDMConfigProfile
WwanGetProfileState
WwanConnectAdditionalPdpContext
WwanGetProfileListByPurpose
WwanGetDMConfigProfileList

wcmapi

WcmCloseHandle
WcmSetParameter
WcmQueryProperty
WcmFreeMemory
WcmOpenHandle

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

Exports

Exports

GetResourceString
InitHelperDll

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/wwanconn.dll
.dll windows:10 windows x64 arch:x64

ec57deb7c06447a963f0a58c2a0b186e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WWanConn.pdb

Imports

msvcrt

wcsncmp
__CxxFrameHandler3
_CxxThrowException
memcpy
realloc
_errno
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_wtoi
wcschr
iswdigit
_unlock
_lock
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_callnewh
iswspace
calloc
memmove_s
swprintf_s
_purecall
free
malloc
wcsncpy_s
__C_specific_handler
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
_wcsnicmp
memset

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
LockResource
GetModuleFileNameA
GetModuleFileNameW
FreeLibrary
LoadResource
GetProcAddress
LoadLibraryExW
SizeofResource
GetModuleHandleExW
LoadStringW
GetModuleHandleW

api-ms-win-core-synch-l1-1-0

ReleaseSRWLockExclusive
AcquireSRWLockExclusive
CreateSemaphoreExW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
SetEvent
WaitForSingleObjectEx
OpenSemaphoreW
ReleaseSemaphore
AcquireSRWLockShared
WaitForSingleObject
CreateMutexExW
ReleaseSRWLockShared
ReleaseMutex

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy

api-ms-win-core-errorhandling-l1-1-0

SetLastError
GetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RaiseException

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess
TerminateProcess

api-ms-win-core-localization-l1-2-0

EnumSystemGeoID
GetGeoInfoW
FormatMessageW
GetUserGeoID

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
DebugBreak
OutputDebugStringW
OutputDebugStringA

api-ms-win-core-handle-l1-1-0

CloseHandle

oleaut32

SafeArrayGetElement
SafeArrayGetUBound
SafeArrayDestroy
SafeArrayGetLBound
VariantClear
SysAllocString
SysStringLen
VarUI4FromStr
VarBstrCmp
SysAllocStringByteLen
VariantChangeType
VariantInit
SysAllocStringLen
SysFreeString
SysStringByteLen
VarBstrCat

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegisterTraceGuidsW
UnregisterTraceGuids

api-ms-win-core-com-l1-1-0

CoCreateInstance
CoTaskMemFree
StringFromIID
CoTaskMemAlloc
CoTaskMemRealloc

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

api-ms-win-core-registry-l1-1-0

RegEnumKeyExW
RegQueryInfoKeyW
RegCloseKey
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegCreateKeyExW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-eventing-provider-l1-1-0

EventRegister
EventUnregister
EventWriteTransfer
EventSetInformation

api-ms-win-core-synch-l1-2-0

WakeAllConditionVariable
SleepConditionVariableSRW
InitOnceComplete
InitOnceBeginInitialize
Sleep

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

crypt32

CryptProtectData
CryptUnprotectMemory
CryptProtectMemory
CryptUnprotectData

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sidebyside-l1-1-0

DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
CreateActCtxW
ActivateActCtx

wwapi

WwanFreeMemory
WwanAllocateMemory

ntdll

WinSqmAddToStreamEx
WinSqmAddToStream
WinSqmIncrementDWORD
RtlIpv4StringToAddressW
RtlIpv6StringToAddressW
RtlIpv4AddressToStringW
RtlIpv6AddressToStringW

kernel32

lstrcmpW
lstrcmpiW
lstrlenW
CreateFileW
ReleaseActCtx

user32

GetParent
SendMessageW
PostMessageW
SetPropW
RemovePropW
GetPropW
KillTimer
SetWindowLongPtrW
SetTimer
UpdateWindow
UnregisterClassA
SendInput
RegisterWindowMessageW
CharUpperBuffW

ole32

StringFromGUID2
CoSetProxyBlanket
IIDFromString

shell32

ShellExecuteExW

wcmapi

WcmFreeMemory
WcmQueryProperty

duser

InitGadgets
DeleteHandle
DUserPostEvent

dui70

?GetCheckedState@TouchCheckBox@DirectUI@@QEAA?AW4CheckedStateFlags@2@XZ
?MultipleClick@TouchButton@DirectUI@@SA?AVUID@@XZ
?GetClassInfoPtr@HWNDElement@DirectUI@@SAPEAUIClassInfo@2@XZ
?SetCheckedState@TouchCheckBox@DirectUI@@QEAAJW4CheckedStateFlags@2@@Z
?GetRoot@Element@DirectUI@@QEAAPEAV12@XZ
?KeyWithinProp@Element@DirectUI@@SAPEBUPropertyInfo@2@XZ
?TriggeredAnimationComplete@PVLAnimation@DirectUI@@SA?AVUID@@XZ
?SetEncodedContentString@Element@DirectUI@@QEAAJPEBG@Z
?UserTextChanged@TouchEditBase@DirectUI@@SA?AVUID@@XZ
?CreateInstance@CSafeElementProxy@@SAJPEAVElement@DirectUI@@PEAPEAV1@@Z
?SelectionChange@TouchSelect@DirectUI@@SA?AVUID@@XZ
?SetContentAlign@Element@DirectUI@@QEAAJH@Z
DuiCreateObject
?SetSelectionIndex@TouchSelect@DirectUI@@QEAAJH@Z
?RemoveAll@TouchSelect@DirectUI@@QEAAXXZ
?GetEncodedContentString@Element@DirectUI@@QEAAJPEAG_K@Z
?Detach@CSafeElementProxy@@QEAAXXZ
?GetContentString@Element@DirectUI@@QEAAPEBGPEAPEAVValue@2@@Z
?GetClassInfoPtr@Element@DirectUI@@SAPEAUIClassInfo@2@XZ
?GetSelection@TouchSelect@DirectUI@@QEAAPEAVElement@2@XZ
?Click@TouchButton@DirectUI@@SA?AVUID@@XZ
?GetSelectionIndex@TouchSelect@DirectUI@@QEAAHXZ
?SetSheet@Element@DirectUI@@QEAAJPEAVStyleSheet@2@@Z
?Create@DUIXmlParser@DirectUI@@SAJPEAPEAV12@P6APEAVValue@2@PEBGPEAX@Z2P6AX11H2@Z2@Z
?SetAccName@Element@DirectUI@@QEAAJPEBG@Z
?Release@Value@DirectUI@@QEAAXXZ
?SetContentString@Element@DirectUI@@QEAAJPEBG@Z
?AddString@TouchSelect@DirectUI@@QEAAJPEBG@Z
?SetMaxLength@TouchEditBase@DirectUI@@QEAAJH@Z
?SetVisible@Element@DirectUI@@QEAAJ_N@Z
?SetClass@Element@DirectUI@@QEAAJPEBG@Z
?SetEnabled@Element@DirectUI@@QEAAJ_N@Z
?SetLayoutPos@Element@DirectUI@@QEAAJH@Z
StrToID
?FindDescendent@Element@DirectUI@@QEAAPEAV12@G@Z
?SetXMLFromResource@DUIXmlParser@DirectUI@@QEAAJIPEAUHINSTANCE__@@0@Z
?GetSheet@DUIXmlParser@DirectUI@@QEAAJPEBGPEAPEAVValue@2@@Z

mobilenetworking

PersistentRegPathGetDWORD
GetPersistentRegPath
PersistentRegPathOpenKey

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

bcrypt

BCryptCreateHash
BCryptCloseAlgorithmProvider
BCryptDestroyHash
BCryptGetProperty
BCryptOpenAlgorithmProvider
BCryptHashData
BCryptFinishHash

