2194688963fe0bc9762a619a49d00038bbd66bf4c90a84645abdd04bfb592cee[.]exe

Sharing

Copy URL Twitter E-mail

General

Target

2194688963fe0bc9762a619a49d00038bbd66bf4c90a84645abdd04bfb592cee.exe
Size

66.2MB
MD5

4b1d2180f614788cfc8ff5036e3baedf
SHA1

457b08ef50b22600235dd6a049321510b8ab28eb
SHA256

2194688963fe0bc9762a619a49d00038bbd66bf4c90a84645abdd04bfb592cee
SHA512

7bff1cb24a2c7bb3ac3899c2244de001fad672d8507f20bd8be8389c9adb250eda0fb18aa5f9297962471dd7f0a5a322219d9b161b0fbe6126c70273fd0b23d6
SSDEEP

1572864:zUICzDXev6RlcYuG1jsE4MaEWWMTm4jw414gy97aGzt:szBcY51js1MaE5p4jw8U7vzt

Score

10^/10

Malware Config

Signatures

Detects binaries (Windows and macOS) referencing many web browsers. Observed in information stealers. 4 IoCs

resource	yara_rule
static1/unpack001/$_56_/chrome.dll	INDICATOR_SUSPICIOUS_Binary_References_Browsers
static1/unpack001/$_56_/chrome_child.dll	INDICATOR_SUSPICIOUS_Binary_References_Browsers
static1/unpack001/$_65_/chrome.dll	INDICATOR_SUSPICIOUS_Binary_References_Browsers
static1/unpack001/$_65_/chrome_child.dll	INDICATOR_SUSPICIOUS_Binary_References_Browsers

Detects executables containing SQL queries to confidential data stores. Observed in infostealers 4 IoCs

resource	yara_rule
static1/unpack001/$_56_/chrome.dll	INDICATOR_SUSPICIOUS_EXE_SQLQuery_ConfidentialDataStore
static1/unpack001/$_56_/chrome_child.dll	INDICATOR_SUSPICIOUS_EXE_SQLQuery_ConfidentialDataStore
static1/unpack001/$_65_/chrome.dll	INDICATOR_SUSPICIOUS_EXE_SQLQuery_ConfidentialDataStore
static1/unpack001/$_65_/chrome_child.dll	INDICATOR_SUSPICIOUS_EXE_SQLQuery_ConfidentialDataStore

Detects executables referencing combination of virtualization drivers 2 IoCs

resource	yara_rule
static1/unpack001/$_56_/Assistant/2345MgrDLL.dll	INDICATOR_SUSPICIOUS_VM_Evasion_VirtDrvComb
static1/unpack001/$_56_/Assistant/2345MgrDLL64.dll	INDICATOR_SUSPICIOUS_VM_Evasion_VirtDrvComb

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$_56_/2345SafeCenterInstaller.exe

Files

2194688963fe0bc9762a619a49d00038bbd66bf4c90a84645abdd04bfb592cee.exe
.exe windows:5 windows x86 arch:x86

c552a31531df962b2298e689961d15c2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

88:85:3d:1a:b4:a3:f6:63:69:ac:ce:ef:a5:0d:de:75:08:59:68:70:7c:bb:c4:cf:78:1a:00:c5:18:69:af:aa
Signer

Actual PE Digest

88:85:3d:1a:b4:a3:f6:63:69:ac:ce:ef:a5:0d:de:75:08:59:68:70:7c:bb:c4:cf:78:1a:00:c5:18:69:af:aa

Digest Algorithm

sha256

PE Digest Matches

true

50:a8:fd:3a:81:4c:55:d7:a2:60:66:ad:b3:46:42:01:38:7b:3b:b6
Signer

Actual PE Digest

50:a8:fd:3a:81:4c:55:d7:a2:60:66:ad:b3:46:42:01:38:7b:3b:b6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetPrivateProfileStringW
WritePrivateProfileStringW
MoveFileW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetFileSize
GetTickCount
GetModuleFileNameW
GetProcAddress
GetCommandLineW
SetEnvironmentVariableW
WriteFile
GetTempPathW
SetErrorMode
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcess
GetCurrentProcessId
ExitProcess
GetVersion
GetWindowsDirectoryW
LoadLibraryW
CopyFileW
GetDiskFreeSpaceW
CreateThread
GlobalLock
GlobalUnlock
lstrcmpiW
lstrlenW
CreateDirectoryW
GetTempFileNameW
RemoveDirectoryW
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetSystemDirectoryW
GetModuleHandleA
lstrcmpiA
lstrcpyA
lstrcatW
MoveFileExW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
VirtualQuery
RtlUnwind
IsProcessorFeaturePresent
lstrcmpW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalAlloc
LoadLibraryExW
GetModuleHandleW
FreeLibrary
Sleep
GetLastError
CloseHandle
SetFileTime
SetFilePointer
SetFileAttributesW
ReadFile
GetShortPathNameW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CompareFileTime
SearchPathW
SetCurrentDirectoryW
lstrcpynW
ExpandEnvironmentStringsW

user32

ScreenToClient
GetSysColor
GetWindowLongW
SetClassLongW
LoadCursorW
SystemParametersInfoW
wsprintfA
DispatchMessageW
PeekMessageW
SetDlgItemTextW
GetDlgItemTextW
SetCursor
CharPrevW
MessageBoxIndirectW
GetSystemMetrics
IsWindowEnabled
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CheckDlgButton
EndDialog
DialogBoxParamW
GetWindowRect
TrackPopupMenu
AppendMenuW
EnableMenuItem
CreatePopupMenu
CharNextA
GetSystemMenu
IsWindowVisible
SetWindowPos
CreateWindowExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessagePos
CharNextW
ExitWindowsEx
SetWindowTextW
CreateDialogParamW
DestroyWindow
PostMessageW
LoadImageW
FindWindowExW
SetWindowLongW
InvalidateRect
ReleaseDC
GetDC
DefWindowProcW
DrawTextW
BeginPaint
EndPaint
GetClientRect
SetForegroundWindow
EnableWindow
GetDlgItem
ShowWindow
IsWindow
PostQuitMessage
SendMessageTimeoutW
SendMessageW
wsprintfW
FillRect
SetTimer

gdi32

SetBkColor
GetDeviceCaps
SetTextColor
SetBkMode
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
SetFileSecurityW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ord17

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: - Virtual size: 528KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/FileInfo.dll
.dll windows:5 windows x86 arch:x86

3a6d8acc41f04bc6deabddffc34af1cd

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

86:59:7d:93:11:87:8b:14:72:a6:15:e7:1e:6f:85:91:08:ff:06:d2:b3:de:33:50:20:3b:19:69:8d:24:22:d6
Signer

Actual PE Digest

86:59:7d:93:11:87:8b:14:72:a6:15:e7:1e:6f:85:91:08:ff:06:d2:b3:de:33:50:20:3b:19:69:8d:24:22:d6

Digest Algorithm

sha256

PE Digest Matches

true

ae:ac:cd:63:92:c4:c2:19:01:84:23:7b:5a:55:3b:35:e3:bd:68:0a
Signer

Actual PE Digest

ae:ac:cd:63:92:c4:c2:19:01:84:23:7b:5a:55:3b:35:e3:bd:68:0a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dllplugin\InstallerTool\bin\Win32\Release\pdb\FileInfo.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

WritePrivateProfileStringW
lstrcpynW
TerminateProcess
GetModuleFileNameW
GetProcessId
WaitForSingleObject
GetFileAttributesW
OpenProcess
SetFileAttributesW
Sleep
CloseHandle
LoadLibraryW
GetProcAddress
MoveFileExW
GlobalMemoryStatusEx
FreeLibrary
GetDriveTypeW
lstrlenW
GetShortPathNameW
lstrcmpiW
GetPrivateProfileStringW
GetTickCount
SizeofResource
FreeResource
LockResource
LoadResource
FindResourceW
GetCurrentProcessId
MultiByteToWideChar
GlobalAlloc
GlobalFree
WideCharToMultiByte
lstrcpyW
GetCommandLineW
LocalFree
WriteFile
SetFilePointer
CreateFileW
GetFileSize
RemoveDirectoryW
MoveFileWithProgressW
CopyFileExW
GetVersionExW
GetSystemInfo
GetModuleHandleW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
QueryDosDeviceW
GetCurrentProcess
WaitForMultipleObjects
GetACP
CreateProcessW
GetExitCodeProcess
DeleteFileW
SetFileTime
SetEndOfFile
GetFileTime
GetCurrentThreadId
SuspendThread
GetExitCodeThread
TerminateThread
SwitchToThread
OpenThread
ResumeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetVolumeInformationW
GetDiskFreeSpaceW
GetLogicalDriveStringsW
FindNextFileW
FindClose
HeapFree
HeapAlloc
GetProcessHeap
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetCurrentDirectoryW
GetWindowsDirectoryW
CopyFileW
GetTempFileNameW
MoveFileW
FormatMessageW
CreateEventW
SetEvent
ResetEvent
InterlockedExchangeAdd
ExpandEnvironmentStringsW
GetEnvironmentVariableW
LoadLibraryExW
InterlockedExchange
SetLastError
FileTimeToSystemTime
lstrcatW
InterlockedDecrement
GetModuleFileNameA
GetFileSizeEx
ReleaseMutex
CreateMutexW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeviceIoControl
ExitProcess
SetFilePointerEx
ReadFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
FindNextFileA
FindFirstFileExA
HeapSize
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
RtlUnwind
GetConsoleCP
GetFileType
GetStdHandle
ReadConsoleW
IsDebuggerPresent
OutputDebugStringW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
HeapCreate
VirtualProtect
InterlockedCompareExchange
Thread32Next
Thread32First
CreateToolhelp32Snapshot
HeapReAlloc
HeapDestroy
GetThreadContext
FlushInstructionCache
SetThreadContext
VirtualFree
VirtualAlloc
VirtualQuery
GetConsoleMode

user32

FindWindowW
wsprintfW
PostMessageW
RegisterWindowMessageW

advapi32

AdjustTokenPrivileges
GetUserNameW
DuplicateTokenEx

shell32

ord155
ord190
SHGetSpecialFolderPathW
CommandLineToArgvW
SHChangeNotify
ShellExecuteExW
SHGetFolderPathW
ShellExecuteW

ole32

CoUninitialize
PropVariantClear
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoInitialize

oleaut32

VariantChangeType
SysFreeString
VariantInit
VariantClear
SysAllocString

shlwapi

StrStrIW
StrCmpW
SHStrDupW
StrCatW
PathAppendW
PathRemoveFileSpecW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

Exports

Exports

CheckCrcAndGetValue
CheckFiles
CheckInstallTime
CheckParentProcess
CheckSystemConfiguration
CleanAnimateMark
ClearAudioReg
CopyImportantFileWithTransaction
CreateDownloadFolder
CreateLowIntegrityProcess
CreateReleaseFileProcessTmpFile
CreateScheduledTask
Delete2345ExplorerTargetShortCut
DeleteCustom2345ExplorerTargetShortCut
DeleteInstallFile
DeleteScheduledTask
EncodeJifenID
EncodeRecommendPcsafeUnionCustom
EncodeUnion
FindProc
FindProc2345Explorer
FindSubstring
FixSoftware
FixSoftwareAfterRecommendPCSafe
Get2345ExplorerPath
GetCreateDesktopGuideCloudConfig
GetCurrentSystemTime
GetFixSoftwareCloudConfig
GetInstallSafecenterCloudConfig
GetJifenInstallerParams
GetJifenUnionNameInstallerParams
GetParentProcessName
GetRandomPromotionDllPath
GetRecommendPCSafeCloudConfig
GetSDKCloudConfig
GetUnionCustomInstallerParams
GetUnionNameInstallerParams
GetValueWithCrcCode
ImpersonateUser
Init
InitInstallStatusStatistic
InitStatService
InitializeRecommendPCSafe
Install2345MgrDLL
InstallPCSafe
InstallRecommendPCSafeDll
InstallShield
IsWin10OrLater
KillProc
KillProc2345Explorer
KillProcessByPathAndName
KillProcessByPid
MergeMaskString
MyMoveFile
PinToStartMenu
PinToTaskBar
PreProcessShortCut
RevertUser
SendInstallFeatureStat
SendOverwriteFeatureStat
SendStatInfo
SendUninstallFeatureStat
SendUpgradeFeatureStat
SetInstallStep
SetUserOperation
ShieldUnlock
StartCloudConfigRequest
StartInstallServiceProcess
StartPreReleaseFileProcess
StopShield
TerminateCloudConfigRequest
UnInstallSafeCenter
UninitInstallStatusStatistic
UninitStatService
UninitializeRecommendPCSafe
Uninstall2345MgrDLL
UninstallShield
UnpinFromStartMenu
UnpinFromTaskBar
WaitForReleaseFileProcess
WriteInstallData
WriteLog

Sections

.text
Size: 885KB - Virtual size: 884KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 202KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/RCWidgetPlugin.dll
.dll windows:5 windows x86 arch:x86

1555149127b5a5bf9f369ac692b04244

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3c:80:46:cb:49:85:17:a2:07:58:5d:01:1f:2e:c0:2b:b4:4e:0f:73:c7:6f:c0:c8:a5:85:f4:59:5d:c2:7b:01
Signer

Actual PE Digest

3c:80:46:cb:49:85:17:a2:07:58:5d:01:1f:2e:c0:2b:b4:4e:0f:73:c7:6f:c0:c8:a5:85:f4:59:5d:c2:7b:01

Digest Algorithm

sha256

PE Digest Matches

true

ef:87:87:b6:ed:9d:0f:1a:fc:3a:ba:e4:72:28:6c:21:58:ad:bb:87
Signer

Actual PE Digest

ef:87:87:b6:ed:9d:0f:1a:fc:3a:ba:e4:72:28:6c:21:58:ad:bb:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\dllplugin\RCSetup\bin\Release\RCWidgetPlugin.pdb

Imports

kernel32

LocalFree
ExpandEnvironmentStringsW
GetModuleHandleW
GlobalMemoryStatusEx
SetLastError
SetEvent
WaitForSingleObject
WaitForMultipleObjects
GetFileSize
DeleteFileW
Sleep
SetEndOfFile
SetFilePointer
WriteFile
GetTickCount
InterlockedExchangeAdd
InterlockedExchange
GetCurrentProcessId
GetSystemInfo
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcatW
GetFileAttributesW
FindClose
lstrlenW
FindFirstFileW
CloseHandle
CreateFileW
SetErrorMode
ReadFile
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
lstrcpyW
VirtualQuery
OpenThread
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
SuspendThread
Thread32First
Thread32Next
InterlockedCompareExchange
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
SetEnvironmentVariableA
WideCharToMultiByte
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStringTypeW
GetModuleFileNameA
ExitProcess
FreeLibraryAndExitThread
ExitThread
TlsFree
InterlockedFlushSList
RtlUnwind
GetFileType
GetStdHandle
LoadLibraryExA
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
OutputDebugStringW
FlushInstructionCache
HeapDestroy
HeapCreate
OutputDebugStringA
GetModuleHandleExW
VirtualProtect
TlsGetValue
CreateThread
TlsAlloc
DisableThreadLibraryCalls
GetModuleHandleA
TlsSetValue
QueryPerformanceFrequency
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
FreeResource
GlobalUnlock
GlobalLock
LocalAlloc
CreateWaitableTimerW
SetWaitableTimer
MulDiv
InterlockedIncrement
InterlockedDecrement
SizeofResource
lstrcmpW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FormatMessageW
ReleaseMutex
CreateMutexW
DeviceIoControl
GetFileSizeEx
GetWindowsDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetFullPathNameW
CreateDirectoryW
GetFileTime
SetFileTime
GetProcessHeap
HeapAlloc
GetCurrentThreadId
GlobalFree
GlobalAlloc
MultiByteToWideChar
lstrcpynW
GetModuleFileNameW
FreeEnvironmentStringsW
GetPrivateProfileStringW
HeapFree
LoadLibraryExW
ResetEvent
CreateEventW
GetEnvironmentVariableW
InitializeCriticalSection
LeaveCriticalSection
GetLongPathNameW
GetFileAttributesExW
lstrcmpiW
LockResource
LoadResource
FindResourceW
GetVolumeInformationW
GetDiskFreeSpaceW
GetLogicalDriveStringsW
ResumeThread
GetACP
FindNextFileW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
FileTimeToSystemTime
EnterCriticalSection
SwitchToThread

user32

DefWindowProcW
wsprintfW
CallWindowProcW
PostMessageW
DestroyWindow
SetWindowPos
MessageBoxW
CharPrevW
CharNextW
ReleaseCapture
GetActiveWindow
EndDialog
UnregisterClassW
LoadIconW
GetWindowLongW
SetWindowLongW
GetPropW
RemovePropW
GetForegroundWindow
SetPropW
GetAsyncKeyState
GetFocus
LoadStringW
DestroyAcceleratorTable
CreateAcceleratorTableW
EnumThreadWindows
RegisterWindowMessageW
GetAncestor
GetSysColor
GetSystemMetrics
SendMessageW
DrawIconEx
SetForegroundWindow
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
LoadBitmapW
LoadImageW
GetDesktopWindow
SetCaretPos
AttachThreadInput
SystemParametersInfoW
SetRectEmpty
MsgWaitForMultipleObjects
FillRect
UpdateLayeredWindow
SetRect
GetClassLongW
UnionRect
PtInRect
GetKeyboardState
GetCaretBlinkTime
ToAscii
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
RegisterClassExW
GetClassInfoExW
GetWindowThreadProcessId
GetWindowTextLengthW
AdjustWindowRectEx
ShowWindowAsync
GetWindow
GetDC
IsWindowVisible
MonitorFromWindow
SetWindowRgn
ShowWindow
InvalidateRgn
OpenClipboard
SetTimer
GetIconInfo
GetCursorPos
ReleaseDC
IsIconic
GetDCEx
InvalidateRect
GetParent
IsZoomed
GetClientRect
SetCursor
GetWindowDC
LoadCursorW
IntersectRect
IsRectEmpty
ClientToScreen
CopyRect
RedrawWindow
OffsetRect
IsWindow
CreateWindowExW
EnumChildWindows
EqualRect
GetWindowRect
DialogBoxParamW
SetWindowTextW
SetCapture
TrackMouseEvent
ScreenToClient
GetKeyState
GetWindowTextW
EnableWindow
EndPaint
BeginPaint
KillTimer
GetDlgItem
SetParent
GetClassNameW
SetFocus
MoveWindow
ValidateRect
MapWindowPoints
IsChild
GetMonitorInfoW

gdi32

CreateCompatibleBitmap
BitBlt
CreatePolygonRgn
CreateRectRgnIndirect
SetWorldTransform
GetStockObject
SelectObject
GetDeviceCaps
CreateFontIndirectW
CreateSolidBrush
CreateCompatibleDC
SetTextColor
GetClipBox
GetObjectW
SetViewportOrgEx
DeleteDC
EnumFontsW
PtInRegion
CreateRoundRectRgn
CreateDIBSection
GetDIBits
CreateDCW
ExtTextOutW
SetBkColor
GetRgnBox
DeleteObject
SetGraphicsMode

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
DragQueryFileW
DragFinish
SHGetSpecialFolderPathW

ole32

StringFromGUID2
CLSIDFromProgID
OleInitialize
CLSIDFromString
OleLockRunning
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoUninitialize

oleaut32

LoadRegTypeLi
SysFreeString
OleCreateFontIndirect
DispCallFunc
SysStringLen
SysAllocStringLen
VariantClear
VarUI4FromStr
SysAllocString
VariantInit
LoadTypeLi

shlwapi

StrToIntA
PathFindFileNameW
PathFileExistsW
PathAppendW
StrDupW
PathIsRootW
ord12

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipGetImageWidth
GdipBitmapLockBits
GdipFree
GdipCloneBitmapAreaI
GdipGetImagePixelFormat
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImageHeight
GdipSetStringFormatFlags
GdipCloneRegion
GdipGetFamilyName
GdipDeleteMatrix
GdipDrawImageRectRectI
GdipSetStringFormatAlign
GdipCreatePen1
GdipDeletePen
GdipTranslateWorldTransform
GdipGetFontSize
GdipDeleteFont
GdipDeleteStringFormat
GdipDeleteGraphics
ord1
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipDeleteRegion
GdipMeasureString
GdipCloneBrush
GdipRestoreGraphics
GdipRotateWorldTransform
GdipStringFormatGetGenericTypographic
GdipGetCellAscent
GdipSetTextRenderingHint
GdipCloneStringFormat
GdipGetMatrixElements
GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipCreateFromHDC
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipDrawString
GdipDrawPath
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipCreateBitmapFromScan0
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdiplusStartup
GdiplusShutdown
GdipSetCompositingMode
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipCreateHBITMAPFromBitmap
GdipAddPathString
GdipGetTextRenderingHint
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipAddPathBezierI
GdipCombineRegionPath
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathRectangleI
GdipCreateBitmapFromFile
GdipSetPixelOffsetMode
GdipSetTextureTransform
GdipSetLineTransform
GdipGetBrushType
GdipCombineRegionRegion

imm32

ImmNotifyIME
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

winmm

timeGetTime

psapi

GetMappedFileNameW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

advapi32

RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW

Exports

Exports

CheckInstall
CheckSoftwareIsInstall
GetCheckValue
GetInstDir
Init
OnInstall
OnInstallFinish
OnPreInstall
OnUninstall
OnUpdateLater
PopInt
PopString
PushInt
PushString
ReadUserOption
SetDiskNoSpace
SetIEHomepage
SetInstallPCSafe
SetProgress
ShowInstall
ShowInstallFinish
ShowUnInstall

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:6 windows x86 arch:x86

216ff05c01e38b13fee53b7ace6b1894

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:2a:29:61:3d:2e:db:f3:c1:d8:06:ab:50:62:3e:3c:ce:8a:52:6d:8c:a2:53:79:ce:9c:25:cb:c3:dd:a4:98
Signer

Actual PE Digest

e2:2a:29:61:3d:2e:db:f3:c1:d8:06:ab:50:62:3e:3c:ce:8a:52:6d:8c:a2:53:79:ce:9c:25:cb:c3:dd:a4:98

Digest Algorithm

sha256

PE Digest Matches

true

01:ff:77:6e:f8:da:13:72:ac:88:d1:3e:ed:4e:11:10:e9:9f:01:22
Signer

Actual PE Digest

01:ff:77:6e:f8:da:13:72:ac:88:d1:3e:ed:4e:11:10:e9:9f:01:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalSize
GlobalFree
lstrcpynW
lstrcpyW
GetLastError
VirtualAlloc
VirtualFree
VirtualProtect
FreeLibrary
GetModuleHandleW
GetProcAddress
lstrlenW
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/libcurl_x86.dll
.dll windows:6 windows x86 arch:x86

a996403d816908e79c3d6e0ea1cbe2e2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2
Signer

Actual PE Digest

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2

Digest Algorithm

sha256

PE Digest Matches

true

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e
Signer

Actual PE Digest

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\dev\RCFL\vendor\depends\curl\out\bin\Win32\release_static\pdb\libcurl_x86.pdb

Imports

ws2_32

bind
closesocket
connect
getpeername
getsockopt
htons
ntohs
recv
setsockopt
socket
WSASetLastError
WSAIoctl
getaddrinfo
freeaddrinfo
gethostname
accept
WSAGetLastError
listen
ioctlsocket
__WSAFDIsSet
select
send
WSAStartup
WSACleanup
recvfrom
sendto
getsockname
shutdown
htonl
ntohl
gethostbyname
getservbyname

wldap32

ord145
ord219
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

kernel32

FindNextFileA
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
RaiseException
ReadConsoleW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleFileNameW
GetProcessHeap
RtlUnwind
FatalAppExitA
CreateSemaphoreW
GetStartupInfoW
FindFirstFileA
GetFullPathNameA
HeapSize
SetEndOfFile
WriteConsoleW
GetCurrentDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsA
Sleep
GetLastError
SetLastError
FormatMessageA
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
WriteFile
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GlobalMemoryStatus
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CreateEventW
SetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
OutputDebugStringW
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CreateThread
ExitThread
LoadLibraryExW
HeapFree
HeapAlloc
HeapReAlloc
SetFilePointerEx
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
GetCommandLineA
SetConsoleCtrlHandler
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers

user32

ReleaseDC
GetDC
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

gdi32

DeleteObject
GetDeviceCaps
GetDIBits
GetObjectA
CreateCompatibleBitmap

advapi32

RegisterEventSourceA
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
DeregisterEventSource

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/upgrade_data.dll
.dll windows:5 windows x86 arch:x86

11e67fb6c0ba40a29d0d67dc345da7b5

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:e7:81:00:b6:a9:0e:b1:f0:a5:38:60:26:26:79:9f:c7:d0:46:95:6c:c6:9f:4b:18:a1:9e:d0:38:9c:3e:d9
Signer

Actual PE Digest

18:e7:81:00:b6:a9:0e:b1:f0:a5:38:60:26:26:79:9f:c7:d0:46:95:6c:c6:9f:4b:18:a1:9e:d0:38:9c:3e:d9

Digest Algorithm

sha256

PE Digest Matches

true

9e:55:a4:df:42:41:df:65:4c:ea:8b:0e:ec:3f:e0:cc:8a:25:a6:d8
Signer

Actual PE Digest

9e:55:a4:df:42:41:df:65:4c:ea:8b:0e:ec:3f:e0:cc:8a:25:a6:d8

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V56_87\src\out\official_release\upgrade_data.dll.pdb

Imports

kernel32

FreeEnvironmentStringsW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetSystemDirectoryW
GetWindowsDirectoryW
HeapSize
HeapFree
HeapReAlloc
HeapAlloc
WideCharToMultiByte
MultiByteToWideChar
lstrcpyW
lstrcpynW
GlobalFree
GlobalAlloc
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
ReadConsoleW
GetDriveTypeW
WriteConsoleW
EnumSystemLocalesW
SetLastError
WriteFile
OutputDebugStringA
GetModuleFileNameW
CreateFileW
GetLastError
QueryPerformanceFrequency
DeleteFileW
CloseHandle
GetLocalTime
GetCurrentDirectoryW
GetCurrentProcessId
FormatMessageA
QueryPerformanceCounter
GetTickCount
GetProcAddress
GetModuleHandleW
CreateDirectoryW
ReadFile
GetCurrentProcess
RemoveDirectoryW
GetTempPathW
GetFileAttributesW
UnmapViewOfFile
SetFileAttributesW
GetFileAttributesExW
CopyFileW
CreateFileMappingW
MapViewOfFile
GetCommandLineW
LocalFree
GetSystemInfo
SetThreadPriority
WaitForSingleObject
GetCurrentThreadId
DuplicateHandle
Sleep
GetCurrentThread
GetThreadPriority
RaiseException
CreateThread
IsDebuggerPresent
GetFileSizeEx
LockFile
SetEndOfFile
UnlockFile
SetFilePointerEx
FlushFileBuffers
SystemTimeToFileTime
GetThreadTimes
GetSystemTimeAsFileTime
FindFirstFileW
FindFirstFileExW
FindNextFileW
FindClose
TryEnterCriticalSection
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SwitchToThread
DeleteCriticalSection
GetModuleHandleExW
GetVersionExW
GetNativeSystemInfo
GetModuleFileNameA
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
TerminateProcess
CreateEventW
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
LoadLibraryW
FreeLibrary
WaitForMultipleObjects
SetEvent
ResetEvent
GetQueuedCompletionStatus
PostQueuedCompletionStatus
CreateIoCompletionPort
InitializeCriticalSection
DeviceIoControl
lstrcatW
lstrlenW
LoadLibraryA
GetThreadLocale
CreateFileA
GetTimeZoneInformation
GetSystemTime
GetProcessHeap
GetFileSize
LockFileEx
CreateFileMappingA
HeapDestroy
HeapCompact
DeleteFileA
WaitForSingleObjectEx
FlushViewOfFile
OutputDebugStringW
GetFileAttributesA
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapValidate
CreateMutexW
UnlockFileEx
GetFullPathNameA
SetFilePointer
GetDiskFreeSpaceW
GetFullPathNameW
HeapCreate
AreFileApisANSI
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
InterlockedPushEntrySList
InterlockedFlushSList
RtlUnwind
LoadLibraryExW
GetConsoleCP
GetConsoleMode
SetStdHandle
GetFileType
ExitProcess
GetACP
GetStdHandle
IsValidLocale
GetUserDefaultLCID
GetEnvironmentVariableW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
CommandLineToArgvW

user32

SetWindowLongW
PostMessageW
DispatchMessageW
RegisterClassExW
CreateWindowExW
DestroyWindow
DefWindowProcW
GetWindowLongW
UnregisterClassW
PostQuitMessage
KillTimer
TranslateMessage
GetQueueStatus
MsgWaitForMultipleObjectsEx
PeekMessageW
SetTimer

iphlpapi

GetAdaptersAddresses

advapi32

SystemFunction036
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod

Exports

Exports

DataUpgrade
DataUpgradeTest
DataUpgradeTest2
GetHandleVerifier
JoinUserExperienceProgram
TopTab
UpdateDefaultProfile

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 425KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_17_/GameHall_2345/2345GameHall.exe
.exe windows:5 windows x86 arch:x86

8869276eb0e2a3f0de7742daa57a3c5b

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6d:ed:b1:f5:09:7a:b9:85:19:b8:c5:29:bd:42:77:2d:05:b2:20:d2:20:29:8e:a0:38:63:38:8c:47:a0:64:b1
Signer

Actual PE Digest

6d:ed:b1:f5:09:7a:b9:85:19:b8:c5:29:bd:42:77:2d:05:b2:20:d2:20:29:8e:a0:38:63:38:8c:47:a0:64:b1

Digest Algorithm

sha256

PE Digest Matches

true

4f:a7:dc:f4:39:4d:aa:d8:2a:16:b1:c3:bf:30:a4:97:e1:aa:85:73
Signer

Actual PE Digest

4f:a7:dc:f4:39:4d:aa:d8:2a:16:b1:c3:bf:30:a4:97:e1:aa:85:73

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\gamehall\GameHall\out\Release\2345GameHall.pdb

Imports

kernel32

GetProcAddress
CloseHandle
HeapAlloc
GetCurrentProcess
HeapFree
GetModuleHandleW
GetProcessHeap
GetModuleFileNameW
GetFileSize
SetFilePointer
OpenMutexW
CreateFileW
RemoveDirectoryW
CreateProcessW
lstrcmpiW
GetCurrentProcessId
FindFirstFileW
FileTimeToSystemTime
FindClose
WritePrivateProfileStringW
LoadLibraryW
GetPrivateProfileStringW
FreeLibrary
WriteFile
SetErrorMode
SetEnvironmentVariableA
FlushFileBuffers
ReadConsoleW
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetFileAttributesW
ExpandEnvironmentStringsW
CreateMutexW
WaitForSingleObject
Sleep
GetLastError
ReleaseMutex
GetLongPathNameW
GetFileAttributesExW
FindResourceW
LoadResource
GetVersionExW
LockResource
GetSystemInfo
OpenProcess
QueryDosDeviceW
WideCharToMultiByte
GetACP
MultiByteToWideChar
FindNextFileW
GetEnvironmentVariableW
GetCurrentThreadId
LocalFree
SetEndOfFile
SetFileTime
ReadFile
GetFileTime
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
lstrlenW
GetFileSizeEx
DeleteFileW
GetFullPathNameW
GetTempFileNameW
MoveFileExW
CreateDirectoryW
GetSystemDirectoryW
CopyFileW
GetTempPathW
GetCurrentDirectoryW
MoveFileW
GetWindowsDirectoryW
SetFileAttributesW
GetLogicalDriveStringsW
LoadLibraryExW
GetTickCount
FormatMessageW
GlobalMemoryStatusEx
SetEvent
WaitForMultipleObjects
ResetEvent
CreateEventW
InterlockedExchangeAdd
InterlockedExchange
SetLastError
InitializeCriticalSectionAndSpinCount
ResumeThread
GetExitCodeProcess
DeviceIoControl
EncodePointer
DecodePointer
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
RtlUnwind
GetSystemTimeAsFileTime
CreateThread
ExitThread
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
GetTimeZoneInformation
HeapReAlloc
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
OutputDebugStringW

shlwapi

SHGetValueW

Sections

.text
Size: 884KB - Virtual size: 883KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_17_/GameHall_2345/coral_extract.dll
.dll windows:4 windows x86 arch:x86

27078d36f37371b0a00fb89ab0cc3581

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be
Signer

Actual PE Digest

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be

Digest Algorithm

sha256

PE Digest Matches

true

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b
Signer

Actual PE Digest

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\rczip.dev\trunk\bin\Win32\release\pdb\Extract7z.pdb

Imports

kernel32

GetProcAddress
VirtualAlloc
GetModuleHandleW
VirtualFree
InterlockedExchangeAdd
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetLastError
ReadFile
CreateFileW
SetFilePointer
CloseHandle
LoadLibraryW
FreeLibrary
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetFileAttributesW
FormatMessageW
LocalFree
FindFirstFileW
FindClose
FindNextFileW
DeleteFileW
CreateDirectoryW
GetFileSize
GetFullPathNameW
SetFileTime
GetTempFileNameW
SetFileAttributesW
MoveFileW
lstrlenW
SetEndOfFile
FindResourceW
WaitForMultipleObjects
CreateEventW
ResetEvent
WaitForSingleObject
SetEvent
CreateThread
ExitThread
ResumeThread

user32

LoadStringW

Exports

Exports

ExtractArchive

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_21_/2345Explorer/User Data/Default/FaviconsV3
$_21_/2345Explorer/User Data/Default/TempOnlinedata/A5.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AA0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AB0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AD1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AE0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AF0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AG0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AI0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AJ1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AK1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AL2.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AP0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AQ0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AR0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AS0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AT1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AW0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AX0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/AY0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/B1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BA1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BB0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BC0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BD0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BE0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BF1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BG1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BH0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BI0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BJ0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BK0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/BL0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/C.ini
$_21_/2345Explorer/User Data/Default/TempOnlinedata/C3.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/D1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/E1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/G0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/H5.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/J0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/K1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/L0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/N2.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/O1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/P4.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/Q1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/R8.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/S1.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/U0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/V0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/W0.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/Y2.data
$_21_/2345Explorer/User Data/Default/TempOnlinedata/Z0.data
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/0A769DCC9171C2D65859358BC914EA0A.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/19B1E1822F836B48AD265D535871A4A2.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/1BD32688A1AFEE390A9BAA2F980F51C5.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/330AAA4A96A46A07C94ED7354B3FAB20.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/41230D9A154D1A90D5EB5C1AE37BB209.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/46E9C14A58C4EF7625A2C4C27E740B2B.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/62EC2E3F32D22D641A5244295E4A5163.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/67207B521013E18730BA6B7947CEB1F3.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/91739D10F91EBA1695D944B9001A8CA2.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/BB35D9B59F4CC10D8FA23899F8CBB054.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/D42116CE4D6D78DCE0A1927AF0B40F79.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/EECDB8AC8759019D28F5B7F20EE7CC69.jpg
.jpg
$_21_/2345Explorer/User Data/Default/Thumbnails/v1/thumbnailslist
$_22_/clear_cache.exe
.exe windows:5 windows x86 arch:x86

3c953ec4645cac3aae6598d8162b94b0

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

2e:80:ab:a1:e6:9f:d8:b5:f1:ae:75:45:a1:62:e7:09:f2:1d:a9:ac:cb:05:ba:d5:b3:cc:27:1a:32:c9:08:e5
Signer

Actual PE Digest

2e:80:ab:a1:e6:9f:d8:b5:f1:ae:75:45:a1:62:e7:09:f2:1d:a9:ac:cb:05:ba:d5:b3:cc:27:1a:32:c9:08:e5

Digest Algorithm

sha256

PE Digest Matches

true

f3:11:e1:56:7b:b3:c3:12:74:96:18:9f:48:f4:7d:99:57:41:3a:63
Signer

Actual PE Digest

f3:11:e1:56:7b:b3:c3:12:74:96:18:9f:48:f4:7d:99:57:41:3a:63

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\trunk\dllplugin\ClearCache\Release\clear_cache.pdb

Imports

kernel32

LocalFree
GetCommandLineW
GetShortPathNameW
OpenMutexW
CreateMutexW
lstrcatW
GetFileAttributesW
CloseHandle
GetProcAddress
GetModuleHandleA
lstrcpynW
lstrlenW
LoadLibraryW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
LCMapStringW
HeapReAlloc
LoadLibraryExW
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
RaiseException
RtlUnwind
GetLastError
HeapFree
HeapAlloc
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
HeapSize
SetLastError
GetCurrentThreadId
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
CreateFileW

shell32

ord155
ShellExecuteW
SHFileOperationW
SHGetSpecialFolderPathW
CommandLineToArgvW
ord190

ole32

CoUninitialize
PropVariantClear
CoCreateInstance
CoInitialize

shlwapi

PathAppendW
PathFileExistsW
PathRemoveFileSpecW
SHStrDupW
PathStripPathW

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/10.25.0.21758.manifest
$_56_/2345Explorer.exe
.exe windows:5 windows x86 arch:x86

2c7bbba8114a1db482eb2a2ac8bfb8cb

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:1e:05:29:f2:dc:b3:76:cb:48:ff:37:40:9e:f0:38:e0:66:91:d9:1b:b6:e8:17:d8:4a:4f:4d:30:70:15:e2
Signer

Actual PE Digest

11:1e:05:29:f2:dc:b3:76:cb:48:ff:37:40:9e:f0:38:e0:66:91:d9:1b:b6:e8:17:d8:4a:4f:4d:30:70:15:e2

Digest Algorithm

sha256

PE Digest Matches

true

a1:37:97:87:d2:9c:f6:ba:32:6d:05:f2:ba:4a:da:4d:59:33:f3:27
Signer

Actual PE Digest

a1:37:97:87:d2:9c:f6:ba:32:6d:05:f2:ba:4a:da:4d:59:33:f3:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\V68_45\src\out\official_release\2345Explorer.exe.pdb

Imports

advapi32

AccessCheck
AllocateAndInitializeSid
CheckTokenMembership
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
CopySid
CreateProcessAsUserW
CreateRestrictedToken
CreateWellKnownSid
DuplicateToken
DuplicateTokenEx
EqualSid
FreeSid
GetAce
GetKernelObjectSecurity
GetLengthSid
GetNamedSecurityInfoW
GetSecurityDescriptorSacl
GetSecurityInfo
GetSidSubAuthority
GetTokenInformation
ImpersonateLoggedOnUser
InitializeSid
IsValidSid
LookupAccountSidW
LookupPrivilegeValueW
MapGenericMask
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDisablePredefinedCache
RegOpenKeyExW
RegQueryValueExW
RevertToSelf
SetEntriesInAclW
SetKernelObjectSecurity
SetSecurityInfo
SetThreadToken
SetTokenInformation
SystemFunction036

shlwapi

PathFileExistsW
PathRemoveFileSpecW

user32

CloseDesktop
CloseWindowStation
CreateDesktopW
CreateWindowExW
CreateWindowStationW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetProcessWindowStation
GetQueueStatus
GetThreadDesktop
GetUserObjectInformationW
GetWindowLongW
KillTimer
MessageBoxW
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
RegisterClassExW
SetProcessWindowStation
SetTimer
SetWindowLongW
TranslateMessage
UnregisterClassW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

AssignProcessToJobObject
CloseHandle
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
CreateToolhelp32Snapshot
DebugBreak
DecodePointer
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHandleCount
GetProcessHeaps
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
ProcessIdToSessionId
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ResetEvent
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetCurrentDirectoryW
SetEvent
SetFilePointerEx
SetHandleInformation
SetInformationJobObject
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SwitchToThread
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWaitEx
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
lstrlenW

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

Exports

Exports

GetHandleVerifier
InitializeSandboxInfo
IsSandboxedProcess

Sections

.text
Size: 569KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/2345Recommender.exe
.exe windows:5 windows x86 arch:x86

6c549a7e5ea7659b53cc36e030d81164

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

24:be:0e:e4:fc:7d:3c:89:f7:3b:51:dd:6f:13:bb:ef:5b:79:79:78:f6:df:d9:b9:e3:0e:81:86:1c:34:24:88
Signer

Actual PE Digest

24:be:0e:e4:fc:7d:3c:89:f7:3b:51:dd:6f:13:bb:ef:5b:79:79:78:f6:df:d9:b9:e3:0e:81:86:1c:34:24:88

Digest Algorithm

sha256

PE Digest Matches

true

16:1c:ec:d2:ea:de:7a:56:dd:54:cb:00:2a:df:8b:b3:f3:e4:c1:0b
Signer

Actual PE Digest

16:1c:ec:d2:ea:de:7a:56:dd:54:cb:00:2a:df:8b:b3:f3:e4:c1:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\FileDownloader\FileDownloader\bin\release_static\2345Recommender.pdb

Imports

gdiplus

GdipCreateRegion
GdipDeleteMatrix
GdipBitmapLockBits
GdipRestoreGraphics
GdipReleaseDC
GdipTranslateWorldTransform
GdipGetWorldTransform
GdipGetDC
GdipTransformPointsI
GdipDeleteRegion
GdipGetClipBoundsI
GdipSaveGraphics
GdipBitmapUnlockBits
GdipGraphicsClear
GdipGetMatrixElements
GdipGetClip
GdipCreateMatrix
GdipScaleWorldTransform
GdipDrawImagePointRectI
GdipGetRegionHRgn
GdipCloneBitmapAreaI
GdiplusStartup
GdipSetPixelOffsetMode
GdipCloneImage
GdipGetImagePaletteSize
GdipDisposeImage
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipGetImagePalette
GdiplusShutdown
GdipDeleteStringFormat
GdipGetImageWidth
GdipCreateStringFormat
GdipFillRectangleI
GdipCreateFontFromLogfontW
GdipCreateHBITMAPFromBitmap
GdipDrawString
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreateSolidFill
GdipSetStringFormatAlign
GdipDeleteFont
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipMeasureString
GdipDrawImageRectRectI
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipCloneBrush
GdipDeleteBrush
GdipDrawImageRectRect
GdipDeleteGraphics
GdipAlloc
GdipCreateFromHDC
GdipSetClipRectI
GdipFree
GdipSetCompositingMode

kernel32

FindResourceW
LoadResource
SizeofResource
LockResource
OpenFileMappingW
ResumeThread
FindFirstFileW
CreateFileW
WideCharToMultiByte
GetACP
MultiByteToWideChar
InitializeCriticalSection
SetEvent
ResetEvent
CreateEventW
InterlockedExchangeAdd
GetTickCount
Sleep
GetFullPathNameW
MoveFileExW
CreateDirectoryW
lstrlenW
SetFileAttributesW
FindClose
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
HeapAlloc
HeapFree
GetProcessHeap
GlobalAlloc
GlobalFree
LocalFree
FormatMessageW
GlobalLock
GlobalUnlock
MulDiv
WriteConsoleW
SetStdHandle
ReadConsoleW
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetFileType
GetStdHandle
HeapReAlloc
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
RtlUnwind
GetSystemTimeAsFileTime
LoadLibraryExW
ExitThread
CreateThread
GetCommandLineW
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
GetStringTypeW
EncodePointer
InitializeCriticalSectionAndSpinCount
RaiseException
GetLastError
DecodePointer
DeleteCriticalSection
GetCurrentProcess
GetModuleHandleW
GetVersionExW
LeaveCriticalSection
FlushInstructionCache
SetLastError
GetProcAddress
EnterCriticalSection
GetCurrentThreadId
UnmapViewOfFile
MapViewOfFile
FreeResource
FreeLibrary
GetLongPathNameW
GetTempPathW
GetFileAttributesW
WaitForSingleObject
GetVersion
CloseHandle
WinExec
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
DeleteFileW
lstrcatW
MoveFileW
GetModuleFileNameW
LoadLibraryW

user32

IsRectEmpty
SetWindowRgn
DialogBoxParamW
SetRect
RemovePropW
ReleaseCapture
UnionRect
TrackMouseEvent
SetCapture
GetForegroundWindow
EnableWindow
GetClassLongW
InflateRect
GetDlgItem
SetRectEmpty
RedrawWindow
SetCursor
GetWindowThreadProcessId
UnregisterClassW
DefWindowProcW
DestroyWindow
CallWindowProcW
DestroyIcon
DestroyMenu
SendMessageW
CreateWindowExW
IsWindow
GetCursorPos
GetDesktopWindow
SetWindowLongW
ReleaseDC
GetWindowLongW
LoadIconW
RegisterClassExW
GetDC
GetClassInfoExW
GetMenuDefaultItem
LoadCursorW
SetForegroundWindow
GetSubMenu
KillTimer
PostMessageW
RegisterWindowMessageW
TrackPopupMenu
IsMenu
SetTimer
GetPropW
IsWindowVisible
GetActiveWindow
LoadBitmapW
ShowWindow
SetWindowPos
EndDialog
BringWindowToTop
InvalidateRect
SetPropW
IsIconic
CopyRect
OffsetRect
PtInRect
SystemParametersInfoW
BeginPaint
UpdateLayeredWindow
GetClientRect
GetParent
GetWindowRect
ScreenToClient
EndPaint
GetWindow
GetMonitorInfoW
SetWindowTextW
MapWindowPoints
MonitorFromWindow

gdi32

DeleteObject
SetGraphicsMode
SetTextColor
SetBrushOrgEx
SetDCBrushColor
SetArcDirection
SetBkMode
SelectClipRgn
SetDCPenColor
SetStretchBltMode
SetWorldTransform
SetROP2
CreatePolygonRgn
SetViewportOrgEx
SetBkColor
ExtTextOutW
BitBlt
EnumFontsW
CreateFontIndirectW
GetObjectW
GetStockObject
DeleteDC
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

SHGetFolderPathW
ShellExecuteExW
Shell_NotifyIconW

ole32

OleInitialize
CreateStreamOnHGlobal

shlwapi

PathRemoveFileSpecW
StrToIntA

comctl32

InitCommonControlsEx
_TrackMouseEvent

Sections

.text
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/2345SafeCenterInstaller.exe
.exe windows:5 windows x86 arch:x86

a4ffcde1c017c903b0764627fb14a028

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\RhinoProtect\Publish\OutPut\bin\Win32\release\pdb\2345SafeCenterInstaller.pdb

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

GetEnvironmentVariableW
GetLogicalDriveStringsW
VirtualQuery
GetPrivateProfileStringW
DeleteFileW
GetTickCount
MoveFileW
WriteFile
CreateFileW
GetUserDefaultLangID
GetModuleHandleExW
ReleaseMutex
SetFileAttributesW
VirtualFree
VirtualProtect
QueryDosDeviceW
GetExitCodeProcess
GetModuleHandleW
CreateProcessW
GetProcessHeap
LocalFree
HeapAlloc
OpenProcess
WaitForSingleObject
WaitForMultipleObjects
HeapFree
MoveFileExW
SetErrorMode
GetCurrentProcess
OpenMutexW
GetCurrentProcessId
CloseHandle
Sleep
GetModuleFileNameW
VirtualAlloc
GetModuleHandleA
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetDriveTypeW
SearchPathW
ExpandEnvironmentStringsW
GetFileAttributesW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
GetVolumeInformationW
GetDiskFreeSpaceW
GetACP
MultiByteToWideChar
WideCharToMultiByte
TerminateProcess
lstrlenW
GetVersionExW
LockResource
GetSystemInfo
LoadResource
FindResourceW
lstrcmpiW
LoadLibraryExW
GetCurrentThreadId
GetComputerNameExW
ReadFile
SetFileTime
SetFilePointer
SetEndOfFile
GetFileSize
GetFileTime
TryEnterCriticalSection
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateEventW
SetEvent
ResetEvent
FindNextFileW
CreateMutexW
CreateDirectoryW
GetFullPathNameW
RemoveDirectoryW
GetTempPathW
GetCurrentDirectoryW
GetWindowsDirectoryW
CopyFileW
GetTempFileNameW
GetFileSizeEx
FormatMessageW
FileTimeToSystemTime
GlobalMemoryStatusEx
InterlockedExchangeAdd
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
InterlockedExchange
SetLastError
ResumeThread
DeviceIoControl
EncodePointer
GetCPInfo
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetLocalTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
GetStdHandle
GetFileType
OutputDebugStringW
RtlUnwind
InterlockedPushEntrySList
InterlockedFlushSList
CreateThread
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetCurrentThread
HeapReAlloc
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
FlushFileBuffers
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
WaitForSingleObjectEx
SetStdHandle
HeapSize
WriteConsoleW
InterlockedDecrement
InterlockedIncrement
PeekNamedPipe
GetExitCodeThread
GetOverlappedResult
WaitNamedPipeW
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
ReleaseSemaphore
InterlockedPopEntrySList
QueryDepthSList
UnregisterWaitEx
FindClose
CreateTimerQueueTimer
OpenFileMappingW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
DuplicateHandle
CreateTimerQueue
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation

user32

wsprintfW

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW

shell32

SHGetFolderPathW
SHGetSpecialFolderPathW

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Assistant/2345InstUI.dll
.dll windows:5 windows x86 arch:x86

d08960554e6a4af4919731e20cdb9ead

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:aa:a3:47:dc:d9:23:d2:ba:75:ae:bf:1b:3a:e6:14:ef:15:ab:bc:58:36:55:77:29:2b:32:8d:8f:dd:d1:12
Signer

Actual PE Digest

f9:aa:a3:47:dc:d9:23:d2:ba:75:ae:bf:1b:3a:e6:14:ef:15:ab:bc:58:36:55:77:29:2b:32:8d:8f:dd:d1:12

Digest Algorithm

sha256

PE Digest Matches

true

d7:e8:c1:d6:c7:9a:94:d1:68:90:c9:41:eb:59:be:bd:a9:38:da:02
Signer

Actual PE Digest

d7:e8:c1:d6:c7:9a:94:d1:68:90:c9:41:eb:59:be:bd:a9:38:da:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\CommonPlatform\2345InstAgent\bin\Win32\Release\2345InstUI.pdb

Imports

sensapi

IsNetworkAlive

kernel32

CreateMutexW
ReleaseMutex
GetCurrentProcessId
FindResourceW
LoadResource
GetVersionExW
LockResource
GetSystemInfo
lstrlenW
lstrcatW
lstrcpyW
OpenProcess
QueryDosDeviceW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
FindClose
FindNextFileW
SetEvent
ResetEvent
CreateEventW
InterlockedExchangeAdd
GetFileSizeEx
DeleteFileW
HeapAlloc
HeapFree
GetProcessHeap
GlobalFree
LocalFree
GetTickCount
InterlockedExchange
FileTimeToSystemTime
WaitForMultipleObjects
GetLogicalDriveStringsW
GetFullPathNameW
CreateDirectoryW
GetTempPathW
GetCurrentDirectoryW
GetEnvironmentVariableW
FormatMessageW
LoadLibraryExW
GlobalMemoryStatusEx
DeviceIoControl
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
ReleaseSemaphore
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
CreateTimerQueue
DuplicateHandle
InitializeCriticalSectionAndSpinCount
lstrcpynW
lstrcmpW
RaiseException
ExpandEnvironmentStringsW
GetFileAttributesW
GetModuleHandleW
ResumeThread
WaitForSingleObject
CloseHandle
GetFileTime
CreateFileW
ReadFile
WriteFile
SetFileTime
SetEndOfFile
SetFilePointer
GetFileSize
InitializeCriticalSection
MultiByteToWideChar
GetACP
WideCharToMultiByte
GetCurrentThreadId
EnterCriticalSection
SetLastError
VirtualQuery
SuspendThread
CreateToolhelp32Snapshot
OpenThread
Thread32Next
Thread32First
InterlockedCompareExchange
SetThreadContext
FlushInstructionCache
GlobalUnlock
GetModuleFileNameW
MulDiv
LeaveCriticalSection
Sleep
GlobalAlloc
GlobalLock
GetCurrentProcess
SetErrorMode
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryW
GetLastError
EncodePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetThreadContext
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
HeapDestroy
HeapCreate
GetModuleHandleA
DisableThreadLibraryCalls
OutputDebugStringA
VirtualProtect
GetCommandLineA
CreateThread
ExitThread
RtlUnwind
ExitProcess
GetModuleHandleExW
HeapSize
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentThread
GetStdHandle
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
FreeLibrary
DeleteCriticalSection
DecodePointer
TlsAlloc
TlsGetValue
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
QueryPerformanceFrequency
FreeResource
SetWaitableTimer
CreateWaitableTimerW
LocalAlloc
SizeofResource
SetEnvironmentVariableA
ReadConsoleW
WriteConsoleW
SetStdHandle
FlushFileBuffers
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeZoneInformation
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue

user32

DialogBoxParamW
ReleaseCapture
CreateWindowExW
IsWindow
EnumChildWindows
SetWindowPos
GetSysColor
GetDesktopWindow
RedrawWindow
GetDlgItem
SetWindowTextW
MonitorFromWindow
ReleaseDC
GetClassNameW
GetWindowTextW
GetAncestor
GetWindowLongW
InvalidateRect
RegisterClassExW
GetForegroundWindow
GetDC
SetPropW
GetClassInfoExW
PtInRect
BeginPaint
SetFocus
CreateAcceleratorTableW
GetClientRect
LoadCursorW
InvalidateRgn
GetParent
GetFocus
IsZoomed
PostMessageW
SetCapture
IsChild
FillRect
RegisterWindowMessageW
CharNextW
RemovePropW
GetAsyncKeyState
LoadStringW
EnumThreadWindows
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
GetIconInfo
DrawIconEx
SetForegroundWindow
GetCaretBlinkTime
ToAscii
GetKeyboardState
LoadImageW
LoadBitmapW
MsgWaitForMultipleObjects
SetCaretPos
SetRect
UpdateLayeredWindow
SetRectEmpty
UnionRect
SystemParametersInfoW
AttachThreadInput
PostQuitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetParent
MapWindowPoints
AdjustWindowRectEx
ValidateRect
SetWindowRgn
EnableWindow
OpenClipboard
MessageBoxW
UnregisterClassW
GetActiveWindow
EndDialog
SetWindowLongW
LoadIconW
DefWindowProcW
SendMessageW
MoveWindow
GetShellWindow
GetWindow
GetWindowThreadProcessId
CallWindowProcW
GetMonitorInfoW
GetPropW
EndPaint
ClientToScreen
DestroyWindow
GetWindowTextLengthW
DestroyAcceleratorTable
ScreenToClient
GetWindowRect
IsIconic
GetDCEx
GetWindowDC
SetCursor
GetCursorPos
CopyRect
IntersectRect
OffsetRect
IsRectEmpty
EqualRect
SetTimer
KillTimer
GetClassLongW
TrackMouseEvent
GetKeyState
ShowWindow
ShowWindowAsync
IsWindowVisible
GetSystemMetrics

gdi32

BitBlt
GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleBitmap
GetObjectW
GetStockObject
CreateSolidBrush
DeleteDC
CreateCompatibleDC
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
CreateRectRgnIndirect
CreatePolygonRgn
CreateFontIndirectW
SetBkColor
SetTextColor
EnumFontsW
GetClipBox
CreateDIBSection
CreateRoundRectRgn
PtInRegion
CreateDCW
GetDIBits
ExtTextOutW
GetRgnBox

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegSetValueExW

shell32

SHGetSpecialFolderPathW
DragFinish
SHGetFolderPathW
ord680
DragQueryFileW

ole32

CoCreateInstance
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
StringFromGUID2
OleInitialize
OleUninitialize
CoTaskMemFree
CoGetClassObject
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysAllocString
VarUI4FromStr
SysFreeString
DispCallFunc
SysStringLen
LoadRegTypeLi
OleCreateFontIndirect
SysAllocStringLen
VariantInit
LoadTypeLi
VariantClear

shlwapi

StrToIntA
PathFindFileNameW
ord12
PathAppendW
StrDupW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCloneBitmapAreaI
GdipCreatePath
GdipDeletePath
GdipClosePathFigure
ord1
GdipAddPathString
GdipGetPathWorldBounds
GdipCreateMatrix
GdipCreateMatrix2
GdipDeleteMatrix
GdipGetMatrixElements
GdipCloneRegion
GdipGetImageHeight
GdipTransformRegion
GdipCloneBrush
GdipDisposeImage
GdipCreateTexture
GdipGetTextureTransform
GdipCreateSolidFill
GdipCreateLineBrushI
GdipSetLinePresetBlend
GdipSetLineWrapMode
GdipGetLineTransform
GdipCreatePen1
GdipDeletePen
GdipSetPenDashStyle
GdipGetImageGraphicsContext
GdipCloneBitmapArea
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipSetImageAttributesWrapMode
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipDeleteRegion
GdipGetImageWidth
GdipGetTextRenderingHint
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipMultiplyWorldTransform
GdipTranslateWorldTransform
GdipScaleWorldTransform
GdipRotateWorldTransform
GdipCloneImage
GdipFree
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipDeleteBrush
GdipSetLineTransform
GdipSetTextureTransform
GdipGetBrushType
GdipCombineRegionRegion
GdipCombineRegionPath
GdipCreateRegionPath
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipAddPathBezierI
GdipAddPathArcI
GdipAddPathLineI
GdipSetStringFormatTrimming
GdipGetStringFormatLineAlign
GdipSetStringFormatLineAlign
GdipGetStringFormatAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipDeleteFont
GdipCreateFont
GdipGetLineSpacing
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipGetFamilyName
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipEndContainer
GdipBeginContainer2
GdipRestoreGraphics
GdipSaveGraphics
GdipGetClipBoundsI
GdipDrawLine
GdipSetClipRectI
GdipSetCompositingMode
GdipCreateHBITMAPFromBitmap
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipFillPath
GdipFillEllipse
GdipFillRectangleI
GdipGraphicsClear
GdipDrawPath
GdipDrawRectangle
GdipDrawArcI
GdipSetClipRegion

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

imm32

ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContextEx
ImmReleaseContext
ImmGetContext

winmm

timeGetTime

psapi

GetMappedFileNameW

Exports

Exports

CanInstall
FixSoftware
GetHistoryData
GetUserOperation
Initialize
InstallProduct
InstallSoftware
ProtectInstall
SetStatisticType
ShowUserSelectPopup
Uninitialize

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Assistant/2345MgrDLL.dll
.dll windows:5 windows x86 arch:x86

7a6a3930555239ace5e5dab44b8b53cd

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d5:e1:89:4b:1c:9b:1d:87:80:3f:24:a7:39:65:9c:c2:29:29:11:c1:4a:9e:70:77:6c:b2:cf:8b:ed:92:65:b1
Signer

Actual PE Digest

d5:e1:89:4b:1c:9b:1d:87:80:3f:24:a7:39:65:9c:c2:29:29:11:c1:4a:9e:70:77:6c:b2:cf:8b:ed:92:65:b1

Digest Algorithm

sha256

PE Digest Matches

true

b4:e6:2f:06:32:9b:a7:c3:23:38:a7:07:33:52:d9:9c:7d:07:96:f2
Signer

Actual PE Digest

b4:e6:2f:06:32:9b:a7:c3:23:38:a7:07:33:52:d9:9c:7d:07:96:f2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

X:\git_dev_\Desktop\Project\GFPlatform\GFSafeGuard\GFSafeMonitor\bin\Win32\release_static\pdb\RCMangeMonitor.pdb

Imports

shlwapi

StrStrIW
PathFindFileNameW
PathFileExistsW
PathAppendW
PathFindExtensionW
PathIsNetworkPathW
PathMatchSpecW
PathRemoveFileSpecW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

crypt32

CryptMsgClose
CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptMsgGetParam
CryptQueryObject

kernel32

DeleteFileW
CheckRemoteDebuggerPresent
FreeResource
FindResourceW
FreeLibrary
LoadResource
MoveFileExW
WriteFile
CopyFileW
SizeofResource
FlushFileBuffers
GetProcAddress
MoveFileW
GetTempFileNameW
SetEvent
Sleep
OpenThread
InterlockedExchange
GetWindowsDirectoryW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetLocalTime
GetFileSize
lstrlenA
FileTimeToSystemTime
IsDebuggerPresent
GetComputerNameExW
FileTimeToLocalFileTime
GetCurrentProcessId
OpenProcess
ReadProcessMemory
GetFileTime
DuplicateHandle
SetFilePointer
GetCurrentThreadId
GetUserDefaultLangID
CreateMutexW
GetModuleHandleExW
ReleaseMutex
GetEnvironmentVariableW
VirtualQuery
GetLogicalDriveStringsW
QueryDosDeviceW
CreateDirectoryW
GetCurrentProcess
CreateThread
GetLastError
TerminateThread
GetTickCount
WaitForSingleObject
DisableThreadLibraryCalls
GetTempPathW
CreateFileW
GetModuleFileNameW
LoadLibraryW
IsBadReadPtr
ReadFile
IsBadStringPtrW
CloseHandle
InterlockedExchangeAdd
QueryPerformanceFrequency
SetEnvironmentVariableA
DeviceIoControl
SetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
ReleaseSemaphore
CreateSemaphoreW
TryEnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
ResetEvent
CreateEventW
OpenEventW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
GetShortPathNameW
GetDriveTypeW
SearchPathW
WideCharToMultiByte
GetFileAttributesW
GetModuleHandleW
GetVersionExW
LockResource
GetSystemInfo
lstrcmpiW
ResumeThread
GetACP
MultiByteToWideChar
LoadLibraryA
ExpandEnvironmentStringsW
OpenMutexW
SetEndOfFile
SetFileTime
FindClose
FindNextFileW
HeapAlloc
HeapFree
GetProcessHeap
GlobalAlloc
GlobalFree
LocalFree
GetFileInformationByHandle
LoadLibraryExW
GetDiskFreeSpaceW
GetVolumeInformationW
CreateProcessW
GetExitCodeProcess
WaitForMultipleObjects
GetFullPathNameW
GetSystemDirectoryW
lstrlenW
GetCurrentDirectoryW
SetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
lstrcatW
lstrcpyW
GetFileSizeEx
FormatMessageW
FileTimeToDosDateTime
DosDateTimeToFileTime
SystemTimeToFileTime
GetSystemTime
LocalFileTimeToFileTime
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
GlobalMemoryStatusEx
GetStringTypeW
EncodePointer
GetSystemTimeAsFileTime
GetCurrentThread
GetExitCodeThread
HeapReAlloc
GetStdHandle
GetFileType
WriteConsoleW
CreateTimerQueue
IsProcessorFeaturePresent
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
RtlCaptureStackBackTrace
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCommandLineA
ExitThread
RtlUnwind
GetCPInfo
FatalAppExitA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
AreFileApisANSI
HeapSize
IsValidCodePage
GetOEMCP
SetConsoleCtrlHandler
OutputDebugStringW
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
InitializeSListHead
UnregisterWaitEx
VirtualAlloc
VirtualFree
VirtualProtect
SetProcessAffinityMask
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetTimeZoneInformation
WaitForMultipleObjectsEx
SetStdHandle

user32

GetClassNameW
IsWindow
wsprintfW
GetWindowTextW
IsWindowVisible
GetForegroundWindow
GetWindowThreadProcessId
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
UnregisterClassW
GetWindowLongW

advapi32

RegOpenKeyExW
AdjustTokenPrivileges
FreeSid
SetEntriesInAclW
AllocateAndInitializeSid
LookupPrivilegeValueW
SetNamedSecurityInfoW
GetTokenInformation
OpenProcessToken
LookupPrivilegeNameW
RegDeleteValueW
RegFlushKey
RegCloseKey
RegOpenCurrentUser
RegCreateKeyExW
OpenSCManagerW
CreateServiceW
OpenServiceW
StartServiceW
ChangeServiceConfigW
CloseServiceHandle
DeregisterEventSource
RegisterEventSourceW
ReportEventW
RegSetValueExW

shell32

CommandLineToArgvW
SHGetSpecialFolderPathW
SHGetFolderPathW
SHGetPathFromIDListW

ole32

CoInitialize
CoUninitialize
CoCreateInstance

psapi

GetProcessImageFileNameW

Exports

Exports

CreateObject
DestroyObject
ExportFunc1
ExportFunc10
ExportFunc11
ExportFunc12
ExportFunc13
ExportFunc14
ExportFunc2
ExportFunc3
ExportFunc4
ExportFunc5
ExportFunc6
ExportFunc7
ExportFunc8
ExportFunc9

