HorizonXbeta[.]rar

Sharing

Copy URL Twitter E-mail

General

Target

HorizonXbeta.rar
Size

64.8MB
MD5

b00d9cda1a1fb6ddc24a4e61612195d4
SHA1

4a07d8754d70c6291df32b99972644ac324213fb
SHA256

bf4ca789564302ead56135133ccd8d03fa637b44429d561558d07c3019f8a4a9
SHA512

5e58543d87651ede1e1674a839dd20d8dcad3f4c705420be0d867eb3e598dd814493a64a42aa0d815367e5e0a4ce149e0008bb8f585ca46a9c54f85c79183257
SSDEEP

1572864:ZJTdGy+TEYjblsU/nn3tIUKKjGQtshqCoqspWi7HrDo:ZJTdOTJjx/nn/5iQtqo2SHr8

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/HorizonXbeta/HorizionXbetaFIX.exe	pyinstaller

Unsigned PE 5 IoCs

Checks for missing Authenticode signature.

resource
unpack001/HorizonXbeta/FluentWPF.dll
unpack001/HorizonXbeta/HorizionXbetaFIX.exe
unpack001/HorizonXbeta/luaGUI.dll
unpack001/HorizonXbeta/x64/leptonica-1.82.0.dll
unpack001/HorizonXbeta/x64/tesseract50.dll

Files

HorizonXbeta.rar
.rar
HorizonXbeta/FluentWPF.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\Users\minami\Documents\GitHub\FluentWPF\FluentWPF\obj\Release\netcoreapp3.0\FluentWPF.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 221KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HorizonXbeta/HorizionXbetaFIX.exe
.exe windows:5 windows x64 arch:x64

f4f2e2b03fe5666a721620fcea3aea9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateWindowExW
PostMessageW
GetMessageW
MessageBoxW
MessageBoxA
SystemParametersInfoW
DestroyIcon
SetWindowLongPtrW
GetWindowLongPtrW
GetClientRect
InvalidateRect
ReleaseDC
GetDC
DrawTextW
GetDialogBaseUnits
EndDialog
DialogBoxIndirectParamW
MoveWindow
SendMessageW

comctl32

ord380

kernel32

IsValidCodePage
GetStringTypeW
GetFileAttributesExW
HeapReAlloc
FlushFileBuffers
GetCurrentDirectoryW
GetACP
GetOEMCP
GetModuleHandleW
MulDiv
GetLastError
SetDllDirectoryW
CreateFileW
GetFinalPathNameByHandleW
CloseHandle
GetModuleFileNameW
CreateSymbolicLinkW
GetCPInfo
GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
GetStartupInfoW
FreeLibrary
LoadLibraryExW
SetConsoleCtrlHandler
FindClose
FindFirstFileExW
GetCurrentProcess
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
GetTimeZoneInformation
HeapSize
WriteConsoleW
SetEndOfFile
GetProcAddress
GetSystemTimeAsFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
IsDebuggerPresent
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
EncodePointer
RaiseException
RtlPcToFileHeader
GetCommandLineA
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindNextFileW
SetStdHandle
DeleteFileW
ReadFile
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW

advapi32

OpenProcessToken
GetTokenInformation
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidW

gdi32

SelectObject
DeleteObject
CreateFontIndirectW

Sections

.text
Size: 172KB - Virtual size: 171KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HorizionXbetaFIX.pyc
HorizonXbeta/README.txt
HorizonXbeta/luaGUI.dll
.dll windows:4 windows x86 arch:x86

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\dev\tesseract-net\src\Tesseract\obj\Release\netstandard2.0\Tesseract.pdb

Imports

mscoree

_CorDllMain

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HorizonXbeta/redist/dotNetFx40_Full_setup.exe
.exe windows:5 windows x86 arch:x86

02483cd76378259a50b7b66146b45f06

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

d6:d5:21:44:87:a4:87:f6:84:c8:27:2e:90:f4:8d:98:d2:12:c9:41
Signer

Actual PE Digest

d6:d5:21:44:87:a4:87:f6:84:c8:27:2e:90:f4:8d:98:d2:12:c9:41

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

boxstub.pdb

Imports

advapi32

CryptGenRandom
CryptReleaseContext
DecryptFileW
CryptAcquireContextA

kernel32

Sleep
WaitForSingleObject
GetExitCodeProcess
CloseHandle
SetFileAttributesW
InitializeCriticalSection
CreateEventA
CreateThread
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetEvent
GetCommandLineW
CreateProcessW
CompareStringW
LocalFree
QueryDosDeviceW
GetLogicalDriveStringsW
GetDiskFreeSpaceExW
GetDriveTypeW
CreateFileW
DeviceIoControl
SetErrorMode
CreateDirectoryW
RemoveDirectoryW
MoveFileExW
LoadLibraryW
GetProcAddress
GetSystemDirectoryW
GetVersion
GetLastError
SetEnvironmentVariableW
ExitThread
GetTickCount
GetEnvironmentVariableW
GetModuleHandleW
lstrlenW
WaitForMultipleObjects
ResetEvent
GetSystemInfo
FileTimeToSystemTime
FileTimeToLocalFileTime
FileTimeToDosDateTime
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetEndOfFile
DuplicateHandle
ReadFile
SetFilePointerEx
GlobalFree
GlobalAlloc
GetCommandLineA
HeapSetInformation
GetStartupInfoW
SetUnhandledExceptionFilter
ExitProcess
WriteFile
GetStdHandle
GetModuleFileNameW
GetModuleFileNameA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
InitializeCriticalSectionAndSpinCount
GetFileType
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
HeapCreate
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapAlloc
LCMapStringW
RtlUnwind
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
GetStringTypeW
HeapSize
HeapReAlloc
IsProcessorFeaturePresent
SetStdHandle
WriteConsoleW
FlushFileBuffers
CreateFileA
GetLocalTime
GetComputerNameW
lstrlenA
FormatMessageW
GetSystemTime
GetTimeZoneInformation
SystemTimeToTzSpecificLocalTime
DeleteFileW
GetFileAttributesW
FindFirstFileW
FindNextFileW
FindClose
GetCurrentDirectoryW
SetCurrentDirectoryW
ExpandEnvironmentStringsW
GetProcessHeap
RaiseException

comctl32

ord17

rpcrt4

UuidToStringW
RpcStringFreeW
UuidCreate

shell32

CommandLineToArgvW
SHBrowseForFolderW
SHGetPathFromIDListW

shlwapi

PathRemoveExtensionW

user32

MessageBoxW
GetTopWindow
GetWindowThreadProcessId
GetWindow
SendMessageA
PostMessageW
SendMessageW
DialogBoxParamA
GetDlgItem
SetWindowTextW
EndDialog
PostQuitMessage
DialogBoxParamW
SetWindowLongW
GetWindowLongW
LoadStringW
CharUpperW

cabinet

ord22
ord23
ord20

oleaut32

SysAllocString
VariantClear

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

Exports

Exports

?dwPlaceholder@@3PAEA
_DecodePointerInternal@4
_EncodePointerInternal@4

Sections

.text
Size: 161KB - Virtual size: 161KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.boxld01
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HorizonXbeta/redist/dxwebsetup.exe
.exe windows:5 windows x86 arch:x86

1494de9b53e05fc1f40cb92afbdd6ce4

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:b8:85:36:04:6e:46:6d:2f:58:b3:18:fd:18:43:f0:b8:4b:28:d3
Signer

Actual PE Digest

47:b8:85:36:04:6e:46:6d:2f:58:b3:18:fd:18:43:f0:b8:4b:28:d3

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

FreeSid
AllocateAndInitializeSid
EqualSid
GetTokenInformation
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegDeleteValueA
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegQueryInfoKeyA

kernel32

LocalFree
LocalAlloc
GetLastError
GetCurrentProcess
GetModuleFileNameA
lstrlenA
GetSystemDirectoryA
RemoveDirectoryA
FindClose
FindNextFileA
DeleteFileA
SetFileAttributesA
lstrcmpA
FindFirstFileA
lstrcatA
lstrcpyA
_lclose
_llseek
_lopen
WritePrivateProfileStringA
GetWindowsDirectoryA
CreateDirectoryA
GetFileAttributesA
ExpandEnvironmentStringsA
IsDBCSLeadByte
GetShortPathNameA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
GetProcAddress
GlobalUnlock
GlobalLock
GlobalAlloc
FreeResource
CloseHandle
LoadResource
SizeofResource
FindResourceA
ReadFile
WriteFile
SetFilePointer
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
SetCurrentDirectoryA
GetTempFileNameA
ExitProcess
CreateFileA
LoadLibraryExA
lstrcpynA
GetVolumeInformationA
FormatMessageA
GetCurrentDirectoryA
GetVersionExA
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetTempPathA
GetSystemInfo
CreateMutexA
SetEvent
CreateEventA
CreateThread
ResetEvent
TerminateThread
GetDriveTypeA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
LockResource
LoadLibraryA
GetDiskFreeSpaceA
MulDiv
EnumResourceLanguagesA
FreeLibrary
GlobalFree

gdi32

GetDeviceCaps

user32

ExitWindowsEx
wsprintfA
CharNextA
CharUpperA
CharPrevA
SetWindowLongA
GetWindowLongA
CallWindowProcA
DispatchMessageA
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
SetWindowPos
ReleaseDC
GetDC
GetWindowRect
SendDlgItemMessageA
GetDlgItem
SetForegroundWindow
SetWindowTextA
MessageBoxA
DialogBoxIndirectParamA
ShowWindow
EnableWindow
GetDlgItemTextA
EndDialog
GetDesktopWindow
MessageBeep
SetDlgItemTextA
LoadStringA
GetSystemMetrics

comctl32

ord17

version

GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 239KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HorizonXbeta/redist/oalinst.exe
.exe windows:4 windows x86 arch:x86

1ff011c2e13ea492fe69b2fbfc802083

Code Sign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

16/07/2004, 00:00

Not After

15/07/2014, 23:59

Subject

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

36:33:6d:83:6a:19:e2:44:ff:0e:52:88:2e:b5:b1:de
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2004 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)04,O=VeriSign\, Inc.,C=US

Not Before

30/06/2006, 00:00

Not After

14/07/2009, 23:59

Subject

CN=Creative Labs Inc,OU=Digital ID Class 3 - Microsoft Software Validation v2+OU=CLI,O=Creative Labs Inc,L=Milpitas,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:0c:12:06:00:00:00:00:00:1b
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

