privateloader | PCRemoteReceiverSetup_7_5_16[.]exe

Sharing

Copy URL

Twitter E-mail

General

Target

PCRemoteReceiverSetup_7_5_16.exe
Size

63.3MB
MD5

ca3eb78b4bfcd2388bf49a980f1053b7
SHA1

81c60fff0a2f0bf8e8ffc4161b0ed00fd3353a9f
SHA256

b1707825c0f2fde7bfdbb5f4a4cef4002a935b2c9edfa93f512127f430cfbdd0
SHA512

5f02bd4cab05cd242f3605ab027c11d28b855bd9180ff52aa14963248e2778cacc36466dcca684c0c17c9bab874f12b3a3e2d3ca655570831101cfc5c1022e51
SSDEEP

1572864:DGr9D2YYvt8/7Z9lRA9lg5yJRotDthtYt/1vv+W5x/t6rRYyjvZXTpoZC86:DO9DoFE3lKYgJ1cW5+ruyjv1Nos86

Score

10^/10

privateloader

Malware Config

Signatures

Privateloader family
privateloader

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/InstallOptions.dll
unpack001/$PLUGINSDIR/LangDLL.dll
unpack001/$PLUGINSDIR/System.dll
unpack001/SDL2.dll
unpack001/SDL2_image.dll
unpack001/avcodec-59.dll
unpack001/avformat-59.dll
unpack001/avutil-57.dll
unpack001/driver/usbmmidd_v2/deviceinstaller64.exe
unpack001/driver/usbmmidd_v2/x64/usbmmIdd.dll
unpack001/emulators/virtuanes/English.vlp
unpack001/emulators/virtuanes/VirtuaNES.exe
unpack001/libjpeg-9.dll
unpack001/libpng16-16.dll
unpack001/libtiff-5.dll
unpack001/libwebp-7.dll
unpack001/swresample-4.dll
unpack001/swscale-6.dll
unpack001/zlib1.dll

Files

PCRemoteReceiverSetup_7_5_16.exe
.exe windows:4 windows x86 arch:x86

Password: infected

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

b8:7e:40:fa:1e:e4:71:0a:b1:b4:85:66:2b:a6:11:27:0d:92:2f:c5:bc:44:ef:42:1f:a8:4f:4f:25:97:27:1f
Signer

Actual PE Digest

b8:7e:40:fa:1e:e4:71:0a:b1:b4:85:66:2b:a6:11:27:0d:92:2f:c5:bc:44:ef:42:1f:a8:4f:4f:25:97:27:1f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCreateKeyExW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
SetFileSecurityW
RegOpenKeyExW
RegEnumValueW

shell32

SHGetSpecialFolderLocation
SHFileOperationW
SHBrowseForFolderW
SHGetPathFromIDListW
ShellExecuteExW
SHGetFileInfoW

ole32

OleInitialize
OleUninitialize
CoCreateInstance
IIDFromString
CoTaskMemFree

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_AddMasked

user32

GetClientRect
EndPaint
DrawTextW
IsWindowEnabled
DispatchMessageW
wsprintfA
CharNextA
CharPrevW
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
GetSystemMetrics
FillRect
AppendMenuW
TrackPopupMenu
OpenClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
SetWindowPos
PeekMessageW
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CreateWindowExW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
EmptyClipboard
CreatePopupMenu

gdi32

SetBkMode
SetBkColor
GetDeviceCaps
CreateFontIndirectW
CreateBrushIndirect
DeleteObject
SetTextColor
SelectObject

kernel32

GetExitCodeProcess
WaitForSingleObject
GetModuleHandleA
GetProcAddress
GetSystemDirectoryW
lstrcatW
Sleep
lstrcpyA
WriteFile
GetTempFileNameW
CreateFileW
lstrcmpiA
RemoveDirectoryW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersion
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
ExitProcess
CopyFileW
GetCurrentProcess
GetModuleFileNameW
GetFileSize
GetTickCount
MulDiv
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
MoveFileExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 119KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/InstallOptions.dll
.dll windows:4 windows x86 arch:x86

Password: infected

4b45b7e00344a87332fbd12653854d1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryW
GlobalUnlock
GlobalLock
GetModuleHandleW
CloseHandle
SetEndOfFile
SetCurrentDirectoryW
GetPrivateProfileStringW
GetPrivateProfileIntW
MultiByteToWideChar
ReadFile
GetFileSize
CreateFileW
lstrcmpiW
lstrcatW
lstrcpynW
WritePrivateProfileStringW
lstrlenW
lstrcpyW
GlobalFree
GlobalAlloc
WriteFile
SetFilePointer

user32

LoadCursorW
SetWindowRgn
GetDlgCtrlID
CloseClipboard
DrawFocusRect
OpenClipboard
DrawTextW
SetCursor
LoadIconW
LoadImageW
SetWindowLongW
CreateWindowExW
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamW
GetClientRect
ShowWindow
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
CallWindowProcW
PostMessageW
MessageBoxW
GetSysColor
CharNextW
wsprintfW
GetWindowTextW
SetWindowTextW
SendMessageW
GetWindowLongW
EnableMenuItem
PtInRect
MapWindowPoints
GetClipboardData

gdi32

SetTextColor
DeleteObject
CombineRgn
CreateRectRgn
GetDIBits
SelectObject
CreateCompatibleDC
GetObjectW

shell32

SHGetDesktopFolder
SHGetPathFromIDListW
ShellExecuteW
SHBrowseForFolderW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

dialog
initDialog
make_unicode
show

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/LangDLL.dll
.dll windows:4 windows x86 arch:x86

Password: infected

3e8d18bb71c7ebbda2ddc2a4bb03547b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
GlobalFree
lstrcpynW
lstrcmpW
GlobalAlloc
MulDiv
GetModuleHandleW
lstrcpyW

user32

DialogBoxParamW
SetDlgItemTextW
SendDlgItemMessageW
EndDialog
SetWindowTextW
LoadIconW
ShowWindow
SendMessageW
GetDC

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

Exports

Exports

LangDialog

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 681B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

Password: infected

fc0224e99e736751432961db63a41b76

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleW
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GlobalAlloc
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError

user32

wsprintfW

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 867B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 648B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/ioSpecial.ini
$PLUGINSDIR/modern-wizard.bmp
MonectMediaCenter.exe
.exe windows:6 windows x64 arch:x64

Password: infected

735d8fb488827d770c95525fe7b41ea5

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4a:2b:7a:4e:aa:fd:ca:56:bf:e8:fa:12:82:0c:78:6b:42:81:2f:40:e2:00:56:7a:9d:30:1b:03:99:3a:16:ce
Signer

Actual PE Digest

4a:2b:7a:4e:aa:fd:ca:56:bf:e8:fa:12:82:0c:78:6b:42:81:2f:40:e2:00:56:7a:9d:30:1b:03:99:3a:16:ce

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\MonectMediaCenter.pdb

Imports

sdl2

SDL_SetWindowSize
SDL_SetWindowFullscreen
SDL_CondBroadcast
SDL_WaitThread
SDL_Delay
SDL_CloseAudio
SDL_CreateThread
SDL_PauseAudio
SDL_OpenAudio
SDL_getenv
SDL_AddTimer
SDL_SetWindowPosition
SDL_UnlockMutex
SDL_CondSignal
SDL_LockMutex
SDL_Init
SDL_CreateCond
SDL_CreateMutex
SDL_UpdateYUVTexture
SDL_CreateTexture
SDL_GetWindowSize
SDL_GetWindowMaximumSize
SDL_Quit
SDL_CondWait
SDL_DestroyRenderer
SDL_PollEvent
SDL_setenv
SDL_SetHint
SDL_GetWindowWMInfo
SDL_CreateRenderer
SDL_ShowCursor
SDL_CreateWindow
SDL_GetDesktopDisplayMode
SDL_RenderPresent
SDL_RenderClear
SDL_PushEvent
SDL_DestroyTexture
SDL_RenderCopyEx
SDL_QueryTexture
SDL_RWFromMem
SDL_memcpy
SDL_PauseAudioDevice
SDL_OpenAudioDevice
SDL_memset
SDL_GetError
SDL_Log
SDL_QueueAudio
SDL_ClearQueuedAudio
SDL_GetQueuedAudioSize
SDL_CloseAudioDevice
SDL_DestroyWindow

sdl2_image

IMG_LoadTexture
IMG_LoadTexture_RW
IMG_Quit
IMG_Init

ws2_32

htonl
ntohl
closesocket
ntohs
bind
WSAGetLastError
getsockopt
setsockopt
WSAStartup
socket
listen
accept
WSARecv
WSASend
recvfrom
sendto
htons

shlwapi

StrCmpW
PathFileExistsW
StrRChrW

avcodec-59

av_packet_alloc
av_packet_free
av_packet_ref
av_packet_unref
av_parser_close
av_parser_init
av_parser_parse2
avcodec_alloc_context3
avcodec_close
avcodec_find_decoder
avcodec_free_context
avcodec_open2
avcodec_parameters_to_context
avcodec_receive_frame
avcodec_send_packet

avutil-57

av_dict_get
av_fast_malloc
av_frame_alloc
av_frame_free
av_frame_unref
av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_default_channel_layout
av_get_sample_fmt_name
av_gettime
av_image_alloc
av_log
av_log_set_callback
av_malloc
av_mallocz
av_samples_get_buffer_size

swscale-6

sws_getCachedContext
sws_scale

avformat-59

av_dump_format
av_read_frame
avformat_alloc_context
avformat_close_input
avformat_find_stream_info
avformat_network_deinit
avformat_open_input
avformat_seek_file

swresample-4

swr_alloc_set_opts
swr_convert
swr_free
swr_init

kernel32

FindClose
CopyFileW
SetFileAttributesW
DeleteFileW
RemoveDirectoryW
GetModuleFileNameW
LoadLibraryW
GetComputerNameW
CreateEventW
ResetEvent
SetEvent
ReleaseMutex
ExitProcess
CreateMutexW
GetFileSizeEx
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
FindResourceW
GetModuleHandleW
FindFirstFileW
LockResource
SizeofResource
WideCharToMultiByte
GetTickCount64
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCommandLineW
Sleep
SetNamedPipeHandleState
WaitNamedPipeW
CreateFileW
DisconnectNamedPipe
FlushFileBuffers
WaitForSingleObject
WriteFile
ReadFile
HeapFree
HeapAlloc
GetProcessHeap
ConnectNamedPipe
GetLastError
CreateNamedPipeW
OutputDebugStringA
GetProcAddress
FindNextFileW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
LoadResource
CreateThread

user32

ReleaseDC
GetDC
GetWindowLongPtrW
CreateWindowExW
RegisterClassW
LoadCursorW
SetWindowPos
LoadIconW
DefWindowProcW
PostQuitMessage
SetWindowLongPtrW
ShowWindow
UpdateLayeredWindow
DispatchMessageW
TranslateMessage
GetMessageW
UpdateWindow

gdi32

SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteDC
DeleteObject
GetDeviceCaps

advapi32

RegCreateKeyExW
RegOpenKeyExW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegCloseKey
RegQueryInfoKeyW
RegEnumValueW

shell32

CommandLineToArgvW
ord165

ole32

CoInitialize

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

gdiplus

GdipCreateFromHDC
GdipDrawLine
GdipDeletePen
GdipCreatePen1
GdipReleaseDC
GdiplusShutdown
GdipDeleteGraphics
GdipCreateSolidFill
GdiplusStartup
GdipAlloc
GdipFree
GdipDeleteBrush
GdipGraphicsClear
GdipSetCompositingMode
GdipFillRectangleI

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
__std_exception_destroy
__C_specific_handler
memcpy
_CxxThrowException
__current_exception
__current_exception_context
memset
memmove

api-ms-win-crt-heap-l1-1-0

free
_set_new_mode
malloc
_callnewh
calloc

api-ms-win-crt-stdio-l1-1-0

__p__commode
_set_fmode
__stdio_common_vsnprintf_s
__stdio_common_vswprintf_s
__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_beginthreadex
terminate
_configure_wide_argv
_set_app_type
_register_thread_local_exe_atexit_callback
_c_exit
_initialize_wide_environment
_exit
_initialize_onexit_table
_seh_filter_exe
_get_wide_winmain_command_line
_register_onexit_function
_initterm_e
_initterm
_endthreadex
exit
_invalid_parameter_noinfo
_errno
_crt_atexit
_invalid_parameter_noinfo_noreturn
_cexit

api-ms-win-crt-string-l1-1-0

wcscat_s
strcpy_s
wcsnlen
wcscpy_s

api-ms-win-crt-convert-l1-1-0

atoi

api-ms-win-crt-math-l1-1-0

__setusermatherr
rint

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MonectRuntimeCheck.exe
.exe windows:6 windows x64 arch:x64

Password: infected

a4b941ee4cb98eb0b23eb0012f4e16b8

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

3f:5e:df:80:1d:8b:7e:ee:dc:d6:9c:f1:74:97:ba:7f:44:67:cc:57:0a:ae:8d:89:d6:64:92:bd:f1:df:50:5f
Signer

Actual PE Digest

3f:5e:df:80:1d:8b:7e:ee:dc:d6:9c:f1:74:97:ba:7f:44:67:cc:57:0a:ae:8d:89:d6:64:92:bd:f1:df:50:5f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\MonectRuntimeCheck.pdb

Imports

shlwapi

StrCmpW
StrRChrW

kernel32

LoadLibraryW
GetSystemDirectoryW
CreateProcessW
Sleep
CloseHandle
GetModuleFileNameW
GetProcAddress
FreeLibrary
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
RtlCaptureContext
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
GetCommandLineW
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead

user32

MessageBoxW

advapi32

RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
RegEnumValueW
RegQueryInfoKeyW
RegCloseKey

shell32

CommandLineToArgvW

vcruntime140

memset
__current_exception_context
memcpy
__current_exception
__C_specific_handler

api-ms-win-crt-string-l1-1-0

wcscpy_s
wcsnlen

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__stdio_common_vswprintf_s
__p__commode

api-ms-win-crt-runtime-l1-1-0

_get_wide_winmain_command_line
_cexit
_c_exit
_register_thread_local_exe_atexit_callback
_exit
_initialize_wide_environment
_configure_wide_argv
exit
_initialize_onexit_table
_register_onexit_function
_crt_atexit
terminate
_initterm_e
_invalid_parameter_noinfo
_errno
_initterm
_set_app_type
_seh_filter_exe

api-ms-win-crt-math-l1-1-0

__setusermatherr

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

api-ms-win-crt-heap-l1-1-0

_set_new_mode

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 504B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MonectServer.exe
.exe windows:6 windows x64 arch:x64

Password: infected

21c5c9eb4e30c84d406fffdd4a3f89f4

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

53:84:d2:29:1c:02:17:fb:b8:db:c7:78:e9:ca:78:d5:32:af:8e:16:23:35:cc:b2:08:d4:fb:1b:d4:75:19:9c
Signer

Actual PE Digest

53:84:d2:29:1c:02:17:fb:b8:db:c7:78:e9:ca:78:d5:32:af:8e:16:23:35:cc:b2:08:d4:fb:1b:d4:75:19:9c