Sections

.text
Size: 3.7MB - Virtual size: 3.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 758KB - Virtual size: 758KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 990KB - Virtual size: 1022KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Assistant/2345MgrDLL64.dll
.dll windows:5 windows x64 arch:x64

3fd95ad73eafd552fa062e48ae42ef88

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e6:fa:25:56:09:d5:a7:0e:bd:29:af:a0:77:d9:39:4c:b3:25:30:10:3e:81:d1:bc:0f:3f:e0:ed:71:78:9c:2f
Signer

Actual PE Digest

e6:fa:25:56:09:d5:a7:0e:bd:29:af:a0:77:d9:39:4c:b3:25:30:10:3e:81:d1:bc:0f:3f:e0:ed:71:78:9c:2f

Digest Algorithm

sha256

PE Digest Matches

true

5c:86:b6:20:49:62:5f:09:3e:d0:87:cb:4f:e3:14:6c:e2:38:fe:88
Signer

Actual PE Digest

5c:86:b6:20:49:62:5f:09:3e:d0:87:cb:4f:e3:14:6c:e2:38:fe:88

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

X:\git_dev_\Desktop\Project\GFPlatform\GFSafeGuard\GFSafeMonitor\bin\x64\release_static\pdb\RCMangeMonitor64.pdb

Imports

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathIsNetworkPathW
PathMatchSpecW
PathFileExistsW
PathFindFileNameW
StrStrIW
PathRemoveFileSpecW
PathAppendW
PathFindExtensionW

kernel32

MoveFileExW
WriteFile
CopyFileW
SizeofResource
FlushFileBuffers
GetProcAddress
MoveFileW
CloseHandle
SetEvent
Sleep
OpenThread
GetWindowsDirectoryW
WritePrivateProfileStringW
LoadResource
GetLocalTime
GetFileSize
lstrlenA
FileTimeToSystemTime
ReadFile
GetComputerNameExW
FileTimeToLocalFileTime
GetCurrentProcessId
OpenProcess
ReadProcessMemory
GetFileTime
DuplicateHandle
SetFilePointer
GetCurrentThreadId
GetUserDefaultLangID
CreateMutexW
GetModuleHandleExW
ReleaseMutex
GetEnvironmentVariableW
VirtualQuery
GetLogicalDriveStringsW
QueryDosDeviceW
FreeLibrary
FindResourceW
FreeResource
CheckRemoteDebuggerPresent
DeleteFileW
IsDebuggerPresent
DisableThreadLibraryCalls
GetTempPathW
CreateFileW
GetModuleFileNameW
LoadLibraryW
IsBadReadPtr
IsBadStringPtrW
GetTempFileNameW
CreateDirectoryW
QueryPerformanceFrequency
SetEnvironmentVariableA
GetCurrentProcess
CreateThread
GetLastError
TerminateThread
GetTickCount
WaitForSingleObject
GetPrivateProfileIntW
GetDiskFreeSpaceW
SetStdHandle
DeviceIoControl
SetLastError
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
LockResource
ReleaseSemaphore
CreateSemaphoreW
TryEnterCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
ResetEvent
CreateEventW
OpenEventW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
GetShortPathNameW
GetDriveTypeW
SearchPathW
WideCharToMultiByte
GetFileAttributesW
ResumeThread
GetACP
MultiByteToWideChar
GetModuleHandleW
LoadLibraryA
ExpandEnvironmentStringsW
GetVersionExW
GetSystemInfo
lstrcmpiW
OpenMutexW
SetEndOfFile
SetFileTime
FindClose
FindNextFileW
HeapAlloc
HeapFree
GetProcessHeap
GlobalAlloc
GlobalFree
LocalFree
LoadLibraryExW
GetFileInformationByHandle
GetVolumeInformationW
CreateProcessW
GetExitCodeProcess
WaitForMultipleObjects
GetFullPathNameW
GetSystemDirectoryW
lstrlenW
GetCurrentDirectoryW
SetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
lstrcatW
lstrcpyW
GetFileSizeEx
FormatMessageW
FileTimeToDosDateTime
DosDateTimeToFileTime
SystemTimeToFileTime
GetSystemTime
LocalFileTimeToFileTime
InitializeCriticalSectionAndSpinCount
RaiseException
DecodePointer
GlobalMemoryStatusEx
GetStringTypeW
EncodePointer
GetSystemTimeAsFileTime
GetCurrentThread
GetExitCodeThread
HeapReAlloc
RtlPcToFileHeader
GetStdHandle
GetFileType
WriteConsoleW
CreateTimerQueue
IsProcessorFeaturePresent
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
RtlCaptureStackBackTrace
WaitForSingleObjectEx
SignalObjectAndWait
SwitchToThread
SetThreadPriority
GetThreadPriority
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCommandLineA
ExitThread
RtlLookupFunctionEntry
RtlUnwindEx
GetCPInfo
FatalAppExitA
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
AreFileApisANSI
HeapSize
IsValidCodePage
GetOEMCP
SetConsoleCtrlHandler
OutputDebugStringW
GetThreadTimes
FreeLibraryAndExitThread
GetModuleHandleA
InitializeSListHead
UnregisterWaitEx
VirtualAlloc
VirtualFree
VirtualProtect
SetProcessAffinityMask
GetModuleFileNameA
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointerEx
GetConsoleMode
ReadConsoleW
GetConsoleCP
GetTimeZoneInformation
WaitForMultipleObjectsEx

user32

IsWindow
wsprintfW
GetClassNameW
GetWindowTextW
GetWindowLongW
IsWindowVisible
GetForegroundWindow
GetWindowThreadProcessId
MessageBoxW
UnregisterClassW
GetUserObjectInformationW
GetProcessWindowStation

advapi32

DeregisterEventSource
AdjustTokenPrivileges
FreeSid
SetEntriesInAclW
AllocateAndInitializeSid
LookupPrivilegeValueW
SetNamedSecurityInfoW
GetTokenInformation
OpenProcessToken
LookupPrivilegeNameW
ReportEventW
RegisterEventSourceW
ChangeServiceConfigW
StartServiceW
OpenServiceW
CreateServiceW
CloseServiceHandle
OpenSCManagerW
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegOpenCurrentUser
RegCreateKeyExW
RegDeleteValueW
RegFlushKey

shell32

SHGetFolderPathW
CommandLineToArgvW
SHGetPathFromIDListW
SHGetSpecialFolderPathW

crypt32

CertGetNameStringW
CertFreeCertificateContext
CertFindCertificateInStore
CertCloseStore
CryptQueryObject
CryptMsgClose
CryptMsgGetParam

ole32

CoUninitialize
CoCreateInstance
CoInitialize

psapi

GetProcessImageFileNameW

Exports

Exports

CreateObject
DestroyObject
ExportFunc1
ExportFunc10
ExportFunc11
ExportFunc12
ExportFunc13
ExportFunc14
ExportFunc2
ExportFunc3
ExportFunc4
ExportFunc5
ExportFunc6
ExportFunc7
ExportFunc8
ExportFunc9

Sections

.text
Size: 3.9MB - Virtual size: 3.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 231KB - Virtual size: 231KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Assistant/HelperTool64.exe
.exe windows:5 windows x64 arch:x64

e8de56d93e2963aab9409153ff1f2b45

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:99:78:79:c1:55:ab:00:24:96:45:60:f6:55:4e:51:3b:eb:67:0f:97:9a:e9:26:63:34:be:d8:6d:30:ea:66
Signer

Actual PE Digest

cf:99:78:79:c1:55:ab:00:24:96:45:60:f6:55:4e:51:3b:eb:67:0f:97:9a:e9:26:63:34:be:d8:6d:30:ea:66

Digest Algorithm

sha256

PE Digest Matches

true

c3:44:09:21:53:ce:2c:18:4c:29:3b:2a:7f:03:ab:c2:2c:df:a9:b0
Signer

Actual PE Digest

c3:44:09:21:53:ce:2c:18:4c:29:3b:2a:7f:03:ab:c2:2c:df:a9:b0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\trunk\dllplugin\HelperTool64\bin\x64\Release\HelperTool64.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CloseHandle
CreateMutexW
Sleep
GetLastError
GetProcAddress
FindResourceW
LoadResource
GetModuleHandleW
GetVersionExW
LockResource
GetSystemInfo
lstrcmpiW
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
CreateFileW
lstrlenW
LoadLibraryW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetFullPathNameW
GetFileAttributesW
WriteFile
ReadFile
LoadLibraryExW
GetModuleFileNameW
VirtualFree
VirtualQuery
EncodePointer
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
GetThreadContext
SetThreadContext
Thread32First
HeapDestroy
HeapCreate
Thread32Next
FlushInstructionCache
OpenThread
VirtualProtect
CreateToolhelp32Snapshot
SuspendThread
ResumeThread
VirtualAlloc

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Assistant/OptimizeTool.dll
.dll windows:5 windows x86 arch:x86

db722b9c7af74f133b7f2e856b17512e

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9b:7c:08:cc:d3:67:ff:cc:f8:4b:93:bb:63:fd:0e:a0:ca:8a:f0:c6:26:47:70:33:69:64:a8:2a:07:76:08:42
Signer

Actual PE Digest

9b:7c:08:cc:d3:67:ff:cc:f8:4b:93:bb:63:fd:0e:a0:ca:8a:f0:c6:26:47:70:33:69:64:a8:2a:07:76:08:42

Digest Algorithm

sha256

PE Digest Matches

true

ce:1b:3e:40:85:72:f9:40:1a:6c:9b:f4:f5:ab:37:0b:22:62:ab:13
Signer

Actual PE Digest

ce:1b:3e:40:85:72:f9:40:1a:6c:9b:f4:f5:ab:37:0b:22:62:ab:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dllplugin\FileDownloader\RecommendPCSafeDll\bin\release_static\OptimizeTool.pdb

Imports

kernel32

CreateEventW
ResetEvent
DeviceIoControl
SwitchToThread
InterlockedPopEntrySList
LoadLibraryExA
ExitThread
SetErrorMode
OpenMutexW
GetModuleHandleW
LocalFree
CloseHandle
WaitForSingleObject
CreateMutexW
GetCommandLineW
FreeLibrary
DeleteCriticalSection
GetProcAddress
DecodePointer
LoadLibraryW
RaiseException
VirtualQuery
VirtualAlloc
VirtualFree
OpenThread
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
Thread32First
Thread32Next
GetLastError
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleFileNameA
ExitProcess
TlsFree
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetFileType
GetEnvironmentVariableW
GetStdHandle
FlushInstructionCache
HeapDestroy
HeapCreate
OutputDebugStringA
GetModuleHandleExW
VirtualProtect
TlsGetValue
CreateThread
TlsAlloc
DisableThreadLibraryCalls
GetModuleHandleA
TlsSetValue
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
QueryPerformanceFrequency
FreeResource
GlobalUnlock
GlobalLock
LocalAlloc
CreateWaitableTimerW
SetWaitableTimer
MulDiv
lstrcmpW
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
SizeofResource
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GlobalMemoryStatusEx
InterlockedExchangeAdd
SetLastError
InterlockedExchange
GetTickCount
SetEvent
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
lstrcpynW
GetPrivateProfileStringW
GetPrivateProfileIntW
InterlockedCompareExchange
WritePrivateProfileStringW
FormatMessageW
Sleep
FindFirstFileW
FindClose
FileTimeToSystemTime
lstrcatW
GetCurrentProcessId
lstrcmpiW
ExpandEnvironmentStringsW
GetFileAttributesW
GetVersionExW
LockResource
GetSystemInfo
LoadResource
FindResourceW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
ReadFile
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
CreateFileW
GetFileSize
GetFileTime
HeapFree
GetCurrentThreadId
GlobalAlloc
GlobalFree
HeapAlloc
GetProcessHeap
GetLongPathNameW
GetFileAttributesExW
lstrlenW
lstrcpyW
DeleteFileW
GetFileSizeEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
FindNextFileW
GetLogicalDriveStringsW
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetCurrentDirectoryW
WaitForMultipleObjects
ReleaseMutex
FreeLibraryAndExitThread

user32

LoadIconW
SetWindowLongW
DestroyWindow
PostMessageW
GetActiveWindow
SetForegroundWindow
MessageBoxW
GetMonitorInfoW
CreateWindowExW
MoveWindow
EndDialog
SetWindowPos
MonitorFromWindow
UnregisterClassW
FindWindowW
GetPropW
RemovePropW
GetForegroundWindow
SetPropW
GetAsyncKeyState
GetFocus
LoadStringW
DestroyAcceleratorTable
CreateAcceleratorTableW
EnumThreadWindows
PostQuitMessage
RegisterWindowMessageW
GetAncestor
EmptyClipboard
SetClipboardData
GetClassInfoExW
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
GetSysColor
GetSystemMetrics
GetKeyboardState
GetCaretBlinkTime
ToAscii
GetMessageW
CallWindowProcW
DispatchMessageW
TranslateMessage
RegisterClassExW
GetIconInfo
DrawIconEx
LoadBitmapW
LoadImageW
GetDesktopWindow
SetCaretPos
AttachThreadInput
SystemParametersInfoW
GetClassLongW
SetRectEmpty
MsgWaitForMultipleObjects
FillRect
UpdateLayeredWindow
UnionRect
PtInRect
SetRect
GetWindowThreadProcessId
GetWindowTextLengthW
GetCursorPos
ReleaseDC
IsIconic
GetDCEx
InvalidateRect
GetParent
IsZoomed
GetClientRect
SetCursor
GetWindowDC
LoadCursorW
IntersectRect
IsRectEmpty
ClientToScreen
CopyRect
RedrawWindow
OffsetRect
IsWindow
SendMessageW
EnumChildWindows
EqualRect
GetWindowRect
DefWindowProcW
GetWindowLongW
DialogBoxParamW
SetWindowTextW
CharNextW
ReleaseCapture
SetCapture
TrackMouseEvent
ScreenToClient
GetKeyState
GetWindowTextW
EnableWindow
EndPaint
BeginPaint
KillTimer
GetDlgItem
SetParent
GetClassNameW
SetFocus
ValidateRect
MapWindowPoints
IsChild
SetTimer
OpenClipboard
InvalidateRgn
ShowWindow
SetWindowRgn
IsWindowVisible
GetDC
GetWindow
ShowWindowAsync
AdjustWindowRectEx

gdi32

CreateFontIndirectW
CreateSolidBrush
SetBkColor
CreateRectRgnIndirect
GetClipBox
GetObjectW
EnumFontsW
PtInRegion
CreateRoundRectRgn
CreateDIBSection
GetDeviceCaps
CreateDCW
ExtTextOutW
CreatePolygonRgn
BitBlt
SetGraphicsMode
CreateCompatibleBitmap
SelectObject
DeleteDC
CreateCompatibleDC
SetViewportOrgEx
DeleteObject
GetRgnBox
GetStockObject
GetDIBits
SetWorldTransform
SetTextColor

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW
SHGetSpecialFolderPathW
DragQueryFileW
DragFinish

oleaut32

SysStringLen
SysFreeString
VarUI4FromStr
SysAllocString
VariantClear
SysAllocStringLen
OleCreateFontIndirect
DispCallFunc
LoadTypeLi
VariantInit
LoadRegTypeLi

shlwapi

StrDupW
PathAppendW
PathFindFileNameW
StrToIntA
ord12
PathFileExistsW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipDeleteRegion
GdipMeasureString
GdipCloneBrush
GdipRestoreGraphics
GdipRotateWorldTransform
GdipStringFormatGetGenericTypographic
GdipGetCellAscent
GdipSetTextRenderingHint
GdipCloneStringFormat
GdipGetMatrixElements
GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipCreateFromHDC
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipDrawString
GdipDrawPath
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipSetPixelOffsetMode
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipGetImageGraphicsContext
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipGetImageHeight
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipFree
GdipBitmapLockBits
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipFillRectangleI
ord1
GdipDeleteGraphics
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDeleteStringFormat
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipAddPathString
GdipGetTextRenderingHint
GdipDeleteFont
GdipCreatePath
GdipSetTextureTransform
GdipSetLineTransform
GdipGetBrushType
GdipCombineRegionRegion
GdipAddPathRectangleI
GdipAddPathArcI
GdipAddPathEllipseI
GdipCombineRegionPath
GdipCreateHBITMAPFromBitmap
GdipSetCompositingMode
GdipAddPathBezierI
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipGetFontSize

psapi

GetMappedFileNameW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

imm32

ImmNotifyIME
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

winmm

timeGetTime

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegSetValueExW

ole32

CLSIDFromString
OleInitialize
CLSIDFromProgID
StringFromGUID2
OleLockRunning
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
CoCreateInstance
CoTaskMemAlloc

Exports

Exports

Optimize

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Assistant/Update_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

5a90065e89256fc0c3dd3aba7e651f68

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

44:6b:9a:c7:14:72:ca:41:1e:09:77:1c:a2:40:23:a6:c1:70:21:eb:f3:24:94:87:80:86:aa:4b:50:a0:ed:8d
Signer

Actual PE Digest

44:6b:9a:c7:14:72:ca:41:1e:09:77:1c:a2:40:23:a6:c1:70:21:eb:f3:24:94:87:80:86:aa:4b:50:a0:ed:8d

Digest Algorithm

sha256

PE Digest Matches

true

94:c9:1d:60:30:13:83:b1:e3:ea:21:00:00:2b:79:72:09:9d:b6:8e
Signer

Actual PE Digest

94:c9:1d:60:30:13:83:b1:e3:ea:21:00:00:2b:79:72:09:9d:b6:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\Update2345Explorer\bin\Win32\Release\pdb\Update_2345Explorer.pdb

Imports

kernel32

GetLastError
RaiseException
WritePrivateProfileStringA
DecodePointer
DeleteCriticalSection
GetPrivateProfileStringA
ExpandEnvironmentStringsW
GetModuleFileNameW
GetFileAttributesW
GetProcAddress
GetModuleHandleW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
GetCurrentThreadId
SuspendThread
GetExitCodeThread
Sleep
TerminateThread
SwitchToThread
OpenThread
ResumeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForMultipleObjects
LocalFree
GetCurrentProcessId
CreateProcessW
GetExitCodeProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
ReadFile
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
CreateFileW
GetFileSize
GetFileTime
CreateMutexW
ReleaseMutex
GetVersionExW
LockResource
GetSystemInfo
LoadResource
FindResourceW
lstrcmpiW
lstrlenW
InitializeCriticalSectionAndSpinCount
DeleteFileW
GetFileSizeEx
FindFirstFileW
FindNextFileW
FindClose
GetLongPathNameW
GetFileAttributesExW
HeapFree
HeapAlloc
GetProcessHeap
GetLogicalDriveStringsW
LoadLibraryW
FreeLibrary
ResetEvent
InterlockedExchangeAdd
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetCurrentDirectoryW
FormatMessageW
InterlockedExchange
SetLastError
GetTickCount
GlobalMemoryStatusEx
GetPrivateProfileStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetEnvironmentVariableW
DeviceIoControl
WriteConsoleW
SetFilePointerEx
GetConsoleMode
DeleteTimerQueueTimer
GetCommandLineW
CloseHandle
SetEvent
CreateEventW
OpenEventW
WaitForSingleObject
CreateTimerQueueTimer
GetConsoleCP
FlushFileBuffers
HeapSize
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
HeapReAlloc
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetStdHandle
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
OutputDebugStringW
RtlUnwind
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess

user32

GetMessageW
DefWindowProcW
CreateWindowExW
TranslateMessage
RegisterClassW
LoadIconW
LoadCursorW
PostQuitMessage
DispatchMessageW

gdi32

GetStockObject

advapi32

GetUserNameW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW

netapi32

NetLocalGroupGetMembers

Sections

.text
Size: 731KB - Virtual size: 731KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Doctor/Doctor_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

e4c1335ecafebd3bc95066b3f7bdde46

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

41:ee:14:e4:8a:92:ab:2c:3e:04:a7:a6:90:41:23:5a:f8:2c:b7:c7:cd:a0:36:69:93:19:0e:2a:1d:61:ef:8c
Signer

Actual PE Digest

41:ee:14:e4:8a:92:ab:2c:3e:04:a7:a6:90:41:23:5a:f8:2c:b7:c7:cd:a0:36:69:93:19:0e:2a:1d:61:ef:8c

Digest Algorithm

sha256

PE Digest Matches

true

bb:77:d1:5e:6f:51:11:91:87:58:dc:77:5e:14:e5:96:3f:06:76:c3
Signer

Actual PE Digest

bb:77:d1:5e:6f:51:11:91:87:58:dc:77:5e:14:e5:96:3f:06:76:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\Doctor\bin\Win32\Release\pdb\Doctor_2345Explorer.pdb

Imports

winhttp

WinHttpReceiveResponse
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpQueryHeaders

mprapi

MprConfigGetFriendlyName
MprConfigServerConnect

iphlpapi

GetAdaptersInfo
GetInterfaceInfo
IpReleaseAddress
GetNetworkParams
SendARP
IpRenewAddress
GetBestInterface

ws2_32

WSCDeinstallProvider
WSAStartup
gethostbyname
WSACleanup
inet_addr

kernel32

ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
GetFullPathNameW
WriteFile
InterlockedCompareExchange
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateFileW
GetFileAttributesW
GetVersionExW
HeapValidate
HeapSize
MultiByteToWideChar
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
QueryPerformanceCounter
FlushFileBuffers
TerminateProcess
InterlockedDecrement
InterlockedIncrement
SetErrorMode
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpW
MulDiv
GetShortPathNameW
OpenProcess
LocalAlloc
DeviceIoControl
GetSystemDirectoryW
GetEnvironmentVariableW
GlobalFree
InterlockedExchange
GetCurrentProcess
GetLocalTime
FlushInstructionCache
VirtualProtect
GetModuleHandleExW
lstrcmpiW
MoveFileW
lstrlenW
lstrcpynW
GlobalMemoryStatusEx
DeleteFileW
Thread32Next
Thread32First
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
GetThreadContext
SetThreadContext
OpenThread
VirtualFree
VirtualAlloc
VirtualQuery
SwitchToThread
LoadLibraryExW
ExpandEnvironmentStringsW
GetLongPathNameW
GetACP
LockResource
LoadResource
FindResourceW
SetFileTime
GetFileTime
TerminateThread
WaitForMultipleObjects
CreateEventW
SetEvent
ResetEvent
InterlockedExchangeAdd
lstrcpyW
GetFileSizeEx
GetCurrentDirectoryW
MoveFileExW
CopyFileW
GetLogicalDriveStringsW
SizeofResource
SetWaitableTimer
CreateWaitableTimerW
MapViewOfFileEx
FreeResource
QueryPerformanceFrequency
TlsSetValue
GetModuleHandleA
DisableThreadLibraryCalls
TlsAlloc
CreateThread
TlsGetValue
GetStdHandle
GetFileType
lstrcatW
SetFileAttributesW
FindClose
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
RemoveDirectoryW
FindNextFileW
SetLocalTime
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
SetFilePointerEx
WriteConsoleW
WritePrivateProfileStringW
FindFirstFileW
SetUnhandledExceptionFilter
DeleteCriticalSection
LocalFree
DecodePointer
RaiseException
GetPrivateProfileStringW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetCommandLineW
GetModuleHandleW
GetTickCount
MapViewOfFile
CreateFileMappingW
GetCurrentProcessId
GetLastError
Sleep
IsDebuggerPresent
UnmapViewOfFile
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
CreateMutexW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryW
ExitProcess
FreeLibraryAndExitThread
ExitThread
RtlUnwind
LoadLibraryExA
AreFileApisANSI
GetExitCodeThread
GetExitCodeProcess
FreeLibrary
CreateProcessW
GetProcAddress
LoadLibraryW
QueryDosDeviceW
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetStartupInfoW
CompareStringW
TlsFree
EncodePointer
CloseHandle
FileTimeToSystemTime
GetLocaleInfoW
LCMapStringW

user32

AdjustWindowRectEx
GetWindowThreadProcessId
UnionRect
SystemParametersInfoW
AttachThreadInput
SetRect
UpdateLayeredWindow
MsgWaitForMultipleObjects
SetRectEmpty
GetClassLongW
SetCaretPos
LoadImageW
LoadBitmapW
DrawIconEx
GetIconInfo
ToAscii
GetCaretBlinkTime
GetKeyboardState
GetSystemMetrics
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
GetAncestor
EnumThreadWindows
LoadStringW
GetAsyncKeyState
KillTimer
EnableWindow
GetKeyState
TrackMouseEvent
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
ShowWindowAsync
DialogBoxParamW
GetWindowRect
EqualRect
IntersectRect
GetWindowDC
ValidateRect
IsZoomed
GetDCEx
IsIconic
EnumChildWindows
OffsetRect
PtInRect
IsRectEmpty
MessageBoxW
wsprintfW
GetWindowTextLengthW
GetWindow
GetFocus
GetDC
SetWindowPos
FillRect
CreateWindowExW
ScreenToClient
SetWindowTextW
RegisterClassExW
IsWindow
IsWindowVisible
MonitorFromWindow
SetWindowRgn
InvalidateRgn
RedrawWindow
ClientToScreen
DestroyAcceleratorTable
IsChild
GetSysColor
MoveWindow
CreateAcceleratorTableW
SetFocus
CharNextW
LoadCursorW
GetClassNameW
SetCapture
GetClientRect
GetDlgItem
GetClassInfoExW
GetParent
RegisterWindowMessageW
ReleaseCapture
MapWindowPoints
ShowWindow
OpenClipboard
SetTimer
GetMonitorInfoW
PostQuitMessage
InvalidateRect
ReleaseDC
BeginPaint
EndPaint
GetWindowTextW
GetDesktopWindow
EndDialog
GetWindowLongW
DefWindowProcW
CallWindowProcW
DestroyWindow
LoadIconW
SetWindowLongW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PostMessageW
UnregisterClassW
FindWindowW
SetForegroundWindow
SendMessageW
SetPropW
CopyRect
GetForegroundWindow
RemovePropW
GetPropW
SetParent
SetCursor
GetCursorPos

gdi32

CreateDIBSection
GetDIBits
CreateDCW
ExtTextOutW
GetClipBox
SetTextColor
SetBkColor
CreateFontIndirectW
SetGraphicsMode
SetWorldTransform
CreateRectRgnIndirect
CreatePolygonRgn
CreateRoundRectRgn
PtInRegion
SetViewportOrgEx
GetRgnBox
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
GetObjectW
DeleteObject
CreateSolidBrush
EnumFontsW
DeleteDC

advapi32

RegCloseKey
OpenServiceW
RegDeleteValueW
ChangeServiceConfigW
QueryServiceConfigW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
GetUserNameW
AdjustTokenPrivileges
DuplicateTokenEx
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
RegSetValueExW
StartServiceW

shell32

ShellExecuteW
CommandLineToArgvW
ShellExecuteExW
ord155
ord190
SHGetSpecialFolderPathW
SHGetFolderPathW
DragQueryFileW
DragFinish

ole32

OleLockRunning
CLSIDFromString
CreateStreamOnHGlobal
CoTaskMemFree
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
StringFromCLSID
CoGetClassObject
OleInitialize
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeSecurity
CoInitializeEx
CoTaskMemRealloc
OleUninitialize
PropVariantClear

oleaut32

VarUI4FromStr
VariantChangeType
LoadRegTypeLi
VariantInit
LoadTypeLi
OleCreateFontIndirect
SysAllocString
DispCallFunc
SysStringLen
SysAllocStringLen
VariantClear
SysFreeString

shlwapi

PathRemoveFileSpecW
SHCopyKeyW
PathStripPathW
StrStrIW
PathFileExistsW
PathAppendW
SHSetValueW
SHStrDupW
ord12
StrToIntA
PathFindFileNameW
StrDupW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

FindCloseUrlCache
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW

dsound

ord11
ord1

winmm

waveOutWrite
midiStreamOut
timeGetTime
midiStreamClose

psapi

GetMappedFileNameW

gdiplus

GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipCreateFromHDC
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipDrawString
GdipDrawPath
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipSetPixelOffsetMode
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipGetMatrixElements
GdipGetTextRenderingHint
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipAddPathBezierI
GdipCombineRegionPath
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathRectangleI
GdipCombineRegionRegion
GdipGetBrushType
GdipSetLineTransform
GdipSetTextureTransform
GdipSetCompositingMode
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipGetImageHeight
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipFree
GdipBitmapLockBits
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipGetCellAscent
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipCloneBrush
GdipMeasureString
GdipDeleteRegion
GdipGetImageGraphicsContext
GdipFillRectangleI
ord1
GdipDeleteGraphics
GdipDeleteStringFormat
GdipDeleteFont
GdipAddPathString
GdipGetFontSize
GdipCreateHBITMAPFromBitmap

imm32

ImmSetCompositionWindow
ImmGetCompositionStringW
ImmAssociateContextEx
ImmReleaseContext
ImmGetContext
ImmNotifyIME

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 409KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Doctor/Downloader_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

3d06f7be9c2c3643f76a9c85f5d10ab1

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:85:0e:5d:23:fc:9c:95:c2:d9:84:f2:d5:c5:77:54:a7:1c:74:d9:b9:aa:b3:42:5a:82:3d:f4:d9:18:c0:69
Signer

Actual PE Digest

cb:85:0e:5d:23:fc:9c:95:c2:d9:84:f2:d5:c5:77:54:a7:1c:74:d9:b9:aa:b3:42:5a:82:3d:f4:d9:18:c0:69

Digest Algorithm

sha256

PE Digest Matches

true

89:e8:30:30:ba:32:da:b4:b7:d8:1f:90:c1:68:c8:1c:ee:48:93:24
Signer

Actual PE Digest

89:e8:30:30:ba:32:da:b4:b7:d8:1f:90:c1:68:c8:1c:ee:48:93:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\LightInstPackage\bin\release_static\LightInstPackage.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdiplus

GdipSetClipRectI
GdipScaleWorldTransform
GdipSetPixelOffsetMode
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipAddPathString
GdipGetTextRenderingHint
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipAddPathBezierI
GdipCombineRegionPath
GdipAddPathEllipseI
GdipGetSmoothingMode
GdipAddPathRectangleI
GdipCombineRegionRegion
GdipGetBrushType
GdipSetLineTransform
GdipSetTextureTransform
GdipCreateImageAttributes
GdipSetClipRegion
GdipDrawPath
GdipDrawString
GdipSetImageAttributesWrapMode
GdipGetClipBoundsI
GdipCreateFromHDC
GdipFillEllipse
GdipBeginContainer2
GdipCreateTexture
GdipGetTextureTransform
GdipGetMatrixElements
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipGetCellAscent
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipCloneBrush
GdipMeasureString
GdipDeleteRegion
GdipGetImageGraphicsContext
GdipFillRectangleI
ord1
GdipDeleteGraphics
GdipDeleteStringFormat
GdipDeleteFont
GdipGetFontSize
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipGetImageHeight
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipFree
GdipBitmapLockBits
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipClosePathFigure
GdipAddPathArcI
GdipSetCompositingMode
GdipDrawArcI
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap

psapi

GetMappedFileNameW
GetModuleFileNameExW

kernel32

ResumeThread
ReadFile
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
GetFileSize
GetFileTime
CreateDirectoryW
GetFullPathNameW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
GetCurrentDirectoryW
MoveFileExW
MoveFileW
FindNextFileW
LoadLibraryW
FreeLibrary
WaitForMultipleObjects
LocalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateEventW
Sleep
SetEvent
ResetEvent
InterlockedExchangeAdd
GetFileSizeEx
HeapFree
GetCurrentThreadId
GlobalAlloc
GlobalFree
HeapAlloc
GetProcessHeap
ReleaseMutex
QueryDosDeviceW
GetCurrentProcess
FormatMessageW
GetACP
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchange
SetLastError
GlobalMemoryStatusEx
SizeofResource
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
MulDiv
lstrcmpW
GlobalLock
GetDiskFreeSpaceW
SetWaitableTimer
CreateWaitableTimerW
LocalAlloc
FreeResource
QueryPerformanceFrequency
QueryPerformanceCounter
UnmapViewOfFile
CreateFileMappingW
MapViewOfFileEx
FindResourceW
GetModuleHandleA
DisableThreadLibraryCalls
TlsAlloc
CreateThread
TlsGetValue
VirtualProtect
GetModuleHandleExW
OutputDebugStringA
HeapCreate
HeapDestroy
FlushInstructionCache
FileTimeToSystemTime
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
OutputDebugStringW
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualAlloc
VirtualFree
LoadLibraryExA
InterlockedCompareExchange
Thread32Next
Thread32First
SuspendThread
HeapReAlloc
GetThreadContext
SetThreadContext
OpenThread
VirtualQuery
RtlUnwind
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetStdHandle
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
HeapSize
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetLogicalDriveStringsW
GetVolumeInformationW
lstrcpyW
ExpandEnvironmentStringsW
GlobalUnlock
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadResource
GetSystemInfo
LockResource
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
GetEnvironmentVariableW
DeviceIoControl
GetProcAddress
GetFileAttributesExW
CreateFileW
GetLongPathNameW
GetTickCount
lstrcatW
GetFileAttributesW
WaitForSingleObject
FindClose
lstrcpynW
FindFirstFileW
OpenMutexW
DeleteCriticalSection
DecodePointer
GetModuleHandleW
RaiseException
GetLastError
CreateMutexW
SetErrorMode
InitializeCriticalSectionAndSpinCount
GetLocalTime
DeleteFileW
GetModuleFileNameW
lstrcmpiW
GetCurrentProcessId
CloseHandle
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
LCMapStringW
OpenProcess
GetVersionExW
lstrlenW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
TlsFree
SwitchToThread
TlsSetValue
EncodePointer
CompareStringW
GetSystemTimeAsFileTime

user32

MsgWaitForMultipleObjects
SystemParametersInfoW
AttachThreadInput
LoadBitmapW
IsClipboardFormatAvailable
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
SetRectEmpty
SetCaretPos
SetRect
UpdateLayeredWindow
FillRect
DrawIconEx
GetSysColor
GetAncestor
EnumThreadWindows
CreateAcceleratorTableW
DestroyAcceleratorTable
LoadStringW
GetFocus
GetAsyncKeyState
MoveWindow
SetFocus
BringWindowToTop
GetClassNameW
SetParent
GetDlgItem
GetWindowThreadProcessId
BeginPaint
EndPaint
EnableWindow
GetWindowTextW
ScreenToClient
TrackMouseEvent
SetCapture
ReleaseCapture
IsWindowVisible
MonitorFromWindow
SetWindowRgn
GetWindowTextLengthW
GetClassLongW
SetWindowTextW
DialogBoxParamW
UnionRect
PtInRect
GetWindowRect
EqualRect
EnumChildWindows
RedrawWindow
ClientToScreen
IntersectRect
GetWindowDC
SetCursor
GetClientRect
IsZoomed
GetParent
InvalidateRect
ShowWindow
InvalidateRgn
OpenClipboard
GetMonitorInfoW
IsChild
AdjustWindowRectEx
ShowWindowAsync
GetDCEx
IsIconic
GetKeyState
GetKeyboardState
OffsetRect
CopyRect
GetCaretBlinkTime
ToAscii
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
IsRectEmpty
LoadMenuW
GetDC
CreateWindowExW
GetSystemMetrics
RegisterClassExW
TrackPopupMenu
GetSubMenu
IsWindow
SetTimer
GetMenuDefaultItem
DestroyIcon
IsMenu
SetMenuDefaultItem
DestroyMenu
LoadCursorW
KillTimer
GetClassInfoExW
RegisterWindowMessageW
LoadImageW
ReleaseDC
GetCursorPos
EndDialog
GetWindowLongW
DefWindowProcW
CallWindowProcW
PostMessageW
DestroyWindow
SetWindowPos
SendMessageW
CharPrevW
CharNextW
LoadIconW
FindWindowW
SetWindowLongW
GetDesktopWindow
SetForegroundWindow
MessageBoxW
UnregisterClassW
MapWindowPoints
ValidateRect
GetWindow
SetPropW
GetForegroundWindow
RemovePropW
GetPropW
GetIconInfo

gdi32

CreateSolidBrush
SetBkColor
SetTextColor
GetDIBits
SetGraphicsMode
CreateDIBSection
PtInRegion
CreateRoundRectRgn
ExtTextOutW
SetWorldTransform
CreateRectRgnIndirect
CreatePolygonRgn
EnumFontsW
GetStockObject
GetObjectW
CreateFontIndirectW
GetClipBox
GetDeviceCaps
BitBlt
SetViewportOrgEx
GetRgnBox
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteObject
CreateDCW
DeleteDC

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW

shell32

DragFinish
DragQueryFileW
Shell_NotifyIconW
SHGetFolderPathW
ShellExecuteExW
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW

ole32

OleLockRunning
CLSIDFromString
OleInitialize
CLSIDFromProgID
OleUninitialize
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysAllocString
VarUI4FromStr
LoadTypeLi
VariantClear
LoadRegTypeLi
VariantInit
SysFreeString
OleCreateFontIndirect
DispCallFunc
SysStringLen
SysAllocStringLen

shlwapi

StrDupW
PathAppendW
StrToIntA
ord12
PathIsRootW
PathFileExistsW
PathFindFileNameW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

imm32

ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmNotifyIME

winmm

timeGetTime

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Doctor/libcurl_x86.dll
.dll windows:6 windows x86 arch:x86

a996403d816908e79c3d6e0ea1cbe2e2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2
Signer

Actual PE Digest

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2

Digest Algorithm

sha256

PE Digest Matches

true

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e
Signer

Actual PE Digest

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\dev\RCFL\vendor\depends\curl\out\bin\Win32\release_static\pdb\libcurl_x86.pdb

Imports

ws2_32

bind
closesocket
connect
getpeername
getsockopt
htons
ntohs
recv
setsockopt
socket
WSASetLastError
WSAIoctl
getaddrinfo
freeaddrinfo
gethostname
accept
WSAGetLastError
listen
ioctlsocket
__WSAFDIsSet
select
send
WSAStartup
WSACleanup
recvfrom
sendto
getsockname
shutdown
htonl
ntohl
gethostbyname
getservbyname

wldap32

ord145
ord219
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

kernel32

FindNextFileA
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
RaiseException
ReadConsoleW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleFileNameW
GetProcessHeap
RtlUnwind
FatalAppExitA
CreateSemaphoreW
GetStartupInfoW
FindFirstFileA
GetFullPathNameA
HeapSize
SetEndOfFile
WriteConsoleW
GetCurrentDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsA
Sleep
GetLastError
SetLastError
FormatMessageA
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
WriteFile
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GlobalMemoryStatus
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CreateEventW
SetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
OutputDebugStringW
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CreateThread
ExitThread
LoadLibraryExW
HeapFree
HeapAlloc
HeapReAlloc
SetFilePointerEx
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
GetCommandLineA
SetConsoleCtrlHandler
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers

user32

ReleaseDC
GetDC
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

gdi32

DeleteObject
GetDeviceCaps
GetDIBits
GetObjectA
CreateCompatibleBitmap

advapi32

RegisterEventSourceA
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
DeregisterEventSource

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Extensions/defalut_extensions.json
$_56_/Locales/zh-CN.pak
$_56_/Plugins/np-mswmp.dll
.dll windows:6 windows x86 arch:x86

6248bec906df433624b546a90f44da2b

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

26:1e:cf:d6:29:79:85:bf:29:37:b7:99:a6:d1:c8:fd:22:5c:65:e3
Signer

Actual PE Digest

26:1e:cf:d6:29:79:85:bf:29:37:b7:99:a6:d1:c8:fd:22:5c:65:e3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

np-mswmp.pdb

Imports

msvcrt

??_U@YAPAXI@Z
iswspace
wcsspn
wcscspn
_wtoi
atoi
atof
memcpy
wcsstr
__CxxFrameHandler
_errno
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
??1type_info@@UAE@XZ
?terminate@@YAXXZ
realloc
_unlock
__dllonexit
_lock
_onexit
memmove
mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
??2@YAPAXI@Z
_CxxThrowException
_vsnwprintf
??_V@YAXPAX@Z
memset
_CIpow
free
_mbsicmp
_wcsicmp
malloc
??3@YAXPAX@Z

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
InterlockedCompareExchange
Sleep
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
GetVersion
InterlockedExchange
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExW
MultiByteToWideChar
GetCurrentThreadId
GetModuleFileNameW
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
InterlockedDecrement
InterlockedIncrement
HeapSetInformation
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
RaiseException
FormatMessageW
lstrlenW
LocalFree

user32

UnregisterClassA
CreateAcceleratorTableW
GetFocus
GetWindow
SetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
CharNextW
GetSysColor
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
GetWindowTextLengthW
SetWindowTextW
DefWindowProcW
MapWindowPoints
IsWindow
GetParent
ShowWindow
GetWindowRect
MoveWindow
PostMessageW
SendMessageW
SetWindowLongW
GetWindowLongW
CreateWindowExW
DestroyWindow
GetWindowTextW

oleaut32

VarBstrFromDate
VariantChangeType
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
VarBstrCmp
SysAllocString
SysAllocStringLen
SysStringLen
SysFreeString

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateGuid
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

gdi32

GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Swiftshader/libEGL.dll
.dll windows:5 windows x86 arch:x86

9c6cc4c8576e643ce601643ae11eae27

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:9d:71:f7:9b:6e:2f:6f:9a:97:df:f3:ed:4f:3d:1a:61:26:e2:cf:44:55:b0:40:37:e9:fb:66:ff:0f:71:56
Signer

Actual PE Digest

ec:9d:71:f7:9b:6e:2f:6f:9a:97:df:f3:ed:4f:3d:1a:61:26:e2:cf:44:55:b0:40:37:e9:fb:66:ff:0f:71:56

Digest Algorithm

sha256

PE Digest Matches

true

ea:b8:5a:d6:28:64:d2:87:0f:7b:a8:9b:5d:4b:ab:a9:be:11:78:3d
Signer

Actual PE Digest

ea:b8:5a:d6:28:64:d2:87:0f:7b:a8:9b:5d:4b:ab:a9:be:11:78:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\swiftshader\libEGL.dll.pdb

Imports

user32

GetClientRect
GetDC
IsWindow
ReleaseDC

gdi32

GetDeviceCaps

kernel32

CloseHandle
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurfaceEXT
eglCreateSyncKHR
eglCreateWindowSurface
eglDestroyContext
eglDestroyImageKHR
eglDestroySurface
eglDestroySyncKHR
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttribKHR
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
libEGL_swiftshader

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Swiftshader/libGLESv2.dll
.dll windows:5 windows x86 arch:x86

29d66a6c4f8ddc5483849ae0aaff3847

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a6:91:e3:e4:fe:50:d2:11:a7:f3:db:07:fc:8c:9c:24:cd:18:6c:f7:ac:58:b4:3e:0a:df:f4:55:bd:91:e0:5a
Signer

Actual PE Digest

a6:91:e3:e4:fe:50:d2:11:a7:f3:db:07:fc:8c:9c:24:cd:18:6c:f7:ac:58:b4:3e:0a:df:f4:55:bd:91:e0:5a

Digest Algorithm

sha256

PE Digest Matches

true

29:4d:5d:ae:87:b6:ff:8d:35:9c:69:e7:d3:3a:85:f2:ed:b8:d3:9f
Signer

Actual PE Digest

29:4d:5d:ae:87:b6:ff:8d:35:9c:69:e7:d3:3a:85:f2:ed:b8:d3:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\swiftshader\libGLESv2.dll.pdb

Imports

kernel32

ChangeTimerQueueTimer
CloseHandle
CompareStringW
CreateEventA
CreateEventW
CreateFileW
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
DecodePointer
DeleteCriticalSection
DeleteFileW
DeleteTimerQueueTimer
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FlushInstructionCache
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentStringsW
GetFileAttributesW
GetFileInformationByHandle
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetLogicalProcessorInformation
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
PeekNamedPipe
QueryDepthSList
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseSemaphore
RemoveDirectoryW
RtlUnwind
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnregisterWait
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

ChangeDisplaySettingsA
ClientToScreen
GetClientRect
GetDC
GetSystemMetrics
GetWindowLongA
GetWindowRect
ReleaseDC
SetRect
SetWindowLongA
SetWindowPos

gdi32

CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceGammaRamp
SelectObject
SetDeviceGammaRamp
StretchBlt

ws2_32

WSACleanup
WSAStartup
accept
bind
closesocket
getaddrinfo
listen
recv
select
send
socket

Exports

Exports

Register
glActiveTexture
glAttachShader
glBeginQuery
glBeginQueryEXT
glBeginTransformFeedback
glBindAttribLocation
glBindBuffer
glBindBufferBase
glBindBufferRange
glBindFramebuffer
glBindFramebufferOES
glBindRenderbuffer
glBindRenderbufferOES
glBindSampler
glBindTexture
glBindTransformFeedback
glBindVertexArray
glBindVertexArrayOES
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebuffer
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glCheckFramebufferStatusOES
glClear
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearDepthf
glClearStencil
glClientWaitSync
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexImage3D
glCompressedTexSubImage2D
glCompressedTexSubImage3D
glCopyBufferSubData
glCopyTexImage2D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteFramebuffersOES
glDeleteProgram
glDeleteQueries
glDeleteQueriesEXT
glDeleteRenderbuffers
glDeleteRenderbuffersOES
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDeleteVertexArraysOES
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawArraysInstanced
glDrawBuffers
glDrawBuffersEXT
glDrawElements
glDrawElementsInstanced
glDrawRangeElements
glEGLImageTargetRenderbufferStorageOES
glEGLImageTargetTexture2DOES
glEnable
glEnableVertexAttribArray
glEndQuery
glEndQueryEXT
glEndTransformFeedback
glFenceSync
glFinish
glFinishFenceNV
glFlush
glFlushMappedBufferRange
glFramebufferRenderbuffer
glFramebufferRenderbufferOES
glFramebufferTexture2D
glFramebufferTexture2DOES
glFramebufferTextureLayer
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenFramebuffersOES
glGenQueries
glGenQueriesEXT
glGenRenderbuffers
glGenRenderbuffersOES
glGenSamplers
glGenTextures
glGenTransformFeedbacks
glGenVertexArrays
glGenVertexArraysOES
glGenerateMipmap
glGenerateMipmapOES
glGetActiveAttrib
glGetActiveUniform
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformsiv
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferPointerv
glGetError
glGetFenceivNV
glGetFloatv
glGetFragDataLocation
glGetFramebufferAttachmentParameteriv
glGetFramebufferAttachmentParameterivOES
glGetGraphicsResetStatusEXT
glGetInteger64i_v
glGetInteger64v
glGetIntegeri_v
glGetIntegerv
glGetInternalformativ
glGetProgramBinary
glGetProgramInfoLog
glGetProgramiv
glGetQueryObjectuiv
glGetQueryObjectuivEXT
glGetQueryiv
glGetQueryivEXT
glGetRenderbufferParameteriv
glGetRenderbufferParameterivOES
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexParameterfv
glGetTexParameteriv
glGetTransformFeedbackVarying
glGetUniformBlockIndex
glGetUniformIndices
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetUniformuiv
glGetVertexAttribIiv
glGetVertexAttribIuiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glInvalidateFramebuffer
glInvalidateSubFramebuffer
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsFramebufferOES
glIsProgram
glIsQuery
glIsQueryEXT
glIsRenderbuffer
glIsRenderbufferOES
glIsSampler
glIsShader
glIsSync
glIsTexture
glIsTransformFeedback
glIsVertexArray
glIsVertexArrayOES
glLineWidth
glLinkProgram
glMapBufferRange
glPauseTransformFeedback
glPixelStorei
glPolygonOffset
glProgramBinary
glProgramParameteri
glReadBuffer
glReadPixels
glReadnPixelsEXT
glReleaseShaderCompiler
glRenderbufferStorage
glRenderbufferStorageMultisample
glRenderbufferStorageMultisampleANGLE
glRenderbufferStorageOES
glResumeTransformFeedback
glSampleCoverage
glSamplerParameterf
glSamplerParameterfv
glSamplerParameteri
glSamplerParameteriv
glScissor
glSetFenceNV
glShaderBinary
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTestFenceNV
glTexImage2D
glTexImage3D
glTexImage3DOES
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexStorage2D
glTexStorage3D
glTexSubImage2D
glTexSubImage3D
glTransformFeedbackVaryings
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform1ui
glUniform1uiv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform2ui
glUniform2uiv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform3ui
glUniform3uiv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniform4ui
glUniform4uiv
glUniformBlockBinding
glUniformMatrix2fv
glUniformMatrix2x3fv
glUniformMatrix2x4fv
glUniformMatrix3fv
glUniformMatrix3x2fv
glUniformMatrix3x4fv
glUniformMatrix4fv
glUniformMatrix4x2fv
glUniformMatrix4x3fv
glUnmapBuffer
glUseProgram
glValidateProgram
glVertexAttrib1f
glVertexAttrib1fv
glVertexAttrib2f
glVertexAttrib2fv
glVertexAttrib3f
glVertexAttrib3fv
glVertexAttrib4f
glVertexAttrib4fv
glVertexAttribDivisor
glVertexAttribI4i
glVertexAttribI4iv
glVertexAttribI4ui
glVertexAttribI4uiv
glVertexAttribIPointer
glVertexAttribPointer
glViewport
glWaitSync
libGLESv2_swiftshader

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Trident_core.dll
.dll windows:5 windows x86 arch:x86

4f59dedf4795de72de80d6fed4d1b583

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:13:c7:b1:bc:1a:a5:97:ba:3a:5f:3b:f9:92:44:73:2d:bf:dc:10:a6:b2:af:53:99:94:f6:9f:27:dc:56:99
Signer

Actual PE Digest

08:13:c7:b1:bc:1a:a5:97:ba:3a:5f:3b:f9:92:44:73:2d:bf:dc:10:a6:b2:af:53:99:94:f6:9f:27:dc:56:99

Digest Algorithm

sha256

PE Digest Matches

true

d9:3f:8b:a1:44:d5:9c:25:b4:3a:3a:d5:62:79:24:ff:0d:a0:73:36
Signer

Actual PE Digest

d9:3f:8b:a1:44:d5:9c:25:b4:3a:3a:d5:62:79:24:ff:0d:a0:73:36

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\2345Explorer\V68_45\src\trident\core\Trident_core\Release\Trident_core.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetACP
EnumSystemLocalesW
IsValidLocale
GetModuleFileNameA
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
InterlockedFlushSList
RtlUnwind
GetCPInfo
LCMapStringW
SwitchToThread
GetStringTypeW
GetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
SearchPathW
GetProfileIntW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetTickCount
GetUserDefaultLCID
GetTempFileNameW
GetFileTime
GetFileAttributesW
VirtualProtect
GlobalGetAtomNameW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
SetErrorMode
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CopyFileW
FormatMessageW
GlobalSize
GlobalFree
GlobalFindAtomW
LoadLibraryA
FreeResource
GetSystemDirectoryW
EncodePointer
GetThreadLocale
FileTimeToSystemTime
GlobalUnlock
GlobalAddAtomW
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
WideCharToMultiByte
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThread
SetLastError
OutputDebugStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
CloseHandle
MulDiv
lstrcmpW
lstrcmpiW
GetModuleHandleW
lstrcpynA
LocalFree
GetProcAddress
FindResourceW
LoadResource
LockResource
OutputDebugStringW
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
SizeofResource
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
HeapFree
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
WriteConsoleW
GetModuleHandleExW

user32

LoadImageW
SetRectEmpty
InsertMenuItemW
DestroyMenu
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
CharUpperW
DestroyIcon
GetSysColorBrush
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RealChildWindowFromPoint
DeleteMenu
CopyImage
GetDesktopWindow
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
MapDialogRect
SetWindowContextHelpId
CharNextW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
UnhookWindowsHookEx
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
UnpackDDElParam
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SystemParametersInfoW
LoadCursorW
PtInRect
ReuseDDElParam
GetMenuItemInfoW
InflateRect
UnregisterClassW
SetForegroundWindow
EnableWindow
ReleaseDC
GetAncestor
IsRectEmpty
OffsetRect
FillRect
ClientToScreen
InvalidateRect
SetWindowRgn
UpdateWindow
DrawIcon
ReleaseCapture
SetCapture
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
GetKeyNameTextW
MapVirtualKeyW
UnionRect
GetSystemMenu
TrackMouseEvent
PostThreadMessageW
WindowFromPoint
LockWindowUpdate
DrawFocusRect
DrawIconEx
OpenClipboard
KillTimer
CharUpperBuffW
GetClientRect
SetParent
GetClassNameW
MoveWindow
AttachThreadInput
FindWindowExA
SetTimer
IsWindow
GetClassInfoW
GetSystemMetrics
SetWindowPos
GetDC
GetWindowRect
GetWindow
PostMessageW
AdjustWindowRectEx
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostQuitMessage
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetParent
GetLastActivePopup
GetFocus
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
FrameRect
CopyIcon
SetCursorPos
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
GetDlgCtrlID

gdi32

GetTextColor
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
GetRgnBox
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
GetStockObject
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
GetMapMode
PatBlt
SetRectRgn
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetBkColor
SetTextColor
SetBkColor
LPtoDP
DPtoLP
CreateEllipticRgn
BitBlt
CreateBitmap
SelectObject
CreateDIBSection
CreateCompatibleDC
GetDeviceCaps
DeleteDC
GetObjectW
SetWindowExtEx
Ellipse
DeleteObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFileInfoW
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
DragFinish

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

OpenThemeData
DrawThemeParentBackground
CloseThemeData
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
IsAppThemed
DrawThemeText
DrawThemeBackground
GetThemePartSize

ole32

OleUninitialize
CoInitializeEx
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
OleDraw
CreateStreamOnHGlobal
CLSIDFromString
CoInitialize
CoCreateGuid
CoUninitialize
CoCreateInstance

oleaut32

SysStringLen
VarBstrCmp
SysAllocString
SafeArrayGetLBound
SafeArrayGetUBound
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetDim
VariantInit
SafeArrayUnaccessData
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
VariantClear
SysAllocStringLen
SafeArrayAccessData
VariantChangeType
SafeArrayGetElemsize
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipFree
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

??0NavigateParam@trident@@QAE@ABU01@@Z
??4BeforeNavigate2Params@trident@@QAEAAU01@ABU01@@Z
??4NavigateParam@trident@@QAEAAU01@ABU01@@Z
??4NewWindowParam@trident@@QAEAAU01@ABU01@@Z
TridentCreateControl
TridentDestroyControl

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Uninstall.exe
.exe windows:5 windows x86 arch:x86

c552a31531df962b2298e689961d15c2

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d0:41:14:b3:4a:7a:29:4f:ea:e1:94:39:ea:82:b5:38:80:c7:ba:7f:96:0d:34:bf:d0:1c:92:4f:08:cb:ad:75
Signer

Actual PE Digest

d0:41:14:b3:4a:7a:29:4f:ea:e1:94:39:ea:82:b5:38:80:c7:ba:7f:96:0d:34:bf:d0:1c:92:4f:08:cb:ad:75

Digest Algorithm

sha256

PE Digest Matches

true

eb:b9:c5:35:69:74:d3:10:3b:26:d3:b9:97:ff:0c:d6:ae:a0:fd:95
Signer

Actual PE Digest

eb:b9:c5:35:69:74:d3:10:3b:26:d3:b9:97:ff:0c:d6:ae:a0:fd:95

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetPrivateProfileStringW
WritePrivateProfileStringW
MoveFileW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetFileSize
GetTickCount
GetModuleFileNameW
GetProcAddress
GetCommandLineW
SetEnvironmentVariableW
WriteFile
GetTempPathW
SetErrorMode
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcess
GetCurrentProcessId
ExitProcess
GetVersion
GetWindowsDirectoryW
LoadLibraryW
CopyFileW
GetDiskFreeSpaceW
CreateThread
GlobalLock
GlobalUnlock
lstrcmpiW
lstrlenW
CreateDirectoryW
GetTempFileNameW
RemoveDirectoryW
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetSystemDirectoryW
GetModuleHandleA
lstrcmpiA
lstrcpyA
lstrcatW
MoveFileExW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
VirtualQuery
RtlUnwind
IsProcessorFeaturePresent
lstrcmpW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalAlloc
LoadLibraryExW
GetModuleHandleW
FreeLibrary
Sleep
GetLastError
CloseHandle
SetFileTime
SetFilePointer
SetFileAttributesW
ReadFile
GetShortPathNameW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CompareFileTime
SearchPathW
SetCurrentDirectoryW
lstrcpynW
ExpandEnvironmentStringsW

user32

ScreenToClient
GetSysColor
GetWindowLongW
SetClassLongW
LoadCursorW
SystemParametersInfoW
wsprintfA
DispatchMessageW
PeekMessageW
SetDlgItemTextW
GetDlgItemTextW
SetCursor
CharPrevW
MessageBoxIndirectW
GetSystemMetrics
IsWindowEnabled
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CheckDlgButton
EndDialog
DialogBoxParamW
GetWindowRect
TrackPopupMenu
AppendMenuW
EnableMenuItem
CreatePopupMenu
CharNextA
GetSystemMenu
IsWindowVisible
SetWindowPos
CreateWindowExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessagePos
CharNextW
ExitWindowsEx
SetWindowTextW
CreateDialogParamW
DestroyWindow
PostMessageW
LoadImageW
FindWindowExW
SetWindowLongW
InvalidateRect
ReleaseDC
GetDC
DefWindowProcW
DrawTextW
BeginPaint
EndPaint
GetClientRect
SetForegroundWindow
EnableWindow
GetDlgItem
ShowWindow
IsWindow
PostQuitMessage
SendMessageTimeoutW
SendMessageW
wsprintfW
FillRect
SetTimer

gdi32

SetBkColor
GetDeviceCaps
SetTextColor
SetBkMode
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
SetFileSecurityW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ord17

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: - Virtual size: 528KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/RCWidgetPlugin.dll
.dll windows:5 windows x86 arch:x86

1555149127b5a5bf9f369ac692b04244

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3c:80:46:cb:49:85:17:a2:07:58:5d:01:1f:2e:c0:2b:b4:4e:0f:73:c7:6f:c0:c8:a5:85:f4:59:5d:c2:7b:01
Signer

Actual PE Digest

3c:80:46:cb:49:85:17:a2:07:58:5d:01:1f:2e:c0:2b:b4:4e:0f:73:c7:6f:c0:c8:a5:85:f4:59:5d:c2:7b:01

Digest Algorithm

sha256

PE Digest Matches

true

ef:87:87:b6:ed:9d:0f:1a:fc:3a:ba:e4:72:28:6c:21:58:ad:bb:87
Signer

Actual PE Digest

ef:87:87:b6:ed:9d:0f:1a:fc:3a:ba:e4:72:28:6c:21:58:ad:bb:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\dllplugin\RCSetup\bin\Release\RCWidgetPlugin.pdb