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllMain

Sections

.text
Size: 290KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 144KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/wwanmm.dll
.dll windows:10 windows x64 arch:x64

085d30f77f85e03dcd40724f5435c85f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WWanMM.pdb

Imports

msvcrt

memcmp
??1type_info@@UEAA@XZ
_onexit
__dllonexit
_unlock
_lock
?terminate@@YAXXZ
realloc
_errno
_initterm
_amsg_exit
_XcptFilter
memmove
memcpy
_CxxThrowException
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
??0exception@@QEAA@XZ
_callnewh
_vsnprintf_s
_wtoi
vswprintf_s
swprintf_s
memmove_s
_wtoi64
??3@YAXPEAX@Z
iswdigit
_get_errno
_set_errno
memcpy_s
_vsnwprintf
malloc
free
_purecall
calloc
??_V@YAXPEAX@Z
_resetstkoflw
__C_specific_handler
__CxxFrameHandler3
memset

api-ms-win-core-registry-l1-1-0

RegGetValueW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
UnhandledExceptionFilter
RaiseException
SetLastError

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
CreateEventW
WaitForSingleObject
ResetEvent
AcquireSRWLockExclusive
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
ReleaseSRWLockExclusive
SetEvent

api-ms-win-core-libraryloader-l1-2-0

GetModuleFileNameW
GetProcAddress
FreeLibrary
LockResource
LoadStringW
FindResourceExW
LoadResource
GetModuleHandleExW

api-ms-win-core-debug-l1-1-0

OutputDebugStringA

api-ms-win-core-com-l1-1-0

CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoInitializeEx
StringFromIID
CoTaskMemRealloc
CoUninitialize
IIDFromString
CoCreateGuid

api-ms-win-eventing-provider-l1-1-0

EventWriteTransfer
EventUnregister
EventRegister

api-ms-win-eventing-classicprovider-l1-1-0

TraceMessage
UnregisterTraceGuids
GetTraceLoggerHandle
GetTraceEnableFlags
GetTraceEnableLevel
RegisterTraceGuidsW

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

oleaut32

SafeArrayGetElement
SafeArrayLock
SysAllocString
VariantClear
SafeArrayDestroy
VariantInit
VariantChangeType
SafeArrayUnlock
SafeArrayAccessData
SysStringLen
SafeArrayRedim
SafeArrayGetLBound
SafeArrayUnaccessData
SafeArrayCreate
SysFreeString
SafeArrayGetUBound

iphlpapi

ConvertInterfaceLuidToAlias
ConvertInterfaceGuidToLuid

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime
GetTickCount64

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-error-l1-1-0

SetRestrictedErrorInfo

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference

api-ms-win-core-winrt-l1-1-0

RoActivateInstance
RoGetActivationFactory

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-winrt-error-l1-1-1

RoGetMatchingRestrictedErrorInfo

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-synch-l1-2-0

SleepConditionVariableSRW
WakeAllConditionVariable
Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind

api-ms-win-core-sidebyside-l1-1-0

FindActCtxSectionStringW
CreateActCtxW
DeactivateActCtx
ActivateActCtx
QueryActCtxW

kernel32

lstrlenW
lstrcmpW
LocalFree
InitializeCriticalSectionEx
OutputDebugStringW
LoadLibraryExW
CreateFileW
lstrlenA
ExpandEnvironmentStringsW
DebugBreak
GetModuleHandleW
GetProcessHeap
CreateMutexExW
HeapAlloc
OpenSemaphoreW
WaitForSingleObjectEx
ReleaseMutex
ReleaseSemaphore
HeapFree
CreateSemaphoreExW
GetModuleFileNameA
CompareStringOrdinal
IsDebuggerPresent

user32

UnregisterClassA

ntdll

RtlUnsubscribeWnfNotificationWaitForCompletion
NtQueryWnfStateData
RtlSubscribeWnfStateChangeNotification
RtlNtStatusToDosError
RtlIpv6StringToAddressW
RtlIpv4StringToAddressW
WinSqmAddToStream
WinSqmSetDWORD
WinSqmAddToStreamEx

shell32

ShellExecuteExW
CommandLineToArgvW

wwapi

WwanFreeMemory
WwanAllocateMemory

mobilenetworking

GetPersistentRegPath

wcmapi

WcmQueryProperty
WcmFreeMemory

datusage

CreateDataUsageHelper

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

crypt32

CryptUnprotectData
CryptProtectData

Exports

Exports

DllCanUnloadNow
DllGetClassObject
StartDiagnosticsW

Sections

.text
Size: 186KB - Virtual size: 186KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 275KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/wwanprotdim.dll
.dll windows:10 windows x64 arch:x64

9a5be203dbe5e5f8b8a67cc8d167d776

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wwanprotdim.pdb

Imports

msvcrt

malloc
_initterm
free
__C_specific_handler
_amsg_exit
memcpy
memcmp
_XcptFilter
toupper
sprintf_s
memcpy_s
wcsnlen
memmove
_vsnwprintf
memset

api-ms-win-eventing-classicprovider-l1-1-0

RegisterTraceGuidsW
TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
UnregisterTraceGuids

rpcrt4

RpcStringFreeW
UuidToStringW
UuidFromStringW

api-ms-win-core-string-l2-1-0

CharUpperBuffW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetLastError

api-ms-win-core-synch-l1-1-0

LeaveCriticalSection
EnterCriticalSection
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
AcquireSRWLockExclusive
DeleteCriticalSection
ReleaseSRWLockExclusive

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls
GetModuleFileNameA

api-ms-win-eventing-provider-l1-1-0

EventProviderEnabled
EventRegister
EventUnregister
EventWriteTransfer
EventSetInformation

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetThreadId
GetCurrentProcessId
GetCurrentThreadId
CreateThread

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-core-rtlsupport-l1-1-0

RtlVirtualUnwind
RtlCaptureContext
RtlLookupFunctionEntry

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

ntdll

NtDeviceIoControlFile
RtlNtStatusToDosError

api-ms-win-core-heap-l2-1-0

LocalAlloc

Exports

Exports

DimInitialize

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/wwansvc.dll
.dll windows:10 windows x64 arch:x64

4e935a06527aa8de53cb2dd2e5d7a14b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wwansvc.pdb