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\MonectServer.pdb

Imports

shlwapi

ord12
StrCmpW
StrRChrW

d3d11

D3D11CreateDevice

ws2_32

ntohl
htonl
ntohs

gdiplus

GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusShutdown
GdipGetImagePixelFormat
GdipCreateBitmapFromHBITMAP
GdipCreateBitmapFromScan0
GdipGetImageHeight
GdipGetImageWidth
GdipSaveImageToStream
GdipCloneImage
GdipDisposeImage
GdipAlloc
GdipFree
GdiplusStartup
GdipGetImageEncodersSize
GdipGetImageEncoders

kernel32

GetSystemTimeAsFileTime
GetCurrentProcessId
IsProcessorFeaturePresent
TerminateProcess
InitializeSListHead
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
IsDebuggerPresent
GetStartupInfoW
WaitForMultipleObjects
Sleep
GlobalSize
QueryPerformanceFrequency
QueryPerformanceCounter
GetModuleHandleW
GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
CloseHandle
CreateThread
CreateNamedPipeW
GetLastError
ConnectNamedPipe
GetProcessHeap
HeapAlloc
HeapFree
ReadFile
WriteFile
FlushFileBuffers
DisconnectNamedPipe
EnterCriticalSection
CreateFileW
LeaveCriticalSection
WaitNamedPipeW
SetNamedPipeHandleState
GetModuleFileNameW
LoadLibraryW
LocalAlloc
CreateEventW
LocalFree
ResetEvent
WaitForSingleObject
ExitProcess
VerSetConditionMask
VerifyVersionInfoW
GetProcAddress
SetEvent
ReleaseMutex
FreeLibrary
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentThreadId
CreateMutexW
OpenFileMappingW
MapViewOfFile
UnmapViewOfFile

user32

SetDisplayConfig
SetThreadDesktop
GetMessageExtraInfo
SendInput
SetCursorPos
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
EnumDisplayMonitors
GetMessageW
UnhookWinEvent
TranslateMessage
DispatchMessageW
OpenDesktopW
ChangeDisplaySettingsW
GetSystemMetrics
GetCursorInfo
GetDC
ReleaseDC
LoadCursorW
CopyIcon
GetIconInfo
DestroyCursor
EnumDisplayDevicesW
GetMonitorInfoW
EnumDisplaySettingsW
PostThreadMessageW
GetUserObjectInformationW
OpenInputDesktop
CloseDesktop
SetWinEventHook

gdi32

CreateDIBSection
DeleteObject
SelectObject
BitBlt
DeleteDC
CreateCompatibleDC

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

ole32

CreateStreamOnHGlobal
GetHGlobalFromStream

oleaut32

OleCreatePictureIndirect

msvcp140

?_Xlength_error@std@@YAXPEBD@Z

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memmove
memcpy
_CxxThrowException
__C_specific_handler
__std_exception_destroy
__std_exception_copy
__std_terminate
__current_exception_context
memset
__current_exception

api-ms-win-crt-heap-l1-1-0

_set_new_mode
_callnewh
malloc
calloc
free

api-ms-win-crt-runtime-l1-1-0

_errno
_invalid_parameter_noinfo_noreturn
_invalid_parameter_noinfo
terminate
_crt_atexit
_register_onexit_function
_seh_filter_exe
_set_app_type
_initialize_onexit_table
_configure_wide_argv
_initialize_wide_environment
_get_wide_winmain_command_line
_initterm
_initterm_e
exit
_exit
_cexit
_c_exit
_register_thread_local_exe_atexit_callback

api-ms-win-crt-string-l1-1-0

wcscpy_s
wcsnlen
_wcsicmp

api-ms-win-crt-math-l1-1-0

ceilf
__setusermatherr

api-ms-win-crt-stdio-l1-1-0

_set_fmode
__p__commode

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
MonectServerService.exe
.exe windows:6 windows x64 arch:x64

Password: infected

0be9d7ed7110ff6cffcfd3e03e356323

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5d:28:f0:ea:b5:4b:61:a4:2a:04:ec:d0:7b:3f:21:b9:79:f3:fb:cd:ab:ff:99:c5:df:33:94:a2:20:07:e0:4d
Signer

Actual PE Digest

5d:28:f0:ea:b5:4b:61:a4:2a:04:ec:d0:7b:3f:21:b9:79:f3:fb:cd:ab:ff:99:c5:df:33:94:a2:20:07:e0:4d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\MonectServerService.pdb

Imports

shlwapi

PathFindExtensionW
StrStrW
StrCmpW
PathFindFileNameW
StrRChrW

wtsapi32

WTSEnumerateSessionsW
WTSFreeMemory

hid

HidP_GetCaps
HidP_GetButtonCaps
HidP_GetValueCaps
HidP_GetLinkCollectionNodes
HidD_GetHidGuid
HidD_GetAttributes
HidD_GetPreparsedData
HidD_FreePreparsedData

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA

iphlpapi

GetAdaptersAddresses
GetIpAddrTable
NotifyAddrChange

bthprops.cpl

BluetoothGetRadioInfo
BluetoothFindFirstRadio
BluetoothFindRadioClose
BluetoothEnableIncomingConnections
BluetoothIsDiscoverable
BluetoothEnableDiscovery

powrprof

SetSuspendState

ws2_32

__WSAFDIsSet
ioctlsocket
WSACleanup
WSAIoctl
WSASetLastError
getpeername
freeaddrinfo
send
recv
inet_ntop
getsockopt
WSAResetEvent
WSAGetOverlappedResult
WSAWaitForMultipleEvents
WSACreateEvent
recvfrom
sendto
setsockopt
getaddrinfo
WSARecv
WSASend
accept
listen
WSASetServiceW
getsockname
closesocket
bind
socket
WSAStartup
gethostname
htons
htonl
select
WSAGetLastError
ntohl
ntohs
connect

wldap32

ord79
ord200
ord33
ord32
ord27
ord301
ord22
ord41
ord50
ord45
ord60
ord211
ord46
ord217
ord143
ord30
ord26
ord35

crypt32

CertGetCertificateChain
CertFreeCertificateChainEngine
CertCreateCertificateChainEngine
CryptQueryObject
CertGetNameStringA
CertFindExtension
CertAddCertificateContextToStore
CryptDecodeObjectEx
PFXImportCertStore
CryptStringToBinaryA
CertFreeCertificateContext
CertFindCertificateInStore
CertEnumCertificatesInStore
CertCloseStore
CertOpenStore
CertFreeCertificateChain

normaliz

IdnToAscii

bcrypt

BCryptSetProperty
BCryptDestroyKey
BCryptCloseAlgorithmProvider
BCryptDecrypt
BCryptGetProperty
BCryptEncrypt
BCryptGenerateSymmetricKey
BCryptCreateHash
BCryptHashData
BCryptFinishHash
BCryptDestroyHash
BCryptOpenAlgorithmProvider

kernel32

TerminateProcess
DeleteFiber
GetSystemTimeAsFileTime
GetModuleHandleExW
GetConsoleMode
TlsSetValue
TlsGetValue
TlsAlloc
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
RtlVirtualUnwind
GetEnvironmentVariableW
WideCharToMultiByte
PeekNamedPipe
GetFileType
GetStdHandle
SetConsoleMode
ReadConsoleA
ReadConsoleW
SetUnhandledExceptionFilter
IsProcessorFeaturePresent
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
IsDebuggerPresent
InitializeSListHead
TlsFree
RtlCaptureContext
ConvertFiberToThread
RtlLookupFunctionEntry
GetEnvironmentVariableA
MultiByteToWideChar
WaitForSingleObjectEx
MoveFileExA
QueryPerformanceCounter
VerifyVersionInfoA
LoadLibraryA
GetModuleHandleA
GetSystemDirectoryA
QueryPerformanceFrequency
SleepEx
InitializeCriticalSectionEx
FormatMessageA
SetLastError
GetModuleHandleW
CreateFileA
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
CreateThread
CreateNamedPipeW
GetLastError
ConnectNamedPipe
GetProcessHeap
HeapAlloc
HeapFree
ReadFile
WriteFile
FlushFileBuffers
DisconnectNamedPipe
CreateFileW
WaitNamedPipeW
UnhandledExceptionFilter
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
GetModuleFileNameW
LoadLibraryW
lstrlenW
CreateProcessW
OpenProcess
GetTickCount
WaitForSingleObject
Sleep
LocalAlloc
CreateEventW
LocalFree
ResetEvent
ExitProcess
GetComputerNameW
GetProcAddress
FreeLibrary
GetPrivateProfileIntW
SetEvent
VerSetConditionMask
VerifyVersionInfoW
WaitForMultipleObjects
lstrcmpA
OpenEventW
GetTickCount64
GetSystemTime
GetFileSizeEx
SetFilePointerEx
GetLogicalDriveStringsW
GetDriveTypeW
GetDiskFreeSpaceW
GetFileSize
DeviceIoControl
GetOverlappedResult
GetCurrentProcess
lstrcmpiW
CreateMutexW
CreateFileMappingW
MapViewOfFile
UnmapViewOfFile
ReleaseMutex
GetCurrentProcessId
SetNamedPipeHandleState

user32

GetUserObjectInformationW
GetProcessWindowStation
RegisterDeviceNotificationW
PostQuitMessage
EndPaint
BeginPaint
DispatchMessageW
TranslateMessage
GetMessageW
UpdateWindow
ShowWindow
CreateWindowExW
RegisterClassExW
LoadCursorW
LoadIconW
SendMessageW
MessageBoxW
UnregisterDeviceNotification
wsprintfW
GetWindowRect
IsZoomed
GetForegroundWindow
GetKeyState
SetWindowPos
MapVirtualKeyW
ExitWindowsEx
DefWindowProcW

advapi32

RegEnumKeyExW
DeregisterEventSource
ReportEventW
RegisterEventSourceW
SetServiceStatus
RegisterServiceCtrlHandlerExW
DeleteService
OpenServiceW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
StartServiceCtrlDispatcherW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegDeleteKeyW
RegCreateKeyExW
RegOpenKeyExW
RegEnumKeyW
RegDeleteValueW
RegSetValueExA
RegSetValueExW
RegEnumValueA
RegQueryInfoKeyA
RegEnumValueW
RegQueryInfoKeyW
RegCloseKey
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
SetTokenInformation
CreateProcessAsUserW
RegCreateKeyW
RegDeleteTreeW
CryptAcquireContextA
CryptReleaseContext
CryptGetHashParam
CryptGenRandom
CryptCreateHash
CryptHashData
CryptDestroyHash
CryptDestroyKey
CryptImportKey
CryptEncrypt
CryptAcquireContextW
DuplicateTokenEx

shell32

SHFileOperationW
ShellExecuteW
SHGetFileInfoW
ord165
SHGetKnownFolderPath

ole32

CoTaskMemFree
CoSetProxyBlanket
CoInitialize
CoUninitialize
CoInitializeSecurity
CoInitializeEx
CoCreateInstance
CoCreateGuid

oleaut32

VariantInit
SysFreeString
VariantClear
SysAllocString

msvcp140

?setw@std@@YA?AU?$_Smanip@_J@1@_J@Z
?uncaught_exception@std@@YA_NXZ
?sputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAA_JPEBD_J@Z
??0?$basic_streambuf@DU?$char_traits@D@std@@@std@@IEAA@XZ
_Cnd_do_broadcast_at_thread_exit
_Thrd_detach
?_Throw_Cpp_error@std@@YAXH@Z
?_Osfx@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAXXZ
?flush@?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV12@XZ
?sputc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@QEAAHD@Z
?_Xbad_alloc@std@@YAXXZ
?setstate@?$basic_ios@DU?$char_traits@D@std@@@std@@QEAAXH_N@Z
??0?$basic_ios@DU?$char_traits@D@std@@@std@@IEAA@XZ
??0?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??0?$basic_istream@DU?$char_traits@D@std@@@std@@QEAA@PEAV?$basic_streambuf@DU?$char_traits@D@std@@@1@_N@Z
??1?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAA@XZ
?_Lock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?_Unlock@?$basic_streambuf@DU?$char_traits@D@std@@@std@@UEAAXXZ
?showmanyc@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JXZ
?uflow@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
?xsgetn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEAD_J@Z
?_Xlength_error@std@@YAXPEBD@Z
??7ios_base@std@@QEBA_NXZ
?good@ios_base@std@@QEBA_NXZ
?xsputn@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAA_JPEBD_J@Z
?setbuf@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAPEAV12@PEAD_J@Z
?sync@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAHXZ
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@AEAN@Z
?imbue@?$basic_streambuf@DU?$char_traits@D@std@@@std@@MEAAXAEBVlocale@2@@Z
??1?$basic_ios@DU?$char_traits@D@std@@@std@@UEAA@XZ
??1?$basic_ostream@DU?$char_traits@D@std@@@std@@UEAA@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@P6AAEAVios_base@1@AEAV21@@Z@Z
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QEAAAEAV01@H@Z
??1?$basic_istream@DU?$char_traits@D@std@@@std@@UEAA@XZ

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_purecall
strrchr
__std_terminate
__std_exception_copy
__std_exception_destroy
strchr
strstr
memcpy
memset
_CxxThrowException
__current_exception_context
__current_exception
__C_specific_handler
wcsstr
memchr
memcmp
memmove

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
malloc
calloc
_set_new_mode
free

api-ms-win-crt-runtime-l1-1-0

signal
_invalid_parameter_noinfo
_initialize_onexit_table
_errno
_register_onexit_function
strerror_s
raise
_exit
_crt_atexit
perror
terminate
_beginthreadex
_getpid
_register_thread_local_exe_atexit_callback
_invalid_parameter_noinfo_noreturn
_c_exit
__p___wargv
__p___argc
_cexit
exit
_seh_filter_exe
strerror
__sys_nerr
_set_app_type
_configure_wide_argv
_initialize_wide_environment
_initterm_e
_initterm
_get_initial_wide_environment

api-ms-win-crt-string-l1-1-0

strpbrk
_strnicmp
isspace
isupper
strspn
strcspn
strcmp
wcsnlen
wcscpy_s
strcpy_s
wcsncpy_s
wcscat_s
tolower
_wcsicmp
strnlen
strncmp
_strdup
strncpy
_strlwr_s
_stricmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
fputs
fopen
fputc
fflush
_set_fmode
fgets
fwrite
__stdio_common_vsscanf
_lseeki64
fread
fseek
__p__commode
_read
_write
fclose
ferror
_fileno
_setmode
_close
_wfopen
_open
__stdio_common_vsprintf_s
ftell
__stdio_common_vswprintf_s
__stdio_common_vfprintf
__stdio_common_vsprintf
__acrt_iob_func
feof

api-ms-win-crt-math-l1-1-0

modf
__setusermatherr

api-ms-win-crt-convert-l1-1-0

strtoul
wcstombs
strtoll
mbstowcs_s
_wtoi64
wcstombs_s
atoi
strtol

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_gmtime64
_time64

api-ms-win-crt-utility-l1-1-0

srand
rand
qsort

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_access
_stat64i32
_stat64
_unlink

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-locale-l1-1-0

_configthreadlocale

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 568KB - Virtual size: 567KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
PCRemoteReceiver.exe
.exe windows:6 windows x64 arch:x64

Password: infected

a193a729fd118c1420144d53fd633ab6

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

fe:b3:5d:09:09:a9:cd:6b:d4:85:80:9c:67:aa:7d:d0:66:5e:ed:e8:55:fa:eb:d4:77:40:eb:c2:3e:46:ba:11
Signer

Actual PE Digest

fe:b3:5d:09:09:a9:cd:6b:d4:85:80:9c:67:aa:7d:d0:66:5e:ed:e8:55:fa:eb:d4:77:40:eb:c2:3e:46:ba:11