Imports

kernel32

LocalFree
ExpandEnvironmentStringsW
GetModuleHandleW
GlobalMemoryStatusEx
SetLastError
SetEvent
WaitForSingleObject
WaitForMultipleObjects
GetFileSize
DeleteFileW
Sleep
SetEndOfFile
SetFilePointer
WriteFile
GetTickCount
InterlockedExchangeAdd
InterlockedExchange
GetCurrentProcessId
GetSystemInfo
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcatW
GetFileAttributesW
FindClose
lstrlenW
FindFirstFileW
CloseHandle
CreateFileW
SetErrorMode
ReadFile
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
lstrcpyW
VirtualQuery
OpenThread
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
SuspendThread
Thread32First
Thread32Next
InterlockedCompareExchange
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
SetEnvironmentVariableA
WideCharToMultiByte
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStringTypeW
GetModuleFileNameA
ExitProcess
FreeLibraryAndExitThread
ExitThread
TlsFree
InterlockedFlushSList
RtlUnwind
GetFileType
GetStdHandle
LoadLibraryExA
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
OutputDebugStringW
FlushInstructionCache
HeapDestroy
HeapCreate
OutputDebugStringA
GetModuleHandleExW
VirtualProtect
TlsGetValue
CreateThread
TlsAlloc
DisableThreadLibraryCalls
GetModuleHandleA
TlsSetValue
QueryPerformanceFrequency
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
FreeResource
GlobalUnlock
GlobalLock
LocalAlloc
CreateWaitableTimerW
SetWaitableTimer
MulDiv
InterlockedIncrement
InterlockedDecrement
SizeofResource
lstrcmpW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FormatMessageW
ReleaseMutex
CreateMutexW
DeviceIoControl
GetFileSizeEx
GetWindowsDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetFullPathNameW
CreateDirectoryW
GetFileTime
SetFileTime
GetProcessHeap
HeapAlloc
GetCurrentThreadId
GlobalFree
GlobalAlloc
MultiByteToWideChar
lstrcpynW
GetModuleFileNameW
FreeEnvironmentStringsW
GetPrivateProfileStringW
HeapFree
LoadLibraryExW
ResetEvent
CreateEventW
GetEnvironmentVariableW
InitializeCriticalSection
LeaveCriticalSection
GetLongPathNameW
GetFileAttributesExW
lstrcmpiW
LockResource
LoadResource
FindResourceW
GetVolumeInformationW
GetDiskFreeSpaceW
GetLogicalDriveStringsW
ResumeThread
GetACP
FindNextFileW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
FileTimeToSystemTime
EnterCriticalSection
SwitchToThread

user32

DefWindowProcW
wsprintfW
CallWindowProcW
PostMessageW
DestroyWindow
SetWindowPos
MessageBoxW
CharPrevW
CharNextW
ReleaseCapture
GetActiveWindow
EndDialog
UnregisterClassW
LoadIconW
GetWindowLongW
SetWindowLongW
GetPropW
RemovePropW
GetForegroundWindow
SetPropW
GetAsyncKeyState
GetFocus
LoadStringW
DestroyAcceleratorTable
CreateAcceleratorTableW
EnumThreadWindows
RegisterWindowMessageW
GetAncestor
GetSysColor
GetSystemMetrics
SendMessageW
DrawIconEx
SetForegroundWindow
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
LoadBitmapW
LoadImageW
GetDesktopWindow
SetCaretPos
AttachThreadInput
SystemParametersInfoW
SetRectEmpty
MsgWaitForMultipleObjects
FillRect
UpdateLayeredWindow
SetRect
GetClassLongW
UnionRect
PtInRect
GetKeyboardState
GetCaretBlinkTime
ToAscii
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
RegisterClassExW
GetClassInfoExW
GetWindowThreadProcessId
GetWindowTextLengthW
AdjustWindowRectEx
ShowWindowAsync
GetWindow
GetDC
IsWindowVisible
MonitorFromWindow
SetWindowRgn
ShowWindow
InvalidateRgn
OpenClipboard
SetTimer
GetIconInfo
GetCursorPos
ReleaseDC
IsIconic
GetDCEx
InvalidateRect
GetParent
IsZoomed
GetClientRect
SetCursor
GetWindowDC
LoadCursorW
IntersectRect
IsRectEmpty
ClientToScreen
CopyRect
RedrawWindow
OffsetRect
IsWindow
CreateWindowExW
EnumChildWindows
EqualRect
GetWindowRect
DialogBoxParamW
SetWindowTextW
SetCapture
TrackMouseEvent
ScreenToClient
GetKeyState
GetWindowTextW
EnableWindow
EndPaint
BeginPaint
KillTimer
GetDlgItem
SetParent
GetClassNameW
SetFocus
MoveWindow
ValidateRect
MapWindowPoints
IsChild
GetMonitorInfoW

gdi32

CreateCompatibleBitmap
BitBlt
CreatePolygonRgn
CreateRectRgnIndirect
SetWorldTransform
GetStockObject
SelectObject
GetDeviceCaps
CreateFontIndirectW
CreateSolidBrush
CreateCompatibleDC
SetTextColor
GetClipBox
GetObjectW
SetViewportOrgEx
DeleteDC
EnumFontsW
PtInRegion
CreateRoundRectRgn
CreateDIBSection
GetDIBits
CreateDCW
ExtTextOutW
SetBkColor
GetRgnBox
DeleteObject
SetGraphicsMode

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
DragQueryFileW
DragFinish
SHGetSpecialFolderPathW

ole32

StringFromGUID2
CLSIDFromProgID
OleInitialize
CLSIDFromString
OleLockRunning
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoUninitialize

oleaut32

LoadRegTypeLi
SysFreeString
OleCreateFontIndirect
DispCallFunc
SysStringLen
SysAllocStringLen
VariantClear
VarUI4FromStr
SysAllocString
VariantInit
LoadTypeLi

shlwapi

StrToIntA
PathFindFileNameW
PathFileExistsW
PathAppendW
StrDupW
PathIsRootW
ord12

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipGetImageWidth
GdipBitmapLockBits
GdipFree
GdipCloneBitmapAreaI
GdipGetImagePixelFormat
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImageHeight
GdipSetStringFormatFlags
GdipCloneRegion
GdipGetFamilyName
GdipDeleteMatrix
GdipDrawImageRectRectI
GdipSetStringFormatAlign
GdipCreatePen1
GdipDeletePen
GdipTranslateWorldTransform
GdipGetFontSize
GdipDeleteFont
GdipDeleteStringFormat
GdipDeleteGraphics
ord1
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipDeleteRegion
GdipMeasureString
GdipCloneBrush
GdipRestoreGraphics
GdipRotateWorldTransform
GdipStringFormatGetGenericTypographic
GdipGetCellAscent
GdipSetTextRenderingHint
GdipCloneStringFormat
GdipGetMatrixElements
GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipCreateFromHDC
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipDrawString
GdipDrawPath
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipCreateBitmapFromScan0
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdiplusStartup
GdiplusShutdown
GdipSetCompositingMode
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipCreateHBITMAPFromBitmap
GdipAddPathString
GdipGetTextRenderingHint
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipAddPathBezierI
GdipCombineRegionPath
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathRectangleI
GdipCreateBitmapFromFile
GdipSetPixelOffsetMode
GdipSetTextureTransform
GdipSetLineTransform
GdipGetBrushType
GdipCombineRegionRegion

imm32

ImmNotifyIME
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

winmm

timeGetTime

psapi

GetMappedFileNameW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

advapi32

RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW

Exports

Exports

CheckInstall
CheckSoftwareIsInstall
GetCheckValue
GetInstDir
Init
OnInstall
OnInstallFinish
OnPreInstall
OnUninstall
OnUpdateLater
PopInt
PopString
PushInt
PushString
ReadUserOption
SetDiskNoSpace
SetIEHomepage
SetInstallPCSafe
SetProgress
ShowInstall
ShowInstallFinish
ShowUnInstall

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:6 windows x86 arch:x86

216ff05c01e38b13fee53b7ace6b1894

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:2a:29:61:3d:2e:db:f3:c1:d8:06:ab:50:62:3e:3c:ce:8a:52:6d:8c:a2:53:79:ce:9c:25:cb:c3:dd:a4:98
Signer

Actual PE Digest

e2:2a:29:61:3d:2e:db:f3:c1:d8:06:ab:50:62:3e:3c:ce:8a:52:6d:8c:a2:53:79:ce:9c:25:cb:c3:dd:a4:98

Digest Algorithm

sha256

PE Digest Matches

true

01:ff:77:6e:f8:da:13:72:ac:88:d1:3e:ed:4e:11:10:e9:9f:01:22
Signer

Actual PE Digest

01:ff:77:6e:f8:da:13:72:ac:88:d1:3e:ed:4e:11:10:e9:9f:01:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalSize
GlobalFree
lstrcpynW
lstrcpyW
GetLastError
VirtualAlloc
VirtualFree
VirtualProtect
FreeLibrary
GetModuleHandleW
GetProcAddress
lstrlenW
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/libcurl_x86.dll
.dll windows:6 windows x86 arch:x86

a996403d816908e79c3d6e0ea1cbe2e2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2
Signer

Actual PE Digest

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2

Digest Algorithm

sha256

PE Digest Matches

true

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e
Signer

Actual PE Digest

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\dev\RCFL\vendor\depends\curl\out\bin\Win32\release_static\pdb\libcurl_x86.pdb

Imports

ws2_32

bind
closesocket
connect
getpeername
getsockopt
htons
ntohs
recv
setsockopt
socket
WSASetLastError
WSAIoctl
getaddrinfo
freeaddrinfo
gethostname
accept
WSAGetLastError
listen
ioctlsocket
__WSAFDIsSet
select
send
WSAStartup
WSACleanup
recvfrom
sendto
getsockname
shutdown
htonl
ntohl
gethostbyname
getservbyname

wldap32

ord145
ord219
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

kernel32

FindNextFileA
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
RaiseException
ReadConsoleW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleFileNameW
GetProcessHeap
RtlUnwind
FatalAppExitA
CreateSemaphoreW
GetStartupInfoW
FindFirstFileA
GetFullPathNameA
HeapSize
SetEndOfFile
WriteConsoleW
GetCurrentDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsA
Sleep
GetLastError
SetLastError
FormatMessageA
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
WriteFile
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GlobalMemoryStatus
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CreateEventW
SetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
OutputDebugStringW
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CreateThread
ExitThread
LoadLibraryExW
HeapFree
HeapAlloc
HeapReAlloc
SetFilePointerEx
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
GetCommandLineA
SetConsoleCtrlHandler
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers

user32

ReleaseDC
GetDC
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

gdi32

DeleteObject
GetDeviceCaps
GetDIBits
GetObjectA
CreateCompatibleBitmap

advapi32

RegisterEventSourceA
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
DeregisterEventSource

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/un.FileInfo.dll
.dll windows:5 windows x86 arch:x86

f1c205497d3caf8a03d2452df400819b

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:42:a2:91:c6:d5:0a:a1:cd:c7:d0:5c:dd:84:37:c4:d3:aa:e2:32:16:39:42:c6:34:7d:04:39:e1:af:ea:12
Signer

Actual PE Digest

36:42:a2:91:c6:d5:0a:a1:cd:c7:d0:5c:dd:84:37:c4:d3:aa:e2:32:16:39:42:c6:34:7d:04:39:e1:af:ea:12

Digest Algorithm

sha256

PE Digest Matches

true

8b:f6:cc:cb:da:45:5f:ce:2b:48:75:61:a3:36:ce:1e:47:39:9b:f2
Signer

Actual PE Digest

8b:f6:cc:cb:da:45:5f:ce:2b:48:75:61:a3:36:ce:1e:47:39:9b:f2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dllplugin\InstallerTool\bin\Win32\Release\pdb\un.FileInfo.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

WritePrivateProfileStringW
lstrcpynW
TerminateProcess
GetModuleFileNameW
GetProcessId
WaitForSingleObject
GetFileAttributesW
OpenProcess
SetFileAttributesW
Sleep
CloseHandle
LoadLibraryW
GetProcAddress
MoveFileExW
GlobalMemoryStatusEx
FreeLibrary
GetDriveTypeW
lstrlenW
GetShortPathNameW
lstrcmpiW
GetPrivateProfileStringW
GetTickCount
LockResource
LoadResource
FindResourceW
GetCurrentProcessId
MultiByteToWideChar
GlobalAlloc
GlobalFree
WideCharToMultiByte
lstrcpyW
GetCommandLineW
LocalFree
WriteFile
SetFilePointer
CreateFileW
GetFileSize
RemoveDirectoryW
MoveFileWithProgressW
CopyFileExW
GetVersionExW
GetSystemInfo
GetModuleHandleW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
QueryDosDeviceW
GetCurrentProcess
WaitForMultipleObjects
GetACP
CreateProcessW
GetExitCodeProcess
DeleteFileW
SetFileTime
SetEndOfFile
GetFileTime
GetCurrentThreadId
SuspendThread
GetExitCodeThread
TerminateThread
SwitchToThread
OpenThread
ResumeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetVolumeInformationW
GetDiskFreeSpaceW
GetLogicalDriveStringsW
FindNextFileW
FindClose
HeapFree
HeapAlloc
GetProcessHeap
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetCurrentDirectoryW
GetWindowsDirectoryW
CopyFileW
MoveFileW
FormatMessageW
CreateEventW
SetEvent
ResetEvent
InterlockedExchangeAdd
ExpandEnvironmentStringsW
GetEnvironmentVariableW
LoadLibraryExW
InterlockedExchange
SetLastError
FileTimeToSystemTime
lstrcatW
InterlockedDecrement
GetModuleFileNameA
GetFileSizeEx
ReleaseMutex
CreateMutexW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeviceIoControl
ExitProcess
SetFilePointerEx
ReadFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
FindNextFileA
FindFirstFileExA
HeapSize
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
RtlUnwind
GetConsoleCP
GetFileType
GetStdHandle
ReadConsoleW
IsDebuggerPresent
OutputDebugStringW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
HeapCreate
VirtualProtect
InterlockedCompareExchange
Thread32Next
Thread32First
CreateToolhelp32Snapshot
HeapReAlloc
HeapDestroy
GetThreadContext
FlushInstructionCache
SetThreadContext
VirtualFree
VirtualAlloc
VirtualQuery
GetConsoleMode

user32

FindWindowW
wsprintfW
PostMessageW
RegisterWindowMessageW

advapi32

AdjustTokenPrivileges
GetUserNameW
DuplicateTokenEx

shell32

ord155
ord190
SHGetSpecialFolderPathW
CommandLineToArgvW
SHChangeNotify
ShellExecuteExW
SHGetFolderPathW
ShellExecuteW

ole32

CoUninitialize
PropVariantClear
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoInitialize

oleaut32

VariantChangeType
SysFreeString
VariantInit
VariantClear
SysAllocString

shlwapi

StrStrIW
StrCmpW
SHStrDupW
StrCatW
PathAppendW
PathRemoveFileSpecW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

Exports

Exports

CheckCrcAndGetValue
CheckFiles
CheckInstallTime
CheckParentProcess
CheckSystemConfiguration
CleanAnimateMark
ClearAudioReg
CopyImportantFileWithTransaction
CreateDownloadFolder
CreateLowIntegrityProcess
CreateReleaseFileProcessTmpFile
CreateScheduledTask
Delete2345ExplorerTargetShortCut
DeleteCustom2345ExplorerTargetShortCut
DeleteInstallFile
DeleteScheduledTask
EncodeJifenID
EncodeRecommendPcsafeUnionCustom
EncodeUnion
FindProc
FindProc2345Explorer
FindSubstring
FixSoftware
FixSoftwareAfterRecommendPCSafe
Get2345ExplorerPath
GetCreateDesktopGuideCloudConfig
GetCurrentSystemTime
GetFixSoftwareCloudConfig
GetInstallSafecenterCloudConfig
GetJifenInstallerParams
GetJifenUnionNameInstallerParams
GetParentProcessName
GetRandomPromotionDllPath
GetRecommendPCSafeCloudConfig
GetSDKCloudConfig
GetUnionCustomInstallerParams
GetUnionNameInstallerParams
GetValueWithCrcCode
ImpersonateUser
Init
InitInstallStatusStatistic
InitStatService
InitializeRecommendPCSafe
Install2345MgrDLL
InstallPCSafe
InstallRecommendPCSafeDll
InstallShield
IsWin10OrLater
KillProc
KillProc2345Explorer
KillProcessByPathAndName
KillProcessByPid
MergeMaskString
MyMoveFile
PinToStartMenu
PinToTaskBar
PreProcessShortCut
RevertUser
SendInstallFeatureStat
SendOverwriteFeatureStat
SendStatInfo
SendUninstallFeatureStat
SendUpgradeFeatureStat
SetInstallStep
SetUserOperation
ShieldUnlock
StartCloudConfigRequest
StartInstallServiceProcess
StartPreReleaseFileProcess
StopShield
TerminateCloudConfigRequest
UnInstallSafeCenter
UninitInstallStatusStatistic
UninitStatService
UninitializeRecommendPCSafe
Uninstall2345MgrDLL
UninstallShield
UnpinFromStartMenu
UnpinFromTaskBar
WaitForReleaseFileProcess
WriteInstallData
WriteLog

Sections

.text
Size: 882KB - Virtual size: 881KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Upgrade_2345Explorer.dll
.dll windows:5 windows x86 arch:x86

36bda4bde4f003982b0a87ed19b62785

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4f:20:64:8a:ba:fa:ee:f7:01:65:12:b6:c4:d9:c8:40:8c:7e:75:2f:4d:7c:7c:fb:a1:26:3d:b6:ef:af:83:ab
Signer

Actual PE Digest

4f:20:64:8a:ba:fa:ee:f7:01:65:12:b6:c4:d9:c8:40:8c:7e:75:2f:4d:7c:7c:fb:a1:26:3d:b6:ef:af:83:ab

Digest Algorithm

sha256

PE Digest Matches

true

0e:8b:70:b5:1b:02:ec:e9:2c:d7:94:94:b7:73:16:73:e0:45:c8:a5
Signer

Actual PE Digest

0e:8b:70:b5:1b:02:ec:e9:2c:d7:94:94:b7:73:16:73:e0:45:c8:a5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dllplugin\Upgrade2345Explorer\bin\Win32\Release\pdb\Upgrade_2345Explorer_Dll.pdb

Imports

kernel32

GetProcAddress
GetModuleHandleW
FindFirstFileW
GetLongPathNameW
CreateFileW
GetFileAttributesExW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
WaitForMultipleObjects
WaitForSingleObject
LocalFree
GetCurrentProcessId
CreateProcessW
lstrlenW
GetVersionExW
lstrcmpiW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
GetFileSizeEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
GetTickCount
LoadLibraryW
FreeLibrary
FindNextFileW
FindClose
SetFileTime
GetFileSize
ExpandEnvironmentStringsW
CreateDirectoryW
GetFullPathNameW
GetTempPathW
SetFileAttributesW
GetCurrentDirectoryW
MoveFileExW
MoveFileW
HeapFree
GetCurrentThreadId
HeapAlloc
GetProcessHeap
LockResource
GetSystemInfo
LoadResource
FindResourceW
GetLogicalDriveStringsW
FormatMessageW
CreateMutexW
ReleaseMutex
CreateEventW
SetEvent
ResetEvent
InterlockedExchangeAdd
InterlockedExchange
SetLastError
GlobalMemoryStatusEx
GetPrivateProfileStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
ExitThread
DeleteCriticalSection
DecodePointer
RaiseException
GetCommandLineW
CloseHandle
GetLastError
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetFileAttributesW
GetFileTime
DeviceIoControl
ResumeThread
GetEnvironmentVariableW
CreateThread
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
IsDebuggerPresent
OutputDebugStringW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
GetFileType
GetTimeZoneInformation
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapSize
HeapReAlloc
FindFirstFileExA
FindNextFileA
FreeLibraryAndExitThread

advapi32

GetUserNameW
AdjustTokenPrivileges
DuplicateTokenEx
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW

netapi32

NetLocalGroupGetMembers

Exports

Exports

StartUpgrade

Sections

.text
Size: 770KB - Virtual size: 769KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/Upgrade_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

50e06c5f7bd82f15774d6ae304483914

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:91:e4:b1:fe:19:4d:9b:fc:10:6b:cd:be:6d:a6:d5:a0:11:cc:31:15:bc:82:90:25:cd:60:78:6a:8d:19:9d
Signer

Actual PE Digest

ba:91:e4:b1:fe:19:4d:9b:fc:10:6b:cd:be:6d:a6:d5:a0:11:cc:31:15:bc:82:90:25:cd:60:78:6a:8d:19:9d

Digest Algorithm

sha256

PE Digest Matches

true

b1:a8:21:61:1c:9d:18:8f:5b:2b:31:6f:d4:ea:1c:be:23:fc:6b:f6
Signer

Actual PE Digest

b1:a8:21:61:1c:9d:18:8f:5b:2b:31:6f:d4:ea:1c:be:23:fc:6b:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\Upgrade2345Explorer\bin\Win32\Release\pdb\Upgrade_2345Explorer_Exe.pdb

Imports

kernel32

GetModuleHandleW
CreateFileW
GetLastError
GetFileAttributesExW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
lstrlenW
GetVersionExW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
GetFileSizeEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FindNextFileW
FindClose
GetFileSize
CreateDirectoryW
GetFileAttributesW
HeapFree
GetCurrentThreadId
OpenProcess
HeapAlloc
LocalFree
GetProcessHeap
GetCurrentProcessId
GetCurrentProcess
FormatMessageW
GetPrivateProfileStringW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetFullPathNameW
WriteConsoleW
DecodePointer
FlushFileBuffers
SetFilePointerEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
GetStringTypeW
GetFileType
LCMapStringW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/WidevineCdm/LICENSE
$_56_/WidevineCdm/_platform_specific/win_x86/widevinecdm.dll
.dll windows:5 windows x86 arch:x86

fd6a744b08454b218d3c9d3b4aaae08e

Code Sign

0c:15:be:4a:15:bb:09:03:c9:01:b1:d6:c2:65:30:2f
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/11/2018, 00:00

Not After

17/11/2021, 12:00

Subject

CN=Google LLC,O=Google LLC,L=Mountain View,ST=ca,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

09:c0:fc:46:c8:04:42:13:b5:59:8b:af:28:4f:4e:41
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

04/01/2017, 00:00

Not After

18/01/2028, 00:00

Subject

CN=DigiCert SHA2 Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6e:9a:54:c9:16:f0:d7:ef:2b:fd:bd:5c:9d:db:47:e6:d8:ee:cb:04:e4:26:6c:f1:07:e1:d0:74:07:4b:96:a5
Signer

Actual PE Digest

6e:9a:54:c9:16:f0:d7:ef:2b:fd:bd:5c:9d:db:47:e6:d8:ee:cb:04:e4:26:6c:f1:07:e1:d0:74:07:4b:96:a5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\b\s\w\ir\cache\builder\src\out\Release\widevinecdm.dll.pdb

Imports

advapi32

SystemFunction036
RegCloseKey
RegOpenKeyExW
RegQueryValueExW

dbghelp

SymGetSearchPathW
SymInitialize
SymSetSearchPathW
SymSetOptions
SymFromAddr
SymGetLineFromAddr64

psapi

GetMappedFileNameW

user32

EnumDisplayMonitors
GetMonitorInfoW

winmm

timeGetTime

kernel32

GetFinalPathNameByHandleW
LoadLibraryA
VirtualQueryEx
RemoveVectoredExceptionHandler
AddVectoredExceptionHandler
OutputDebugStringW
WriteConsoleW
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
ReadConsoleW
GetStdHandle
GetACP
GetModuleFileNameA
FreeLibraryAndExitThread
GetFileType
SetStdHandle
GetModuleHandleExW
ExitProcess
GetConsoleMode
GetConsoleCP
InterlockedFlushSList
LoadLibraryExW
FreeLibrary
RtlUnwind
InitializeSListHead
GetStartupInfoW
UnhandledExceptionFilter
GetLastError
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
InitOnceExecuteOnce
TlsAlloc
TlsGetValue
TlsSetValue
HeapCreate
HeapDestroy
GetCurrentDirectoryW
CreateFileW
WriteFile
OutputDebugStringA
CloseHandle
SetLastError
GetCurrentProcessId
GetLocalTime
GetTickCount
GetModuleFileNameW
FormatMessageA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
DuplicateHandle
GetCurrentProcess
GetVersionExW
GetNativeSystemInfo
GetModuleHandleW
GetProcAddress
IsDebuggerPresent
RaiseException
WaitForSingleObject
Sleep
CreateThread
GetCurrentThread
GetCurrentThreadId
SetThreadPriority
GetThreadId
GetCommandLineW
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
CreateEventW
TryAcquireSRWLockExclusive
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
TerminateProcess
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemTimeAsFileTime
TlsFree
FlushFileBuffers
GetFileSizeEx
ReadFile
SetFilePointerEx
GetLogicalDriveStringsW
QueryDosDeviceW
FindClose
SetEvent
ResetEvent
InitializeConditionVariable
WakeConditionVariable
ReleaseSemaphore
WaitForSingleObjectEx
CreateSemaphoreW
InitializeCriticalSectionEx
DeleteCriticalSection
SleepConditionVariableCS
TryEnterCriticalSection
InitializeCriticalSection
ExitThread
TerminateThread
GetExitCodeThread
WideCharToMultiByte
MultiByteToWideChar
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
IsProcessorFeaturePresent

ole32

CoTaskMemFree

Exports

Exports

CPUCaps
CPUDetect
CreateCdmInstance
DeinitializeCdmModule
GetCdmVersion
GetHandleVerifier
InitializeCdmModule_4
VerifyCdmHost_0
avc_discontinuity
avc_done
avc_extra
avc_format
avc_frame
avc_frameallocator
avc_getcomplexity
avc_init
avc_reset

Sections

.text
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 957KB - Virtual size: 957KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$_56_/WidevineCdm/_platform_specific/win_x86/widevinecdm.dll.sig
$_56_/WidevineCdm/manifest.json
$_56_/capture.dll
.dll windows:5 windows x86 arch:x86

a8feb5dbfc27c550c84f2199a565c102

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:44:7f:ff:49:5b:b2:e1:c7:38:d7:db:cf:c2:3a:dc:d3:e7:29:92:77:10:f5:34:1e:aa:10:ff:d5:cd:40:f6
Signer

Actual PE Digest

d3:44:7f:ff:49:5b:b2:e1:c7:38:d7:db:cf:c2:3a:dc:d3:e7:29:92:77:10:f5:34:1e:aa:10:ff:d5:cd:40:f6

Digest Algorithm

sha256

PE Digest Matches

true

18:57:59:67:4f:06:ac:26:a4:83:6c:dc:ad:06:53:0d:48:bd:be:0e
Signer

Actual PE Digest

18:57:59:67:4f:06:ac:26:a4:83:6c:dc:ad:06:53:0d:48:bd:be:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dllplugin\Capture\trunk\Bin\Release\Capture.pdb

Imports

kernel32

FlushFileBuffers
WriteConsoleW
SetStdHandle
LCMapStringW
GetStringTypeW
LoadLibraryExW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetCPInfo
DecodePointer
GetACP
IsValidCodePage
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
RtlUnwind
GetCommandLineA
EncodePointer
OutputDebugStringW
IsDebuggerPresent
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetTickCount
lstrcpynW
GetVersionExW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
FlushInstructionCache
GetCurrentProcess
CreateDirectoryW
GetProcessHeap
HeapAlloc
HeapFree
CreateMutexW
HeapReAlloc
HeapSize
HeapDestroy
GetLocalTime
CloseHandle
GetLastError
GetOEMCP
CreateFileW

user32

EndDialog
IsWindow
GetActiveWindow
LoadStringW
UnregisterClassW
DialogBoxParamW
SetWindowLongW
IsRectEmpty
PtInRect
SetRect
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
EnumDisplaySettingsW
GetSystemMetrics
EnumDisplayDevicesW
GetWindowRect
SetWindowPos
GetParent
GetWindowLongW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetRectEmpty
LoadImageW
LoadCursorW
FillRect
SetCursor
SystemParametersInfoW
InvalidateRgn
PostMessageW
EndPaint
BeginPaint
SetForegroundWindow
ShowWindow
CreateWindowExW
GetKeyState
UnionRect
DrawTextW
IntersectRect
EqualRect
CopyRect
CallWindowProcW
DefWindowProcW
SetWindowTextW
DrawTextExW
GetWindowTextW
GetWindowTextLengthW
RedrawWindow
GetDlgItem
SetFocus
GetFocus
MoveWindow
EnableWindow
SendMessageW
ReleaseDC
GetDC
EnumChildWindows
ChildWindowFromPointEx
ScreenToClient
GetWindow
IsWindowVisible
GetTopWindow

gdi32

CombineRgn
SelectClipRgn
CreateRectRgn
CreateFontW
GetPixel
SetBkMode
SetTextColor
GetTextMetricsW
CreateFontIndirectW
CreateSolidBrush
GetObjectW
EnumFontsW
GetStockObject
LineTo
MoveToEx
CreatePen
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
Rectangle
StretchBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW

shlwapi

PathFileExistsW
StrCmpW

msimg32

AlphaBlend

gdiplus

GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFillPolygonI
GdipDrawCurveI
GdipDrawEllipseI
GdipDrawRectangleI
GdipDrawLineI
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetPenDashStyle
GdipSetPenMode
GdipSetPenEndCap
GdipSetPenStartCap
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage

Exports

Exports

ScreenshotRun

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/chrome.dll
.dll windows:5 windows x86 arch:x86

d6307573bc51472e529f23447db19212

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:c3:0c:dd:5d:0c:18:f7:c1:64:5d:c0:1a:cd:15:be:a4:4f:bb:c1:46:de:47:81:43:ae:b6:31:06:76:ce:17
Signer

Actual PE Digest

45:c3:0c:dd:5d:0c:18:f7:c1:64:5d:c0:1a:cd:15:be:a4:4f:bb:c1:46:de:47:81:43:ae:b6:31:06:76:ce:17

Digest Algorithm

sha256

PE Digest Matches

true

d4:c5:81:94:e7:f6:b3:1a:de:2b:36:f8:7e:4f:4a:f2:36:47:dd:53
Signer

Actual PE Digest

d4:c5:81:94:e7:f6:b3:1a:de:2b:36:f8:7e:4f:4a:f2:36:47:dd:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome.dll.pdb

Imports

kernel32

AddVectoredExceptionHandler
AllocConsole
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
CancelIo
ChangeTimerQueueTimer
ClearCommBreak
ClearCommError
CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DecodePointer
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeleteTimerQueueTimer
DeviceIoControl
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
EscapeCommFunction
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileExW
FindFirstFileW
FindFirstVolumeW
FindNextFileW
FindNextVolumeW
FindResourceW
FindVolumeClose
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommModemStatus
GetCommState
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetComputerNameW
GetConsoleCP
GetConsoleDisplayMode
GetConsoleMode
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetGeoInfoW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeInfo
GetNativeSystemInfo
GetNumaHighestNodeNumber
GetNumberFormatW
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntW
GetPrivateProfileSectionW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVersion
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
GetVolumePathNamesForVolumeNameW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalSize
GlobalUnlock
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapReAlloc
HeapSetInformation
HeapSize
HeapUnlock
HeapValidate
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedExchange
InterlockedExchangeAdd
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsBadReadPtr
IsBadStringPtrW
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockFile
LockFileEx
LockResource
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenMutexW
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
ProcessIdToSessionId
PurgeComm
QueryDepthSList
QueryDosDeviceW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ReplaceFileW
ResetEvent
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetCommBreak
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCtrlHandler
SetConsoleTextAttribute
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetFileValidData
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetThreadAffinityMask
SetThreadExecutionState
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitCommEvent
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WideCharToMultiByte
WinExec
WriteConsoleW
WriteFile
WriteFileEx
WritePrivateProfileStringA
WritePrivateProfileStringW
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW

user32

ActivateKeyboardLayout
AdjustWindowRectEx
AllowSetForegroundWindow
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CharNextW
ClientToScreen
ClipCursor
CloseClipboard
CloseDesktop
CreateCaret
CreateIconIndirect
CreatePopupMenu
CreateWindowExW
DefRawInputProc
DefWindowProcW
DeferWindowPos
DestroyCaret
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumThreadWindows
EnumWindows
EqualRect
ExitWindowsEx
FillRect
FindWindowExW
FindWindowW
FlashWindowEx
FrameRect
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetCapture
GetCaretBlinkTime
GetClassInfoExW
GetClassLongW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardSequenceNumber
GetCursorInfo
GetCursorPos
GetDC
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetGuiResources
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetLastActivePopup
GetLastInputInfo
GetLayeredWindowAttributes
GetMenuInfo
GetMenuItemCount
GetMenuItemInfoW
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMonitorInfoW
GetParent
GetPropW
GetQueueStatus
GetRawInputData
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationW
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuItemW
IntersectRect
InvalidateRect
InvertRect
IsChild
IsClipboardFormatAvailable
IsHungAppWindow
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorW
LoadIconW
LoadImageW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OffsetRect
OpenClipboard
OpenInputDesktop
PeekMessageW
PostMessageW
PostThreadMessageW
PrintWindow
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassExW
RegisterClipboardFormatW
RegisterDeviceNotificationW
RegisterHotKey
RegisterRawInputDevices
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendInput
SendMessageCallbackW
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetLayeredWindowAttributes
SetMenuDefaultItem
SetMenuInfo
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetRectEmpty
SetThreadDesktop
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCursor
ShowWindow
SystemParametersInfoW
ToUnicodeEx
TrackMouseEvent
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UnregisterDeviceNotification
UnregisterHotKey
UpdateLayeredWindow
WindowFromPoint
wsprintfW

gdi32

AddFontMemResourceEx
BitBlt
CancelDC
CloseEnhMetaFile
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateFontW
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
EndDoc
EndPage
EnumEnhMetaFile
EnumFontFamiliesExW
EqualRgn
ExtEscape
ExtTextOutW
GdiAlphaBlend
GdiFlush
GetCharABCWidthsW
GetCurrentObject
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetFontData
GetFontUnicodeRanges
GetGlyphIndicesW
GetGlyphOutlineW
GetICMProfileW
GetObjectW
GetOutlineTextMetricsW
GetRgnBox
GetStockObject
GetTextExtentPoint32W
GetTextExtentPointI
GetTextFaceW
GetTextMetricsW
GetWorldTransform
ModifyWorldTransform
PlayEnhMetaFile
PlayEnhMetaFileRecord
PtInRegion
RemoveFontMemResourceEx
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetDCBrushColor
SetDCPenColor
SetDIBits
SetDIBitsToDevice
SetEnhMetaFileBits
SetGraphicsMode
SetMapMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetWorldTransform
StartDocW
StartPage
StretchBlt
StretchDIBits

ole32

CLSIDFromProgID
CLSIDFromString
CoAllowSetForegroundWindow
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoRegisterClassObject
CoRevokeClassObject
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoUnmarshalInterface
CreateStreamOnHGlobal
DoDragDrop
GetHGlobalFromStream
IIDFromString
OleDuplicateData
OleInitialize
OleUninitialize
PropVariantClear
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromGUID2

winmm

midiInAddBuffer
midiInClose
midiInGetDevCapsW
midiInGetNumDevs
midiInOpen
midiInPrepareHeader
midiInReset
midiInStart
midiInUnprepareHeader
midiOutClose
midiOutGetDevCapsW
midiOutGetNumDevs
midiOutLongMsg
midiOutOpen
midiOutPrepareHeader
midiOutReset
midiOutShortMsg
midiOutUnprepareHeader
midiStreamClose
timeBeginPeriod
timeEndPeriod
timeGetTime
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInMessage
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetNumDevs
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutUnprepareHeader
waveOutWrite

oleaut32

GetErrorInfo
LoadRegTypeLi
LoadTypeLi
SafeArrayAccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocString
SysFreeString
SysStringLen
VarUI4FromStr
VariantClear
VariantInit
VariantTimeToSystemTime

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
AllocateLocallyUniqueId
CheckTokenMembership
CloseServiceHandle
CloseTrace
ControlTraceW
ConvertSidToStringSidA
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateProcessAsUserW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext
CryptSetHashParam
CryptSignHashW
DeregisterEventSource
EqualSid
FreeSid
GetTokenInformation
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
GetUserNameW
ImpersonateAnonymousToken
InitializeAcl
InitializeSecurityDescriptor
LogonUserW
LookupAccountNameW
LookupPrivilegeValueW
LsaNtStatusToWinError
OpenProcessToken
OpenSCManagerW
OpenServiceW
OpenTraceW
ProcessTrace
QueryServiceConfigW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegNotifyChangeKeyValue
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegisterEventSourceA
RegisterTraceGuidsW
ReportEventA
RevertToSelf
SetSecurityDescriptorDacl
StartTraceW
SystemFunction036
TraceEvent
UnregisterTraceGuids

msdmo

MoFreeMediaType
MoInitMediaType

secur32

AcquireCredentialsHandleW
DeleteSecurityContext
FreeContextBuffer
FreeCredentialsHandle
GetUserNameExW
InitializeSecurityContextW
LsaConnectUntrusted
LsaDeregisterLogonProcess
LsaFreeReturnBuffer
LsaLogonUser
QuerySecurityPackageInfoW

netapi32

NetApiBufferFree
NetLocalGroupGetMembers
NetUserGetInfo

oleacc

AccessibleChildren
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject
WindowFromAccessibleObject

comctl32

InitCommonControlsEx

hid

HidD_FreePreparsedData
HidD_GetAttributes
HidD_GetPreparsedData
HidD_GetProductString
HidD_GetSerialNumberString
HidP_GetButtonCaps
HidP_GetCaps
HidP_GetValueCaps

chrome_elf

CrashForException_ExportThunk
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
GetCrashReports_ExportThunk
GetInstallDetailsPayload
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsBlacklistInitialized
RequestSingleCrashUpload_ExportThunk
SetMetricsClientId
SetUploadConsent_ExportThunk
SuccessfullyBlocked

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

AssocQueryStringW
ord437
PathAppendW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsDirectoryW
PathMatchSpecW
PathRemoveExtensionW
PathRemoveFileSpecW
StrStrIW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

dbghelp

StackWalk64
SymFromAddr
SymFunctionTableAccess64
SymGetLineFromAddr64
SymGetModuleBase64
SymGetSearchPath
SymInitialize
SymSetOptions
SymSetSearchPath

usp10

ScriptFreeCache
ScriptItemize
ScriptShape
ScriptStringAnalyse
ScriptStringFree
ScriptStringOut

wintrust

CryptCATAdminAcquireContext
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext

sensapi

IsNetworkAlive

credui

CredUIPromptForCredentialsW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

rpcrt4

NdrClientCall2
RpcBindingFree
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcStringFreeW

gdiplus

GdipAlloc
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipFree
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipSaveImageToStream
GdiplusStartup

Exports

Exports

??0DownloadState@trident@@QAE@XZ
??0ScrollAnimationSwitch@@AAE@XZ
??0TridentDownloadParam@trident@@QAE@ABU01@@Z
??0TridentDownloadParam@trident@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@UUrlMatchPair@list_matcher@@V?$allocator@UUrlMatchPair@list_matcher@@@std@@@3@@Z
??0TridentDownloadParam@trident@@QAE@XZ
??0TridentPasswordForm@autofill@trident@@QAE@ABU012@@Z
??0TridentPasswordForm@autofill@trident@@QAE@XZ
??0TridentSpecialPasswordForm@autofill@trident@@QAE@ABU012@@Z
??0TridentSpecialPasswordForm@autofill@trident@@QAE@XZ
??1DownloadState@trident@@QAE@XZ
??1ScrollAnimationSwitch@@AAE@XZ
??1TridentDownloadParam@trident@@QAE@XZ
??1TridentPasswordForm@autofill@trident@@QAE@XZ
??1TridentSpecialPasswordForm@autofill@trident@@QAE@XZ
??4DownloadState@trident@@QAEAAU01@ABU01@@Z
??4ScrollAnimationSwitch@@QAEAAV0@ABV0@@Z
??4TridentDownloadParam@trident@@QAEAAU01@ABU01@@Z
??4TridentPasswordForm@autofill@trident@@QAEAAU012@ABU012@@Z
??4TridentSpecialPasswordForm@autofill@trident@@QAEAAU012@ABU012@@Z
??8TridentPasswordForm@autofill@trident@@QBE_NABU012@@Z
?IsScrollAnimationEnabled@ScrollAnimationSwitch@@SA_NXZ
?SetScrollAnimationSwitch@ScrollAnimationSwitch@@SAX_N@Z
?enabled_@ScrollAnimationSwitch@@0_NA
ChromeMain
GetHandleVerifier
IsSandboxedProcess
RelaunchChromeBrowserWithNewCommandLineIfNeeded
SetSingleMutexDelegate

Sections

.text
Size: 40.5MB - Virtual size: 40.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prot
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/chrome_100_percent.pak
$_56_/chrome_200_percent.pak
$_56_/chrome_child.dll
.dll windows:5 windows x86 arch:x86

a8199befcef87452b8266a084c628dab

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:55:28:e4:7b:3f:17:49:28:8d:3c:0d:62:54:61:de:15:b2:76:fb:a5:0e:c9:f4:7b:ab:3c:1d:d3:60:f0:38
Signer

Actual PE Digest

15:55:28:e4:7b:3f:17:49:28:8d:3c:0d:62:54:61:de:15:b2:76:fb:a5:0e:c9:f4:7b:ab:3c:1d:d3:60:f0:38

Digest Algorithm

sha256

PE Digest Matches

true

c3:f7:dc:46:04:78:fe:b8:7b:8c:6e:82:58:a1:99:dd:fa:9e:0a:b9
Signer

Actual PE Digest

c3:f7:dc:46:04:78:fe:b8:7b:8c:6e:82:58:a1:99:dd:fa:9e:0a:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome_child.dll.pdb

Imports

kernel32

AllocConsole
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
CancelIo
ChangeTimerQueueTimer
CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DecodePointer
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeleteTimerQueueTimer
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeW
FindNextFileA
FindNextFileW
FindNextVolumeW
FindResourceW
FindVolumeClose
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetGeoInfoW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeInfo
GetNativeSystemInfo
GetNumaHighestNodeNumber
GetNumberFormatW
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVersion
GetVersionExW
GetVolumeInformationW
GetVolumePathNameW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalSize
GlobalUnlock
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapQueryInformation
HeapReAlloc
HeapSetInformation
HeapSize
HeapUnlock
HeapValidate
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedExchange
InterlockedExchangeAdd
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsBadReadPtr
IsBadStringPtrW
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockFile
LockFileEx
LockResource
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenMutexW
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
QueryDepthSList
QueryDosDeviceW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResetEvent
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetFileValidData
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteFileEx
WritePrivateProfileStringW
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrlenA
lstrlenW

user32

ActivateKeyboardLayout
AllowSetForegroundWindow
AppendMenuW
AttachThreadInput
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcW
CharNextW
ChildWindowFromPoint
ClientToScreen
ClipCursor
CloseClipboard
CreateCaret
CreateIconIndirect
CreatePopupMenu
CreateWindowExW
DefRawInputProc
DefWindowProcA
DefWindowProcW
DeferWindowPos
DestroyCaret
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
EmptyClipboard
EnableWindow
EndDeferWindowPos
EndPaint
EnumChildWindows
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
EnumThreadWindows
FillRect
FindWindowExW
FindWindowW
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardSequenceNumber
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetGuiResources
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetMenuItemCount
GetMenuItemInfoW
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetParent
GetPropW
GetQueueStatus
GetRawInputData
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
InvalidateRect
IsChild
IsClipboardFormatAvailable
IsGUIThread
IsHungAppWindow
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorW
LoadIconW
LoadStringW
MapWindowPoints
MessageBoxA
MessageBoxW
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PrintWindow
RealGetWindowClassW
RedrawWindow
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterRawInputDevices
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendInput
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetLayeredWindowAttributes
SetParent
SetPropW
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowsHookExW
ShowWindow
SystemParametersInfoW
ToUnicodeEx
TrackMouseEvent
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
WindowFromPoint

winmm

midiStreamClose
timeBeginPeriod
timeEndPeriod
timeGetTime
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInMessage
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetNumDevs
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutUnprepareHeader
waveOutWrite

ole32

CLSIDFromProgID
CLSIDFromString
CoAllowSetForegroundWindow
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
CoGetClassObject
CoInitializeEx
CoInitializeSecurity
CoLoadLibrary
CoMarshalInterThreadInterfaceInStream
CoMarshalInterface
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateStreamOnHGlobal
GetHGlobalFromStream
OleDuplicateData
OleInitialize
OleUninitialize
PropVariantClear
ReleaseStgMedium
StringFromGUID2

msdmo

MoFreeMediaType
MoInitMediaType

ws2_32

WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAGetOverlappedResult
WSAIoctl
WSALookupServiceBeginW
WSALookupServiceEnd
WSALookupServiceNextW
WSARecvFrom
WSAResetEvent
WSASend
WSASendTo
WSASetEvent
WSASetServiceW
WSASocketW
WSAStartup
WSAWaitForMultipleEvents
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getpeername
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
send
sendto
setsockopt
shutdown
socket

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateProcessAsUserW
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
FreeSid
GetTokenInformation
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
GetUserNameW
ImpersonateAnonymousToken
InitializeAcl
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegNotifyChangeKeyValue
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegisterEventSourceA
RegisterTraceGuidsW
ReportEventA
RevertToSelf
SetSecurityDescriptorDacl
SystemFunction036
TraceEvent
UnregisterTraceGuids

oleaut32

LoadRegTypeLi
LoadTypeLi
LoadTypeLibEx
SysAllocString
SysFreeString
SysStringLen
VarCmp
VarUI4FromStr
VariantClear
VariantInit

gdi32

AddFontMemResourceEx
BeginPath
BitBlt
CancelDC
ChoosePixelFormat
CloseEnhMetaFile
CloseFigure
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateEnhMetaFileW
CreateFontA
CreateFontIndirectA
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
EndDoc
EndPath
EnumEnhMetaFile
EnumFontFamiliesExA
EnumFontFamiliesExW
ExtCreatePen
ExtEscape
ExtTextOutW
FillPath
GdiAlphaBlend
GdiComment
GdiFlush
GetCharABCWidthsW
GetCharWidthW
GetClipBox
GetClipRgn
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetFontData
GetFontUnicodeRanges
GetGlyphIndicesW
GetGlyphOutlineW
GetICMProfileW
GetObjectType
GetObjectW
GetOutlineTextMetricsW
GetRegionData
GetStockObject
GetTextExtentPointI
GetTextFaceA
GetTextFaceW
GetTextMetricsW
GetWorldTransform
IntersectClipRect
LineTo
ModifyWorldTransform
MoveToEx
PlayEnhMetaFile
PlayEnhMetaFileRecord
PolyBezierTo
RemoveFontMemResourceEx
RestoreDC
SaveDC
SelectClipPath
SelectClipRgn
SelectObject
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetDCBrushColor
SetDCPenColor
SetDIBits
SetDIBitsToDevice
SetEnhMetaFileBits
SetGraphicsMode
SetMiterLimit
SetPixelFormat
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetWorldTransform
StartDocW
StretchDIBits
StrokeAndFillPath
StrokePath
SwapBuffers
WidenPath

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

netapi32

NetApiBufferFree
NetLocalGroupGetMembers

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PrintDlgExW

chrome_elf

DumpProcessWithoutCrash
GetInstallDetailsPayload
GetUserDataDirectoryThunk
SetMetricsClientId

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathAppendW
PathFindExtensionW
PathFindFileNameW
PathMatchSpecW
PathRemoveExtensionW
PathRemoveFileSpecW
ord158
StrCmpNIW
StrCmpNW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

iphlpapi

CancelIPChangeNotify
GetAdaptersAddresses
GetInterfaceInfo
IpReleaseAddress
IpRenewAddress
NotifyAddrChange

crypt32

CertAddEncodedCertificateToStore
CertCloseStore
CertCompareCertificateName
CertCreateCertificateChainEngine
CertDuplicateCertificateContext
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetCertificateContextProperty
CertGetIssuerCertificateFromStore
CertOpenStore
CertSetCertificateContextProperty
CertVerifyCertificateChainPolicy
CryptDecodeObjectEx
CryptInstallOIDFunctionAddress
CryptProtectData
CryptUnprotectData
CryptVerifyCertificateSignatureEx

winspool.drv

ClosePrinter
DeviceCapabilitiesW
DocumentPropertiesW
EnumPrintersW
ord203
GetPrinterDriverW
GetPrinterW
OpenPrinterW

dbghelp

StackWalk64
SymFromAddr
SymFunctionTableAccess64
SymGetLineFromAddr64
SymGetModuleBase64
SymGetSearchPath
SymInitialize
SymSetOptions
SymSetSearchPath

winhttp

WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen
WinHttpSetTimeouts

usp10

ScriptFreeCache
ScriptItemize
ScriptShape

imm32

ImmAssociateContextEx
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmGetContext
ImmGetConversionStatus
ImmGetDescriptionW
ImmGetVirtualKey
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmSetOpenStatus

urlmon

CoInternetCreateSecurityManager
CoInternetCreateZoneManager
CreateURLMonikerEx
RegisterBindStatusCallback
RevokeBindStatusCallback

secur32

AcquireCredentialsHandleA
AcquireCredentialsHandleW
CompleteAuthToken
DeleteSecurityContext
FreeContextBuffer
FreeCredentialsHandle
InitializeSecurityContextA
InitializeSecurityContextW
QuerySecurityPackageInfoW

imagehlp

ImageEnumerateCertificates
ImageRemoveCertificate

dhcpcsvc

DhcpCApiInitialize
DhcpRequestParams

Exports

Exports

??0BeforeNavigate2Params@trident@@QAE@ABU01@@Z
??0BeforeNavigate2Params@trident@@QAE@XZ
??0DownloadState@trident@@QAE@XZ
??0NavigateParam@trident@@QAE@ABU01@@Z
??0NavigateParam@trident@@QAE@XZ
??0NewWindowParam@trident@@QAE@ABU01@@Z
??0NewWindowParam@trident@@QAE@XZ
??0ScrollAnimationSwitch@@AAE@XZ
??0TridentDownloadParam@trident@@QAE@ABU01@@Z
??0TridentDownloadParam@trident@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@UUrlMatchPair@list_matcher@@V?$allocator@UUrlMatchPair@list_matcher@@@std@@@3@@Z
??0TridentDownloadParam@trident@@QAE@XZ
??0TridentPasswordForm@autofill@trident@@QAE@ABU012@@Z
??0TridentPasswordForm@autofill@trident@@QAE@XZ
??0TridentSpecialPasswordForm@autofill@trident@@QAE@ABU012@@Z
??0TridentSpecialPasswordForm@autofill@trident@@QAE@XZ
??1BeforeNavigate2Params@trident@@QAE@XZ
??1DownloadState@trident@@QAE@XZ
??1NavigateParam@trident@@QAE@XZ
??1NewWindowParam@trident@@QAE@XZ
??1ScrollAnimationSwitch@@AAE@XZ
??1TridentDownloadParam@trident@@QAE@XZ
??1TridentPasswordForm@autofill@trident@@QAE@XZ
??1TridentSpecialPasswordForm@autofill@trident@@QAE@XZ
??4BeforeNavigate2Params@trident@@QAEAAU01@ABU01@@Z
??4DownloadState@trident@@QAEAAU01@ABU01@@Z
??4NavigateParam@trident@@QAEAAU01@ABU01@@Z
??4NewWindowParam@trident@@QAEAAU01@ABU01@@Z
??4ScrollAnimationSwitch@@QAEAAV0@ABV0@@Z
??4TridentDownloadParam@trident@@QAEAAU01@ABU01@@Z
??4TridentPasswordForm@autofill@trident@@QAEAAU012@ABU012@@Z
??4TridentSpecialPasswordForm@autofill@trident@@QAEAAU012@ABU012@@Z
??8TridentPasswordForm@autofill@trident@@QBE_NABU012@@Z
?IsScrollAnimationEnabled@ScrollAnimationSwitch@@SA_NXZ
?SetScrollAnimationSwitch@ScrollAnimationSwitch@@SAX_N@Z
?enabled_@ScrollAnimationSwitch@@0_NA
ChromeMain
GetHandleVerifier
IsSandboxedProcess
SetSingleMutexDelegate

Sections

.text
Size: 57.8MB - Virtual size: 57.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 171KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prot
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/chrome_elf.dll
.dll windows:5 windows x86 arch:x86

151cb6cadd120048c706148baf11e472

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f0:6c:d9:4e:00:68:2d:54:ac:2b:4c:a1:63:10:3b:57:c7:70:cc:23:09:aa:9c:34:0c:e6:1a:52:34:b6:7e:06
Signer

Actual PE Digest

f0:6c:d9:4e:00:68:2d:54:ac:2b:4c:a1:63:10:3b:57:c7:70:cc:23:09:aa:9c:34:0c:e6:1a:52:34:b6:7e:06

Digest Algorithm

sha256

PE Digest Matches

true

fc:15:12:d6:a8:89:a8:11:16:f4:2c:44:4f:aa:ee:d9:aa:d3:ec:28
Signer

Actual PE Digest

fc:15:12:d6:a8:89:a8:11:16:f4:2c:44:4f:aa:ee:d9:aa:d3:ec:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome_elf.dll.pdb

Imports

kernel32

CloseHandle
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlushFileBuffers
FlushInstructionCache
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessId
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryW
RtlCaptureStackBackTrace
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointerEx
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepEx
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAllocEx
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
lstrcatW
lstrcpyW
lstrlenW

user32

MessageBoxW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathMatchSpecW

ole32

CoTaskMemFree

iphlpapi

GetAdaptersAddresses

Exports

Exports

AddDllToBlacklist
CrashForException_ExportThunk
DrainLog
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
ExitProcessOnCrash
GetCrashReports_ExportThunk
GetCrashpadDatabasePath_ExportThunk
GetHandleVerifier
GetInstallDetailsPayload
GetUnhookErrorAndBlockedDlls
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsBlacklistInitialized
RegisterLogNotification
RequestSingleCrashUpload_ExportThunk
SetMetricsClientId
SetUploadConsent_ExportThunk
ShouldShowRestartDialogIfCrashed
ShowRestartDialogIfCrashed
SignalChromeElf
SignalInitializeCrashReporting
SuccessfullyBlocked

Sections

.text
Size: 470KB - Virtual size: 469KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crthunk
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/chrome_initial.dll
.dll windows:5 windows x86 arch:x86

8dea77f17fb04881e1c9b581de7dd1cc

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:52:c9:9c:e8:9f:50:0a:27:03:ca:8c:31:6b:92:65:17:4f:90:9b:2c:6a:9c:59:8e:e7:98:dd:7d:96:ba:a2
Signer

Actual PE Digest

0c:52:c9:9c:e8:9f:50:0a:27:03:ca:8c:31:6b:92:65:17:4f:90:9b:2c:6a:9c:59:8e:e7:98:dd:7d:96:ba:a2

Digest Algorithm

sha256

PE Digest Matches

true

86:f2:6e:53:db:a8:91:9f:2d:0f:a7:ab:63:d8:97:51:0b:a1:54:03
Signer

Actual PE Digest

86:f2:6e:53:db:a8:91:9f:2d:0f:a7:ab:63:d8:97:51:0b:a1:54:03

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome_initial.dll.pdb

Imports

kernel32

CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreW
CreateThread
CreateToolhelp32Snapshot
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetSystemWow64DirectoryW
GetTempFileNameW
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalMemoryStatusEx
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedExchangeAdd
InterlockedFlushSList
IsBadStringPtrW
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockFileEx
LockResource
MapViewOfFile
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenMutexW
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetProcessShutdownParameters
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenW

user32

AllowSetForegroundWindow
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
FindWindowExW
GetGuiResources
GetMessageW
GetWindowLongW
GetWindowThreadProcessId
IsWindow
MessageBoxA
MessageBoxW
PostMessageW
RegisterClassW
SendMessageTimeoutW
SetWindowLongW
TranslateMessage
UnregisterClassW
wsprintfW

shlwapi

PathAppendW
PathFileExistsW
PathMatchSpecW
PathRemoveFileSpecW

chrome_elf

GetInstallDetailsPayload
SignalChromeElf
SignalInitializeCrashReporting

advapi32

GetUserNameW
ImpersonateNamedPipeClient
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RevertToSelf
SystemFunction036

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

timeGetTime

ole32

CoTaskMemFree

dbghelp

MiniDumpWriteDump

imm32

ImmDisableIME

ws2_32

WSAStartup
gethostbyname
gethostname
inet_ntoa

winhttp

WinHttpAddRequestHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpReadData
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpWriteData

iphlpapi

GetAdaptersAddresses

Exports

Exports

ChromeInitialMain
GetHandleVerifier
IsSandboxedProcess

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/chrome_watcher.dll
.dll windows:5 windows x86 arch:x86

5e88594997871a1f86d8786dbd7d8d97

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:ca:ee:fb:db:15:a6:a2:76:4a:56:da:46:65:21:73:04:9d:43:96:91:2a:f6:6a:c2:d2:6e:d9:8f:d2:af:32
Signer

Actual PE Digest

69:ca:ee:fb:db:15:a6:a2:76:4a:56:da:46:65:21:73:04:9d:43:96:91:2a:f6:6a:c2:d2:6e:d9:8f:d2:af:32

Digest Algorithm

sha256

PE Digest Matches

true

9f:5d:5f:bf:c5:fd:a4:a8:05:98:e7:6e:54:8a:4d:ed:4f:13:a3:9c
Signer

Actual PE Digest

9f:5d:5f:bf:c5:fd:a4:a8:05:98:e7:6e:54:8a:4d:ed:4f:13:a3:9c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome_watcher.dll.pdb

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
CreateIoCompletionPort
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadPriority
GetThreadTimes
GetTickCount
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MultiByteToWideChar
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ResetEvent
RtlCaptureStackBackTrace
RtlUnwind
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFilePointerEx
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile

chrome_elf

GetInstallDetailsPayload

user32

CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetQueueStatus
GetWindowLongW
KillTimer
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
RegisterClassExW
SetTimer
SetWindowLongW
TranslateMessage
UnregisterClassW

advapi32

GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegisterTraceGuidsW
TraceEvent
UnregisterTraceGuids

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize

Exports

Exports

GetHandleVerifier
WatcherMain

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/coral_extract.dll
.dll windows:4 windows x86 arch:x86

27078d36f37371b0a00fb89ab0cc3581

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be
Signer

Actual PE Digest

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be

Digest Algorithm

sha256

PE Digest Matches

true

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b
Signer

Actual PE Digest

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\rczip.dev\trunk\bin\Win32\release\pdb\Extract7z.pdb

Imports

kernel32

GetProcAddress
VirtualAlloc
GetModuleHandleW
VirtualFree
InterlockedExchangeAdd
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetLastError
ReadFile
CreateFileW
SetFilePointer
CloseHandle
LoadLibraryW
FreeLibrary
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetFileAttributesW
FormatMessageW
LocalFree
FindFirstFileW
FindClose
FindNextFileW
DeleteFileW
CreateDirectoryW
GetFileSize
GetFullPathNameW
SetFileTime
GetTempFileNameW
SetFileAttributesW
MoveFileW
lstrlenW
SetEndOfFile
FindResourceW
WaitForMultipleObjects
CreateEventW
ResetEvent
WaitForSingleObject
SetEvent
CreateThread
ExitThread
ResumeThread

user32

LoadStringW

Exports

Exports

ExtractArchive

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/courgette_dll.dll
.dll windows:5 windows x86 arch:x86

1d7c9bcc99e6aca371d12f2394c4a65a

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f8:1a:bb:5b:47:21:33:af:46:84:e9:9e:48:59:3c:72:62:7a:5e:86:64:9c:0e:eb:00:9a:e4:68:ce:1e:7b:10
Signer

Actual PE Digest

f8:1a:bb:5b:47:21:33:af:46:84:e9:9e:48:59:3c:72:62:7a:5e:86:64:9c:0e:eb:00:9a:e4:68:ce:1e:7b:10

Digest Algorithm

sha256

PE Digest Matches

true

f1:96:e3:a6:a1:26:6e:d6:2c:24:22:c4:d1:a3:7b:45:f6:48:e0:33
Signer

Actual PE Digest

f1:96:e3:a6:a1:26:6e:d6:2c:24:22:c4:d1:a3:7b:45:f6:48:e0:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\V56_87\src\out\official_release\courgette_dll.dll.pdb

Imports

kernel32

HeapSize
HeapFree
HeapReAlloc
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
CloseHandle
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetProcAddress
GetModuleHandleW
ReadFile
SetLastError
GetLongPathNameW
GetCurrentProcess
WriteFile
RemoveDirectoryW
GetTempPathW
CreateFileW
GetFileAttributesW
SetFileAttributesW
GetLastError
GetFileAttributesExW
DeleteFileW
GetCurrentDirectoryW
GetTempFileNameW
GetCurrentThreadId
Sleep
RaiseException
IsDebuggerPresent
GetModuleFileNameW
GetLocalTime
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetEnvironmentVariableW
GetEnvironmentVariableW
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
FlushFileBuffers
FindFirstFileW
FindFirstFileExW
FindNextFileW
FindClose
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SwitchToThread
DeleteCriticalSection
GetVersionExW
GetNativeSystemInfo
GetModuleFileNameA
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
TerminateProcess
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
FreeLibrary
EncodePointer
DecodePointer
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
GetProcessHeap
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
ExitProcess
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetACP
ReadConsoleW
WriteConsoleW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

FileApplyPatch
FolderApplyPatch
GetHandleVerifier

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/crashpad_helper.exe
.exe windows:5 windows x86 arch:x86

9f627af0c884015a05b789528a42a7e5

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

21:0d:b0:85:64:65:c2:a1:18:66:14:76:83:93:93:f5:13:a4:b3:c2:77:9d:41:12:76:59:0b:2a:56:00:ca:a2
Signer

Actual PE Digest

21:0d:b0:85:64:65:c2:a1:18:66:14:76:83:93:93:f5:13:a4:b3:c2:77:9d:41:12:76:59:0b:2a:56:00:ca:a2

Digest Algorithm

sha256

PE Digest Matches

true

8e:8f:2c:c8:90:e3:5f:d4:08:d9:e1:04:6b:08:99:cc:1e:5c:a2:b4
Signer

Actual PE Digest

8e:8f:2c:c8:90:e3:5f:d4:08:d9:e1:04:6b:08:99:cc:1e:5c:a2:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\V68_45\src\out\official_release\crashpad_helper.exe.pdb

Imports

kernel32

CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateNamedPipeW
CreateProcessW
CreateSemaphoreW
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetThreadContext
GetThreadLocale
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalMemoryStatusEx
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedExchangeAdd
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LocalFree
LockFileEx
LockResource
MapViewOfFile
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PeekNamedPipe
PostQueuedCompletionStatus
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetProcessShutdownParameters
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenW

advapi32

GetUserNameW
ImpersonateNamedPipeClient
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RevertToSelf
SystemFunction036

user32

CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetGuiResources
GetMessageW
GetWindowLongW
PostMessageW
RegisterClassW
SetWindowLongW
TranslateMessage
UnregisterClassW

imm32

ImmDisableIME

ws2_32

WSAStartup
gethostbyname
gethostname
inet_ntoa

ole32

CoTaskMemFree

winhttp

WinHttpAddRequestHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpReadData
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpWriteData

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

timeGetTime

shlwapi

PathMatchSpecW

iphlpapi

GetAdaptersAddresses

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/d3dcompiler_47.dll
.dll windows:10 windows x86 arch:x86

0f31485cd3d6d36b416b744fa9701f28

Code Sign

33:00:00:00:bf:91:6c:fb:7c:1a:24:e0:22:00:00:00:00:00:bf
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=AOC+OU=nCipher DSE ESN:57C8-2D15-1C8B,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:79:7c:2e:57:4e:52:e1:ca:d6:00:01:00:00:01:79
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/08/2017, 20:11

Not After

11/08/2018, 20:11

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:cc:b5:5b:42:17:07:60:13:11:00:00:00:00:01:cc
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/09/2017, 18:07

Not After

12/09/2018, 18:07

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

83:a1:f0:55:79:36:00:b7:9e:9a:9c:b7:2a:f2:d0:a2:d5:d7:3a:28:1b:10:74:89:5a:02:b2:b5:4b:7c:f0:98
Signer

Actual PE Digest

83:a1:f0:55:79:36:00:b7:9e:9a:9c:b7:2a:f2:d0:a2:d5:d7:3a:28:1b:10:74:89:5a:02:b2:b5:4b:7c:f0:98