Imports

msvcp_win

?id@?$ctype@G@std@@2V0locale@2@A
?uncaught_exception@std@@YA_NXZ
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?flush@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV12@XZ
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?setstate@?$basic_ios@GU?$char_traits@G@std@@@std@@QEAAXH_N@Z
??1_Lockit@std@@QEAA@XZ
?_Osfx@?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAXXZ
??0?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAA@PEAV?$basic_streambuf@GU?$char_traits@G@std@@@1@_N@Z
?_Pninc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAPEAGXZ
??0?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAA@XZ
??Bid@locale@std@@QEAA_KXZ
?widen@?$ctype@G@std@@QEBAGD@Z
?_Getcat@?$ctype@G@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?_Xlength_error@std@@YAXPEBD@Z
??0?$basic_ios@GU?$char_traits@G@std@@@std@@IEAA@XZ
??1?$basic_ios@GU?$char_traits@G@std@@@std@@UEAA@XZ
?gbump@?$basic_streambuf@GU?$char_traits@G@std@@@std@@IEAAXH@Z
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@GU?$char_traits@G@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??1?$basic_ostream@GU?$char_traits@G@std@@@std@@UEAA@XZ
?imbue@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAXAEBVlocale@2@@Z
?sync@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAHXZ
?setbuf@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAPEAV12@PEAG_J@Z
?xsputn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEBG_J@Z
?xsgetn@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JPEAG_J@Z
?uflow@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAAGXZ
?showmanyc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@MEAA_JXZ
?_Unlock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
??0_Lockit@std@@QEAA@H@Z
?_Xinvalid_argument@std@@YAXPEBD@Z
?_Lock@?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAAXXZ
?_Xout_of_range@std@@YAXPEBD@Z
?sputc@?$basic_streambuf@GU?$char_traits@G@std@@@std@@QEAAGG@Z
??1?$basic_streambuf@GU?$char_traits@G@std@@@std@@UEAA@XZ

api-ms-win-crt-string-l1-1-0

wcsnlen
wcscmp
memmove_s
memset
strncmp
wcsncmp

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__recalloc
_o__register_onexit_function
_o__seh_filter_dll
_o__wcsdup
_o__wcsicmp
_o__wcsnicmp
memmove
_o__wtoi
_o_calloc
_o_free
_o_isalpha
_o_iswalnum
_o_iswdigit
_o_iswspace
_o_malloc
_o_qsort
_o_terminate
_o_toupper
_o_wcscpy_s
_o_wcsncpy_s
_o_wcstol
_o_wmemcpy_s
__CxxFrameHandler3
__C_specific_handler
_CxxThrowException
_o__execute_onexit_table
_o__errno
_o__crt_atexit
_o__configure_narrow_argv
_o__cexit
_o__callnewh
_o___stdio_common_vswscanf
_o___stdio_common_vswprintf_s
_o___stdio_common_vswprintf
_o___stdio_common_vsprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
wcschr
__std_type_info_compare
wcsstr
__std_terminate
__CxxFrameHandler4
memchr
memcmp
memcpy

ntdll

RtlInitUnicodeString
WinSqmAddToStreamEx
NtPowerInformation
RtlNtStatusToDosError
RtlStringFromGUID
NtDeviceIoControlFile
RtlPublishWnfStateData
RtlIpv4AddressToStringW
RtlIpv6AddressToStringW
RtlSubscribeWnfStateChangeNotification
RtlUnsubscribeWnfNotificationWithCompletionCallback
RtlQueryWnfStateData
WinSqmIncrementDWORD
RtlNtStatusToDosErrorNoTeb
WinSqmIsOptedIn
NtCreateWnfStateName
NtQueryWnfStateData
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
RtlIpv4StringToAddressW
RtlIpv6StringToAddressW
RtlQueryPackageIdentity
RtlDeriveCapabilitySidsFromName
EtwTraceMessage
NtQueryKey
RtlTestAndPublishWnfStateData
RtlWaitForWnfMetaNotification

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleW
LoadStringW
GetModuleHandleExW
GetProcAddress
LoadLibraryExW
DisableThreadLibraryCalls
FreeLibrary
GetModuleFileNameA

api-ms-win-core-synch-l1-1-0

InitializeCriticalSectionEx
WaitForSingleObject
EnterCriticalSection
CreateSemaphoreExW
ReleaseMutex
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WaitForSingleObjectEx
OpenSemaphoreW
ReleaseSRWLockShared
CreateMutexExW
AcquireSRWLockShared
DeleteCriticalSection
CreateEventW
SetEvent
InitializeCriticalSectionAndSpinCount
InitializeCriticalSection
ReleaseSemaphore
ResetEvent
CreateEventExW
LeaveCriticalSection

api-ms-win-core-heap-l1-1-0

HeapFree
GetProcessHeap
HeapAlloc

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetLastError
RaiseException

api-ms-win-core-threadpool-l1-2-0

CreateThreadpoolWait
WaitForThreadpoolWaitCallbacks
WaitForThreadpoolTimerCallbacks
CreateThreadpoolCleanupGroup
CloseThreadpoolWait
CloseThreadpoolCleanupGroup
SetThreadpoolTimer
CloseThreadpoolCleanupGroupMembers
CallbackMayRunLong
IsThreadpoolTimerSet
TrySubmitThreadpoolCallback
SetThreadpoolWait
CreateThreadpoolTimer
CloseThreadpoolTimer

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentThread
GetCurrentProcess
OpenThreadToken
GetCurrentThreadId
CreateThread
OpenProcessToken
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent
OutputDebugStringW
DebugBreak

api-ms-win-core-handle-l1-1-0

CloseHandle

oleaut32

SysAllocString
SysFreeString
SysReAllocStringLen
SysAllocStringByteLen
SysStringByteLen
VariantInit
VarBstrCat
VariantChangeType
SysAllocStringLen
SysStringLen
VariantClear

api-ms-win-eventing-provider-l1-1-0

EventSetInformation
EventRegister
EventProviderEnabled
EventWriteTransfer
EventUnregister
EventWrite
EventActivityIdControl

api-ms-win-service-core-l1-1-0

SetServiceStatus
RegisterServiceCtrlHandlerExW

api-ms-win-core-com-l1-1-0

IIDFromString
CoInitializeEx
CLSIDFromString
CoDecrementMTAUsage
CoUninitialize
StringFromGUID2
CoIncrementMTAUsage
CoTaskMemFree
CoTaskMemAlloc
StringFromCLSID
CoCreateFreeThreadedMarshaler
CoWaitForMultipleHandles
CoCreateGuid
CoCreateInstance

api-ms-win-core-threadpool-legacy-l1-1-0

DeleteTimerQueueEx
CreateTimerQueueTimer
UnregisterWaitEx
CreateTimerQueue
DeleteTimerQueueTimer
ChangeTimerQueueTimer

api-ms-win-eventing-classicprovider-l1-1-0

UnregisterTraceGuids
TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegisterTraceGuidsW