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\PCRemoteReceiver.pdb

Imports

iphlpapi

GetAdaptersAddresses

avcodec-59

av_packet_alloc
av_packet_free
av_parser_close
av_parser_init
av_parser_parse2
avcodec_alloc_context3
avcodec_close
avcodec_find_decoder
avcodec_free_context
avcodec_open2
avcodec_receive_frame
avcodec_send_packet

avutil-57

av_buffer_ref
av_buffer_unref
av_frame_alloc
av_frame_free
av_freep
av_get_default_channel_layout
av_hwdevice_ctx_create
av_image_alloc
av_log_set_callback
av_samples_get_buffer_size

swscale-6

sws_freeContext
sws_getCachedContext
sws_scale

swresample-4

swr_alloc_set_opts
swr_convert
swr_free
swr_init

d3d11

D3D11CreateDevice

xinput1_4

ord2
ord3

sdl2

SDL_CloseAudioDevice
SDL_GetQueuedAudioSize
SDL_FreeSurface
SDL_RWFromMem
SDL_PauseAudioDevice
SDL_OpenAudioDevice
SDL_memset
SDL_GetError
SDL_Log
SDL_QueueAudio
SDL_ClearQueuedAudio
SDL_Init

sdl2_image

IMG_Load_RW

crypt32

CertOpenStore
CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty

kernel32

GetVersionExW
lstrcmpA
lstrcpyW
GetPrivateProfileIntW
GetPrivateProfileStringW
WritePrivateProfileStringW
SetThreadPriority
ResumeThread
GetFileSize
GetFullPathNameW
GetVolumeInformationW
LockFile
SetEndOfFile
SetFilePointer
UnlockFile
DuplicateHandle
lstrcmpiW
GetThreadLocale
GlobalFlags
GlobalReAlloc
GlobalHandle
LocalReAlloc
GlobalGetAtomNameW
FileTimeToSystemTime
GetCurrentDirectoryW
GetLocaleInfoW
GetSystemDefaultUILanguage
GetFileAttributesW
FileTimeToLocalFileTime
GetFileAttributesExW
GetFileTime
SystemTimeToTzSpecificLocalTime
SetErrorMode
GetTempPathW
GetWindowsDirectoryW
SearchPathW
GetTickCount64
GetProfileIntW
FindResourceExW
GetTempFileNameW
GetUserDefaultLCID
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
WriteConsoleW
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
FindFirstFileExW
GetOEMCP
IsValidCodePage
GetConsoleOutputCP
SetFilePointerEx
GetTimeZoneInformation
EnumSystemLocalesW
IsValidLocale
LCMapStringW
GetTimeFormatW
GetDateFormatW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetStdHandle
VirtualQuery
HeapQueryInformation
GetCommandLineA
PeekNamedPipe
GetFileInformationByHandle
GetDriveTypeW
SetConsoleCtrlHandler
FreeLibraryAndExitThread
ExitThread
RtlUnwindEx
GetStringTypeW
GetCPInfo
CompareStringEx
LCMapStringEx
RtlPcToFileHeader
TryAcquireSRWLockExclusive
GetExitCodeThread
WaitForSingleObjectEx
GetLocaleInfoEx
RaiseException
OutputDebugStringW
GetCurrentThread
OutputDebugStringA
GetProcAddress
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CloseHandle
CreateThread
CreateNamedPipeW
GetLastError
ConnectNamedPipe
GetProcessHeap
HeapAlloc
HeapFree
ReadFile
WriteFile
FlushFileBuffers
DisconnectNamedPipe
CreateFileW
WaitNamedPipeW
SetNamedPipeHandleState
FindFirstFileW
FindNextFileW
FindClose
CopyFileW
DeleteFileW
GetModuleFileNameA
GetModuleFileNameW
LoadLibraryW
LocalAlloc
CreateEventW
LocalFree
ResetEvent
WaitForSingleObject
ExitProcess
GetComputerNameW
lstrlenW
SizeofResource
LockResource
LoadResource
FindResourceW
MultiByteToWideChar
GlobalUnlock
GlobalFree
GlobalAlloc
GlobalLock
FormatMessageA
FormatMessageW
WideCharToMultiByte
TlsAlloc
InitializeCriticalSectionAndSpinCount
Sleep
GetSystemTimeAsFileTime
WaitForMultipleObjects
TerminateThread
QueueUserAPC
SetEvent
SleepEx
PostQueuedCompletionStatus
CreateIoCompletionPort
SetWaitableTimer
GetQueuedCompletionStatus
SetLastError
VerSetConditionMask
VerifyVersionInfoW
CreateWaitableTimerW
GetModuleHandleA
TlsGetValue
TlsSetValue
TlsFree
OpenEventW
GetSystemInfo
GetModuleHandleExW
QueryPerformanceFrequency
QueryPerformanceCounter
LoadLibraryA
CreateProcessW
GetCurrentProcess
GetProcessId
GetCommandLineW
GetUserDefaultUILanguage
OpenMutexW
CreateMutexW
GetFileSizeEx
InitializeCriticalSectionEx
HeapSize
HeapReAlloc
DecodePointer
GetSystemTime
SystemTimeToFileTime
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
GetCurrentThreadId
VirtualAlloc
VirtualProtect
VirtualFree
SwitchToFiber
DeleteFiber
CreateFiberEx
GetSystemDirectoryA
GetEnvironmentVariableW
GetACP
GetStdHandle
GetFileType
GetModuleHandleW
ConvertFiberToThread
ConvertThreadToFiberEx
GetCurrentProcessId
RtlVirtualUnwind
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
CreateActCtxW
ActivateActCtx
DeactivateActCtx
FindActCtxSectionStringW
QueryActCtxW
GlobalSize
MulDiv
EncodePointer
GetSystemDirectoryW
LoadLibraryExW
GlobalDeleteAtom
lstrcmpW
GlobalAddAtomW
GlobalFindAtomW
CompareStringW
RtlUnwind

user32

ShowScrollBar
GetScrollRange
SetScrollRange
GetScrollPos
SetScrollPos
ScrollWindow
ValidateRect
TrackPopupMenu
SetMenu
GetMenu
IsWindowVisible
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
IsChild
IsMenu
GetClassInfoExW
GetClassInfoW
RegisterClassW
CallWindowProcW
GetMessageTime
GetMessagePos
RegisterWindowMessageW
IsDialogMessageW
GetWindow
SetWindowLongW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
SetFocus
GetDlgCtrlID
CheckDlgButton
GetDlgItemTextW
MoveWindow
IntersectRect
InflateRect
CopyRect
OffsetRect
SetRectEmpty
SendDlgItemMessageA
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExW
GetFocus
GetSysColor
EndPaint
BeginPaint
GetWindowDC
TabbedTextOutW
GrayStringW
DrawTextExW
DrawTextW
RemoveMenu
AppendMenuW
InsertMenuW
GetMenuItemCount
GetMenuItemID
GetMenuState
SetPropW
GetLastActivePopup
GetWindowLongW
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamW
DestroyWindow
WindowFromPoint
IsWindowEnabled
LoadBitmapW
GetClassNameW
FillRect
DrawStateW
MessageBoxW
GetUserObjectInformationW
GetProcessWindowStation
UnregisterClassW
GetParent
SetDlgItemTextA
SetActiveWindow
EnumWindows
AllowSetForegroundWindow
LockWorkStation
GetDesktopWindow
GetPropW
RemovePropW
AdjustWindowRectEx
CreateMenu
SendMessageW
GetCursorPos
GetWindowRect
SetCursor
LoadCursorW
MapWindowPoints
EqualRect
GetClassLongPtrW
GetTopWindow
SetScrollInfo
GetScrollInfo
WinHelpW
CheckMenuItem
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
GetKeyNameTextW
MapVirtualKeyW
EnableWindow
InvalidateRect
RedrawWindow
GetClientRect
LoadMenuW
SetMenuItemInfoW
GetSubMenu
EnableMenuItem
SetWindowPos
SystemParametersInfoW
LoadIconW
ShowWindow
GetDlgItem
IsIconic
GetSystemMetrics
DrawIcon
SetForegroundWindow
PostQuitMessage
SetDlgItemTextW
TrackMouseEvent
GetDC
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetDlgItemTextA
CreateIconIndirect
PostMessageW
DestroyIcon
GetWindowLongPtrW
DefWindowProcW
DestroyMenu
GetMenuItemInfoW
GetNextDlgGroupItem
SetTimer
KillTimer
DrawFocusRect
IsRectEmpty
LoadImageW
CopyImage
DrawIconEx
GetIconInfo
SetWindowContextHelpId
MapDialogRect
GetMessageW
ShowOwnedPopups
CharUpperW
SetLayeredWindowAttributes
GetSysColorBrush
EnumDisplayMonitors
RealChildWindowFromPoint
RegisterClassExW
AdjustWindowRect
CreateWindowExW
UpdateWindow
IsZoomed
GetAsyncKeyState
GetSystemMenu
DeleteMenu
SetWindowRgn
MessageBeep
NotifyWinEvent
CreatePopupMenu
DestroyCursor
GetWindowRgn
GetMenuStringW
SetWindowLongPtrW
PeekMessageW
TranslateMessage
DispatchMessageW
MonitorFromWindow
GetMonitorInfoW
GetKeyState
GetForegroundWindow
ClientToScreen
SetCursorPos
ScreenToClient
GetMessageExtraInfo
GetMenuDefaultItem
GetCapture
SetCapture
ReleaseCapture
IsWindowUnicode
ReleaseDC
GetClipboardData
UpdateLayeredWindow
PtInRect
ExitWindowsEx
SubtractRect
GetUpdateRect
IsClipboardFormatAvailable
GetWindowThreadProcessId
GetComboBoxInfo
TranslateMDISysAccel
DefMDIChildProcW
DefFrameProcW
DrawMenuBar
MapVirtualKeyExW
IsCharLowerW
GetDoubleClickTime
InvertRect
HideCaret
PostThreadMessageW
FrameRect
CopyIcon
ReuseDDElParam
UnpackDDElParam
InsertMenuItemW
TranslateAcceleratorW
ModifyMenuW
CharUpperBuffW
RegisterClipboardFormatW
SetClassLongPtrW
LockWindowUpdate
BringWindowToTop
SetParent
DestroyAcceleratorTable
CreateAcceleratorTableW
LoadAcceleratorsW
GetKeyboardState
GetKeyboardLayout
ToUnicodeEx
SetRect
InvalidateRgn
CopyAcceleratorTableW
CharNextW
WaitMessage
DrawFrameControl
DrawEdge
MonitorFromPoint
UnionRect
EnableScrollBar
SetMenuDefaultItem
IsWindow

gdi32

GetTextFaceW
CreateCompatibleDC
GetDeviceCaps
DeleteObject
CreateCompatibleBitmap
CreateBitmap
SetBkMode
CreateSolidBrush
CreateRectRgn
SetPixelV
GetViewportOrgEx
GetWindowOrgEx
PtInRegion
GetBoundsRect
FrameRgn
FillRgn
SetPaletteEntries
ExtFloodFill
RoundRect
EnumFontFamiliesExW
LPtoDP
GetSystemPaletteEntries
GetPaletteEntries
GetNearestPaletteIndex
CreatePalette
OffsetRgn
GetRgnBox
Rectangle
Polyline
Polygon
CreatePolygonRgn
GetTextColor
GetBkColor
Ellipse
CreateEllipticRgn
SetDIBColorTable
StretchBlt
SetPixel
RealizePalette
CreateDIBSection
CreateRoundRectRgn
GetTextMetricsW
GetTextCharsetInfo
EnumFontFamiliesW
CreateDIBitmap
GetTextExtentPoint32W
DPtoLP
SetRectRgn
PatBlt
GetMapMode
CreateRectRgnIndirect
CombineRgn
ScaleWindowExtEx
ScaleViewportExtEx
OffsetWindowOrgEx
OffsetViewportOrgEx
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ExtTextOutW
TextOutW
MoveToEx
SetTextAlign
SetTextColor
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkColor
SelectPalette
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
GetWindowExtEx
GetViewportExtEx
GetPixel
GetObjectType
GetClipBox
ExcludeClipRect
Escape
CreatePatternBrush
CreatePen
CreateHatchBrush
BitBlt
CreateDCW
CopyMetaFileW
GetStockObject
DeleteDC
CreateFontIndirectW
SelectObject
GetObjectW

msimg32

AlphaBlend
TransparentBlt

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

CryptEnumProvidersA
RegCloseKey
RegEnumValueW
RegSetValueExW
InitializeSecurityDescriptor
RegDeleteValueW
RegEnumKeyW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueW
RegQueryValueExW
CryptEnumProvidersW
CryptSignHashW
CryptDestroyHash
CryptCreateHash
CryptDecrypt
CryptExportKey
CryptGetUserKey
CryptGetProvParam
CryptSetHashParam
CryptDestroyKey
CryptAcquireContextW
ReportEventW
RegisterEventSourceW
DeregisterEventSource
RegDeleteKeyW
CryptGenRandom
CryptReleaseContext
CryptAcquireContextA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegEnumKeyExW
SetSecurityDescriptorDacl

shell32

DragFinish
DragQueryFileW
SHAppBarMessage
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHGetMalloc
SHGetPathFromIDListW
SHGetKnownFolderPath
CommandLineToArgvW
ShellExecuteExW
SHGetFileInfoW
Shell_NotifyIconW
ShellExecuteA
ShellExecuteW
SHBrowseForFolderW

comctl32

_TrackMouseEvent
InitCommonControlsEx
ImageList_AddMasked

shlwapi

StrCmpW
StrRChrA
PathAppendW
StrStrW
StrChrW
StrCpyW
StrRChrW
PathFindFileNameW
PathIsUNCW
PathStripToRootW
PathRemoveFileSpecW
StrFormatKBSizeW
PathFindExtensionW

uxtheme

GetThemePartSize
IsThemeBackgroundPartiallyTransparent
GetThemeSysColor
GetWindowTheme
GetCurrentThemeName
GetThemeColor
SetWindowTheme
IsAppThemed
DrawThemeParentBackground
DrawThemeText
OpenThemeData
CloseThemeData
DrawThemeBackground

ole32

CoRegisterMessageFilter
CoRevokeClassObject
RevokeDragDrop
RegisterDragDrop
CoLockObjectExternal
IsAccelerator
OleDuplicateData
CoTaskMemAlloc
CoUninitialize
CoInitializeEx
CreateStreamOnHGlobal
CoCreateInstance
CoTaskMemFree
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
OleLockRunning
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
DoDragDrop
OleIsCurrentClipboard
OleFlushClipboard
CreateILockBytesOnHGlobal
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CoDisconnectObject
CoInitialize
CLSIDFromProgID
CLSIDFromString
CoCreateGuid
ReleaseStgMedium
OleGetClipboard

oleaut32

LoadTypeLi
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SysStringLen
VariantCopy
VarBstrFromDate
OleCreateFontIndirect
SysAllocString
VariantChangeType
VariantClear
SysAllocStringLen
VariantInit
SysFreeString

oledlg

OleUIBusyW

gdiplus

GdipCreateBitmapFromScan0
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipDrawImageI
GdipCreateFont
GdipSetInterpolationMode
GdipSetStringFormatLineAlign
GdipGetImagePaletteSize
GdipDeleteStringFormat
GdipCreateStringFormat
GdipCloneBrush
GdipGetImagePalette
GdipGetImagePixelFormat
GdipGetImageGraphicsContext
GdipFillEllipseI
GdipFillPath
GdipClosePathFigure
GdipAddPathArcI
GdipAddPathLineI
GdipDeletePath
GdipCreatePath
GdiplusShutdown
GdiplusStartup
GdipDrawImageRectI
GdipSetSmoothingMode
GdipGetImageHeight
GdipGetImageWidth
GdipSetSolidFillColor
GdipAlloc
GdipLoadImageFromStream
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromStream
GdipFree
GdipCloneImage
GdipDisposeImage
GdipGraphicsClear
GdipCreateSolidFill
GdipDrawString
GdipDeleteFont
GdipDeleteBrush
GdipCreateFontFamilyFromName
GdipDeleteFontFamily
GdipSetStringFormatAlign
GdipGetGenericFontFamilySansSerif
GdipDeleteGraphics
GdipCreateFromHDC
GdipCreateBitmapFromHBITMAP

ws2_32

shutdown
getservbyname
getservbyport
gethostbyname
gethostbyaddr
inet_ntoa
inet_addr
send
recv
getsockname
getpeername
connect
bind
accept
recvfrom
socket
sendto
__WSAFDIsSet
WSACleanup
WSAStartup
htons
htonl
ntohl
freeaddrinfo
getaddrinfo
WSAAddressToStringW
WSASocketW
WSASend
WSARecv
listen
select
ioctlsocket
closesocket
WSAGetLastError
setsockopt
getsockopt
WSAIoctl
WSASetLastError
ntohs

bcrypt

BCryptGenRandom

d3dcompiler_47

D3DCompile

imm32

ImmSetCompositionWindow
ImmSetCandidateWindow
ImmReleaseContext
ImmGetOpenStatus
ImmGetContext

oleacc

AccessibleObjectFromWindow
LresultFromObject
CreateStdAccessibleObject

winmm

PlaySoundW

Sections

.text
Size: 5.1MB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 241KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Packages/vc_redist.x64.exe
.exe windows:5 windows x86 arch:x86

1a5cdbf711fee14b077e599d13fddab2

Code Sign

33:00:00:01:34:22:1e:7e:49:2a:ac:da:6a:00:00:00:00:01:34
Certificate

Issuer

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-10-2019 18:17

Not After

03-01-2021 18:17

Subject

CN=Microsoft Time-Stamp service,OU=Microsoft Ireland Operations Limited+OU=Thales TSS ESN:E041-4BEE-FA7E,O=Microsoft Corporation,L=Redmond,ST=WA,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-05-2019 21:37

Not After

02-05-2020 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:16:68:34:00:00:00:00:00:1c
Certificate

Issuer

CN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6d

Not Before

03-04-2007 12:53

Not After

03-04-2021 13:03

Subject

CN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:01:52:9b:40:9f:50:56:99:75:88:00:00:00:00:01:52
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02-05-2019 21:37

Not After

02-05-2020 21:37

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08-07-2011 20:59

Not After

08-07-2026 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b4:cd:00:d9:81:97:db:3f:fb:fb:3f:54:d1:0a:0d:d4:f4:56:29:a6:03:63:86:3f:a0:b1:71:7e:4c:43:8a:da
Signer

Actual PE Digest

b4:cd:00:d9:81:97:db:3f:fb:fb:3f:54:d1:0a:0d:d4:f4:56:29:a6:03:63:86:3f:a0:b1:71:7e:4c:43:8a:da

Digest Algorithm

sha256

PE Digest Matches

true

77:97:6d:62:92:5a:37:44:2f:5d:c5:b0:8d:43:91:09:56:54:b2:48
Signer

Actual PE Digest

77:97:6d:62:92:5a:37:44:2f:5d:c5:b0:8d:43:91:09:56:54:b2:48

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP
IMAGE_FILE_NET_RUN_FROM_SWAP