Digest Algorithm

sha256

PE Digest Matches

true

ac:b4:44:bd:e1:f5:e4:af:06:16:58:bd:fe:68:0f:83:87:b8:a3:3b
Signer

Actual PE Digest

ac:b4:44:bd:e1:f5:e4:af:06:16:58:bd:fe:68:0f:83:87:b8:a3:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_47.pdb

Imports

msvcrt

__dllonexit
_unlock
strncpy_s
malloc
_strnicmp
atoi
isdigit
_lock
??1type_info@@UAE@XZ
_initterm
_amsg_exit
_XcptFilter
_callnewh
_isnan
_purecall
__isascii
_clearfp
_controlfp
_strdup
_mbstrlen
_vsnwprintf
strtoul
isxdigit
isalpha
atof
strchr
setlocale
strnlen
_onexit
modf
isspace
wcsncmp
wcsncpy_s
_wcsicmp
memcpy
memset
fclose
bsearch
qsort
strcat_s
_except_handler4_common
_CxxThrowException
_snwprintf_s
__unDName
fread
fseek
_wfsopen
wcstoul
_fileno
sscanf_s
_filelengthi64
towlower
_wcsnicmp
_wsplitpath_s
wcscpy_s
wcsncat_s
wcsrchr
swprintf_s
_wmakepath_s
time
_wcsdup
_wgetenv
_wfullpath
_chsize_s
_close
_read
_write
_lseeki64
_get_osfhandle
_open_osfhandle
wcscat_s
ftell
_mbscmp
_memicmp
toupper
_atoi64
_errno
strtod
__CxxFrameHandler3
_strtoui64
?terminate@@YAXXZ
strstr
ceil
strrchr
tolower
_finite
_fpclass
memmove
strcpy_s
memcpy_s
isalnum
getenv
free
_stricmp
sprintf_s
_vsnprintf
strncmp
_wsopen
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_ftol2
_ftol2_sse
floor

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
HeapCreate
lstrcmpiA
CreateFileA
LCMapStringW
FlushViewOfFile
MapViewOfFileEx
SetFilePointer
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
DeviceIoControl
SetFilePointerEx
SetEndOfFile
GetFileType
DeleteFileW
GetFileAttributesW
SetFileAttributesW
SetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
LocalFree
LocalAlloc
DisableThreadLibraryCalls
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
FreeLibrary
VirtualFree
VirtualAlloc
GetSystemInfo
CreateFileW
GetLastError
GetFileSizeEx
ReadFile
CloseHandle
Sleep
TlsAlloc
TlsSetValue
HeapDestroy
TlsGetValue
TlsFree
GetFullPathNameW
GetFullPathNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
LoadLibraryExW

advapi32

RegOpenKeyExW
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExW
CryptDestroyHash
RegCloseKey

rpcrt4

UuidCreate

Exports

Exports

D3DAssemble
D3DCompile
D3DCompile2
D3DCompileFromFile
D3DCompressShaders
D3DCreateBlob
D3DCreateFunctionLinkingGraph
D3DCreateLinker
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DDisassemble11Trace
D3DDisassembleRegion
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DGetTraceInstructionOffsets
D3DLoadModule
D3DPreprocess
D3DReadFileToBlob
D3DReflect
D3DReflectLibrary
D3DReturnFailure1
D3DSetBlobPart
D3DStripShader
D3DWriteBlobToFile
DebugSetMute

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/icudtl.dat
$_56_/libcurl_x86.dll
.dll windows:6 windows x86 arch:x86

a996403d816908e79c3d6e0ea1cbe2e2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2
Signer

Actual PE Digest

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2

Digest Algorithm

sha256

PE Digest Matches

true

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e
Signer

Actual PE Digest

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\dev\RCFL\vendor\depends\curl\out\bin\Win32\release_static\pdb\libcurl_x86.pdb

Imports

ws2_32

bind
closesocket
connect
getpeername
getsockopt
htons
ntohs
recv
setsockopt
socket
WSASetLastError
WSAIoctl
getaddrinfo
freeaddrinfo
gethostname
accept
WSAGetLastError
listen
ioctlsocket
__WSAFDIsSet
select
send
WSAStartup
WSACleanup
recvfrom
sendto
getsockname
shutdown
htonl
ntohl
gethostbyname
getservbyname

wldap32

ord145
ord219
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

kernel32

FindNextFileA
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
RaiseException
ReadConsoleW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleFileNameW
GetProcessHeap
RtlUnwind
FatalAppExitA
CreateSemaphoreW
GetStartupInfoW
FindFirstFileA
GetFullPathNameA
HeapSize
SetEndOfFile
WriteConsoleW
GetCurrentDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsA
Sleep
GetLastError
SetLastError
FormatMessageA
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
WriteFile
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GlobalMemoryStatus
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CreateEventW
SetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
OutputDebugStringW
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CreateThread
ExitThread
LoadLibraryExW
HeapFree
HeapAlloc
HeapReAlloc
SetFilePointerEx
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
GetCommandLineA
SetConsoleCtrlHandler
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers

user32

ReleaseDC
GetDC
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

gdi32

DeleteObject
GetDeviceCaps
GetDIBits
GetObjectA
CreateCompatibleBitmap

advapi32

RegisterEventSourceA
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
DeregisterEventSource

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/libegl.dll
.dll windows:5 windows x86 arch:x86

43ced9fbedd4b8728f88a6f1c6b7c779

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b5:d1:2f:27:e3:51:0a:c1:7e:09:8e:00:e3:73:db:b4:08:d6:2e:58:92:bc:4c:60:27:12:21:4f:e7:2e:d7:93
Signer

Actual PE Digest

b5:d1:2f:27:e3:51:0a:c1:7e:09:8e:00:e3:73:db:b4:08:d6:2e:58:92:bc:4c:60:27:12:21:4f:e7:2e:d7:93

Digest Algorithm

sha256

PE Digest Matches

true

80:db:34:6d:66:37:7e:cc:a2:c8:28:f9:13:b7:47:d0:f6:a4:2b:3a
Signer

Actual PE Digest

80:db:34:6d:66:37:7e:cc:a2:c8:28:f9:13:b7:47:d0:f6:a4:2b:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\libEGL.dll.pdb

Imports

libglesv2

?BindAPI@egl@@YGII@Z
?BindTexImage@egl@@YGIPAX0H@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CreateDeviceANGLE@egl@@YGPAXHPAXPBH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?CreateImageKHR@egl@@YGPAXPAX0I0PBH@Z
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreateStreamKHR@egl@@YGPAXPAXPBH@Z
?CreateStreamProducerD3DTextureANGLE@egl@@YGIPAX0PBH@Z
?CreateSync@egl@@YGPAXPAXIPBH@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?DestroyContext@egl@@YGIPAX0@Z
?DestroyImage@egl@@YGIPAX0@Z
?DestroyImageKHR@egl@@YGIPAX0@Z
?DestroyStreamKHR@egl@@YGIPAX0@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroySync@egl@@YGIPAX0@Z
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentContext@egl@@YGPAXXZ
?GetCurrentDisplay@egl@@YGPAXXZ
?GetCurrentSurface@egl@@YGPAXH@Z
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetError@egl@@YGHXZ
?GetPlatformDisplay@egl@@YGPAXIPAXPBH@Z
?GetPlatformDisplayEXT@egl@@YGPAXIPAXPBH@Z
?GetProcAddress@egl@@YGP6AXXZPBD@Z
?GetSyncAttrib@egl@@YGIPAX0HPAH@Z
?GetSyncValuesCHROMIUM@egl@@YGIPAX0PA_K11@Z
?Initialize@egl@@YGIPAXPAH1@Z
?MakeCurrent@egl@@YGIPAX000@Z
?PostSubBufferNV@egl@@YGIPAX0HHHH@Z
?ProgramCacheGetAttribANGLE@egl@@YGHPAXI@Z
?ProgramCachePopulateANGLE@egl@@YGXPAXPBXH1H@Z
?ProgramCacheQueryANGLE@egl@@YGXPAXH0PAH01@Z
?ProgramCacheResizeANGLE@egl@@YGHPAXHI@Z
?QueryAPI@egl@@YGIXZ
?QueryContext@egl@@YGIPAX0HPAH@Z
?QueryDeviceAttribEXT@egl@@YGIPAXHPAH@Z
?QueryDeviceStringEXT@egl@@YGPBDPAXH@Z
?QueryDisplayAttribEXT@egl@@YGIPAXHPAH@Z
?QueryStreamKHR@egl@@YGIPAX0IPAH@Z
?QueryStreamu64KHR@egl@@YGIPAX0IPA_K@Z
?QueryString@egl@@YGPBDPAXH@Z
?QuerySurface@egl@@YGIPAX0HPAH@Z
?QuerySurfacePointerANGLE@egl@@YGIPAX0HPAPAX@Z
?ReleaseDeviceANGLE@egl@@YGIPAX@Z
?ReleaseTexImage@egl@@YGIPAX0H@Z
?ReleaseThread@egl@@YGIXZ
?StreamAttribKHR@egl@@YGIPAX0IH@Z
?StreamConsumerAcquireKHR@egl@@YGIPAX0@Z
?StreamConsumerGLTextureExternalAttribsNV@egl@@YGIPAX0PBH@Z
?StreamConsumerGLTextureExternalKHR@egl@@YGIPAX0@Z
?StreamConsumerReleaseKHR@egl@@YGIPAX0@Z
?StreamPostD3DTextureANGLE@egl@@YGIPAX00PBH@Z
?SurfaceAttrib@egl@@YGIPAX0HH@Z
?SwapBuffers@egl@@YGIPAX0@Z
?SwapBuffersWithDamageEXT@egl@@YAIPAX0PAHH@Z
?SwapInterval@egl@@YGIPAXH@Z
?Terminate@egl@@YGIPAX@Z
?WaitClient@egl@@YGIXZ
?WaitGL@egl@@YGIXZ
?WaitNative@egl@@YGIH@Z
?WaitSync@egl@@YGIPAX0H@Z

kernel32

CloseHandle
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformWindowSurface
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateWindowSurface
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncValuesCHROMIUM
eglInitialize
eglMakeCurrent
eglPostSubBufferNV
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReleaseDeviceANGLE
eglReleaseTexImage
eglReleaseThread
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageEXT
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/libglesv2.dll
.dll windows:5 windows x86 arch:x86

d3899d0b7f58f2ff0d0d1b102d59f8f3

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:f6:b7:c1:e6:cf:ee:69:a9:2d:52:ff:8c:40:f3:10:4f:08:59:62:37:f6:ad:f2:0d:ff:50:07:e5:25:80:48
Signer

Actual PE Digest

75:f6:b7:c1:e6:cf:ee:69:a9:2d:52:ff:8c:40:f3:10:4f:08:59:62:37:f6:ad:f2:0d:ff:50:07:e5:25:80:48

Digest Algorithm

sha256

PE Digest Matches

true

b8:ef:a3:23:10:18:29:84:9b:8e:c6:44:fe:86:a2:0a:16:c8:ae:f4
Signer

Actual PE Digest

b8:ef:a3:23:10:18:29:84:9b:8e:c6:44:fe:86:a2:0a:16:c8:ae:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\libGLESv2.dll.pdb

Imports

user32

CreateWindowExA
CreateWindowExW
DefWindowProcA
DestroyWindow
GetClientRect
GetDC
GetWindowThreadProcessId
InvalidateRect
IsIconic
IsWindow
LoadCursorA
RegisterClassA
ReleaseDC
UnregisterClassA
WindowFromDC

kernel32

ChangeTimerQueueTimer
CloseHandle
CompareStringW
CreateEventW
CreateFileW
CreateMutexW
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
DecodePointer
DeleteCriticalSection
DeleteTimerQueueTimer
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileAttributesExW
GetFileType
GetLastError
GetLocaleInfoW
GetLogicalProcessorInformation
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
QueryDepthSList
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserWorkItem
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSemaphore
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnregisterWait
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

gdi32

ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers

d3d9

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_SetMarker
Direct3DCreate9

setupapi

CM_Get_Child
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Status
CM_Get_Device_IDW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Get_Sibling
CM_Locate_DevNodeW
CM_Open_DevNode_Key

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

??0PlatformMethods@angle@@QAE@XZ
??4PlatformMethods@angle@@QAEAAU01@$$QAU01@@Z
??4PlatformMethods@angle@@QAEAAU01@ABU01@@Z
?ActiveShaderProgram@gl@@YGXII@Z
?ActiveShaderProgramContextANGLE@gl@@YGXPAXII@Z
?ActiveTexture@gl@@YGXI@Z
?ActiveTextureContextANGLE@gl@@YGXPAXI@Z
?AlphaFunc@gl@@YGXIM@Z
?AlphaFuncContextANGLE@gl@@YGXPAXIM@Z
?AlphaFuncx@gl@@YGXIH@Z
?AlphaFuncxContextANGLE@gl@@YGXPAXIH@Z
?AttachShader@gl@@YGXII@Z
?AttachShaderContextANGLE@gl@@YGXPAXII@Z
?BeginQuery@gl@@YGXII@Z
?BeginQueryContextANGLE@gl@@YGXPAXII@Z
?BeginQueryEXT@gl@@YGXII@Z
?BeginQueryEXTContextANGLE@gl@@YGXPAXII@Z
?BeginTransformFeedback@gl@@YGXI@Z
?BeginTransformFeedbackContextANGLE@gl@@YGXPAXI@Z
?BindAPI@egl@@YGII@Z
?BindAttribLocation@gl@@YGXIIPBD@Z
?BindAttribLocationContextANGLE@gl@@YGXPAXIIPBD@Z
?BindBuffer@gl@@YGXII@Z
?BindBufferBase@gl@@YGXIII@Z
?BindBufferBaseContextANGLE@gl@@YGXPAXIII@Z
?BindBufferContextANGLE@gl@@YGXPAXII@Z
?BindBufferRange@gl@@YGXIIIJJ@Z
?BindBufferRangeContextANGLE@gl@@YGXPAXIIIJJ@Z
?BindFragmentInputLocationCHROMIUM@gl@@YGXIHPBD@Z
?BindFragmentInputLocationCHROMIUMContextANGLE@gl@@YGXPAXIHPBD@Z
?BindFramebuffer@gl@@YGXII@Z
?BindFramebufferContextANGLE@gl@@YGXPAXII@Z
?BindFramebufferOES@gl@@YGXII@Z
?BindFramebufferOESContextANGLE@gl@@YGXPAXII@Z
?BindImageTexture@gl@@YGXIIHEHII@Z
?BindImageTextureContextANGLE@gl@@YGXPAXIIHEHII@Z
?BindProgramPipeline@gl@@YGXI@Z
?BindProgramPipelineContextANGLE@gl@@YGXPAXI@Z
?BindRenderbuffer@gl@@YGXII@Z
?BindRenderbufferContextANGLE@gl@@YGXPAXII@Z
?BindRenderbufferOES@gl@@YGXII@Z
?BindRenderbufferOESContextANGLE@gl@@YGXPAXII@Z
?BindSampler@gl@@YGXII@Z
?BindSamplerContextANGLE@gl@@YGXPAXII@Z
?BindTexImage@egl@@YGIPAX0H@Z
?BindTexture@gl@@YGXII@Z
?BindTextureContextANGLE@gl@@YGXPAXII@Z
?BindTransformFeedback@gl@@YGXII@Z
?BindTransformFeedbackContextANGLE@gl@@YGXPAXII@Z
?BindUniformLocationCHROMIUM@gl@@YGXIHPBD@Z
?BindUniformLocationCHROMIUMContextANGLE@gl@@YGXPAXIHPBD@Z
?BindVertexArray@gl@@YGXI@Z
?BindVertexArrayContextANGLE@gl@@YGXPAXI@Z
?BindVertexArrayOES@gl@@YGXI@Z
?BindVertexArrayOESContextANGLE@gl@@YGXPAXI@Z
?BindVertexBuffer@gl@@YGXIIJH@Z
?BindVertexBufferContextANGLE@gl@@YGXPAXIIJH@Z
?BlendColor@gl@@YGXMMMM@Z
?BlendColorContextANGLE@gl@@YGXPAXMMMM@Z
?BlendEquation@gl@@YGXI@Z
?BlendEquationContextANGLE@gl@@YGXPAXI@Z
?BlendEquationSeparate@gl@@YGXII@Z
?BlendEquationSeparateContextANGLE@gl@@YGXPAXII@Z
?BlendFunc@gl@@YGXII@Z
?BlendFuncContextANGLE@gl@@YGXPAXII@Z
?BlendFuncSeparate@gl@@YGXIIII@Z
?BlendFuncSeparateContextANGLE@gl@@YGXPAXIIII@Z
?BlitFramebuffer@gl@@YGXHHHHHHHHII@Z
?BlitFramebufferANGLE@gl@@YGXHHHHHHHHII@Z
?BlitFramebufferANGLEContextANGLE@gl@@YGXPAXHHHHHHHHII@Z
?BlitFramebufferContextANGLE@gl@@YGXPAXHHHHHHHHII@Z
?BufferData@gl@@YGXIJPBXI@Z
?BufferDataContextANGLE@gl@@YGXPAXIJPBXI@Z
?BufferSubData@gl@@YGXIJJPBX@Z
?BufferSubDataContextANGLE@gl@@YGXPAXIJJPBX@Z
?CheckFramebufferStatus@gl@@YGII@Z
?CheckFramebufferStatusContextANGLE@gl@@YGIPAXI@Z
?CheckFramebufferStatusOES@gl@@YGII@Z
?CheckFramebufferStatusOESContextANGLE@gl@@YGIPAXI@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z
?Clear@gl@@YGXI@Z
?ClearBufferfi@gl@@YGXIHMH@Z
?ClearBufferfiContextANGLE@gl@@YGXPAXIHMH@Z
?ClearBufferfv@gl@@YGXIHPBM@Z
?ClearBufferfvContextANGLE@gl@@YGXPAXIHPBM@Z
?ClearBufferiv@gl@@YGXIHPBH@Z
?ClearBufferivContextANGLE@gl@@YGXPAXIHPBH@Z
?ClearBufferuiv@gl@@YGXIHPBI@Z
?ClearBufferuivContextANGLE@gl@@YGXPAXIHPBI@Z
?ClearColor@gl@@YGXMMMM@Z
?ClearColorContextANGLE@gl@@YGXPAXMMMM@Z
?ClearColorx@gl@@YGXHHHH@Z
?ClearColorxContextANGLE@gl@@YGXPAXHHHH@Z
?ClearContextANGLE@gl@@YGXPAXI@Z
?ClearDepthf@gl@@YGXM@Z
?ClearDepthfContextANGLE@gl@@YGXPAXM@Z
?ClearDepthx@gl@@YGXH@Z
?ClearDepthxContextANGLE@gl@@YGXPAXH@Z
?ClearStencil@gl@@YGXH@Z
?ClearStencilContextANGLE@gl@@YGXPAXH@Z
?ClientActiveTexture@gl@@YGXI@Z
?ClientActiveTextureContextANGLE@gl@@YGXPAXI@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?ClientWaitSync@gl@@YGIPAU__GLsync@@I_K@Z
?ClientWaitSyncContextANGLE@gl@@YGIPAXPAU__GLsync@@I_K@Z
?ClipPlanef@gl@@YGXIPBM@Z
?ClipPlanefContextANGLE@gl@@YGXPAXIPBM@Z
?ClipPlanex@gl@@YGXIPBH@Z
?ClipPlanexContextANGLE@gl@@YGXPAXIPBH@Z
?Color4f@gl@@YGXMMMM@Z
?Color4fContextANGLE@gl@@YGXPAXMMMM@Z
?Color4ub@gl@@YGXEEEE@Z
?Color4ubContextANGLE@gl@@YGXPAXEEEE@Z
?Color4x@gl@@YGXHHHH@Z
?Color4xContextANGLE@gl@@YGXPAXHHHH@Z
?ColorMask@gl@@YGXEEEE@Z
?ColorMaskContextANGLE@gl@@YGXPAXEEEE@Z
?ColorPointer@gl@@YGXHIHPBX@Z
?ColorPointerContextANGLE@gl@@YGXPAXHIHPBX@Z
?CompileShader@gl@@YGXI@Z
?CompileShaderContextANGLE@gl@@YGXPAXI@Z
?CompressedCopyTextureCHROMIUM@gl@@YGXII@Z
?CompressedCopyTextureCHROMIUMContextANGLE@gl@@YGXPAXII@Z
?CompressedTexImage2D@gl@@YGXIHIHHHHPBX@Z
?CompressedTexImage2DContextANGLE@gl@@YGXPAXIHIHHHHPBX@Z
?CompressedTexImage2DRobustANGLE@gl@@YGXIHIHHHHHPBX@Z
?CompressedTexImage2DRobustANGLEContextANGLE@gl@@YGXPAXIHIHHHHHPBX@Z
?CompressedTexImage3D@gl@@YGXIHIHHHHHPBX@Z
?CompressedTexImage3DContextANGLE@gl@@YGXPAXIHIHHHHHPBX@Z
?CompressedTexImage3DRobustANGLE@gl@@YGXIHIHHHHHHPBX@Z
?CompressedTexImage3DRobustANGLEContextANGLE@gl@@YGXPAXIHIHHHHHHPBX@Z
?CompressedTexSubImage2D@gl@@YGXIHHHHHIHPBX@Z
?CompressedTexSubImage2DContextANGLE@gl@@YGXPAXIHHHHHIHPBX@Z
?CompressedTexSubImage2DRobustANGLE@gl@@YGXIHHHHHIHHPBX@Z
?CompressedTexSubImage2DRobustANGLEContextANGLE@gl@@YGXPAXIHHHHHIHHPBX@Z
?CompressedTexSubImage3D@gl@@YGXIHHHHHHHIHPBX@Z
?CompressedTexSubImage3DContextANGLE@gl@@YGXPAXIHHHHHHHIHPBX@Z
?CompressedTexSubImage3DRobustANGLE@gl@@YGXIHHHHHHHIHHPBX@Z
?CompressedTexSubImage3DRobustANGLEContextANGLE@gl@@YGXPAXIHHHHHHHIHHPBX@Z
?CopyBufferSubData@gl@@YGXIIJJJ@Z
?CopyBufferSubDataContextANGLE@gl@@YGXPAXIIJJJ@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?CopySubTextureCHROMIUM@gl@@YGXIHIIHHHHHHHEEE@Z
?CopySubTextureCHROMIUMContextANGLE@gl@@YGXPAXIHIIHHHHHHHEEE@Z
?CopyTexImage2D@gl@@YGXIHIHHHHH@Z
?CopyTexImage2DContextANGLE@gl@@YGXPAXIHIHHHHH@Z
?CopyTexSubImage2D@gl@@YGXIHHHHHHH@Z
?CopyTexSubImage2DContextANGLE@gl@@YGXPAXIHHHHHHH@Z
?CopyTexSubImage3D@gl@@YGXIHHHHHHHH@Z
?CopyTexSubImage3DContextANGLE@gl@@YGXPAXIHHHHHHHH@Z
?CopyTextureCHROMIUM@gl@@YGXIHIIHHIEEE@Z
?CopyTextureCHROMIUMContextANGLE@gl@@YGXPAXIHIIHHIEEE@Z
?CoverFillPathCHROMIUM@gl@@YGXII@Z
?CoverFillPathCHROMIUMContextANGLE@gl@@YGXPAXII@Z
?CoverFillPathInstancedCHROMIUM@gl@@YGXHIPBXIIIPBM@Z
?CoverFillPathInstancedCHROMIUMContextANGLE@gl@@YGXPAXHIPBXIIIPBM@Z
?CoverStrokePathCHROMIUM@gl@@YGXII@Z
?CoverStrokePathCHROMIUMContextANGLE@gl@@YGXPAXII@Z
?CoverStrokePathInstancedCHROMIUM@gl@@YGXHIPBXIIIPBM@Z
?CoverStrokePathInstancedCHROMIUMContextANGLE@gl@@YGXPAXHIPBXIIIPBM@Z
?CoverageModulationCHROMIUM@gl@@YGXI@Z
?CoverageModulationCHROMIUMContextANGLE@gl@@YGXPAXI@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CreateDeviceANGLE@egl@@YGPAXHPAXPBH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?CreateImageKHR@egl@@YGPAXPAX0I0PBH@Z
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreateProgram@gl@@YGIXZ
?CreateProgramContextANGLE@gl@@YGIPAX@Z
?CreateShader@gl@@YGII@Z
?CreateShaderContextANGLE@gl@@YGIPAXI@Z
?CreateShaderProgramv@gl@@YGIIHPBQBD@Z
?CreateShaderProgramvContextANGLE@gl@@YGIPAXIHPBQBD@Z
?CreateStreamKHR@egl@@YGPAXPAXPBH@Z
?CreateStreamProducerD3DTextureANGLE@egl@@YGIPAX0PBH@Z
?CreateSync@egl@@YGPAXPAXIPBH@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?CullFace@gl@@YGXI@Z
?CullFaceContextANGLE@gl@@YGXPAXI@Z
?CurrentPaletteMatrixOES@gl@@YGXI@Z
?CurrentPaletteMatrixOESContextANGLE@gl@@YGXPAXI@Z
?DebugMessageCallbackKHR@gl@@YGXP6GXIIIIHPBDPBX@Z1@Z
?DebugMessageCallbackKHRContextANGLE@gl@@YGXPAXP6GXIIIIHPBDPBX@Z2@Z
?DebugMessageControlKHR@gl@@YGXIIIHPBIE@Z
?DebugMessageControlKHRContextANGLE@gl@@YGXPAXIIIHPBIE@Z
?DebugMessageInsertKHR@gl@@YGXIIIIHPBD@Z
?DebugMessageInsertKHRContextANGLE@gl@@YGXPAXIIIIHPBD@Z
?DeleteBuffers@gl@@YGXHPBI@Z
?DeleteBuffersContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteFencesNV@gl@@YGXHPBI@Z
?DeleteFencesNVContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteFramebuffers@gl@@YGXHPBI@Z
?DeleteFramebuffersContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteFramebuffersOES@gl@@YGXHPBI@Z
?DeleteFramebuffersOESContextANGLE@gl@@YGXPAXHPBI@Z
?DeletePathsCHROMIUM@gl@@YGXIH@Z
?DeletePathsCHROMIUMContextANGLE@gl@@YGXPAXIH@Z
?DeleteProgram@gl@@YGXI@Z
?DeleteProgramContextANGLE@gl@@YGXPAXI@Z
?DeleteProgramPipelines@gl@@YGXHPBI@Z
?DeleteProgramPipelinesContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteQueries@gl@@YGXHPBI@Z
?DeleteQueriesContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteQueriesEXT@gl@@YGXHPBI@Z
?DeleteQueriesEXTContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteRenderbuffers@gl@@YGXHPBI@Z
?DeleteRenderbuffersContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteRenderbuffersOES@gl@@YGXHPBI@Z
?DeleteRenderbuffersOESContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteSamplers@gl@@YGXHPBI@Z
?DeleteSamplersContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteShader@gl@@YGXI@Z
?DeleteShaderContextANGLE@gl@@YGXPAXI@Z
?DeleteSync@gl@@YGXPAU__GLsync@@@Z
?DeleteSyncContextANGLE@gl@@YGXPAXPAU__GLsync@@@Z
?DeleteTextures@gl@@YGXHPBI@Z
?DeleteTexturesContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteTransformFeedbacks@gl@@YGXHPBI@Z
?DeleteTransformFeedbacksContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteVertexArrays@gl@@YGXHPBI@Z
?DeleteVertexArraysContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteVertexArraysOES@gl@@YGXHPBI@Z
?DeleteVertexArraysOESContextANGLE@gl@@YGXPAXHPBI@Z
?DepthFunc@gl@@YGXI@Z
?DepthFuncContextANGLE@gl@@YGXPAXI@Z
?DepthMask@gl@@YGXE@Z
?DepthMaskContextANGLE@gl@@YGXPAXE@Z
?DepthRangef@gl@@YGXMM@Z
?DepthRangefContextANGLE@gl@@YGXPAXMM@Z
?DepthRangex@gl@@YGXHH@Z
?DepthRangexContextANGLE@gl@@YGXPAXHH@Z
?DestroyContext@egl@@YGIPAX0@Z
?DestroyImage@egl@@YGIPAX0@Z
?DestroyImageKHR@egl@@YGIPAX0@Z
?DestroyStreamKHR@egl@@YGIPAX0@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroySync@egl@@YGIPAX0@Z
?DetachShader@gl@@YGXII@Z
?DetachShaderContextANGLE@gl@@YGXPAXII@Z
?Disable@gl@@YGXI@Z
?DisableClientState@gl@@YGXI@Z
?DisableClientStateContextANGLE@gl@@YGXPAXI@Z
?DisableContextANGLE@gl@@YGXPAXI@Z
?DisableVertexAttribArray@gl@@YGXI@Z
?DisableVertexAttribArrayContextANGLE@gl@@YGXPAXI@Z
?DiscardFramebufferEXT@gl@@YGXIHPBI@Z
?DiscardFramebufferEXTContextANGLE@gl@@YGXPAXIHPBI@Z
?DispatchCompute@gl@@YGXIII@Z
?DispatchComputeContextANGLE@gl@@YGXPAXIII@Z
?DispatchComputeIndirect@gl@@YGXJ@Z
?DispatchComputeIndirectContextANGLE@gl@@YGXPAXJ@Z
?DrawArrays@gl@@YGXIHH@Z
?DrawArraysContextANGLE@gl@@YGXPAXIHH@Z
?DrawArraysIndirect@gl@@YGXIPBX@Z
?DrawArraysIndirectContextANGLE@gl@@YGXPAXIPBX@Z
?DrawArraysInstanced@gl@@YGXIHHH@Z
?DrawArraysInstancedANGLE@gl@@YGXIHHH@Z
?DrawArraysInstancedANGLEContextANGLE@gl@@YGXPAXIHHH@Z
?DrawArraysInstancedContextANGLE@gl@@YGXPAXIHHH@Z
?DrawBuffers@gl@@YGXHPBI@Z
?DrawBuffersContextANGLE@gl@@YGXPAXHPBI@Z
?DrawBuffersEXT@gl@@YGXHPBI@Z
?DrawBuffersEXTContextANGLE@gl@@YGXPAXHPBI@Z
?DrawElements@gl@@YGXIHIPBX@Z
?DrawElementsContextANGLE@gl@@YGXPAXIHIPBX@Z
?DrawElementsIndirect@gl@@YGXIIPBX@Z
?DrawElementsIndirectContextANGLE@gl@@YGXPAXIIPBX@Z
?DrawElementsInstanced@gl@@YGXIHIPBXH@Z
?DrawElementsInstancedANGLE@gl@@YGXIHIPBXH@Z
?DrawElementsInstancedANGLEContextANGLE@gl@@YGXPAXIHIPBXH@Z
?DrawElementsInstancedContextANGLE@gl@@YGXPAXIHIPBXH@Z
?DrawRangeElements@gl@@YGXIIIHIPBX@Z
?DrawRangeElementsContextANGLE@gl@@YGXPAXIIIHIPBX@Z
?DrawTexfOES@gl@@YGXMMMMM@Z
?DrawTexfOESContextANGLE@gl@@YGXPAXMMMMM@Z
?DrawTexfvOES@gl@@YGXPBM@Z
?DrawTexfvOESContextANGLE@gl@@YGXPAXPBM@Z
?DrawTexiOES@gl@@YGXHHHHH@Z
?DrawTexiOESContextANGLE@gl@@YGXPAXHHHHH@Z
?DrawTexivOES@gl@@YGXPBH@Z
?DrawTexivOESContextANGLE@gl@@YGXPAXPBH@Z
?DrawTexsOES@gl@@YGXFFFFF@Z
?DrawTexsOESContextANGLE@gl@@YGXPAXFFFFF@Z
?DrawTexsvOES@gl@@YGXPBF@Z
?DrawTexsvOESContextANGLE@gl@@YGXPAXPBF@Z
?DrawTexxOES@gl@@YGXHHHHH@Z
?DrawTexxOESContextANGLE@gl@@YGXPAXHHHHH@Z
?DrawTexxvOES@gl@@YGXPBH@Z
?DrawTexxvOESContextANGLE@gl@@YGXPAXPBH@Z
?EGLImageTargetRenderbufferStorageOES@gl@@YGXIPAX@Z
?EGLImageTargetRenderbufferStorageOESContextANGLE@gl@@YGXPAXI0@Z
?EGLImageTargetTexture2DOES@gl@@YGXIPAX@Z
?EGLImageTargetTexture2DOESContextANGLE@gl@@YGXPAXI0@Z
?Enable@gl@@YGXI@Z
?EnableClientState@gl@@YGXI@Z
?EnableClientStateContextANGLE@gl@@YGXPAXI@Z
?EnableContextANGLE@gl@@YGXPAXI@Z
?EnableVertexAttribArray@gl@@YGXI@Z
?EnableVertexAttribArrayContextANGLE@gl@@YGXPAXI@Z
?EndQuery@gl@@YGXI@Z
?EndQueryContextANGLE@gl@@YGXPAXI@Z
?EndQueryEXT@gl@@YGXI@Z
?EndQueryEXTContextANGLE@gl@@YGXPAXI@Z
?EndTransformFeedback@gl@@YGXXZ
?EndTransformFeedbackContextANGLE@gl@@YGXPAX@Z
?FenceSync@gl@@YGPAU__GLsync@@II@Z
?FenceSyncContextANGLE@gl@@YGPAU__GLsync@@PAXII@Z
?Finish@gl@@YGXXZ
?FinishContextANGLE@gl@@YGXPAX@Z
?FinishFenceNV@gl@@YGXI@Z
?FinishFenceNVContextANGLE@gl@@YGXPAXI@Z
?Flush@gl@@YGXXZ
?FlushContextANGLE@gl@@YGXPAX@Z
?FlushMappedBufferRange@gl@@YGXIJJ@Z
?FlushMappedBufferRangeContextANGLE@gl@@YGXPAXIJJ@Z
?FlushMappedBufferRangeEXT@gl@@YGXIJJ@Z
?FlushMappedBufferRangeEXTContextANGLE@gl@@YGXPAXIJJ@Z
?Fogf@gl@@YGXIM@Z
?FogfContextANGLE@gl@@YGXPAXIM@Z
?Fogfv@gl@@YGXIPBM@Z
?FogfvContextANGLE@gl@@YGXPAXIPBM@Z
?Fogx@gl@@YGXIH@Z
?FogxContextANGLE@gl@@YGXPAXIH@Z
?Fogxv@gl@@YGXIPBH@Z
?FogxvContextANGLE@gl@@YGXPAXIPBH@Z
?FramebufferParameteri@gl@@YGXIIH@Z
?FramebufferParameteriContextANGLE@gl@@YGXPAXIIH@Z
?FramebufferRenderbuffer@gl@@YGXIIII@Z
?FramebufferRenderbufferContextANGLE@gl@@YGXPAXIIII@Z
?FramebufferRenderbufferOES@gl@@YGXIIII@Z
?FramebufferRenderbufferOESContextANGLE@gl@@YGXPAXIIII@Z
?FramebufferTexture2D@gl@@YGXIIIIH@Z
?FramebufferTexture2DContextANGLE@gl@@YGXPAXIIIIH@Z
?FramebufferTexture2DOES@gl@@YGXIIIIH@Z
?FramebufferTexture2DOESContextANGLE@gl@@YGXPAXIIIIH@Z
?FramebufferTextureLayer@gl@@YGXIIIHH@Z
?FramebufferTextureLayerContextANGLE@gl@@YGXPAXIIIHH@Z
?FramebufferTextureMultiviewLayeredANGLE@gl@@YGXIIIHHH@Z
?FramebufferTextureMultiviewLayeredANGLEContextANGLE@gl@@YGXPAXIIIHHH@Z
?FramebufferTextureMultiviewSideBySideANGLE@gl@@YGXIIIHHPBH@Z
?FramebufferTextureMultiviewSideBySideANGLEContextANGLE@gl@@YGXPAXIIIHHPBH@Z
?FrontFace@gl@@YGXI@Z
?FrontFaceContextANGLE@gl@@YGXPAXI@Z
?Frustumf@gl@@YGXMMMMMM@Z
?FrustumfContextANGLE@gl@@YGXPAXMMMMMM@Z
?Frustumx@gl@@YGXHHHHHH@Z
?FrustumxContextANGLE@gl@@YGXPAXHHHHHH@Z
?GenBuffers@gl@@YGXHPAI@Z
?GenBuffersContextANGLE@gl@@YGXPAXHPAI@Z
?GenFencesNV@gl@@YGXHPAI@Z
?GenFencesNVContextANGLE@gl@@YGXPAXHPAI@Z
?GenFramebuffers@gl@@YGXHPAI@Z
?GenFramebuffersContextANGLE@gl@@YGXPAXHPAI@Z
?GenFramebuffersOES@gl@@YGXHPAI@Z
?GenFramebuffersOESContextANGLE@gl@@YGXPAXHPAI@Z
?GenPathsCHROMIUM@gl@@YGIH@Z
?GenPathsCHROMIUMContextANGLE@gl@@YGIPAXH@Z
?GenProgramPipelines@gl@@YGXHPAI@Z
?GenProgramPipelinesContextANGLE@gl@@YGXPAXHPAI@Z
?GenQueries@gl@@YGXHPAI@Z
?GenQueriesContextANGLE@gl@@YGXPAXHPAI@Z
?GenQueriesEXT@gl@@YGXHPAI@Z
?GenQueriesEXTContextANGLE@gl@@YGXPAXHPAI@Z
?GenRenderbuffers@gl@@YGXHPAI@Z
?GenRenderbuffersContextANGLE@gl@@YGXPAXHPAI@Z
?GenRenderbuffersOES@gl@@YGXHPAI@Z
?GenRenderbuffersOESContextANGLE@gl@@YGXPAXHPAI@Z
?GenSamplers@gl@@YGXHPAI@Z
?GenSamplersContextANGLE@gl@@YGXPAXHPAI@Z
?GenTextures@gl@@YGXHPAI@Z
?GenTexturesContextANGLE@gl@@YGXPAXHPAI@Z
?GenTransformFeedbacks@gl@@YGXHPAI@Z
?GenTransformFeedbacksContextANGLE@gl@@YGXPAXHPAI@Z
?GenVertexArrays@gl@@YGXHPAI@Z
?GenVertexArraysContextANGLE@gl@@YGXPAXHPAI@Z
?GenVertexArraysOES@gl@@YGXHPAI@Z
?GenVertexArraysOESContextANGLE@gl@@YGXPAXHPAI@Z
?GenerateMipmap@gl@@YGXI@Z
?GenerateMipmapContextANGLE@gl@@YGXPAXI@Z
?GenerateMipmapOES@gl@@YGXI@Z
?GenerateMipmapOESContextANGLE@gl@@YGXPAXI@Z
?GetActiveAttrib@gl@@YGXIIHPAH0PAIPAD@Z
?GetActiveAttribContextANGLE@gl@@YGXPAXIIHPAH1PAIPAD@Z
?GetActiveUniform@gl@@YGXIIHPAH0PAIPAD@Z
?GetActiveUniformBlockName@gl@@YGXIIHPAHPAD@Z
?GetActiveUniformBlockNameContextANGLE@gl@@YGXPAXIIHPAHPAD@Z
?GetActiveUniformBlockiv@gl@@YGXIIIPAH@Z
?GetActiveUniformBlockivContextANGLE@gl@@YGXPAXIIIPAH@Z
?GetActiveUniformBlockivRobustANGLE@gl@@YGXIIIHPAH0@Z
?GetActiveUniformBlockivRobustANGLEContextANGLE@gl@@YGXPAXIIIHPAH1@Z
?GetActiveUniformContextANGLE@gl@@YGXPAXIIHPAH1PAIPAD@Z
?GetActiveUniformsiv@gl@@YGXIHPBIIPAH@Z
?GetActiveUniformsivContextANGLE@gl@@YGXPAXIHPBIIPAH@Z
?GetAttachedShaders@gl@@YGXIHPAHPAI@Z
?GetAttachedShadersContextANGLE@gl@@YGXPAXIHPAHPAI@Z
?GetAttribLocation@gl@@YGHIPBD@Z
?GetAttribLocationContextANGLE@gl@@YGHPAXIPBD@Z
?GetBooleani_v@gl@@YGXIIPAE@Z
?GetBooleani_vContextANGLE@gl@@YGXPAXIIPAE@Z
?GetBooleani_vRobustANGLE@gl@@YGXIIHPAHPAE@Z
?GetBooleani_vRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPAE@Z
?GetBooleanv@gl@@YGXIPAE@Z
?GetBooleanvContextANGLE@gl@@YGXPAXIPAE@Z
?GetBooleanvRobustANGLE@gl@@YGXIHPAHPAE@Z
?GetBooleanvRobustANGLEContextANGLE@gl@@YGXPAXIHPAHPAE@Z
?GetBufferParameteri64v@gl@@YGXIIPA_J@Z
?GetBufferParameteri64vContextANGLE@gl@@YGXPAXIIPA_J@Z
?GetBufferParameteri64vRobustANGLE@gl@@YGXIIHPAHPA_J@Z
?GetBufferParameteri64vRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPA_J@Z
?GetBufferParameteriv@gl@@YGXIIPAH@Z
?GetBufferParameterivContextANGLE@gl@@YGXPAXIIPAH@Z
?GetBufferParameterivRobustANGLE@gl@@YGXIIHPAH0@Z
?GetBufferParameterivRobustANGLEContextANGLE@gl@@YGXPAXIIHPAH1@Z
?GetBufferPointerv@gl@@YGXIIPAPAX@Z
?GetBufferPointervContextANGLE@gl@@YGXPAXIIPAPAX@Z
?GetBufferPointervOES@gl@@YGXIIPAPAX@Z
?GetBufferPointervOESContextANGLE@gl@@YGXPAXIIPAPAX@Z
?GetBufferPointervRobustANGLE@gl@@YGXIIHPAHPAPAX@Z
?GetBufferPointervRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPAPAX@Z
?GetClipPlanef@gl@@YGXIPAM@Z
?GetClipPlanefContextANGLE@gl@@YGXPAXIPAM@Z
?GetClipPlanex@gl@@YGXIPAH@Z
?GetClipPlanexContextANGLE@gl@@YGXPAXIPAH@Z
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentContext@egl@@YGPAXXZ
?GetCurrentDisplay@egl@@YGPAXXZ
?GetCurrentSurface@egl@@YGPAXH@Z
?GetDebugMessageLogKHR@gl@@YGIIHPAI000PAHPAD@Z
?GetDebugMessageLogKHRContextANGLE@gl@@YGIPAXIHPAI111PAHPAD@Z
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetError@egl@@YGHXZ
?GetError@gl@@YGIXZ
?GetErrorContextANGLE@gl@@YGIPAX@Z
?GetFenceivNV@gl@@YGXIIPAH@Z
?GetFenceivNVContextANGLE@gl@@YGXPAXIIPAH@Z
?GetFixedv@gl@@YGXIPAH@Z
?GetFixedvContextANGLE@gl@@YGXPAXIPAH@Z
?GetFloatv@gl@@YGXIPAM@Z
?GetFloatvContextANGLE@gl@@YGXPAXIPAM@Z
?GetFloatvRobustANGLE@gl@@YGXIHPAHPAM@Z
?GetFloatvRobustANGLEContextANGLE@gl@@YGXPAXIHPAHPAM@Z
?GetFragDataLocation@gl@@YGHIPBD@Z
?GetFragDataLocationContextANGLE@gl@@YGHPAXIPBD@Z
?GetFramebufferAttachmentParameteriv@gl@@YGXIIIPAH@Z
?GetFramebufferAttachmentParameterivContextANGLE@gl@@YGXPAXIIIPAH@Z
?GetFramebufferAttachmentParameterivOES@gl@@YGXIIIPAH@Z
?GetFramebufferAttachmentParameterivOESContextANGLE@gl@@YGXPAXIIIPAH@Z
?GetFramebufferAttachmentParameterivRobustANGLE@gl@@YGXIIIHPAH0@Z
?GetFramebufferAttachmentParameterivRobustANGLEContextANGLE@gl@@YGXPAXIIIHPAH1@Z
?GetFramebufferParameteriv@gl@@YGXIIPAH@Z
?GetFramebufferParameterivContextANGLE@gl@@YGXPAXIIPAH@Z
?GetFramebufferParameterivRobustANGLE@gl@@YGXIIHPAH0@Z
?GetFramebufferParameterivRobustANGLEContextANGLE@gl@@YGXPAXIIHPAH1@Z
?GetGraphicsResetStatusEXT@gl@@YGIXZ
?GetGraphicsResetStatusEXTContextANGLE@gl@@YGIPAX@Z
?GetInteger64i_v@gl@@YGXIIPA_J@Z
?GetInteger64i_vContextANGLE@gl@@YGXPAXIIPA_J@Z
?GetInteger64i_vRobustANGLE@gl@@YGXIIHPAHPA_J@Z
?GetInteger64i_vRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPA_J@Z
?GetInteger64v@gl@@YGXIPA_J@Z
?GetInteger64vContextANGLE@gl@@YGXPAXIPA_J@Z
?GetInteger64vRobustANGLE@gl@@YGXIHPAHPA_J@Z
?GetInteger64vRobustANGLEContextANGLE@gl@@YGXPAXIHPAHPA_J@Z
?GetIntegeri_v@gl@@YGXIIPAH@Z
?GetIntegeri_vContextANGLE@gl@@YGXPAXIIPAH@Z
?GetIntegeri_vRobustANGLE@gl@@YGXIIHPAH0@Z
?GetIntegeri_vRobustANGLEContextANGLE@gl@@YGXPAXIIHPAH1@Z
?GetIntegerv@gl@@YGXIPAH@Z
?GetIntegervContextANGLE@gl@@YGXPAXIPAH@Z
?GetIntegervRobustANGLE@gl@@YGXIHPAH0@Z
?GetIntegervRobustANGLEContextANGLE@gl@@YGXPAXIHPAH1@Z
?GetInternalformativ@gl@@YGXIIIHPAH@Z
?GetInternalformativContextANGLE@gl@@YGXPAXIIIHPAH@Z
?GetInternalformativRobustANGLE@gl@@YGXIIIHPAH0@Z
?GetInternalformativRobustANGLEContextANGLE@gl@@YGXPAXIIIHPAH1@Z
?GetLightfv@gl@@YGXIIPAM@Z
?GetLightfvContextANGLE@gl@@YGXPAXIIPAM@Z
?GetLightxv@gl@@YGXIIPAH@Z
?GetLightxvContextANGLE@gl@@YGXPAXIIPAH@Z
?GetMaterialfv@gl@@YGXIIPAM@Z
?GetMaterialfvContextANGLE@gl@@YGXPAXIIPAM@Z
?GetMaterialxv@gl@@YGXIIPAH@Z
?GetMaterialxvContextANGLE@gl@@YGXPAXIIPAH@Z
?GetMultisamplefv@gl@@YGXIIPAM@Z
?GetMultisamplefvContextANGLE@gl@@YGXPAXIIPAM@Z
?GetMultisamplefvRobustANGLE@gl@@YGXIIHPAHPAM@Z
?GetMultisamplefvRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPAM@Z
?GetObjectLabelKHR@gl@@YGXIIHPAHPAD@Z
?GetObjectLabelKHRContextANGLE@gl@@YGXPAXIIHPAHPAD@Z
?GetObjectPtrLabelKHR@gl@@YGXPBXHPAHPAD@Z
?GetObjectPtrLabelKHRContextANGLE@gl@@YGXPAXPBXHPAHPAD@Z
?GetPathParameterfvCHROMIUM@gl@@YGXIIPAM@Z
?GetPathParameterfvCHROMIUMContextANGLE@gl@@YGXPAXIIPAM@Z
?GetPathParameterivCHROMIUM@gl@@YGXIIPAH@Z
?GetPathParameterivCHROMIUMContextANGLE@gl@@YGXPAXIIPAH@Z

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 833KB - Virtual size: 833KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_56_/natives_blob.bin
.js
$_56_/prefs.dat
$_56_/resources.pak
$_56_/snapshot_blob.bin
$_56_/v8_context_snapshot.bin
$_56_/welcome.ini
$_56_/widevinecdmadapter.dll
.dll windows:5 windows x86 arch:x86

e1657452eeece97e13fb59ec5f6e070a

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03/02/2015, 00:00

Not After

03/03/2026, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:40:db:a5:f9:88:fa:e5:7a:57:d6:45:74:95:f9:8b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

14/12/2015, 00:00

Not After

14/12/2016, 23:59

Subject

CN=Google Inc,O=Google Inc,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2a:9c:21:ac:aa:a6:3a:3c:58:a7:b9:32:2b:ee:94:8d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16/12/2015, 00:00

Not After

16/12/2018, 23:59

Subject

CN=Google Inc,O=Google Inc,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:16:c0:09:98:dc:c6:8f:a2:7d:25:c3:86:36:a8:83:bb
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

03/02/2015, 00:00

Not After

03/03/2026, 00:00

Subject

CN=GlobalSign TSA for Advanced - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c0:6b:15:87:8c:d7:43:39:84:7a:95:83:05:3a:40:a7:3a:ea:2f:69:ac:89:84:e7:77:79:47:44:c5:6d:34:c8
Signer

Actual PE Digest

c0:6b:15:87:8c:d7:43:39:84:7a:95:83:05:3a:40:a7:3a:ea:2f:69:ac:89:84:e7:77:79:47:44:c5:6d:34:c8

Digest Algorithm

sha256

PE Digest Matches

true

ec:d0:ef:68:85:24:82:39:7f:03:30:a0:c9:ac:40:d2:5a:62:86:30
Signer

Actual PE Digest

ec:d0:ef:68:85:24:82:39:7f:03:30:a0:c9:ac:40:d2:5a:62:86:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\b\build\slave\win\build\src\out\Release\widevinecdmadapter.dll.pdb

Imports

widevinecdm

CreateCdmInstance
DeinitializeCdmModule
InitializeCdmModule_4

kernel32

CreateFileW
ReadConsoleW
WriteConsoleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
HeapFree
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteFile
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
CloseHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
LoadLibraryExW
OutputDebugStringW
SetStdHandle

Exports

Exports

PPP_GetInterface
PPP_InitializeModule
PPP_ShutdownModule

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/10.25.0.21758.manifest
$_65_/2345Explorer.exe
.exe windows:5 windows x86 arch:x86

2c7bbba8114a1db482eb2a2ac8bfb8cb

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

11:1e:05:29:f2:dc:b3:76:cb:48:ff:37:40:9e:f0:38:e0:66:91:d9:1b:b6:e8:17:d8:4a:4f:4d:30:70:15:e2
Signer

Actual PE Digest

11:1e:05:29:f2:dc:b3:76:cb:48:ff:37:40:9e:f0:38:e0:66:91:d9:1b:b6:e8:17:d8:4a:4f:4d:30:70:15:e2

Digest Algorithm

sha256

PE Digest Matches

true

a1:37:97:87:d2:9c:f6:ba:32:6d:05:f2:ba:4a:da:4d:59:33:f3:27
Signer

Actual PE Digest

a1:37:97:87:d2:9c:f6:ba:32:6d:05:f2:ba:4a:da:4d:59:33:f3:27

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\V68_45\src\out\official_release\2345Explorer.exe.pdb

Imports

advapi32

AccessCheck
AllocateAndInitializeSid
CheckTokenMembership
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertStringSidToSidW
CopySid
CreateProcessAsUserW
CreateRestrictedToken
CreateWellKnownSid
DuplicateToken
DuplicateTokenEx
EqualSid
FreeSid
GetAce
GetKernelObjectSecurity
GetLengthSid
GetNamedSecurityInfoW
GetSecurityDescriptorSacl
GetSecurityInfo
GetSidSubAuthority
GetTokenInformation
ImpersonateLoggedOnUser
InitializeSid
IsValidSid
LookupAccountSidW
LookupPrivilegeValueW
MapGenericMask
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDisablePredefinedCache
RegOpenKeyExW
RegQueryValueExW
RevertToSelf
SetEntriesInAclW
SetKernelObjectSecurity
SetSecurityInfo
SetThreadToken
SetTokenInformation
SystemFunction036

shlwapi

PathFileExistsW
PathRemoveFileSpecW

user32

CloseDesktop
CloseWindowStation
CreateDesktopW
CreateWindowExW
CreateWindowStationW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetProcessWindowStation
GetQueueStatus
GetThreadDesktop
GetUserObjectInformationW
GetWindowLongW
KillTimer
MessageBoxW
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
RegisterClassExW
SetProcessWindowStation
SetTimer
SetWindowLongW
TranslateMessage
UnregisterClassW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

kernel32

AssignProcessToJobObject
CloseHandle
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateJobObjectW
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
CreateToolhelp32Snapshot
DebugBreak
DecodePointer
DeleteCriticalSection
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHandleCount
GetProcessHeaps
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetVersionExW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileExW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
ProcessIdToSessionId
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ResetEvent
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetCurrentDirectoryW
SetEvent
SetFilePointerEx
SetHandleInformation
SetInformationJobObject
SetLastError
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SwitchToThread
TerminateJobObject
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnmapViewOfFile
UnregisterWaitEx
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
VirtualQueryEx
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
lstrlenW

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

Exports

Exports

GetHandleVerifier
InitializeSandboxInfo
IsSandboxedProcess

Sections

.text
Size: 569KB - Virtual size: 568KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 259KB - Virtual size: 258KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/2345Recommender.exe
.exe windows:5 windows x86 arch:x86

6c549a7e5ea7659b53cc36e030d81164

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

24:be:0e:e4:fc:7d:3c:89:f7:3b:51:dd:6f:13:bb:ef:5b:79:79:78:f6:df:d9:b9:e3:0e:81:86:1c:34:24:88
Signer

Actual PE Digest

24:be:0e:e4:fc:7d:3c:89:f7:3b:51:dd:6f:13:bb:ef:5b:79:79:78:f6:df:d9:b9:e3:0e:81:86:1c:34:24:88

Digest Algorithm

sha256

PE Digest Matches

true

16:1c:ec:d2:ea:de:7a:56:dd:54:cb:00:2a:df:8b:b3:f3:e4:c1:0b
Signer

Actual PE Digest

16:1c:ec:d2:ea:de:7a:56:dd:54:cb:00:2a:df:8b:b3:f3:e4:c1:0b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\FileDownloader\FileDownloader\bin\release_static\2345Recommender.pdb

Imports

gdiplus

GdipCreateRegion
GdipDeleteMatrix
GdipBitmapLockBits
GdipRestoreGraphics
GdipReleaseDC
GdipTranslateWorldTransform
GdipGetWorldTransform
GdipGetDC
GdipTransformPointsI
GdipDeleteRegion
GdipGetClipBoundsI
GdipSaveGraphics
GdipBitmapUnlockBits
GdipGraphicsClear
GdipGetMatrixElements
GdipGetClip
GdipCreateMatrix
GdipScaleWorldTransform
GdipDrawImagePointRectI
GdipGetRegionHRgn
GdipCloneBitmapAreaI
GdiplusStartup
GdipSetPixelOffsetMode
GdipCloneImage
GdipGetImagePaletteSize
GdipDisposeImage
GdipGetImageGraphicsContext
GdipCreateBitmapFromScan0
GdipGetImagePixelFormat
GdipCreateBitmapFromStream
GdipGetImagePalette
GdiplusShutdown
GdipDeleteStringFormat
GdipGetImageWidth
GdipCreateStringFormat
GdipFillRectangleI
GdipCreateFontFromLogfontW
GdipCreateHBITMAPFromBitmap
GdipDrawString
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipCreateSolidFill
GdipSetStringFormatAlign
GdipDeleteFont
GdipSetTextRenderingHint
GdipSetStringFormatLineAlign
GdipMeasureString
GdipDrawImageRectRectI
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipCloneBrush
GdipDeleteBrush
GdipDrawImageRectRect
GdipDeleteGraphics
GdipAlloc
GdipCreateFromHDC
GdipSetClipRectI
GdipFree
GdipSetCompositingMode

kernel32

FindResourceW
LoadResource
SizeofResource
LockResource
OpenFileMappingW
ResumeThread
FindFirstFileW
CreateFileW
WideCharToMultiByte
GetACP
MultiByteToWideChar
InitializeCriticalSection
SetEvent
ResetEvent
CreateEventW
InterlockedExchangeAdd
GetTickCount
Sleep
GetFullPathNameW
MoveFileExW
CreateDirectoryW
lstrlenW
SetFileAttributesW
FindClose
GetFileSize
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
HeapAlloc
HeapFree
GetProcessHeap
GlobalAlloc
GlobalFree
LocalFree
FormatMessageW
GlobalLock
GlobalUnlock
MulDiv
WriteConsoleW
SetStdHandle
ReadConsoleW
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCurrentProcessId
QueryPerformanceCounter
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetFilePointerEx
GetFileType
GetStdHandle
HeapReAlloc
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
RtlUnwind
GetSystemTimeAsFileTime
LoadLibraryExW
ExitThread
CreateThread
GetCommandLineW
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
OutputDebugStringW
IsDebuggerPresent
GetStringTypeW
EncodePointer
InitializeCriticalSectionAndSpinCount
RaiseException
GetLastError
DecodePointer
DeleteCriticalSection
GetCurrentProcess
GetModuleHandleW
GetVersionExW
LeaveCriticalSection
FlushInstructionCache
SetLastError
GetProcAddress
EnterCriticalSection
GetCurrentThreadId
UnmapViewOfFile
MapViewOfFile
FreeResource
FreeLibrary
GetLongPathNameW
GetTempPathW
GetFileAttributesW
WaitForSingleObject
GetVersion
CloseHandle
WinExec
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
DeleteFileW
lstrcatW
MoveFileW
GetModuleFileNameW
LoadLibraryW

user32

IsRectEmpty
SetWindowRgn
DialogBoxParamW
SetRect
RemovePropW
ReleaseCapture
UnionRect
TrackMouseEvent
SetCapture
GetForegroundWindow
EnableWindow
GetClassLongW
InflateRect
GetDlgItem
SetRectEmpty
RedrawWindow
SetCursor
GetWindowThreadProcessId
UnregisterClassW
DefWindowProcW
DestroyWindow
CallWindowProcW
DestroyIcon
DestroyMenu
SendMessageW
CreateWindowExW
IsWindow
GetCursorPos
GetDesktopWindow
SetWindowLongW
ReleaseDC
GetWindowLongW
LoadIconW
RegisterClassExW
GetDC
GetClassInfoExW
GetMenuDefaultItem
LoadCursorW
SetForegroundWindow
GetSubMenu
KillTimer
PostMessageW
RegisterWindowMessageW
TrackPopupMenu
IsMenu
SetTimer
GetPropW
IsWindowVisible
GetActiveWindow
LoadBitmapW
ShowWindow
SetWindowPos
EndDialog
BringWindowToTop
InvalidateRect
SetPropW
IsIconic
CopyRect
OffsetRect
PtInRect
SystemParametersInfoW
BeginPaint
UpdateLayeredWindow
GetClientRect
GetParent
GetWindowRect
ScreenToClient
EndPaint
GetWindow
GetMonitorInfoW
SetWindowTextW
MapWindowPoints
MonitorFromWindow

gdi32

DeleteObject
SetGraphicsMode
SetTextColor
SetBrushOrgEx
SetDCBrushColor
SetArcDirection
SetBkMode
SelectClipRgn
SetDCPenColor
SetStretchBltMode
SetWorldTransform
SetROP2
CreatePolygonRgn
SetViewportOrgEx
SetBkColor
ExtTextOutW
BitBlt
EnumFontsW
CreateFontIndirectW
GetObjectW
GetStockObject
DeleteDC
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap

advapi32

RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

SHGetFolderPathW
ShellExecuteExW
Shell_NotifyIconW

ole32

OleInitialize
CreateStreamOnHGlobal

shlwapi

PathRemoveFileSpecW
StrToIntA

comctl32

InitCommonControlsEx
_TrackMouseEvent

Sections

.text
Size: 361KB - Virtual size: 360KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Assistant/2345InstUI.dll
.dll windows:5 windows x86 arch:x86

d08960554e6a4af4919731e20cdb9ead

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f9:aa:a3:47:dc:d9:23:d2:ba:75:ae:bf:1b:3a:e6:14:ef:15:ab:bc:58:36:55:77:29:2b:32:8d:8f:dd:d1:12
Signer

Actual PE Digest

f9:aa:a3:47:dc:d9:23:d2:ba:75:ae:bf:1b:3a:e6:14:ef:15:ab:bc:58:36:55:77:29:2b:32:8d:8f:dd:d1:12

Digest Algorithm

sha256

PE Digest Matches

true

d7:e8:c1:d6:c7:9a:94:d1:68:90:c9:41:eb:59:be:bd:a9:38:da:02
Signer

Actual PE Digest

d7:e8:c1:d6:c7:9a:94:d1:68:90:c9:41:eb:59:be:bd:a9:38:da:02

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\CommonPlatform\2345InstAgent\bin\Win32\Release\2345InstUI.pdb