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceExecuteOnce
InitOnceComplete
InitOnceBeginInitialize

api-ms-win-core-registry-l1-1-0

RegDeleteKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegGetValueW
RegCreateKeyExW
RegDeleteTreeW
RegQueryInfoKeyW
RegCloseKey
RegSetValueExW
RegQueryValueExW

api-ms-win-core-registry-l1-1-1

RegSetKeyValueW
RegDeleteKeyValueW

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-devices-query-l1-1-0

DevGetObjectProperties
DevFreeObjectProperties
DevCloseObjectQuery

api-ms-win-core-file-l1-1-0

CreateDirectoryW
DeleteFileW
CreateFileW
GetFullPathNameW
SetFileAttributesW
GetFileAttributesW
WriteFile
ReadFile

api-ms-win-core-io-l1-1-0

DeviceIoControl
GetOverlappedResult

devobj

DevObjGetDeviceInstanceId
DevObjDestroyDeviceInfoList
DevObjGetDeviceInterfaceDetail
DevObjGetDeviceRegistryProperty
DevObjGetClassDevs
DevObjCreateDeviceInfoList
DevObjEnumDeviceInfo
DevObjOpenDevRegKey
DevObjOpenDeviceInfo
DevObjGetDeviceProperty
DevObjEnumDeviceInterfaces

iphlpapi

GetAdaptersAddresses
GetIfEntry2
SetInterfaceDnsSettings
ConvertInterfaceGuidToLuid

rpcrt4

UuidFromStringW
RpcBindingFree
RpcBindingSetAuthInfoExW
RpcStringBindingComposeW
RpcBindingFromStringBindingW
RpcExceptionFilter
RpcImpersonateClient
RpcRevertToSelfEx
UuidCreate
RpcEpUnregister
I_RpcExceptionFilter
RpcBindingSetOption
RpcStringFreeW
UuidToStringW
RpcBindingSetAuthInfoW
RpcMgmtInqServerPrincNameW
RpcServerInqCallAttributesW
RpcBindingVectorFree
NdrAsyncServerCall
RpcServerUnregisterIfEx
NdrServerCallAll
RpcServerUseProtseqW
RpcServerRegisterIf3
RpcAsyncCompleteCall
Ndr64AsyncServerCallAll
RpcServerListen
NdrServerCall2
RpcServerInqBindingHandle
RpcServerUnsubscribeForNotification
RpcServerSubscribeForNotification
RpcAsyncAbortCall
I_RpcOpenClientProcess
RpcServerRegisterAuthInfoW
RpcServerInqBindings
RpcEpRegisterW
NdrClientCall3

api-ms-win-core-shlwapi-obsolete-l1-1-0

StrStrIW

api-ms-win-core-processenvironment-l1-1-0

ExpandEnvironmentStringsW

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemWindowsDirectoryW
GetTickCount64
GetSystemTimeAsFileTime

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateString
WindowsCreateStringReference
WindowsGetStringRawBuffer

api-ms-win-shcore-taskpool-l1-1-0

SHTaskPoolQueueTask

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

api-ms-win-devices-swdevice-l1-1-0

SwDeviceInterfaceRegister
SwDeviceClose
SwDeviceCreate
SwMemFree

api-ms-win-core-timezone-l1-1-0

FileTimeToSystemTime
SystemTimeToFileTime

winhttp

WinHttpCreateUrl
WinHttpCrackUrl

ws2_32

WSAAddressToStringW
WSACleanup
closesocket
WSAIoctl
WSAEventSelect
socket
WSAGetLastError
WSAStartup
WSAEnumNetworkEvents
ntohl

api-ms-win-oobe-notification-l1-1-0

OOBEComplete

api-ms-win-core-string-l2-1-1

SHLoadIndirectString

api-ms-win-security-accesshlpr-l1-1-0

QueryTransientObjectSecurityDescriptor
FreeTransientObjectSecurityDescriptor

api-ms-win-security-base-l1-1-0

CopySid
GetTokenInformation
EqualSid
AllocateAndInitializeSid
CreateWellKnownSid
FreeSid
CheckTokenMembership

api-ms-win-devices-config-l1-1-1

CM_Setup_DevNode
CM_Query_And_Remove_SubTreeW

api-ms-win-core-string-l1-1-0

MultiByteToWideChar
WideCharToMultiByte
CompareStringEx

api-ms-win-core-processthreads-l1-1-1

OpenProcess
IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

wmi

WmiNotificationRegistrationW

policymanager

PolicyManager_GetPolicyInt

umpdc

Pdcv2ActivationClientActivate
Pdcv2ActivationClientDeactivate
Pdcv2ActivationClientUnregister
Pdcv2ActivationClientRegister

mobilenetworking

PersistentRegPathCreateKey
PersistentRegPathOpenKey
PersistentRegPathSetDWORD
PersistentRegPathGetDWORD
PersistentRegPathGetValue
GetPersistentRegPath

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-registry-l2-1-0

RegDeleteKeyW

api-ms-win-core-kernel32-legacy-l1-1-0

MoveFileW
RegisterWaitForSingleObject

api-ms-win-core-file-l2-1-0

ReplaceFileW

profapi

ord104

api-ms-win-security-sddl-l1-1-0

ConvertStringSidToSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-security-capability-l1-1-0

RpcClientCapabilityCheck

api-ms-win-security-base-l1-2-0

CheckTokenCapability

bcrypt

BCryptHashData
BCryptFinishHash
BCryptOpenAlgorithmProvider
BCryptGetProperty
BCryptDestroyHash
BCryptCreateHash
BCryptCloseAlgorithmProvider

api-ms-win-service-private-l1-1-0

UnsubscribeServiceChangeNotifications
WaitServiceState
SubscribeServiceChangeNotifications

api-ms-win-service-management-l1-1-0

StartServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpW

api-ms-win-core-apiquery-l1-1-0

ApiSetQueryApiSetPresence

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

api-ms-win-core-namedpipe-l1-1-0

ConnectNamedPipe
CreateNamedPipeW

api-ms-win-crt-math-l1-1-0

ceilf

Exports

Exports

SvchostPushServiceGlobals
WwanSvcMain

Sections

.text
Size: 889KB - Virtual size: 888KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 461KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 90KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/wwapi.dll
.dll windows:10 windows x64 arch:x64

39aab269f8884da222f7a397a1bf8645

Code Sign

33:00:00:02:65:51:ae:1b:bd:00:5c:bf:bd:00:00:00:00:02:65
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:30

Not After

03/03/2021, 18:30

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:72:6d:a5:6c:c5:68:85:79:a3:f8:09:1f:55:8b:f0:28:27:fc:8b:02:a7:3a:81:bd:48:50:a2:20:ab:f6:0b
Signer