PDB Paths

C:\agent\_work\8\s\build\ship\x86\burn.pdb

Imports

advapi32

RegCloseKey
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueW
InitiateSystemShutdownExW
GetUserNameW
RegQueryValueExW
RegDeleteValueW
ConvertStringSecurityDescriptorToSecurityDescriptorW
DecryptFileW
CreateWellKnownSid
InitializeAcl
SetEntriesInAclW
ChangeServiceConfigW
CloseServiceHandle
ControlService
OpenSCManagerW
OpenServiceW
QueryServiceStatus
SetNamedSecurityInfoW
CheckTokenMembership
AllocateAndInitializeSid
SetEntriesInAclA
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyExW
GetTokenInformation
CryptDestroyHash
CryptHashData
CryptCreateHash
CryptGetHashParam
CryptReleaseContext
CryptAcquireContextW
QueryServiceConfigW

user32

GetMessageW
PostMessageW
IsWindow
WaitForInputIdle
PostQuitMessage
PeekMessageW
MsgWaitForMultipleObjects
PostThreadMessageW
GetMonitorInfoW
MonitorFromPoint
IsDialogMessageW
LoadCursorW
LoadBitmapW
SetWindowLongW
GetWindowLongW
GetCursorPos
MessageBoxW
CreateWindowExW
UnregisterClassW
RegisterClassW
DefWindowProcW
DispatchMessageW
TranslateMessage

oleaut32

SysFreeString
SysAllocString
VariantInit
VariantClear

gdi32

CreateCompatibleDC
DeleteObject
SelectObject
StretchBlt
GetObjectW
DeleteDC

shell32

SHGetFolderPathW
CommandLineToArgvW
ShellExecuteExW

ole32

CoUninitialize
CoInitializeEx
CoInitialize
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoInitializeSecurity
CLSIDFromProgID

kernel32

GetCommandLineA
GetCPInfo
GetOEMCP
CloseHandle
CreateFileW
GetProcAddress
LocalFree
HeapSetInformation
GetLastError
GetModuleHandleW
FormatMessageW
lstrlenA
lstrlenW
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
Sleep
GetLocalTime
GetModuleFileNameW
ExpandEnvironmentStringsW
GetTempPathW
GetTempFileNameW
CreateDirectoryW
GetFullPathNameW
CompareStringW
GetCurrentProcessId
WriteFile
SetFilePointer
LoadLibraryW
GetSystemDirectoryW
CreateFileA
HeapAlloc
HeapReAlloc
HeapFree
HeapSize
GetProcessHeap
FindClose
GetCommandLineW
GetCurrentDirectoryW
RemoveDirectoryW
SetFileAttributesW
GetFileAttributesW
DeleteFileW
FindFirstFileW
FindNextFileW
MoveFileExW
GetCurrentProcess
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
ReleaseMutex
GetEnvironmentStringsW
TlsGetValue
TlsSetValue
TlsFree
CreateProcessW
GetVersionExW
VerSetConditionMask
FreeLibrary
EnterCriticalSection
LeaveCriticalSection
GetSystemTime
GetNativeSystemInfo
GetModuleHandleExW
GetWindowsDirectoryW
GetSystemWow64DirectoryW
GetComputerNameW
VerifyVersionInfoW
GetVolumePathNameW
GetDateFormatW
GetSystemDefaultLangID
GetUserDefaultLangID
GetStringTypeW
ReadFile
SetFilePointerEx
DuplicateHandle
InterlockedExchange
InterlockedCompareExchange
CreateEventW
ProcessIdToSessionId
OpenProcess
GetProcessId
WaitForSingleObject
ConnectNamedPipe
SetNamedPipeHandleState
CreateNamedPipeW
CreateThread
GetExitCodeThread
SetEvent
WaitForMultipleObjects
InterlockedIncrement
InterlockedDecrement
ResetEvent
SetEndOfFile
SetFileTime
LocalFileTimeToFileTime
DosDateTimeToFileTime
CompareStringA
GetExitCodeProcess
SetThreadExecutionState
CopyFileExW
MapViewOfFile
UnmapViewOfFile
CreateMutexW
CreateFileMappingW
GetThreadLocale
IsValidCodePage
FreeEnvironmentStringsW
TlsAlloc
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
DecodePointer
WriteConsoleW
GetModuleHandleA
GlobalAlloc
GlobalFree
GetFileSizeEx
CopyFileW
VirtualAlloc
VirtualFree
SystemTimeToTzSpecificLocalTime
GetTimeZoneInformation
SystemTimeToFileTime
GetSystemInfo
VirtualProtect
VirtualQuery
SetCurrentDirectoryW
FindFirstFileExW
GetFileType
GetACP
ExitProcess
GetStdHandle
LoadLibraryExW
InitializeCriticalSectionAndSpinCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RaiseException
RtlUnwind
SetLastError
LoadLibraryExA

rpcrt4

UuidCreate

Sections

.text
Size: 294KB - Virtual size: 293KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wixburn
Size: 512B - Virtual size: 56B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
QRCodeEncoder.dll
.dll windows:6 windows x64 arch:x64

2a6152bbdbf0b107637b1f7a2231ea70

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

de:27:9b:c6:6b:d3:c9:ab:e5:f5:60:1c:c4:8c:77:57:57:80:1a:00:b6:45:21:4a:1c:59:4a:f4:ce:82:63:77
Signer

Actual PE Digest

de:27:9b:c6:6b:d3:c9:ab:e5:f5:60:1c:c4:8c:77:57:57:80:1a:00:b6:45:21:4a:1c:59:4a:f4:ce:82:63:77

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\QRCodeEncoder.pdb

Imports

user32

FillRect
ReleaseDC
GetDC

gdi32

SelectObject
DeleteObject
DeleteDC
StretchBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
SetStretchBltMode

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
strchr
memset
memcpy
memmove

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_initialize_narrow_environment

kernel32

QueryPerformanceCounter
GetCurrentThreadId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetCurrentProcessId

Exports

Exports

GenQRCode2Bitmap

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 756B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDL2.dll
.dll windows:4 windows x64 arch:x64

e538e9ba4f1bc8265fd3d7bc6fe3d137

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

gdi32

BitBlt
ChoosePixelFormat
CombineRgn
CreateBitmap
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateFontIndirectW
CreateFontW
CreatePen
CreateRectRgn
CreateSolidBrush
DeleteDC
DeleteObject
DescribePixelFormat
ExtTextOutW
GetDIBits
GetDeviceCaps
GetDeviceGammaRamp
GetICMProfileW
GetPixelFormat
GetTextExtentPoint32A
GetTextExtentPoint32W
GetTextMetricsW
Rectangle
SelectObject
SetBkMode
SetDeviceGammaRamp
SetPixelFormat
SetTextColor
SwapBuffers

imm32

ImmAssociateContext
ImmGetCandidateListW
ImmGetCompositionStringW
ImmGetContext
ImmGetIMEFileNameA
ImmNotifyIME
ImmReleaseContext
ImmSetCandidateWindow
ImmSetCompositionStringW
ImmSetCompositionWindow

kernel32

AttachConsole
CancelIo
CloseHandle
CompareStringA
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileW
CreateSemaphoreW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FormatMessageW
FreeLibrary
GetConsoleMode
GetCurrentProcess
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetFileSizeEx
GetLastError
GetLocaleInfoA
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetStdHandle
GetSystemInfo
GetSystemPowerStatus
GetTickCount
GlobalAlloc
GlobalLock
GlobalMemoryStatusEx
GlobalUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalFree
MulDiv
OutputDebugStringW
Process32First
Process32Next
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadFile
ReleaseSemaphore
ResetEvent
SetEnvironmentVariableA
SetErrorMode
SetFilePointer
SetFilePointerEx
SetThreadExecutionState
SetThreadPriority
Sleep
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
WriteFile

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
fputs
free
memcpy
memset
realloc
strlen
strncmp
vfprintf

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize
PropVariantClear

oleaut32

SysFreeString

setupapi

CM_Get_Device_IDA
CM_Get_Parent
CM_Locate_DevNodeA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceRegistryPropertyA

shell32

DragAcceptFiles
DragFinish
DragQueryFileW
ExtractIconExW
SHGetFolderPathW
ShellExecuteW

user32

AdjustWindowRectEx
AttachThreadInput
CallNextHookEx
CallWindowProcW
ChangeDisplaySettingsExW
ClientToScreen
ClipCursor
CloseClipboard
CopyImage
CreateIconFromResource
CreateIconIndirect
CreateWindowExA
CreateWindowExW
DefWindowProcW
DestroyIcon
DestroyWindow
DialogBoxIndirectParamW
DispatchMessageW
DrawTextW
EmptyClipboard
EndDialog
EnumDisplayDevicesW
EnumDisplayMonitors
EnumDisplaySettingsW
FlashWindowEx
GetAsyncKeyState
GetClassInfoExW
GetClientRect
GetClipCursor
GetClipboardData
GetClipboardSequenceNumber
GetCursorPos
GetDC
GetDesktopWindow
GetDlgItem
GetDoubleClickTime
GetFocus
GetForegroundWindow
GetKeyState
GetKeyboardLayout
GetKeyboardState
GetMenu
GetMessageExtraInfo
GetMessageW
GetMonitorInfoW
GetParent
GetPropW
GetRawInputData
GetRawInputDeviceInfoA
GetRawInputDeviceList
GetSystemMetrics
GetUpdateRect
GetWindowLongPtrW
GetWindowLongW
GetWindowRect
GetWindowTextLengthW
GetWindowTextW
GetWindowThreadProcessId
IntersectRect
InvalidateRect
IsClipboardFormatAvailable
IsIconic
IsRectEmpty
KillTimer
LoadCursorW
LoadIconW
MapVirtualKeyW
MessageBoxA
OpenClipboard
PeekMessageW
PostMessageW
PostThreadMessageW
PtInRect
RegisterClassExA
RegisterClassExW
RegisterClassW
RegisterDeviceNotificationW
RegisterRawInputDevices
RegisterWindowMessageA
ReleaseCapture
ReleaseDC
RemovePropW
ScreenToClient
SendMessageW
SetActiveWindow
SetCapture
SetClipboardData
SetCursor
SetCursorPos
SetFocus
SetForegroundWindow
SetLayeredWindowAttributes
SetPropW
SetTimer
SetWindowLongPtrW
SetWindowLongW
SetWindowPos
SetWindowRgn
SetWindowTextW
SetWindowsHookExW
ShowWindow
SystemParametersInfoA
SystemParametersInfoW
ToUnicode
TrackMouseEvent
TranslateMessage
UnhookWindowsHookEx
UnregisterClassA
UnregisterClassW
UnregisterDeviceNotification
ValidateRect

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

winmm

timeBeginPeriod
timeEndPeriod
waveInAddBuffer
waveInClose
waveInGetDevCapsW
waveInGetNumDevs
waveInOpen
waveInPrepareHeader
waveInReset
waveInStart
waveInUnprepareHeader
waveOutClose
waveOutGetDevCapsW
waveOutGetErrorTextW
waveOutGetNumDevs
waveOutOpen
waveOutPrepareHeader
waveOutReset
waveOutUnprepareHeader
waveOutWrite