23/05/2006, 17:01

Not After

23/05/2016, 17:11

Subject

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

cb:34:e3:72:3d:d1:2b:57:d7:86:46:9b:d8:78:2f:92:cf:2d:5d:4f
Signer

Actual PE Digest

cb:34:e3:72:3d:d1:2b:57:d7:86:46:9b:d8:78:2f:92:cf:2d:5d:4f

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cbs\build\ec922632-90cb-1015-8202-b7f05167b5ef\in\CTSDK\AL_Installer\Release\oalinst.pdb

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GetFileAttributesA
GetProcAddress
LoadLibraryA
FreeResource
SizeofResource
LoadResource
FindResourceA
ReadFile
SetEndOfFile
GetLocaleInfoW
HeapSize
IsValidCodePage
IsValidLocale
DeleteFileA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetFilePointer
FlushFileBuffers
SetStdHandle
InterlockedExchange
RemoveDirectoryA
CreateDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
CopyFileA
GetTempFileNameA
LockResource
MoveFileExA
GetTimeZoneInformation
CompareStringA
CompareStringW
EnumSystemLocalesA
VirtualAlloc
GetLastError
HeapFree
HeapAlloc
MoveFileA
GetCommandLineA
GetVersionExA
GetProcessHeap
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
SetEnvironmentVariableA
HeapReAlloc
GetModuleHandleA
ExitProcess
WriteFile
GetStdHandle
CloseHandle
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
GetCurrentThread
LCMapStringA
MultiByteToWideChar
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSection
Sleep
SetConsoleCtrlHandler
FreeLibrary

user32

LoadCursorA
RegisterClassExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
MessageBoxA
PostQuitMessage
LoadIconA
SetClassLongA
LoadImageA
CreateWindowExA
SendMessageA
BeginPaint
GetClientRect
MoveWindow
DrawTextA
EndPaint
DefWindowProcA

gdi32

CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetStockObject

advapi32

RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey
RegDeleteKeyA

Sections

.text
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 636KB - Virtual size: 633KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HorizonXbeta/redist/vcredist_2015-2019_x64.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

33:00:00:01:34:22:1e:7e:49:2a:ac:da:6a:00:00:00:00:01:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/10/2019, 18:17

Not After

03/01/2021, 18:17

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:E041-4BEE-FA7E,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b4:cd:00:d9:81:97:db:3f:fb:fb:3f:54:d1:0a:0d:d4:f4:56:29:a6:03:63:86:3f:a0:b1:71:7e:4c:43:8a:da
Signer

Actual PE Digest

b4:cd:00:d9:81:97:db:3f:fb:fb:3f:54:d1:0a:0d:d4:f4:56:29:a6:03:63:86:3f:a0:b1:71:7e:4c:43:8a:da

Digest Algorithm

sha256

PE Digest Matches

true

77:97:6d:62:92:5a:37:44:2f:5d:c5:b0:8d:43:91:09:56:54:b2:48
Signer

Actual PE Digest

77:97:6d:62:92:5a:37:44:2f:5d:c5:b0:8d:43:91:09:56:54:b2:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HorizonXbeta/redist/vcredist_2015-2019_x86.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

33:00:00:01:2a:30:bf:85:c5:0e:b1:e2:8c:00:00:00:00:01:2a
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06/09/2019, 20:40

Not After

04/12/2020, 20:40

Subject

CN=Microsoft Time-Stamp Service,OU=Microsoft Operations Puerto Rico+OU=Thales TSS ESN:7D2E-3782-B0F7,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03/04/2007, 12:53

Not After

03/04/2021, 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/05/2019, 21:37

Not After

02/05/2020, 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:6d:60:08:04:c6:65:c7:f8:0a:78:74:29:9a:a4:ab:9d:42:b8:ba:0c:df:95:ee:75:8a:64:a4:2f:71:a6:46
Signer

Actual PE Digest

74:6d:60:08:04:c6:65:c7:f8:0a:78:74:29:9a:a4:ab:9d:42:b8:ba:0c:df:95:ee:75:8a:64:a4:2f:71:a6:46

Digest Algorithm

sha256

PE Digest Matches

true

0b:05:b3:51:e7:d2:3f:ce:ad:94:9d:75:ac:64:9a:ad:21:01:73:2c
Signer

Actual PE Digest

0b:05:b3:51:e7:d2:3f:ce:ad:94:9d:75:ac:64:9a:ad:21:01:73:2c

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HorizonXbeta/redist/vcredist_x64.exe
.exe windows:5 windows x86 arch:x86

a1f6f100bff4507a3332f3f0cdfc24f5

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:05:a2:30:00:00:00:00:00:08
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:01

Not After

25/07/2013, 19:11

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:85D3-305C-5BCF,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

b7:67:e2:97:28:63:cf:54:51:e3:36:ce:0a:1f:4f:ce:6e:3a:bc:30
Signer

Actual PE Digest

b7:67:e2:97:28:63:cf:54:51:e3:36:ce:0a:1f:4f:ce:6e:3a:bc:30

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

sfxcab.pdb

Imports

msvcrt

__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_adjust_fdiv
_exit
_c_exit
strncpy
strstr
_strlwr
strrchr
_stricmp
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_snprintf
sprintf
strchr
_strnicmp
_vsnprintf

advapi32

InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
GetLengthSid
InitiateSystemShutdownA
InitializeSecurityDescriptor

kernel32

CreateThread
GetFileSize
ExpandEnvironmentStringsA
CreateProcessA
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
LocalFileTimeToFileTime
SetFileTime
SetEndOfFile
CreateEventA
QueryDosDeviceA
GetDiskFreeSpaceA
GetSystemTime
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetProcessHeap
CopyFileA
SetFileAttributesA
DosDateTimeToFileTime
SetEvent
GetVersionExA
ReadFile
SetFilePointer
MoveFileExA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTickCount
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
DeviceIoControl
CreateFileA
GetDriveTypeA
HeapFree
FormatMessageA
LeaveCriticalSection
DeleteFileA
EnterCriticalSection
TerminateProcess
WaitForMultipleObjects
CreateEventW
FindFirstFileA
Sleep
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
HeapAlloc
SetLastError
WriteFile
MoveFileA
ExitProcess
DeleteCriticalSection
FlushFileBuffers
WaitForSingleObject
OpenEventA
GetCurrentProcess
GetFileAttributesA
GetCommandLineA
GetModuleFileNameA
FindClose
FindNextFileA
SystemTimeToFileTime

user32

SendDlgItemMessageA
SendMessageA
DialogBoxParamA
MessageBoxA
SetParent
EndDialog
LoadStringA
ShowWindow

ntdll

NtOpenProcessToken
NtAdjustPrivilegesToken
NtClose
NtShutdownSystem

comctl32

ord17

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5.4MB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HorizonXbeta/redist/vcredist_x86.exe
.exe windows:5 windows x86 arch:x86

a1f6f100bff4507a3332f3f0cdfc24f5

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

22/08/2007, 22:31

Not After

25/08/2012, 07:00

Subject

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:01:cf:3e:00:00:00:00:00:0f
Certificate

Issuer

CN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

07/12/2009, 22:40

Not After

07/03/2011, 22:40

Subject

CN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16/09/2006, 01:04

Not After

15/09/2019, 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:06:94:2d:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

25/07/2008, 19:02

Not After

25/07/2013, 19:12

Subject

CN=Microsoft Time-Stamp Service,OU=MOPR+OU=nCipher DSE ESN:7A82-688A-9F92,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

8a:19:aa:3a:87:7f:dd:23:dc:03:96:64:c9:5b:23:7c:35:b0:fd:3d
Signer

Actual PE Digest

8a:19:aa:3a:87:7f:dd:23:dc:03:96:64:c9:5b:23:7c:35:b0:fd:3d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

sfxcab.pdb

Imports

msvcrt

__setusermatherr
_initterm
__getmainargs
__initenv
exit
_cexit
_adjust_fdiv
_exit
_c_exit
strncpy
strstr
_strlwr
strrchr
_stricmp
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_XcptFilter
_snprintf
sprintf
strchr
_strnicmp
_vsnprintf

advapi32

InitializeAcl
AddAccessAllowedAce
SetSecurityDescriptorDacl
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
AllocateAndInitializeSid
OpenProcessToken
GetTokenInformation
GetLengthSid
InitiateSystemShutdownA
InitializeSecurityDescriptor

kernel32

CreateThread
GetFileSize
ExpandEnvironmentStringsA
CreateProcessA
GetExitCodeProcess
InitializeCriticalSectionAndSpinCount
LocalFileTimeToFileTime
SetFileTime
SetEndOfFile
CreateEventA
QueryDosDeviceA
GetDiskFreeSpaceA
GetSystemTime
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentDirectoryA
GetProcessHeap
CopyFileA
SetFileAttributesA
DosDateTimeToFileTime
SetEvent
GetVersionExA
ReadFile
SetFilePointer
MoveFileExA
RemoveDirectoryA
GetLastError
CreateDirectoryA
GetTickCount
SetErrorMode
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
CloseHandle
DeviceIoControl
CreateFileA
GetDriveTypeA
HeapFree
FormatMessageA
LeaveCriticalSection
DeleteFileA
EnterCriticalSection
TerminateProcess
WaitForMultipleObjects
CreateEventW
FindFirstFileA
Sleep
SetEnvironmentVariableA
GetEnvironmentVariableA
WideCharToMultiByte
HeapAlloc
SetLastError
WriteFile
MoveFileA
ExitProcess
DeleteCriticalSection
FlushFileBuffers
WaitForSingleObject
OpenEventA
GetCurrentProcess
GetFileAttributesA
GetCommandLineA
GetModuleFileNameA
FindClose
FindNextFileA
SystemTimeToFileTime

user32

SendDlgItemMessageA
SendMessageA
DialogBoxParamA
MessageBoxA
SetParent
EndDialog
LoadStringA
ShowWindow

ntdll

NtOpenProcessToken
NtAdjustPrivilegesToken
NtClose
NtShutdownSystem

comctl32

ord17

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.8MB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
HorizonXbeta/redist/xnafx40_redist.msi
.msi
HorizonXbeta/x64/leptonica-1.82.0.dll
.dll windows:6 windows x64 arch:x64