Actual PE Digest

02:72:6d:a5:6c:c5:68:85:79:a3:f8:09:1f:55:8b:f0:28:27:fc:8b:02:a7:3a:81:bd:48:50:a2:20:ab:f6:0b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

wwapi.pdb

Imports

msvcrt

__C_specific_handler
??1exception@@UEAA@XZ
?what@exception@@UEBAPEBDXZ
_onexit
__dllonexit
??1type_info@@UEAA@XZ
??0exception@@QEAA@AEBV0@@Z
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBQEBD@Z
memmove
_lock
_initterm
malloc
memcpy
_purecall
_unlock
??3@YAXPEAX@Z
__CxxFrameHandler3
free
_amsg_exit
_XcptFilter
_CxxThrowException
_callnewh
memset

ntdll

RtlLookupFunctionEntry
RtlCaptureContext
EtwUnregisterTraceGuids
RtlVirtualUnwind
EtwGetTraceEnableFlags
EtwGetTraceEnableLevel
EtwGetTraceLoggerHandle
EtwTraceMessage
EtwRegisterTraceGuidsW

api-ms-win-core-libraryloader-l1-2-0

DisableThreadLibraryCalls

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateEventW
InitializeCriticalSectionAndSpinCount
WaitForSingleObject
WaitForSingleObjectEx
SetEvent

rpcrt4

RpcBindingFromStringBindingW
I_RpcExceptionFilter
RpcAsyncCompleteCall
RpcAsyncGetCallStatus
RpcAsyncCancelCall
RpcSsDestroyClientContext
NdrClientCall3
Ndr64AsyncClientCall
RpcStringBindingComposeW
RpcBindingFree
RpcBindingSetAuthInfoW
RpcMgmtInqServerPrincNameW
RpcBindingSetOption
RpcEpResolveBinding
RpcStringFreeW
RpcAsyncInitializeHandle

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
SetLastError
GetLastError
UnhandledExceptionFilter

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcess
GetCurrentThreadId
GetCurrentProcessId
CreateThread

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetTickCount
GetSystemTimeAsFileTime

api-ms-win-core-heap-l1-1-0

HeapFree
HeapAlloc
GetProcessHeap

Exports

Exports

Wwan2CloseDeviceServiceCommandSession
Wwan2CloseDeviceServiceDataSession
Wwan2CloseHandle
Wwan2EnumerateDeviceServices
Wwan2OpenDeviceServiceCommandSession
Wwan2OpenDeviceServiceDataSession
Wwan2OpenHandle
Wwan2QueryDeviceServiceSupportedCommands
Wwan2QueryInterfaces
Wwan2RegisterNotification
Wwan2SendDeviceServiceCommand
Wwan2SubscribePowerStateEvents
Wwan2WriteDeviceServiceData
WwanActivateNotification
WwanAllocateMemory
WwanAuthChallenge
WwanCloseHandle
WwanConnect
WwanConnectAdditionalPdpContext
WwanConnectByActivityId
WwanConvertToInterfaceObject
WwanDeleteDMConfigProfile
WwanDeleteProfile
WwanDisconnect
WwanEnumerateInterfaces
WwanFreeMemory
WwanGetDMConfigBinary
WwanGetDMConfigProfile
WwanGetDMConfigProfileList
WwanGetInfGuidAndProfileByProfileIndex
WwanGetInterfaceGuid
WwanGetProfile
WwanGetProfileHomeProviderName
WwanGetProfileIndex
WwanGetProfileIstream
WwanGetProfileList
WwanGetProfileListByPurpose
WwanGetProfileMetaData
WwanGetProfileState
WwanModemLogging
WwanOpenHandle
WwanQueryIPv6eHRPDControl
WwanQueryInterface
WwanQueryInterfaceEx
WwanRegister
WwanRegisterNotification
WwanScan
WwanSearchProfile
WwanSetDMConfigBinary
WwanSetDMConfigProfile
WwanSetIPv6eHRPDControl
WwanSetInterface
WwanSetNetworkQuietMode
WwanSetProfile
WwanSetProfileMetaData
WwanSetSmsConfiguration
WwanSmsDelete
WwanSmsRead
WwanSmsSend
WwanUiccCloseChannel
WwanUiccOpenChannel
WwanUiccSendApdu
WwanUiccSetTerminalCapability
WwanUssdRequest

Sections

.text
Size: 46KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/xboxgipsvc.dll
.dll windows:10 windows x64 arch:x64

4a503ff13a26eb1e18da1f0f73bec911

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XboxGipSvc.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
_o__crt_atexit
memmove
_o_free
_o_malloc
__C_specific_handler
_o__callnewh
_CxxThrowException
__CxxFrameHandler3
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o__configure_narrow_argv
__std_terminate
__CxxFrameHandler4
_o__cexit
memcpy

api-ms-win-crt-string-l1-1-0

memset

ntdll

RtlQueryWnfStateData
RtlNtStatusToDosError
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

api-ms-win-core-synch-l1-2-0

Sleep
InitOnceExecuteOnce

api-ms-win-core-util-l1-1-0

DecodePointer
EncodePointer

api-ms-win-eventing-classicprovider-l1-1-0

GetTraceLoggerHandle
UnregisterTraceGuids
GetTraceEnableLevel
TraceMessage
GetTraceEnableFlags
RegisterTraceGuidsW

api-ms-win-core-errorhandling-l1-1-0

SetUnhandledExceptionFilter
GetLastError
SetLastError
UnhandledExceptionFilter

api-ms-win-core-synch-l1-1-0

AcquireSRWLockExclusive
OpenSemaphoreW
ReleaseSRWLockExclusive
CreateEventW
CreateMutexExW
ReleaseSRWLockShared
AcquireSRWLockShared
WaitForSingleObject
WaitForSingleObjectEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
ReleaseSemaphore
DeleteCriticalSection
CreateSemaphoreExW
SetEvent
CreateEventExW
ReleaseMutex

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
GetModuleHandleW
DisableThreadLibraryCalls
GetProcAddress
GetModuleFileNameA

api-ms-win-core-winrt-error-l1-1-0

RoOriginateError
RoOriginateErrorW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
CreateThread
GetCurrentProcess
TerminateProcess
GetCurrentThreadId

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapFree
HeapAlloc

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-winrt-l1-1-0

RoRevokeActivationFactories
RoRegisterActivationFactories
RoUninitialize
RoInitialize

api-ms-win-core-winrt-string-l1-1-0

WindowsGetStringRawBuffer
WindowsCreateString
WindowsStringHasEmbeddedNull
WindowsDeleteString
WindowsIsStringEmpty

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoDisconnectContext
CoReleaseServerProcess
CoAddRefServerProcess
CoRevokeClassObject
CoDecrementMTAUsage
CoRegisterClassObject
CoResumeClassObjects
CoCreateInstance
CoCreateFreeThreadedMarshaler
CoInitializeSecurity

api-ms-win-service-core-l1-1-1

QueryServiceDynamicInformation

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-service-core-l1-1-0

RegisterServiceCtrlHandlerExW
SetServiceStatus

api-ms-win-security-sddl-l1-1-0

ConvertStringSecurityDescriptorToSecurityDescriptorW

api-ms-win-security-base-l1-1-0

MakeAbsoluteSD

api-ms-win-core-registry-l1-1-0

RegOpenKeyExW
RegCloseKey
RegEnumValueW
RegQueryInfoKeyW

api-ms-win-core-io-l1-1-0

DeviceIoControl

api-ms-win-service-management-l1-1-0

OpenServiceW
OpenSCManagerW
CloseServiceHandle

api-ms-win-service-management-l2-1-0

QueryServiceStatusEx
NotifyServiceStatusChangeW

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-devices-swdevice-l1-1-0

SwDeviceCreate
SwDeviceClose

wlanapi

WlanEnumInterfaces
WlanCloseHandle
WlanRegisterNotification
WlanOpenHandle
WlanFreeMemory
WlanQueryInterface