Exports

Exports

SDL_AddEventWatch
SDL_AddHintCallback
SDL_AddTimer
SDL_AllocFormat
SDL_AllocPalette
SDL_AllocRW
SDL_AtomicAdd
SDL_AtomicCAS
SDL_AtomicCASPtr
SDL_AtomicGet
SDL_AtomicGetPtr
SDL_AtomicLock
SDL_AtomicSet
SDL_AtomicSetPtr
SDL_AtomicTryLock
SDL_AtomicUnlock
SDL_AudioInit
SDL_AudioQuit
SDL_AudioStreamAvailable
SDL_AudioStreamClear
SDL_AudioStreamFlush
SDL_AudioStreamGet
SDL_AudioStreamPut
SDL_BuildAudioCVT
SDL_CalculateGammaRamp
SDL_CaptureMouse
SDL_ClearComposition
SDL_ClearError
SDL_ClearHints
SDL_ClearQueuedAudio
SDL_CloseAudio
SDL_CloseAudioDevice
SDL_ComposeCustomBlendMode
SDL_CondBroadcast
SDL_CondSignal
SDL_CondWait
SDL_CondWaitTimeout
SDL_ConvertAudio
SDL_ConvertPixels
SDL_ConvertSurface
SDL_ConvertSurfaceFormat
SDL_CreateColorCursor
SDL_CreateCond
SDL_CreateCursor
SDL_CreateMutex
SDL_CreateRGBSurface
SDL_CreateRGBSurfaceFrom
SDL_CreateRGBSurfaceWithFormat
SDL_CreateRGBSurfaceWithFormatFrom
SDL_CreateRenderer
SDL_CreateSemaphore
SDL_CreateShapedWindow
SDL_CreateSoftwareRenderer
SDL_CreateSystemCursor
SDL_CreateTexture
SDL_CreateTextureFromSurface
SDL_CreateThread
SDL_CreateThreadWithStackSize
SDL_CreateWindow
SDL_CreateWindowAndRenderer
SDL_CreateWindowFrom
SDL_DXGIGetOutputInfo
SDL_DYNAPI_entry
SDL_DelEventWatch
SDL_DelHintCallback
SDL_Delay
SDL_DequeueAudio
SDL_DestroyCond
SDL_DestroyMutex
SDL_DestroyRenderer
SDL_DestroySemaphore
SDL_DestroyTexture
SDL_DestroyWindow
SDL_DetachThread
SDL_Direct3D9GetAdapterIndex
SDL_DisableScreenSaver
SDL_DuplicateSurface
SDL_EnableScreenSaver
SDL_EncloseFPoints
SDL_EnclosePoints
SDL_Error
SDL_EventState
SDL_FillRect
SDL_FillRects
SDL_FilterEvents
SDL_FlashWindow
SDL_FlushEvent
SDL_FlushEvents
SDL_FreeAudioStream
SDL_FreeCursor
SDL_FreeFormat
SDL_FreePalette
SDL_FreeRW
SDL_FreeSurface
SDL_FreeWAV
SDL_GL_BindTexture
SDL_GL_CreateContext
SDL_GL_DeleteContext
SDL_GL_ExtensionSupported
SDL_GL_GetAttribute
SDL_GL_GetCurrentContext
SDL_GL_GetCurrentWindow
SDL_GL_GetDrawableSize
SDL_GL_GetProcAddress
SDL_GL_GetSwapInterval
SDL_GL_LoadLibrary
SDL_GL_MakeCurrent
SDL_GL_ResetAttributes
SDL_GL_SetAttribute
SDL_GL_SetSwapInterval
SDL_GL_SwapWindow
SDL_GL_UnbindTexture
SDL_GL_UnloadLibrary
SDL_GameControllerAddMapping
SDL_GameControllerAddMappingsFromRW
SDL_GameControllerClose
SDL_GameControllerEventState
SDL_GameControllerFromInstanceID
SDL_GameControllerFromPlayerIndex
SDL_GameControllerGetAppleSFSymbolsNameForAxis
SDL_GameControllerGetAppleSFSymbolsNameForButton
SDL_GameControllerGetAttached
SDL_GameControllerGetAxis
SDL_GameControllerGetAxisFromString
SDL_GameControllerGetBindForAxis
SDL_GameControllerGetBindForButton
SDL_GameControllerGetButton
SDL_GameControllerGetButtonFromString
SDL_GameControllerGetJoystick
SDL_GameControllerGetNumTouchpadFingers
SDL_GameControllerGetNumTouchpads
SDL_GameControllerGetPlayerIndex
SDL_GameControllerGetProduct
SDL_GameControllerGetProductVersion
SDL_GameControllerGetSensorData
SDL_GameControllerGetSensorDataRate
SDL_GameControllerGetSerial
SDL_GameControllerGetStringForAxis
SDL_GameControllerGetStringForButton
SDL_GameControllerGetTouchpadFinger
SDL_GameControllerGetType
SDL_GameControllerGetVendor
SDL_GameControllerHasAxis
SDL_GameControllerHasButton
SDL_GameControllerHasLED
SDL_GameControllerHasRumble
SDL_GameControllerHasRumbleTriggers
SDL_GameControllerHasSensor
SDL_GameControllerIsSensorEnabled
SDL_GameControllerMapping
SDL_GameControllerMappingForDeviceIndex
SDL_GameControllerMappingForGUID
SDL_GameControllerMappingForIndex
SDL_GameControllerName
SDL_GameControllerNameForIndex
SDL_GameControllerNumMappings
SDL_GameControllerOpen
SDL_GameControllerRumble
SDL_GameControllerRumbleTriggers
SDL_GameControllerSendEffect
SDL_GameControllerSetLED
SDL_GameControllerSetPlayerIndex
SDL_GameControllerSetSensorEnabled
SDL_GameControllerTypeForIndex
SDL_GameControllerUpdate
SDL_GetAssertionHandler
SDL_GetAssertionReport
SDL_GetAudioDeviceName
SDL_GetAudioDeviceSpec
SDL_GetAudioDeviceStatus
SDL_GetAudioDriver
SDL_GetAudioStatus
SDL_GetBasePath
SDL_GetCPUCacheLineSize
SDL_GetCPUCount
SDL_GetClipRect
SDL_GetClipboardText
SDL_GetClosestDisplayMode
SDL_GetColorKey
SDL_GetCurrentAudioDriver
SDL_GetCurrentDisplayMode
SDL_GetCurrentVideoDriver
SDL_GetCursor
SDL_GetDefaultAssertionHandler
SDL_GetDefaultCursor
SDL_GetDesktopDisplayMode
SDL_GetDisplayBounds
SDL_GetDisplayDPI
SDL_GetDisplayMode
SDL_GetDisplayName
SDL_GetDisplayOrientation
SDL_GetDisplayUsableBounds
SDL_GetError
SDL_GetErrorMsg
SDL_GetEventFilter
SDL_GetGlobalMouseState
SDL_GetGrabbedWindow
SDL_GetHint
SDL_GetHintBoolean
SDL_GetKeyFromName
SDL_GetKeyFromScancode
SDL_GetKeyName
SDL_GetKeyboardFocus
SDL_GetKeyboardState
SDL_GetMemoryFunctions
SDL_GetModState
SDL_GetMouseFocus
SDL_GetMouseState
SDL_GetNumAllocations
SDL_GetNumAudioDevices
SDL_GetNumAudioDrivers
SDL_GetNumDisplayModes
SDL_GetNumRenderDrivers
SDL_GetNumTouchDevices
SDL_GetNumTouchFingers
SDL_GetNumVideoDisplays
SDL_GetNumVideoDrivers
SDL_GetPerformanceCounter
SDL_GetPerformanceFrequency
SDL_GetPixelFormatName
SDL_GetPlatform
SDL_GetPowerInfo
SDL_GetPrefPath
SDL_GetPreferredLocales
SDL_GetQueuedAudioSize
SDL_GetRGB
SDL_GetRGBA
SDL_GetRelativeMouseMode
SDL_GetRelativeMouseState
SDL_GetRenderDrawBlendMode
SDL_GetRenderDrawColor
SDL_GetRenderDriverInfo
SDL_GetRenderTarget
SDL_GetRenderer
SDL_GetRendererInfo
SDL_GetRendererOutputSize
SDL_GetRevision
SDL_GetRevisionNumber
SDL_GetScancodeFromKey
SDL_GetScancodeFromName
SDL_GetScancodeName
SDL_GetShapedWindowMode
SDL_GetSurfaceAlphaMod
SDL_GetSurfaceBlendMode
SDL_GetSurfaceColorMod
SDL_GetSystemRAM
SDL_GetTextureAlphaMod
SDL_GetTextureBlendMode
SDL_GetTextureColorMod
SDL_GetTextureScaleMode
SDL_GetTextureUserData
SDL_GetThreadID
SDL_GetThreadName
SDL_GetTicks
SDL_GetTicks64
SDL_GetTouchDevice
SDL_GetTouchDeviceType
SDL_GetTouchFinger
SDL_GetTouchName
SDL_GetVersion
SDL_GetVideoDriver
SDL_GetWindowBordersSize
SDL_GetWindowBrightness
SDL_GetWindowData
SDL_GetWindowDisplayIndex
SDL_GetWindowDisplayMode
SDL_GetWindowFlags
SDL_GetWindowFromID
SDL_GetWindowGammaRamp
SDL_GetWindowGrab
SDL_GetWindowICCProfile
SDL_GetWindowID
SDL_GetWindowKeyboardGrab
SDL_GetWindowMaximumSize
SDL_GetWindowMinimumSize
SDL_GetWindowMouseGrab
SDL_GetWindowMouseRect
SDL_GetWindowOpacity
SDL_GetWindowPixelFormat
SDL_GetWindowPosition
SDL_GetWindowSize
SDL_GetWindowSurface
SDL_GetWindowTitle
SDL_GetWindowWMInfo
SDL_GetYUVConversionMode
SDL_GetYUVConversionModeForResolution
SDL_HapticClose
SDL_HapticDestroyEffect
SDL_HapticEffectSupported
SDL_HapticGetEffectStatus
SDL_HapticIndex
SDL_HapticName
SDL_HapticNewEffect
SDL_HapticNumAxes
SDL_HapticNumEffects
SDL_HapticNumEffectsPlaying
SDL_HapticOpen
SDL_HapticOpenFromJoystick
SDL_HapticOpenFromMouse
SDL_HapticOpened
SDL_HapticPause
SDL_HapticQuery
SDL_HapticRumbleInit
SDL_HapticRumblePlay
SDL_HapticRumbleStop
SDL_HapticRumbleSupported
SDL_HapticRunEffect
SDL_HapticSetAutocenter
SDL_HapticSetGain
SDL_HapticStopAll
SDL_HapticStopEffect
SDL_HapticUnpause
SDL_HapticUpdateEffect
SDL_Has3DNow
SDL_HasARMSIMD
SDL_HasAVX
SDL_HasAVX2
SDL_HasAVX512F
SDL_HasAltiVec
SDL_HasClipboardText
SDL_HasColorKey
SDL_HasEvent
SDL_HasEvents
SDL_HasIntersection
SDL_HasIntersectionF
SDL_HasMMX
SDL_HasNEON
SDL_HasRDTSC
SDL_HasSSE
SDL_HasSSE2
SDL_HasSSE3
SDL_HasSSE41
SDL_HasSSE42
SDL_HasScreenKeyboardSupport
SDL_HasSurfaceRLE
SDL_HideWindow
SDL_Init
SDL_InitSubSystem
SDL_IntersectFRect
SDL_IntersectFRectAndLine
SDL_IntersectRect
SDL_IntersectRectAndLine
SDL_IsGameController
SDL_IsScreenKeyboardShown
SDL_IsScreenSaverEnabled
SDL_IsShapedWindow
SDL_IsTablet
SDL_IsTextInputActive
SDL_IsTextInputShown
SDL_JoystickAttachVirtual
SDL_JoystickClose
SDL_JoystickCurrentPowerLevel
SDL_JoystickDetachVirtual
SDL_JoystickEventState
SDL_JoystickFromInstanceID
SDL_JoystickFromPlayerIndex
SDL_JoystickGetAttached
SDL_JoystickGetAxis
SDL_JoystickGetAxisInitialState
SDL_JoystickGetBall
SDL_JoystickGetButton
SDL_JoystickGetDeviceGUID
SDL_JoystickGetDeviceInstanceID
SDL_JoystickGetDevicePlayerIndex
SDL_JoystickGetDeviceProduct
SDL_JoystickGetDeviceProductVersion
SDL_JoystickGetDeviceType
SDL_JoystickGetDeviceVendor
SDL_JoystickGetGUID
SDL_JoystickGetGUIDFromString
SDL_JoystickGetGUIDString
SDL_JoystickGetHat
SDL_JoystickGetPlayerIndex
SDL_JoystickGetProduct
SDL_JoystickGetProductVersion
SDL_JoystickGetSerial
SDL_JoystickGetType
SDL_JoystickGetVendor
SDL_JoystickHasLED
SDL_JoystickHasRumble
SDL_JoystickHasRumbleTriggers
SDL_JoystickInstanceID
SDL_JoystickIsHaptic
SDL_JoystickIsVirtual
SDL_JoystickName
SDL_JoystickNameForIndex
SDL_JoystickNumAxes
SDL_JoystickNumBalls
SDL_JoystickNumButtons
SDL_JoystickNumHats
SDL_JoystickOpen
SDL_JoystickRumble
SDL_JoystickRumbleTriggers
SDL_JoystickSendEffect
SDL_JoystickSetLED
SDL_JoystickSetPlayerIndex
SDL_JoystickSetVirtualAxis
SDL_JoystickSetVirtualButton
SDL_JoystickSetVirtualHat
SDL_JoystickUpdate
SDL_LoadBMP_RW
SDL_LoadDollarTemplates
SDL_LoadFile
SDL_LoadFile_RW
SDL_LoadFunction
SDL_LoadObject
SDL_LoadWAV_RW
SDL_LockAudio
SDL_LockAudioDevice
SDL_LockJoysticks
SDL_LockMutex
SDL_LockSensors
SDL_LockSurface
SDL_LockTexture
SDL_LockTextureToSurface
SDL_Log
SDL_LogCritical
SDL_LogDebug
SDL_LogError
SDL_LogGetOutputFunction
SDL_LogGetPriority
SDL_LogInfo
SDL_LogMessage
SDL_LogMessageV
SDL_LogResetPriorities
SDL_LogSetAllPriority
SDL_LogSetOutputFunction
SDL_LogSetPriority
SDL_LogVerbose
SDL_LogWarn
SDL_LowerBlit
SDL_LowerBlitScaled
SDL_MapRGB
SDL_MapRGBA
SDL_MasksToPixelFormatEnum
SDL_MaximizeWindow
SDL_MemoryBarrierAcquireFunction
SDL_MemoryBarrierReleaseFunction
SDL_Metal_CreateView
SDL_Metal_DestroyView
SDL_Metal_GetDrawableSize
SDL_Metal_GetLayer
SDL_MinimizeWindow
SDL_MixAudio
SDL_MixAudioFormat
SDL_MouseIsHaptic
SDL_NewAudioStream
SDL_NumHaptics
SDL_NumJoysticks
SDL_NumSensors
SDL_OnApplicationDidBecomeActive
SDL_OnApplicationDidEnterBackground
SDL_OnApplicationDidReceiveMemoryWarning
SDL_OnApplicationWillEnterForeground
SDL_OnApplicationWillResignActive
SDL_OnApplicationWillTerminate
SDL_OpenAudio
SDL_OpenAudioDevice
SDL_OpenURL
SDL_PauseAudio
SDL_PauseAudioDevice
SDL_PeepEvents
SDL_PixelFormatEnumToMasks
SDL_PollEvent
SDL_PremultiplyAlpha
SDL_PumpEvents
SDL_PushEvent
SDL_QueryTexture
SDL_QueueAudio
SDL_Quit
SDL_QuitSubSystem
SDL_RWFromConstMem
SDL_RWFromFP
SDL_RWFromFile
SDL_RWFromMem
SDL_RWclose
SDL_RWread
SDL_RWseek
SDL_RWsize
SDL_RWtell
SDL_RWwrite
SDL_RaiseWindow
SDL_ReadBE16
SDL_ReadBE32
SDL_ReadBE64
SDL_ReadLE16
SDL_ReadLE32
SDL_ReadLE64
SDL_ReadU8
SDL_RecordGesture
SDL_RegisterApp
SDL_RegisterEvents
SDL_RemoveTimer
SDL_RenderClear
SDL_RenderCopy
SDL_RenderCopyEx
SDL_RenderCopyExF
SDL_RenderCopyF
SDL_RenderDrawLine
SDL_RenderDrawLineF

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 755KB - Virtual size: 754KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
SDL2_image.dll
.dll windows:4 windows x64 arch:x64

4dddb0e55addd0918013d39a1ac31b1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__iob_func
_amsg_exit
_initterm
_lock
_onexit
_setjmp
_unlock
abort
calloc
fputs
free
longjmp
malloc
signal
strncmp
vfprintf

sdl2

SDL_ClearError
SDL_ConvertSurfaceFormat
SDL_CreateRGBSurface
SDL_CreateTextureFromSurface
SDL_Error
SDL_FillRect
SDL_FreeSurface
SDL_GetError
SDL_LoadFile_RW
SDL_LoadFunction
SDL_LoadObject
SDL_Log
SDL_MapRGB
SDL_RWFromFile
SDL_ReadBE32
SDL_ReadLE16
SDL_ReadLE32
SDL_SetColorKey
SDL_SetError
SDL_UnloadObject
SDL_UpperBlit
SDL_acosf
SDL_atan2f
SDL_calloc
SDL_ceilf
SDL_cosf
SDL_fabs
SDL_fabsf
SDL_floorf
SDL_fmodf
SDL_free
SDL_isdigit
SDL_isspace
SDL_malloc
SDL_memcmp
SDL_memcpy
SDL_memset
SDL_pow
SDL_qsort
SDL_realloc
SDL_sinf
SDL_snprintf
SDL_sqrt
SDL_sqrtf
SDL_sscanf
SDL_strchr
SDL_strcmp
SDL_strlcpy
SDL_strlen
SDL_strncasecmp
SDL_strncmp
SDL_strrchr
SDL_strstr
SDL_strtol
SDL_strtoll
SDL_tanf
SDL_toupper

Exports

Exports

IMG_Init
IMG_Linked_Version
IMG_Load
IMG_LoadBMP_RW
IMG_LoadCUR_RW
IMG_LoadGIF_RW
IMG_LoadICO_RW
IMG_LoadJPG_RW
IMG_LoadLBM_RW
IMG_LoadPCX_RW
IMG_LoadPNG_RW
IMG_LoadPNM_RW
IMG_LoadSVG_RW
IMG_LoadTGA_RW
IMG_LoadTIF_RW
IMG_LoadTexture
IMG_LoadTextureTyped_RW
IMG_LoadTexture_RW
IMG_LoadTyped_RW
IMG_LoadWEBP_RW
IMG_LoadXCF_RW
IMG_LoadXPM_RW
IMG_LoadXV_RW
IMG_Load_RW
IMG_Quit
IMG_ReadXPMFromArray
IMG_SaveJPG
IMG_SaveJPG_RW
IMG_SavePNG
IMG_SavePNG_RW
IMG_isBMP
IMG_isCUR
IMG_isGIF
IMG_isICO
IMG_isJPG
IMG_isLBM
IMG_isPCX
IMG_isPNG
IMG_isPNM
IMG_isSVG
IMG_isTIF
IMG_isWEBP
IMG_isXCF
IMG_isXPM
IMG_isXV

Sections

.text
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 252B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TouchInput.dll
.dll windows:6 windows x64 arch:x64

14bf287cca8eea3ac952bdd6cc2a3f7c

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

29:81:c2:7a:e5:37:6c:75:ef:79:6d:f8:99:85:8d:d4:7d:59:20:09:1f:79:73:6d:cd:ba:54:17:85:68:9d:da
Signer

Actual PE Digest

29:81:c2:7a:e5:37:6c:75:ef:79:6d:f8:99:85:8d:d4:7d:59:20:09:1f:79:73:6d:cd:ba:54:17:85:68:9d:da

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\TouchInput.pdb

Imports

ws2_32

ntohl

kernel32

RtlCaptureContext
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlLookupFunctionEntry
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
RtlVirtualUnwind
InitializeSListHead
IsDebuggerPresent

user32

InitializeTouchInjection
CreateSyntheticPointerDevice
InjectTouchInput
InjectSyntheticPointerInput

vcruntime140

__std_type_info_destroy_list
memcpy
__C_specific_handler
memset

api-ms-win-crt-heap-l1-1-0

free
calloc

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_initialize_narrow_environment
_initterm
_initialize_onexit_table
_execute_onexit_table
_cexit
_seh_filter_dll
_initterm_e

api-ms-win-crt-math-l1-1-0

atanf
cosf
sinf
tanf

Exports

Exports

DisposeStylus
DisposeTouch
InitStylus
InitTouch
SendStylusInput
SendTouchInput
UpdateVirtualScreen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avcodec-59.dll
.dll windows:4 windows x64 arch:x64