920a2a1b3812a8513b0ab5508a9e7565

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessTimes
GetCurrentProcess
GetSystemTimeAsFileTime
CreateDirectoryA
DeleteFileA
GetFileAttributesA
RemoveDirectoryA
SetFileAttributesA
GetTempPathA
GetTempFileNameA
CopyFileA
MoveFileExA
CreateFileA
FindNextFileA
GetFileSizeEx
ReadFile
SetFilePointer
WriteFile
CloseHandle
MapViewOfFile
UnmapViewOfFile
CreateFileMappingA
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
FindFirstFileA
FindClose
GetLastError
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

user32

GetDC
ReleaseDC

gdi32

CreateDIBSection
DeleteObject
GetObjectA

vcruntime140

__C_specific_handler
memcpy
memmove
memset
longjmp
strstr
strchr
strrchr
memcmp
__intrinsic_setjmp
__std_type_info_destroy_list

api-ms-win-crt-heap-l1-1-0

free
calloc
malloc
realloc

api-ms-win-crt-math-l1-1-0

sin
ceilf
floorf
tan
ceil
log
atan2
expf
sqrtf
atan
cos
exp
floor
sqrt
powf
pow
_fdopen

api-ms-win-crt-string-l1-1-0

isalnum
strcmp
isprint
isdigit
strncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
fread
fwrite
fflush
fputc
ferror
rewind
fclose
__stdio_common_vfprintf
ftell
__stdio_common_vsnprintf_s
fopen
getc
__stdio_common_vsscanf
fgets
_sopen_dispatch
fgetc
_getcwd
fputs
_fseeki64
__acrt_iob_func
fseek
_ftelli64
__stdio_common_vfscanf

api-ms-win-crt-utility-l1-1-0

srand
qsort
rand
bsearch

api-ms-win-crt-convert-l1-1-0

atoi
atof

api-ms-win-crt-environment-l1-1-0

getenv
getenv_s

api-ms-win-crt-time-l1-1-0

_mktime64
strftime
_gmtime64_s
_time64
_difftime64
_localtime64_s

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
system
_cexit
_errno
strerror
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
exit
_initterm
abort

api-ms-win-crt-filesystem-l1-1-0

remove
_fullpath

Exports

Exports

?AlphaMaskBorderVals@@3PAMA
?ConvolveSamplingFactX@@3HA
?ConvolveSamplingFactY@@3HA
?ImageFileFormatExtensions@@3PAPEBDA
?LeptDebugOK@@3HA
?LeptMsgSeverity@@3HA
?MORPH_BC@@3HA
?MaxInitPtraSize@@3IB
?NumImageFileFormatExtensions@@3HA
addColorizedGrayToCmap
adjacentOnPixelInRaster
affineInvertXform
affineXformPt
affineXformSampledPt
amapGetCountForColor
appendSubdirs
applyCubicFit
applyLinearFit
applyQuadraticFit
applyQuarticFit
arrayFindEachSequence
arrayFindSequence
arrayReplaceEachSequence
barcodeDispatchDecoder
barcodeFormatIsSupported
bbufferCreate
bbufferDestroy
bbufferDestroyAndSaveData
bbufferExtendArray
bbufferRead
bbufferReadStream
bbufferWrite
bbufferWriteStream
bilinearXformPt
bilinearXformSampledPt
bmfCreate
bmfDestroy
bmfGetBaseline
bmfGetLineStrings
bmfGetPix
bmfGetStringWidth
bmfGetWidth
bmfGetWordWidths
boxAdjustSides
boxBoundingRegion
boxChangeRefcount
boxClipToRectangle
boxClipToRectangleParams
boxClone
boxCompareSize
boxContains
boxContainsPt
boxConvertToPta
boxCopy
boxCreate
boxCreateValid
boxDestroy
boxEqual
boxGetCenter
boxGetGeometry
boxGetRefcount
boxGetSideLocations
boxIntersectByLine
boxIntersects
boxIsValid
boxOverlapArea
boxOverlapDistance
boxOverlapFraction
boxOverlapRegion
boxPrintStreamInfo
boxRelocateOneSide
boxRotateOrth
boxSeparationDistance
boxSetGeometry
boxSetSide
boxSetSideLocations
boxSimilar
boxTransform
boxTransformOrdered
boxaAddBox
boxaAdjustBoxSides
boxaAdjustHeightToTarget
boxaAdjustSides
boxaAdjustWidthToTarget
boxaAffineTransform
boxaBinSort
boxaClear
boxaClipToBox
boxaCombineOverlaps
boxaCombineOverlapsInPair
boxaCompareRegions
boxaContainedInBox
boxaContainedInBoxCount
boxaContainedInBoxa
boxaConvertToPta
boxaCopy
boxaCreate
boxaDestroy
boxaDisplayTiled
boxaEncapsulateAligned
boxaEqual
boxaExtendArray
boxaExtendArrayToSize
boxaExtractAsNuma
boxaExtractAsPta
boxaExtractCorners
boxaExtractSortedPattern
boxaFillSequence
boxaFindInvalidBoxes
boxaFindNearestBoxes
boxaGetArea
boxaGetAverageSize
boxaGetBox
boxaGetBoxGeometry
boxaGetCount
boxaGetCoverage
boxaGetExtent
boxaGetMedianVals
boxaGetNearestByDirection
boxaGetNearestToLine
boxaGetNearestToPt
boxaGetRankVals
boxaGetSizes
boxaGetValidBox
boxaGetValidCount
boxaGetWhiteblocks
boxaHandleOverlaps
boxaInitFull
boxaInsertBox
boxaIntersectsBox
boxaIntersectsBoxCount
boxaIsFull
boxaJoin
boxaLocationRange
boxaMakeAreaIndicator
boxaMakeSizeIndicator
boxaMakeWHRatioIndicator
boxaMedianDimensions
boxaMergeEvenOdd
boxaModifyWithBoxa
boxaPermutePseudorandom
boxaPermuteRandom
boxaPlotSides
boxaPlotSizes
boxaPruneSortedOnOverlap
boxaRead
boxaReadMem
boxaReadStream
boxaReconcileAllByMedian
boxaReconcilePairWidth
boxaReconcileSidesByMedian
boxaReconcileSizeByMedian
boxaRemoveBox
boxaRemoveBoxAndSave
boxaReplaceBox
boxaRotate
boxaRotateOrth
boxaSaveValid
boxaScale
boxaSelectByArea
boxaSelectBySize
boxaSelectByWHRatio
boxaSelectLargeULBox
boxaSelectRange
boxaSelectWithIndicator
boxaSetSide
boxaShiftWithPta
boxaSimilar
boxaSizeConsistency
boxaSizeRange
boxaSizeVariation
boxaSmoothSequenceMedian
boxaSort
boxaSort2d
boxaSort2dByIndex
boxaSortByIndex
boxaSplitEvenOdd
boxaSwapBoxes
boxaTransform
boxaTransformOrdered
boxaTranslate
boxaWindowedMedian
boxaWrite
boxaWriteDebug
boxaWriteMem
boxaWriteStderr
boxaWriteStream
boxaaAddBox
boxaaAddBoxa
boxaaAlignBox
boxaaCopy
boxaaCreate
boxaaDestroy
boxaaDisplay
boxaaExtendArray
boxaaExtendArrayToSize
boxaaExtendWithInit
boxaaFlattenAligned
boxaaFlattenToBoxa
boxaaGetBox
boxaaGetBoxCount
boxaaGetBoxa
boxaaGetCount
boxaaGetExtent
boxaaInitFull
boxaaInsertBoxa
boxaaJoin
boxaaQuadtreeRegions
boxaaRead
boxaaReadFromFiles
boxaaReadMem
boxaaReadStream
boxaaRemoveBoxa
boxaaReplaceBoxa
boxaaSelectRange
boxaaSizeRange
boxaaTranspose
boxaaWrite
boxaaWriteMem
boxaaWriteStream
callSystemDebug
ccbCreate
ccbDestroy
ccbaAddCcb
ccbaCreate
ccbaDestroy
ccbaDisplayBorder
ccbaDisplayImage1
ccbaDisplayImage2
ccbaDisplaySPBorder
ccbaGenerateGlobalLocs
ccbaGenerateSPGlobalLocs
ccbaGenerateSinglePath
ccbaGenerateStepChains
ccbaGetCcb
ccbaGetCount
ccbaRead
ccbaReadStream
ccbaStepChainsToPixCoords
ccbaWrite
ccbaWriteSVG
ccbaWriteSVGString
ccbaWriteStream
changeFormatForMissingLib
cidConvertToPdfData
cmapEqual
compareTilesByHisto
composeRGBAPixel
composeRGBPixel
concatenatePdf
concatenatePdfToData
convertFilesFittedToPS
convertFilesTo1bpp
convertFilesToPS
convertFilesToPdf
convertFlateToPS
convertFlateToPSEmbed
convertG4ToPS
convertG4ToPSEmbed
convertGrayCodeToInt
convertHSVToRGB
convertImageDataToPdf
convertImageDataToPdfData
convertIntToGrayCode
convertJpegToPS
convertJpegToPSEmbed
convertLABToRGB
convertLABToXYZ
convertNumberedMasksToBoxaa
convertOnBigEnd16
convertOnBigEnd32
convertOnLittleEnd16
convertOnLittleEnd32
convertPtaLineTo4cc
convertRGBToHSV
convertRGBToLAB
convertRGBToXYZ
convertRGBToYUV
convertSegmentedFilesToPdf
convertSegmentedPagesToPS
convertSepCharsInPath
convertSortedToNumberedPathnames
convertTiffMultipageToPS
convertTiffMultipageToPdf
convertToNUpFiles
convertToNUpPixa
convertToPSEmbed
convertToPdf
convertToPdfData
convertToPdfDataSegmented
convertToPdfSegmented
convertUnscaledFilesToPdf
convertUnscaledToPdfData
convertXYZToLAB
convertXYZToRGB
convertYUVToRGB
create2dFloatArray
create2dIntArray
createMatrix2dRotate
createMatrix2dScale
createMatrix2dTranslate
decodeAscii85
decodeAscii85WithComp
decodeBase64
dewarpBuildLineModel
dewarpBuildPageModel
dewarpCreate
dewarpCreateRef
dewarpDebug
dewarpDestroy
dewarpFindHorizDisparity
dewarpFindHorizSlopeDisparity
dewarpFindVertDisparity
dewarpGetTextlineCenters
dewarpMinimize
dewarpPopulateFullRes
dewarpRead
dewarpReadMem
dewarpReadStream
dewarpRemoveShortLines
dewarpShowResults
dewarpSinglePage
dewarpSinglePageInit
dewarpSinglePageRun
dewarpWrite
dewarpWriteMem
dewarpWriteStream
dewarpaApplyDisparity
dewarpaApplyDisparityBoxa
dewarpaCreate
dewarpaCreateFromPixacomp
dewarpaDestroy
dewarpaDestroyDewarp
dewarpaGetDewarp
dewarpaInfo
dewarpaInsertDewarp
dewarpaInsertRefModels
dewarpaListPages
dewarpaModelStats
dewarpaModelStatus
dewarpaRead
dewarpaReadMem
dewarpaReadStream
dewarpaRestoreModels
dewarpaSetCheckColumns
dewarpaSetCurvatures
dewarpaSetMaxDistance
dewarpaSetValidModels
dewarpaShowArrays
dewarpaStripRefModels
dewarpaUseBothArrays
dewarpaWrite
dewarpaWriteMem
dewarpaWriteStream
displayHSVColorRange
ditherToBinaryLineLow
dpixAddMultConstant
dpixChangeRefcount
dpixClone
dpixConvertToFPix
dpixConvertToPix
dpixCopy
dpixCopyResolution
dpixCreate
dpixCreateTemplate
dpixDestroy
dpixEndianByteSwap
dpixGetData
dpixGetDimensions
dpixGetMax
dpixGetMin
dpixGetPixel
dpixGetRefcount
dpixGetResolution
dpixGetWpl
dpixLinearCombination
dpixRead
dpixReadMem
dpixReadStream
dpixScaleByInteger
dpixSetAllArbitrary
dpixSetData
dpixSetDimensions
dpixSetPixel
dpixSetResolution
dpixSetWpl
dpixWrite
dpixWriteMem
dpixWriteStream
encodeAscii85
encodeAscii85WithComp
encodeBase64
extractG4DataFromFile
extractMinMaxComponent
extractNumberFromFilename
extractRGBAValues
extractRGBValues
fgetJp2kResolution
fgetJpegComment
fgetJpegResolution
fgetPngColormapInfo
fgetPngResolution
fhmtautogen
fhmtautogen1
fhmtautogen2
fhmtgen_low_1
fileAppendString
fileConcatenate
fileCopy
fileCorruptByDeletion
fileCorruptByMutation
fileFormatIsTiff
fileReplaceBytes
fileSplitLinesUniform
filesAreIdentical
findFileFormat
findFileFormatBuffer
findFileFormatStream
findNextLargerPrime
findTiffCompression
fmorphautogen
fmorphautogen1
fmorphautogen2
fmorphopgen_low_1
fmorphopgen_low_2
fnbytesInFile
fopenReadFromMemory
fopenReadStream
fopenWriteStream
fopenWriteWinTempfile
fpixAddBorder
fpixAddContinuedBorder
fpixAddMirroredBorder
fpixAddMultConstant
fpixAddSlopeBorder
fpixAffine
fpixAffinePta
fpixAutoRenderContours
fpixChangeRefcount
fpixClone
fpixConvertToDPix
fpixConvertToPix
fpixConvolve
fpixConvolveSep
fpixCopy
fpixCopyResolution
fpixCreate
fpixCreateTemplate
fpixDestroy
fpixDisplayMaxDynamicRange
fpixEndianByteSwap
fpixFlipLR
fpixFlipTB
fpixGetData
fpixGetDimensions
fpixGetMax
fpixGetMin
fpixGetPixel
fpixGetRefcount
fpixGetResolution
fpixGetWpl
fpixLinearCombination
fpixPrintStream
fpixProjective
fpixProjectivePta
fpixRasterop
fpixRead
fpixReadMem
fpixReadStream
fpixRemoveBorder
fpixRenderContours
fpixRotate180
fpixRotate90
fpixRotateOrth
fpixScaleByInteger
fpixSetAllArbitrary
fpixSetData
fpixSetDimensions
fpixSetPixel
fpixSetResolution
fpixSetWpl
fpixThresholdToPix
fpixWrite
fpixWriteMem
fpixWriteStream
fpixaAddFPix
fpixaChangeRefcount
fpixaConvertLABToRGB
fpixaConvertLABToXYZ
fpixaConvertXYZToLAB
fpixaConvertXYZToRGB
fpixaCopy
fpixaCreate
fpixaDestroy
fpixaDisplayQuadtree
fpixaGetCount
fpixaGetData
fpixaGetFPix
fpixaGetFPixDimensions
fpixaGetPixel