Imports

sensapi

IsNetworkAlive

kernel32

CreateMutexW
ReleaseMutex
GetCurrentProcessId
FindResourceW
LoadResource
GetVersionExW
LockResource
GetSystemInfo
lstrlenW
lstrcatW
lstrcpyW
OpenProcess
QueryDosDeviceW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
FindClose
FindNextFileW
SetEvent
ResetEvent
CreateEventW
InterlockedExchangeAdd
GetFileSizeEx
DeleteFileW
HeapAlloc
HeapFree
GetProcessHeap
GlobalFree
LocalFree
GetTickCount
InterlockedExchange
FileTimeToSystemTime
WaitForMultipleObjects
GetLogicalDriveStringsW
GetFullPathNameW
CreateDirectoryW
GetTempPathW
GetCurrentDirectoryW
GetEnvironmentVariableW
FormatMessageW
LoadLibraryExW
GlobalMemoryStatusEx
DeviceIoControl
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
ReleaseSemaphore
FreeLibraryAndExitThread
GetThreadTimes
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
DeleteTimerQueueTimer
ChangeTimerQueueTimer
CreateTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SwitchToThread
SignalObjectAndWait
WaitForSingleObjectEx
CreateTimerQueue
DuplicateHandle
InitializeCriticalSectionAndSpinCount
lstrcpynW
lstrcmpW
RaiseException
ExpandEnvironmentStringsW
GetFileAttributesW
GetModuleHandleW
ResumeThread
WaitForSingleObject
CloseHandle
GetFileTime
CreateFileW
ReadFile
WriteFile
SetFileTime
SetEndOfFile
SetFilePointer
GetFileSize
InitializeCriticalSection
MultiByteToWideChar
GetACP
WideCharToMultiByte
GetCurrentThreadId
EnterCriticalSection
SetLastError
VirtualQuery
SuspendThread
CreateToolhelp32Snapshot
OpenThread
Thread32Next
Thread32First
InterlockedCompareExchange
SetThreadContext
FlushInstructionCache
GlobalUnlock
GetModuleFileNameW
MulDiv
LeaveCriticalSection
Sleep
GlobalAlloc
GlobalLock
GetCurrentProcess
SetErrorMode
lstrcmpiW
InterlockedDecrement
InterlockedIncrement
GetProcAddress
LoadLibraryW
GetLastError
EncodePointer
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
GetThreadContext
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
HeapDestroy
HeapCreate
GetModuleHandleA
DisableThreadLibraryCalls
OutputDebugStringA
VirtualProtect
GetCommandLineA
CreateThread
ExitThread
RtlUnwind
ExitProcess
GetModuleHandleExW
HeapSize
IsValidCodePage
GetOEMCP
GetCPInfo
GetCurrentThread
GetStdHandle
HeapReAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
FreeLibrary
DeleteCriticalSection
DecodePointer
TlsAlloc
TlsGetValue
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
QueryPerformanceFrequency
FreeResource
SetWaitableTimer
CreateWaitableTimerW
LocalAlloc
SizeofResource
SetEnvironmentVariableA
ReadConsoleW
WriteConsoleW
SetStdHandle
FlushFileBuffers
OutputDebugStringW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeZoneInformation
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue

user32

DialogBoxParamW
ReleaseCapture
CreateWindowExW
IsWindow
EnumChildWindows
SetWindowPos
GetSysColor
GetDesktopWindow
RedrawWindow
GetDlgItem
SetWindowTextW
MonitorFromWindow
ReleaseDC
GetClassNameW
GetWindowTextW
GetAncestor
GetWindowLongW
InvalidateRect
RegisterClassExW
GetForegroundWindow
GetDC
SetPropW
GetClassInfoExW
PtInRect
BeginPaint
SetFocus
CreateAcceleratorTableW
GetClientRect
LoadCursorW
InvalidateRgn
GetParent
GetFocus
IsZoomed
PostMessageW
SetCapture
IsChild
FillRect
RegisterWindowMessageW
CharNextW
RemovePropW
GetAsyncKeyState
LoadStringW
EnumThreadWindows
IsClipboardFormatAvailable
EmptyClipboard
GetClipboardData
SetClipboardData
CloseClipboard
GetIconInfo
DrawIconEx
SetForegroundWindow
GetCaretBlinkTime
ToAscii
GetKeyboardState
LoadImageW
LoadBitmapW
MsgWaitForMultipleObjects
SetCaretPos
SetRect
UpdateLayeredWindow
SetRectEmpty
UnionRect
SystemParametersInfoW
AttachThreadInput
PostQuitMessage
PeekMessageW
DispatchMessageW
TranslateMessage
GetMessageW
SetParent
MapWindowPoints
AdjustWindowRectEx
ValidateRect
SetWindowRgn
EnableWindow
OpenClipboard
MessageBoxW
UnregisterClassW
GetActiveWindow
EndDialog
SetWindowLongW
LoadIconW
DefWindowProcW
SendMessageW
MoveWindow
GetShellWindow
GetWindow
GetWindowThreadProcessId
CallWindowProcW
GetMonitorInfoW
GetPropW
EndPaint
ClientToScreen
DestroyWindow
GetWindowTextLengthW
DestroyAcceleratorTable
ScreenToClient
GetWindowRect
IsIconic
GetDCEx
GetWindowDC
SetCursor
GetCursorPos
CopyRect
IntersectRect
OffsetRect
IsRectEmpty
EqualRect
SetTimer
KillTimer
GetClassLongW
TrackMouseEvent
GetKeyState
ShowWindow
ShowWindowAsync
IsWindowVisible
GetSystemMetrics

gdi32

BitBlt
GetDeviceCaps
DeleteObject
SelectObject
CreateCompatibleBitmap
GetObjectW
GetStockObject
CreateSolidBrush
DeleteDC
CreateCompatibleDC
SetViewportOrgEx
SetGraphicsMode
SetWorldTransform
CreateRectRgnIndirect
CreatePolygonRgn
CreateFontIndirectW
SetBkColor
SetTextColor
EnumFontsW
GetClipBox
CreateDIBSection
CreateRoundRectRgn
PtInRegion
CreateDCW
GetDIBits
ExtTextOutW
GetRgnBox

advapi32

RegCreateKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteValueW
RegDeleteKeyW
RegCloseKey
RegSetValueExW

shell32

SHGetSpecialFolderPathW
DragFinish
SHGetFolderPathW
ord680
DragQueryFileW

ole32

CoCreateInstance
OleLockRunning
CLSIDFromProgID
CLSIDFromString
CreateStreamOnHGlobal
StringFromGUID2
OleInitialize
OleUninitialize
CoTaskMemFree
CoGetClassObject
CoTaskMemAlloc
CoTaskMemRealloc

oleaut32

SysAllocString
VarUI4FromStr
SysFreeString
DispCallFunc
SysStringLen
LoadRegTypeLi
OleCreateFontIndirect
SysAllocStringLen
VariantInit
LoadTypeLi
VariantClear

shlwapi

StrToIntA
PathFindFileNameW
ord12
PathAppendW
StrDupW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipImageGetFrameDimensionsCount
GdipImageGetFrameDimensionsList
GdipImageGetFrameCount
GdipImageSelectActiveFrame
GdipGetPropertyItemSize
GdipGetPropertyItem
GdipCreateBitmapFromStream
GdipCreateBitmapFromStreamICM
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImagePixelFormat
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipCloneBitmapAreaI
GdipCreatePath
GdipDeletePath
GdipClosePathFigure
ord1
GdipAddPathString
GdipGetPathWorldBounds
GdipCreateMatrix
GdipCreateMatrix2
GdipDeleteMatrix
GdipGetMatrixElements
GdipCloneRegion
GdipGetImageHeight
GdipTransformRegion
GdipCloneBrush
GdipDisposeImage
GdipCreateTexture
GdipGetTextureTransform
GdipCreateSolidFill
GdipCreateLineBrushI
GdipSetLinePresetBlend
GdipSetLineWrapMode
GdipGetLineTransform
GdipCreatePen1
GdipDeletePen
GdipSetPenDashStyle
GdipGetImageGraphicsContext
GdipCloneBitmapArea
GdipCreateImageAttributes
GdipDisposeImageAttributes
GdipSetImageAttributesColorMatrix
GdipSetImageAttributesWrapMode
GdipCreateFromHDC
GdipDeleteGraphics
GdipSetCompositingQuality
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipSetPixelOffsetMode
GdipSetTextRenderingHint
GdipDeleteRegion
GdipGetImageWidth
GdipGetTextRenderingHint
GdipSetInterpolationMode
GdipGetInterpolationMode
GdipMultiplyWorldTransform
GdipTranslateWorldTransform
GdipScaleWorldTransform
GdipRotateWorldTransform
GdipCloneImage
GdipFree
GdipAlloc
GdiplusStartup
GdiplusShutdown
GdipDeleteBrush
GdipSetLineTransform
GdipSetTextureTransform
GdipGetBrushType
GdipCombineRegionRegion
GdipCombineRegionPath
GdipCreateRegionPath
GdipAddPathEllipseI
GdipAddPathRectangleI
GdipAddPathBezierI
GdipAddPathArcI
GdipAddPathLineI
GdipSetStringFormatTrimming
GdipGetStringFormatLineAlign
GdipSetStringFormatLineAlign
GdipGetStringFormatAlign
GdipSetStringFormatAlign
GdipSetStringFormatFlags
GdipCloneStringFormat
GdipDeleteStringFormat
GdipStringFormatGetGenericTypographic
GdipMeasureString
GdipDrawString
GdipGetFontSize
GdipGetFontStyle
GdipGetFamily
GdipDeleteFont
GdipCreateFont
GdipGetLineSpacing
GdipGetCellDescent
GdipGetCellAscent
GdipGetEmHeight
GdipGetFamilyName
GdipDeleteFontFamily
GdipCreateFontFamilyFromName
GdipEndContainer
GdipBeginContainer2
GdipRestoreGraphics
GdipSaveGraphics
GdipGetClipBoundsI
GdipDrawLine
GdipSetClipRectI
GdipSetCompositingMode
GdipCreateHBITMAPFromBitmap
GdipDrawImageRectRectI
GdipDrawImageRectRect
GdipFillPath
GdipFillEllipse
GdipFillRectangleI
GdipGraphicsClear
GdipDrawPath
GdipDrawRectangle
GdipDrawArcI
GdipSetClipRegion

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

imm32

ImmSetCompositionWindow
ImmNotifyIME
ImmGetCompositionStringW
ImmAssociateContextEx
ImmReleaseContext
ImmGetContext

winmm

timeGetTime

psapi

GetMappedFileNameW

Exports

Exports

CanInstall
FixSoftware
GetHistoryData
GetUserOperation
Initialize
InstallProduct
InstallSoftware
ProtectInstall
SetStatisticType
ShowUserSelectPopup
Uninitialize

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 308KB - Virtual size: 308KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Assistant/HelperTool64.exe
.exe windows:5 windows x64 arch:x64

e8de56d93e2963aab9409153ff1f2b45

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cf:99:78:79:c1:55:ab:00:24:96:45:60:f6:55:4e:51:3b:eb:67:0f:97:9a:e9:26:63:34:be:d8:6d:30:ea:66
Signer

Actual PE Digest

cf:99:78:79:c1:55:ab:00:24:96:45:60:f6:55:4e:51:3b:eb:67:0f:97:9a:e9:26:63:34:be:d8:6d:30:ea:66

Digest Algorithm

sha256

PE Digest Matches

true

c3:44:09:21:53:ce:2c:18:4c:29:3b:2a:7f:03:ab:c2:2c:df:a9:b0
Signer

Actual PE Digest

c3:44:09:21:53:ce:2c:18:4c:29:3b:2a:7f:03:ab:c2:2c:df:a9:b0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

E:\trunk\dllplugin\HelperTool64\bin\x64\Release\HelperTool64.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
WaitForSingleObject
CloseHandle
CreateMutexW
Sleep
GetLastError
GetProcAddress
FindResourceW
LoadResource
GetModuleHandleW
GetVersionExW
LockResource
GetSystemInfo
lstrcmpiW
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
CreateFileW
lstrlenW
LoadLibraryW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetFullPathNameW
GetFileAttributesW
WriteFile
ReadFile
LoadLibraryExW
GetModuleFileNameW
VirtualFree
VirtualQuery
EncodePointer
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
RtlPcToFileHeader
RaiseException
RtlLookupFunctionEntry
RtlUnwindEx
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
GetCPInfo
RtlCaptureContext
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetFileType
QueryPerformanceCounter
GetCurrentProcessId
GetEnvironmentStringsW
FreeEnvironmentStringsW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OutputDebugStringW
SetStdHandle
WriteConsoleW
ReadConsoleW
GetThreadContext
SetThreadContext
Thread32First
HeapDestroy
HeapCreate
Thread32Next
FlushInstructionCache
OpenThread
VirtualProtect
CreateToolhelp32Snapshot
SuspendThread
ResumeThread
VirtualAlloc

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Assistant/OptimizeTool.dll
.dll windows:5 windows x86 arch:x86

db722b9c7af74f133b7f2e856b17512e

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9b:7c:08:cc:d3:67:ff:cc:f8:4b:93:bb:63:fd:0e:a0:ca:8a:f0:c6:26:47:70:33:69:64:a8:2a:07:76:08:42
Signer

Actual PE Digest

9b:7c:08:cc:d3:67:ff:cc:f8:4b:93:bb:63:fd:0e:a0:ca:8a:f0:c6:26:47:70:33:69:64:a8:2a:07:76:08:42

Digest Algorithm

sha256

PE Digest Matches

true

ce:1b:3e:40:85:72:f9:40:1a:6c:9b:f4:f5:ab:37:0b:22:62:ab:13
Signer

Actual PE Digest

ce:1b:3e:40:85:72:f9:40:1a:6c:9b:f4:f5:ab:37:0b:22:62:ab:13

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dllplugin\FileDownloader\RecommendPCSafeDll\bin\release_static\OptimizeTool.pdb

Imports

kernel32

CreateEventW
ResetEvent
DeviceIoControl
SwitchToThread
InterlockedPopEntrySList
LoadLibraryExA
ExitThread
SetErrorMode
OpenMutexW
GetModuleHandleW
LocalFree
CloseHandle
WaitForSingleObject
CreateMutexW
GetCommandLineW
FreeLibrary
DeleteCriticalSection
GetProcAddress
DecodePointer
LoadLibraryW
RaiseException
VirtualQuery
VirtualAlloc
VirtualFree
OpenThread
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
ResumeThread
SuspendThread
Thread32First
Thread32Next
GetLastError
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetModuleFileNameA
ExitProcess
TlsFree
EncodePointer
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwind
GetFileType
GetEnvironmentVariableW
GetStdHandle
FlushInstructionCache
HeapDestroy
HeapCreate
OutputDebugStringA
GetModuleHandleExW
VirtualProtect
TlsGetValue
CreateThread
TlsAlloc
DisableThreadLibraryCalls
GetModuleHandleA
TlsSetValue
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
QueryPerformanceFrequency
FreeResource
GlobalUnlock
GlobalLock
LocalAlloc
CreateWaitableTimerW
SetWaitableTimer
MulDiv
lstrcmpW
LoadLibraryExW
InterlockedIncrement
InterlockedDecrement
SizeofResource
OutputDebugStringW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GlobalMemoryStatusEx
InterlockedExchangeAdd
SetLastError
InterlockedExchange
GetTickCount
SetEvent
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
lstrcpynW
GetPrivateProfileStringW
GetPrivateProfileIntW
InterlockedCompareExchange
WritePrivateProfileStringW
FormatMessageW
Sleep
FindFirstFileW
FindClose
FileTimeToSystemTime
lstrcatW
GetCurrentProcessId
lstrcmpiW
ExpandEnvironmentStringsW
GetFileAttributesW
GetVersionExW
LockResource
GetSystemInfo
LoadResource
FindResourceW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
ReadFile
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
CreateFileW
GetFileSize
GetFileTime
HeapFree
GetCurrentThreadId
GlobalAlloc
GlobalFree
HeapAlloc
GetProcessHeap
GetLongPathNameW
GetFileAttributesExW
lstrlenW
lstrcpyW
DeleteFileW
GetFileSizeEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
FindNextFileW
GetLogicalDriveStringsW
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetCurrentDirectoryW
WaitForMultipleObjects
ReleaseMutex
FreeLibraryAndExitThread

user32

LoadIconW
SetWindowLongW
DestroyWindow
PostMessageW
GetActiveWindow
SetForegroundWindow
MessageBoxW
GetMonitorInfoW
CreateWindowExW
MoveWindow
EndDialog
SetWindowPos
MonitorFromWindow
UnregisterClassW
FindWindowW
GetPropW
RemovePropW
GetForegroundWindow
SetPropW
GetAsyncKeyState
GetFocus
LoadStringW
DestroyAcceleratorTable
CreateAcceleratorTableW
EnumThreadWindows
PostQuitMessage
RegisterWindowMessageW
GetAncestor
EmptyClipboard
SetClipboardData
GetClassInfoExW
CloseClipboard
GetClipboardData
IsClipboardFormatAvailable
GetSysColor
GetSystemMetrics
GetKeyboardState
GetCaretBlinkTime
ToAscii
GetMessageW
CallWindowProcW
DispatchMessageW
TranslateMessage
RegisterClassExW
GetIconInfo
DrawIconEx
LoadBitmapW
LoadImageW
GetDesktopWindow
SetCaretPos
AttachThreadInput
SystemParametersInfoW
GetClassLongW
SetRectEmpty
MsgWaitForMultipleObjects
FillRect
UpdateLayeredWindow
UnionRect
PtInRect
SetRect
GetWindowThreadProcessId
GetWindowTextLengthW
GetCursorPos
ReleaseDC
IsIconic
GetDCEx
InvalidateRect
GetParent
IsZoomed
GetClientRect
SetCursor
GetWindowDC
LoadCursorW
IntersectRect
IsRectEmpty
ClientToScreen
CopyRect
RedrawWindow
OffsetRect
IsWindow
SendMessageW
EnumChildWindows
EqualRect
GetWindowRect
DefWindowProcW
GetWindowLongW
DialogBoxParamW
SetWindowTextW
CharNextW
ReleaseCapture
SetCapture
TrackMouseEvent
ScreenToClient
GetKeyState
GetWindowTextW
EnableWindow
EndPaint
BeginPaint
KillTimer
GetDlgItem
SetParent
GetClassNameW
SetFocus
ValidateRect
MapWindowPoints
IsChild
SetTimer
OpenClipboard
InvalidateRgn
ShowWindow
SetWindowRgn
IsWindowVisible
GetDC
GetWindow
ShowWindowAsync
AdjustWindowRectEx

gdi32

CreateFontIndirectW
CreateSolidBrush
SetBkColor
CreateRectRgnIndirect
GetClipBox
GetObjectW
EnumFontsW
PtInRegion
CreateRoundRectRgn
CreateDIBSection
GetDeviceCaps
CreateDCW
ExtTextOutW
CreatePolygonRgn
BitBlt
SetGraphicsMode
CreateCompatibleBitmap
SelectObject
DeleteDC
CreateCompatibleDC
SetViewportOrgEx
DeleteObject
GetRgnBox
GetStockObject
GetDIBits
SetWorldTransform
SetTextColor

shell32

CommandLineToArgvW
ShellExecuteW
SHGetFolderPathW
ShellExecuteExW
SHGetSpecialFolderPathW
DragQueryFileW
DragFinish

oleaut32

SysStringLen
SysFreeString
VarUI4FromStr
SysAllocString
VariantClear
SysAllocStringLen
OleCreateFontIndirect
DispCallFunc
LoadTypeLi
VariantInit
LoadRegTypeLi

shlwapi

StrDupW
PathAppendW
PathFindFileNameW
StrToIntA
ord12
PathFileExistsW

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipDeleteRegion
GdipMeasureString
GdipCloneBrush
GdipRestoreGraphics
GdipRotateWorldTransform
GdipStringFormatGetGenericTypographic
GdipGetCellAscent
GdipSetTextRenderingHint
GdipCloneStringFormat
GdipGetMatrixElements
GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipCreateFromHDC
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipDrawString
GdipDrawPath
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipSetPixelOffsetMode
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipGetImageGraphicsContext
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipGetImageHeight
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipFree
GdipBitmapLockBits
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipFillRectangleI
ord1
GdipDeleteGraphics
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDeleteStringFormat
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipAddPathString
GdipGetTextRenderingHint
GdipDeleteFont
GdipCreatePath
GdipSetTextureTransform
GdipSetLineTransform
GdipGetBrushType
GdipCombineRegionRegion
GdipAddPathRectangleI
GdipAddPathArcI
GdipAddPathEllipseI
GdipCombineRegionPath
GdipCreateHBITMAPFromBitmap
GdipSetCompositingMode
GdipAddPathBezierI
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipGetFontSize

psapi

GetMappedFileNameW

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

imm32

ImmNotifyIME
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

winmm

timeGetTime

advapi32

RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegQueryInfoKeyW
RegCloseKey
RegOpenKeyExW
RegSetValueExW

ole32

CLSIDFromString
OleInitialize
CLSIDFromProgID
StringFromGUID2
OleLockRunning
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
CoCreateInstance
CoTaskMemAlloc

Exports

Exports

Optimize

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 282KB - Virtual size: 281KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Assistant/Update_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

5a90065e89256fc0c3dd3aba7e651f68

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

44:6b:9a:c7:14:72:ca:41:1e:09:77:1c:a2:40:23:a6:c1:70:21:eb:f3:24:94:87:80:86:aa:4b:50:a0:ed:8d
Signer

Actual PE Digest

44:6b:9a:c7:14:72:ca:41:1e:09:77:1c:a2:40:23:a6:c1:70:21:eb:f3:24:94:87:80:86:aa:4b:50:a0:ed:8d

Digest Algorithm

sha256

PE Digest Matches

true

94:c9:1d:60:30:13:83:b1:e3:ea:21:00:00:2b:79:72:09:9d:b6:8e
Signer

Actual PE Digest

94:c9:1d:60:30:13:83:b1:e3:ea:21:00:00:2b:79:72:09:9d:b6:8e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\Update2345Explorer\bin\Win32\Release\pdb\Update_2345Explorer.pdb

Imports

kernel32

GetLastError
RaiseException
WritePrivateProfileStringA
DecodePointer
DeleteCriticalSection
GetPrivateProfileStringA
ExpandEnvironmentStringsW
GetModuleFileNameW
GetFileAttributesW
GetProcAddress
GetModuleHandleW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
GetCurrentThreadId
SuspendThread
GetExitCodeThread
Sleep
TerminateThread
SwitchToThread
OpenThread
ResumeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
WaitForMultipleObjects
LocalFree
GetCurrentProcessId
CreateProcessW
GetExitCodeProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
ReadFile
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
CreateFileW
GetFileSize
GetFileTime
CreateMutexW
ReleaseMutex
GetVersionExW
LockResource
GetSystemInfo
LoadResource
FindResourceW
lstrcmpiW
lstrlenW
InitializeCriticalSectionAndSpinCount
DeleteFileW
GetFileSizeEx
FindFirstFileW
FindNextFileW
FindClose
GetLongPathNameW
GetFileAttributesExW
HeapFree
HeapAlloc
GetProcessHeap
GetLogicalDriveStringsW
LoadLibraryW
FreeLibrary
ResetEvent
InterlockedExchangeAdd
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetCurrentDirectoryW
FormatMessageW
InterlockedExchange
SetLastError
GetTickCount
GlobalMemoryStatusEx
GetPrivateProfileStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
GetEnvironmentVariableW
DeviceIoControl
WriteConsoleW
SetFilePointerEx
GetConsoleMode
DeleteTimerQueueTimer
GetCommandLineW
CloseHandle
SetEvent
CreateEventW
OpenEventW
WaitForSingleObject
CreateTimerQueueTimer
GetConsoleCP
FlushFileBuffers
HeapSize
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindFirstFileExW
HeapReAlloc
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetFileType
GetStdHandle
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
OutputDebugStringW
RtlUnwind
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess

user32

GetMessageW
DefWindowProcW
CreateWindowExW
TranslateMessage
RegisterClassW
LoadIconW
LoadCursorW
PostQuitMessage
DispatchMessageW

gdi32

GetStockObject

advapi32

GetUserNameW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW

netapi32

NetLocalGroupGetMembers

Sections

.text
Size: 731KB - Virtual size: 731KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 179KB - Virtual size: 179KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Doctor/Doctor_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

e4c1335ecafebd3bc95066b3f7bdde46

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

41:ee:14:e4:8a:92:ab:2c:3e:04:a7:a6:90:41:23:5a:f8:2c:b7:c7:cd:a0:36:69:93:19:0e:2a:1d:61:ef:8c
Signer

Actual PE Digest

41:ee:14:e4:8a:92:ab:2c:3e:04:a7:a6:90:41:23:5a:f8:2c:b7:c7:cd:a0:36:69:93:19:0e:2a:1d:61:ef:8c

Digest Algorithm

sha256

PE Digest Matches

true

bb:77:d1:5e:6f:51:11:91:87:58:dc:77:5e:14:e5:96:3f:06:76:c3
Signer

Actual PE Digest

bb:77:d1:5e:6f:51:11:91:87:58:dc:77:5e:14:e5:96:3f:06:76:c3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\Doctor\bin\Win32\Release\pdb\Doctor_2345Explorer.pdb

Imports

winhttp

WinHttpReceiveResponse
WinHttpOpen
WinHttpConnect
WinHttpOpenRequest
WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpQueryHeaders

mprapi

MprConfigGetFriendlyName
MprConfigServerConnect

iphlpapi

GetAdaptersInfo
GetInterfaceInfo
IpReleaseAddress
GetNetworkParams
SendARP
IpRenewAddress
GetBestInterface

ws2_32

WSCDeinstallProvider
WSAStartup
gethostbyname
WSACleanup
inet_addr

kernel32

ReadFile
TryEnterCriticalSection
HeapCreate
HeapFree
GetFullPathNameW
WriteFile
InterlockedCompareExchange
GetDiskFreeSpaceW
OutputDebugStringA
LockFile
SetFilePointer
GetFullPathNameA
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateFileW
GetFileAttributesW
GetVersionExW
HeapValidate
HeapSize
MultiByteToWideChar
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
FlushViewOfFile
CreateFileA
LoadLibraryA
WaitForSingleObjectEx
GetVersionExA
DeleteFileA
HeapReAlloc
GetSystemInfo
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
CreateFileMappingA
LockFileEx
GetFileSize
GetProcessHeap
SystemTimeToFileTime
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
QueryPerformanceCounter
FlushFileBuffers
TerminateProcess
InterlockedDecrement
InterlockedIncrement
SetErrorMode
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpW
MulDiv
GetShortPathNameW
OpenProcess
LocalAlloc
DeviceIoControl
GetSystemDirectoryW
GetEnvironmentVariableW
GlobalFree
InterlockedExchange
GetCurrentProcess
GetLocalTime
FlushInstructionCache
VirtualProtect
GetModuleHandleExW
lstrcmpiW
MoveFileW
lstrlenW
lstrcpynW
GlobalMemoryStatusEx
DeleteFileW
Thread32Next
Thread32First
SuspendThread
ResumeThread
CreateToolhelp32Snapshot
GetThreadContext
SetThreadContext
OpenThread
VirtualFree
VirtualAlloc
VirtualQuery
SwitchToThread
LoadLibraryExW
ExpandEnvironmentStringsW
GetLongPathNameW
GetACP
LockResource
LoadResource
FindResourceW
SetFileTime
GetFileTime
TerminateThread
WaitForMultipleObjects
CreateEventW
SetEvent
ResetEvent
InterlockedExchangeAdd
lstrcpyW
GetFileSizeEx
GetCurrentDirectoryW
MoveFileExW
CopyFileW
GetLogicalDriveStringsW
SizeofResource
SetWaitableTimer
CreateWaitableTimerW
MapViewOfFileEx
FreeResource
QueryPerformanceFrequency
TlsSetValue
GetModuleHandleA
DisableThreadLibraryCalls
TlsAlloc
CreateThread
TlsGetValue
GetStdHandle
GetFileType
lstrcatW
SetFileAttributesW
FindClose
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
IsProcessorFeaturePresent
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
RemoveDirectoryW
FindNextFileW
SetLocalTime
ReadConsoleW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
SetStdHandle
SetFilePointerEx
WriteConsoleW
WritePrivateProfileStringW
FindFirstFileW
SetUnhandledExceptionFilter
DeleteCriticalSection
LocalFree
DecodePointer
RaiseException
GetPrivateProfileStringW
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetCommandLineW
GetModuleHandleW
GetTickCount
MapViewOfFile
CreateFileMappingW
GetCurrentProcessId
GetLastError
Sleep
IsDebuggerPresent
UnmapViewOfFile
ReleaseMutex
GetCurrentThreadId
WaitForSingleObject
CreateMutexW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
CreateDirectoryW
ExitProcess
FreeLibraryAndExitThread
ExitThread
RtlUnwind
LoadLibraryExA
AreFileApisANSI
GetExitCodeThread
GetExitCodeProcess
FreeLibrary
CreateProcessW
GetProcAddress
LoadLibraryW
QueryDosDeviceW
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetStartupInfoW
CompareStringW
TlsFree
EncodePointer
CloseHandle
FileTimeToSystemTime
GetLocaleInfoW
LCMapStringW

user32

AdjustWindowRectEx
GetWindowThreadProcessId
UnionRect
SystemParametersInfoW
AttachThreadInput
SetRect
UpdateLayeredWindow
MsgWaitForMultipleObjects
SetRectEmpty
GetClassLongW
SetCaretPos
LoadImageW
LoadBitmapW
DrawIconEx
GetIconInfo
ToAscii
GetCaretBlinkTime
GetKeyboardState
GetSystemMetrics
IsClipboardFormatAvailable
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
GetAncestor
EnumThreadWindows
LoadStringW
GetAsyncKeyState
KillTimer
EnableWindow
GetKeyState
TrackMouseEvent
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
ShowWindowAsync
DialogBoxParamW
GetWindowRect
EqualRect
IntersectRect
GetWindowDC
ValidateRect
IsZoomed
GetDCEx
IsIconic
EnumChildWindows
OffsetRect
PtInRect
IsRectEmpty
MessageBoxW
wsprintfW
GetWindowTextLengthW
GetWindow
GetFocus
GetDC
SetWindowPos
FillRect
CreateWindowExW
ScreenToClient
SetWindowTextW
RegisterClassExW
IsWindow
IsWindowVisible
MonitorFromWindow
SetWindowRgn
InvalidateRgn
RedrawWindow
ClientToScreen
DestroyAcceleratorTable
IsChild
GetSysColor
MoveWindow
CreateAcceleratorTableW
SetFocus
CharNextW
LoadCursorW
GetClassNameW
SetCapture
GetClientRect
GetDlgItem
GetClassInfoExW
GetParent
RegisterWindowMessageW
ReleaseCapture
MapWindowPoints
ShowWindow
OpenClipboard
SetTimer
GetMonitorInfoW
PostQuitMessage
InvalidateRect
ReleaseDC
BeginPaint
EndPaint
GetWindowTextW
GetDesktopWindow
EndDialog
GetWindowLongW
DefWindowProcW
CallWindowProcW
DestroyWindow
LoadIconW
SetWindowLongW
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
PostMessageW
UnregisterClassW
FindWindowW
SetForegroundWindow
SendMessageW
SetPropW
CopyRect
GetForegroundWindow
RemovePropW
GetPropW
SetParent
SetCursor
GetCursorPos

gdi32

CreateDIBSection
GetDIBits
CreateDCW
ExtTextOutW
GetClipBox
SetTextColor
SetBkColor
CreateFontIndirectW
SetGraphicsMode
SetWorldTransform
CreateRectRgnIndirect
CreatePolygonRgn
CreateRoundRectRgn
PtInRegion
SetViewportOrgEx
GetRgnBox
BitBlt
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
GetStockObject
GetDeviceCaps
GetObjectW
DeleteObject
CreateSolidBrush
EnumFontsW
DeleteDC

advapi32

RegCloseKey
OpenServiceW
RegDeleteValueW
ChangeServiceConfigW
QueryServiceConfigW
RegOpenKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
GetUserNameW
AdjustTokenPrivileges
DuplicateTokenEx
QueryServiceStatus
CloseServiceHandle
OpenSCManagerW
RegSetValueExW
StartServiceW

shell32

ShellExecuteW
CommandLineToArgvW
ShellExecuteExW
ord155
ord190
SHGetSpecialFolderPathW
SHGetFolderPathW
DragQueryFileW
DragFinish

ole32

OleLockRunning
CLSIDFromString
CreateStreamOnHGlobal
CoTaskMemFree
CLSIDFromProgID
StringFromGUID2
CoTaskMemAlloc
StringFromCLSID
CoGetClassObject
OleInitialize
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeSecurity
CoInitializeEx
CoTaskMemRealloc
OleUninitialize
PropVariantClear

oleaut32

VarUI4FromStr
VariantChangeType
LoadRegTypeLi
VariantInit
LoadTypeLi
OleCreateFontIndirect
SysAllocString
DispCallFunc
SysStringLen
SysAllocStringLen
VariantClear
SysFreeString

shlwapi

PathRemoveFileSpecW
SHCopyKeyW
PathStripPathW
StrStrIW
PathFileExistsW
PathAppendW
SHSetValueW
SHStrDupW
ord12
StrToIntA
PathFindFileNameW
StrDupW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

wininet

FindCloseUrlCache
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW
DeleteUrlCacheEntryW

dsound

ord11
ord1

winmm

waveOutWrite
midiStreamOut
timeGetTime
midiStreamClose

psapi

GetMappedFileNameW

gdiplus

GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipCreateFromHDC
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipDrawString
GdipDrawPath
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipSetPixelOffsetMode
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipGetMatrixElements
GdipGetTextRenderingHint
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipAddPathBezierI
GdipCombineRegionPath
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathRectangleI
GdipCombineRegionRegion
GdipGetBrushType
GdipSetLineTransform
GdipSetTextureTransform
GdipSetCompositingMode
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipGetImageHeight
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipFree
GdipBitmapLockBits
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdiplusStartup
GdiplusShutdown
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipGetCellAscent
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipCloneBrush
GdipMeasureString
GdipDeleteRegion
GdipGetImageGraphicsContext
GdipFillRectangleI
ord1
GdipDeleteGraphics
GdipDeleteStringFormat
GdipDeleteFont
GdipAddPathString
GdipGetFontSize
GdipCreateHBITMAPFromBitmap

imm32

ImmSetCompositionWindow
ImmGetCompositionStringW
ImmAssociateContextEx
ImmReleaseContext
ImmGetContext
ImmNotifyIME

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 409KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 33KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Doctor/Downloader_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

3d06f7be9c2c3643f76a9c85f5d10ab1

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:85:0e:5d:23:fc:9c:95:c2:d9:84:f2:d5:c5:77:54:a7:1c:74:d9:b9:aa:b3:42:5a:82:3d:f4:d9:18:c0:69
Signer

Actual PE Digest

cb:85:0e:5d:23:fc:9c:95:c2:d9:84:f2:d5:c5:77:54:a7:1c:74:d9:b9:aa:b3:42:5a:82:3d:f4:d9:18:c0:69

Digest Algorithm

sha256

PE Digest Matches

true

89:e8:30:30:ba:32:da:b4:b7:d8:1f:90:c1:68:c8:1c:ee:48:93:24
Signer

Actual PE Digest

89:e8:30:30:ba:32:da:b4:b7:d8:1f:90:c1:68:c8:1c:ee:48:93:24

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\LightInstPackage\bin\release_static\LightInstPackage.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

gdiplus

GdipSetClipRectI
GdipScaleWorldTransform
GdipSetPixelOffsetMode
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipAddPathString
GdipGetTextRenderingHint
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipAddPathBezierI
GdipCombineRegionPath
GdipAddPathEllipseI
GdipGetSmoothingMode
GdipAddPathRectangleI
GdipCombineRegionRegion
GdipGetBrushType
GdipSetLineTransform
GdipSetTextureTransform
GdipCreateImageAttributes
GdipSetClipRegion
GdipDrawPath
GdipDrawString
GdipSetImageAttributesWrapMode
GdipGetClipBoundsI
GdipCreateFromHDC
GdipFillEllipse
GdipBeginContainer2
GdipCreateTexture
GdipGetTextureTransform
GdipGetMatrixElements
GdipCloneStringFormat
GdipSetTextRenderingHint
GdipGetCellAscent
GdipStringFormatGetGenericTypographic
GdipRotateWorldTransform
GdipRestoreGraphics
GdipCloneBrush
GdipMeasureString
GdipDeleteRegion
GdipGetImageGraphicsContext
GdipFillRectangleI
ord1
GdipDeleteGraphics
GdipDeleteStringFormat
GdipDeleteFont
GdipGetFontSize
GdipTranslateWorldTransform
GdipDeletePen
GdipCreatePen1
GdipSetStringFormatAlign
GdipDrawImageRectRectI
GdipDeleteMatrix
GdipGetFamilyName
GdipCloneRegion
GdipSetStringFormatFlags
GdipGetImageHeight
GdipCloneImage
GdipBitmapUnlockBits
GdipCreateBitmapFromStream
GdipAlloc
GdipDisposeImage
GdipGetImagePixelFormat
GdipCloneBitmapAreaI
GdipFree
GdipBitmapLockBits
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipCreateBitmapFromScan0
GdipClosePathFigure
GdipAddPathArcI
GdipSetCompositingMode
GdipDrawArcI
GdiplusShutdown
GdiplusStartup
GdipCreateHBITMAPFromBitmap

psapi

GetMappedFileNameW
GetModuleFileNameExW

kernel32

ResumeThread
ReadFile
WriteFile
SetFileTime
SetFilePointer
SetEndOfFile
GetFileSize
GetFileTime
CreateDirectoryW
GetFullPathNameW
RemoveDirectoryW
GetTempPathW
SetFileAttributesW
GetCurrentDirectoryW
MoveFileExW
MoveFileW
FindNextFileW
LoadLibraryW
FreeLibrary
WaitForMultipleObjects
LocalFree
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateEventW
Sleep
SetEvent
ResetEvent
InterlockedExchangeAdd
GetFileSizeEx
HeapFree
GetCurrentThreadId
GlobalAlloc
GlobalFree
HeapAlloc
GetProcessHeap
ReleaseMutex
QueryDosDeviceW
GetCurrentProcess
FormatMessageW
GetACP
MultiByteToWideChar
WideCharToMultiByte
InterlockedExchange
SetLastError
GlobalMemoryStatusEx
SizeofResource
InterlockedDecrement
InterlockedIncrement
LoadLibraryExW
MulDiv
lstrcmpW
GlobalLock
GetDiskFreeSpaceW
SetWaitableTimer
CreateWaitableTimerW
LocalAlloc
FreeResource
QueryPerformanceFrequency
QueryPerformanceCounter
UnmapViewOfFile
CreateFileMappingW
MapViewOfFileEx
FindResourceW
GetModuleHandleA
DisableThreadLibraryCalls
TlsAlloc
CreateThread
TlsGetValue
VirtualProtect
GetModuleHandleExW
OutputDebugStringA
HeapCreate
HeapDestroy
FlushInstructionCache
FileTimeToSystemTime
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
OutputDebugStringW
InterlockedPopEntrySList
InterlockedPushEntrySList
VirtualAlloc
VirtualFree
LoadLibraryExA
InterlockedCompareExchange
Thread32Next
Thread32First
SuspendThread
HeapReAlloc
GetThreadContext
SetThreadContext
OpenThread
VirtualQuery
RtlUnwind
ExitThread
FreeLibraryAndExitThread
ExitProcess
GetStdHandle
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetTimeZoneInformation
HeapSize
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCommandLineA
GetLogicalDriveStringsW
GetVolumeInformationW
lstrcpyW
ExpandEnvironmentStringsW
GlobalUnlock
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
LoadResource
GetSystemInfo
LockResource
SetEnvironmentVariableA
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW
GetEnvironmentVariableW
DeviceIoControl
GetProcAddress
GetFileAttributesExW
CreateFileW
GetLongPathNameW
GetTickCount
lstrcatW
GetFileAttributesW
WaitForSingleObject
FindClose
lstrcpynW
FindFirstFileW
OpenMutexW
DeleteCriticalSection
DecodePointer
GetModuleHandleW
RaiseException
GetLastError
CreateMutexW
SetErrorMode
InitializeCriticalSectionAndSpinCount
GetLocalTime
DeleteFileW
GetModuleFileNameW
lstrcmpiW
GetCurrentProcessId
CloseHandle
Process32FirstW
Process32NextW
CreateToolhelp32Snapshot
LCMapStringW
OpenProcess
GetVersionExW
lstrlenW
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCPInfo
GetStringTypeW
GetLocaleInfoW
TlsFree
SwitchToThread
TlsSetValue
EncodePointer
CompareStringW
GetSystemTimeAsFileTime

user32

MsgWaitForMultipleObjects
SystemParametersInfoW
AttachThreadInput
LoadBitmapW
IsClipboardFormatAvailable
SetClipboardData
GetClipboardData
EmptyClipboard
CloseClipboard
SetRectEmpty
SetCaretPos
SetRect
UpdateLayeredWindow
FillRect
DrawIconEx
GetSysColor
GetAncestor
EnumThreadWindows
CreateAcceleratorTableW
DestroyAcceleratorTable
LoadStringW
GetFocus
GetAsyncKeyState
MoveWindow
SetFocus
BringWindowToTop
GetClassNameW
SetParent
GetDlgItem
GetWindowThreadProcessId
BeginPaint
EndPaint
EnableWindow
GetWindowTextW
ScreenToClient
TrackMouseEvent
SetCapture
ReleaseCapture
IsWindowVisible
MonitorFromWindow
SetWindowRgn
GetWindowTextLengthW
GetClassLongW
SetWindowTextW
DialogBoxParamW
UnionRect
PtInRect
GetWindowRect
EqualRect
EnumChildWindows
RedrawWindow
ClientToScreen
IntersectRect
GetWindowDC
SetCursor
GetClientRect
IsZoomed
GetParent
InvalidateRect
ShowWindow
InvalidateRgn
OpenClipboard
GetMonitorInfoW
IsChild
AdjustWindowRectEx
ShowWindowAsync
GetDCEx
IsIconic
GetKeyState
GetKeyboardState
OffsetRect
CopyRect
GetCaretBlinkTime
ToAscii
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
IsRectEmpty
LoadMenuW
GetDC
CreateWindowExW
GetSystemMetrics
RegisterClassExW
TrackPopupMenu
GetSubMenu
IsWindow
SetTimer
GetMenuDefaultItem
DestroyIcon
IsMenu
SetMenuDefaultItem
DestroyMenu
LoadCursorW
KillTimer
GetClassInfoExW
RegisterWindowMessageW
LoadImageW
ReleaseDC
GetCursorPos
EndDialog
GetWindowLongW
DefWindowProcW
CallWindowProcW
PostMessageW
DestroyWindow
SetWindowPos
SendMessageW
CharPrevW
CharNextW
LoadIconW
FindWindowW
SetWindowLongW
GetDesktopWindow
SetForegroundWindow
MessageBoxW
UnregisterClassW
MapWindowPoints
ValidateRect
GetWindow
SetPropW
GetForegroundWindow
RemovePropW
GetPropW
GetIconInfo

gdi32

CreateSolidBrush
SetBkColor
SetTextColor
GetDIBits
SetGraphicsMode
CreateDIBSection
PtInRegion
CreateRoundRectRgn
ExtTextOutW
SetWorldTransform
CreateRectRgnIndirect
CreatePolygonRgn
EnumFontsW
GetStockObject
GetObjectW
CreateFontIndirectW
GetClipBox
GetDeviceCaps
BitBlt
SetViewportOrgEx
GetRgnBox
CreateCompatibleBitmap
SelectObject
CreateCompatibleDC
DeleteObject
CreateDCW
DeleteDC

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegCloseKey
RegQueryValueExW
RegDeleteKeyW
RegCreateKeyExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW

shell32

DragFinish
DragQueryFileW
Shell_NotifyIconW
SHGetFolderPathW
ShellExecuteExW
SHBrowseForFolderW
SHGetSpecialFolderPathW
SHGetPathFromIDListW

ole32

OleLockRunning
CLSIDFromString
OleInitialize
CLSIDFromProgID
OleUninitialize
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
CoCreateInstance
CoTaskMemAlloc
StringFromGUID2

oleaut32

SysAllocString
VarUI4FromStr
LoadTypeLi
VariantClear
LoadRegTypeLi
VariantInit
SysFreeString
OleCreateFontIndirect
DispCallFunc
SysStringLen
SysAllocStringLen

shlwapi

StrDupW
PathAppendW
StrToIntA
ord12
PathIsRootW
PathFileExistsW
PathFindFileNameW

comctl32

_TrackMouseEvent
InitCommonControlsEx

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

imm32

ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext
ImmNotifyIME

winmm

timeGetTime

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 127KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Doctor/libcurl_x86.dll
.dll windows:6 windows x86 arch:x86

a996403d816908e79c3d6e0ea1cbe2e2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2
Signer

Actual PE Digest

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2

Digest Algorithm

sha256

PE Digest Matches

true

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e
Signer

Actual PE Digest

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\dev\RCFL\vendor\depends\curl\out\bin\Win32\release_static\pdb\libcurl_x86.pdb

Imports

ws2_32

bind
closesocket
connect
getpeername
getsockopt
htons
ntohs
recv
setsockopt
socket
WSASetLastError
WSAIoctl
getaddrinfo
freeaddrinfo
gethostname
accept
WSAGetLastError
listen
ioctlsocket
__WSAFDIsSet
select
send
WSAStartup
WSACleanup
recvfrom
sendto
getsockname
shutdown
htonl
ntohl
gethostbyname
getservbyname

wldap32

ord145
ord219
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

kernel32

FindNextFileA
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
RaiseException
ReadConsoleW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleFileNameW
GetProcessHeap
RtlUnwind
FatalAppExitA
CreateSemaphoreW
GetStartupInfoW
FindFirstFileA
GetFullPathNameA
HeapSize
SetEndOfFile
WriteConsoleW
GetCurrentDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsA
Sleep
GetLastError
SetLastError
FormatMessageA
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
WriteFile
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GlobalMemoryStatus
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CreateEventW
SetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
OutputDebugStringW
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CreateThread
ExitThread
LoadLibraryExW
HeapFree
HeapAlloc
HeapReAlloc
SetFilePointerEx
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
GetCommandLineA
SetConsoleCtrlHandler
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers

user32

ReleaseDC
GetDC
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

gdi32

DeleteObject
GetDeviceCaps
GetDIBits
GetObjectA
CreateCompatibleBitmap

advapi32

RegisterEventSourceA
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
DeregisterEventSource

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Locales/zh-CN.pak
$_65_/Plugins/np-mswmp.dll
.dll windows:6 windows x86 arch:x86

6248bec906df433624b546a90f44da2b

Code Sign

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

c1:00:8b:3c:3c:88:11:d1:3e:f6:63:ec:df:40
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

10/01/1997, 07:00

Not After

31/12/2020, 07:00

Subject

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:53

Not After

16/09/2011, 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

61:49:7c:ed:00:00:00:00:00:05
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16/09/2006, 01:55

Not After

16/09/2011, 02:05

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:10D8-5847-CBF8,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1d:ab:11:da:c4:02:a1:66:27:ba
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

04/04/2006, 17:44

Not After

26/04/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:46:9e:cb:00:04:00:00:00:65
Certificate

Issuer

CN=Microsoft Code Signing PCA,OU=Copyright (c) 2000 Microsoft Corp.,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

04/04/2006, 19:43

Not After

04/10/2007, 19:53

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

26:1e:cf:d6:29:79:85:bf:29:37:b7:99:a6:d1:c8:fd:22:5c:65:e3
Signer

Actual PE Digest

26:1e:cf:d6:29:79:85:bf:29:37:b7:99:a6:d1:c8:fd:22:5c:65:e3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

np-mswmp.pdb

Imports

msvcrt

??_U@YAPAXI@Z
iswspace
wcsspn
wcscspn
_wtoi
atoi
atof
memcpy
wcsstr
__CxxFrameHandler
_errno
_XcptFilter
_initterm
_amsg_exit
_adjust_fdiv
??1type_info@@UAE@XZ
?terminate@@YAXXZ
realloc
_unlock
__dllonexit
_lock
_onexit
memmove
mbtowc
__mb_cur_max
isleadbyte
_iob
_snprintf
_itoa
ferror
__badioinfo
__pioinfo
_fileno
_lseeki64
_write
_isatty
??2@YAPAXI@Z
_CxxThrowException
_vsnwprintf
??_V@YAXPAX@Z
memset
_CIpow
free
_mbsicmp
_wcsicmp
malloc
??3@YAXPAX@Z

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
InterlockedCompareExchange
Sleep
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
GetVersion
InterlockedExchange
GetVersionExA
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
GetVersionExW
MultiByteToWideChar
GetCurrentThreadId
GetModuleFileNameW
MulDiv
lstrcmpW
GetCurrentProcess
FlushInstructionCache
InterlockedDecrement
InterlockedIncrement
HeapSetInformation
GlobalAlloc
GlobalLock
GlobalUnlock
SetLastError
GetLastError
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
RaiseException
FormatMessageW
lstrlenW
LocalFree

user32

UnregisterClassA
CreateAcceleratorTableW
GetFocus
GetWindow
SetFocus
DestroyAcceleratorTable
GetDesktopWindow
BeginPaint
EndPaint
CallWindowProcW
FillRect
ReleaseCapture
GetClassNameW
GetDlgItem
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseDC
GetDC
ScreenToClient
ClientToScreen
GetClientRect
SetWindowPos
CharNextW
GetSysColor
RegisterWindowMessageW
GetClassInfoExW
LoadCursorW
RegisterClassExW
GetWindowTextLengthW
SetWindowTextW
DefWindowProcW
MapWindowPoints
IsWindow
GetParent
ShowWindow
GetWindowRect
MoveWindow
PostMessageW
SendMessageW
SetWindowLongW
GetWindowLongW
CreateWindowExW
DestroyWindow
GetWindowTextW

oleaut32

VarBstrFromDate
VariantChangeType
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
SysStringByteLen
SysAllocStringByteLen
VariantClear
VariantInit
VarBstrCmp
SysAllocString
SysAllocStringLen
SysStringLen
SysFreeString

ole32

CLSIDFromString
CLSIDFromProgID
CoGetClassObject
OleLockRunning
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoCreateGuid
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc

gdi32

GetStockObject
GetObjectW
CreateSolidBrush
GetDeviceCaps
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
DeleteObject

Exports

Exports

NP_GetEntryPoints
NP_Initialize
NP_Shutdown

Sections

.text
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Swiftshader/libEGL.dll
.dll windows:5 windows x86 arch:x86

9c6cc4c8576e643ce601643ae11eae27

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ec:9d:71:f7:9b:6e:2f:6f:9a:97:df:f3:ed:4f:3d:1a:61:26:e2:cf:44:55:b0:40:37:e9:fb:66:ff:0f:71:56
Signer

Actual PE Digest

ec:9d:71:f7:9b:6e:2f:6f:9a:97:df:f3:ed:4f:3d:1a:61:26:e2:cf:44:55:b0:40:37:e9:fb:66:ff:0f:71:56

Digest Algorithm

sha256

PE Digest Matches

true

ea:b8:5a:d6:28:64:d2:87:0f:7b:a8:9b:5d:4b:ab:a9:be:11:78:3d
Signer

Actual PE Digest

ea:b8:5a:d6:28:64:d2:87:0f:7b:a8:9b:5d:4b:ab:a9:be:11:78:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\swiftshader\libEGL.dll.pdb

Imports

user32

GetClientRect
GetDC
IsWindow
ReleaseDC

gdi32

GetDeviceCaps

kernel32

CloseHandle
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileType
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSyncKHR
eglCopyBuffers
eglCreateContext
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurfaceEXT
eglCreatePlatformWindowSurfaceEXT
eglCreateSyncKHR
eglCreateWindowSurface
eglDestroyContext
eglDestroyImageKHR
eglDestroySurface
eglDestroySyncKHR
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttribKHR
eglInitialize
eglMakeCurrent
eglQueryAPI
eglQueryContext
eglQueryString
eglQuerySurface
eglReleaseTexImage
eglReleaseThread
eglSurfaceAttrib
eglSwapBuffers
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
libEGL_swiftshader

Sections

.text
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Swiftshader/libGLESv2.dll
.dll windows:5 windows x86 arch:x86

29d66a6c4f8ddc5483849ae0aaff3847

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

a6:91:e3:e4:fe:50:d2:11:a7:f3:db:07:fc:8c:9c:24:cd:18:6c:f7:ac:58:b4:3e:0a:df:f4:55:bd:91:e0:5a
Signer

Actual PE Digest

a6:91:e3:e4:fe:50:d2:11:a7:f3:db:07:fc:8c:9c:24:cd:18:6c:f7:ac:58:b4:3e:0a:df:f4:55:bd:91:e0:5a

Digest Algorithm

sha256

PE Digest Matches

true

29:4d:5d:ae:87:b6:ff:8d:35:9c:69:e7:d3:3a:85:f2:ed:b8:d3:9f
Signer

Actual PE Digest

29:4d:5d:ae:87:b6:ff:8d:35:9c:69:e7:d3:3a:85:f2:ed:b8:d3:9f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\swiftshader\libGLESv2.dll.pdb

Imports

kernel32

ChangeTimerQueueTimer
CloseHandle
CompareStringW
CreateEventA
CreateEventW
CreateFileW
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
DecodePointer
DeleteCriticalSection
DeleteFileW
DeleteTimerQueueTimer
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FlushInstructionCache
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentStringsW
GetFileAttributesW
GetFileInformationByHandle
GetFileType
GetFullPathNameW
GetLastError
GetLocaleInfoW
GetLogicalProcessorInformation
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
PeekNamedPipe
QueryDepthSList
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseSemaphore
RemoveDirectoryW
RtlUnwind
SetConsoleTextAttribute
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnregisterWait
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

user32

ChangeDisplaySettingsA
ClientToScreen
GetClientRect
GetDC
GetSystemMetrics
GetWindowLongA
GetWindowRect
ReleaseDC
SetRect
SetWindowLongA
SetWindowPos

gdi32

CreateCompatibleDC
CreateDIBSection
DeleteDC
DeleteObject
GetDeviceGammaRamp
SelectObject
SetDeviceGammaRamp
StretchBlt

ws2_32

WSACleanup
WSAStartup
accept
bind
closesocket
getaddrinfo
listen
recv
select
send
socket

Exports

Exports

Register
glActiveTexture
glAttachShader
glBeginQuery
glBeginQueryEXT
glBeginTransformFeedback
glBindAttribLocation
glBindBuffer
glBindBufferBase
glBindBufferRange
glBindFramebuffer
glBindFramebufferOES
glBindRenderbuffer
glBindRenderbufferOES
glBindSampler
glBindTexture
glBindTransformFeedback
glBindVertexArray
glBindVertexArrayOES
glBlendColor
glBlendEquation
glBlendEquationSeparate
glBlendFunc
glBlendFuncSeparate
glBlitFramebuffer
glBlitFramebufferANGLE
glBufferData
glBufferSubData
glCheckFramebufferStatus
glCheckFramebufferStatusOES
glClear
glClearBufferfi
glClearBufferfv
glClearBufferiv
glClearBufferuiv
glClearColor
glClearDepthf
glClearStencil
glClientWaitSync
glColorMask
glCompileShader
glCompressedTexImage2D
glCompressedTexImage3D
glCompressedTexSubImage2D
glCompressedTexSubImage3D
glCopyBufferSubData
glCopyTexImage2D
glCopyTexSubImage2D
glCopyTexSubImage3D
glCreateProgram
glCreateShader
glCullFace
glDeleteBuffers
glDeleteFencesNV
glDeleteFramebuffers
glDeleteFramebuffersOES
glDeleteProgram
glDeleteQueries
glDeleteQueriesEXT
glDeleteRenderbuffers
glDeleteRenderbuffersOES
glDeleteSamplers
glDeleteShader
glDeleteSync
glDeleteTextures
glDeleteTransformFeedbacks
glDeleteVertexArrays
glDeleteVertexArraysOES
glDepthFunc
glDepthMask
glDepthRangef
glDetachShader
glDisable
glDisableVertexAttribArray
glDrawArrays
glDrawArraysInstanced
glDrawBuffers
glDrawBuffersEXT
glDrawElements
glDrawElementsInstanced
glDrawRangeElements
glEGLImageTargetRenderbufferStorageOES
glEGLImageTargetTexture2DOES
glEnable
glEnableVertexAttribArray
glEndQuery
glEndQueryEXT
glEndTransformFeedback
glFenceSync
glFinish
glFinishFenceNV
glFlush
glFlushMappedBufferRange
glFramebufferRenderbuffer
glFramebufferRenderbufferOES
glFramebufferTexture2D
glFramebufferTexture2DOES
glFramebufferTextureLayer
glFrontFace
glGenBuffers
glGenFencesNV
glGenFramebuffers
glGenFramebuffersOES
glGenQueries
glGenQueriesEXT
glGenRenderbuffers
glGenRenderbuffersOES
glGenSamplers
glGenTextures
glGenTransformFeedbacks
glGenVertexArrays
glGenVertexArraysOES
glGenerateMipmap
glGenerateMipmapOES
glGetActiveAttrib
glGetActiveUniform
glGetActiveUniformBlockName
glGetActiveUniformBlockiv
glGetActiveUniformsiv
glGetAttachedShaders
glGetAttribLocation
glGetBooleanv
glGetBufferParameteri64v
glGetBufferParameteriv
glGetBufferPointerv
glGetError
glGetFenceivNV
glGetFloatv
glGetFragDataLocation
glGetFramebufferAttachmentParameteriv
glGetFramebufferAttachmentParameterivOES
glGetGraphicsResetStatusEXT
glGetInteger64i_v
glGetInteger64v
glGetIntegeri_v
glGetIntegerv
glGetInternalformativ
glGetProgramBinary
glGetProgramInfoLog
glGetProgramiv
glGetQueryObjectuiv
glGetQueryObjectuivEXT
glGetQueryiv
glGetQueryivEXT
glGetRenderbufferParameteriv
glGetRenderbufferParameterivOES
glGetSamplerParameterfv
glGetSamplerParameteriv
glGetShaderInfoLog
glGetShaderPrecisionFormat
glGetShaderSource
glGetShaderiv
glGetString
glGetStringi
glGetSynciv
glGetTexParameterfv
glGetTexParameteriv
glGetTransformFeedbackVarying
glGetUniformBlockIndex
glGetUniformIndices
glGetUniformLocation
glGetUniformfv
glGetUniformiv
glGetUniformuiv
glGetVertexAttribIiv
glGetVertexAttribIuiv
glGetVertexAttribPointerv
glGetVertexAttribfv
glGetVertexAttribiv
glGetnUniformfvEXT
glGetnUniformivEXT
glHint
glInvalidateFramebuffer
glInvalidateSubFramebuffer
glIsBuffer
glIsEnabled
glIsFenceNV
glIsFramebuffer
glIsFramebufferOES
glIsProgram
glIsQuery
glIsQueryEXT
glIsRenderbuffer
glIsRenderbufferOES
glIsSampler
glIsShader
glIsSync
glIsTexture
glIsTransformFeedback
glIsVertexArray
glIsVertexArrayOES
glLineWidth
glLinkProgram
glMapBufferRange
glPauseTransformFeedback
glPixelStorei
glPolygonOffset
glProgramBinary
glProgramParameteri
glReadBuffer
glReadPixels
glReadnPixelsEXT
glReleaseShaderCompiler
glRenderbufferStorage
glRenderbufferStorageMultisample
glRenderbufferStorageMultisampleANGLE
glRenderbufferStorageOES
glResumeTransformFeedback
glSampleCoverage
glSamplerParameterf
glSamplerParameterfv
glSamplerParameteri
glSamplerParameteriv
glScissor
glSetFenceNV
glShaderBinary
glShaderSource
glStencilFunc
glStencilFuncSeparate
glStencilMask
glStencilMaskSeparate
glStencilOp
glStencilOpSeparate
glTestFenceNV
glTexImage2D
glTexImage3D
glTexImage3DOES
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexStorage2D
glTexStorage3D
glTexSubImage2D
glTexSubImage3D
glTransformFeedbackVaryings
glUniform1f
glUniform1fv
glUniform1i
glUniform1iv
glUniform1ui
glUniform1uiv
glUniform2f
glUniform2fv
glUniform2i
glUniform2iv
glUniform2ui
glUniform2uiv
glUniform3f
glUniform3fv
glUniform3i
glUniform3iv
glUniform3ui
glUniform3uiv
glUniform4f
glUniform4fv
glUniform4i
glUniform4iv
glUniform4ui
glUniform4uiv
glUniformBlockBinding
glUniformMatrix2fv
glUniformMatrix2x3fv
glUniformMatrix2x4fv
glUniformMatrix3fv
glUniformMatrix3x2fv
glUniformMatrix3x4fv
glUniformMatrix4fv
glUniformMatrix4x2fv
glUniformMatrix4x3fv
glUnmapBuffer
glUseProgram
glValidateProgram
glVertexAttrib1f
glVertexAttrib1fv
glVertexAttrib2f
glVertexAttrib2fv
glVertexAttrib3f
glVertexAttrib3fv
glVertexAttrib4f
glVertexAttrib4fv
glVertexAttribDivisor
glVertexAttribI4i
glVertexAttribI4iv
glVertexAttribI4ui
glVertexAttribI4uiv
glVertexAttribIPointer
glVertexAttribPointer
glViewport
glWaitSync
libGLESv2_swiftshader

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 249KB - Virtual size: 249KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 314KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Trident_core.dll
.dll windows:5 windows x86 arch:x86

4f59dedf4795de72de80d6fed4d1b583

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:13:c7:b1:bc:1a:a5:97:ba:3a:5f:3b:f9:92:44:73:2d:bf:dc:10:a6:b2:af:53:99:94:f6:9f:27:dc:56:99
Signer

Actual PE Digest

08:13:c7:b1:bc:1a:a5:97:ba:3a:5f:3b:f9:92:44:73:2d:bf:dc:10:a6:b2:af:53:99:94:f6:9f:27:dc:56:99