ext-ms-win-setupapi-classinstallers-l1-1-0

SetupDiEnumDeviceInfo
SetupDiGetDevicePropertyW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList

combase

CStdStubBuffer_IsIIDSupported
ord32
CStdStubBuffer_DebugServerRelease
ord69
ord67
ord68
ord66
NdrCStdStubBuffer2_Release
CStdStubBuffer2_Connect
CStdStubBuffer_Invoke
CStdStubBuffer2_CountRefs
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer2_Disconnect
CStdStubBuffer2_QueryInterface
CStdStubBuffer_AddRef
ord33
ord34

msvcp_win

?_Execute_once@std@@YAHAEAUonce_flag@1@P6AHPEAX1PEAPEAX@Z1@Z
?__ExceptionPtrCreate@@YAXPEAX@Z
?__ExceptionPtrDestroy@@YAXPEAX@Z
?__ExceptionPtrToBool@@YA_NPEBX@Z
?__ExceptionPtrRethrow@@YAXPEBX@Z
?__ExceptionPtrCopy@@YAXPEAXPEBX@Z
?_XGetLastError@std@@YAXXZ
?__ExceptionPtrAssign@@YAXPEAXPEBX@Z
?__ExceptionPtrCurrentException@@YAXPEAX@Z
?_Xlength_error@std@@YAXPEBD@Z

rpcrt4

NdrOleAllocate
NdrDllGetClassObject
IUnknown_QueryInterface_Proxy
IUnknown_Release_Proxy
NdrOleFree
IUnknown_AddRef_Proxy
NdrDllCanUnloadNow
NdrStubForwardingFunction

Exports

Exports

DllCanUnloadNow
DllGetClassObject
ServiceMain

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/xboxgipsynthetic.dll
.dll windows:10 windows x64 arch:x64

ecbe653e175f151f0a6026b3a9679b82

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XboxgipSynthetic.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

_initterm_e
_initterm

api-ms-win-crt-private-l1-1-0

_o__configure_narrow_argv
_o__crt_atexit
_o__errno
_o__execute_onexit_table
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__purecall
_o__register_onexit_function
_o__seh_filter_dll
memcpy
_o_free
_o_malloc
_o_terminate
__C_specific_handler
_o___stdio_common_vswprintf
_o___stdio_common_vsnprintf_s
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o__cexit
_o__callnewh
__CxxFrameHandler3
_CxxThrowException
__CxxFrameHandler4

api-ms-win-crt-string-l1-1-0

memset

api-ms-win-core-libraryloader-l1-2-0

GetModuleHandleExW
GetModuleHandleW
GetModuleFileNameA
GetProcAddress

api-ms-win-core-synch-l1-1-0

CreateMutexExW
ReleaseMutex
OpenSemaphoreW
WaitForSingleObjectEx
WaitForSingleObject
DeleteCriticalSection
ReleaseSemaphore
CreateEventExW
ResetEvent
CreateSemaphoreExW
SetEvent
CreateEventW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection

api-ms-win-core-heap-l1-1-0

GetProcessHeap
HeapAlloc
HeapFree

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
SetLastError
RaiseException

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcess
TerminateProcess
GetCurrentThreadId
GetCurrentProcessId

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

DebugBreak
IsDebuggerPresent
OutputDebugStringW

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-rtlsupport-l1-1-0

RtlCaptureContext
RtlVirtualUnwind
RtlLookupFunctionEntry

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetSystemInfo

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead

msvcp_win

?_Xlength_error@std@@YAXPEBD@Z

api-ms-win-core-threadpool-l1-2-0

CloseThreadpoolTimer
CloseThreadpoolIo
WaitForThreadpoolIoCallbacks
CreateThreadpoolIo
StartThreadpoolIo
SetThreadpoolTimer
CreateThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolCleanupGroup
CloseThreadpoolCleanupGroupMembers
CreateThreadpoolCleanupGroup
SetThreadpoolThreadMinimum
SetThreadpoolThreadMaximum
CreateThreadpool
CloseThreadpool

api-ms-win-core-memory-l1-1-0

VirtualAlloc
VirtualProtect
VirtualQuery
VirtualFree

api-ms-win-core-io-l1-1-0

DeviceIoControl
GetOverlappedResult
CancelIoEx

api-ms-win-core-file-l1-1-0

CreateFileW

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-winrt-string-l1-1-0

WindowsCreateStringReference

api-ms-win-core-winrt-l1-1-0

RoGetActivationFactory

ntdll

RtlGetDeviceFamilyInfoEnum

Exports

Exports

DllMain
SyntheticController_AddAudioHeadset
SyntheticController_Connect
SyntheticController_CreateController
SyntheticController_Disconnect
SyntheticController_GetDeviceId
SyntheticController_RegisterReportCallback
SyntheticController_RemoveAudioHeadset
SyntheticController_RemoveController
SyntheticController_SendAudio
SyntheticController_SendReport
SyntheticController_SetTargetProcess
SyntheticController_UnregisterReportCallback

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/xmlfilter.dll
.dll regsvr32 windows:10 windows x64 arch:x64

9c6c869862163d621c2d7c68bc01df4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

XmlFilter.pdb

Imports

msvcrt

??1type_info@@UEAA@XZ
_XcptFilter
_amsg_exit
_lock
_unlock
__dllonexit
_wcsnicmp
_onexit
_callnewh
wcscat_s
memmove
__C_specific_handler
iswspace
_purecall
free
malloc
_CxxThrowException
realloc
_vsnprintf_s
??0exception@@QEAA@AEBV0@@Z
memcpy
wcsncpy_s
_errno
__CxxFrameHandler3
?terminate@@YAXXZ
wcscpy_s
??0exception@@QEAA@XZ
??1exception@@UEAA@XZ
memcpy_s
_vsnwprintf
_initterm
memset

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
SizeofResource
GetModuleHandleExW
LoadLibraryExW
GetModuleFileNameA
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleW
FreeLibrary
GetModuleFileNameW
LoadResource

api-ms-win-core-synch-l1-1-0

EnterCriticalSection
LeaveCriticalSection
ReleaseSemaphore
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
AcquireSRWLockShared
ReleaseSRWLockShared
InitializeCriticalSection
ReleaseMutex
CreateEventExW
WaitForSingleObjectEx
OpenSemaphoreW
DeleteCriticalSection
CreateSemaphoreExW
SetEvent
WaitForSingleObject
CreateMutexExW

api-ms-win-core-heap-l1-1-0

HeapAlloc
HeapFree
GetProcessHeap

api-ms-win-core-errorhandling-l1-1-0

GetLastError
UnhandledExceptionFilter
RaiseException
SetUnhandledExceptionFilter
SetLastError