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
HorizonXbeta/x64/tesseract50.dll
.dll windows:6 windows x64 arch:x64

d5f1b799b2fb4c4a3bf9d03a27ff2965

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

ws2_32

WSACleanup
WSAStartup
socket
getaddrinfo
select
recv
connect
freeaddrinfo
send
closesocket

leptonica-1.82.0

boxaCreate
boxaDestroy
pixRotate180
pixSetText
ptaDestroy
pixRenderPolylineArb
pixRenderPolyline
boxaAddBox
boxaGetCount
pixWriteMem
lept_free
pixScale
pixConnComp
pixCloseBrick
numaDestroy
pixReadMem
pixZero
pixAnd
pixOr
pixCopy
pixDestroy
pixClone
pixSetPixel
pixGetPixel
pixConvert24To32
numaGetCount
numaGetIValue
pixClearInRect
pixRemoveColormap
pixCountPixelsByRow
pixReduceRankBinaryCascade
boxGetGeometry
boxaGetBoxGeometry
pixSetAllArbitrary
pixGetColormap
boxaReplaceBox
pixSetYRes
pixGetYRes
pixGenerateHalftoneMask
pixSetAll
pixSetXRes
composeRGBPixel
pixGetDimensions
pixCountPixels
pixClipBoxToForeground
pixaGetPix
pixSauvolaBinarizeTiled
pixaReplacePix
pixaDisplayTiledInColumns
pixExpandReplicate
pixOpenBrick
pixSetInRect
pixDistanceFunction
pixOtsuAdaptiveThreshold
pixBlockconv
pixaClear
pixaGetCount
pixSubtract
pixDilateBrick
pixCreate
pixGetSpp
pixSetSpp
pixGetInputFormat
pixSetMasked
pixInvert
ptaCreate
ptaAddPt
pixRasterop
pixCountConnComp
pixErodeBrick
pixCreateTemplate
pixSetOrClearBorder
pixaAddPix
pixSeedfillBinary
pixAddSingleTextblock
bmfCreate
bmfDestroy
pixaConvertToPdf
pixaCreate
boxaGetBox
pixaAddBox
pixRemoveAlpha
pixRead
pixaDestroy
findFileFormat
pixGetXRes
pixRotateOrth
pixConvertTo8
pixGetDepth
pixWrite
pixConvertTo32
pixClipRectangle
pixForegroundFraction
pixGetData
pixGetWpl
pixRenderBoxArb
boxDestroy
boxCreate
pixGetHeight
pixGetWidth
findFileFormatBuffer
pixReadTiff
pixReadFromMultipageTiff
pixReadMemTiff
pixReadMemFromMultipageTiff
l_generateCIDataForPdf
pixGenerateCIData
l_CIDataDestroy
l_getFormattedDate
zlibCompress

kernel32

InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetProcAddress
GetModuleHandleW
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
WideCharToMultiByte
MultiByteToWideChar
FindNextFileA
FindFirstFileA
FindClose
GetStartupInfoA
CreateSemaphoreA
CreateProcessA
WaitForSingleObject
ReleaseSemaphore
CloseHandle
GetModuleFileNameA

msvcp140

??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?cerr@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?put@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@D@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAV01@AEAV01@@Z@Z
?widen@?$basic_ios@DU?$char_traits@D@std@@@std@@QEBADD@Z
_Thrd_sleep
_Xtime_get_ticks
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?tellg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA?AV?$fpos@U_Mbstatet@@@2@XZ
?seekg@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@V?$fpos@U_Mbstatet@@@2@@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAM@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAI@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
?_Ipfx@?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA_N_N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@M@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@I@Z
?clear@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?snextc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@ios_base@std@@QEBA?AVlocale@2@XZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@N@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_N@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?uncaught_exception@std@@YA_NXZ
?_Throw_Cpp_error@std@@YAXH@Z
?_Throw_C_error@std@@YAXH@Z
_Mtx_unlock
_Mtx_lock
_Mtx_destroy_in_situ
_Mtx_init_in_situ
_Thrd_id
_Thrd_yield
_Thrd_join
?id@?$codecvt@DDU_Mbstatet@@@std@@2V0locale@2@A
?_Fiopen@std@@YAPEAU_iobuf@@PEBDHH@Z
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAH@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
?_Init@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXXZ
?sgetc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?sbumpc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHXZ
?getloc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEBA?AVlocale@2@XZ
?_Getcat@?$codecvt@DDU_Mbstatet@@@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?unshift@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEAD1AEAPEAD@Z
?out@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?in@?$codecvt@DDU_Mbstatet@@@std@@QEBAHAEAU_Mbstatet@@PEBD1AEAPEBDPEAD3AEAPEAD@Z
?always_noconv@codecvt_base@std@@QEBA_NXZ
?id@?$collate@D@std@@2V0locale@2@A
?id@?$ctype@D@std@@2V0locale@2@A
?_Incref@facet@locale@std@@UEAAXXZ
?_Decref@facet@locale@std@@UEAAPEAV_Facet_base@3@XZ
?_Xregex_error@std@@YAXW4error_type@regex_constants@1@@Z
?_Getcat@?$ctype@D@std@@SA_KPEAPEBVfacet@locale@2@PEBV42@@Z
?tolower@?$ctype@D@std@@QEBAPEBDPEADPEBD@Z
?tolower@?$ctype@D@std@@QEBADD@Z
?_Getgloballocale@locale@std@@CAPEAV_Locimp@12@XZ
?_Init@locale@std@@CAPEAV_Locimp@12@_N@Z
??1facet@locale@std@@MEAA@XZ
??0facet@locale@std@@IEAA@_K@Z
??Bid@locale@std@@QEAA_KXZ
?c_str@?$_Yarn@D@std@@QEBAPEBDXZ
?_Getcoll@_Locinfo@std@@QEBA?AU_Collvec@@XZ
??1_Locinfo@std@@QEAA@XZ
??0_Locinfo@std@@QEAA@PEBD@Z
_Strxfrm
_Strcoll
??1_Lockit@std@@QEAA@XZ
??0_Lockit@std@@QEAA@H@Z
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
?width@ios_base@std@@QEAA_J_J@Z
?eback@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?gptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pbase@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?pptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?egptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setg@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?epptr@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEBAPEADXZ
?setp@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAXPEAD00@Z
?fill@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAADD@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@J@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@_K@Z
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
?_Xlength_error@std@@YAXPEBD@Z
?_Xout_of_range@std@@YAXPEBD@Z
?_Xbad_function_call@std@@YAXXZ
_Query_perf_counter
_Query_perf_frequency
?_Xbad_alloc@std@@YAXXZ
?classic@locale@std@@SAAEBV12@XZ
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Pninc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAAPEADXZ
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
?imbue@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAA?AVlocale@2@AEBV32@@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
??0?$basic_iostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@@Z
??1?$basic_iostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ

vcruntime140

__std_type_info_destroy_list
__current_exception_context
__current_exception
__C_specific_handler
strrchr
strstr
memchr
memset
memmove
_purecall
__std_terminate
strchr
__std_exception_copy
__std_exception_destroy
_CxxThrowException
memcpy
memcmp

vcruntime140_1

__CxxFrameHandler4

api-ms-win-crt-runtime-l1-1-0

_errno
terminate
abort
exit
_beginthreadex
_initterm_e
_initterm
_cexit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_invalid_parameter_noinfo_noreturn
strerror

api-ms-win-crt-string-l1-1-0

_strdup
isspace
strcmp
strcspn
strtok_s
strncpy
strspn
strpbrk

api-ms-win-crt-stdio-l1-1-0

clearerr
__stdio_common_vsprintf
_setmode
_fileno
fseek
__stdio_common_vsprintf_s
fflush
__stdio_common_vfprintf
__stdio_common_vsscanf
fwrite
__acrt_iob_func
ungetc
setvbuf
_fseeki64
fsetpos
fread
fputc
fgets
fgetpos
fgetc
_get_stream_buffer_pointers
ftell
fopen
fclose

api-ms-win-crt-math-l1-1-0

roundf
fmaxf
exp
sqrtf
floorf
sqrt
atan2f
_dclass
pow
log
powf
expf
cosf
sinf
tan
log2f
fmod
fmodf
asinf
round
logf
floor
ceil
atan2
_fdclass
cos
sin
ceilf