270ade4fb1c52d88eca2783c9cbf51cf

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

avutil-57

av_asprintf
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_read
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_bmg_get
av_bprint_append_data
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_get_ref_count
av_buffer_is_writable
av_buffer_make_writable
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_init2
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_chroma_location_name
av_color_primaries_name
av_color_range_name
av_color_space_name
av_color_transfer_name
av_content_light_metadata_create_side_data
av_cpu_count
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_default_item_name
av_dict_copy
av_dict_free
av_dict_get
av_dict_set
av_display_matrix_flip
av_display_rotation_set
av_div_q
av_dovi_metadata_alloc
av_downmix_info_update_side_data
av_dynamic_hdr_plus_alloc
av_dynarray_add
av_dynarray_add_nofree
av_expr_eval
av_expr_free
av_expr_parse
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_fifo_alloc
av_fifo_alloc_array
av_fifo_drain
av_fifo_free
av_fifo_freep
av_fifo_generic_peek
av_fifo_generic_peek_at
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_film_grain_params_create_side_data
av_find_best_pix_fmt_of_2
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_get_side_data
av_frame_is_writable
av_frame_make_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_unref
av_free
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_cpu_flags
av_get_default_channel_layout
av_get_media_type_string
av_get_picture_type_char
av_get_pix_fmt_name
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_get_token
av_gettime
av_hwdevice_ctx_create
av_hwdevice_get_type_name
av_hwframe_ctx_alloc
av_hwframe_ctx_init
av_hwframe_get_buffer
av_hwframe_map
av_hwframe_transfer_data
av_image_check_sar
av_image_check_size
av_image_check_size2
av_image_copy
av_image_copy_plane
av_image_copy_to_buffer
av_image_fill_arrays
av_image_fill_black
av_image_fill_linesizes
av_image_fill_plane_sizes
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_lfg_init
av_lfg_init_from_data
av_log
av_log_get_level
av_log_once
av_lzo1x_decode
av_malloc
av_malloc_array
av_mallocz
av_mastering_display_metadata_create_side_data
av_match_list
av_md5_alloc
av_md5_final
av_md5_init
av_md5_update
av_memcpy_backptr
av_memdup
av_mul_q
av_nearer_q
av_opt_copy
av_opt_free
av_opt_get_int
av_opt_next
av_opt_set
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_dict2
av_opt_set_from_string
av_opt_set_int
av_parse_color
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_pix_fmt_get_chroma_sub_sample
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_sample_fmt_is_planar
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_size_mult
av_sscanf
av_stereo3d_alloc
av_stereo3d_create_side_data
av_strcasecmp
av_strdup
av_strerror
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strtok
av_timecode_adjust_ntsc_framenum2
av_timecode_get_smpte
av_timecode_init_from_string
av_timecode_make_mpeg_tc_string
av_timecode_make_smpte_tc_string2
av_tx_init
av_tx_uninit
av_usleep
av_vbprintf
av_video_enc_params_create_side_data
av_vlog
avpriv_alloc_fixed_dsp
avpriv_cga_font
avpriv_float_dsp_alloc
avpriv_get_gamma_from_trc
avpriv_get_trc_function_from_trc
avpriv_init_lls
avpriv_report_missing_feature
avpriv_request_sample
avpriv_scalarproduct_float_c
avpriv_set_systematic_pal2
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free
avpriv_solve_lls
avpriv_tempfile
avpriv_vga16_font

swresample-4

swr_alloc
swr_close
swr_convert
swr_free
swr_init
swr_is_initialized

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
OpenProcessToken
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW

bcrypt

BCryptGenRandom

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
CancelIo
CloseHandle
CompareStringOrdinal
CopyFileExW
CreateDirectoryW
CreateEventA
CreateEventW
CreateFileMappingA
CreateFileW
CreateHardLinkW
CreateMutexA
CreateNamedPipeW
CreateProcessW
CreateSemaphoreA
CreateSemaphoreW
CreateSymbolicLinkW
CreateThread
CreateToolhelp32Snapshot
DebugBreak
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
FindClose
FindFirstFileW
FindNextFileW
FlushFileBuffers
FormatMessageW
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetActiveProcessorGroupCount
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFinalPathNameByHandleW
GetFullPathNameW
GetHandleInformation
GetLastError
GetLogicalProcessorInformation
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetNumaHighestNodeNumber
GetNumaNodeProcessorMaskEx
GetOverlappedResult
GetProcAddress
GetProcessAffinityMask
GetProcessHeap
GetProcessId
GetStdHandle
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempPathW
GetThreadContext
GetThreadGroupAffinity
GetThreadPriority
GetTickCount64
GetTimeZoneInformation
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
InitOnceBeginInitialize
InitOnceComplete
InitOnceExecuteOnce
InitializeConditionVariable
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InitializeCriticalSectionEx
InitializeSRWLock
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MultiByteToWideChar
OpenFileMappingA
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
ReleaseSemaphore
RemoveDirectoryW
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryW
SetEnvironmentVariableW
SetEvent
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetHandleInformation
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadErrorMode
SetThreadGroupAffinity
SetThreadPriority
SetThreadStackGuarantee
Sleep
SleepConditionVariableCS
SleepConditionVariableSRW
SuspendThread
SwitchToThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TryEnterCriticalSection
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFile
__C_specific_handler

mfplat

MFCreateAlignedMemoryBuffer
MFCreateMediaType
MFCreateSample
MFShutdown
MFStartup

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_aligned_free
_aligned_malloc
_aligned_realloc
_amsg_exit
_assert
_beginthreadex
_close
_endthreadex
_errno
_exit
_fdopen
_filelengthi64
_fileno
_fileno
_fstat64
_ftime64
_ftime64_s
_gmtime64
_initterm
_hypot
_localtime64
_lock
_lseeki64
_mktime64
_open
_read
_setjmp
_stat64
_stricmp
_strdup
_strnicmp
_time64
_ultoa
_unlink
_unlock
_vscprintf
_vsnprintf
_wfopen
_wfopen_s
_wrename
_wunlink
abort
acos
atan
atof
atoi
bsearch
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fgetws
fopen
fprintf
fputc
fputs
fread
free
fseek
fsetpos
ftell
fwrite
getc
getenv
getwc
isalnum
islower
isspace
isupper
iswctype
isxdigit
_write
localeconv
log10
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
putc
putwc
qsort
realloc
rand
remove
setlocale
setvbuf
signal
srand
strcat
strchr
strcmp
strcoll
strcpy
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtol
strtoul
strxfrm
swscanf_s
tan
tanh
tolower
toupper
towlower
towupper
ungetc
vfprintf
ungetwc
wcscat
wcschr
wcscoll
wcscpy
wcscspn
wcsftime
wcslen
wcsrchr
wcsstr
wcstoul
wcsxfrm

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize
StringFromGUID2

userenv

GetUserProfileDirectoryW

ws2_32

WSACleanup
WSADuplicateSocketW
WSAGetLastError
WSARecv
WSASend
WSASocketW
WSAStartup
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getpeername
getsockname
getsockopt
ioctlsocket
listen
recv
recvfrom
select
send
sendto
setsockopt
shutdown

Exports

Exports

av_ac3_parse_header
av_adts_header_parse
av_bsf_alloc
av_bsf_flush
av_bsf_free
av_bsf_get_by_name
av_bsf_get_class
av_bsf_get_null_filter
av_bsf_init
av_bsf_iterate
av_bsf_list_alloc
av_bsf_list_append
av_bsf_list_append2
av_bsf_list_finalize
av_bsf_list_free
av_bsf_list_parse_str
av_bsf_receive_packet
av_bsf_send_packet
av_codec_ffversion
av_codec_is_decoder
av_codec_is_encoder
av_codec_iterate
av_cpb_properties_alloc
av_d3d11va_alloc_context
av_dct_calc
av_dct_end
av_dct_init
av_dirac_parse_sequence_header
av_dv_codec_profile
av_dv_codec_profile2
av_dv_frame_profile
av_fast_padded_malloc
av_fast_padded_mallocz
av_fft_calc
av_fft_end
av_fft_init
av_fft_permute
av_get_audio_frame_duration
av_get_audio_frame_duration2
av_get_bits_per_sample
av_get_exact_bits_per_sample
av_get_pcm_codec
av_get_profile_name
av_grow_packet
av_imdct_calc
av_imdct_half
av_init_packet
av_jni_get_java_vm
av_jni_set_java_vm
av_mdct_calc
av_mdct_end
av_mdct_init
av_mediacodec_alloc_context
av_mediacodec_default_free
av_mediacodec_default_init
av_mediacodec_release_buffer
av_mediacodec_render_buffer_at_time
av_new_packet
av_packet_add_side_data
av_packet_alloc
av_packet_clone
av_packet_copy_props
av_packet_free
av_packet_free_side_data
av_packet_from_data
av_packet_get_side_data
av_packet_make_refcounted
av_packet_make_writable
av_packet_move_ref
av_packet_new_side_data
av_packet_pack_dictionary
av_packet_ref
av_packet_rescale_ts
av_packet_shrink_side_data
av_packet_side_data_name
av_packet_unpack_dictionary
av_packet_unref
av_parser_close
av_parser_init
av_parser_iterate
av_parser_parse2
av_qsv_alloc_context
av_rdft_calc
av_rdft_end
av_rdft_init
av_shrink_packet
av_vorbis_parse_frame
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_align_dimensions
avcodec_align_dimensions2
avcodec_alloc_context3
avcodec_chroma_pos_to_enum
avcodec_close
avcodec_configuration
avcodec_dct_alloc
avcodec_dct_get_class
avcodec_dct_init
avcodec_decode_subtitle2
avcodec_default_execute
avcodec_default_execute2
avcodec_default_get_buffer2
avcodec_default_get_encode_buffer
avcodec_default_get_format
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_descriptor_next
avcodec_encode_subtitle
avcodec_enum_to_chroma_pos
avcodec_fill_audio_frame
avcodec_find_best_pix_fmt_of_list
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_find_encoder
avcodec_find_encoder_by_name
avcodec_flush_buffers
avcodec_free_context
avcodec_get_class
avcodec_get_frame_class
avcodec_get_hw_config
avcodec_get_hw_frames_parameters
avcodec_get_name
avcodec_get_subtitle_rect_class
avcodec_get_type
avcodec_is_open
avcodec_license
avcodec_open2
avcodec_parameters_alloc
avcodec_parameters_copy
avcodec_parameters_free
avcodec_parameters_from_context
avcodec_parameters_to_context
avcodec_pix_fmt_to_codec_tag
avcodec_profile_name
avcodec_receive_frame
avcodec_receive_packet
avcodec_send_frame
avcodec_send_packet
avcodec_string
avcodec_version
avpriv_ac3_parse_header
avpriv_adts_header_parse
avpriv_codec_get_cap_skip_frame_fill_param
avpriv_dca_convert_bitstream
avpriv_dca_parse_core_frame_header
avpriv_elbg_do
avpriv_elbg_free
avpriv_exif_decode_ifd
avpriv_find_start_code
avpriv_fits_header_init
avpriv_fits_header_parse_line
avpriv_get_raw_pix_fmt_tags
avpriv_h264_has_num_reorder_frames
avpriv_mpeg4audio_get_config2
avpriv_mpegaudio_decode_header
avpriv_packet_list_free
avpriv_packet_list_get
avpriv_packet_list_put
avpriv_pix_fmt_find
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avsubtitle_free

Sections

.text
Size: 57.1MB - Virtual size: 57.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rodata
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8.5MB - Virtual size: 8.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 501KB - Virtual size: 501KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 810KB - Virtual size: 810KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 137KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avformat-59.dll
.dll windows:4 windows x64 arch:x64

40570676c8f8801717eef760b624b85d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

avcodec-59

av_ac3_parse_header
av_adts_header_parse
av_bsf_alloc
av_bsf_flush
av_bsf_free
av_bsf_get_by_name
av_bsf_get_null_filter
av_bsf_init
av_bsf_list_parse_str
av_bsf_receive_packet
av_bsf_send_packet
av_codec_is_decoder
av_codec_iterate
av_dirac_parse_sequence_header
av_dv_codec_profile2
av_dv_frame_profile
av_get_audio_frame_duration
av_get_audio_frame_duration2
av_get_bits_per_sample
av_get_exact_bits_per_sample
av_grow_packet
av_init_packet
av_new_packet
av_packet_add_side_data
av_packet_alloc
av_packet_clone
av_packet_copy_props
av_packet_free
av_packet_from_data
av_packet_get_side_data
av_packet_make_refcounted
av_packet_move_ref
av_packet_new_side_data
av_packet_pack_dictionary
av_packet_ref
av_packet_rescale_ts
av_packet_unref
av_parser_close
av_parser_init
av_parser_parse2
av_shrink_packet
av_vorbis_parse_frame_flags
av_vorbis_parse_free
av_vorbis_parse_init
av_vorbis_parse_reset
av_xiphlacing
avcodec_alloc_context3
avcodec_chroma_pos_to_enum
avcodec_close
avcodec_decode_subtitle2
avcodec_descriptor_get
avcodec_descriptor_get_by_name
avcodec_enum_to_chroma_pos
avcodec_find_decoder
avcodec_find_decoder_by_name
avcodec_free_context
avcodec_get_name
avcodec_get_type
avcodec_is_open
avcodec_open2
avcodec_parameters_alloc
avcodec_parameters_copy
avcodec_parameters_free
avcodec_parameters_from_context
avcodec_parameters_to_context
avcodec_pix_fmt_to_codec_tag
avcodec_receive_frame
avcodec_send_packet
avcodec_string
avpriv_ac3_parse_header
avpriv_adts_header_parse
avpriv_codec_get_cap_skip_frame_fill_param
avpriv_dca_convert_bitstream
avpriv_dca_parse_core_frame_header
avpriv_exif_decode_ifd
avpriv_find_start_code
avpriv_fits_header_init
avpriv_fits_header_parse_line
avpriv_h264_has_num_reorder_frames
avpriv_mpeg4audio_get_config2
avpriv_mpegaudio_decode_header
avpriv_packet_list_free
avpriv_packet_list_get
avpriv_packet_list_put
avpriv_pix_fmt_find
avpriv_split_xiph_headers
avpriv_tak_parse_streaminfo
avsubtitle_free

avutil-57

av_add_q
av_add_stable
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_ctr_alloc
av_aes_ctr_crypt
av_aes_ctr_free
av_aes_ctr_get_iv
av_aes_ctr_increment_iv
av_aes_ctr_init
av_aes_ctr_set_full_iv
av_aes_ctr_set_random_iv
av_aes_init
av_append_path_component
av_asprintf
av_base64_decode
av_base64_encode
av_basename
av_blowfish_crypt_ecb
av_blowfish_init
av_bprint_append_data
av_bprint_chars
av_bprint_clear
av_bprint_finalize
av_bprint_init
av_bprint_init_for_buffer
av_bprintf
av_buffer_alloc
av_buffer_create
av_buffer_default_free
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_unref
av_calloc
av_color_primaries_name
av_color_space_name
av_color_transfer_name
av_compare_mod
av_compare_ts
av_content_light_metadata_alloc
av_crc
av_crc_get_table
av_d2q
av_default_item_name
av_des_alloc
av_des_crypt
av_des_init
av_des_mac
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_get_string
av_dict_parse_string
av_dict_set
av_dict_set_int
av_dirname
av_display_rotation_get
av_div_q
av_dovi_alloc
av_dynarray2_add
av_dynarray_add
av_dynarray_add_nofree
av_encryption_info_add_side_data
av_encryption_info_alloc
av_encryption_info_clone
av_encryption_info_free
av_encryption_init_info_add_side_data
av_encryption_init_info_alloc
av_encryption_init_info_free
av_encryption_init_info_get_side_data
av_escape
av_expr_eval
av_expr_parse
av_fast_malloc
av_fast_realloc
av_fifo_alloc
av_fifo_alloc_array
av_fifo_drain
av_fifo_freep
av_fifo_generic_peek_at
av_fifo_generic_read
av_fifo_generic_write
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_find_info_tag
av_fourcc_make_string
av_frame_alloc
av_frame_free
av_free
av_freep
av_gcd
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_media_type_string
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_name
av_get_random_seed
av_get_sample_fmt_name
av_get_token
av_gettime
av_gettime_relative
av_hash_alloc
av_hash_final_hex
av_hash_freep
av_hash_get_name
av_hash_init
av_hash_update
av_hmac_alloc
av_hmac_final
av_hmac_free
av_hmac_init
av_hmac_update
av_image_check_sar
av_image_check_size
av_image_fill_linesizes
av_image_get_buffer_size
av_lfg_init
av_log
av_log_get_level
av_log_once
av_lzo1x_decode
av_malloc
av_malloc_array
av_mallocz
av_mastering_display_metadata_alloc
av_match_list
av_match_name
av_md5_alloc
av_md5_final
av_md5_init
av_md5_sum
av_md5_update
av_memdup
av_mul_q
av_opt_copy
av_opt_flag_is_set
av_opt_free
av_opt_get
av_opt_get_dict_val
av_opt_get_int
av_opt_get_key_value
av_opt_ptr
av_opt_set
av_opt_set_bin
av_opt_set_defaults
av_opt_set_dict
av_opt_set_dict2
av_opt_set_dict_val
av_opt_set_int
av_parse_time
av_parse_video_rate
av_pix_fmt_desc_get
av_pix_fmt_get_chroma_sub_sample
av_q2intfloat
av_rc4_alloc
av_rc4_crypt
av_rc4_init
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_sample_fmt_is_planar
av_set_options_string
av_sha_alloc
av_sha_final
av_sha_init
av_sha_update
av_small_strptime
av_spherical_alloc
av_spherical_projection_name
av_spherical_tile_bounds
av_sscanf
av_stereo3d_alloc
av_stereo3d_type_name
av_strcasecmp
av_strdup
av_strerror
av_strireplace
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strndup
av_strnstr
av_strstart
av_strtod
av_strtok
av_sub_q
av_tea_alloc
av_tea_crypt
av_tea_init
av_thread_message_flush
av_thread_message_queue_alloc
av_thread_message_queue_free
av_thread_message_queue_recv
av_thread_message_queue_send
av_thread_message_queue_set_err_recv
av_thread_message_queue_set_err_send
av_thread_message_queue_set_free_func
av_timecode_get_smpte_from_framenum
av_timecode_init
av_timecode_init_from_string
av_timecode_make_smpte_tc_string2
av_timecode_make_string
av_timegm
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_alloc
av_usleep
av_vbprintf
av_xtea_le_crypt
av_xtea_le_init
avpriv_dict_set_timestamp
avpriv_get_gamma_from_trc
avpriv_open
avpriv_report_missing_feature
avpriv_request_sample
avpriv_tempfile