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetCurrentProcess

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-debug-l1-1-0

OutputDebugStringW
DebugBreak
OutputDebugStringA
IsDebuggerPresent

api-ms-win-core-handle-l1-1-0

CloseHandle

oleaut32

VariantClear
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysStringLen
SysAllocString
SysFreeString

api-ms-win-core-com-l1-1-0

CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
CoTaskMemFree
StringFromGUID2

api-ms-win-core-file-l1-1-0

GetFileAttributesW

api-ms-win-shcore-stream-l1-1-0

SHCreateStreamOnFileEx

api-ms-win-core-threadpool-legacy-l1-1-0

QueueUserWorkItem

api-ms-win-core-string-l1-1-0

MultiByteToWideChar

api-ms-win-core-string-l2-1-0

CharNextW

api-ms-win-core-registry-l1-1-0

RegQueryInfoKeyW
RegCreateKeyExW
RegEnumKeyExW
RegCloseKey
RegDeleteValueW
RegOpenKeyExW
RegSetValueExW

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

api-ms-win-core-heap-l2-1-0

LocalFree

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetVersionExA
GetTickCount

api-ms-win-core-memory-l1-1-0

UnmapViewOfFile

api-ms-win-core-libraryloader-l1-2-1

LoadLibraryW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 420B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/xmllite.dll
.dll windows:10 windows x64 arch:x64

d2e0f3f026362c9bf4ba56fa26b36d50

Code Sign

33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66
Certificate

Issuer

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/03/2020, 18:30

Not After

03/03/2021, 18:30

Subject

CN=Microsoft Windows,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:07:76:56:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

19/10/2011, 18:41

Not After

19/10/2026, 18:51

Subject

CN=Microsoft Windows Production PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a9:01:74:45:90:a8:77:4f:3c:2a:45:ca:4e:47:8f:6a:4b:42:bb:2e:a7:06:d1:fd:8a:8b:f2:e6:a8:08:fc:c0
Signer

Actual PE Digest

a9:01:74:45:90:a8:77:4f:3c:2a:45:ca:4e:47:8f:6a:4b:42:bb:2e:a7:06:d1:fd:8a:8b:f2:e6:a8:08:fc:c0

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP
IMAGE_FILE_DLL

PDB Paths

XmlLite.pdb

Imports

msvcrt

_purecall
_callnewh
__C_specific_handler
_initterm
malloc
_XcptFilter
memmove
free
_amsg_exit
_vsnwprintf
memcmp
memcpy
memset

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

GetCurrentProcessId
GetCurrentThreadId
TerminateProcess
GetCurrentProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime
GetTickCount

api-ms-win-core-rtlsupport-l1-1-0

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlCaptureContext

api-ms-win-core-errorhandling-l1-1-0

GetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-localization-l1-2-0

GetCPInfo

api-ms-win-core-heap-l1-1-0

HeapAlloc
GetProcessHeap
HeapFree

api-ms-win-core-memory-l1-1-0

VirtualQuery

Exports

Exports

CreateXmlReader
CreateXmlReaderInputWithEncodingCodePage
CreateXmlReaderInputWithEncodingName
CreateXmlWriter
CreateXmlWriterOutputWithEncodingCodePage
CreateXmlWriterOutputWithEncodingName

Sections

.text
Size: 153KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/xmlprovi.dll
.dll regsvr32 windows:10 windows x64 arch:x64

24d8349f9b6586bff7025b9e2cce6bac

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

xmlprovi.pdb

Imports

ntdll

wcschr
__C_specific_handler
memcpy

msvcrt

free
malloc
??0exception@@QEAA@AEBQEBDH@Z
??0exception@@QEAA@AEBV0@@Z
__CxxFrameHandler3
??1type_info@@UEAA@XZ
?terminate@@YAXXZ
_initterm
_amsg_exit
_XcptFilter
_CxxThrowException
_callnewh
?what@exception@@UEBAPEBDXZ
??1exception@@UEAA@XZ

atl

ord22
ord30
ord18
ord15
ord21
ord16
ord23
ord32

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
Sleep
lstrlenA
MultiByteToWideChar
lstrlenW
InitializeCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
TerminateProcess
GetCurrentProcess

rtutils

TracePrintfA
TraceDeregisterW
TraceRegisterExW

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 768B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/libs/xolehlp.dll
.dll windows:10 windows x64 arch:x64

8c66b484e9dcdd20cbcb519baff6097e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

xolehlp.pdb

Imports

api-ms-win-core-registry-l1-1-0

RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExA
RegQueryValueExW

api-ms-win-core-libraryloader-l1-2-0

FindResourceExW
LoadResource
LockResource
GetProcAddress
GetModuleHandleA
LoadStringW
LoadLibraryExA
FreeLibrary
LoadLibraryExW
GetModuleHandleW
DisableThreadLibraryCalls
GetModuleFileNameW

api-ms-win-core-com-l1-1-0

CoTaskMemFree
StringFromGUID2
CoTaskMemAlloc
CoGetObjectContext
CoCreateInstance

api-ms-win-core-heap-l2-1-0

LocalAlloc
LocalFree

api-ms-win-core-string-l1-1-0

WideCharToMultiByte
MultiByteToWideChar

api-ms-win-core-errorhandling-l1-1-0

UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetLastError

api-ms-win-core-string-obsolete-l1-1-0

lstrcmpiW

msvcrt

_wfopen
strchr
?what@exception@@UEBAPEBDXZ
??0exception@@QEAA@AEBV0@@Z
??1type_info@@UEAA@XZ
??1exception@@UEAA@XZ
_onexit
__dllonexit
_CxxThrowException
_local_unwind
?terminate@@YAXXZ
memcmp
_unlock
_lock
__C_specific_handler
_initterm
_amsg_exit
_XcptFilter
memcpy
??0exception@@QEAA@AEBQEBDH@Z
_callnewh
malloc
free
_vsnprintf
fopen
fflush
fclose
fprintf
fwprintf
__CxxFrameHandler3
_vsnwprintf
_wcsicmp
_stricmp
mbstowcs
wcsrchr
_purecall
_waccess
wcscpy_s
_ultow
memset

ntdll

RtlLookupFunctionEntry
RtlVirtualUnwind
RtlReportException
RtlCaptureContext
RtlNtStatusToDosError

api-ms-win-core-synch-l1-2-0

Sleep

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-processthreads-l1-1-0

TlsFree
TlsGetValue
GetCurrentThreadId
TlsAlloc
GetCurrentProcessId
GetCurrentProcess
GetExitCodeProcess
CreateProcessW
OpenProcessToken
TerminateProcess

api-ms-win-core-sysinfo-l1-1-0

GetSystemWindowsDirectoryA
GetTickCount
GetSystemTimeAsFileTime
GetComputerNameExW
GetLocalTime

api-ms-win-core-processenvironment-l1-1-0

GetCommandLineA
ExpandEnvironmentStringsW

api-ms-win-core-file-l1-1-0

SetFileAttributesW
DeleteFileW
CreateFileW
GetFullPathNameW
FindNextFileW
FindFirstFileW
FindClose
CreateDirectoryW

api-ms-win-core-debug-l1-1-0

DebugBreak
OutputDebugStringW
IsDebuggerPresent

api-ms-win-core-synch-l1-1-0

ResetEvent
InitializeCriticalSection
WaitForSingleObject
InitializeCriticalSectionAndSpinCount
SetEvent
CreateEventA
WaitForSingleObjectEx
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-psapi-l1-1-0