api-ms-win-crt-time-l1-1-0

clock

api-ms-win-crt-heap-l1-1-0

free
malloc
_callnewh
realloc

api-ms-win-crt-convert-l1-1-0

_ltoa
_ultoa
strtol
atoi

api-ms-win-crt-filesystem-l1-1-0

_unlock_file
_lock_file
_access

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

??0?$BBGrid@VBLOBNBOX@tesseract@@VBLOBNBOX_CLIST@2@VBLOBNBOX_C_IT@2@@tesseract@@QEAA@AEBV01@@Z
??0?$BBGrid@VBLOBNBOX@tesseract@@VBLOBNBOX_CLIST@2@VBLOBNBOX_C_IT@2@@tesseract@@QEAA@HAEBVICOORD@1@0@Z
??0?$BBGrid@VBLOBNBOX@tesseract@@VBLOBNBOX_CLIST@2@VBLOBNBOX_C_IT@2@@tesseract@@QEAA@XZ
??0?$BBGrid@VColPartition@tesseract@@VColPartition_CLIST@2@VColPartition_C_IT@2@@tesseract@@QEAA@AEBV01@@Z
??0?$BBGrid@VColPartition@tesseract@@VColPartition_CLIST@2@VColPartition_C_IT@2@@tesseract@@QEAA@HAEBVICOORD@1@0@Z
??0?$BBGrid@VColPartition@tesseract@@VColPartition_CLIST@2@VColPartition_C_IT@2@@tesseract@@QEAA@XZ
??0AlignedBlob@tesseract@@QEAA@AEBV01@@Z
??0AlignedBlob@tesseract@@QEAA@HAEBVICOORD@1@0@Z
??0BLOCK@tesseract@@QEAA@PEBD_NFFFFFF@Z
??0BLOCK@tesseract@@QEAA@XZ
??0BitVector@tesseract@@QEAA@AEBV01@@Z
??0BitVector@tesseract@@QEAA@H@Z
??0BitVector@tesseract@@QEAA@XZ
??0BlobGrid@tesseract@@QEAA@AEBV01@@Z
??0BlobGrid@tesseract@@QEAA@HAEBVICOORD@1@0@Z
??0CCStruct@tesseract@@QEAA@AEBV01@@Z
??0CCStruct@tesseract@@QEAA@XZ
??0CCUtil@tesseract@@QEAA@AEBV01@@Z
??0CCUtil@tesseract@@QEAA@XZ
??0CLIST@tesseract@@QEAA@XZ
??0CLIST_ITERATOR@tesseract@@QEAA@PEAVCLIST@1@@Z
??0CLIST_ITERATOR@tesseract@@QEAA@XZ
??0C_BLOB@tesseract@@QEAA@PEAVC_OUTLINE@1@@Z
??0C_BLOB@tesseract@@QEAA@PEAVC_OUTLINE_LIST@1@@Z
??0C_BLOB@tesseract@@QEAA@XZ
??0ChoiceIterator@tesseract@@QEAA@AEBVLTRResultIterator@1@@Z
??0Classify@tesseract@@QEAA@AEBV01@@Z
??0Classify@tesseract@@QEAA@XZ
??0ColPartition@tesseract@@QEAA@W4BlobRegionType@1@AEBVICOORD@1@@Z
??0ColPartition@tesseract@@QEAA@XZ
??0ColPartitionGrid@tesseract@@QEAA@AEBV01@@Z
??0ColPartitionGrid@tesseract@@QEAA@HAEBVICOORD@1@0@Z
??0ColPartitionGrid@tesseract@@QEAA@XZ
??0ColumnFinder@tesseract@@QEAA@HAEBVICOORD@1@0H_NNPEAVTabVector_LIST@1@2HH@Z
??0Convolve@tesseract@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HHH@Z
??0DENORM@tesseract@@QEAA@AEBV01@@Z
??0DENORM@tesseract@@QEAA@XZ
??0Dawg@tesseract@@IEAA@W4DawgType@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PermuterType@1@H@Z
??0Dawg@tesseract@@QEAA@AEBV01@@Z
??0Dict@tesseract@@QEAA@AEBV01@@Z
??0Dict@tesseract@@QEAA@PEAVCCUtil@1@@Z
??0DocumentCache@tesseract@@QEAA@_J@Z
??0DocumentData@tesseract@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0ELIST2@tesseract@@QEAA@XZ
??0ELIST2_ITERATOR@tesseract@@QEAA@PEAVELIST2@1@@Z
??0ELIST@tesseract@@QEAA@XZ
??0ELIST_ITERATOR@tesseract@@QEAA@PEAVELIST@1@@Z
??0ELIST_ITERATOR@tesseract@@QEAA@XZ
??0ERRCODE@tesseract@@QEAA@PEBD@Z
??0EquationDetect@tesseract@@QEAA@PEBD0@Z
??0EquationDetectBase@tesseract@@QEAA@AEBV01@@Z
??0EquationDetectBase@tesseract@@QEAA@XZ
??0FCOORD@tesseract@@QEAA@MM@Z
??0FCOORD@tesseract@@QEAA@VICOORD@1@@Z
??0FontInfoTable@tesseract@@QEAA@XZ
??0FullyConnected@tesseract@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HHW4NetworkType@1@@Z
??0GridBase@tesseract@@QEAA@AEBV01@@Z
??0GridBase@tesseract@@QEAA@HAEBVICOORD@1@0@Z
??0GridBase@tesseract@@QEAA@XZ
??0INT_TEMPLATES_STRUCT@tesseract@@QEAA@XZ
??0Image@tesseract@@QEAA@PEAUPix@@@Z
??0Image@tesseract@@QEAA@XZ
??0ImageData@tesseract@@QEAA@AEBV01@@Z
??0ImageData@tesseract@@QEAA@XZ
??0ImageData@tesseract@@QEAA@_NVImage@1@@Z
??0ImageThresholder@tesseract@@QEAA@AEBV01@@Z
??0ImageThresholder@tesseract@@QEAA@XZ
??0IndexMap@tesseract@@QEAA@AEBV01@@Z
??0IndexMap@tesseract@@QEAA@XZ
??0IndexMapBiDi@tesseract@@QEAA@AEBV01@@Z
??0IndexMapBiDi@tesseract@@QEAA@XZ
??0Input@tesseract@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AEBVStaticShape@1@@Z
??0Input@tesseract@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@Z
??0IntFeatureSpace@tesseract@@QEAA@XZ
??0LLSQ@tesseract@@QEAA@XZ
??0LSTM@tesseract@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HHH_NW4NetworkType@1@@Z
??0LSTMRecognizer@tesseract@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0LSTMRecognizer@tesseract@@QEAA@XZ
??0LTRResultIterator@tesseract@@QEAA@AEBV01@@Z
??0LTRResultIterator@tesseract@@QEAA@PEAVPAGE_RES@1@PEAVTesseract@1@HHHHHH@Z
??0Maxpool@tesseract@@QEAA@PEBDHHH@Z
??0MutableIterator@tesseract@@QEAA@AEBV01@@Z
??0MutableIterator@tesseract@@QEAA@PEAVPAGE_RES@1@PEAVTesseract@1@HHHHHH@Z
??0Network@tesseract@@QEAA@AEBV01@@Z
??0Network@tesseract@@QEAA@W4NetworkType@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@HH@Z
??0Network@tesseract@@QEAA@XZ
??0NetworkIO@tesseract@@QEAA@$$QEAV01@@Z
??0NetworkIO@tesseract@@QEAA@AEBV01@@Z
??0NetworkIO@tesseract@@QEAA@XZ
??0PAGE_RES_IT@tesseract@@QEAA@PEAVPAGE_RES@1@@Z
??0PAGE_RES_IT@tesseract@@QEAA@XZ
??0POLY_BLOCK@tesseract@@QEAA@AEBVTBOX@1@W4PolyBlockType@1@@Z
??0POLY_BLOCK@tesseract@@QEAA@PEAVICOORDELT_LIST@1@W4PolyBlockType@1@@Z
??0POLY_BLOCK@tesseract@@QEAA@XZ
??0PageIterator@tesseract@@QEAA@AEBV01@@Z
??0PageIterator@tesseract@@QEAA@PEAVPAGE_RES@1@PEAVTesseract@1@HHHHHH@Z
??0ParagraphModel@tesseract@@QEAA@W4ParagraphJustification@1@HHHH@Z
??0ParagraphModel@tesseract@@QEAA@XZ
??0Parallel@tesseract@@QEAA@PEBDW4NetworkType@1@@Z
??0ParamsModel@tesseract@@QEAA@$$QEAV01@@Z
??0ParamsModel@tesseract@@QEAA@AEBV01@@Z
??0ParamsModel@tesseract@@QEAA@PEBDAEBV?$vector@MV?$allocator@M@std@@@std@@@Z
??0ParamsModel@tesseract@@QEAA@XZ
??0QSPLINE@tesseract@@QEAA@AEBV01@@Z
??0QSPLINE@tesseract@@QEAA@HPEAHPEAN@Z
??0QSPLINE@tesseract@@QEAA@QEAHH00HH@Z
??0QSPLINE@tesseract@@QEAA@XZ
??0RecodeBeamSearch@tesseract@@QEAA@AEBV01@@Z
??0RecodeBeamSearch@tesseract@@QEAA@AEBVUnicharCompress@1@H_NPEAVDict@1@@Z
??0Reconfig@tesseract@@QEAA@PEBDHHH@Z
??0ResultIterator@tesseract@@IEAA@AEBVLTRResultIterator@1@@Z
??0ResultIterator@tesseract@@QEAA@AEBV01@@Z
??0Reversed@tesseract@@QEAA@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4NetworkType@1@@Z
??0STATS@tesseract@@QEAA@HH@Z
??0STATS@tesseract@@QEAA@XZ
??0ScrollView@tesseract@@QEAA@PEBDHHHHHH@Z
??0ScrollView@tesseract@@QEAA@PEBDHHHHHH_N0@Z
??0ScrollView@tesseract@@QEAA@PEBDHHHHHH_N@Z
??0Series@tesseract@@QEAA@PEBD@Z
??0Shape@tesseract@@QEAA@$$QEAV01@@Z
??0Shape@tesseract@@QEAA@AEBV01@@Z
??0Shape@tesseract@@QEAA@XZ
??0ShapeClassifier@tesseract@@QEAA@AEBV01@@Z
??0ShapeClassifier@tesseract@@QEAA@XZ
??0ShapeTable@tesseract@@QEAA@AEBV01@@Z
??0ShapeTable@tesseract@@QEAA@AEBVUNICHARSET@1@@Z
??0ShapeTable@tesseract@@QEAA@XZ
??0SquishedDawg@tesseract@@QEAA@AEBV01@@Z
??0SquishedDawg@tesseract@@QEAA@PEA_KHW4DawgType@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PermuterType@1@HH@Z
??0SquishedDawg@tesseract@@QEAA@PEBDW4DawgType@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PermuterType@1@H@Z
??0SquishedDawg@tesseract@@QEAA@W4DawgType@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PermuterType@1@H@Z
??0StructuredTable@tesseract@@QEAA@AEBV01@@Z
??0StructuredTable@tesseract@@QEAA@XZ
??0TBOX@tesseract@@QEAA@FFFF@Z
??0TBOX@tesseract@@QEAA@VFCOORD@1@@Z
??0TBOX@tesseract@@QEAA@VICOORD@1@0@Z
??0TBOX@tesseract@@QEAA@XZ
??0TFile@tesseract@@QEAA@XZ
??0TO_BLOCK@tesseract@@QEAA@PEAVBLOCK@1@@Z
??0TO_BLOCK@tesseract@@QEAA@XZ
??0TabFind@tesseract@@QEAA@HAEBVICOORD@1@0PEAVTabVector_LIST@1@HHH@Z
??0TableFinder@tesseract@@QEAA@AEBV01@@Z
??0TableFinder@tesseract@@QEAA@XZ
??0TableRecognizer@tesseract@@QEAA@XZ
??0TessAltoRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessAltoRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessAltoRenderer@tesseract@@QEAA@PEBD@Z
??0TessBaseAPI@tesseract@@QEAA@XZ
??0TessBoxTextRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessBoxTextRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessBoxTextRenderer@tesseract@@QEAA@PEBD@Z
??0TessClassifier@tesseract@@QEAA@AEBV01@@Z
??0TessClassifier@tesseract@@QEAA@_NPEAVClassify@1@@Z
??0TessHOcrRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessHOcrRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessHOcrRenderer@tesseract@@QEAA@PEBD@Z
??0TessHOcrRenderer@tesseract@@QEAA@PEBD_N@Z
??0TessLSTMBoxRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessLSTMBoxRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessLSTMBoxRenderer@tesseract@@QEAA@PEBD@Z
??0TessOsdRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessOsdRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessOsdRenderer@tesseract@@QEAA@PEBD@Z
??0TessPDFRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessPDFRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessPDFRenderer@tesseract@@QEAA@PEBD0_N@Z
??0TessResultRenderer@tesseract@@IEAA@PEBD0@Z
??0TessResultRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessTextRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessTextRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessTextRenderer@tesseract@@QEAA@PEBD@Z
??0TessTsvRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessTsvRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessTsvRenderer@tesseract@@QEAA@PEBD@Z
??0TessTsvRenderer@tesseract@@QEAA@PEBD_N@Z
??0TessUnlvRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessUnlvRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessUnlvRenderer@tesseract@@QEAA@PEBD@Z
??0TessWordStrBoxRenderer@tesseract@@QEAA@$$QEAV01@@Z
??0TessWordStrBoxRenderer@tesseract@@QEAA@AEBV01@@Z
??0TessWordStrBoxRenderer@tesseract@@QEAA@PEBD@Z
??0TessdataManager@tesseract@@QEAA@AEBV01@@Z
??0TessdataManager@tesseract@@QEAA@P6A_NPEBDPEAV?$vector@DV?$allocator@D@std@@@std@@@Z@Z
??0TessdataManager@tesseract@@QEAA@XZ
??0Tesseract@tesseract@@QEAA@XZ
??0TextlineProjection@tesseract@@QEAA@H@Z
??0TrainingSample@tesseract@@QEAA@AEBV01@@Z
??0TrainingSample@tesseract@@QEAA@XZ
??0Trie@tesseract@@QEAA@AEBV01@@Z
??0Trie@tesseract@@QEAA@W4DawgType@1@AEBV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@W4PermuterType@1@HH@Z
??0UNICHAR@tesseract@@QEAA@H@Z
??0UNICHAR@tesseract@@QEAA@PEBDH@Z
??0UNICHAR@tesseract@@QEAA@XZ
??0UNICHARMAP@tesseract@@QEAA@XZ
??0UNICHARSET@tesseract@@QEAA@AEBV01@@Z
??0UNICHARSET@tesseract@@QEAA@XZ
??0UNICHAR_PROPERTIES@UNICHARSET@tesseract@@QEAA@$$QEAU012@@Z
??0UNICHAR_PROPERTIES@UNICHARSET@tesseract@@QEAA@AEBU012@@Z
??0UNICHAR_PROPERTIES@UNICHARSET@tesseract@@QEAA@XZ
??0UnicharCompress@tesseract@@QEAA@AEBV01@@Z
??0UnicharCompress@tesseract@@QEAA@XZ
??0WERD@tesseract@@QEAA@PEAVC_BLOB_LIST@1@EPEBD@Z
??0WERD@tesseract@@QEAA@PEAVC_BLOB_LIST@1@PEAV01@@Z
??0WERD@tesseract@@QEAA@XZ
??0WERD_CHOICE@tesseract@@QEAA@AEBV01@@Z
??0WERD_CHOICE@tesseract@@QEAA@PEBD0MMEAEBVUNICHARSET@1@@Z
??0WERD_CHOICE@tesseract@@QEAA@PEBDAEBVUNICHARSET@1@@Z
??0WERD_CHOICE@tesseract@@QEAA@PEBVUNICHARSET@1@@Z
??0WERD_CHOICE@tesseract@@QEAA@PEBVUNICHARSET@1@H@Z
??0WERD_RES@tesseract@@QEAA@AEBV01@@Z
??0WERD_RES@tesseract@@QEAA@PEAVWERD@1@@Z
??0WERD_RES@tesseract@@QEAA@XZ
??0Wordrec@tesseract@@QEAA@XZ
??0const_iterator@UNICHAR@tesseract@@AEAA@PEBD@Z
??1?$BBGrid@VBLOBNBOX@tesseract@@VBLOBNBOX_CLIST@2@VBLOBNBOX_C_IT@2@@tesseract@@UEAA@XZ
??1?$BBGrid@VColPartition@tesseract@@VColPartition_CLIST@2@VColPartition_C_IT@2@@tesseract@@UEAA@XZ
??1AlignedBlob@tesseract@@UEAA@XZ
??1BLOCK@tesseract@@QEAA@XZ
??1BitVector@tesseract@@QEAA@XZ
??1BlobGrid@tesseract@@UEAA@XZ
??1CCStruct@tesseract@@UEAA@XZ
??1CCUtil@tesseract@@UEAA@XZ
??1CLIST@tesseract@@QEAA@XZ
??1C_BLOB@tesseract@@QEAA@XZ
??1ChoiceIterator@tesseract@@QEAA@XZ
??1Classify@tesseract@@UEAA@XZ
??1ColPartition@tesseract@@QEAA@XZ
??1ColPartitionGrid@tesseract@@UEAA@XZ
??1ColumnFinder@tesseract@@UEAA@XZ
??1DENORM@tesseract@@QEAA@XZ
??1Dawg@tesseract@@UEAA@XZ
??1Dict@tesseract@@QEAA@XZ
??1DocumentCache@tesseract@@QEAA@XZ
??1DocumentData@tesseract@@QEAA@XZ
??1EquationDetect@tesseract@@UEAA@XZ
??1EquationDetectBase@tesseract@@UEAA@XZ
??1FontInfoTable@tesseract@@QEAA@XZ
??1GridBase@tesseract@@UEAA@XZ
??1INT_TEMPLATES_STRUCT@tesseract@@QEAA@XZ
??1ImageData@tesseract@@QEAA@XZ
??1ImageThresholder@tesseract@@UEAA@XZ
??1IndexMap@tesseract@@UEAA@XZ
??1IndexMapBiDi@tesseract@@UEAA@XZ
??1LSTMRecognizer@tesseract@@QEAA@XZ
??1LTRResultIterator@tesseract@@UEAA@XZ
??1MutableIterator@tesseract@@UEAA@XZ
??1Network@tesseract@@UEAA@XZ
??1NetworkIO@tesseract@@QEAA@XZ
??1POLY_BLOCK@tesseract@@QEAA@XZ
??1PageIterator@tesseract@@UEAA@XZ
??1ParamsModel@tesseract@@QEAA@XZ
??1QSPLINE@tesseract@@QEAA@XZ
??1RecodeBeamSearch@tesseract@@QEAA@XZ
??1ResultIterator@tesseract@@UEAA@XZ
??1STATS@tesseract@@QEAA@XZ
??1ScrollView@tesseract@@QEAA@XZ
??1Shape@tesseract@@QEAA@XZ