Digest Algorithm

sha256

PE Digest Matches

true

d9:3f:8b:a1:44:d5:9c:25:b4:3a:3a:d5:62:79:24:ff:0d:a0:73:36
Signer

Actual PE Digest

d9:3f:8b:a1:44:d5:9c:25:b4:3a:3a:d5:62:79:24:ff:0d:a0:73:36

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\2345Explorer\V68_45\src\trident\core\Trident_core\Release\Trident_core.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

kernel32

GetACP
EnumSystemLocalesW
IsValidLocale
GetModuleFileNameA
ExitProcess
GetFileType
SetStdHandle
QueryPerformanceFrequency
HeapQueryInformation
GetCommandLineW
GetCommandLineA
GetTimeZoneInformation
FreeLibraryAndExitThread
ExitThread
CreateThread
VirtualQuery
VirtualAlloc
GetSystemInfo
InterlockedFlushSList
RtlUnwind
GetCPInfo
LCMapStringW
SwitchToThread
GetStringTypeW
GetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableA
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
Sleep
SearchPathW
GetProfileIntW
GetTempPathW
VerifyVersionInfoW
VerSetConditionMask
GetWindowsDirectoryW
FindResourceExW
lstrcpyW
SystemTimeToTzSpecificLocalTime
GetFileSizeEx
GetFileAttributesExW
FileTimeToLocalFileTime
GetTickCount
GetUserDefaultLCID
GetTempFileNameW
GetFileTime
GetFileAttributesW
VirtualProtect
GlobalGetAtomNameW
GetCurrentProcess
DuplicateHandle
WriteFile
UnlockFile
SetFilePointer
SetEndOfFile
ReadFile
LockFile
GetVolumeInformationW
GetFullPathNameW
GetFileSize
FlushFileBuffers
FindFirstFileW
FindClose
CreateFileW
DeleteFileW
GlobalFlags
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetLocaleInfoW
CompareStringW
GetCurrentDirectoryW
SetErrorMode
LocalReAlloc
GlobalHandle
GlobalReAlloc
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSection
CopyFileW
FormatMessageW
GlobalSize
GlobalFree
GlobalFindAtomW
LoadLibraryA
FreeResource
GetSystemDirectoryW
EncodePointer
GetThreadLocale
FileTimeToSystemTime
GlobalUnlock
GlobalAddAtomW
GetCurrentProcessId
WritePrivateProfileStringW
GetPrivateProfileStringW
GetPrivateProfileIntW
WideCharToMultiByte
MultiByteToWideChar
lstrcmpA
GlobalDeleteAtom
GlobalLock
GlobalAlloc
LoadLibraryW
LoadLibraryExW
GetModuleHandleA
GetModuleFileNameW
FreeLibrary
GetVersionExW
GetCurrentThread
SetLastError
OutputDebugStringA
ResumeThread
SetThreadPriority
GetCurrentThreadId
WaitForSingleObject
CloseHandle
MulDiv
lstrcmpW
lstrcmpiW
GetModuleHandleW
lstrcpynA
LocalFree
GetProcAddress
FindResourceW
LoadResource
LockResource
OutputDebugStringW
LocalAlloc
LeaveCriticalSection
EnterCriticalSection
InterlockedExchange
SizeofResource
GetProcessHeap
DeleteCriticalSection
DecodePointer
HeapAlloc
RaiseException
HeapReAlloc
GetLastError
HeapSize
HeapFree
InterlockedIncrement
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
WriteConsoleW
GetModuleHandleExW

user32

LoadImageW
SetRectEmpty
InsertMenuItemW
DestroyMenu
CreatePopupMenu
LoadMenuW
TranslateAcceleratorW
LoadAcceleratorsW
BringWindowToTop
CharUpperW
DestroyIcon
GetSysColorBrush
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RealChildWindowFromPoint
DeleteMenu
CopyImage
GetDesktopWindow
IntersectRect
SetRect
InvalidateRgn
CopyAcceleratorTableW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuState
GetMenuStringW
MapDialogRect
SetWindowContextHelpId
CharNextW
IsDialogMessageW
SetWindowTextW
CheckDlgButton
ShowWindow
GetMonitorInfoW
MonitorFromWindow
WinHelpW
GetScrollInfo
SetScrollInfo
LoadIconW
UnhookWindowsHookEx
GetTopWindow
GetClassLongW
SetWindowLongW
EqualRect
CopyRect
GetSysColor
MapWindowPoints
ScreenToClient
RemovePropW
GetPropW
SetPropW
ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
RedrawWindow
EndPaint
BeginPaint
GetForegroundWindow
SetActiveWindow
TrackPopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
SetMenu
GetMenu
GetCapture
SetFocus
UnpackDDElParam
GetDlgItem
IsIconic
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
DestroyWindow
IsChild
IsMenu
CreateWindowExW
GetClassInfoExW
RegisterClassW
CallWindowProcW
DefWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SystemParametersInfoW
LoadCursorW
PtInRect
ReuseDDElParam
GetMenuItemInfoW
InflateRect
UnregisterClassW
SetForegroundWindow
EnableWindow
ReleaseDC
GetAncestor
IsRectEmpty
OffsetRect
FillRect
ClientToScreen
InvalidateRect
SetWindowRgn
UpdateWindow
DrawIcon
ReleaseCapture
SetCapture
LoadBitmapW
SetMenuItemInfoW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
SendDlgItemMessageA
CreateDialogIndirectParamW
EndDialog
GetNextDlgTabItem
GetAsyncKeyState
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatW
GetKeyNameTextW
MapVirtualKeyW
UnionRect
GetSystemMenu
TrackMouseEvent
PostThreadMessageW
WindowFromPoint
LockWindowUpdate
DrawFocusRect
DrawIconEx
OpenClipboard
KillTimer
CharUpperBuffW
GetClientRect
SetParent
GetClassNameW
MoveWindow
AttachThreadInput
FindWindowExA
SetTimer
IsWindow
GetClassInfoW
GetSystemMetrics
SetWindowPos
GetDC
GetWindowRect
GetWindow
PostMessageW
AdjustWindowRectEx
GetWindowThreadProcessId
GetMessageW
TranslateMessage
DispatchMessageW
PeekMessageW
SendMessageW
IsWindowVisible
GetActiveWindow
GetKeyState
ValidateRect
GetCursorPos
SetWindowsHookExW
CallNextHookEx
PostQuitMessage
ShowOwnedPopups
SetCursor
IsWindowEnabled
MessageBoxW
GetWindowLongW
GetParent
GetLastActivePopup
GetFocus
GetIconInfo
EnableScrollBar
HideCaret
InvertRect
NotifyWinEvent
GetMenuDefaultItem
SetLayeredWindowAttributes
EnumDisplayMonitors
SetClassLongW
DestroyCursor
GetWindowRgn
CreateMenu
SubtractRect
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
GetUpdateRect
IsClipboardFormatAvailable
ModifyMenuW
GetDoubleClickTime
SetMenuDefaultItem
DestroyAcceleratorTable
CreateAcceleratorTableW
GetKeyboardState
ToUnicodeEx
MapVirtualKeyExW
IsCharLowerW
GetKeyboardLayout
WaitMessage
GetComboBoxInfo
MonitorFromPoint
UpdateLayeredWindow
FrameRect
CopyIcon
SetCursorPos
IsZoomed
DrawFrameControl
DrawEdge
DrawStateW
EmptyClipboard
SetClipboardData
CloseClipboard
GetDlgCtrlID

gdi32

GetTextColor
CopyMetaFileW
CreateDCW
CreateRectRgnIndirect
GetRgnBox
CreateHatchBrush
CreatePen
CreatePatternBrush
CreateRectRgn
CreateSolidBrush
Escape
ExcludeClipRect
GetClipBox
GetObjectType
GetPixel
GetViewportExtEx
GetWindowExtEx
IntersectClipRect
LineTo
PtVisible
RectVisible
RestoreDC
SaveDC
SelectClipRgn
ExtSelectClipRgn
SelectPalette
SetBkMode
SetMapMode
SetLayout
GetLayout
SetPolyFillMode
SetROP2
SetTextAlign
MoveToEx
TextOutW
ExtTextOutW
SetViewportExtEx
SetViewportOrgEx
GetStockObject
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateCompatibleBitmap
CreateFontIndirectW
GetTextExtentPoint32W
CombineRgn
GetMapMode
PatBlt
SetRectRgn
GetTextMetricsW
EnumFontFamiliesExW
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RealizePalette
CreateDIBitmap
EnumFontFamiliesW
GetTextCharsetInfo
SetPixel
StretchBlt
SetDIBColorTable
CreatePolygonRgn
Polygon
Polyline
CreateRoundRectRgn
Rectangle
OffsetRgn
RoundRect
FillRgn
FrameRgn
GetBoundsRect
PtInRegion
ExtFloodFill
SetPaletteEntries
SetPixelV
GetWindowOrgEx
GetViewportOrgEx
GetTextFaceW
GetBkColor
SetTextColor
SetBkColor
LPtoDP
DPtoLP
CreateEllipticRgn
BitBlt
CreateBitmap
SelectObject
CreateDIBSection
CreateCompatibleDC
GetDeviceCaps
DeleteDC
GetObjectW
SetWindowExtEx
Ellipse
DeleteObject

msimg32

TransparentBlt
AlphaBlend

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegEnumKeyExW
RegEnumValueW
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegQueryValueExW

shell32

SHGetFileInfoW
DragQueryFileW
SHAppBarMessage
SHBrowseForFolderW
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetPathFromIDListW
ShellExecuteW
DragFinish

shlwapi

PathFindFileNameW
PathRemoveFileSpecW
PathIsUNCW
PathStripToRootW
PathFindExtensionW
StrFormatKBSizeW

uxtheme

OpenThemeData
DrawThemeParentBackground
CloseThemeData
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
IsAppThemed
DrawThemeText
DrawThemeBackground
GetThemePartSize

ole32

OleUninitialize
CoInitializeEx
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
DoDragDrop
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
OleLockRunning
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleInitialize
CoFreeUnusedLibraries
CoDisconnectObject
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
ReleaseStgMedium
OleDuplicateData
CoTaskMemFree
CoTaskMemAlloc
CLSIDFromProgID
OleDraw
CreateStreamOnHGlobal
CLSIDFromString
CoInitialize
CoCreateGuid
CoUninitialize
CoCreateInstance

oleaut32

SysStringLen
VarBstrCmp
SysAllocString
SafeArrayGetLBound
SafeArrayGetUBound
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayCreate
SafeArrayDestroy
SafeArrayGetDim
VariantInit
SafeArrayUnaccessData
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
LoadTypeLi
VariantClear
SysAllocStringLen
SafeArrayAccessData
VariantChangeType
SafeArrayGetElemsize
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipDrawImageRectI
GdipSetInterpolationMode
GdipCreateFromHDC
GdipDrawImageI
GdipDeleteGraphics
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdiplusStartup
GdiplusShutdown
GdipGetImageEncoders
GdipCloneImage
GdipAlloc
GdipCreateBitmapFromHBITMAP
GdipDisposeImage
GdipFree
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipGetImageEncodersSize

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

imm32

ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

winmm

PlaySoundW

Exports

Exports

??0NavigateParam@trident@@QAE@ABU01@@Z
??4BeforeNavigate2Params@trident@@QAEAAU01@ABU01@@Z
??4NavigateParam@trident@@QAEAAU01@ABU01@@Z
??4NewWindowParam@trident@@QAEAAU01@ABU01@@Z
TridentCreateControl
TridentDestroyControl

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 366KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Uninstall.exe
.exe windows:5 windows x86 arch:x86

c552a31531df962b2298e689961d15c2

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d0:41:14:b3:4a:7a:29:4f:ea:e1:94:39:ea:82:b5:38:80:c7:ba:7f:96:0d:34:bf:d0:1c:92:4f:08:cb:ad:75
Signer

Actual PE Digest

d0:41:14:b3:4a:7a:29:4f:ea:e1:94:39:ea:82:b5:38:80:c7:ba:7f:96:0d:34:bf:d0:1c:92:4f:08:cb:ad:75

Digest Algorithm

sha256

PE Digest Matches

true

eb:b9:c5:35:69:74:d3:10:3b:26:d3:b9:97:ff:0c:d6:ae:a0:fd:95
Signer

Actual PE Digest

eb:b9:c5:35:69:74:d3:10:3b:26:d3:b9:97:ff:0c:d6:ae:a0:fd:95

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetPrivateProfileStringW
WritePrivateProfileStringW
MoveFileW
MultiByteToWideChar
WideCharToMultiByte
CreateFileW
GetFileSize
GetTickCount
GetModuleFileNameW
GetProcAddress
GetCommandLineW
SetEnvironmentVariableW
WriteFile
GetTempPathW
SetErrorMode
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcess
GetCurrentProcessId
ExitProcess
GetVersion
GetWindowsDirectoryW
LoadLibraryW
CopyFileW
GetDiskFreeSpaceW
CreateThread
GlobalLock
GlobalUnlock
lstrcmpiW
lstrlenW
CreateDirectoryW
GetTempFileNameW
RemoveDirectoryW
WaitForSingleObject
GetExitCodeProcess
CreateProcessW
GetSystemDirectoryW
GetModuleHandleA
lstrcmpiA
lstrcpyA
lstrcatW
MoveFileExW
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsDebuggerPresent
VirtualQuery
RtlUnwind
IsProcessorFeaturePresent
lstrcmpW
FormatMessageW
MulDiv
LocalFree
GlobalFree
GlobalAlloc
LoadLibraryExW
GetModuleHandleW
FreeLibrary
Sleep
GetLastError
CloseHandle
SetFileTime
SetFilePointer
SetFileAttributesW
ReadFile
GetShortPathNameW
GetFullPathNameW
GetFileAttributesW
FindNextFileW
FindFirstFileW
FindClose
DeleteFileW
CompareFileTime
SearchPathW
SetCurrentDirectoryW
lstrcpynW
ExpandEnvironmentStringsW

user32

ScreenToClient
GetSysColor
GetWindowLongW
SetClassLongW
LoadCursorW
SystemParametersInfoW
wsprintfA
DispatchMessageW
PeekMessageW
SetDlgItemTextW
GetDlgItemTextW
SetCursor
CharPrevW
MessageBoxIndirectW
GetSystemMetrics
IsWindowEnabled
EmptyClipboard
SetClipboardData
CloseClipboard
OpenClipboard
CheckDlgButton
EndDialog
DialogBoxParamW
GetWindowRect
TrackPopupMenu
AppendMenuW
EnableMenuItem
CreatePopupMenu
CharNextA
GetSystemMenu
IsWindowVisible
SetWindowPos
CreateWindowExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessagePos
CharNextW
ExitWindowsEx
SetWindowTextW
CreateDialogParamW
DestroyWindow
PostMessageW
LoadImageW
FindWindowExW
SetWindowLongW
InvalidateRect
ReleaseDC
GetDC
DefWindowProcW
DrawTextW
BeginPaint
EndPaint
GetClientRect
SetForegroundWindow
EnableWindow
GetDlgItem
ShowWindow
IsWindow
PostQuitMessage
SendMessageTimeoutW
SendMessageW
wsprintfW
FillRect
SetTimer

gdi32

SetBkColor
GetDeviceCaps
SetTextColor
SetBkMode
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW

shell32

ShellExecuteExW
SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFileInfoW
SHFileOperationW
SHGetSpecialFolderLocation

advapi32

RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
RegSetValueExW
RegCreateKeyExW
SetFileSecurityW
RegCloseKey
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyW
RegEnumValueW
RegOpenKeyExW

comctl32

ImageList_Create
ImageList_Destroy
ImageList_AddMasked
ord17

ole32

OleUninitialize
OleInitialize
CoCreateInstance
CoTaskMemFree

Sections

.text
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ndata
Size: - Virtual size: 528KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/RCWidgetPlugin.dll
.dll windows:5 windows x86 arch:x86

1555149127b5a5bf9f369ac692b04244

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

3c:80:46:cb:49:85:17:a2:07:58:5d:01:1f:2e:c0:2b:b4:4e:0f:73:c7:6f:c0:c8:a5:85:f4:59:5d:c2:7b:01
Signer

Actual PE Digest

3c:80:46:cb:49:85:17:a2:07:58:5d:01:1f:2e:c0:2b:b4:4e:0f:73:c7:6f:c0:c8:a5:85:f4:59:5d:c2:7b:01

Digest Algorithm

sha256

PE Digest Matches

true

ef:87:87:b6:ed:9d:0f:1a:fc:3a:ba:e4:72:28:6c:21:58:ad:bb:87
Signer

Actual PE Digest

ef:87:87:b6:ed:9d:0f:1a:fc:3a:ba:e4:72:28:6c:21:58:ad:bb:87

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

G:\dllplugin\RCSetup\bin\Release\RCWidgetPlugin.pdb

Imports

kernel32

LocalFree
ExpandEnvironmentStringsW
GetModuleHandleW
GlobalMemoryStatusEx
SetLastError
SetEvent
WaitForSingleObject
WaitForMultipleObjects
GetFileSize
DeleteFileW
Sleep
SetEndOfFile
SetFilePointer
WriteFile
GetTickCount
InterlockedExchangeAdd
InterlockedExchange
GetCurrentProcessId
GetSystemInfo
GetVersionExW
FreeLibrary
GetProcAddress
LoadLibraryW
lstrcatW
GetFileAttributesW
FindClose
lstrlenW
FindFirstFileW
CloseHandle
CreateFileW
SetErrorMode
ReadFile
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
lstrcpyW
VirtualQuery
OpenThread
SetThreadContext
GetThreadContext
CreateToolhelp32Snapshot
SuspendThread
Thread32First
Thread32Next
InterlockedCompareExchange
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
HeapReAlloc
HeapSize
SetEnvironmentVariableA
WideCharToMultiByte
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetStringTypeW
GetModuleFileNameA
ExitProcess
FreeLibraryAndExitThread
ExitThread
TlsFree
InterlockedFlushSList
RtlUnwind
GetFileType
GetStdHandle
LoadLibraryExA
VirtualFree
VirtualAlloc
InterlockedPushEntrySList
InterlockedPopEntrySList
EncodePointer
OutputDebugStringW
FlushInstructionCache
HeapDestroy
HeapCreate
OutputDebugStringA
GetModuleHandleExW
VirtualProtect
TlsGetValue
CreateThread
TlsAlloc
DisableThreadLibraryCalls
GetModuleHandleA
TlsSetValue
QueryPerformanceFrequency
MapViewOfFileEx
CreateFileMappingW
UnmapViewOfFile
FreeResource
GlobalUnlock
GlobalLock
LocalAlloc
CreateWaitableTimerW
SetWaitableTimer
MulDiv
InterlockedIncrement
InterlockedDecrement
SizeofResource
lstrcmpW
InitializeSListHead
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FormatMessageW
ReleaseMutex
CreateMutexW
DeviceIoControl
GetFileSizeEx
GetWindowsDirectoryW
GetCurrentDirectoryW
GetTempPathW
GetFullPathNameW
CreateDirectoryW
GetFileTime
SetFileTime
GetProcessHeap
HeapAlloc
GetCurrentThreadId
GlobalFree
GlobalAlloc
MultiByteToWideChar
lstrcpynW
GetModuleFileNameW
FreeEnvironmentStringsW
GetPrivateProfileStringW
HeapFree
LoadLibraryExW
ResetEvent
CreateEventW
GetEnvironmentVariableW
InitializeCriticalSection
LeaveCriticalSection
GetLongPathNameW
GetFileAttributesExW
lstrcmpiW
LockResource
LoadResource
FindResourceW
GetVolumeInformationW
GetDiskFreeSpaceW
GetLogicalDriveStringsW
ResumeThread
GetACP
FindNextFileW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
FileTimeToSystemTime
EnterCriticalSection
SwitchToThread

user32

DefWindowProcW
wsprintfW
CallWindowProcW
PostMessageW
DestroyWindow
SetWindowPos
MessageBoxW
CharPrevW
CharNextW
ReleaseCapture
GetActiveWindow
EndDialog
UnregisterClassW
LoadIconW
GetWindowLongW
SetWindowLongW
GetPropW
RemovePropW
GetForegroundWindow
SetPropW
GetAsyncKeyState
GetFocus
LoadStringW
DestroyAcceleratorTable
CreateAcceleratorTableW
EnumThreadWindows
RegisterWindowMessageW
GetAncestor
GetSysColor
GetSystemMetrics
SendMessageW
DrawIconEx
SetForegroundWindow
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
IsClipboardFormatAvailable
LoadBitmapW
LoadImageW
GetDesktopWindow
SetCaretPos
AttachThreadInput
SystemParametersInfoW
SetRectEmpty
MsgWaitForMultipleObjects
FillRect
UpdateLayeredWindow
SetRect
GetClassLongW
UnionRect
PtInRect
GetKeyboardState
GetCaretBlinkTime
ToAscii
GetMessageW
DispatchMessageW
PeekMessageW
TranslateMessage
PostQuitMessage
RegisterClassExW
GetClassInfoExW
GetWindowThreadProcessId
GetWindowTextLengthW
AdjustWindowRectEx
ShowWindowAsync
GetWindow
GetDC
IsWindowVisible
MonitorFromWindow
SetWindowRgn
ShowWindow
InvalidateRgn
OpenClipboard
SetTimer
GetIconInfo
GetCursorPos
ReleaseDC
IsIconic
GetDCEx
InvalidateRect
GetParent
IsZoomed
GetClientRect
SetCursor
GetWindowDC
LoadCursorW
IntersectRect
IsRectEmpty
ClientToScreen
CopyRect
RedrawWindow
OffsetRect
IsWindow
CreateWindowExW
EnumChildWindows
EqualRect
GetWindowRect
DialogBoxParamW
SetWindowTextW
SetCapture
TrackMouseEvent
ScreenToClient
GetKeyState
GetWindowTextW
EnableWindow
EndPaint
BeginPaint
KillTimer
GetDlgItem
SetParent
GetClassNameW
SetFocus
MoveWindow
ValidateRect
MapWindowPoints
IsChild
GetMonitorInfoW

gdi32

CreateCompatibleBitmap
BitBlt
CreatePolygonRgn
CreateRectRgnIndirect
SetWorldTransform
GetStockObject
SelectObject
GetDeviceCaps
CreateFontIndirectW
CreateSolidBrush
CreateCompatibleDC
SetTextColor
GetClipBox
GetObjectW
SetViewportOrgEx
DeleteDC
EnumFontsW
PtInRegion
CreateRoundRectRgn
CreateDIBSection
GetDIBits
CreateDCW
ExtTextOutW
SetBkColor
GetRgnBox
DeleteObject
SetGraphicsMode

shell32

SHBrowseForFolderW
SHGetPathFromIDListW
SHGetFolderPathW
DragQueryFileW
DragFinish
SHGetSpecialFolderPathW

ole32

StringFromGUID2
CLSIDFromProgID
OleInitialize
CLSIDFromString
OleLockRunning
CoGetClassObject
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemFree
OleUninitialize
CoCreateInstance
CoTaskMemAlloc
CoInitialize
CoUninitialize

oleaut32

LoadRegTypeLi
SysFreeString
OleCreateFontIndirect
DispCallFunc
SysStringLen
SysAllocStringLen
VariantClear
VarUI4FromStr
SysAllocString
VariantInit
LoadTypeLi

shlwapi

StrToIntA
PathFindFileNameW
PathFileExistsW
PathAppendW
StrDupW
PathIsRootW
ord12

comctl32

InitCommonControlsEx
_TrackMouseEvent

msimg32

AlphaBlend

urlmon

CoInternetCreateZoneManager
CoInternetCreateSecurityManager

gdiplus

GdipGetImageWidth
GdipBitmapLockBits
GdipFree
GdipCloneBitmapAreaI
GdipGetImagePixelFormat
GdipDisposeImage
GdipAlloc
GdipCreateBitmapFromStream
GdipBitmapUnlockBits
GdipCloneImage
GdipGetImageHeight
GdipSetStringFormatFlags
GdipCloneRegion
GdipGetFamilyName
GdipDeleteMatrix
GdipDrawImageRectRectI
GdipSetStringFormatAlign
GdipCreatePen1
GdipDeletePen
GdipTranslateWorldTransform
GdipGetFontSize
GdipDeleteFont
GdipDeleteStringFormat
GdipDeleteGraphics
ord1
GdipFillRectangleI
GdipGetImageGraphicsContext
GdipDeleteRegion
GdipMeasureString
GdipCloneBrush
GdipRestoreGraphics
GdipRotateWorldTransform
GdipStringFormatGetGenericTypographic
GdipGetCellAscent
GdipSetTextRenderingHint
GdipCloneStringFormat
GdipGetMatrixElements
GdipGetTextureTransform
GdipCreateTexture
GdipBeginContainer2
GdipFillEllipse
GdipCreateFromHDC
GdipGetClipBoundsI
GdipSetImageAttributesWrapMode
GdipDrawString
GdipDrawPath
GdipSetClipRegion
GdipCreateImageAttributes
GdipDrawArcI
GdipGetSmoothingMode
GdipClosePathFigure
GdipSetClipRectI
GdipScaleWorldTransform
GdipCreateBitmapFromScan0
GdipDrawRectangle
GdipDrawLine
GdipSetPenDashStyle
GdipGraphicsClear
GdipMultiplyWorldTransform
GdipGetPathWorldBounds
GdipFillPath
GdipTransformRegion
GdipSetStringFormatTrimming
GdipGetFontStyle
GdipCreateSolidFill
GdipCloneBitmapArea
GdipGetCellDescent
GdipSetInterpolationMode
GdipSetLinePresetBlend
GdipCreateFont
GdipSetStringFormatLineAlign
GdipCreatePath
GdipEndContainer
GdipSetSmoothingMode
GdipCreateMatrix
GdipGetStringFormatAlign
GdipDeletePath
GdipDisposeImageAttributes
GdipCreateMatrix2
GdipDeleteBrush
GdipGetLineSpacing
GdipSetLineWrapMode
GdipCreateLineBrushI
GdiplusStartup
GdiplusShutdown
GdipSetCompositingMode
GdipDrawImageRectRect
GdipSaveGraphics
GdipCreateFontFamilyFromName
GdipGetEmHeight
GdipGetStringFormatLineAlign
GdipCreateHBITMAPFromBitmap
GdipAddPathString
GdipGetTextRenderingHint
GdipGetFamily
GdipSetCompositingQuality
GdipSetImageAttributesColorMatrix
GdipGetLineTransform
GdipDeleteFontFamily
GdipGetInterpolationMode
GdipGetPropertyItemSize
GdipImageGetFrameCount
GdipImageGetFrameDimensionsList
GdipImageSelectActiveFrame
GdipGetPropertyItem
GdipImageGetFrameDimensionsCount
GdipCreateRegionPath
GdipAddPathLineI
GdipAddPathBezierI
GdipCombineRegionPath
GdipAddPathEllipseI
GdipAddPathArcI
GdipAddPathRectangleI
GdipCreateBitmapFromFile
GdipSetPixelOffsetMode
GdipSetTextureTransform
GdipSetLineTransform
GdipGetBrushType
GdipCombineRegionRegion

imm32

ImmNotifyIME
ImmAssociateContextEx
ImmGetCompositionStringW
ImmSetCompositionWindow
ImmReleaseContext
ImmGetContext

winmm

timeGetTime

psapi

GetMappedFileNameW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

advapi32

RegCloseKey
RegSetValueExW
RegQueryInfoKeyW
RegDeleteKeyW
RegOpenKeyExW
RegDeleteValueW
RegCreateKeyExW
RegEnumKeyExW

Exports

Exports

CheckInstall
CheckSoftwareIsInstall
GetCheckValue
GetInstDir
Init
OnInstall
OnInstallFinish
OnPreInstall
OnUninstall
OnUpdateLater
PopInt
PopString
PushInt
PushString
ReadUserOption
SetDiskNoSpace
SetIEHomepage
SetInstallPCSafe
SetProgress
ShowInstall
ShowInstallFinish
ShowUnInstall

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 285KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:6 windows x86 arch:x86

216ff05c01e38b13fee53b7ace6b1894

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

e2:2a:29:61:3d:2e:db:f3:c1:d8:06:ab:50:62:3e:3c:ce:8a:52:6d:8c:a2:53:79:ce:9c:25:cb:c3:dd:a4:98
Signer

Actual PE Digest

e2:2a:29:61:3d:2e:db:f3:c1:d8:06:ab:50:62:3e:3c:ce:8a:52:6d:8c:a2:53:79:ce:9c:25:cb:c3:dd:a4:98

Digest Algorithm

sha256

PE Digest Matches

true

01:ff:77:6e:f8:da:13:72:ac:88:d1:3e:ed:4e:11:10:e9:9f:01:22
Signer

Actual PE Digest

01:ff:77:6e:f8:da:13:72:ac:88:d1:3e:ed:4e:11:10:e9:9f:01:22

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalSize
GlobalFree
lstrcpynW
lstrcpyW
GetLastError
VirtualAlloc
VirtualFree
VirtualProtect
FreeLibrary
GetModuleHandleW
GetProcAddress
lstrlenW
LoadLibraryW
MultiByteToWideChar
WideCharToMultiByte

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 926B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/libcurl_x86.dll
.dll windows:6 windows x86 arch:x86

a996403d816908e79c3d6e0ea1cbe2e2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2
Signer

Actual PE Digest

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2

Digest Algorithm

sha256

PE Digest Matches

true

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e
Signer

Actual PE Digest

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\dev\RCFL\vendor\depends\curl\out\bin\Win32\release_static\pdb\libcurl_x86.pdb

Imports

ws2_32

bind
closesocket
connect
getpeername
getsockopt
htons
ntohs
recv
setsockopt
socket
WSASetLastError
WSAIoctl
getaddrinfo
freeaddrinfo
gethostname
accept
WSAGetLastError
listen
ioctlsocket
__WSAFDIsSet
select
send
WSAStartup
WSACleanup
recvfrom
sendto
getsockname
shutdown
htonl
ntohl
gethostbyname
getservbyname

wldap32

ord145
ord219
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

kernel32

FindNextFileA
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
RaiseException
ReadConsoleW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleFileNameW
GetProcessHeap
RtlUnwind
FatalAppExitA
CreateSemaphoreW
GetStartupInfoW
FindFirstFileA
GetFullPathNameA
HeapSize
SetEndOfFile
WriteConsoleW
GetCurrentDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsA
Sleep
GetLastError
SetLastError
FormatMessageA
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
WriteFile
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GlobalMemoryStatus
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CreateEventW
SetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
OutputDebugStringW
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CreateThread
ExitThread
LoadLibraryExW
HeapFree
HeapAlloc
HeapReAlloc
SetFilePointerEx
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
GetCommandLineA
SetConsoleCtrlHandler
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers

user32

ReleaseDC
GetDC
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

gdi32

DeleteObject
GetDeviceCaps
GetDIBits
GetObjectA
CreateCompatibleBitmap

advapi32

RegisterEventSourceA
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
DeregisterEventSource

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/un.FileInfo.dll
.dll windows:5 windows x86 arch:x86

f1c205497d3caf8a03d2452df400819b

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

36:42:a2:91:c6:d5:0a:a1:cd:c7:d0:5c:dd:84:37:c4:d3:aa:e2:32:16:39:42:c6:34:7d:04:39:e1:af:ea:12
Signer

Actual PE Digest

36:42:a2:91:c6:d5:0a:a1:cd:c7:d0:5c:dd:84:37:c4:d3:aa:e2:32:16:39:42:c6:34:7d:04:39:e1:af:ea:12

Digest Algorithm

sha256

PE Digest Matches

true

8b:f6:cc:cb:da:45:5f:ce:2b:48:75:61:a3:36:ce:1e:47:39:9b:f2
Signer

Actual PE Digest

8b:f6:cc:cb:da:45:5f:ce:2b:48:75:61:a3:36:ce:1e:47:39:9b:f2

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dllplugin\InstallerTool\bin\Win32\Release\pdb\un.FileInfo.pdb

Imports

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

kernel32

WritePrivateProfileStringW
lstrcpynW
TerminateProcess
GetModuleFileNameW
GetProcessId
WaitForSingleObject
GetFileAttributesW
OpenProcess
SetFileAttributesW
Sleep
CloseHandle
LoadLibraryW
GetProcAddress
MoveFileExW
GlobalMemoryStatusEx
FreeLibrary
GetDriveTypeW
lstrlenW
GetShortPathNameW
lstrcmpiW
GetPrivateProfileStringW
GetTickCount
LockResource
LoadResource
FindResourceW
GetCurrentProcessId
MultiByteToWideChar
GlobalAlloc
GlobalFree
WideCharToMultiByte
lstrcpyW
GetCommandLineW
LocalFree
WriteFile
SetFilePointer
CreateFileW
GetFileSize
RemoveDirectoryW
MoveFileWithProgressW
CopyFileExW
GetVersionExW
GetSystemInfo
GetModuleHandleW
FindFirstFileW
GetLongPathNameW
GetFileAttributesExW
QueryDosDeviceW
GetCurrentProcess
WaitForMultipleObjects
GetACP
CreateProcessW
GetExitCodeProcess
DeleteFileW
SetFileTime
SetEndOfFile
GetFileTime
GetCurrentThreadId
SuspendThread
GetExitCodeThread
TerminateThread
SwitchToThread
OpenThread
ResumeThread
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetVolumeInformationW
GetDiskFreeSpaceW
GetLogicalDriveStringsW
FindNextFileW
FindClose
HeapFree
HeapAlloc
GetProcessHeap
CreateDirectoryW
GetFullPathNameW
GetTempPathW
GetCurrentDirectoryW
GetWindowsDirectoryW
CopyFileW
MoveFileW
FormatMessageW
CreateEventW
SetEvent
ResetEvent
InterlockedExchangeAdd
ExpandEnvironmentStringsW
GetEnvironmentVariableW
LoadLibraryExW
InterlockedExchange
SetLastError
FileTimeToSystemTime
lstrcatW
InterlockedDecrement
GetModuleFileNameA
GetFileSizeEx
ReleaseMutex
CreateMutexW
DeleteCriticalSection
DecodePointer
RaiseException
GetLastError
InitializeCriticalSectionAndSpinCount
DeviceIoControl
ExitProcess
SetFilePointerEx
ReadFile
WriteConsoleW
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
GetModuleHandleExW
FreeLibraryAndExitThread
ExitThread
CreateThread
InterlockedFlushSList
FindNextFileA
FindFirstFileExA
HeapSize
GetTimeZoneInformation
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
RtlUnwind
GetConsoleCP
GetFileType
GetStdHandle
ReadConsoleW
IsDebuggerPresent
OutputDebugStringW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
HeapCreate
VirtualProtect
InterlockedCompareExchange
Thread32Next
Thread32First
CreateToolhelp32Snapshot
HeapReAlloc
HeapDestroy
GetThreadContext
FlushInstructionCache
SetThreadContext
VirtualFree
VirtualAlloc
VirtualQuery
GetConsoleMode

user32

FindWindowW
wsprintfW
PostMessageW
RegisterWindowMessageW

advapi32

AdjustTokenPrivileges
GetUserNameW
DuplicateTokenEx

shell32

ord155
ord190
SHGetSpecialFolderPathW
CommandLineToArgvW
SHChangeNotify
ShellExecuteExW
SHGetFolderPathW
ShellExecuteW

ole32

CoUninitialize
PropVariantClear
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoInitialize

oleaut32

VariantChangeType
SysFreeString
VariantInit
VariantClear
SysAllocString

shlwapi

StrStrIW
StrCmpW
SHStrDupW
StrCatW
PathAppendW
PathRemoveFileSpecW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW

Exports

Exports

CheckCrcAndGetValue
CheckFiles
CheckInstallTime
CheckParentProcess
CheckSystemConfiguration
CleanAnimateMark
ClearAudioReg
CopyImportantFileWithTransaction
CreateDownloadFolder
CreateLowIntegrityProcess
CreateReleaseFileProcessTmpFile
CreateScheduledTask
Delete2345ExplorerTargetShortCut
DeleteCustom2345ExplorerTargetShortCut
DeleteInstallFile
DeleteScheduledTask
EncodeJifenID
EncodeRecommendPcsafeUnionCustom
EncodeUnion
FindProc
FindProc2345Explorer
FindSubstring
FixSoftware
FixSoftwareAfterRecommendPCSafe
Get2345ExplorerPath
GetCreateDesktopGuideCloudConfig
GetCurrentSystemTime
GetFixSoftwareCloudConfig
GetInstallSafecenterCloudConfig
GetJifenInstallerParams
GetJifenUnionNameInstallerParams
GetParentProcessName
GetRandomPromotionDllPath
GetRecommendPCSafeCloudConfig
GetSDKCloudConfig
GetUnionCustomInstallerParams
GetUnionNameInstallerParams
GetValueWithCrcCode
ImpersonateUser
Init
InitInstallStatusStatistic
InitStatService
InitializeRecommendPCSafe
Install2345MgrDLL
InstallPCSafe
InstallRecommendPCSafeDll
InstallShield
IsWin10OrLater
KillProc
KillProc2345Explorer
KillProcessByPathAndName
KillProcessByPid
MergeMaskString
MyMoveFile
PinToStartMenu
PinToTaskBar
PreProcessShortCut
RevertUser
SendInstallFeatureStat
SendOverwriteFeatureStat
SendStatInfo
SendUninstallFeatureStat
SendUpgradeFeatureStat
SetInstallStep
SetUserOperation
ShieldUnlock
StartCloudConfigRequest
StartInstallServiceProcess
StartPreReleaseFileProcess
StopShield
TerminateCloudConfigRequest
UnInstallSafeCenter
UninitInstallStatusStatistic
UninitStatService
UninitializeRecommendPCSafe
Uninstall2345MgrDLL
UninstallShield
UnpinFromStartMenu
UnpinFromTaskBar
WaitForReleaseFileProcess
WriteInstallData
WriteLog

Sections

.text
Size: 882KB - Virtual size: 881KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Upgrade_2345Explorer.dll
.dll windows:5 windows x86 arch:x86

36bda4bde4f003982b0a87ed19b62785

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4f:20:64:8a:ba:fa:ee:f7:01:65:12:b6:c4:d9:c8:40:8c:7e:75:2f:4d:7c:7c:fb:a1:26:3d:b6:ef:af:83:ab
Signer

Actual PE Digest

4f:20:64:8a:ba:fa:ee:f7:01:65:12:b6:c4:d9:c8:40:8c:7e:75:2f:4d:7c:7c:fb:a1:26:3d:b6:ef:af:83:ab

Digest Algorithm

sha256

PE Digest Matches

true

0e:8b:70:b5:1b:02:ec:e9:2c:d7:94:94:b7:73:16:73:e0:45:c8:a5
Signer

Actual PE Digest

0e:8b:70:b5:1b:02:ec:e9:2c:d7:94:94:b7:73:16:73:e0:45:c8:a5

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\dllplugin\Upgrade2345Explorer\bin\Win32\Release\pdb\Upgrade_2345Explorer_Dll.pdb

Imports

kernel32

GetProcAddress
GetModuleHandleW
FindFirstFileW
GetLongPathNameW
CreateFileW
GetFileAttributesExW
QueryDosDeviceW
GetCurrentProcess
OpenProcess
GetACP
MultiByteToWideChar
WideCharToMultiByte
WaitForMultipleObjects
WaitForSingleObject
LocalFree
GetCurrentProcessId
CreateProcessW
lstrlenW
GetVersionExW
lstrcmpiW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
GetFileSizeEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
Sleep
GetTickCount
LoadLibraryW
FreeLibrary
FindNextFileW
FindClose
SetFileTime
GetFileSize
ExpandEnvironmentStringsW
CreateDirectoryW
GetFullPathNameW
GetTempPathW
SetFileAttributesW
GetCurrentDirectoryW
MoveFileExW
MoveFileW
HeapFree
GetCurrentThreadId
HeapAlloc
GetProcessHeap
LockResource
GetSystemInfo
LoadResource
FindResourceW
GetLogicalDriveStringsW
FormatMessageW
CreateMutexW
ReleaseMutex
CreateEventW
SetEvent
ResetEvent
InterlockedExchangeAdd
InterlockedExchange
SetLastError
GlobalMemoryStatusEx
GetPrivateProfileStringW
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
ExitThread
DeleteCriticalSection
DecodePointer
RaiseException
GetCommandLineW
CloseHandle
GetLastError
InitializeCriticalSectionAndSpinCount
GetModuleFileNameW
GetFileAttributesW
GetFileTime
DeviceIoControl
ResumeThread
GetEnvironmentVariableW
CreateThread
WriteConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FlushFileBuffers
SetStdHandle
SetEnvironmentVariableA
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
IsDebuggerPresent
OutputDebugStringW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
QueryPerformanceCounter
InitializeSListHead
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameA
GetStdHandle
GetFileType
GetTimeZoneInformation
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
HeapSize
HeapReAlloc
FindFirstFileExA
FindNextFileA
FreeLibraryAndExitThread

advapi32

GetUserNameW
AdjustTokenPrivileges
DuplicateTokenEx
RegOpenKeyExW
RegCloseKey
RegQueryValueExW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW

netapi32

NetLocalGroupGetMembers

Exports

Exports

StartUpgrade

Sections

.text
Size: 770KB - Virtual size: 769KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/Upgrade_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

50e06c5f7bd82f15774d6ae304483914

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ba:91:e4:b1:fe:19:4d:9b:fc:10:6b:cd:be:6d:a6:d5:a0:11:cc:31:15:bc:82:90:25:cd:60:78:6a:8d:19:9d
Signer

Actual PE Digest

ba:91:e4:b1:fe:19:4d:9b:fc:10:6b:cd:be:6d:a6:d5:a0:11:cc:31:15:bc:82:90:25:cd:60:78:6a:8d:19:9d

Digest Algorithm

sha256

PE Digest Matches

true

b1:a8:21:61:1c:9d:18:8f:5b:2b:31:6f:d4:ea:1c:be:23:fc:6b:f6
Signer

Actual PE Digest

b1:a8:21:61:1c:9d:18:8f:5b:2b:31:6f:d4:ea:1c:be:23:fc:6b:f6

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

D:\dllplugin\Upgrade2345Explorer\bin\Win32\Release\pdb\Upgrade_2345Explorer_Exe.pdb

Imports

kernel32

GetModuleHandleW
CreateFileW
GetLastError
GetFileAttributesExW
CreateMutexW
WaitForSingleObject
ReleaseMutex
CloseHandle
lstrlenW
GetVersionExW
ReadFile
WriteFile
SetFilePointer
SetEndOfFile
DeleteFileW
GetFileSizeEx
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
FindNextFileW
FindClose
GetFileSize
CreateDirectoryW
GetFileAttributesW
HeapFree
GetCurrentThreadId
OpenProcess
HeapAlloc
LocalFree
GetProcessHeap
GetCurrentProcessId
GetCurrentProcess
FormatMessageW
GetPrivateProfileStringW
GetModuleFileNameW
FreeLibrary
GetProcAddress
LoadLibraryW
GetFullPathNameW
WriteConsoleW
DecodePointer
FlushFileBuffers
SetFilePointerEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwind
RaiseException
SetLastError
EncodePointer
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
GetStdHandle
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
GetModuleHandleExW
GetACP
GetStringTypeW
GetFileType
LCMapStringW
FindFirstFileExW
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetStdHandle
HeapSize
HeapReAlloc
GetConsoleCP
GetConsoleMode

shell32

SHGetSpecialFolderPathW

Sections

.text
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/capture.dll
.dll windows:5 windows x86 arch:x86

a8feb5dbfc27c550c84f2199a565c102

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

d3:44:7f:ff:49:5b:b2:e1:c7:38:d7:db:cf:c2:3a:dc:d3:e7:29:92:77:10:f5:34:1e:aa:10:ff:d5:cd:40:f6
Signer

Actual PE Digest

d3:44:7f:ff:49:5b:b2:e1:c7:38:d7:db:cf:c2:3a:dc:d3:e7:29:92:77:10:f5:34:1e:aa:10:ff:d5:cd:40:f6

Digest Algorithm

sha256

PE Digest Matches

true

18:57:59:67:4f:06:ac:26:a4:83:6c:dc:ad:06:53:0d:48:bd:be:0e
Signer

Actual PE Digest

18:57:59:67:4f:06:ac:26:a4:83:6c:dc:ad:06:53:0d:48:bd:be:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\dllplugin\Capture\trunk\Bin\Release\Capture.pdb

Imports

kernel32

FlushFileBuffers
WriteConsoleW
SetStdHandle
LCMapStringW
GetStringTypeW
LoadLibraryExW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetModuleFileNameW
WriteFile
GetStdHandle
GetCPInfo
DecodePointer
GetACP
IsValidCodePage
GetModuleHandleW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
Sleep
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
GetModuleHandleExW
ExitProcess
RtlUnwind
GetCommandLineA
EncodePointer
OutputDebugStringW
IsDebuggerPresent
VirtualFree
VirtualAlloc
IsProcessorFeaturePresent
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
GetTickCount
lstrcpynW
GetVersionExW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
RaiseException
GetCurrentThreadId
LeaveCriticalSection
EnterCriticalSection
SetLastError
FlushInstructionCache
GetCurrentProcess
CreateDirectoryW
GetProcessHeap
HeapAlloc
HeapFree
CreateMutexW
HeapReAlloc
HeapSize
HeapDestroy
GetLocalTime
CloseHandle
GetLastError
GetOEMCP
CreateFileW

user32

EndDialog
IsWindow
GetActiveWindow
LoadStringW
UnregisterClassW
DialogBoxParamW
SetWindowLongW
IsRectEmpty
PtInRect
SetRect
GetCursorPos
MonitorFromPoint
GetMonitorInfoW
EnumDisplaySettingsW
GetSystemMetrics
EnumDisplayDevicesW
GetWindowRect
SetWindowPos
GetParent
GetWindowLongW
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
SetRectEmpty
LoadImageW
LoadCursorW
FillRect
SetCursor
SystemParametersInfoW
InvalidateRgn
PostMessageW
EndPaint
BeginPaint
SetForegroundWindow
ShowWindow
CreateWindowExW
GetKeyState
UnionRect
DrawTextW
IntersectRect
EqualRect
CopyRect
CallWindowProcW
DefWindowProcW
SetWindowTextW
DrawTextExW
GetWindowTextW
GetWindowTextLengthW
RedrawWindow
GetDlgItem
SetFocus
GetFocus
MoveWindow
EnableWindow
SendMessageW
ReleaseDC
GetDC
EnumChildWindows
ChildWindowFromPointEx
ScreenToClient
GetWindow
IsWindowVisible
GetTopWindow

gdi32

CombineRgn
SelectClipRgn
CreateRectRgn
CreateFontW
GetPixel
SetBkMode
SetTextColor
GetTextMetricsW
CreateFontIndirectW
CreateSolidBrush
GetObjectW
EnumFontsW
GetStockObject
LineTo
MoveToEx
CreatePen
DeleteObject
DeleteDC
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
Rectangle
StretchBlt

comdlg32

GetOpenFileNameW
GetSaveFileNameW

shell32

SHGetSpecialFolderLocation
ShellExecuteW
SHGetPathFromIDListW

shlwapi

PathFileExistsW
StrCmpW

msimg32

AlphaBlend

gdiplus

GdiplusShutdown
GdiplusStartup
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipFillPolygonI
GdipDrawCurveI
GdipDrawEllipseI
GdipDrawRectangleI
GdipDrawLineI
GdipSetSmoothingMode
GdipGetSmoothingMode
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetPenDashStyle
GdipSetPenMode
GdipSetPenEndCap
GdipSetPenStartCap
GdipDeletePen
GdipCreatePen1
GdipCreateSolidFill
GdipDeleteBrush
GdipCreateBitmapFromHBITMAP
GdipSaveImageToFile
GdipDisposeImage

Exports

Exports

ScreenshotRun

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/chrome.dll
.dll windows:5 windows x86 arch:x86

d6307573bc51472e529f23447db19212

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:c3:0c:dd:5d:0c:18:f7:c1:64:5d:c0:1a:cd:15:be:a4:4f:bb:c1:46:de:47:81:43:ae:b6:31:06:76:ce:17
Signer

Actual PE Digest

45:c3:0c:dd:5d:0c:18:f7:c1:64:5d:c0:1a:cd:15:be:a4:4f:bb:c1:46:de:47:81:43:ae:b6:31:06:76:ce:17

Digest Algorithm

sha256

PE Digest Matches

true

d4:c5:81:94:e7:f6:b3:1a:de:2b:36:f8:7e:4f:4a:f2:36:47:dd:53
Signer

Actual PE Digest

d4:c5:81:94:e7:f6:b3:1a:de:2b:36:f8:7e:4f:4a:f2:36:47:dd:53

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome.dll.pdb

Imports

kernel32

AddVectoredExceptionHandler
AllocConsole
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
CancelIo
ChangeTimerQueueTimer
ClearCommBreak
ClearCommError
CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DecodePointer
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeleteTimerQueueTimer
DeviceIoControl
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
EscapeCommFunction
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileExW
FindFirstFileW
FindFirstVolumeW
FindNextFileW
FindNextVolumeW
FindResourceW
FindVolumeClose
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeConsole
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommModemStatus
GetCommState
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetComputerNameW
GetConsoleCP
GetConsoleDisplayMode
GetConsoleMode
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableA
GetEnvironmentVariableW
GetExitCodeProcess
GetExitCodeThread
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetGeoInfoW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeInfo
GetNativeSystemInfo
GetNumaHighestNodeNumber
GetNumberFormatW
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntW
GetPrivateProfileSectionW
GetPrivateProfileStringA
GetPrivateProfileStringW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVersion
GetVersionExW
GetVolumeInformationW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
GetVolumePathNamesForVolumeNameW
GetWindowsDirectoryW
GlobalAddAtomW
GlobalAlloc
GlobalDeleteAtom
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalSize
GlobalUnlock
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapReAlloc
HeapSetInformation
HeapSize
HeapUnlock
HeapValidate
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedExchange
InterlockedExchangeAdd
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsBadReadPtr
IsBadStringPtrW
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockFile
LockFileEx
LockResource
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenMutexW
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
ProcessIdToSessionId
PurgeComm
QueryDepthSList
QueryDosDeviceW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ReplaceFileW
ResetEvent
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetCommBreak
SetCommMask
SetCommState
SetCommTimeouts
SetConsoleCtrlHandler
SetConsoleTextAttribute
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetFileValidData
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetThreadAffinityMask
SetThreadExecutionState
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitCommEvent
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WideCharToMultiByte
WinExec
WriteConsoleW
WriteFile
WriteFileEx
WritePrivateProfileStringA
WritePrivateProfileStringW
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrcpynW
lstrlenW

user32

ActivateKeyboardLayout
AdjustWindowRectEx
AllowSetForegroundWindow
AttachThreadInput
BeginDeferWindowPos
BeginPaint
BringWindowToTop
CallNextHookEx
CallWindowProcW
CharNextW
ClientToScreen
ClipCursor
CloseClipboard
CloseDesktop
CreateCaret
CreateIconIndirect
CreatePopupMenu
CreateWindowExW
DefRawInputProc
DefWindowProcW
DeferWindowPos
DestroyCaret
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
DrawEdge
DrawFocusRect
DrawFrameControl
DrawIconEx
EmptyClipboard
EnableMenuItem
EnableWindow
EndDeferWindowPos
EndDialog
EndPaint
EnumChildWindows
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsExW
EnumDisplaySettingsW
EnumThreadWindows
EnumWindows
EqualRect
ExitWindowsEx
FillRect
FindWindowExW
FindWindowW
FlashWindowEx
FrameRect
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetCapture
GetCaretBlinkTime
GetClassInfoExW
GetClassLongW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardSequenceNumber
GetCursorInfo
GetCursorPos
GetDC
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetGUIThreadInfo
GetGuiResources
GetIconInfo
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetLastActivePopup
GetLastInputInfo
GetLayeredWindowAttributes
GetMenuInfo
GetMenuItemCount
GetMenuItemInfoW
GetMessageExtraInfo
GetMessagePos
GetMessageTime
GetMonitorInfoW
GetParent
GetPropW
GetQueueStatus
GetRawInputData
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetSysColor
GetSysColorBrush
GetSystemMenu
GetSystemMetrics
GetThreadDesktop
GetUserObjectInformationW
GetWindow
GetWindowDC
GetWindowLongW
GetWindowPlacement
GetWindowRect
GetWindowRgn
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
InflateRect
InsertMenuItemW
IntersectRect
InvalidateRect
InvertRect
IsChild
IsClipboardFormatAvailable
IsHungAppWindow
IsIconic
IsRectEmpty
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorW
LoadIconW
LoadImageW
MapVirtualKeyW
MapWindowPoints
MessageBeep
MessageBoxW
MonitorFromPoint
MonitorFromRect
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OffsetRect
OpenClipboard
OpenInputDesktop
PeekMessageW
PostMessageW
PostThreadMessageW
PrintWindow
PtInRect
RealChildWindowFromPoint
RedrawWindow
RegisterClassExW
RegisterClipboardFormatW
RegisterDeviceNotificationW
RegisterHotKey
RegisterRawInputDevices
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendInput
SendMessageCallbackW
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetKeyboardState
SetLayeredWindowAttributes
SetMenuDefaultItem
SetMenuInfo
SetMenuItemInfoW
SetParent
SetPropW
SetRect
SetRectEmpty
SetThreadDesktop
SetTimer
SetWindowLongW
SetWindowPlacement
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowCursor
ShowWindow
SystemParametersInfoW
ToUnicodeEx
TrackMouseEvent
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
UnregisterDeviceNotification
UnregisterHotKey
UpdateLayeredWindow
WindowFromPoint
wsprintfW

gdi32

AddFontMemResourceEx
BitBlt
CancelDC
CloseEnhMetaFile
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateDIBitmap
CreateEnhMetaFileW
CreateFontIndirectW
CreateFontW
CreatePolygonRgn
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
EndDoc
EndPage
EnumEnhMetaFile
EnumFontFamiliesExW
EqualRgn
ExtEscape
ExtTextOutW
GdiAlphaBlend
GdiFlush
GetCharABCWidthsW
GetCurrentObject
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetFontData
GetFontUnicodeRanges
GetGlyphIndicesW
GetGlyphOutlineW
GetICMProfileW
GetObjectW
GetOutlineTextMetricsW
GetRgnBox
GetStockObject
GetTextExtentPoint32W
GetTextExtentPointI
GetTextFaceW
GetTextMetricsW
GetWorldTransform
ModifyWorldTransform
PlayEnhMetaFile
PlayEnhMetaFileRecord
PtInRegion
RemoveFontMemResourceEx
RestoreDC
SaveDC
SelectClipRgn
SelectObject
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetDCBrushColor
SetDCPenColor
SetDIBits
SetDIBitsToDevice
SetEnhMetaFileBits
SetGraphicsMode
SetMapMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetWorldTransform
StartDocW
StartPage
StretchBlt
StretchDIBits

ole32

CLSIDFromProgID
CLSIDFromString
CoAllowSetForegroundWindow
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
CoInitializeEx
CoInitializeSecurity
CoRegisterClassObject
CoRevokeClassObject
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoUnmarshalInterface
CreateStreamOnHGlobal
DoDragDrop
GetHGlobalFromStream
IIDFromString
OleDuplicateData
OleInitialize
OleUninitialize
PropVariantClear
RegisterDragDrop
ReleaseStgMedium
RevokeDragDrop
StringFromGUID2

winmm

midiInAddBuffer
midiInClose
midiInGetDevCapsW
midiInGetNumDevs
midiInOpen
midiInPrepareHeader
midiInReset
midiInStart
midiInUnprepareHeader
midiOutClose
midiOutGetDevCapsW
midiOutGetNumDevs
midiOutLongMsg
midiOutOpen
midiOutPrepareHeader
midiOutReset
midiOutShortMsg
midiOutUnprepareHeader
midiStreamClose
timeBeginPeriod
timeEndPeriod
timeGetTime
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInMessage
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetNumDevs
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutUnprepareHeader
waveOutWrite

oleaut32

GetErrorInfo
LoadRegTypeLi
LoadTypeLi
SafeArrayAccessData
SafeArrayGetDim
SafeArrayGetLBound
SafeArrayGetUBound
SafeArrayUnaccessData
SysAllocString
SysFreeString
SysStringLen
VarUI4FromStr
VariantClear
VariantInit
VariantTimeToSystemTime

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
AllocateLocallyUniqueId
CheckTokenMembership
CloseServiceHandle
CloseTrace
ControlTraceW
ConvertSidToStringSidA
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateProcessAsUserW
CryptCreateHash
CryptDestroyHash
CryptGetHashParam
CryptReleaseContext
CryptSetHashParam
CryptSignHashW
DeregisterEventSource
EqualSid
FreeSid
GetTokenInformation
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
GetUserNameW
ImpersonateAnonymousToken
InitializeAcl
InitializeSecurityDescriptor
LogonUserW
LookupAccountNameW
LookupPrivilegeValueW
LsaNtStatusToWinError
OpenProcessToken
OpenSCManagerW
OpenServiceW
OpenTraceW
ProcessTrace
QueryServiceConfigW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegNotifyChangeKeyValue
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegisterEventSourceA
RegisterTraceGuidsW
ReportEventA
RevertToSelf
SetSecurityDescriptorDacl
StartTraceW
SystemFunction036
TraceEvent
UnregisterTraceGuids

msdmo

MoFreeMediaType
MoInitMediaType

secur32

AcquireCredentialsHandleW
DeleteSecurityContext
FreeContextBuffer
FreeCredentialsHandle
GetUserNameExW
InitializeSecurityContextW
LsaConnectUntrusted
LsaDeregisterLogonProcess
LsaFreeReturnBuffer
LsaLogonUser
QuerySecurityPackageInfoW

netapi32

NetApiBufferFree
NetLocalGroupGetMembers
NetUserGetInfo

oleacc

AccessibleChildren
AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject
WindowFromAccessibleObject

comctl32

InitCommonControlsEx

hid

HidD_FreePreparsedData
HidD_GetAttributes
HidD_GetPreparsedData
HidD_GetProductString
HidD_GetSerialNumberString
HidP_GetButtonCaps
HidP_GetCaps
HidP_GetValueCaps

chrome_elf

CrashForException_ExportThunk
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
GetCrashReports_ExportThunk
GetInstallDetailsPayload
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsBlacklistInitialized
RequestSingleCrashUpload_ExportThunk
SetMetricsClientId
SetUploadConsent_ExportThunk
SuccessfullyBlocked

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

AssocQueryStringW
ord437
PathAppendW
PathFileExistsW
PathFindExtensionW
PathFindFileNameW
PathIsDirectoryW
PathMatchSpecW
PathRemoveExtensionW
PathRemoveFileSpecW
StrStrIW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

dbghelp

StackWalk64
SymFromAddr
SymFunctionTableAccess64
SymGetLineFromAddr64
SymGetModuleBase64
SymGetSearchPath
SymInitialize
SymSetOptions
SymSetSearchPath

usp10

ScriptFreeCache
ScriptItemize
ScriptShape
ScriptStringAnalyse
ScriptStringFree
ScriptStringOut

wintrust

CryptCATAdminAcquireContext
CryptCATAdminCalcHashFromFileHandle
CryptCATAdminEnumCatalogFromHash
CryptCATAdminReleaseCatalogContext
CryptCATAdminReleaseContext
CryptCATCatalogInfoFromContext

sensapi

IsNetworkAlive

credui

CredUIPromptForCredentialsW

wtsapi32

WTSFreeMemory
WTSQuerySessionInformationW
WTSRegisterSessionNotification
WTSUnRegisterSessionNotification

rpcrt4

NdrClientCall2
RpcBindingFree
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcStringFreeW

gdiplus

GdipAlloc
GdipCloneImage
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDisposeImage
GdipFree
GdipGetImageEncoders
GdipGetImageEncodersSize
GdipSaveImageToFile
GdipSaveImageToStream
GdiplusStartup

Exports

Exports

??0DownloadState@trident@@QAE@XZ
??0ScrollAnimationSwitch@@AAE@XZ
??0TridentDownloadParam@trident@@QAE@ABU01@@Z
??0TridentDownloadParam@trident@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@UUrlMatchPair@list_matcher@@V?$allocator@UUrlMatchPair@list_matcher@@@std@@@3@@Z
??0TridentDownloadParam@trident@@QAE@XZ
??0TridentPasswordForm@autofill@trident@@QAE@ABU012@@Z
??0TridentPasswordForm@autofill@trident@@QAE@XZ
??0TridentSpecialPasswordForm@autofill@trident@@QAE@ABU012@@Z
??0TridentSpecialPasswordForm@autofill@trident@@QAE@XZ
??1DownloadState@trident@@QAE@XZ
??1ScrollAnimationSwitch@@AAE@XZ
??1TridentDownloadParam@trident@@QAE@XZ
??1TridentPasswordForm@autofill@trident@@QAE@XZ
??1TridentSpecialPasswordForm@autofill@trident@@QAE@XZ
??4DownloadState@trident@@QAEAAU01@ABU01@@Z
??4ScrollAnimationSwitch@@QAEAAV0@ABV0@@Z
??4TridentDownloadParam@trident@@QAEAAU01@ABU01@@Z
??4TridentPasswordForm@autofill@trident@@QAEAAU012@ABU012@@Z
??4TridentSpecialPasswordForm@autofill@trident@@QAEAAU012@ABU012@@Z
??8TridentPasswordForm@autofill@trident@@QBE_NABU012@@Z
?IsScrollAnimationEnabled@ScrollAnimationSwitch@@SA_NXZ
?SetScrollAnimationSwitch@ScrollAnimationSwitch@@SAX_N@Z
?enabled_@ScrollAnimationSwitch@@0_NA
ChromeMain
GetHandleVerifier
IsSandboxedProcess
RelaunchChromeBrowserWithNewCommandLineIfNeeded
SetSingleMutexDelegate

Sections

.text
Size: 40.5MB - Virtual size: 40.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7.4MB - Virtual size: 7.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prot
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1.7MB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/chrome_100_percent.pak
$_65_/chrome_200_percent.pak
$_65_/chrome_child.dll
.dll windows:5 windows x86 arch:x86

a8199befcef87452b8266a084c628dab

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

15:55:28:e4:7b:3f:17:49:28:8d:3c:0d:62:54:61:de:15:b2:76:fb:a5:0e:c9:f4:7b:ab:3c:1d:d3:60:f0:38
Signer

Actual PE Digest

15:55:28:e4:7b:3f:17:49:28:8d:3c:0d:62:54:61:de:15:b2:76:fb:a5:0e:c9:f4:7b:ab:3c:1d:d3:60:f0:38

Digest Algorithm

sha256

PE Digest Matches

true

c3:f7:dc:46:04:78:fe:b8:7b:8c:6e:82:58:a1:99:dd:fa:9e:0a:b9
Signer

Actual PE Digest

c3:f7:dc:46:04:78:fe:b8:7b:8c:6e:82:58:a1:99:dd:fa:9e:0a:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome_child.dll.pdb