advapi32

CryptAcquireContextA
CryptAcquireContextW
CryptCreateHash
CryptDecrypt
CryptDestroyHash
CryptGenRandom
CryptGetHashParam
CryptGetProvParam
CryptReleaseContext
CryptSetHashParam
CryptSetProvParam
CryptSignHashA
DeregisterEventSource
GetUserNameA
InitializeSecurityDescriptor
RegCloseKey
RegOpenKeyExW
RegQueryValueExW
RegisterEventSourceW
ReportEventW
SetSecurityDescriptorDacl
SystemFunction036

crypt32

CertCloseStore
CertDeleteCertificateFromStore
CertEnumCRLsInStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore
PFXImportCertStore

iphlpapi

GetAdaptersAddresses
if_indextoname
if_nametoindex

kernel32

AddVectoredExceptionHandler
CancelIoEx
CloseHandle
ConvertFiberToThread
ConvertThreadToFiber
CreateDirectoryW
CreateEventA
CreateFiber
CreateFileA
CreateSemaphoreA
DeleteCriticalSection
DeleteFiber
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileW
FormatMessageA
FormatMessageW
FreeLibrary
GetACP
GetConsoleMode
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableW
GetFileAttributesW
GetFileInformationByHandle
GetFileType
GetFinalPathNameByHandleA
GetFullPathNameW
GetHandleInformation
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetStdHandle
GetSystemDirectoryA
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount
GetTickCount64
GetVersion
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
IsDBCSLeadByteEx
IsDebuggerPresent
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
LocalFree
MoveFileExA
MoveFileExW
MultiByteToWideChar
OpenProcess
OutputDebugStringA
PeekNamedPipe
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleA
ReadConsoleW
ReadFile
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetConsoleMode
SetDllDirectoryW
SetEvent
SetHandleInformation
SetLastError
SetProcessAffinityMask
SetThreadAffinityMask
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
SwitchToFiber
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualAlloc
VirtualFree
VirtualLock
VirtualProtect
VirtualQuery
VirtualUnlock
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
__C_specific_handler
lstrcmpiW
lstrcpyA
lstrcpynA

msvcrt

___lc_codepage_func
___mb_cur_max_func
__argv
__iob_func
__setusermatherr
_access
_amsg_exit
_assert
_beginthread
_beginthreadex
_close
_close
_dup
_dup2
_endthreadex
_errno
_exit
_fdopen
_filelengthi64
_fileno
_findclose
_fileno
_fstat64
_ftime64
_get_osfhandle
_getcwd
_getmaxstdio
_gmtime64
_initterm
_hypot
_isctype
_localtime64
_lock
_lseeki64
_mkdir
_mktime64
_onexit
_open
_open_osfhandle
_putenv
_read
_read
_rmdir
_setjmp
_setmaxstdio
_setmode
_setmode
_stat64
_stricmp
_strdup
_strdup
_strnicmp
_time64
_ultoa
_unlink
_unlink
_unlock
_vscprintf
_vsnprintf
_vsnwprintf
_vsnprintf_s
_waccess
_wassert
_wfindfirst64
_wfindnext64
_wfopen
_wfullpath
_wmkdir
_wopen
_wremove
_wrmdir
_wstat64
_wunlink
abort
atof
atoi
bsearch
calloc
div
exit
fclose
feof
ferror
fflush
fgetc
fgetpos
fgets
fopen
fprintf
fputc
fputs
fread
free
fseek
fsetpos
ftell
fwrite
getc
getenv
getwc
isalnum
isalpha
islower
isprint
isspace
isupper
iswctype
isxdigit
_write
localeconv
log10
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
putc
puts
putwc
qsort
raise
realloc
rand
setlocale
setvbuf
signal
sinh
sprintf
srand
strcat
strchr
strcmp
strcoll
strcpy
strcpy_s
strcspn
strerror
strftime
strlen
strncat
strncmp
strncpy
strpbrk
strrchr
strspn
strstr
strtok
strtok_s
strtol
strtoul
strxfrm
tan
tolower
toupper
towlower
towupper
ungetc
vfprintf
ungetwc
wcscat
wcscoll
wcscpy
wcsftime
wcslen
wcsrchr
wcsstr
wcstombs
wcsxfrm

ncrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider
NCryptDecrypt
NCryptDeleteKey
NCryptFreeObject
NCryptGetProperty
NCryptOpenKey
NCryptOpenStorageProvider
NCryptSignHash

shell32

SHGetFolderPathW
SHGetSpecialFolderPathA

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW
wsprintfA

ws2_32

WSACleanup
WSACloseEvent
WSACreateEvent
WSAEventSelect
WSAGetLastError
WSAIoctl
WSARecvFrom
WSASendTo
WSASetLastError
WSASocketA
WSAStartup
WSAStringToAddressA
WSAWaitForMultipleEvents
__WSAFDIsSet
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
gethostbyaddr
gethostbyname
gethostname
getnameinfo
getpeername
getservbyname
getservbyport
getsockname
getsockopt
htonl
htons
inet_addr
inet_ntoa
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

av_add_index_entry
av_append_packet
av_codec_get_id
av_codec_get_tag
av_codec_get_tag2
av_demuxer_iterate
av_disposition_from_string
av_disposition_to_string
av_dump_format
av_filename_number_test
av_find_best_stream
av_find_default_stream_index
av_find_input_format
av_find_program_from_stream
av_fmt_ctx_get_duration_estimation_method
av_format_ffversion
av_format_inject_global_side_data
av_get_frame_filename
av_get_frame_filename2
av_get_output_timestamp
av_get_packet
av_guess_codec
av_guess_format
av_guess_frame_rate
av_guess_sample_aspect_ratio
av_hex_dump
av_hex_dump_log
av_index_search_timestamp
av_interleaved_write_frame
av_interleaved_write_uncoded_frame
av_match_ext
av_muxer_iterate
av_new_program
av_pkt_dump2
av_pkt_dump_log2
av_probe_input_buffer
av_probe_input_buffer2
av_probe_input_format
av_probe_input_format2
av_probe_input_format3
av_program_add_stream_index
av_read_frame
av_read_pause
av_read_play
av_sdp_create
av_seek_frame
av_stream_add_side_data
av_stream_get_class
av_stream_get_codec_timebase
av_stream_get_end_pts
av_stream_get_parser
av_stream_get_side_data
av_stream_new_side_data
av_url_split
av_write_frame
av_write_trailer
av_write_uncoded_frame
av_write_uncoded_frame_query
avformat_alloc_context
avformat_alloc_output_context2
avformat_close_input
avformat_configuration
avformat_find_stream_info
avformat_flush
avformat_free_context
avformat_get_class
avformat_get_mov_audio_tags
avformat_get_mov_video_tags
avformat_get_riff_audio_tags
avformat_get_riff_video_tags
avformat_index_get_entries_count
avformat_index_get_entry
avformat_index_get_entry_from_timestamp
avformat_init_output
avformat_license
avformat_match_stream_specifier
avformat_network_deinit
avformat_network_init
avformat_new_stream
avformat_open_input
avformat_query_codec
avformat_queue_attached_pictures
avformat_seek_file
avformat_transfer_internal_stream_timing_info
avformat_version
avformat_write_header
avio_accept
avio_alloc_context
avio_check
avio_close
avio_close_dir
avio_close_dyn_buf
avio_closep
avio_context_free
avio_enum_protocols
avio_feof
avio_find_protocol_name
avio_flush
avio_free_directory_entry
avio_get_dyn_buf
avio_get_str
avio_get_str16be
avio_get_str16le
avio_handshake
avio_open
avio_open2
avio_open_dir
avio_open_dyn_buf
avio_pause
avio_print_string_array
avio_printf
avio_protocol_get_class
avio_put_str
avio_put_str16be
avio_put_str16le
avio_r8
avio_rb16
avio_rb24
avio_rb32
avio_rb64
avio_read
avio_read_dir
avio_read_partial
avio_read_to_bprint
avio_rl16
avio_rl24
avio_rl32
avio_rl64
avio_seek
avio_seek_time
avio_size
avio_skip
avio_w8
avio_wb16
avio_wb24
avio_wb32
avio_wb64
avio_wl16
avio_wl24
avio_wl32
avio_wl64
avio_write
avio_write_marker
avpriv_dv_get_packet
avpriv_dv_init_demux
avpriv_dv_produce_packet
avpriv_mpegts_parse_close
avpriv_mpegts_parse_open
avpriv_mpegts_parse_packet
avpriv_new_chapter
avpriv_register_devices
avpriv_set_pts_info
avpriv_stream_set_need_parsing
avpriv_update_cur_dts
gme_ay_type
gme_clear_playlist
gme_delete
gme_enable_accuracy
gme_equalizer
gme_free_info
gme_gbs_type
gme_gym_type
gme_hes_type
gme_identify_extension
gme_identify_file
gme_identify_header
gme_ignore_silence
gme_kss_type
gme_load_custom
gme_load_data
gme_load_file
gme_multi_channel
gme_mute_voice
gme_mute_voices
gme_new_emu
gme_new_emu_multi_channel
gme_nsf_type
gme_nsfe_type
gme_open_data
gme_open_file
gme_play
gme_sap_type
gme_seek
gme_seek_samples
gme_set_autoload_playback_limit
gme_set_equalizer
gme_set_fade
gme_set_stereo_depth
gme_set_tempo
gme_set_user_cleanup
gme_set_user_data
gme_spc_type
gme_start_track
gme_tell
gme_tell_samples
gme_track_count
gme_track_ended
gme_track_info
gme_type
gme_type_extension
gme_type_list
gme_type_multitrack
gme_type_system
gme_user_data
gme_vgm_type
gme_vgz_type
gme_voice_count
gme_voice_name
gme_warning
gme_wrong_file_type

Sections

.text
Size: 10.6MB - Virtual size: 10.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rodata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 325KB - Virtual size: 325KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 424KB - Virtual size: 423KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 972KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
avutil-57.dll
.dll windows:4 windows x64 arch:x64

79a06e95dbe0f701eb98f08d95a82191

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
RegCloseKey
RegEnumKeyExW
RegEnumValueW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateFileMappingA
CreateMutexA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FreeLibrary
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetFileAttributesW
GetHandleInformation
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleExW
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetStdHandle
GetSystemDirectoryW
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount64
GetTimeZoneInformation
InitializeCriticalSection
IsDBCSLeadByteEx
IsDebuggerPresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadLibraryExW
LocalAlloc
LocalFree
MapViewOfFile
MultiByteToWideChar
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseMutex
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetConsoleTextAttribute
SetEvent
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadErrorMode
SetThreadPriority
Sleep
SuspendThread
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnmapViewOfFile
VerSetConditionMask
VerifyVersionInfoW
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteConsoleW
__C_specific_handler

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
__setusermatherr
_aligned_free
_aligned_malloc
_aligned_realloc
_amsg_exit
_assert
_beginthreadex
_close
_endthreadex
_errno
_exit
_fdopen
_fstat64
_get_osfhandle
_gmtime64
_initterm
_hypot
_isatty
_localtime64
_lock
_mktime64
_open
_read
_setjmp
_sopen
_strdup
_ultoa
_unlock
_wfopen_s
_wsopen
abort
acos
asin
atan
atoi
bsearch
calloc
clock
cosh
exit
fclose
fgetws
fprintf
fputc
fputs
free
fwrite
getc
getenv
islower
isspace
isupper
isxdigit
_write
localeconv
log10
longjmp
malloc
memchr
memcmp
memcpy
memmove
memset
printf
qsort
realloc
rand
signal
sinh
strchr
strcmp
strcspn
strerror
strftime
strlen
strncmp
strrchr
strspn
strstr
strtol
strtoul
swscanf_s
tan
tanh
tolower
ungetc
vfprintf
wcscat
wcschr
wcscpy
wcscspn
wcslen
wcsrchr
wcsstr
wcstoul