??1ShapeClassifier@tesseract@@UEAA@XZ
??1ShapeTable@tesseract@@QEAA@XZ
??1SquishedDawg@tesseract@@UEAA@XZ
??1StructuredTable@tesseract@@QEAA@XZ
??1TFile@tesseract@@QEAA@XZ
??1TO_BLOCK@tesseract@@QEAA@XZ
??1TabFind@tesseract@@UEAA@XZ
??1TableFinder@tesseract@@QEAA@XZ
??1TessAltoRenderer@tesseract@@UEAA@XZ
??1TessBaseAPI@tesseract@@UEAA@XZ
??1TessBoxTextRenderer@tesseract@@UEAA@XZ
??1TessClassifier@tesseract@@UEAA@XZ
??1TessHOcrRenderer@tesseract@@UEAA@XZ
??1TessLSTMBoxRenderer@tesseract@@UEAA@XZ
??1TessOsdRenderer@tesseract@@UEAA@XZ
??1TessPDFRenderer@tesseract@@UEAA@XZ
??1TessResultRenderer@tesseract@@UEAA@XZ
??1TessTextRenderer@tesseract@@UEAA@XZ
??1TessTsvRenderer@tesseract@@UEAA@XZ
??1TessUnlvRenderer@tesseract@@UEAA@XZ
??1TessWordStrBoxRenderer@tesseract@@UEAA@XZ
??1TessdataManager@tesseract@@QEAA@XZ
??1Tesseract@tesseract@@UEAA@XZ
??1TextlineProjection@tesseract@@QEAA@XZ
??1TrainingSample@tesseract@@QEAA@XZ
??1Trie@tesseract@@UEAA@XZ
??1UNICHARMAP@tesseract@@QEAA@XZ
??1UNICHARSET@tesseract@@QEAA@XZ
??1UNICHAR_PROPERTIES@UNICHARSET@tesseract@@QEAA@XZ
??1UnicharCompress@tesseract@@QEAA@XZ
??1WERD@tesseract@@QEAA@XZ
??1WERD_CHOICE@tesseract@@QEAA@XZ
??1WERD_RES@tesseract@@QEAA@XZ
??1Wordrec@tesseract@@UEAA@XZ
??4?$BBGrid@VBLOBNBOX@tesseract@@VBLOBNBOX_CLIST@2@VBLOBNBOX_C_IT@2@@tesseract@@QEAAAEAV01@AEBV01@@Z
??4?$BBGrid@VColPartition@tesseract@@VColPartition_CLIST@2@VColPartition_C_IT@2@@tesseract@@QEAAAEAV01@AEBV01@@Z
??4AlignedBlob@tesseract@@QEAAAEAV01@AEBV01@@Z
??4BLOCK@tesseract@@QEAAAEAV01@AEBV01@@Z
??4BitVector@tesseract@@QEAAAEAV01@AEBV01@@Z
??4BlobGrid@tesseract@@QEAAAEAV01@AEBV01@@Z
??4CCStruct@tesseract@@QEAAAEAV01@AEBV01@@Z
??4CCUtil@tesseract@@QEAAAEAV01@AEBV01@@Z
??4CHAR_FRAGMENT@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4CHAR_FRAGMENT@tesseract@@QEAAAEAV01@AEBV01@@Z
??4CLIST@tesseract@@QEAAAEAV01@AEBV01@@Z
??4CLIST_ITERATOR@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4CLIST_ITERATOR@tesseract@@QEAAAEAV01@AEBV01@@Z
??4C_BLOB@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ChoiceIterator@tesseract@@QEAAAEAV01@AEBV01@@Z
??4Classify@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ColPartitionGrid@tesseract@@QEAAAEAV01@AEBV01@@Z
??4DENORM@tesseract@@QEAAAEAV01@AEBV01@@Z
??4Dawg@tesseract@@QEAAAEAV01@AEBV01@@Z
??4Dict@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ELIST2@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4ELIST2@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ELIST2_ITERATOR@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4ELIST2_ITERATOR@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ELIST@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4ELIST@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ELIST_ITERATOR@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4ELIST_ITERATOR@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ERRCODE@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4ERRCODE@tesseract@@QEAAAEAV01@AEBV01@@Z
??4EquationDetectBase@tesseract@@QEAAAEAV01@AEBV01@@Z
??4FCOORD@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4FCOORD@tesseract@@QEAAAEAV01@AEBV01@@Z
??4GridBase@tesseract@@QEAAAEAV01@AEBV01@@Z
??4INT_TEMPLATES_STRUCT@tesseract@@QEAAAEAU01@AEBU01@@Z
??4Image@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4Image@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ImageData@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ImageThresholder@tesseract@@QEAAAEAV01@AEBV01@@Z
??4IndexMap@tesseract@@QEAAAEAV01@AEBV01@@Z
??4IndexMapBiDi@tesseract@@QEAAAEAV01@AEBV01@@Z
??4IntFeatureSpace@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4IntFeatureSpace@tesseract@@QEAAAEAV01@AEBV01@@Z
??4IntSimdMatrix@tesseract@@QEAAAEAU01@$$QEAU01@@Z
??4IntSimdMatrix@tesseract@@QEAAAEAU01@AEBU01@@Z
??4LLSQ@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4LLSQ@tesseract@@QEAAAEAV01@AEBV01@@Z
??4LTRResultIterator@tesseract@@QEAAAEAV01@AEBV01@@Z
??4MutableIterator@tesseract@@QEAAAEAV01@AEBV01@@Z
??4Network@tesseract@@QEAAAEAV01@AEBV01@@Z
??4NetworkIO@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4NetworkIO@tesseract@@QEAAAEAV01@AEBV01@@Z
??4PAGE_RES_IT@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4PAGE_RES_IT@tesseract@@QEAAAEAV01@AEBV01@@Z
??4PageIterator@tesseract@@QEAAAEBV01@AEBV01@@Z
??4ParagraphModel@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4ParagraphModel@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ParamUtils@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4ParamUtils@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ParamsModel@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4ParamsModel@tesseract@@QEAAAEAV01@AEBV01@@Z
??4QSPLINE@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ResultIterator@tesseract@@QEAAAEAV01@AEBV01@@Z
??4STATS@tesseract@@QEAAAEAV01@AEBV01@@Z
??4Shape@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4Shape@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ShapeClassifier@tesseract@@QEAAAEAV01@AEBV01@@Z
??4ShapeTable@tesseract@@QEAAAEAV01@AEBV01@@Z
??4SquishedDawg@tesseract@@QEAAAEAV01@AEBV01@@Z
??4StructuredTable@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TBOX@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TBOX@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TFile@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TableFinder@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TableRecognizer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessAltoRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessAltoRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessBoxTextRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessBoxTextRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessClassifier@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessHOcrRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessHOcrRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessLSTMBoxRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessLSTMBoxRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessOsdRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessOsdRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessPDFRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessPDFRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessResultRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessTextRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessTextRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessTsvRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessTsvRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessUnlvRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessUnlvRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessWordStrBoxRenderer@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4TessWordStrBoxRenderer@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TessdataManager@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TextlineProjection@tesseract@@QEAAAEAV01@AEBV01@@Z
??4TrainingSample@tesseract@@QEAAAEAV01@AEBV01@@Z
??4Trie@tesseract@@QEAAAEAV01@AEBV01@@Z
??4UNICHAR@tesseract@@QEAAAEAV01@$$QEAV01@@Z
??4UNICHAR@tesseract@@QEAAAEAV01@AEBV01@@Z
??4UNICHARMAP@tesseract@@QEAAAEAV01@AEBV01@@Z
??4UNICHARSET@tesseract@@QEAAAEAV01@AEBV01@@Z
??4UNICHAR_PROPERTIES@UNICHARSET@tesseract@@QEAAAEAU012@$$QEAU012@@Z
??4UNICHAR_PROPERTIES@UNICHARSET@tesseract@@QEAAAEAU012@AEBU012@@Z
??4UnicharCompress@tesseract@@QEAAAEAV01@AEBV01@@Z
??4WERD@tesseract@@QEAAAEAV01@AEBV01@@Z
??4WERD_CHOICE@tesseract@@QEAAAEAV01@AEBV01@@Z
??4WERD_RES@tesseract@@QEAAAEAV01@AEBV01@@Z
??4const_iterator@UNICHAR@tesseract@@QEAAAEAV012@$$QEAV012@@Z
??4const_iterator@UNICHAR@tesseract@@QEAAAEAV012@AEBV012@@Z
??8FCOORD@tesseract@@QEAA_NAEBV01@@Z
??8Image@tesseract@@QEBA_N$$T@Z
??8PAGE_RES_IT@tesseract@@QEBA_NAEBV01@@Z
??8Shape@tesseract@@QEBA_NAEBV01@@Z
??8TBOX@tesseract@@QEBA_NAEBV01@@Z
??9FCOORD@tesseract@@QEAA_NAEBV01@@Z
??9Image@tesseract@@QEBA_N$$T@Z
??9PAGE_RES_IT@tesseract@@QEBA_NAEBV01@@Z
??ABitVector@tesseract@@QEBA_NH@Z
??AShape@tesseract@@QEBAAEBUUnicharAndFonts@1@H@Z
??BImage@tesseract@@QEAAPEAPEAUPix@@XZ
??BImage@tesseract@@QEBAPEAUPix@@XZ
??BImage@tesseract@@QEBA_NXZ
??CImage@tesseract@@QEBAPEAUPix@@XZ
??Dconst_iterator@UNICHAR@tesseract@@QEBAHXZ
??Econst_iterator@UNICHAR@tesseract@@QEAAAEAV012@XZ
??IImage@tesseract@@QEBA?AV01@V01@@Z
??UImage@tesseract@@QEBA?AV01@V01@@Z
??YWERD_CHOICE@tesseract@@QEAAAEAV01@AEBV01@@Z
??_4BitVector@tesseract@@QEAAXAEBV01@@Z
??_4Image@tesseract@@QEAAAEAV01@V01@@Z
??_5BitVector@tesseract@@QEAAXAEBV01@@Z
??_5Image@tesseract@@QEAAAEAV01@V01@@Z
??_6BitVector@tesseract@@QEAAXAEBV01@@Z
??_7?$BBGrid@VBLOBNBOX@tesseract@@VBLOBNBOX_CLIST@2@VBLOBNBOX_C_IT@2@@tesseract@@6B@
??_7?$BBGrid@VColPartition@tesseract@@VColPartition_CLIST@2@VColPartition_C_IT@2@@tesseract@@6B@
??_7AlignedBlob@tesseract@@6B@
??_7BlobGrid@tesseract@@6B@
??_7CCStruct@tesseract@@6B@
??_7CCUtil@tesseract@@6B@
??_7Classify@tesseract@@6B@
??_7ColPartitionGrid@tesseract@@6B@
??_7ColumnFinder@tesseract@@6B@
??_7Dawg@tesseract@@6B@
??_7EquationDetect@tesseract@@6B@
??_7EquationDetectBase@tesseract@@6B@
??_7GridBase@tesseract@@6B@
??_7ImageThresholder@tesseract@@6B@
??_7IndexMap@tesseract@@6B@
??_7IndexMapBiDi@tesseract@@6B@
??_7LTRResultIterator@tesseract@@6B@
??_7MutableIterator@tesseract@@6B@
??_7Network@tesseract@@6B@
??_7PageIterator@tesseract@@6B@
??_7ResultIterator@tesseract@@6B@
??_7ShapeClassifier@tesseract@@6B@
??_7SquishedDawg@tesseract@@6B@
??_7TabFind@tesseract@@6B@
??_7TessAltoRenderer@tesseract@@6B@
??_7TessBaseAPI@tesseract@@6B@
??_7TessBoxTextRenderer@tesseract@@6B@
??_7TessClassifier@tesseract@@6B@
??_7TessHOcrRenderer@tesseract@@6B@
??_7TessLSTMBoxRenderer@tesseract@@6B@
??_7TessOsdRenderer@tesseract@@6B@
??_7TessPDFRenderer@tesseract@@6B@
??_7TessResultRenderer@tesseract@@6B@
??_7TessTextRenderer@tesseract@@6B@
??_7TessTsvRenderer@tesseract@@6B@
??_7TessUnlvRenderer@tesseract@@6B@
??_7TessWordStrBoxRenderer@tesseract@@6B@
??_7Tesseract@tesseract@@6B@
??_7Trie@tesseract@@6B@
??_7Wordrec@tesseract@@6B@
?Absorb@ColPartition@tesseract@@QEAAXPEAV12@AEBV?$function@$$A6A_NH@Z@std@@@Z
?AbsorbNearbyLines@StructuredTable@tesseract@@IEAAXXZ
?AcceptableChoice@Dict@tesseract@@QEAA_NAEBVWERD_CHOICE@2@W4XHeightConsistencyEnum@2@@Z
?AcceptableResult@Dict@tesseract@@QEBA_NPEAVWERD_RES@2@@Z
?AccumulatePartDistances@ColPartitionGrid@tesseract@@AEAAXAEBVColPartition@2@AEBVICOORD@2@AEBVTBOX@2@VImage@2@2AEBVFCOORD@2@_NPEAV?$vector@HV?$allocator@H@std@@@std@@@Z
?AdaptToChar@Classify@tesseract@@QEAAXPEAUTBLOB@2@HHMPEAVADAPT_TEMPLATES_STRUCT@2@@Z
?AdaptToWordStr@TessBaseAPI@tesseract@@QEAA_NW4PageSegMode@2@PEBD@Z
?AdaptableWord@Classify@tesseract@@QEAA_NPEAVWERD_RES@2@@Z
?AdaptiveClassifier@Classify@tesseract@@QEAAXPEAUTBLOB@2@PEAVBLOB_CHOICE_LIST@2@@Z
?AdaptiveClassifierIsEmpty@Classify@tesseract@@QEBA_NXZ
?AdaptiveClassifierIsFull@Classify@tesseract@@QEBA_NXZ
?AddAllToFloat@NetworkIO@tesseract@@QEAAXAEBV12@@Z
?AddBox@ColPartition@tesseract@@QEAAXPEAVBLOBNBOX@2@@Z
?AddBoxes@ImageData@tesseract@@AEAA_NPEBD@Z
?AddBoxes@ImageData@tesseract@@QEAAXAEBV?$vector@VTBOX@tesseract@@V?$allocator@VTBOX@tesseract@@@std@@@std@@AEBV?$vector@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@V?$allocator@V?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@2@@4@AEBV?$vector@HV?$allocator@H@std@@@4@@Z
?AddConfigToClass@tesseract@@YAHPEAUCLASS_STRUCT@1@@Z
?AddEscapeChars@ScrollView@tesseract@@AEAAPEADPEBD@Z
?AddEventHandler@ScrollView@tesseract@@QEAAXPEAVSVEventHandler@2@@Z
?AddImage@TessResultRenderer@tesseract@@QEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessAltoRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessBoxTextRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessHOcrRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessLSTMBoxRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessOsdRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessPDFRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessTextRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessTsvRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessUnlvRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddImageHandler@TessWordStrBoxRenderer@tesseract@@MEAA_NPEAVTessBaseAPI@2@@Z
?AddLargeSpeckleTo@Classify@tesseract@@QEAAXHPEAVBLOB_CHOICE_LIST@2@@Z
?AddMessage@ScrollView@tesseract@@QEAAXPEBD@Z
?AddMessageBox@ScrollView@tesseract@@QEAAXXZ