Imports

kernel32

AllocConsole
AreFileApisANSI
AssignProcessToJobObject
AttachConsole
CancelIo
ChangeTimerQueueTimer
CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileA
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
CreateToolhelp32Snapshot
DecodePointer
DeleteCriticalSection
DeleteFileA
DeleteFileW
DeleteTimerQueueTimer
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileExA
FindFirstFileExW
FindFirstFileW
FindFirstVolumeW
FindNextFileA
FindNextFileW
FindNextVolumeW
FindResourceW
FindVolumeClose
FlushFileBuffers
FlushInstructionCache
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetComputerNameW
GetConsoleCP
GetConsoleMode
GetCurrencyFormatW
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceA
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameA
GetFullPathNameW
GetGeoInfoW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLogicalProcessorInformation
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNamedPipeInfo
GetNativeSystemInfo
GetNumaHighestNodeNumber
GetNumberFormatW
GetOEMCP
GetOverlappedResult
GetPriorityClass
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemPowerStatus
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempFileNameW
GetTempPathA
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetUserDefaultUILanguage
GetUserGeoID
GetVersion
GetVersionExW
GetVolumeInformationW
GetVolumePathNameW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalMemoryStatusEx
GlobalSize
GlobalUnlock
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapLock
HeapQueryInformation
HeapReAlloc
HeapSetInformation
HeapSize
HeapUnlock
HeapValidate
HeapWalk
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedExchange
InterlockedExchangeAdd
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsBadReadPtr
IsBadStringPtrW
IsDebuggerPresent
IsProcessInJob
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockFile
LockFileEx
LockResource
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenEventW
OpenFileMappingW
OpenMutexW
OpenProcess
OpenThread
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
QueryDepthSList
QueryDosDeviceW
QueryInformationJobObject
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserAPC
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResetEvent
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetFileValidData
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetPriorityClass
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
UnhandledExceptionFilter
UnlockFile
UnlockFileEx
UnmapViewOfFile
UnregisterWait
UnregisterWaitEx
VirtualAlloc
VirtualAllocEx
VirtualFree
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile
WriteFileEx
WritePrivateProfileStringW
lstrcatW
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrcpyW
lstrlenA
lstrlenW

user32

ActivateKeyboardLayout
AllowSetForegroundWindow
AppendMenuW
AttachThreadInput
BeginDeferWindowPos
BeginPaint
CallNextHookEx
CallWindowProcW
CharNextW
ChildWindowFromPoint
ClientToScreen
ClipCursor
CloseClipboard
CreateCaret
CreateIconIndirect
CreatePopupMenu
CreateWindowExW
DefRawInputProc
DefWindowProcA
DefWindowProcW
DeferWindowPos
DestroyCaret
DestroyIcon
DestroyMenu
DestroyWindow
DispatchMessageW
EmptyClipboard
EnableWindow
EndDeferWindowPos
EndPaint
EnumChildWindows
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
EnumThreadWindows
FillRect
FindWindowExW
FindWindowW
GetActiveWindow
GetAncestor
GetAsyncKeyState
GetCapture
GetClassInfoExW
GetClassInfoW
GetClassNameW
GetClientRect
GetClipboardData
GetClipboardSequenceNumber
GetCursor
GetCursorPos
GetDC
GetDesktopWindow
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetGuiResources
GetKeyState
GetKeyboardLayout
GetKeyboardLayoutList
GetKeyboardLayoutNameW
GetKeyboardState
GetMenuItemCount
GetMenuItemInfoW
GetMessagePos
GetMessageTime
GetMessageW
GetMonitorInfoW
GetParent
GetPropW
GetQueueStatus
GetRawInputData
GetRawInputDeviceInfoW
GetRawInputDeviceList
GetSysColor
GetSystemMenu
GetSystemMetrics
GetWindow
GetWindowLongW
GetWindowRect
GetWindowTextW
GetWindowThreadProcessId
InvalidateRect
IsChild
IsClipboardFormatAvailable
IsGUIThread
IsHungAppWindow
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
KillTimer
LoadCursorW
LoadIconW
LoadStringW
MapWindowPoints
MessageBoxA
MessageBoxW
MonitorFromWindow
MoveWindow
MsgWaitForMultipleObjectsEx
NotifyWinEvent
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PostQuitMessage
PostThreadMessageW
PrintWindow
RealGetWindowClassW
RedrawWindow
RegisterClassExW
RegisterClassW
RegisterClipboardFormatW
RegisterRawInputDevices
RegisterWindowMessageW
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendInput
SendMessageTimeoutW
SendMessageW
SendNotifyMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClassLongW
SetClipboardData
SetCursor
SetFocus
SetForegroundWindow
SetKeyboardState
SetLayeredWindowAttributes
SetParent
SetPropW
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowsHookExW
ShowWindow
SystemParametersInfoW
ToUnicodeEx
TrackMouseEvent
TrackPopupMenu
TranslateMessage
UnhookWindowsHookEx
UnregisterClassW
WindowFromPoint

winmm

midiStreamClose
timeBeginPeriod
timeEndPeriod
timeGetTime
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInMessage
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetNumDevs
waveOutOpen
waveOutPause
waveOutPrepareHeader
waveOutReset
waveOutRestart
waveOutUnprepareHeader
waveOutWrite

ole32

CLSIDFromProgID
CLSIDFromString
CoAllowSetForegroundWindow
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoCreateInstance
CoGetClassObject
CoInitializeEx
CoInitializeSecurity
CoLoadLibrary
CoMarshalInterThreadInterfaceInStream
CoMarshalInterface
CoSetProxyBlanket
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoUninitialize
CoUnmarshalInterface
CoWaitForMultipleHandles
CreateStreamOnHGlobal
GetHGlobalFromStream
OleDuplicateData
OleInitialize
OleUninitialize
PropVariantClear
ReleaseStgMedium
StringFromGUID2

msdmo

MoFreeMediaType
MoInitMediaType

ws2_32

WSACloseEvent
WSACreateEvent
WSAEnumNetworkEvents
WSAEventSelect
WSAGetLastError
WSAGetOverlappedResult
WSAIoctl
WSALookupServiceBeginW
WSALookupServiceEnd
WSALookupServiceNextW
WSARecvFrom
WSAResetEvent
WSASend
WSASendTo
WSASetEvent
WSASetServiceW
WSASocketW
WSAStartup
WSAWaitForMultipleEvents
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostname
getpeername
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
send
sendto
setsockopt
shutdown
socket

advapi32

AdjustTokenPrivileges
AllocateAndInitializeSid
CheckTokenMembership
ConvertSidToStringSidW
ConvertStringSecurityDescriptorToSecurityDescriptorW
CreateProcessAsUserW
CryptAcquireContextW
CryptGenRandom
CryptReleaseContext
DeregisterEventSource
FreeSid
GetTokenInformation
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
GetUserNameW
ImpersonateAnonymousToken
InitializeAcl
InitializeSecurityDescriptor
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegNotifyChangeKeyValue
RegOpenKeyExA
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegisterEventSourceA
RegisterTraceGuidsW
ReportEventA
RevertToSelf
SetSecurityDescriptorDacl
SystemFunction036
TraceEvent
UnregisterTraceGuids

oleaut32

LoadRegTypeLi
LoadTypeLi
LoadTypeLibEx
SysAllocString
SysFreeString
SysStringLen
VarCmp
VarUI4FromStr
VariantClear
VariantInit

gdi32

AddFontMemResourceEx
BeginPath
BitBlt
CancelDC
ChoosePixelFormat
CloseEnhMetaFile
CloseFigure
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateEnhMetaFileW
CreateFontA
CreateFontIndirectA
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateRectRgnIndirect
CreateSolidBrush
DeleteDC
DeleteEnhMetaFile
DeleteObject
EndDoc
EndPath
EnumEnhMetaFile
EnumFontFamiliesExA
EnumFontFamiliesExW
ExtCreatePen
ExtEscape
ExtTextOutW
FillPath
GdiAlphaBlend
GdiComment
GdiFlush
GetCharABCWidthsW
GetCharWidthW
GetClipBox
GetClipRgn
GetDIBits
GetDeviceCaps
GetEnhMetaFileBits
GetEnhMetaFileHeader
GetFontData
GetFontUnicodeRanges
GetGlyphIndicesW
GetGlyphOutlineW
GetICMProfileW
GetObjectType
GetObjectW
GetOutlineTextMetricsW
GetRegionData
GetStockObject
GetTextExtentPointI
GetTextFaceA
GetTextFaceW
GetTextMetricsW
GetWorldTransform
IntersectClipRect
LineTo
ModifyWorldTransform
MoveToEx
PlayEnhMetaFile
PlayEnhMetaFileRecord
PolyBezierTo
RemoveFontMemResourceEx
RestoreDC
SaveDC
SelectClipPath
SelectClipRgn
SelectObject
SetAbortProc
SetArcDirection
SetBkColor
SetBkMode
SetBrushOrgEx
SetDCBrushColor
SetDCPenColor
SetDIBits
SetDIBitsToDevice
SetEnhMetaFileBits
SetGraphicsMode
SetMiterLimit
SetPixelFormat
SetPolyFillMode
SetROP2
SetRectRgn
SetStretchBltMode
SetTextAlign
SetTextColor
SetWorldTransform
StartDocW
StretchDIBits
StrokeAndFillPath
StrokePath
SwapBuffers
WidenPath

oleacc

AccessibleObjectFromWindow
CreateStdAccessibleObject
LresultFromObject

netapi32

NetApiBufferFree
NetLocalGroupGetMembers

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
PrintDlgExW

chrome_elf

DumpProcessWithoutCrash
GetInstallDetailsPayload
GetUserDataDirectoryThunk
SetMetricsClientId

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathAppendW
PathFindExtensionW
PathFindFileNameW
PathMatchSpecW
PathRemoveExtensionW
PathRemoveFileSpecW
ord158
StrCmpNIW
StrCmpNW

userenv

CreateEnvironmentBlock
DestroyEnvironmentBlock

iphlpapi

CancelIPChangeNotify
GetAdaptersAddresses
GetInterfaceInfo
IpReleaseAddress
IpRenewAddress
NotifyAddrChange

crypt32

CertAddEncodedCertificateToStore
CertCloseStore
CertCompareCertificateName
CertCreateCertificateChainEngine
CertDuplicateCertificateContext
CertFindExtension
CertFreeCertificateChain
CertFreeCertificateChainEngine
CertFreeCertificateContext
CertGetCertificateChain
CertGetCertificateContextProperty
CertGetIssuerCertificateFromStore
CertOpenStore
CertSetCertificateContextProperty
CertVerifyCertificateChainPolicy
CryptDecodeObjectEx
CryptInstallOIDFunctionAddress
CryptProtectData
CryptUnprotectData
CryptVerifyCertificateSignatureEx

winspool.drv

ClosePrinter
DeviceCapabilitiesW
DocumentPropertiesW
EnumPrintersW
ord203
GetPrinterDriverW
GetPrinterW
OpenPrinterW

dbghelp

StackWalk64
SymFromAddr
SymFunctionTableAccess64
SymGetLineFromAddr64
SymGetModuleBase64
SymGetSearchPath
SymInitialize
SymSetOptions
SymSetSearchPath

winhttp

WinHttpCloseHandle
WinHttpGetIEProxyConfigForCurrentUser
WinHttpGetProxyForUrl
WinHttpOpen
WinHttpSetTimeouts

usp10

ScriptFreeCache
ScriptItemize
ScriptShape

imm32

ImmAssociateContextEx
ImmGetCompositionStringA
ImmGetCompositionStringW
ImmGetContext
ImmGetConversionStatus
ImmGetDescriptionW
ImmGetVirtualKey
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionWindow
ImmSetOpenStatus

urlmon

CoInternetCreateSecurityManager
CoInternetCreateZoneManager
CreateURLMonikerEx
RegisterBindStatusCallback
RevokeBindStatusCallback

secur32

AcquireCredentialsHandleA
AcquireCredentialsHandleW
CompleteAuthToken
DeleteSecurityContext
FreeContextBuffer
FreeCredentialsHandle
InitializeSecurityContextA
InitializeSecurityContextW
QuerySecurityPackageInfoW

imagehlp

ImageEnumerateCertificates
ImageRemoveCertificate

dhcpcsvc

DhcpCApiInitialize
DhcpRequestParams

Exports

Exports

??0BeforeNavigate2Params@trident@@QAE@ABU01@@Z
??0BeforeNavigate2Params@trident@@QAE@XZ
??0DownloadState@trident@@QAE@XZ
??0NavigateParam@trident@@QAE@ABU01@@Z
??0NavigateParam@trident@@QAE@XZ
??0NewWindowParam@trident@@QAE@ABU01@@Z
??0NewWindowParam@trident@@QAE@XZ
??0ScrollAnimationSwitch@@AAE@XZ
??0TridentDownloadParam@trident@@QAE@ABU01@@Z
??0TridentDownloadParam@trident@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@ABV?$vector@UUrlMatchPair@list_matcher@@V?$allocator@UUrlMatchPair@list_matcher@@@std@@@3@@Z
??0TridentDownloadParam@trident@@QAE@XZ
??0TridentPasswordForm@autofill@trident@@QAE@ABU012@@Z
??0TridentPasswordForm@autofill@trident@@QAE@XZ
??0TridentSpecialPasswordForm@autofill@trident@@QAE@ABU012@@Z
??0TridentSpecialPasswordForm@autofill@trident@@QAE@XZ
??1BeforeNavigate2Params@trident@@QAE@XZ
??1DownloadState@trident@@QAE@XZ
??1NavigateParam@trident@@QAE@XZ
??1NewWindowParam@trident@@QAE@XZ
??1ScrollAnimationSwitch@@AAE@XZ
??1TridentDownloadParam@trident@@QAE@XZ
??1TridentPasswordForm@autofill@trident@@QAE@XZ
??1TridentSpecialPasswordForm@autofill@trident@@QAE@XZ
??4BeforeNavigate2Params@trident@@QAEAAU01@ABU01@@Z
??4DownloadState@trident@@QAEAAU01@ABU01@@Z
??4NavigateParam@trident@@QAEAAU01@ABU01@@Z
??4NewWindowParam@trident@@QAEAAU01@ABU01@@Z
??4ScrollAnimationSwitch@@QAEAAV0@ABV0@@Z
??4TridentDownloadParam@trident@@QAEAAU01@ABU01@@Z
??4TridentPasswordForm@autofill@trident@@QAEAAU012@ABU012@@Z
??4TridentSpecialPasswordForm@autofill@trident@@QAEAAU012@ABU012@@Z
??8TridentPasswordForm@autofill@trident@@QBE_NABU012@@Z
?IsScrollAnimationEnabled@ScrollAnimationSwitch@@SA_NXZ
?SetScrollAnimationSwitch@ScrollAnimationSwitch@@SAX_N@Z
?enabled_@ScrollAnimationSwitch@@0_NA
ChromeMain
GetHandleVerifier
IsSandboxedProcess
SetSingleMutexDelegate

Sections

.text
Size: 57.8MB - Virtual size: 57.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9.6MB - Virtual size: 9.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 171KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rodata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

prot
Size: 512B - Virtual size: 21B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/chrome_elf.dll
.dll windows:5 windows x86 arch:x86

151cb6cadd120048c706148baf11e472

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f0:6c:d9:4e:00:68:2d:54:ac:2b:4c:a1:63:10:3b:57:c7:70:cc:23:09:aa:9c:34:0c:e6:1a:52:34:b6:7e:06
Signer

Actual PE Digest

f0:6c:d9:4e:00:68:2d:54:ac:2b:4c:a1:63:10:3b:57:c7:70:cc:23:09:aa:9c:34:0c:e6:1a:52:34:b6:7e:06

Digest Algorithm

sha256

PE Digest Matches

true

fc:15:12:d6:a8:89:a8:11:16:f4:2c:44:4f:aa:ee:d9:aa:d3:ec:28
Signer

Actual PE Digest

fc:15:12:d6:a8:89:a8:11:16:f4:2c:44:4f:aa:ee:d9:aa:d3:ec:28

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome_elf.dll.pdb

Imports

kernel32

CloseHandle
CompareStringW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateNamedPipeW
CreateProcessW
CreateRemoteThread
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FlushFileBuffers
FlushInstructionCache
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileAttributesExW
GetFileAttributesW
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessId
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetTickCount
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
LockFileEx
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
ReleaseMutex
RemoveDirectoryW
RtlCaptureStackBackTrace
RtlUnwind
SetConsoleCtrlHandler
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointerEx
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetStdHandle
SetUnhandledExceptionFilter
Sleep
SleepEx
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualAllocEx
VirtualFreeEx
VirtualProtect
VirtualProtectEx
VirtualQuery
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
WriteProcessMemory
lstrcatW
lstrcpyW
lstrlenW

user32

MessageBoxW

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

shlwapi

PathMatchSpecW

ole32

CoTaskMemFree

iphlpapi

GetAdaptersAddresses

Exports

Exports

AddDllToBlacklist
CrashForException_ExportThunk
DrainLog
DumpHungProcessWithPtype_ExportThunk
DumpProcessWithoutCrash
ExitProcessOnCrash
GetCrashReports_ExportThunk
GetCrashpadDatabasePath_ExportThunk
GetHandleVerifier
GetInstallDetailsPayload
GetUnhookErrorAndBlockedDlls
GetUserDataDirectoryThunk
InjectDumpForHungInput_ExportThunk
IsBlacklistInitialized
RegisterLogNotification
RequestSingleCrashUpload_ExportThunk
SetMetricsClientId
SetUploadConsent_ExportThunk
ShouldShowRestartDialogIfCrashed
ShowRestartDialogIfCrashed
SignalChromeElf
SignalInitializeCrashReporting
SuccessfullyBlocked

Sections

.text
Size: 470KB - Virtual size: 469KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 159KB - Virtual size: 158KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.crthunk
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/chrome_initial.dll
.dll windows:5 windows x86 arch:x86

8dea77f17fb04881e1c9b581de7dd1cc

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:52:c9:9c:e8:9f:50:0a:27:03:ca:8c:31:6b:92:65:17:4f:90:9b:2c:6a:9c:59:8e:e7:98:dd:7d:96:ba:a2
Signer

Actual PE Digest

0c:52:c9:9c:e8:9f:50:0a:27:03:ca:8c:31:6b:92:65:17:4f:90:9b:2c:6a:9c:59:8e:e7:98:dd:7d:96:ba:a2

Digest Algorithm

sha256

PE Digest Matches

true

86:f2:6e:53:db:a8:91:9f:2d:0f:a7:ab:63:d8:97:51:0b:a1:54:03
Signer

Actual PE Digest

86:f2:6e:53:db:a8:91:9f:2d:0f:a7:ab:63:d8:97:51:0b:a1:54:03

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome_initial.dll.pdb

Imports

kernel32

CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateMutexW
CreateNamedPipeW
CreateProcessW
CreateSemaphoreW
CreateThread
CreateToolhelp32Snapshot
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileIntW
GetPrivateProfileStringW
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetSystemWow64DirectoryW
GetTempFileNameW
GetTempPathW
GetThreadContext
GetThreadLocale
GetThreadTimes
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalMemoryStatusEx
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedExchangeAdd
InterlockedFlushSList
IsBadStringPtrW
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalAlloc
LocalFileTimeToFileTime
LocalFree
LockFileEx
LockResource
MapViewOfFile
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenMutexW
OpenProcess
OutputDebugStringA
OutputDebugStringW
PeekNamedPipe
PostQueuedCompletionStatus
Process32FirstW
Process32NextW
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetProcessShutdownParameters
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenW

user32

AllowSetForegroundWindow
CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
FindWindowExW
GetGuiResources
GetMessageW
GetWindowLongW
GetWindowThreadProcessId
IsWindow
MessageBoxA
MessageBoxW
PostMessageW
RegisterClassW
SendMessageTimeoutW
SetWindowLongW
TranslateMessage
UnregisterClassW
wsprintfW

shlwapi

PathAppendW
PathFileExistsW
PathMatchSpecW
PathRemoveFileSpecW

chrome_elf

GetInstallDetailsPayload
SignalChromeElf
SignalInitializeCrashReporting

advapi32

GetUserNameW
ImpersonateNamedPipeClient
RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RevertToSelf
SystemFunction036

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

timeGetTime

ole32

CoTaskMemFree

dbghelp

MiniDumpWriteDump

imm32

ImmDisableIME

ws2_32

WSAStartup
gethostbyname
gethostname
inet_ntoa

winhttp

WinHttpAddRequestHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpReadData
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpWriteData

iphlpapi

GetAdaptersAddresses

Exports

Exports

ChromeInitialMain
GetHandleVerifier
IsSandboxedProcess

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 315KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 25B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 171KB - Virtual size: 171KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 58KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/chrome_watcher.dll
.dll windows:5 windows x86 arch:x86

5e88594997871a1f86d8786dbd7d8d97

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:ca:ee:fb:db:15:a6:a2:76:4a:56:da:46:65:21:73:04:9d:43:96:91:2a:f6:6a:c2:d2:6e:d9:8f:d2:af:32
Signer

Actual PE Digest

69:ca:ee:fb:db:15:a6:a2:76:4a:56:da:46:65:21:73:04:9d:43:96:91:2a:f6:6a:c2:d2:6e:d9:8f:d2:af:32

Digest Algorithm

sha256

PE Digest Matches

true

9f:5d:5f:bf:c5:fd:a4:a8:05:98:e7:6e:54:8a:4d:ed:4f:13:a3:9c
Signer

Actual PE Digest

9f:5d:5f:bf:c5:fd:a4:a8:05:98:e7:6e:54:8a:4d:ed:4f:13:a3:9c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\chrome_watcher.dll.pdb

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
CreateIoCompletionPort
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileType
GetFullPathNameW
GetLastError
GetLocalTime
GetLocaleInfoW
GetModuleFileNameW
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetProcAddress
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadPriority
GetThreadTimes
GetTickCount
GetUserDefaultLCID
GetVersionExW
GetWindowsDirectoryW
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MultiByteToWideChar
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ResetEvent
RtlCaptureStackBackTrace
RtlUnwind
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFilePointerEx
SetLastError
SetProcessShutdownParameters
SetStdHandle
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
SwitchToThread
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteConsoleW
WriteFile

chrome_elf

GetInstallDetailsPayload

user32

CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetQueueStatus
GetWindowLongW
KillTimer
MsgWaitForMultipleObjectsEx
PeekMessageW
PostMessageW
RegisterClassExW
SetTimer
SetWindowLongW
TranslateMessage
UnregisterClassW

advapi32

GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegisterTraceGuidsW
TraceEvent
UnregisterTraceGuids

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize

Exports

Exports

GetHandleVerifier
WatcherMain

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/coral_extract.dll
.dll windows:4 windows x86 arch:x86

27078d36f37371b0a00fb89ab0cc3581

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be
Signer

Actual PE Digest

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be

Digest Algorithm

sha256

PE Digest Matches

true

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b
Signer

Actual PE Digest

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\rczip.dev\trunk\bin\Win32\release\pdb\Extract7z.pdb

Imports

kernel32

GetProcAddress
VirtualAlloc
GetModuleHandleW
VirtualFree
InterlockedExchangeAdd
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetLastError
ReadFile
CreateFileW
SetFilePointer
CloseHandle
LoadLibraryW
FreeLibrary
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetFileAttributesW
FormatMessageW
LocalFree
FindFirstFileW
FindClose
FindNextFileW
DeleteFileW
CreateDirectoryW
GetFileSize
GetFullPathNameW
SetFileTime
GetTempFileNameW
SetFileAttributesW
MoveFileW
lstrlenW
SetEndOfFile
FindResourceW
WaitForMultipleObjects
CreateEventW
ResetEvent
WaitForSingleObject
SetEvent
CreateThread
ExitThread
ResumeThread

user32

LoadStringW

Exports

Exports

ExtractArchive

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/courgette_dll.dll
.dll windows:5 windows x86 arch:x86

1d7c9bcc99e6aca371d12f2394c4a65a

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

f8:1a:bb:5b:47:21:33:af:46:84:e9:9e:48:59:3c:72:62:7a:5e:86:64:9c:0e:eb:00:9a:e4:68:ce:1e:7b:10
Signer

Actual PE Digest

f8:1a:bb:5b:47:21:33:af:46:84:e9:9e:48:59:3c:72:62:7a:5e:86:64:9c:0e:eb:00:9a:e4:68:ce:1e:7b:10

Digest Algorithm

sha256

PE Digest Matches

true

f1:96:e3:a6:a1:26:6e:d6:2c:24:22:c4:d1:a3:7b:45:f6:48:e0:33
Signer

Actual PE Digest

f1:96:e3:a6:a1:26:6e:d6:2c:24:22:c4:d1:a3:7b:45:f6:48:e0:33

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\V56_87\src\out\official_release\courgette_dll.dll.pdb

Imports

kernel32

HeapSize
HeapFree
HeapReAlloc
HeapAlloc
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetOEMCP
IsValidCodePage
FindNextFileA
FindFirstFileExA
CloseHandle
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
GetProcAddress
GetModuleHandleW
ReadFile
SetLastError
GetLongPathNameW
GetCurrentProcess
WriteFile
RemoveDirectoryW
GetTempPathW
CreateFileW
GetFileAttributesW
SetFileAttributesW
GetLastError
GetFileAttributesExW
DeleteFileW
GetCurrentDirectoryW
GetTempFileNameW
GetCurrentThreadId
Sleep
RaiseException
IsDebuggerPresent
GetModuleFileNameW
GetLocalTime
GetCurrentProcessId
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetEnvironmentVariableW
GetEnvironmentVariableW
GetFileSizeEx
SetEndOfFile
SetFilePointerEx
FlushFileBuffers
FindFirstFileW
FindFirstFileExW
FindNextFileW
FindClose
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
SwitchToThread
DeleteCriticalSection
GetVersionExW
GetNativeSystemInfo
GetModuleFileNameA
RtlCaptureStackBackTrace
SetUnhandledExceptionFilter
TerminateProcess
TlsSetValue
TlsAlloc
TlsGetValue
TlsFree
FreeLibrary
EncodePointer
DecodePointer
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
UnhandledExceptionFilter
IsProcessorFeaturePresent
GetStartupInfoW
InitializeSListHead
RtlUnwind
InterlockedFlushSList
LoadLibraryExW
GetProcessHeap
SetStdHandle
GetFileType
GetConsoleCP
GetConsoleMode
ExitProcess
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetACP
ReadConsoleW
WriteConsoleW

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

Exports

Exports

FileApplyPatch
FolderApplyPatch
GetHandleVerifier

Sections

.text
Size: 290KB - Virtual size: 289KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/crashpad_helper.exe
.exe windows:5 windows x86 arch:x86

9f627af0c884015a05b789528a42a7e5

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

21:0d:b0:85:64:65:c2:a1:18:66:14:76:83:93:93:f5:13:a4:b3:c2:77:9d:41:12:76:59:0b:2a:56:00:ca:a2
Signer

Actual PE Digest

21:0d:b0:85:64:65:c2:a1:18:66:14:76:83:93:93:f5:13:a4:b3:c2:77:9d:41:12:76:59:0b:2a:56:00:ca:a2

Digest Algorithm

sha256

PE Digest Matches

true

8e:8f:2c:c8:90:e3:5f:d4:08:d9:e1:04:6b:08:99:cc:1e:5c:a2:b4
Signer

Actual PE Digest

8e:8f:2c:c8:90:e3:5f:d4:08:d9:e1:04:6b:08:99:cc:1e:5c:a2:b4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\V68_45\src\out\official_release\crashpad_helper.exe.pdb

Imports

kernel32

CloseHandle
CompareStringW
ConnectNamedPipe
CopyFileW
CreateDirectoryW
CreateEventW
CreateFileMappingW
CreateFileW
CreateIoCompletionPort
CreateNamedPipeW
CreateProcessW
CreateSemaphoreW
CreateThread
DecodePointer
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DisconnectNamedPipe
DosDateTimeToFileTime
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
ExpandEnvironmentStringsW
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindFirstFileW
FindNextFileW
FindResourceW
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetComputerNameExW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatW
GetDiskFreeSpaceExW
GetDiskFreeSpaceW
GetDriveTypeW
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesExW
GetFileAttributesW
GetFileInformationByHandle
GetFileSize
GetFileSizeEx
GetFileTime
GetFileType
GetFullPathNameW
GetHandleInformation
GetLastError
GetLocalTime
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNativeSystemInfo
GetOEMCP
GetPrivateProfileStringW
GetProcAddress
GetProcessHandleCount
GetProcessHeap
GetProcessId
GetProcessTimes
GetQueuedCompletionStatus
GetShortPathNameW
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemDefaultLCID
GetSystemDirectoryW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempFileNameW
GetTempPathW
GetThreadContext
GetThreadLocale
GetTickCount
GetTimeFormatW
GetTimeZoneInformation
GetUserDefaultLCID
GetUserDefaultLangID
GetVersion
GetVersionExW
GetVolumeInformationW
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalMemoryStatusEx
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSetInformation
HeapSize
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedExchangeAdd
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LoadResource
LocalFileTimeToFileTime
LocalFree
LockFileEx
LockResource
MapViewOfFile
MoveFileExW
MoveFileW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PeekNamedPipe
PostQueuedCompletionStatus
QueryDosDeviceW
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadProcessMemory
RegisterWaitForSingleObject
ReleaseSemaphore
RemoveDirectoryW
ReplaceFileW
ResumeThread
RtlCaptureStackBackTrace
RtlUnwind
SearchPathW
SetConsoleCtrlHandler
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFilePointer
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetNamedPipeHandleState
SetProcessShutdownParameters
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
SleepEx
SuspendThread
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TransactNamedPipe
TryEnterCriticalSection
UnhandledExceptionFilter
UnlockFileEx
UnmapViewOfFile
UnregisterWaitEx
VirtualProtect
VirtualQuery
VirtualQueryEx
WaitForMultipleObjects
WaitForSingleObject
WaitNamedPipeW
WideCharToMultiByte
WriteConsoleW
WriteFile
WritePrivateProfileStringW
lstrcatW
lstrcmpiW
lstrcpyW
lstrlenW

advapi32

GetUserNameW
ImpersonateNamedPipeClient
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
RevertToSelf
SystemFunction036

user32

CreateWindowExW
DefWindowProcW
DestroyWindow
DispatchMessageW
GetGuiResources
GetMessageW
GetWindowLongW
PostMessageW
RegisterClassW
SetWindowLongW
TranslateMessage
UnregisterClassW

imm32

ImmDisableIME

ws2_32

WSAStartup
gethostbyname
gethostname
inet_ntoa

ole32

CoTaskMemFree

winhttp

WinHttpAddRequestHeaders
WinHttpCloseHandle
WinHttpConnect
WinHttpCrackUrl
WinHttpGetIEProxyConfigForCurrentUser
WinHttpOpen
WinHttpOpenRequest
WinHttpQueryHeaders
WinHttpReadData
WinHttpReceiveResponse
WinHttpSendRequest
WinHttpSetTimeouts
WinHttpWriteData

version

GetFileVersionInfoSizeW
GetFileVersionInfoW
VerQueryValueW

winmm

timeGetTime

shlwapi

PathMatchSpecW

iphlpapi

GetAdaptersAddresses

Exports

Exports

GetHandleVerifier

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 229KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CPADinfo
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/d3dcompiler_47.dll
.dll windows:10 windows x86 arch:x86

0f31485cd3d6d36b416b744fa9701f28

Code Sign

33:00:00:00:bf:91:6c:fb:7c:1a:24:e0:22:00:00:00:00:00:bf
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/09/2016, 17:58

Not After

07/09/2018, 17:58

Subject

CN=Microsoft Time-Stamp Service,OU=AOC+OU=nCipher DSE ESN:57C8-2D15-1C8B,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:79:7c:2e:57:4e:52:e1:ca:d6:00:01:00:00:01:79
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11/08/2017, 20:11

Not After

11/08/2018, 20:11

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:33:26:1a:00:00:00:00:00:31
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

31/08/2010, 22:19

Not After

31/08/2020, 22:29

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:cc:b5:5b:42:17:07:60:13:11:00:00:00:00:01:cc
Certificate

Issuer

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

12/09/2017, 18:07

Not After

12/09/2018, 18:07

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0c:52:4c:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/07/2010, 20:40

Not After

06/07/2025, 20:50

Subject

CN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

83:a1:f0:55:79:36:00:b7:9e:9a:9c:b7:2a:f2:d0:a2:d5:d7:3a:28:1b:10:74:89:5a:02:b2:b5:4b:7c:f0:98
Signer

Actual PE Digest

83:a1:f0:55:79:36:00:b7:9e:9a:9c:b7:2a:f2:d0:a2:d5:d7:3a:28:1b:10:74:89:5a:02:b2:b5:4b:7c:f0:98

Digest Algorithm

sha256

PE Digest Matches

true

ac:b4:44:bd:e1:f5:e4:af:06:16:58:bd:fe:68:0f:83:87:b8:a3:3b
Signer

Actual PE Digest

ac:b4:44:bd:e1:f5:e4:af:06:16:58:bd:fe:68:0f:83:87:b8:a3:3b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D3DCompiler_47.pdb

Imports

msvcrt

__dllonexit
_unlock
strncpy_s
malloc
_strnicmp
atoi
isdigit
_lock
??1type_info@@UAE@XZ
_initterm
_amsg_exit
_XcptFilter
_callnewh
_isnan
_purecall
__isascii
_clearfp
_controlfp
_strdup
_mbstrlen
_vsnwprintf
strtoul
isxdigit
isalpha
atof
strchr
setlocale
strnlen
_onexit
modf
isspace
wcsncmp
wcsncpy_s
_wcsicmp
memcpy
memset
fclose
bsearch
qsort
strcat_s
_except_handler4_common
_CxxThrowException
_snwprintf_s
__unDName
fread
fseek
_wfsopen
wcstoul
_fileno
sscanf_s
_filelengthi64
towlower
_wcsnicmp
_wsplitpath_s
wcscpy_s
wcsncat_s
wcsrchr
swprintf_s
_wmakepath_s
time
_wcsdup
_wgetenv
_wfullpath
_chsize_s
_close
_read
_write
_lseeki64
_get_osfhandle
_open_osfhandle
wcscat_s
ftell
_mbscmp
_memicmp
toupper
_atoi64
_errno
strtod
__CxxFrameHandler3
_strtoui64
?terminate@@YAXXZ
strstr
ceil
strrchr
tolower
_finite
_fpclass
memmove
strcpy_s
memcpy_s
isalnum
getenv
free
_stricmp
sprintf_s
_vsnprintf
strncmp
_wsopen
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_ftol2
_ftol2_sse
floor

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
HeapCreate
lstrcmpiA
CreateFileA
LCMapStringW
FlushViewOfFile
MapViewOfFileEx
SetFilePointer
InitializeCriticalSectionAndSpinCount
ExpandEnvironmentStringsW
DeviceIoControl
SetFilePointerEx
SetEndOfFile
GetFileType
DeleteFileW
GetFileAttributesW
SetFileAttributesW
SetLastError
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileSize
LocalFree
LocalAlloc
DisableThreadLibraryCalls
MultiByteToWideChar
WideCharToMultiByte
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
OutputDebugStringA
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
FreeLibrary
VirtualFree
VirtualAlloc
GetSystemInfo
CreateFileW
GetLastError
GetFileSizeEx
ReadFile
CloseHandle
Sleep
TlsAlloc
TlsSetValue
HeapDestroy
TlsGetValue
TlsFree
GetFullPathNameW
GetFullPathNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
GetProcAddress
LoadLibraryExW

advapi32

RegOpenKeyExW
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExW
CryptDestroyHash
RegCloseKey

rpcrt4

UuidCreate

Exports

Exports

D3DAssemble
D3DCompile
D3DCompile2
D3DCompileFromFile
D3DCompressShaders
D3DCreateBlob
D3DCreateFunctionLinkingGraph
D3DCreateLinker
D3DDecompressShaders
D3DDisassemble
D3DDisassemble10Effect
D3DDisassemble11Trace
D3DDisassembleRegion
D3DGetBlobPart
D3DGetDebugInfo
D3DGetInputAndOutputSignatureBlob
D3DGetInputSignatureBlob
D3DGetOutputSignatureBlob
D3DGetTraceInstructionOffsets
D3DLoadModule
D3DPreprocess
D3DReadFileToBlob
D3DReflect
D3DReflectLibrary
D3DReturnFailure1
D3DSetBlobPart
D3DStripShader
D3DWriteBlobToFile
DebugSetMute

Sections

.text
Size: 3.3MB - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 118KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/icudtl.dat
$_65_/libcurl_x86.dll
.dll windows:6 windows x86 arch:x86

a996403d816908e79c3d6e0ea1cbe2e2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2
Signer

Actual PE Digest

bb:3d:5d:d0:3d:03:0c:f0:87:df:14:f2:aa:0c:72:df:8c:d9:98:18:d5:38:5f:b0:41:c4:b6:30:aa:34:bb:f2

Digest Algorithm

sha256

PE Digest Matches

true

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e
Signer

Actual PE Digest

a7:48:82:7f:c5:56:56:93:12:51:c6:18:5d:ed:72:18:9b:74:1b:0e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\dev\RCFL\vendor\depends\curl\out\bin\Win32\release_static\pdb\libcurl_x86.pdb

Imports

ws2_32

bind
closesocket
connect
getpeername
getsockopt
htons
ntohs
recv
setsockopt
socket
WSASetLastError
WSAIoctl
getaddrinfo
freeaddrinfo
gethostname
accept
WSAGetLastError
listen
ioctlsocket
__WSAFDIsSet
select
send
WSAStartup
WSACleanup
recvfrom
sendto
getsockname
shutdown
htonl
ntohl
gethostbyname
getservbyname

wldap32

ord145
ord219
ord301
ord147
ord133
ord79
ord142
ord167
ord127
ord27
ord26
ord118
ord41
ord208
ord216
ord14
ord46

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

kernel32

FindNextFileA
SystemTimeToTzSpecificLocalTime
GetDriveTypeW
FindFirstFileExW
FindClose
RaiseException
ReadConsoleW
SetStdHandle
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
GetModuleFileNameW
GetProcessHeap
RtlUnwind
FatalAppExitA
CreateSemaphoreW
GetStartupInfoW
FindFirstFileA
GetFullPathNameA
HeapSize
SetEndOfFile
WriteConsoleW
GetCurrentDirectoryW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SleepEx
MultiByteToWideChar
WideCharToMultiByte
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsA
Sleep
GetLastError
SetLastError
FormatMessageA
VerSetConditionMask
FreeLibrary
GetProcAddress
LoadLibraryW
GetModuleHandleW
GetSystemDirectoryW
QueryPerformanceFrequency
VerifyVersionInfoW
WaitForMultipleObjects
GetFileType
GetStdHandle
ReadFile
PeekNamedPipe
GetTickCount
QueryPerformanceCounter
FlushConsoleInputBuffer
WriteFile
GetCurrentThreadId
GetModuleHandleA
GetCurrentProcessId
GlobalMemoryStatus
LoadLibraryA
GetSystemTime
SystemTimeToFileTime
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
GetCurrentProcess
CreateEventW
SetCurrentDirectoryW
GetFullPathNameW
SetEnvironmentVariableA
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
GetStringTypeW
OutputDebugStringW
GetTimeZoneInformation
CreateFileW
SetFileAttributesW
GetFileAttributesExW
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetConsoleCP
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CreateThread
ExitThread
LoadLibraryExW
HeapFree
HeapAlloc
HeapReAlloc
SetFilePointerEx
FileTimeToLocalFileTime
GetFileInformationByHandle
FileTimeToSystemTime
GetCommandLineA
SetConsoleCtrlHandler
GetConsoleMode
GetNumberOfConsoleInputEvents
PeekConsoleInputA
ReadConsoleInputA
SetConsoleMode
ExitProcess
GetModuleHandleExW
AreFileApisANSI
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers

user32

ReleaseDC
GetDC
GetDesktopWindow
MessageBoxA
GetUserObjectInformationW
GetProcessWindowStation

gdi32

DeleteObject
GetDeviceCaps
GetDIBits
GetObjectA
CreateCompatibleBitmap

advapi32

RegisterEventSourceA
CryptEnumProvidersA
CryptSignHashA
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptReleaseContext
CryptAcquireContextA
ReportEventA
DeregisterEventSource

Exports

Exports

curl_easy_cleanup
curl_easy_duphandle
curl_easy_escape
curl_easy_getinfo
curl_easy_init
curl_easy_pause
curl_easy_perform
curl_easy_recv
curl_easy_reset
curl_easy_send
curl_easy_setopt
curl_easy_strerror
curl_easy_unescape
curl_easy_upkeep
curl_escape
curl_formadd
curl_formfree
curl_formget
curl_free
curl_getdate
curl_getenv
curl_global_cleanup
curl_global_init
curl_global_init_mem
curl_global_sslset
curl_maprintf
curl_mfprintf
curl_mime_addpart
curl_mime_data
curl_mime_data_cb
curl_mime_encoder
curl_mime_filedata
curl_mime_filename
curl_mime_free
curl_mime_headers
curl_mime_init
curl_mime_name
curl_mime_subparts
curl_mime_type
curl_mprintf
curl_msnprintf
curl_msprintf
curl_multi_add_handle
curl_multi_assign
curl_multi_cleanup
curl_multi_fdset
curl_multi_info_read
curl_multi_init
curl_multi_perform
curl_multi_remove_handle
curl_multi_setopt
curl_multi_socket
curl_multi_socket_action
curl_multi_socket_all
curl_multi_strerror
curl_multi_timeout
curl_multi_wait
curl_mvaprintf
curl_mvfprintf
curl_mvprintf
curl_mvsnprintf
curl_mvsprintf
curl_pushheader_byname
curl_pushheader_bynum
curl_share_cleanup
curl_share_init
curl_share_setopt
curl_share_strerror
curl_slist_append
curl_slist_free_all
curl_strequal
curl_strnequal
curl_unescape
curl_url
curl_url_cleanup
curl_url_dup
curl_url_get
curl_url_set
curl_version
curl_version_info

Sections

.text
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 330KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 46KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/libegl.dll
.dll windows:5 windows x86 arch:x86

43ced9fbedd4b8728f88a6f1c6b7c779

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b5:d1:2f:27:e3:51:0a:c1:7e:09:8e:00:e3:73:db:b4:08:d6:2e:58:92:bc:4c:60:27:12:21:4f:e7:2e:d7:93
Signer

Actual PE Digest

b5:d1:2f:27:e3:51:0a:c1:7e:09:8e:00:e3:73:db:b4:08:d6:2e:58:92:bc:4c:60:27:12:21:4f:e7:2e:d7:93

Digest Algorithm

sha256

PE Digest Matches

true

80:db:34:6d:66:37:7e:cc:a2:c8:28:f9:13:b7:47:d0:f6:a4:2b:3a
Signer

Actual PE Digest

80:db:34:6d:66:37:7e:cc:a2:c8:28:f9:13:b7:47:d0:f6:a4:2b:3a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\libEGL.dll.pdb

Imports

libglesv2

?BindAPI@egl@@YGII@Z
?BindTexImage@egl@@YGIPAX0H@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CreateDeviceANGLE@egl@@YGPAXHPAXPBH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?CreateImageKHR@egl@@YGPAXPAX0I0PBH@Z
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreateStreamKHR@egl@@YGPAXPAXPBH@Z
?CreateStreamProducerD3DTextureANGLE@egl@@YGIPAX0PBH@Z
?CreateSync@egl@@YGPAXPAXIPBH@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?DestroyContext@egl@@YGIPAX0@Z
?DestroyImage@egl@@YGIPAX0@Z
?DestroyImageKHR@egl@@YGIPAX0@Z
?DestroyStreamKHR@egl@@YGIPAX0@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroySync@egl@@YGIPAX0@Z
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentContext@egl@@YGPAXXZ
?GetCurrentDisplay@egl@@YGPAXXZ
?GetCurrentSurface@egl@@YGPAXH@Z
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetError@egl@@YGHXZ
?GetPlatformDisplay@egl@@YGPAXIPAXPBH@Z
?GetPlatformDisplayEXT@egl@@YGPAXIPAXPBH@Z
?GetProcAddress@egl@@YGP6AXXZPBD@Z
?GetSyncAttrib@egl@@YGIPAX0HPAH@Z
?GetSyncValuesCHROMIUM@egl@@YGIPAX0PA_K11@Z
?Initialize@egl@@YGIPAXPAH1@Z
?MakeCurrent@egl@@YGIPAX000@Z
?PostSubBufferNV@egl@@YGIPAX0HHHH@Z
?ProgramCacheGetAttribANGLE@egl@@YGHPAXI@Z
?ProgramCachePopulateANGLE@egl@@YGXPAXPBXH1H@Z
?ProgramCacheQueryANGLE@egl@@YGXPAXH0PAH01@Z
?ProgramCacheResizeANGLE@egl@@YGHPAXHI@Z
?QueryAPI@egl@@YGIXZ
?QueryContext@egl@@YGIPAX0HPAH@Z
?QueryDeviceAttribEXT@egl@@YGIPAXHPAH@Z
?QueryDeviceStringEXT@egl@@YGPBDPAXH@Z
?QueryDisplayAttribEXT@egl@@YGIPAXHPAH@Z
?QueryStreamKHR@egl@@YGIPAX0IPAH@Z
?QueryStreamu64KHR@egl@@YGIPAX0IPA_K@Z
?QueryString@egl@@YGPBDPAXH@Z
?QuerySurface@egl@@YGIPAX0HPAH@Z
?QuerySurfacePointerANGLE@egl@@YGIPAX0HPAPAX@Z
?ReleaseDeviceANGLE@egl@@YGIPAX@Z
?ReleaseTexImage@egl@@YGIPAX0H@Z
?ReleaseThread@egl@@YGIXZ
?StreamAttribKHR@egl@@YGIPAX0IH@Z
?StreamConsumerAcquireKHR@egl@@YGIPAX0@Z
?StreamConsumerGLTextureExternalAttribsNV@egl@@YGIPAX0PBH@Z
?StreamConsumerGLTextureExternalKHR@egl@@YGIPAX0@Z
?StreamConsumerReleaseKHR@egl@@YGIPAX0@Z
?StreamPostD3DTextureANGLE@egl@@YGIPAX00PBH@Z
?SurfaceAttrib@egl@@YGIPAX0HH@Z
?SwapBuffers@egl@@YGIPAX0@Z
?SwapBuffersWithDamageEXT@egl@@YAIPAX0PAHH@Z
?SwapInterval@egl@@YGIPAXH@Z
?Terminate@egl@@YGIPAX@Z
?WaitClient@egl@@YGIXZ
?WaitGL@egl@@YGIXZ
?WaitNative@egl@@YGIH@Z
?WaitSync@egl@@YGIPAX0H@Z

kernel32

CloseHandle
CreateFileW
DecodePointer
DeleteCriticalSection
EncodePointer
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
LCMapStringW
LeaveCriticalSection
LoadLibraryExW
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
RtlUnwind
SetFilePointerEx
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
WideCharToMultiByte
WriteConsoleW
WriteFile

Exports

Exports

eglBindAPI
eglBindTexImage
eglChooseConfig
eglClientWaitSync
eglCopyBuffers
eglCreateContext
eglCreateDeviceANGLE
eglCreateImage
eglCreateImageKHR
eglCreatePbufferFromClientBuffer
eglCreatePbufferSurface
eglCreatePixmapSurface
eglCreatePlatformPixmapSurface
eglCreatePlatformWindowSurface
eglCreateStreamKHR
eglCreateStreamProducerD3DTextureANGLE
eglCreateSync
eglCreateWindowSurface
eglDestroyContext
eglDestroyImage
eglDestroyImageKHR
eglDestroyStreamKHR
eglDestroySurface
eglDestroySync
eglGetConfigAttrib
eglGetConfigs
eglGetCurrentContext
eglGetCurrentDisplay
eglGetCurrentSurface
eglGetDisplay
eglGetError
eglGetPlatformDisplay
eglGetPlatformDisplayEXT
eglGetProcAddress
eglGetSyncAttrib
eglGetSyncValuesCHROMIUM
eglInitialize
eglMakeCurrent
eglPostSubBufferNV
eglProgramCacheGetAttribANGLE
eglProgramCachePopulateANGLE
eglProgramCacheQueryANGLE
eglProgramCacheResizeANGLE
eglQueryAPI
eglQueryContext
eglQueryDeviceAttribEXT
eglQueryDeviceStringEXT
eglQueryDisplayAttribEXT
eglQueryStreamKHR
eglQueryStreamu64KHR
eglQueryString
eglQuerySurface
eglQuerySurfacePointerANGLE
eglReleaseDeviceANGLE
eglReleaseTexImage
eglReleaseThread
eglStreamAttribKHR
eglStreamConsumerAcquireKHR
eglStreamConsumerGLTextureExternalAttribsNV
eglStreamConsumerGLTextureExternalKHR
eglStreamConsumerReleaseKHR
eglStreamPostD3DTextureANGLE
eglSurfaceAttrib
eglSwapBuffers
eglSwapBuffersWithDamageEXT
eglSwapInterval
eglTerminate
eglWaitClient
eglWaitGL
eglWaitNative
eglWaitSync

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/libglesv2.dll
.dll windows:5 windows x86 arch:x86

d3899d0b7f58f2ff0d0d1b102d59f8f3

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:f6:b7:c1:e6:cf:ee:69:a9:2d:52:ff:8c:40:f3:10:4f:08:59:62:37:f6:ad:f2:0d:ff:50:07:e5:25:80:48
Signer

Actual PE Digest

75:f6:b7:c1:e6:cf:ee:69:a9:2d:52:ff:8c:40:f3:10:4f:08:59:62:37:f6:ad:f2:0d:ff:50:07:e5:25:80:48

Digest Algorithm

sha256

PE Digest Matches

true

b8:ef:a3:23:10:18:29:84:9b:8e:c6:44:fe:86:a2:0a:16:c8:ae:f4
Signer

Actual PE Digest

b8:ef:a3:23:10:18:29:84:9b:8e:c6:44:fe:86:a2:0a:16:c8:ae:f4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\V68_45\src\out\official_release\libGLESv2.dll.pdb

Imports

user32

CreateWindowExA
CreateWindowExW
DefWindowProcA
DestroyWindow
GetClientRect
GetDC
GetWindowThreadProcessId
InvalidateRect
IsIconic
IsWindow
LoadCursorA
RegisterClassA
ReleaseDC
UnregisterClassA
WindowFromDC

kernel32

ChangeTimerQueueTimer
CloseHandle
CompareStringW
CreateEventW
CreateFileW
CreateMutexW
CreateThread
CreateTimerQueue
CreateTimerQueueTimer
DecodePointer
DeleteCriticalSection
DeleteTimerQueueTimer
DuplicateHandle
EncodePointer
EnterCriticalSection
EnumSystemLocalesW
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileExW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
FreeLibraryAndExitThread
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileAttributesExW
GetFileType
GetLastError
GetLocaleInfoW
GetLogicalProcessorInformation
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetStartupInfoW
GetStdHandle
GetStringTypeW
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetThreadPriority
GetThreadTimes
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersionExW
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
InitOnceExecuteOnce
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeSListHead
InterlockedFlushSList
InterlockedPopEntrySList
InterlockedPushEntrySList
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
IsWow64Process
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MultiByteToWideChar
OutputDebugStringA
QueryDepthSList
QueryPerformanceCounter
QueryPerformanceFrequency
QueueUserWorkItem
RaiseException
ReadConsoleW
ReadFile
RegisterWaitForSingleObject
ReleaseMutex
ReleaseSemaphore
RtlUnwind
SetCurrentDirectoryA
SetEndOfFile
SetEnvironmentVariableA
SetEnvironmentVariableW
SetEvent
SetFilePointerEx
SetLastError
SetStdHandle
SetThreadAffinityMask
SetThreadPriority
SetUnhandledExceptionFilter
SignalObjectAndWait
Sleep
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnhandledExceptionFilter
UnregisterWait
UnregisterWaitEx
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

gdi32

ChoosePixelFormat
DescribePixelFormat
GetPixelFormat
SetPixelFormat
SwapBuffers

d3d9

D3DPERF_BeginEvent
D3DPERF_EndEvent
D3DPERF_GetStatus
D3DPERF_SetMarker
Direct3DCreate9

setupapi

CM_Get_Child
CM_Get_DevNode_Registry_PropertyW
CM_Get_DevNode_Status
CM_Get_Device_IDW
CM_Get_Device_ID_ListW
CM_Get_Device_ID_List_SizeW
CM_Get_Sibling
CM_Locate_DevNodeW
CM_Open_DevNode_Key