QueryFullProcessImageNameW

api-ms-win-security-base-l1-1-0

GetTokenInformation

api-ms-win-core-version-l1-1-0

VerQueryValueW

api-ms-win-core-localization-l1-2-0

FormatMessageW

api-ms-win-core-delayload-l1-1-1

ResolveDelayLoadedAPI

api-ms-win-core-delayload-l1-1-0

DelayLoadFailureHook

kernel32

UnregisterWaitEx
QueueUserWorkItem

Exports

Exports

DtcGetTransactionManager
DtcGetTransactionManagerC
DtcGetTransactionManagerEx
DtcGetTransactionManagerExA
DtcGetTransactionManagerExW
FreezeLocalTransactionManagers
GetDtcLocaleResourceHandle
ThawLocalTransactionManagers

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.didat
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 272B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
files/translations/qt_ca.qm
files/translations/qt_cs.qm
files/translations/qt_de.qm
gratefulEthical.txt
lnstaIler.exe
.exe windows:6 windows x64 arch:x64

c595f1660e1a3c84f4d9b0761d23cd7a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

AddAtomA
AddVectoredContinueHandler
AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileA
CreateIoCompletionPort
CreateMutexA
CreateSemaphoreA
CreateThread
CreateWaitableTimerExW
DeleteAtom
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
FindAtomA
FormatMessageA
FreeEnvironmentStringsW
GetAtomNameA
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetErrorMode
GetHandleInformation
GetLastError
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatusEx
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryExW
LoadLibraryW
LocalFree
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
RaiseFailFastException
ReleaseMutex
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlLookupFunctionEntry
RtlVirtualUnwind
SetConsoleCtrlHandler
SetErrorMode
SetEvent
SetLastError
SetProcessAffinityMask
SetProcessPriorityBoost
SetThreadContext
SetThreadPriority
SetUnhandledExceptionFilter
SetWaitableTimer
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WerGetFlags
WerSetFlags
WideCharToMultiByte
WriteConsoleW
WriteFile
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_acmdln
_amsg_exit
_beginthread
_beginthreadex
_cexit
_commode
_endthreadex
_errno
_fmode
_initterm
_lock
_memccpy
_onexit
_setjmp
_strdup
_ultoa
_unlock
abort
calloc
exit
fprintf
fputc
free
fwrite
localeconv
longjmp
malloc
memcpy
memmove
memset
printf
realloc
signal
strerror
strlen
strncmp
vfprintf
wcslen

Exports

Exports

Sections

.text
Size: 9.0MB - Virtual size: 9.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 13.7MB - Virtual size: 13.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 221KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 658KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 78B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 192KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
translations/qt_ca.qm
translations/qt_cs.qm
translations/qt_de.qm
translations/qt_en.qm
translations/qt_fi.qm
translations/qt_fr.qm
translations/qt_he.qm
translations/qt_hu.qm
translations/qt_it.qm
translations/qt_ja.qm
translations/qt_ko.qm
translations/qt_lv.qm
translations/qt_ru.qm

Sharing

General

Malware Config

Signatures

Files

6ccda270a497a2c5a36a7f385cc9910d

Code Sign

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34Certificate

Extended Key Usages

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0Certificate

Extended Key Usages

61:33:26:1a:00:00:00:00:00:31Certificate

Key Usages

61:16:68:34:00:00:00:00:00:1cCertificate

Extended Key Usages

Key Usages

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1aCertificate

Extended Key Usages

61:0e:90:d2:00:00:00:00:00:03Certificate

Key Usages

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13Signer

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3eSigner

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 391KB - Virtual size: 390KB

.data Size: 12KB - Virtual size: 23KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 1024B - Virtual size: 1000B

.reloc Size: 17KB - Virtual size: 17KB

48c72c12b3685003a84e2caf235b2330

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6fCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19Certificate

Extended Key Usages

Key Usages

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4bCertificate

Key Usages

fd:86:6f:d5:3e:03:39:78:5d:dc:76:c5:2a:2b:ad:5d:d5:81:ff:08Signer

Headers

DLL Characteristics

File Characteristics

Imports

libglesv2

msvcr120

kernel32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 852B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 512B - Virtual size: 388B

073d57b7886016768db36f2bc192c07c

Code Sign

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6fCertificate

Extended Key Usages

Key Usages

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6aCertificate

Extended Key Usages

Key Usages

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49Certificate

Extended Key Usages

Key Usages

33:00:00:00:34:24:31:40:c9:a0:c1:79:8d:00:00:00:00:00:34
Certificate

33:00:00:00:b0:11:af:0a:8b:d0:3b:9f:dd:00:01:00:00:00:b0
Certificate

61:33:26:1a:00:00:00:00:00:31
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate

33:00:00:00:1a:77:bb:74:b3:07:d1:16:b8:00:00:00:00:00:1a
Certificate

61:0e:90:d2:00:00:00:00:00:03
Certificate

97:5a:aa:89:27:9c:94:dc:e4:67:63:18:68:67:90:14:d7:11:ec:ba:93:b9:38:95:4c:40:24:22:95:55:18:13
Signer

72:5e:30:95:db:09:9c:26:03:aa:27:a0:ee:5c:0c:1f:e9:33:d5:3e
Signer

.text
Size: 391KB - Virtual size: 390KB

.data
Size: 12KB - Virtual size: 23KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1024B - Virtual size: 1000B

.reloc
Size: 17KB - Virtual size: 17KB

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

fd:86:6f:d5:3e:03:39:78:5d:dc:76:c5:2a:2b:ad:5d:d5:81:ff:08
Signer

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 852B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 512B - Virtual size: 388B

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

2b:d9:0a:97:a3:a4:0d:99:7f:0c:54:f0:e0:d8:61:41:86:36:62:83
Signer

.text
Size: 194KB - Virtual size: 193KB

.rdata
Size: 45KB - Virtual size: 44KB

.data
Size: 11KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 8KB

e4:12:82:66:79:32:d8:54:6f:96:d4:d4:62:32:c0:6f
Certificate

1d:a2:48:30:6f:9b:26:18:d0:82:e0:96:7d:33:d3:6a
Certificate

2b:73:db:74:63:11:4c:5a:5b:32:4a:f2:30:57:72:49
Certificate

62:5c:4d:90:8c:d5:42:fb:ab:2e:a5:73:3f:f1:54:19
Certificate

42:1a:f2:94:09:84:19:1f:52:0a:4b:c6:24:26:a7:4b
Certificate

db:22:d5:6b:c2:89:6d:23:69:f7:ff:48:80:e1:43:c4:2d:ab:59:8a
Signer

.text
Size: 2.3MB - Virtual size: 2.3MB

.rdata
Size: 2.1MB - Virtual size: 2.1MB

.data
Size: 12KB - Virtual size: 23KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 84KB - Virtual size: 84KB

33:00:00:02:66:bd:15:80:ef:a7:5c:d6:d3:00:00:00:00:02:66
Certificate

61:07:76:56:00:00:00:00:00:08
Certificate

50:67:7c:02:4e:d9:e7:b2:48:5e:3a:67:f5:fe:76:2e:a2:b1:02:b1:af:9f:27:b7:ef:b1:a6:21:40:e9:d7:39
Signer