Sections

.text
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 661KB - Virtual size: 661KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 221KB - Virtual size: 220KB

.rsrc Size: 1024B - Virtual size: 928B

.reloc Size: 512B - Virtual size: 12B

f4f2e2b03fe5666a721620fcea3aea9b

Headers

DLL Characteristics

File Characteristics

Imports

user32

comctl32

kernel32

advapi32

gdi32

Sections

.text Size: 172KB - Virtual size: 171KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 3KB - Virtual size: 12KB

.pdata Size: 9KB - Virtual size: 8KB

_RDATA Size: 512B - Virtual size: 500B

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 2KB - Virtual size: 1KB

dae02f32a21e03ce65412f6e56942daa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

mscoree

Sections

.text Size: 122KB - Virtual size: 122KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 512B - Virtual size: 12B

02483cd76378259a50b7b66146b45f06

Code Sign

2e:ab:11:dc:50:ff:5c:9d:cb:c0Certificate

Extended Key Usages

Key Usages

61:01:cf:3e:00:00:00:00:00:0fCertificate

Extended Key Usages

Key Usages

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2Certificate

Extended Key Usages

Key Usages

61:05:a2:30:00:00:00:00:00:08Certificate

Extended Key Usages

Key Usages

d6:d5:21:44:87:a4:87:f6:84:c8:27:2e:90:f4:8d:98:d2:12:c9:41Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

comctl32

rpcrt4

shell32

shlwapi

user32

cabinet

oleaut32

version

Exports

Exports

Sections

.text Size: 161KB - Virtual size: 161KB

.data Size: 5KB - Virtual size: 13KB

.text
Size: 221KB - Virtual size: 220KB

.rsrc
Size: 1024B - Virtual size: 928B

.reloc
Size: 512B - Virtual size: 12B

.text
Size: 172KB - Virtual size: 171KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 3KB - Virtual size: 12KB

.pdata
Size: 9KB - Virtual size: 8KB

_RDATA
Size: 512B - Virtual size: 500B

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 122KB - Virtual size: 122KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 512B - Virtual size: 12B

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:01:cf:3e:00:00:00:00:00:0f
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

61:05:a2:30:00:00:00:00:00:08
Certificate

d6:d5:21:44:87:a4:87:f6:84:c8:27:2e:90:f4:8d:98:d2:12:c9:41
Signer

.text
Size: 161KB - Virtual size: 161KB

.data
Size: 5KB - Virtual size: 13KB

.boxld01
Size: 512B - Virtual size: 194B

.rsrc
Size: 7KB - Virtual size: 7KB

.reloc
Size: 10KB - Virtual size: 10KB

2e:ab:11:dc:50:ff:5c:9d:cb:c0
Certificate

61:01:cf:3e:00:00:00:00:00:0f
Certificate

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

61:05:a2:30:00:00:00:00:00:08
Certificate

47:b8:85:36:04:6e:46:6d:2f:58:b3:18:fd:18:43:f0:b8:4b:28:d3
Signer

.text
Size: 34KB - Virtual size: 33KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 239KB - Virtual size: 240KB

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

41:91:a1:5a:39:78:df:cf:49:65:66:38:1d:4c:75:c2
Certificate

36:33:6d:83:6a:19:e2:44:ff:0e:52:88:2e:b5:b1:de
Certificate

61:0c:12:06:00:00:00:00:00:1b
Certificate

cb:34:e3:72:3d:d1:2b:57:d7:86:46:9b:d8:78:2f:92:cf:2d:5d:4f
Signer

.text
Size: 116KB - Virtual size: 113KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 12KB - Virtual size: 15KB

.rsrc
Size: 636KB - Virtual size: 633KB

33:00:00:01:34:22:1e:7e:49:2a:ac:da:6a:00:00:00:00:01:34
Certificate

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

61:16:68:34:00:00:00:00:00:1c
Certificate