advapi32

RegCloseKey
RegEnumValueA
RegOpenKeyExA
RegQueryValueExA

Exports

Exports

??0PlatformMethods@angle@@QAE@XZ
??4PlatformMethods@angle@@QAEAAU01@$$QAU01@@Z
??4PlatformMethods@angle@@QAEAAU01@ABU01@@Z
?ActiveShaderProgram@gl@@YGXII@Z
?ActiveShaderProgramContextANGLE@gl@@YGXPAXII@Z
?ActiveTexture@gl@@YGXI@Z
?ActiveTextureContextANGLE@gl@@YGXPAXI@Z
?AlphaFunc@gl@@YGXIM@Z
?AlphaFuncContextANGLE@gl@@YGXPAXIM@Z
?AlphaFuncx@gl@@YGXIH@Z
?AlphaFuncxContextANGLE@gl@@YGXPAXIH@Z
?AttachShader@gl@@YGXII@Z
?AttachShaderContextANGLE@gl@@YGXPAXII@Z
?BeginQuery@gl@@YGXII@Z
?BeginQueryContextANGLE@gl@@YGXPAXII@Z
?BeginQueryEXT@gl@@YGXII@Z
?BeginQueryEXTContextANGLE@gl@@YGXPAXII@Z
?BeginTransformFeedback@gl@@YGXI@Z
?BeginTransformFeedbackContextANGLE@gl@@YGXPAXI@Z
?BindAPI@egl@@YGII@Z
?BindAttribLocation@gl@@YGXIIPBD@Z
?BindAttribLocationContextANGLE@gl@@YGXPAXIIPBD@Z
?BindBuffer@gl@@YGXII@Z
?BindBufferBase@gl@@YGXIII@Z
?BindBufferBaseContextANGLE@gl@@YGXPAXIII@Z
?BindBufferContextANGLE@gl@@YGXPAXII@Z
?BindBufferRange@gl@@YGXIIIJJ@Z
?BindBufferRangeContextANGLE@gl@@YGXPAXIIIJJ@Z
?BindFragmentInputLocationCHROMIUM@gl@@YGXIHPBD@Z
?BindFragmentInputLocationCHROMIUMContextANGLE@gl@@YGXPAXIHPBD@Z
?BindFramebuffer@gl@@YGXII@Z
?BindFramebufferContextANGLE@gl@@YGXPAXII@Z
?BindFramebufferOES@gl@@YGXII@Z
?BindFramebufferOESContextANGLE@gl@@YGXPAXII@Z
?BindImageTexture@gl@@YGXIIHEHII@Z
?BindImageTextureContextANGLE@gl@@YGXPAXIIHEHII@Z
?BindProgramPipeline@gl@@YGXI@Z
?BindProgramPipelineContextANGLE@gl@@YGXPAXI@Z
?BindRenderbuffer@gl@@YGXII@Z
?BindRenderbufferContextANGLE@gl@@YGXPAXII@Z
?BindRenderbufferOES@gl@@YGXII@Z
?BindRenderbufferOESContextANGLE@gl@@YGXPAXII@Z
?BindSampler@gl@@YGXII@Z
?BindSamplerContextANGLE@gl@@YGXPAXII@Z
?BindTexImage@egl@@YGIPAX0H@Z
?BindTexture@gl@@YGXII@Z
?BindTextureContextANGLE@gl@@YGXPAXII@Z
?BindTransformFeedback@gl@@YGXII@Z
?BindTransformFeedbackContextANGLE@gl@@YGXPAXII@Z
?BindUniformLocationCHROMIUM@gl@@YGXIHPBD@Z
?BindUniformLocationCHROMIUMContextANGLE@gl@@YGXPAXIHPBD@Z
?BindVertexArray@gl@@YGXI@Z
?BindVertexArrayContextANGLE@gl@@YGXPAXI@Z
?BindVertexArrayOES@gl@@YGXI@Z
?BindVertexArrayOESContextANGLE@gl@@YGXPAXI@Z
?BindVertexBuffer@gl@@YGXIIJH@Z
?BindVertexBufferContextANGLE@gl@@YGXPAXIIJH@Z
?BlendColor@gl@@YGXMMMM@Z
?BlendColorContextANGLE@gl@@YGXPAXMMMM@Z
?BlendEquation@gl@@YGXI@Z
?BlendEquationContextANGLE@gl@@YGXPAXI@Z
?BlendEquationSeparate@gl@@YGXII@Z
?BlendEquationSeparateContextANGLE@gl@@YGXPAXII@Z
?BlendFunc@gl@@YGXII@Z
?BlendFuncContextANGLE@gl@@YGXPAXII@Z
?BlendFuncSeparate@gl@@YGXIIII@Z
?BlendFuncSeparateContextANGLE@gl@@YGXPAXIIII@Z
?BlitFramebuffer@gl@@YGXHHHHHHHHII@Z
?BlitFramebufferANGLE@gl@@YGXHHHHHHHHII@Z
?BlitFramebufferANGLEContextANGLE@gl@@YGXPAXHHHHHHHHII@Z
?BlitFramebufferContextANGLE@gl@@YGXPAXHHHHHHHHII@Z
?BufferData@gl@@YGXIJPBXI@Z
?BufferDataContextANGLE@gl@@YGXPAXIJPBXI@Z
?BufferSubData@gl@@YGXIJJPBX@Z
?BufferSubDataContextANGLE@gl@@YGXPAXIJJPBX@Z
?CheckFramebufferStatus@gl@@YGII@Z
?CheckFramebufferStatusContextANGLE@gl@@YGIPAXI@Z
?CheckFramebufferStatusOES@gl@@YGII@Z
?CheckFramebufferStatusOESContextANGLE@gl@@YGIPAXI@Z
?ChooseConfig@egl@@YGIPAXPBHPAPAXHPAH@Z
?Clear@gl@@YGXI@Z
?ClearBufferfi@gl@@YGXIHMH@Z
?ClearBufferfiContextANGLE@gl@@YGXPAXIHMH@Z
?ClearBufferfv@gl@@YGXIHPBM@Z
?ClearBufferfvContextANGLE@gl@@YGXPAXIHPBM@Z
?ClearBufferiv@gl@@YGXIHPBH@Z
?ClearBufferivContextANGLE@gl@@YGXPAXIHPBH@Z
?ClearBufferuiv@gl@@YGXIHPBI@Z
?ClearBufferuivContextANGLE@gl@@YGXPAXIHPBI@Z
?ClearColor@gl@@YGXMMMM@Z
?ClearColorContextANGLE@gl@@YGXPAXMMMM@Z
?ClearColorx@gl@@YGXHHHH@Z
?ClearColorxContextANGLE@gl@@YGXPAXHHHH@Z
?ClearContextANGLE@gl@@YGXPAXI@Z
?ClearDepthf@gl@@YGXM@Z
?ClearDepthfContextANGLE@gl@@YGXPAXM@Z
?ClearDepthx@gl@@YGXH@Z
?ClearDepthxContextANGLE@gl@@YGXPAXH@Z
?ClearStencil@gl@@YGXH@Z
?ClearStencilContextANGLE@gl@@YGXPAXH@Z
?ClientActiveTexture@gl@@YGXI@Z
?ClientActiveTextureContextANGLE@gl@@YGXPAXI@Z
?ClientWaitSync@egl@@YGHPAX0H_K@Z
?ClientWaitSync@gl@@YGIPAU__GLsync@@I_K@Z
?ClientWaitSyncContextANGLE@gl@@YGIPAXPAU__GLsync@@I_K@Z
?ClipPlanef@gl@@YGXIPBM@Z
?ClipPlanefContextANGLE@gl@@YGXPAXIPBM@Z
?ClipPlanex@gl@@YGXIPBH@Z
?ClipPlanexContextANGLE@gl@@YGXPAXIPBH@Z
?Color4f@gl@@YGXMMMM@Z
?Color4fContextANGLE@gl@@YGXPAXMMMM@Z
?Color4ub@gl@@YGXEEEE@Z
?Color4ubContextANGLE@gl@@YGXPAXEEEE@Z
?Color4x@gl@@YGXHHHH@Z
?Color4xContextANGLE@gl@@YGXPAXHHHH@Z
?ColorMask@gl@@YGXEEEE@Z
?ColorMaskContextANGLE@gl@@YGXPAXEEEE@Z
?ColorPointer@gl@@YGXHIHPBX@Z
?ColorPointerContextANGLE@gl@@YGXPAXHIHPBX@Z
?CompileShader@gl@@YGXI@Z
?CompileShaderContextANGLE@gl@@YGXPAXI@Z
?CompressedCopyTextureCHROMIUM@gl@@YGXII@Z
?CompressedCopyTextureCHROMIUMContextANGLE@gl@@YGXPAXII@Z
?CompressedTexImage2D@gl@@YGXIHIHHHHPBX@Z
?CompressedTexImage2DContextANGLE@gl@@YGXPAXIHIHHHHPBX@Z
?CompressedTexImage2DRobustANGLE@gl@@YGXIHIHHHHHPBX@Z
?CompressedTexImage2DRobustANGLEContextANGLE@gl@@YGXPAXIHIHHHHHPBX@Z
?CompressedTexImage3D@gl@@YGXIHIHHHHHPBX@Z
?CompressedTexImage3DContextANGLE@gl@@YGXPAXIHIHHHHHPBX@Z
?CompressedTexImage3DRobustANGLE@gl@@YGXIHIHHHHHHPBX@Z
?CompressedTexImage3DRobustANGLEContextANGLE@gl@@YGXPAXIHIHHHHHHPBX@Z
?CompressedTexSubImage2D@gl@@YGXIHHHHHIHPBX@Z
?CompressedTexSubImage2DContextANGLE@gl@@YGXPAXIHHHHHIHPBX@Z
?CompressedTexSubImage2DRobustANGLE@gl@@YGXIHHHHHIHHPBX@Z
?CompressedTexSubImage2DRobustANGLEContextANGLE@gl@@YGXPAXIHHHHHIHHPBX@Z
?CompressedTexSubImage3D@gl@@YGXIHHHHHHHIHPBX@Z
?CompressedTexSubImage3DContextANGLE@gl@@YGXPAXIHHHHHHHIHPBX@Z
?CompressedTexSubImage3DRobustANGLE@gl@@YGXIHHHHHHHIHHPBX@Z
?CompressedTexSubImage3DRobustANGLEContextANGLE@gl@@YGXPAXIHHHHHHHIHHPBX@Z
?CopyBufferSubData@gl@@YGXIIJJJ@Z
?CopyBufferSubDataContextANGLE@gl@@YGXPAXIIJJJ@Z
?CopyBuffers@egl@@YGIPAX0PAUHBITMAP__@@@Z
?CopySubTextureCHROMIUM@gl@@YGXIHIIHHHHHHHEEE@Z
?CopySubTextureCHROMIUMContextANGLE@gl@@YGXPAXIHIIHHHHHHHEEE@Z
?CopyTexImage2D@gl@@YGXIHIHHHHH@Z
?CopyTexImage2DContextANGLE@gl@@YGXPAXIHIHHHHH@Z
?CopyTexSubImage2D@gl@@YGXIHHHHHHH@Z
?CopyTexSubImage2DContextANGLE@gl@@YGXPAXIHHHHHHH@Z
?CopyTexSubImage3D@gl@@YGXIHHHHHHHH@Z
?CopyTexSubImage3DContextANGLE@gl@@YGXPAXIHHHHHHHH@Z
?CopyTextureCHROMIUM@gl@@YGXIHIIHHIEEE@Z
?CopyTextureCHROMIUMContextANGLE@gl@@YGXPAXIHIIHHIEEE@Z
?CoverFillPathCHROMIUM@gl@@YGXII@Z
?CoverFillPathCHROMIUMContextANGLE@gl@@YGXPAXII@Z
?CoverFillPathInstancedCHROMIUM@gl@@YGXHIPBXIIIPBM@Z
?CoverFillPathInstancedCHROMIUMContextANGLE@gl@@YGXPAXHIPBXIIIPBM@Z
?CoverStrokePathCHROMIUM@gl@@YGXII@Z
?CoverStrokePathCHROMIUMContextANGLE@gl@@YGXPAXII@Z
?CoverStrokePathInstancedCHROMIUM@gl@@YGXHIPBXIIIPBM@Z
?CoverStrokePathInstancedCHROMIUMContextANGLE@gl@@YGXPAXHIPBXIIIPBM@Z
?CoverageModulationCHROMIUM@gl@@YGXI@Z
?CoverageModulationCHROMIUMContextANGLE@gl@@YGXPAXI@Z
?CreateContext@egl@@YGPAXPAX00PBH@Z
?CreateDeviceANGLE@egl@@YGPAXHPAXPBH@Z
?CreateImage@egl@@YGPAXPAX0I0PBH@Z
?CreateImageKHR@egl@@YGPAXPAX0I0PBH@Z
?CreatePbufferFromClientBuffer@egl@@YGPAXPAXI00PBH@Z
?CreatePbufferSurface@egl@@YGPAXPAX0PBH@Z
?CreatePixmapSurface@egl@@YGPAXPAX0PAUHBITMAP__@@PBH@Z
?CreatePlatformPixmapSurface@egl@@YGPAXPAX00PBH@Z
?CreatePlatformWindowSurface@egl@@YGPAXPAX00PBH@Z
?CreateProgram@gl@@YGIXZ
?CreateProgramContextANGLE@gl@@YGIPAX@Z
?CreateShader@gl@@YGII@Z
?CreateShaderContextANGLE@gl@@YGIPAXI@Z
?CreateShaderProgramv@gl@@YGIIHPBQBD@Z
?CreateShaderProgramvContextANGLE@gl@@YGIPAXIHPBQBD@Z
?CreateStreamKHR@egl@@YGPAXPAXPBH@Z
?CreateStreamProducerD3DTextureANGLE@egl@@YGIPAX0PBH@Z
?CreateSync@egl@@YGPAXPAXIPBH@Z
?CreateWindowSurface@egl@@YGPAXPAX0PAUHWND__@@PBH@Z
?CullFace@gl@@YGXI@Z
?CullFaceContextANGLE@gl@@YGXPAXI@Z
?CurrentPaletteMatrixOES@gl@@YGXI@Z
?CurrentPaletteMatrixOESContextANGLE@gl@@YGXPAXI@Z
?DebugMessageCallbackKHR@gl@@YGXP6GXIIIIHPBDPBX@Z1@Z
?DebugMessageCallbackKHRContextANGLE@gl@@YGXPAXP6GXIIIIHPBDPBX@Z2@Z
?DebugMessageControlKHR@gl@@YGXIIIHPBIE@Z
?DebugMessageControlKHRContextANGLE@gl@@YGXPAXIIIHPBIE@Z
?DebugMessageInsertKHR@gl@@YGXIIIIHPBD@Z
?DebugMessageInsertKHRContextANGLE@gl@@YGXPAXIIIIHPBD@Z
?DeleteBuffers@gl@@YGXHPBI@Z
?DeleteBuffersContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteFencesNV@gl@@YGXHPBI@Z
?DeleteFencesNVContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteFramebuffers@gl@@YGXHPBI@Z
?DeleteFramebuffersContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteFramebuffersOES@gl@@YGXHPBI@Z
?DeleteFramebuffersOESContextANGLE@gl@@YGXPAXHPBI@Z
?DeletePathsCHROMIUM@gl@@YGXIH@Z
?DeletePathsCHROMIUMContextANGLE@gl@@YGXPAXIH@Z
?DeleteProgram@gl@@YGXI@Z
?DeleteProgramContextANGLE@gl@@YGXPAXI@Z
?DeleteProgramPipelines@gl@@YGXHPBI@Z
?DeleteProgramPipelinesContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteQueries@gl@@YGXHPBI@Z
?DeleteQueriesContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteQueriesEXT@gl@@YGXHPBI@Z
?DeleteQueriesEXTContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteRenderbuffers@gl@@YGXHPBI@Z
?DeleteRenderbuffersContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteRenderbuffersOES@gl@@YGXHPBI@Z
?DeleteRenderbuffersOESContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteSamplers@gl@@YGXHPBI@Z
?DeleteSamplersContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteShader@gl@@YGXI@Z
?DeleteShaderContextANGLE@gl@@YGXPAXI@Z
?DeleteSync@gl@@YGXPAU__GLsync@@@Z
?DeleteSyncContextANGLE@gl@@YGXPAXPAU__GLsync@@@Z
?DeleteTextures@gl@@YGXHPBI@Z
?DeleteTexturesContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteTransformFeedbacks@gl@@YGXHPBI@Z
?DeleteTransformFeedbacksContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteVertexArrays@gl@@YGXHPBI@Z
?DeleteVertexArraysContextANGLE@gl@@YGXPAXHPBI@Z
?DeleteVertexArraysOES@gl@@YGXHPBI@Z
?DeleteVertexArraysOESContextANGLE@gl@@YGXPAXHPBI@Z
?DepthFunc@gl@@YGXI@Z
?DepthFuncContextANGLE@gl@@YGXPAXI@Z
?DepthMask@gl@@YGXE@Z
?DepthMaskContextANGLE@gl@@YGXPAXE@Z
?DepthRangef@gl@@YGXMM@Z
?DepthRangefContextANGLE@gl@@YGXPAXMM@Z
?DepthRangex@gl@@YGXHH@Z
?DepthRangexContextANGLE@gl@@YGXPAXHH@Z
?DestroyContext@egl@@YGIPAX0@Z
?DestroyImage@egl@@YGIPAX0@Z
?DestroyImageKHR@egl@@YGIPAX0@Z
?DestroyStreamKHR@egl@@YGIPAX0@Z
?DestroySurface@egl@@YGIPAX0@Z
?DestroySync@egl@@YGIPAX0@Z
?DetachShader@gl@@YGXII@Z
?DetachShaderContextANGLE@gl@@YGXPAXII@Z
?Disable@gl@@YGXI@Z
?DisableClientState@gl@@YGXI@Z
?DisableClientStateContextANGLE@gl@@YGXPAXI@Z
?DisableContextANGLE@gl@@YGXPAXI@Z
?DisableVertexAttribArray@gl@@YGXI@Z
?DisableVertexAttribArrayContextANGLE@gl@@YGXPAXI@Z
?DiscardFramebufferEXT@gl@@YGXIHPBI@Z
?DiscardFramebufferEXTContextANGLE@gl@@YGXPAXIHPBI@Z
?DispatchCompute@gl@@YGXIII@Z
?DispatchComputeContextANGLE@gl@@YGXPAXIII@Z
?DispatchComputeIndirect@gl@@YGXJ@Z
?DispatchComputeIndirectContextANGLE@gl@@YGXPAXJ@Z
?DrawArrays@gl@@YGXIHH@Z
?DrawArraysContextANGLE@gl@@YGXPAXIHH@Z
?DrawArraysIndirect@gl@@YGXIPBX@Z
?DrawArraysIndirectContextANGLE@gl@@YGXPAXIPBX@Z
?DrawArraysInstanced@gl@@YGXIHHH@Z
?DrawArraysInstancedANGLE@gl@@YGXIHHH@Z
?DrawArraysInstancedANGLEContextANGLE@gl@@YGXPAXIHHH@Z
?DrawArraysInstancedContextANGLE@gl@@YGXPAXIHHH@Z
?DrawBuffers@gl@@YGXHPBI@Z
?DrawBuffersContextANGLE@gl@@YGXPAXHPBI@Z
?DrawBuffersEXT@gl@@YGXHPBI@Z
?DrawBuffersEXTContextANGLE@gl@@YGXPAXHPBI@Z
?DrawElements@gl@@YGXIHIPBX@Z
?DrawElementsContextANGLE@gl@@YGXPAXIHIPBX@Z
?DrawElementsIndirect@gl@@YGXIIPBX@Z
?DrawElementsIndirectContextANGLE@gl@@YGXPAXIIPBX@Z
?DrawElementsInstanced@gl@@YGXIHIPBXH@Z
?DrawElementsInstancedANGLE@gl@@YGXIHIPBXH@Z
?DrawElementsInstancedANGLEContextANGLE@gl@@YGXPAXIHIPBXH@Z
?DrawElementsInstancedContextANGLE@gl@@YGXPAXIHIPBXH@Z
?DrawRangeElements@gl@@YGXIIIHIPBX@Z
?DrawRangeElementsContextANGLE@gl@@YGXPAXIIIHIPBX@Z
?DrawTexfOES@gl@@YGXMMMMM@Z
?DrawTexfOESContextANGLE@gl@@YGXPAXMMMMM@Z
?DrawTexfvOES@gl@@YGXPBM@Z
?DrawTexfvOESContextANGLE@gl@@YGXPAXPBM@Z
?DrawTexiOES@gl@@YGXHHHHH@Z
?DrawTexiOESContextANGLE@gl@@YGXPAXHHHHH@Z
?DrawTexivOES@gl@@YGXPBH@Z
?DrawTexivOESContextANGLE@gl@@YGXPAXPBH@Z
?DrawTexsOES@gl@@YGXFFFFF@Z
?DrawTexsOESContextANGLE@gl@@YGXPAXFFFFF@Z
?DrawTexsvOES@gl@@YGXPBF@Z
?DrawTexsvOESContextANGLE@gl@@YGXPAXPBF@Z
?DrawTexxOES@gl@@YGXHHHHH@Z
?DrawTexxOESContextANGLE@gl@@YGXPAXHHHHH@Z
?DrawTexxvOES@gl@@YGXPBH@Z
?DrawTexxvOESContextANGLE@gl@@YGXPAXPBH@Z
?EGLImageTargetRenderbufferStorageOES@gl@@YGXIPAX@Z
?EGLImageTargetRenderbufferStorageOESContextANGLE@gl@@YGXPAXI0@Z
?EGLImageTargetTexture2DOES@gl@@YGXIPAX@Z
?EGLImageTargetTexture2DOESContextANGLE@gl@@YGXPAXI0@Z
?Enable@gl@@YGXI@Z
?EnableClientState@gl@@YGXI@Z
?EnableClientStateContextANGLE@gl@@YGXPAXI@Z
?EnableContextANGLE@gl@@YGXPAXI@Z
?EnableVertexAttribArray@gl@@YGXI@Z
?EnableVertexAttribArrayContextANGLE@gl@@YGXPAXI@Z
?EndQuery@gl@@YGXI@Z
?EndQueryContextANGLE@gl@@YGXPAXI@Z
?EndQueryEXT@gl@@YGXI@Z
?EndQueryEXTContextANGLE@gl@@YGXPAXI@Z
?EndTransformFeedback@gl@@YGXXZ
?EndTransformFeedbackContextANGLE@gl@@YGXPAX@Z
?FenceSync@gl@@YGPAU__GLsync@@II@Z
?FenceSyncContextANGLE@gl@@YGPAU__GLsync@@PAXII@Z
?Finish@gl@@YGXXZ
?FinishContextANGLE@gl@@YGXPAX@Z
?FinishFenceNV@gl@@YGXI@Z
?FinishFenceNVContextANGLE@gl@@YGXPAXI@Z
?Flush@gl@@YGXXZ
?FlushContextANGLE@gl@@YGXPAX@Z
?FlushMappedBufferRange@gl@@YGXIJJ@Z
?FlushMappedBufferRangeContextANGLE@gl@@YGXPAXIJJ@Z
?FlushMappedBufferRangeEXT@gl@@YGXIJJ@Z
?FlushMappedBufferRangeEXTContextANGLE@gl@@YGXPAXIJJ@Z
?Fogf@gl@@YGXIM@Z
?FogfContextANGLE@gl@@YGXPAXIM@Z
?Fogfv@gl@@YGXIPBM@Z
?FogfvContextANGLE@gl@@YGXPAXIPBM@Z
?Fogx@gl@@YGXIH@Z
?FogxContextANGLE@gl@@YGXPAXIH@Z
?Fogxv@gl@@YGXIPBH@Z
?FogxvContextANGLE@gl@@YGXPAXIPBH@Z
?FramebufferParameteri@gl@@YGXIIH@Z
?FramebufferParameteriContextANGLE@gl@@YGXPAXIIH@Z
?FramebufferRenderbuffer@gl@@YGXIIII@Z
?FramebufferRenderbufferContextANGLE@gl@@YGXPAXIIII@Z
?FramebufferRenderbufferOES@gl@@YGXIIII@Z
?FramebufferRenderbufferOESContextANGLE@gl@@YGXPAXIIII@Z
?FramebufferTexture2D@gl@@YGXIIIIH@Z
?FramebufferTexture2DContextANGLE@gl@@YGXPAXIIIIH@Z
?FramebufferTexture2DOES@gl@@YGXIIIIH@Z
?FramebufferTexture2DOESContextANGLE@gl@@YGXPAXIIIIH@Z
?FramebufferTextureLayer@gl@@YGXIIIHH@Z
?FramebufferTextureLayerContextANGLE@gl@@YGXPAXIIIHH@Z
?FramebufferTextureMultiviewLayeredANGLE@gl@@YGXIIIHHH@Z
?FramebufferTextureMultiviewLayeredANGLEContextANGLE@gl@@YGXPAXIIIHHH@Z
?FramebufferTextureMultiviewSideBySideANGLE@gl@@YGXIIIHHPBH@Z
?FramebufferTextureMultiviewSideBySideANGLEContextANGLE@gl@@YGXPAXIIIHHPBH@Z
?FrontFace@gl@@YGXI@Z
?FrontFaceContextANGLE@gl@@YGXPAXI@Z
?Frustumf@gl@@YGXMMMMMM@Z
?FrustumfContextANGLE@gl@@YGXPAXMMMMMM@Z
?Frustumx@gl@@YGXHHHHHH@Z
?FrustumxContextANGLE@gl@@YGXPAXHHHHHH@Z
?GenBuffers@gl@@YGXHPAI@Z
?GenBuffersContextANGLE@gl@@YGXPAXHPAI@Z
?GenFencesNV@gl@@YGXHPAI@Z
?GenFencesNVContextANGLE@gl@@YGXPAXHPAI@Z
?GenFramebuffers@gl@@YGXHPAI@Z
?GenFramebuffersContextANGLE@gl@@YGXPAXHPAI@Z
?GenFramebuffersOES@gl@@YGXHPAI@Z
?GenFramebuffersOESContextANGLE@gl@@YGXPAXHPAI@Z
?GenPathsCHROMIUM@gl@@YGIH@Z
?GenPathsCHROMIUMContextANGLE@gl@@YGIPAXH@Z
?GenProgramPipelines@gl@@YGXHPAI@Z
?GenProgramPipelinesContextANGLE@gl@@YGXPAXHPAI@Z
?GenQueries@gl@@YGXHPAI@Z
?GenQueriesContextANGLE@gl@@YGXPAXHPAI@Z
?GenQueriesEXT@gl@@YGXHPAI@Z
?GenQueriesEXTContextANGLE@gl@@YGXPAXHPAI@Z
?GenRenderbuffers@gl@@YGXHPAI@Z
?GenRenderbuffersContextANGLE@gl@@YGXPAXHPAI@Z
?GenRenderbuffersOES@gl@@YGXHPAI@Z
?GenRenderbuffersOESContextANGLE@gl@@YGXPAXHPAI@Z
?GenSamplers@gl@@YGXHPAI@Z
?GenSamplersContextANGLE@gl@@YGXPAXHPAI@Z
?GenTextures@gl@@YGXHPAI@Z
?GenTexturesContextANGLE@gl@@YGXPAXHPAI@Z
?GenTransformFeedbacks@gl@@YGXHPAI@Z
?GenTransformFeedbacksContextANGLE@gl@@YGXPAXHPAI@Z
?GenVertexArrays@gl@@YGXHPAI@Z
?GenVertexArraysContextANGLE@gl@@YGXPAXHPAI@Z
?GenVertexArraysOES@gl@@YGXHPAI@Z
?GenVertexArraysOESContextANGLE@gl@@YGXPAXHPAI@Z
?GenerateMipmap@gl@@YGXI@Z
?GenerateMipmapContextANGLE@gl@@YGXPAXI@Z
?GenerateMipmapOES@gl@@YGXI@Z
?GenerateMipmapOESContextANGLE@gl@@YGXPAXI@Z
?GetActiveAttrib@gl@@YGXIIHPAH0PAIPAD@Z
?GetActiveAttribContextANGLE@gl@@YGXPAXIIHPAH1PAIPAD@Z
?GetActiveUniform@gl@@YGXIIHPAH0PAIPAD@Z
?GetActiveUniformBlockName@gl@@YGXIIHPAHPAD@Z
?GetActiveUniformBlockNameContextANGLE@gl@@YGXPAXIIHPAHPAD@Z
?GetActiveUniformBlockiv@gl@@YGXIIIPAH@Z
?GetActiveUniformBlockivContextANGLE@gl@@YGXPAXIIIPAH@Z
?GetActiveUniformBlockivRobustANGLE@gl@@YGXIIIHPAH0@Z
?GetActiveUniformBlockivRobustANGLEContextANGLE@gl@@YGXPAXIIIHPAH1@Z
?GetActiveUniformContextANGLE@gl@@YGXPAXIIHPAH1PAIPAD@Z
?GetActiveUniformsiv@gl@@YGXIHPBIIPAH@Z
?GetActiveUniformsivContextANGLE@gl@@YGXPAXIHPBIIPAH@Z
?GetAttachedShaders@gl@@YGXIHPAHPAI@Z
?GetAttachedShadersContextANGLE@gl@@YGXPAXIHPAHPAI@Z
?GetAttribLocation@gl@@YGHIPBD@Z
?GetAttribLocationContextANGLE@gl@@YGHPAXIPBD@Z
?GetBooleani_v@gl@@YGXIIPAE@Z
?GetBooleani_vContextANGLE@gl@@YGXPAXIIPAE@Z
?GetBooleani_vRobustANGLE@gl@@YGXIIHPAHPAE@Z
?GetBooleani_vRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPAE@Z
?GetBooleanv@gl@@YGXIPAE@Z
?GetBooleanvContextANGLE@gl@@YGXPAXIPAE@Z
?GetBooleanvRobustANGLE@gl@@YGXIHPAHPAE@Z
?GetBooleanvRobustANGLEContextANGLE@gl@@YGXPAXIHPAHPAE@Z
?GetBufferParameteri64v@gl@@YGXIIPA_J@Z
?GetBufferParameteri64vContextANGLE@gl@@YGXPAXIIPA_J@Z
?GetBufferParameteri64vRobustANGLE@gl@@YGXIIHPAHPA_J@Z
?GetBufferParameteri64vRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPA_J@Z
?GetBufferParameteriv@gl@@YGXIIPAH@Z
?GetBufferParameterivContextANGLE@gl@@YGXPAXIIPAH@Z
?GetBufferParameterivRobustANGLE@gl@@YGXIIHPAH0@Z
?GetBufferParameterivRobustANGLEContextANGLE@gl@@YGXPAXIIHPAH1@Z
?GetBufferPointerv@gl@@YGXIIPAPAX@Z
?GetBufferPointervContextANGLE@gl@@YGXPAXIIPAPAX@Z
?GetBufferPointervOES@gl@@YGXIIPAPAX@Z
?GetBufferPointervOESContextANGLE@gl@@YGXPAXIIPAPAX@Z
?GetBufferPointervRobustANGLE@gl@@YGXIIHPAHPAPAX@Z
?GetBufferPointervRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPAPAX@Z
?GetClipPlanef@gl@@YGXIPAM@Z
?GetClipPlanefContextANGLE@gl@@YGXPAXIPAM@Z
?GetClipPlanex@gl@@YGXIPAH@Z
?GetClipPlanexContextANGLE@gl@@YGXPAXIPAH@Z
?GetConfigAttrib@egl@@YGIPAX0HPAH@Z
?GetConfigs@egl@@YGIPAXPAPAXHPAH@Z
?GetCurrentContext@egl@@YGPAXXZ
?GetCurrentDisplay@egl@@YGPAXXZ
?GetCurrentSurface@egl@@YGPAXH@Z
?GetDebugMessageLogKHR@gl@@YGIIHPAI000PAHPAD@Z
?GetDebugMessageLogKHRContextANGLE@gl@@YGIPAXIHPAI111PAHPAD@Z
?GetDisplay@egl@@YGPAXPAUHDC__@@@Z
?GetError@egl@@YGHXZ
?GetError@gl@@YGIXZ
?GetErrorContextANGLE@gl@@YGIPAX@Z
?GetFenceivNV@gl@@YGXIIPAH@Z
?GetFenceivNVContextANGLE@gl@@YGXPAXIIPAH@Z
?GetFixedv@gl@@YGXIPAH@Z
?GetFixedvContextANGLE@gl@@YGXPAXIPAH@Z
?GetFloatv@gl@@YGXIPAM@Z
?GetFloatvContextANGLE@gl@@YGXPAXIPAM@Z
?GetFloatvRobustANGLE@gl@@YGXIHPAHPAM@Z
?GetFloatvRobustANGLEContextANGLE@gl@@YGXPAXIHPAHPAM@Z
?GetFragDataLocation@gl@@YGHIPBD@Z
?GetFragDataLocationContextANGLE@gl@@YGHPAXIPBD@Z
?GetFramebufferAttachmentParameteriv@gl@@YGXIIIPAH@Z
?GetFramebufferAttachmentParameterivContextANGLE@gl@@YGXPAXIIIPAH@Z
?GetFramebufferAttachmentParameterivOES@gl@@YGXIIIPAH@Z
?GetFramebufferAttachmentParameterivOESContextANGLE@gl@@YGXPAXIIIPAH@Z
?GetFramebufferAttachmentParameterivRobustANGLE@gl@@YGXIIIHPAH0@Z
?GetFramebufferAttachmentParameterivRobustANGLEContextANGLE@gl@@YGXPAXIIIHPAH1@Z
?GetFramebufferParameteriv@gl@@YGXIIPAH@Z
?GetFramebufferParameterivContextANGLE@gl@@YGXPAXIIPAH@Z
?GetFramebufferParameterivRobustANGLE@gl@@YGXIIHPAH0@Z
?GetFramebufferParameterivRobustANGLEContextANGLE@gl@@YGXPAXIIHPAH1@Z
?GetGraphicsResetStatusEXT@gl@@YGIXZ
?GetGraphicsResetStatusEXTContextANGLE@gl@@YGIPAX@Z
?GetInteger64i_v@gl@@YGXIIPA_J@Z
?GetInteger64i_vContextANGLE@gl@@YGXPAXIIPA_J@Z
?GetInteger64i_vRobustANGLE@gl@@YGXIIHPAHPA_J@Z
?GetInteger64i_vRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPA_J@Z
?GetInteger64v@gl@@YGXIPA_J@Z
?GetInteger64vContextANGLE@gl@@YGXPAXIPA_J@Z
?GetInteger64vRobustANGLE@gl@@YGXIHPAHPA_J@Z
?GetInteger64vRobustANGLEContextANGLE@gl@@YGXPAXIHPAHPA_J@Z
?GetIntegeri_v@gl@@YGXIIPAH@Z
?GetIntegeri_vContextANGLE@gl@@YGXPAXIIPAH@Z
?GetIntegeri_vRobustANGLE@gl@@YGXIIHPAH0@Z
?GetIntegeri_vRobustANGLEContextANGLE@gl@@YGXPAXIIHPAH1@Z
?GetIntegerv@gl@@YGXIPAH@Z
?GetIntegervContextANGLE@gl@@YGXPAXIPAH@Z
?GetIntegervRobustANGLE@gl@@YGXIHPAH0@Z
?GetIntegervRobustANGLEContextANGLE@gl@@YGXPAXIHPAH1@Z
?GetInternalformativ@gl@@YGXIIIHPAH@Z
?GetInternalformativContextANGLE@gl@@YGXPAXIIIHPAH@Z
?GetInternalformativRobustANGLE@gl@@YGXIIIHPAH0@Z
?GetInternalformativRobustANGLEContextANGLE@gl@@YGXPAXIIIHPAH1@Z
?GetLightfv@gl@@YGXIIPAM@Z
?GetLightfvContextANGLE@gl@@YGXPAXIIPAM@Z
?GetLightxv@gl@@YGXIIPAH@Z
?GetLightxvContextANGLE@gl@@YGXPAXIIPAH@Z
?GetMaterialfv@gl@@YGXIIPAM@Z
?GetMaterialfvContextANGLE@gl@@YGXPAXIIPAM@Z
?GetMaterialxv@gl@@YGXIIPAH@Z
?GetMaterialxvContextANGLE@gl@@YGXPAXIIPAH@Z
?GetMultisamplefv@gl@@YGXIIPAM@Z
?GetMultisamplefvContextANGLE@gl@@YGXPAXIIPAM@Z
?GetMultisamplefvRobustANGLE@gl@@YGXIIHPAHPAM@Z
?GetMultisamplefvRobustANGLEContextANGLE@gl@@YGXPAXIIHPAHPAM@Z
?GetObjectLabelKHR@gl@@YGXIIHPAHPAD@Z
?GetObjectLabelKHRContextANGLE@gl@@YGXPAXIIHPAHPAD@Z
?GetObjectPtrLabelKHR@gl@@YGXPBXHPAHPAD@Z
?GetObjectPtrLabelKHRContextANGLE@gl@@YGXPAXPBXHPAHPAD@Z
?GetPathParameterfvCHROMIUM@gl@@YGXIIPAM@Z
?GetPathParameterfvCHROMIUMContextANGLE@gl@@YGXPAXIIPAM@Z
?GetPathParameterivCHROMIUM@gl@@YGXIIPAH@Z
?GetPathParameterivCHROMIUMContextANGLE@gl@@YGXPAXIIPAH@Z

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 833KB - Virtual size: 833KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.00cfg
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$_65_/natives_blob.bin
.js
$_65_/prefs.dat
$_65_/resources.pak
$_65_/snapshot_blob.bin
$_65_/v8_context_snapshot.bin
$_65_/welcome.ini
$_65_/widevinecdmadapter.dll
.dll windows:5 windows x86 arch:x86

e1657452eeece97e13fb59ec5f6e070a

Code Sign

04:00:00:00:00:01:2f:4e:e1:52:d7
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

13/04/2011, 10:00

Not After

28/01/2028, 12:00

Subject

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:06:a0:81:d3:3f:d8:7a:e5:82:4c:c1:6b:52:09:4e:03
Certificate

Issuer

CN=GlobalSign Timestamping CA - G2,O=GlobalSign nv-sa,C=BE

Not Before

03/02/2015, 00:00

Not After

03/03/2026, 00:00

Subject

CN=GlobalSign TSA for MS Authenticode - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

4c:40:db:a5:f9:88:fa:e5:7a:57:d6:45:74:95:f9:8b
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

14/12/2015, 00:00

Not After

14/12/2016, 23:59

Subject

CN=Google Inc,O=Google Inc,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08/02/2010, 00:00

Not After

07/02/2020, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2a:9c:21:ac:aa:a6:3a:3c:58:a7:b9:32:2b:ee:94:8d
Certificate

Issuer

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Not Before

16/12/2015, 00:00

Not After

16/12/2018, 23:59

Subject

CN=Google Inc,O=Google Inc,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

3d:78:d7:f9:76:49:60:b2:61:7d:f4:f0:1e:ca:86:2a
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

10/12/2013, 00:00

Not After

09/12/2023, 23:59

Subject

CN=Symantec Class 3 SHA256 Code Signing CA,OU=Symantec Trust Network,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

11:21:16:c0:09:98:dc:c6:8f:a2:7d:25:c3:86:36:a8:83:bb
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Not Before

03/02/2015, 00:00

Not After

03/03/2026, 00:00

Subject

CN=GlobalSign TSA for Advanced - G2,O=GMO GlobalSign Pte Ltd,C=SG

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

04:00:00:00:00:01:31:89:c6:50:04
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

02/08/2011, 10:00

Not After

29/03/2029, 10:00

Subject

CN=GlobalSign Timestamping CA - SHA256 - G2,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

c0:6b:15:87:8c:d7:43:39:84:7a:95:83:05:3a:40:a7:3a:ea:2f:69:ac:89:84:e7:77:79:47:44:c5:6d:34:c8
Signer

Actual PE Digest

c0:6b:15:87:8c:d7:43:39:84:7a:95:83:05:3a:40:a7:3a:ea:2f:69:ac:89:84:e7:77:79:47:44:c5:6d:34:c8

Digest Algorithm

sha256

PE Digest Matches

true

ec:d0:ef:68:85:24:82:39:7f:03:30:a0:c9:ac:40:d2:5a:62:86:30
Signer

Actual PE Digest

ec:d0:ef:68:85:24:82:39:7f:03:30:a0:c9:ac:40:d2:5a:62:86:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\b\build\slave\win\build\src\out\Release\widevinecdmadapter.dll.pdb

Imports

widevinecdm

CreateCdmInstance
DeinitializeCdmModule
InitializeCdmModule_4

kernel32

CreateFileW
ReadConsoleW
WriteConsoleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
WideCharToMultiByte
EncodePointer
DecodePointer
MultiByteToWideChar
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
GetLastError
HeapFree
GetCommandLineA
GetCurrentThreadId
RaiseException
RtlUnwind
GetCPInfo
HeapAlloc
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetProcAddress
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetProcessHeap
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteFile
GetModuleFileNameW
IsValidCodePage
GetACP
GetOEMCP
HeapReAlloc
CloseHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
SetFilePointerEx
LoadLibraryExW
OutputDebugStringW
SetStdHandle

Exports

Exports

PPP_GetInterface
PPP_InitializeModule
PPP_ShutdownModule

Sections

.text
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/2345ExplorerAssistant.exe
.exe windows:5 windows x86 arch:x86

3a32cdb269f08988a7a8538dbd6dbcb3

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5c:7e:31:b4:13:52:23:26:fe:ba:c5:63:e5:b5:b4:7c:65:42:03:e0:de:36:24:36:41:cb:66:b2:bb:7d:01:78
Signer

Actual PE Digest

5c:7e:31:b4:13:52:23:26:fe:ba:c5:63:e5:b5:b4:7c:65:42:03:e0:de:36:24:36:41:cb:66:b2:bb:7d:01:78

Digest Algorithm

sha256

PE Digest Matches

true

f9:2d:50:1b:bc:a5:d1:7c:7d:73:7d:00:ee:48:db:ef:80:24:f9:40
Signer

Actual PE Digest

f9:2d:50:1b:bc:a5:d1:7c:7d:73:7d:00:ee:48:db:ef:80:24:f9:40

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Codes\CommonPlatform\RCMiniPage\bin\Win32\Release\pdb\2345MiniPage.pdb

Imports

kernel32

LoadLibraryW
GetModuleFileNameW
CreateFileW
GetTempPathW
GetProcAddress
GetLocalTime
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
LoadLibraryExW
GetModuleHandleW
GetFileAttributesW
GetCommandLineW
FreeLibrary
SetUnhandledExceptionFilter
MoveFileExW
InitializeCriticalSectionAndSpinCount
RaiseException
GetLastError
MoveFileW
DecodePointer
lstrcatW
DeleteCriticalSection
DeleteFileW
LocalFree
CreateProcessW
lstrcmpiW
FindFirstFileW
FileTimeToSystemTime
FindClose
CreateMutexW
WaitForSingleObject
Sleep
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetLongPathNameW
GetFileAttributesExW
GetExitCodeProcess
WaitForMultipleObjects
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetVersionExW
GetComputerNameExW
QueryDosDeviceW
GetFileSize
SetFilePointer
GetCurrentProcess
SetFileTime
WriteFile
ReadFile
GetFileTime
FindResourceW
LoadResource
LockResource
GetSystemInfo
GetFullPathNameW
GetTempFileNameW
CreateDirectoryW
lstrlenW
GetCurrentDirectoryW
GetWindowsDirectoryW
SetFileAttributesW
FindNextFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileSizeEx
WideCharToMultiByte
GetACP
MultiByteToWideChar
SetEnvironmentVariableA
GetLogicalDriveStringsW
SetEvent
FormatMessageW
GlobalMemoryStatusEx
ResumeThread
ResetEvent
CreateEventW
InterlockedExchangeAdd
InterlockedExchange
SetLastError
DeviceIoControl
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
HeapReAlloc
GetTimeZoneInformation
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
SetStdHandle
WriteConsoleW
ReadConsoleW
SetEndOfFile
QueryPerformanceCounter
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetStringTypeW
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
CreateThread
ExitThread
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW

user32

PostMessageW
IsWindow
MessageBoxW
wsprintfW
SendMessageTimeoutW

shell32

CommandLineToArgvW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW

ole32

CoTaskMemFree

shlwapi

PathRemoveFileSpecW

Sections

.text
Size: 903KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/2345MiniPage.exe
.exe windows:5 windows x86 arch:x86

3a32cdb269f08988a7a8538dbd6dbcb3

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

18:24:0b:f3:79:08:dc:08:df:ad:42:e9:c8:0e:f1:36:eb:c4:78:2f:c6:3a:5f:34:de:4b:4a:64:45:c3:1c:52
Signer

Actual PE Digest

18:24:0b:f3:79:08:dc:08:df:ad:42:e9:c8:0e:f1:36:eb:c4:78:2f:c6:3a:5f:34:de:4b:4a:64:45:c3:1c:52

Digest Algorithm

sha256

PE Digest Matches

true

52:b3:56:18:22:38:e5:ca:58:b4:39:9c:0b:86:42:9c:e8:cb:6e:7f
Signer

Actual PE Digest

52:b3:56:18:22:38:e5:ca:58:b4:39:9c:0b:86:42:9c:e8:cb:6e:7f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Codes\CommonPlatform\RCMiniPage\bin\Win32\Release\pdb\2345MiniPage.pdb

Imports

kernel32

LoadLibraryW
GetModuleFileNameW
CreateFileW
GetTempPathW
GetProcAddress
GetLocalTime
GetCurrentThreadId
CloseHandle
GetCurrentProcessId
LoadLibraryExW
GetModuleHandleW
GetFileAttributesW
GetCommandLineW
FreeLibrary
SetUnhandledExceptionFilter
MoveFileExW
InitializeCriticalSectionAndSpinCount
RaiseException
GetLastError
MoveFileW
DecodePointer
lstrcatW
DeleteCriticalSection
DeleteFileW
LocalFree
CreateProcessW
lstrcmpiW
FindFirstFileW
FileTimeToSystemTime
FindClose
CreateMutexW
WaitForSingleObject
Sleep
ReleaseMutex
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
OpenFileMappingW
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetLongPathNameW
GetFileAttributesExW
GetExitCodeProcess
WaitForMultipleObjects
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetVersionExW
GetComputerNameExW
QueryDosDeviceW
GetFileSize
SetFilePointer
GetCurrentProcess
SetFileTime
WriteFile
ReadFile
GetFileTime
FindResourceW
LoadResource
LockResource
GetSystemInfo
GetFullPathNameW
GetTempFileNameW
CreateDirectoryW
lstrlenW
GetCurrentDirectoryW
GetWindowsDirectoryW
SetFileAttributesW
FindNextFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileSizeEx
WideCharToMultiByte
GetACP
MultiByteToWideChar
SetEnvironmentVariableA
GetLogicalDriveStringsW
SetEvent
FormatMessageW
GlobalMemoryStatusEx
ResumeThread
ResetEvent
CreateEventW
InterlockedExchangeAdd
InterlockedExchange
SetLastError
DeviceIoControl
FlushFileBuffers
SetFilePointerEx
GetConsoleMode
GetConsoleCP
OutputDebugStringW
HeapReAlloc
GetTimeZoneInformation
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
SetStdHandle
WriteConsoleW
ReadConsoleW
SetEndOfFile
QueryPerformanceCounter
GetFileType
GetStdHandle
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
EncodePointer
GetStringTypeW
GetSystemTimeAsFileTime
IsDebuggerPresent
IsProcessorFeaturePresent
CreateThread
ExitThread
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW

user32

PostMessageW
IsWindow
MessageBoxW
wsprintfW
SendMessageTimeoutW

shell32

CommandLineToArgvW
SHGetPathFromIDListW
SHGetSpecialFolderLocation
SHGetFolderPathW

ole32

CoTaskMemFree

shlwapi

PathRemoveFileSpecW

Sections

.text
Size: 903KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/Helper_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

c6e8bd2e433bc48b6b25f594a9b816b5

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

25:8c:eb:88:57:75:17:ed:7a:26:2c:24:d5:e9:74:9b:f7:3e:90:6c:06:5c:f9:09:e5:20:e1:cf:fc:a8:58:9a
Signer

Actual PE Digest

25:8c:eb:88:57:75:17:ed:7a:26:2c:24:d5:e9:74:9b:f7:3e:90:6c:06:5c:f9:09:e5:20:e1:cf:fc:a8:58:9a

Digest Algorithm

sha256

PE Digest Matches

true

b2:76:9d:8f:4a:c7:df:5a:9a:a5:d4:84:09:0b:26:23:0c:ec:9b:17
Signer

Actual PE Digest

b2:76:9d:8f:4a:c7:df:5a:9a:a5:d4:84:09:0b:26:23:0c:ec:9b:17

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\Codes\CommonPlatform\Helper2345\bin\Win32\Release\pdb\Helper_2345.pdb

Imports

kernel32

LoadLibraryW
GetModuleFileNameW
GetProcAddress
LocalFree
CreateProcessW
lstrcmpiW
CloseHandle
GetCurrentProcessId
FindFirstFileW
FileTimeToSystemTime
FindClose
GetModuleHandleW
GetFileAttributesW
ExpandEnvironmentStringsW
CreateMutexW
WaitForSingleObject
Sleep
GetLastError
ReleaseMutex
CreateFileW
GetLongPathNameW
GetFileAttributesExW
HeapAlloc
HeapFree
GetProcessHeap
OpenProcess
GetVersionExW
GetComputerNameExW
GetCurrentThreadId
GetCurrentProcess
QueryDosDeviceW
GetFileSize
SetFilePointer
SetEndOfFile
SetFileTime
WriteFile
ReadFile
GetFileTime
WideCharToMultiByte
GetACP
MultiByteToWideChar
FindNextFileW
FreeLibrary
FindResourceW
LoadResource
LockResource
GetSystemInfo
DeleteFileW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
lstrlenW
GetFileSizeEx
GetFullPathNameW
GetTempFileNameW
MoveFileExW
CreateDirectoryW
GetTempPathW
GetCurrentDirectoryW
MoveFileW
RemoveDirectoryW
GetWindowsDirectoryW
SetFileAttributesW
GetLogicalDriveStringsW
SetEnvironmentVariableA
GetEnvironmentVariableW
SetEvent
GetTickCount
WaitForMultipleObjects
GetExitCodeProcess
FormatMessageW
GlobalMemoryStatusEx
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
ResumeThread
ResetEvent
CreateEventW
RaiseException
DecodePointer
InterlockedExchangeAdd
InterlockedExchange
SetLastError
DeviceIoControl
FlushFileBuffers
OutputDebugStringW
GetCommandLineW
SetStdHandle
WriteConsoleW
ReadConsoleW
SetFilePointerEx
GetConsoleMode
GetConsoleCP
HeapReAlloc
GetTimeZoneInformation
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsW
EncodePointer
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
CreateThread
ExitThread
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
ExitProcess
GetModuleHandleExW
HeapSize
GetStdHandle
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW

shell32

SHGetSpecialFolderPathW
SHGetFolderPathW
CommandLineToArgvW

Sections

.text
Size: 903KB - Virtual size: 902KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/Protect_2345Explorer.exe
.exe windows:5 windows x86 arch:x86

617a7ae13bb745c75afd4645e9dd037c

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

ad:57:9a:ef:ca:76:87:c6:e9:35:c6:45:69:2b:83:77:ba:b1:a1:57:46:f1:ae:fd:6f:a4:9c:5c:ed:72:db:c6
Signer

Actual PE Digest

ad:57:9a:ef:ca:76:87:c6:e9:35:c6:45:69:2b:83:77:ba:b1:a1:57:46:f1:ae:fd:6f:a4:9c:5c:ed:72:db:c6

Digest Algorithm

sha256

PE Digest Matches

true

35:8d:04:40:d0:86:d9:92:7b:fa:ef:99:69:bc:d4:b1:f4:b1:b9:23
Signer

Actual PE Digest

35:8d:04:40:d0:86:d9:92:7b:fa:ef:99:69:bc:d4:b1:f4:b1:b9:23

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetPrivateProfileStringW
LoadLibraryW
GetModuleFileNameW
GetLastError
GetProcAddress
GetModuleHandleW
GetFileAttributesW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetFileSizeEx
CloseHandle
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
DeleteFileW
CreateFileW
GetFileAttributesExW
WaitForSingleObject
GetCurrentProcessId
LocalFree
CreateMutexW
Sleep
ReleaseMutex
CreateDirectoryW
GetFileSize
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
FormatMessageW
GetCurrentProcess
WriteConsoleW
SetStdHandle
EncodePointer
DecodePointer
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
MultiByteToWideChar
ExitProcess
GetModuleHandleExW
WideCharToMultiByte
HeapSize
RaiseException
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStringTypeW
LCMapStringW
RtlUnwind
LoadLibraryExW
HeapReAlloc
GetConsoleCP
GetConsoleMode
SetFilePointerEx
OutputDebugStringW
FlushFileBuffers

Exports

Exports

CheckFile

Sections

.text
Size: 128KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/ServiceManager.exe
.exe windows:5 windows x86 arch:x86

28a1c7684512a57b333f057adfe2eee2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6e:0c:2c:99:6c:09:b4:3d:8b:ac:1f:b0:19:7c:67:79:09:c0:cd:5d:7c:d1:7b:5b:fd:db:84:09:64:ba:ad:96
Signer

Actual PE Digest

6e:0c:2c:99:6c:09:b4:3d:8b:ac:1f:b0:19:7c:67:79:09:c0:cd:5d:7c:d1:7b:5b:fd:db:84:09:64:ba:ad:96

Digest Algorithm

sha256

PE Digest Matches

true

06:54:a3:2c:16:14:4d:4d:88:0d:7e:3b:a8:b3:33:e6:f1:12:53:ec
Signer

Actual PE Digest

06:54:a3:2c:16:14:4d:4d:88:0d:7e:3b:a8:b3:33:e6:f1:12:53:ec

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
GetProcAddress
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetFileSizeEx
SetFilePointer
SetEndOfFile
WriteFile
ReadFile
DeleteFileW
CreateFileW
GetFileAttributesExW
WaitForSingleObject
LocalFree
GetModuleHandleW
CreateMutexW
ReleaseMutex
CreateDirectoryW
GetFileSize
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
FormatMessageW
GetModuleFileNameW
GetCurrentProcessId
CloseHandle
CreateToolhelp32Snapshot
Process32NextW
Process32FirstW
GetLastError
TerminateProcess
OpenProcess
GetCurrentProcess
Sleep
LoadLibraryW
GetTickCount
SetStdHandle
FlushFileBuffers
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetCommandLineW
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
HeapSize
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStdHandle
LoadLibraryExW
GetFileType
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
HeapReAlloc
LCMapStringW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
WriteConsoleW

advapi32

LookupPrivilegeValueW
OpenProcessToken
ControlService
QueryServiceStatusEx
StartServiceW
ChangeServiceConfig2W
OpenServiceW
OpenSCManagerW
DeleteService
CloseServiceHandle
CreateServiceW
AdjustTokenPrivileges

Sections

.text
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/Tool_Uninstall.exe
.exe windows:5 windows x86 arch:x86

e05a72d416d18dddb745b70f2a38d123

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

99:01:d5:ce:0a:7a:9a:89:41:ae:2d:f8:62:b2:a4:b5:56:c1:de:11:dd:84:1b:ac:3b:97:c4:ad:d1:c4:60:27
Signer

Actual PE Digest

99:01:d5:ce:0a:7a:9a:89:41:ae:2d:f8:62:b2:a4:b5:56:c1:de:11:dd:84:1b:ac:3b:97:c4:ad:d1:c4:60:27

Digest Algorithm

sha256

PE Digest Matches

true

4d:cd:36:26:c6:c3:ec:46:d8:2e:a4:ab:6e:ba:6f:98:06:e3:49:25
Signer

Actual PE Digest

4d:cd:36:26:c6:c3:ec:46:d8:2e:a4:ab:6e:ba:6f:98:06:e3:49:25

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

E:\trunk\CommonPlatform\UninstallTool\bin\Win32\Release\Tool_Uninstall.pdb

Imports

kernel32

GetCommandLineW
LocalFree
CreateMutexW
WaitForSingleObject
Sleep
GetLastError
CloseHandle
GetProcAddress
GetCurrentProcessId
FindResourceW
LoadResource
GetModuleHandleW
GetVersionExW
LockResource
lstrcmpiW
GetCurrentProcess
OpenProcess
GetModuleFileNameW
QueryDosDeviceW
TerminateProcess
GetEnvironmentVariableW
FindFirstFileW
CreateFileW
GetLongPathNameW
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
LoadLibraryW
WideCharToMultiByte
GetACP
MultiByteToWideChar
FindClose
FindNextFileW
GetLogicalDriveStringsW
LoadLibraryExW
GetFullPathNameW
GetFileAttributesW
lstrlenW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
WriteFile
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
EncodePointer
DecodePointer
IsDebuggerPresent
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
ExitProcess
GetModuleHandleExW
HeapSize
SetLastError
GetStdHandle
GetFileType
GetStartupInfoW
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsValidCodePage
GetOEMCP
GetCPInfo
GetStringTypeW
HeapReAlloc
LCMapStringW
OutputDebugStringW
GetConsoleCP
GetConsoleMode
SetFilePointerEx
SetStdHandle
WriteConsoleW

shell32

CommandLineToArgvW

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/UpdateMain.dll
.dll windows:5 windows x86 arch:x86

8db164b89d27f5185d33915f855a0aea

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

68:cc:7e:7e:05:38:1d:4b:b3:ae:78:7f:ad:ec:0c:28:63:cd:a2:45:e8:9e:32:1e:23:4f:8a:b9:ed:de:62:c8
Signer

Actual PE Digest

68:cc:7e:7e:05:38:1d:4b:b3:ae:78:7f:ad:ec:0c:28:63:cd:a2:45:e8:9e:32:1e:23:4f:8a:b9:ed:de:62:c8

Digest Algorithm

sha256

PE Digest Matches

true

29:b0:f3:14:ad:1f:78:20:0f:03:73:55:57:ab:8a:64:32:5e:58:c0
Signer

Actual PE Digest

29:b0:f3:14:ad:1f:78:20:0f:03:73:55:57:ab:8a:64:32:5e:58:c0

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\CommonPlatform\ServiceProgram_http\Release\UpdateMain.pdb

Imports

version

VerQueryValueW
GetFileVersionInfoSizeW
GetFileVersionInfoW

kernel32

GlobalMemoryStatusEx
WTSGetActiveConsoleSessionId
FileTimeToLocalFileTime
LocalFree
GetSystemInfo
FreeLibrary
GetModuleHandleW
LoadLibraryW
GetProcAddress
EndUpdateResourceW
CreateFileW
BeginUpdateResourceW
UpdateResourceW
CreateTimerQueue
DeleteTimerQueueEx
SetEvent
CreateEventW
WaitForSingleObject
ResetEvent
GetLogicalDriveStringsW
lstrlenW
Process32FirstW
QueryDosDeviceW
Process32NextW
lstrcmpiW
lstrcatW
CreateToolhelp32Snapshot
lstrcpyW
LoadLibraryExW
VirtualFree
GetVersionExW
ReadFile
VirtualAlloc
FindNextFileW
GetFileAttributesExW
MoveFileW
SetFileAttributesW
GetModuleHandleA
GetEnvironmentVariableW
ExpandEnvironmentStringsW
GetExitCodeProcess
WaitForMultipleObjects
GetCurrentProcessId
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentThreadId
OpenEventW
GetACP
CreateMutexW
OpenMutexW
ReleaseMutex
LocalAlloc
GetCurrentProcess
ResumeThread
TerminateThread
OpenThread
GetExitCodeThread
SuspendThread
SwitchToThread
FindResourceW
LoadResource
LockResource
GetFileSize
SetFilePointer
SetEndOfFile
SetFileTime
WriteFile
GetFileTime
GetFileAttributesW
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetFullPathNameW
GetTempFileNameW
CreateDirectoryW
CopyFileW
GetTempPathW
GetCurrentDirectoryW
RemoveDirectoryW
GetWindowsDirectoryW
DeleteFileW
InterlockedExchangeAdd
InitializeCriticalSectionAndSpinCount
GetFileSizeEx
DeviceIoControl
RaiseException
DecodePointer
InterlockedExchange
FormatMessageW
SetLastError
OutputDebugStringW
SetEnvironmentVariableA
ReadConsoleW
GetLocalTime
FindClose
GetComputerNameExW
GetLastError
WritePrivateProfileStringW
MultiByteToWideChar
GetModuleFileNameW
FileTimeToSystemTime
WideCharToMultiByte
GetProcessTimes
GetPrivateProfileStringW
GetTickCount
SystemTimeToTzSpecificLocalTime
FindFirstFileW
DeleteTimerQueueTimer
CloseHandle
CreateTimerQueueTimer
Sleep
OpenProcess
MoveFileExW
MapViewOfFile
UnmapViewOfFile
CreateFileMappingW
GetLongPathNameW
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
UnregisterWaitEx
QueryDepthSList
InterlockedFlushSList
InterlockedPushEntrySList
InterlockedPopEntrySList
InitializeSListHead
ReleaseSemaphore
VirtualProtect
FreeLibraryAndExitThread
GetThreadTimes
HeapReAlloc
GetTimeZoneInformation
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetConsoleMode
GetConsoleCP
GetStdHandle
GetOEMCP
IsValidCodePage
HeapSize
GetModuleHandleExW
ExitProcess
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
UnregisterWait
RegisterWaitForSingleObject
SetThreadAffinityMask
GetProcessAffinityMask
GetNumaHighestNodeNumber
ChangeTimerQueueTimer
GetLogicalProcessorInformation
GetThreadPriority
SetThreadPriority
SignalObjectAndWait
WaitForSingleObjectEx
CreateSemaphoreW
GetStartupInfoW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DuplicateHandle
GetCurrentThread
EncodePointer
GetSystemTimeAsFileTime
GetStringTypeW
IsDebuggerPresent
IsProcessorFeaturePresent
GetCommandLineA
CreateThread
ExitThread
RtlUnwind
GetCPInfo

user32

wsprintfW

advapi32

InitializeSecurityDescriptor
OpenProcessToken
SetServiceStatus
RegisterServiceCtrlHandlerExW
StartServiceCtrlDispatcherW
SetSecurityDescriptorDacl
SystemFunction036
RegCloseKey
QueryServiceConfigW
ConvertSidToStringSidW
RegOpenKeyExW
RevertToSelf
ImpersonateLoggedOnUser
LookupAccountNameW
RegQueryValueExW
OpenServiceW
GetUserNameW
OpenSCManagerW
CloseServiceHandle

shell32

SHGetSpecialFolderLocation
SHGetSpecialFolderPathW
SHGetPathFromIDListW
SHGetFolderPathW

ole32

CoTaskMemFree
CoInitializeEx
CoInitializeSecurity

sensapi

IsNetworkAlive

netapi32

NetLocalGroupGetMembers

wininet

InternetGetConnectedState
HttpOpenRequestA
InternetReadFile
InternetCrackUrlA
InternetConnectA
HttpQueryInfoA
HttpSendRequestA
InternetOpenA
InternetCloseHandle
HttpAddRequestHeadersA

wtsapi32

WTSQueryUserToken

imagehlp

ImageRemoveCertificate
ImageEnumerateCertificates

psapi

GetProcessImageFileNameW

shlwapi

StrToIntW
PathRemoveFileSpecW

rpcrt4

NdrServerCall2
RpcServerRegisterIfEx
RpcServerUseProtseqEpW
NdrAsyncServerCall
RpcServerListen

ws2_32

connect
WSAStartup
inet_addr
WSAGetLastError
htons
shutdown
recv
socket
closesocket
send

Exports

Exports

UpdateMain

Sections

.text
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 218KB - Virtual size: 217KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/coral_extract.dll
.dll windows:4 windows x86 arch:x86

27078d36f37371b0a00fb89ab0cc3581

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be
Signer

Actual PE Digest

10:59:b3:25:b1:49:34:f1:9c:33:83:5f:44:1c:b2:23:c2:a4:e3:d0:aa:16:d1:d9:19:ec:06:f7:9d:5f:5b:be

Digest Algorithm

sha256

PE Digest Matches

true

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b
Signer

Actual PE Digest

ff:2d:ce:b1:52:96:51:96:4b:0a:18:78:fc:25:27:3e:35:07:fd:1b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\rczip.dev\trunk\bin\Win32\release\pdb\Extract7z.pdb

Imports

kernel32

GetProcAddress
VirtualAlloc
GetModuleHandleW
VirtualFree
InterlockedExchangeAdd
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetVersionExW
GetLastError
ReadFile
CreateFileW
SetFilePointer
CloseHandle
LoadLibraryW
FreeLibrary
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
RaiseException
RtlUnwind
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
Sleep
HeapSize
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
GetSystemTimeAsFileTime
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetConsoleCP
GetConsoleMode
FlushFileBuffers
LoadLibraryA
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
GetFileAttributesW
FormatMessageW
LocalFree
FindFirstFileW
FindClose
FindNextFileW
DeleteFileW
CreateDirectoryW
GetFileSize
GetFullPathNameW
SetFileTime
GetTempFileNameW
SetFileAttributesW
MoveFileW
lstrlenW
SetEndOfFile
FindResourceW
WaitForMultipleObjects
CreateEventW
ResetEvent
WaitForSingleObject
SetEvent
CreateThread
ExitThread
ResumeThread

user32

LoadStringW

Exports

Exports

ExtractArchive

Sections

.text
Size: 261KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Protect/courgette_dll.dll
.dll windows:5 windows x86 arch:x86

160ac172e0449b6b838fd4afd801d697

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

Issuer

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:01:9a:02:3a:ff:58:b1:6b:d6:d5:ea:e6:17:f0:66
Certificate

Issuer

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2014, 00:00

Not After

22/10/2024, 00:00

Subject

CN=DigiCert Timestamp Responder,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

06:fd:f9:03:96:03:ad:ea:00:0a:eb:3f:27:bb:ba:1b
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10/11/2006, 00:00

Not After

10/11/2021, 00:00

Subject

CN=DigiCert Assured ID CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageEmailProtection
ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

19/05/2020, 00:00

Not After

18/05/2023, 12:00

Subject

SERIALNUMBER=91310115591679552Q,CN=Shanghai 2345 Mobile Technology Co.\, Ltd.,O=Shanghai 2345 Mobile Technology Co.\, Ltd.,ST=Shanghai,C=CN,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e,1.3.6.1.4.1.311.60.2.1.2=#13085368616e67686169,1.3.6.1.4.1.311.60.2.1.3=#1302434e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/04/2012, 12:00

Not After

18/04/2027, 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

04:cd:3f:85:68:ae:76:c6:1b:b0:fe:71:60:cc:a7:6d
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/10/2019, 00:00

Not After

17/10/2030, 00:00

Subject

CN=TIMESTAMP-SHA256-2019-10-15,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

67:26:10:71:c9:7d:23:a1:e5:29:02:18:1f:1b:17:b2:75:d1:03:59:be:bd:cc:a9:9c:b4:01:3a:3e:1e:af:1e
Signer

Actual PE Digest

67:26:10:71:c9:7d:23:a1:e5:29:02:18:1f:1b:17:b2:75:d1:03:59:be:bd:cc:a9:9c:b4:01:3a:3e:1e:af:1e

Digest Algorithm

sha256

PE Digest Matches

true

9c:3f:8c:b2:64:44:4c:a7:5d:87:da:4a:7b:d8:80:a6:e6:05:a3:b9
Signer

Actual PE Digest

9c:3f:8c:b2:64:44:4c:a7:5d:87:da:4a:7b:d8:80:a6:e6:05:a3:b9

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\V47_108_TL\src\out\Release\courgette_dll.dll.pdb

Imports

kernel32

GetFileAttributesW
ReadFile
CreateFileW
GetTempPathW
GetLastError
GetCurrentDirectoryW
GetLongPathNameW
SetLastError
RemoveDirectoryW
GetFileAttributesExW
DeleteFileW
QueryPerformanceCounter
GetTickCount
GetModuleFileNameW
GetCurrentProcessId
GetSystemTimeAsFileTime
IsDebuggerPresent
GetEnvironmentVariableW
SetEnvironmentVariableW
SetEndOfFile
SetFilePointerEx
FlushFileBuffers
GetFileSizeEx
GetModuleHandleW
GetProcAddress
GetCurrentThreadId
Sleep
RaiseException
WideCharToMultiByte
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetModuleHandleExW
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
SetEnvironmentVariableA
WriteFile
GetCurrentProcess
GetTempFileNameW
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
CloseHandle
GetOEMCP
GetTimeZoneInformation
WriteConsoleW
LoadLibraryExW
OutputDebugStringW
GetACP
IsValidCodePage
ReadConsoleW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetModuleFileNameA
GetStdHandle
HeapSize
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FreeLibrary
LoadLibraryExA
EncodePointer
DecodePointer
GetStringTypeW
IsProcessorFeaturePresent
HeapFree
GetCommandLineA
SetStdHandle
GetFileType
HeapAlloc
GetProcessHeap
GetConsoleCP
GetConsoleMode
ExitProcess
HeapReAlloc
RtlUnwind
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
GetStartupInfoW

Exports

Exports

FileApplyPatch
FolderApplyPatch
GetHandleVerifier

Sections

.text
Size: 215KB - Virtual size: 214KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 2B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Resource/2345Hotnew.ico
Resource/2345Site.ico
Resource/AssocIcon/pdf.ico
User Data/Default/FaviconsV3
User Data/Default/Thumbnails/v1/0A769DCC9171C2D65859358BC914EA0A.jpg
.jpg
User Data/Default/Thumbnails/v1/19B1E1822F836B48AD265D535871A4A2.jpg
.jpg
User Data/Default/Thumbnails/v1/1BD32688A1AFEE390A9BAA2F980F51C5.jpg
.jpg
User Data/Default/Thumbnails/v1/330AAA4A96A46A07C94ED7354B3FAB20.jpg
.jpg
User Data/Default/Thumbnails/v1/41230D9A154D1A90D5EB5C1AE37BB209.jpg
.jpg
User Data/Default/Thumbnails/v1/46E9C14A58C4EF7625A2C4C27E740B2B.jpg
.jpg
User Data/Default/Thumbnails/v1/62EC2E3F32D22D641A5244295E4A5163.jpg
.jpg
User Data/Default/Thumbnails/v1/67207B521013E18730BA6B7947CEB1F3.jpg
.jpg
User Data/Default/Thumbnails/v1/91739D10F91EBA1695D944B9001A8CA2.jpg
.jpg
User Data/Default/Thumbnails/v1/BB35D9B59F4CC10D8FA23899F8CBB054.jpg
.jpg
User Data/Default/Thumbnails/v1/D42116CE4D6D78DCE0A1927AF0B40F79.jpg
.jpg
User Data/Default/Thumbnails/v1/EECDB8AC8759019D28F5B7F20EE7CC69.jpg
.jpg
User Data/Default/Thumbnails/v1/thumbnailslist

Sharing

General

Malware Config

Signatures

Files

c552a31531df962b2298e689961d15c2

Code Sign

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2Certificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9eCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

88:85:3d:1a:b4:a3:f6:63:69:ac:ce:ef:a5:0d:de:75:08:59:68:70:7c:bb:c4:cf:78:1a:00:c5:18:69:af:aaSigner

50:a8:fd:3a:81:4c:55:d7:a2:60:66:ad:b3:46:42:01:38:7b:3b:b6Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

Sections

.text Size: 43KB - Virtual size: 43KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 173KB

.CRT Size: 512B - Virtual size: 4B

.ndata Size: - Virtual size: 528KB

.rsrc Size: 40KB - Virtual size: 40KB

3a6d8acc41f04bc6deabddffc34af1cd

Code Sign

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2Certificate

Extended Key Usages

Key Usages

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06Certificate

Extended Key Usages

Key Usages

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9eCertificate

Extended Key Usages

Key Usages

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5cCertificate

Extended Key Usages

Key Usages

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate

Extended Key Usages

Key Usages

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate

Extended Key Usages

Key Usages

86:59:7d:93:11:87:8b:14:72:a6:15:e7:1e:6f:85:91:08:ff:06:d2:b3:de:33:50:20:3b:19:69:8d:24:22:d6Signer

ae:ac:cd:63:92:c4:c2:19:01:84:23:7b:5a:55:3b:35:e3:bd:68:0aSigner

Headers

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

88:85:3d:1a:b4:a3:f6:63:69:ac:ce:ef:a5:0d:de:75:08:59:68:70:7c:bb:c4:cf:78:1a:00:c5:18:69:af:aa
Signer

50:a8:fd:3a:81:4c:55:d7:a2:60:66:ad:b3:46:42:01:38:7b:3b:b6
Signer

.text
Size: 43KB - Virtual size: 43KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 173KB

.CRT
Size: 512B - Virtual size: 4B

.ndata
Size: - Virtual size: 528KB

.rsrc
Size: 40KB - Virtual size: 40KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

86:59:7d:93:11:87:8b:14:72:a6:15:e7:1e:6f:85:91:08:ff:06:d2:b3:de:33:50:20:3b:19:69:8d:24:22:d6
Signer

ae:ac:cd:63:92:c4:c2:19:01:84:23:7b:5a:55:3b:35:e3:bd:68:0a
Signer

.text
Size: 885KB - Virtual size: 884KB

.rdata
Size: 202KB - Virtual size: 201KB

.data
Size: 6KB - Virtual size: 19KB

.rsrc
Size: 5.7MB - Virtual size: 5.7MB

.reloc
Size: 43KB - Virtual size: 42KB

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

06:ea:0d:de:d5:5e:c1:e1:a2:9f:c5:fb:5d:ab:4f:b2
Certificate

0d:d0:e3:37:4a:c9:5b:db:fa:6b:43:4b:2a:48:ec:06
Certificate

05:aa:43:30:0d:17:67:ac:12:49:43:54:21:65:bb:9e
Certificate

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

3c:80:46:cb:49:85:17:a2:07:58:5d:01:1f:2e:c0:2b:b4:4e:0f:73:c7:6f:c0:c8:a5:85:f4:59:5d:c2:7b:01
Signer

ef:87:87:b6:ed:9d:0f:1a:fc:3a:ba:e4:72:28:6c:21:58:ad:bb:87
Signer