ole32

StringFromGUID2

user32

GetDesktopWindow

Exports

Exports

av_add_i
av_add_q
av_add_stable
av_adler32_update
av_aes_alloc
av_aes_crypt
av_aes_ctr_alloc
av_aes_ctr_crypt
av_aes_ctr_free
av_aes_ctr_get_iv
av_aes_ctr_increment_iv
av_aes_ctr_init
av_aes_ctr_set_full_iv
av_aes_ctr_set_iv
av_aes_ctr_set_random_iv
av_aes_init
av_aes_size
av_append_path_component
av_asprintf
av_assert0_fpu
av_audio_fifo_alloc
av_audio_fifo_drain
av_audio_fifo_free
av_audio_fifo_peek
av_audio_fifo_peek_at
av_audio_fifo_read
av_audio_fifo_realloc
av_audio_fifo_reset
av_audio_fifo_size
av_audio_fifo_space
av_audio_fifo_write
av_base64_decode
av_base64_encode
av_basename
av_blowfish_alloc
av_blowfish_crypt
av_blowfish_crypt_ecb
av_blowfish_init
av_bmg_get
av_bprint_append_data
av_bprint_channel_layout
av_bprint_chars
av_bprint_clear
av_bprint_escape
av_bprint_finalize
av_bprint_get_buffer
av_bprint_init
av_bprint_init_for_buffer
av_bprint_strftime
av_bprintf
av_buffer_alloc
av_buffer_allocz
av_buffer_create
av_buffer_default_free
av_buffer_get_opaque
av_buffer_get_ref_count
av_buffer_is_writable
av_buffer_make_writable
av_buffer_pool_buffer_get_opaque
av_buffer_pool_get
av_buffer_pool_init
av_buffer_pool_init2
av_buffer_pool_uninit
av_buffer_realloc
av_buffer_ref
av_buffer_replace
av_buffer_unref
av_calloc
av_camellia_alloc
av_camellia_crypt
av_camellia_init
av_camellia_size
av_cast5_alloc
av_cast5_crypt
av_cast5_crypt2
av_cast5_init
av_cast5_size
av_channel_layout_extract_channel
av_chroma_location_from_name
av_chroma_location_name
av_cmp_i
av_color_primaries_from_name
av_color_primaries_name
av_color_range_from_name
av_color_range_name
av_color_space_from_name
av_color_space_name
av_color_transfer_from_name
av_color_transfer_name
av_compare_mod
av_compare_ts
av_content_light_metadata_alloc
av_content_light_metadata_create_side_data
av_cpu_count
av_cpu_force_count
av_cpu_max_align
av_crc
av_crc_get_table
av_crc_init
av_d2q
av_d2str
av_default_get_category
av_default_item_name
av_des_alloc
av_des_crypt
av_des_init
av_des_mac
av_detection_bbox_alloc
av_detection_bbox_create_side_data
av_dict_copy
av_dict_count
av_dict_free
av_dict_get
av_dict_get_string
av_dict_parse_string
av_dict_set
av_dict_set_int
av_dirname
av_display_matrix_flip
av_display_rotation_get
av_display_rotation_set
av_div_i
av_div_q
av_dovi_alloc
av_dovi_metadata_alloc
av_downmix_info_update_side_data
av_dynamic_hdr_plus_alloc
av_dynamic_hdr_plus_create_side_data
av_dynarray2_add
av_dynarray_add
av_dynarray_add_nofree
av_encryption_info_add_side_data
av_encryption_info_alloc
av_encryption_info_clone
av_encryption_info_free
av_encryption_info_get_side_data
av_encryption_init_info_add_side_data
av_encryption_init_info_alloc
av_encryption_init_info_free
av_encryption_init_info_get_side_data
av_escape
av_expr_count_func
av_expr_count_vars
av_expr_eval
av_expr_free
av_expr_parse
av_expr_parse_and_eval
av_fast_malloc
av_fast_mallocz
av_fast_realloc
av_fifo_alloc
av_fifo_alloc_array
av_fifo_drain
av_fifo_free
av_fifo_freep
av_fifo_generic_peek
av_fifo_generic_peek_at
av_fifo_generic_read
av_fifo_generic_write
av_fifo_grow
av_fifo_realloc2
av_fifo_reset
av_fifo_size
av_fifo_space
av_file_map
av_file_unmap
av_film_grain_params_alloc
av_film_grain_params_create_side_data
av_find_best_pix_fmt_of_2
av_find_info_tag
av_find_nearest_q_idx
av_fopen_utf8
av_force_cpu_flags
av_fourcc_make_string
av_frame_alloc
av_frame_apply_cropping
av_frame_clone
av_frame_copy
av_frame_copy_props
av_frame_free
av_frame_get_buffer
av_frame_get_plane_buffer
av_frame_get_side_data
av_frame_is_writable
av_frame_make_writable
av_frame_move_ref
av_frame_new_side_data
av_frame_new_side_data_from_buf
av_frame_ref
av_frame_remove_side_data
av_frame_side_data_name
av_frame_unref
av_free
av_freep
av_gcd
av_gcd_q
av_get_alt_sample_fmt
av_get_bits_per_pixel
av_get_bytes_per_sample
av_get_channel_description
av_get_channel_layout
av_get_channel_layout_channel_index
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_colorspace_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_extended_channel_layout
av_get_known_color_name
av_get_media_type_string
av_get_packed_sample_fmt
av_get_padded_bits_per_pixel
av_get_picture_type_char
av_get_pix_fmt
av_get_pix_fmt_loss
av_get_pix_fmt_name
av_get_pix_fmt_string
av_get_planar_sample_fmt
av_get_random_seed
av_get_sample_fmt
av_get_sample_fmt_name
av_get_sample_fmt_string
av_get_standard_channel_layout
av_get_time_base_q
av_get_token
av_gettime
av_gettime_relative
av_gettime_relative_is_monotonic
av_hash_alloc
av_hash_final
av_hash_final_b64
av_hash_final_bin
av_hash_final_hex
av_hash_freep
av_hash_get_name
av_hash_get_size
av_hash_init
av_hash_names
av_hash_update
av_hmac_alloc
av_hmac_calc
av_hmac_final
av_hmac_free
av_hmac_init
av_hmac_update
av_hwdevice_ctx_alloc
av_hwdevice_ctx_create
av_hwdevice_ctx_create_derived
av_hwdevice_ctx_create_derived_opts
av_hwdevice_ctx_init
av_hwdevice_find_type_by_name
av_hwdevice_get_hwframe_constraints
av_hwdevice_get_type_name
av_hwdevice_hwconfig_alloc
av_hwdevice_iterate_types
av_hwframe_constraints_free
av_hwframe_ctx_alloc
av_hwframe_ctx_create_derived
av_hwframe_ctx_init
av_hwframe_get_buffer
av_hwframe_map
av_hwframe_transfer_data
av_hwframe_transfer_get_formats
av_i2int
av_image_alloc
av_image_check_sar
av_image_check_size
av_image_check_size2
av_image_copy
av_image_copy_plane
av_image_copy_plane_uc_from
av_image_copy_to_buffer
av_image_copy_uc_from
av_image_fill_arrays
av_image_fill_black
av_image_fill_linesizes
av_image_fill_max_pixsteps
av_image_fill_plane_sizes
av_image_fill_pointers
av_image_get_buffer_size
av_image_get_linesize
av_int2i
av_int_list_length_for_size
av_lfg_init
av_lfg_init_from_data
av_log
av_log2
av_log2_16bit
av_log2_i
av_log_default_callback
av_log_format_line
av_log_format_line2
av_log_get_flags
av_log_get_level
av_log_once
av_log_set_callback
av_log_set_flags
av_log_set_level
av_lzo1x_decode
av_malloc
av_malloc_array
av_mallocz
av_mallocz_array
av_mastering_display_metadata_alloc
av_mastering_display_metadata_create_side_data
av_match_list
av_match_name
av_max_alloc
av_md5_alloc
av_md5_final
av_md5_init
av_md5_size
av_md5_sum
av_md5_update
av_memcpy_backptr
av_memdup
av_mod_i
av_mul_i
av_mul_q
av_murmur3_alloc
av_murmur3_final
av_murmur3_init
av_murmur3_init_seeded
av_murmur3_update
av_nearer_q
av_opt_child_class_iterate
av_opt_child_next
av_opt_copy
av_opt_eval_double
av_opt_eval_flags
av_opt_eval_float
av_opt_eval_int
av_opt_eval_int64
av_opt_eval_q
av_opt_find
av_opt_find2
av_opt_flag_is_set
av_opt_free
av_opt_freep_ranges
av_opt_get
av_opt_get_channel_layout
av_opt_get_dict_val
av_opt_get_double
av_opt_get_image_size
av_opt_get_int
av_opt_get_key_value
av_opt_get_pixel_fmt
av_opt_get_q
av_opt_get_sample_fmt
av_opt_get_video_rate
av_opt_is_set_to_default
av_opt_is_set_to_default_by_name
av_opt_next
av_opt_ptr
av_opt_query_ranges
av_opt_query_ranges_default
av_opt_serialize
av_opt_set
av_opt_set_bin
av_opt_set_channel_layout
av_opt_set_defaults
av_opt_set_defaults2
av_opt_set_dict
av_opt_set_dict2
av_opt_set_dict_val
av_opt_set_double
av_opt_set_from_string
av_opt_set_image_size
av_opt_set_int
av_opt_set_pixel_fmt
av_opt_set_q
av_opt_set_sample_fmt
av_opt_set_video_rate
av_opt_show2
av_parse_color
av_parse_cpu_caps
av_parse_ratio
av_parse_time
av_parse_video_rate
av_parse_video_size
av_pix_fmt_count_planes
av_pix_fmt_desc_get
av_pix_fmt_desc_get_id
av_pix_fmt_desc_next
av_pix_fmt_get_chroma_sub_sample
av_pix_fmt_swap_endianness
av_pixelutils_get_sad_fn
av_q2intfloat
av_rc4_alloc
av_rc4_crypt
av_rc4_init
av_read_image_line
av_read_image_line2
av_realloc
av_realloc_array
av_realloc_f
av_reallocp
av_reallocp_array
av_reduce
av_rescale
av_rescale_delta
av_rescale_q
av_rescale_q_rnd
av_rescale_rnd
av_ripemd_alloc
av_ripemd_final
av_ripemd_init
av_ripemd_size
av_ripemd_update
av_sample_fmt_is_planar
av_samples_alloc
av_samples_alloc_array_and_samples
av_samples_copy
av_samples_fill_arrays
av_samples_get_buffer_size
av_samples_set_silence
av_set_options_string
av_sha512_alloc
av_sha512_final
av_sha512_init
av_sha512_size
av_sha512_update
av_sha_alloc
av_sha_final
av_sha_init
av_sha_size
av_sha_update
av_shr_i
av_size_mult
av_small_strptime
av_spherical_alloc
av_spherical_from_name
av_spherical_projection_name
av_spherical_tile_bounds
av_sscanf
av_stereo3d_alloc
av_stereo3d_create_side_data
av_stereo3d_from_name
av_stereo3d_type_name
av_strcasecmp
av_strdup
av_strerror
av_strireplace
av_stristart
av_stristr
av_strlcat
av_strlcatf
av_strlcpy
av_strncasecmp
av_strndup
av_strnstr
av_strstart
av_strtod
av_strtok
av_sub_i
av_sub_q
av_tea_alloc
av_tea_crypt
av_tea_init
av_tea_size
av_tempfile
av_thread_message_flush
av_thread_message_queue_alloc
av_thread_message_queue_free
av_thread_message_queue_nb_elems
av_thread_message_queue_recv
av_thread_message_queue_send
av_thread_message_queue_set_err_recv
av_thread_message_queue_set_err_send
av_thread_message_queue_set_free_func
av_timecode_adjust_ntsc_framenum2
av_timecode_check_frame_rate
av_timecode_get_smpte
av_timecode_get_smpte_from_framenum
av_timecode_init
av_timecode_init_from_components
av_timecode_init_from_string
av_timecode_make_mpeg_tc_string
av_timecode_make_smpte_tc_string
av_timecode_make_smpte_tc_string2
av_timecode_make_string
av_timegm
av_tree_destroy
av_tree_enumerate
av_tree_find
av_tree_insert
av_tree_node_alloc
av_tree_node_size
av_twofish_alloc
av_twofish_crypt
av_twofish_init
av_twofish_size
av_tx_init
av_tx_uninit
av_usleep
av_utf8_decode
av_util_ffversion
av_vbprintf
av_version_info

Sections

.text
Size: 712KB - Virtual size: 711KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 896B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
channel.dll
.dll windows:6 windows x64 arch:x64

dd2f969be4191c76250e9484719f6050

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1c:f4:32:cd:2e:9b:19:4a:18:b5:a0:1f:8c:2e:0b:e3:c2:c9:b7:3b:fd:2e:76:7b:68:13:6e:ae:34:d4:d5:67
Signer

Actual PE Digest

1c:f4:32:cd:2e:9b:19:4a:18:b5:a0:1f:8c:2e:0b:e3:c2:c9:b7:3b:fd:2e:76:7b:68:13:6e:ae:34:d4:d5:67

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\channel.pdb

Imports

ws2_32

ntohl
freeaddrinfo
getaddrinfo
ntohs
htons
WSAWaitForMultipleEvents
WSASetEvent
WSAResetEvent
WSAEventSelect
WSAEnumNetworkEvents
WSACreateEvent
WSACloseEvent
WSAGetLastError
socket
setsockopt
sendto
send
recvfrom
recv
listen
getsockopt
getsockname
getpeername
ioctlsocket
connect
closesocket
bind
accept
htonl

winmm

timeEndPeriod
timeBeginPeriod
timeGetTime

secur32

DeleteSecurityContext
CompleteAuthToken
InitializeSecurityContextA
FreeCredentialsHandle
AcquireCredentialsHandleA

kernel32

WriteConsoleW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
HeapReAlloc
SetStdHandle
GetFileSizeEx
FlushFileBuffers
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HeapFree
HeapAlloc
GetModuleFileNameW
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
SetEvent
CreateEventW
HeapSize
CloseHandle
GetCurrentThreadId
GetTickCount64
GetLastError
Sleep
OpenThread
TlsAlloc
TlsGetValue
TlsSetValue
GetStdHandle
WriteFile
IsDebuggerPresent
OutputDebugStringA
FormatMessageA
DebugBreak
RaiseException
GetCurrentThread
GetModuleHandleA
GetProcAddress
TryEnterCriticalSection
ResetEvent
MultiByteToWideChar
SetLastError
WideCharToMultiByte
InitializeSRWLock
ReleaseSRWLockExclusive
ReleaseSRWLockShared
AcquireSRWLockExclusive
AcquireSRWLockShared
InitOnceExecuteOnce
InitializeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
RtlVirtualUnwind
GetSystemTimeAsFileTime
GlobalAlloc
GlobalFree
ExitProcess
CreateThread
InitializeCriticalSectionEx
EncodePointer
DecodePointer
LCMapStringEx
GetStringTypeW
GetCPInfo
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
GetStartupInfoW
GetModuleHandleW
QueryPerformanceCounter
GetCurrentProcessId
InitializeSListHead
RtlUnwindEx
RtlPcToFileHeader
InterlockedFlushSList
InitializeCriticalSectionAndSpinCount
TlsFree
FreeLibrary
LoadLibraryExW
GetTimeZoneInformation
GetConsoleOutputCP
GetConsoleMode
SetFilePointerEx
CreateFileW
GetFileType
QueryPerformanceFrequency
GetModuleHandleExW

advapi32

SystemFunction036

iphlpapi

GetAdaptersAddresses

Exports

Exports

RTCAddConnectionLostCallback
RTCCleanup
RTCCreateCallerPeer
RTCDisconnectPeer
RTCGetBufferedAmount
RTCGetConnectedPeerCount
RTCGetPeerFromID
RTCInit
RTCIsDataChannelAvailable
RTCMessageFromPeer
RTCRemoveConnectionLostCallback
RTCSendBroadcast
RTCSendToDataChannel
RTCUpdateIceServer

Sections

.text
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 614KB - Virtual size: 614KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/ViGEm/ViGEmBus.inf
driver/ViGEm/vigembus.cat
driver/ViGEm/x64/ViGEmBus.sys
.sys windows:10 windows x64 arch:x64

8d1a4e8712010d023cba4c6cbe2df2be

Code Sign

33:00:00:00:58:4c:08:4c:80:a1:c8:d5:61:00:00:00:00:00:58
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-11-2017 19:18

Not After

01-11-2018 19:18

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18-04-2012 23:48

Not After

18-04-2027 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:d9:75:e9:2d:4b:cb:0f:bb:c9:5b:aa:2a:22:4a:b1:20:6e:16:da:bf:5c:b6:87:3f:12:a6:18:6d:7d:ac:0d
Signer

Actual PE Digest

39:d9:75:e9:2d:4b:cb:0f:bb:c9:5b:aa:2a:22:4a:b1:20:6e:16:da:bf:5c:b6:87:3f:12:a6:18:6d:7d:ac:0d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\projects\vigembus\bin\x64\ViGEmBus.pdb

Imports

ntoskrnl.exe

RtlRandomEx
IoWMIRegistrationControl
PsGetCurrentProcessId
KeBugCheckEx
MmGetSystemRoutineAddress
RtlInitUnicodeString
RtlCopyUnicodeString
ExFreePoolWithTag
ExAllocatePoolWithTag
RtlCompareMemory
RtlAnsiCharToUnicodeChar

hal

KeQueryPerformanceCounter

wdfldr.sys

WdfVersionUnbind
WdfVersionBind
WdfVersionBindClass
WdfVersionUnbindClass

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/ViGEm/x64/WdfCoinstaller01009.dll
.dll windows:6 windows x64 arch:x64

70497fec79daa5f71de3b34faee686a5

Code Sign

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-09-2006 01:53

Not After

16-09-2011 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11-10-2005 21:55

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:02:a4:e9:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11-04-2009 05:58

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Component Publisher,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:58:4c:08:4c:80:a1:c8:d5:61:00:00:00:00:00:58
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-11-2017 19:18

Not After

01-11-2018 19:18

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18-04-2012 23:48

Not After

18-04-2027 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:20:71:26:48:08:48:76:34:3b:cf:73:92:14:96:ef:4e:d0:0a:b9:cd:75:42:5e:e9:be:11:8f:40:5f:0b:25
Signer

Actual PE Digest

0b:20:71:26:48:08:48:76:34:3b:cf:73:92:14:96:ef:4e:d0:0a:b9:cd:75:42:5e:e9:be:11:8f:40:5f:0b:25

Digest Algorithm

sha256

PE Digest Matches

true

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e
Signer

Actual PE Digest

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WdfCoInstaller01009.pdb

Imports

msvcrt

memset
memcpy
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
_ultow
malloc
_wcsnicmp
free
_wtoi
_wcsicmp
_stricmp
_vsnwprintf

setupapi

SetupDiSetDeviceInstallParamsW
SetupCloseLog
SetupOpenInfFileW
SetupCloseInfFile
CM_Set_DevNode_Problem_Ex
SetupDiGetDeviceInstallParamsW
SetupLogErrorW
SetupOpenLog
SetupDiGetActualSectionToInstallW
SetupFindNextMatchLineW
SetupDiGetSelectedDriverW
SetupGetStringFieldW
SetupPromptReboot
SetupFindFirstLineW
SetupGetLineCountW
SetupDiGetDriverInfoDetailW

kernel32

GetModuleFileNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
Sleep
LoadLibraryExW
ExpandEnvironmentStringsW
GetFileInformationByHandle
DeleteFileW
CloseHandle
FindNextFileW
RemoveDirectoryW
LockResource
GetLocalTime
FindClose
SetLastError
CreateFileW
FileTimeToSystemTime
TerminateProcess
GetExitCodeProcess
FormatMessageW
SizeofResource
WriteFile
OutputDebugStringW
WaitForSingleObject
CreateDirectoryW
CreateProcessW
LoadResource
FindResourceW
FindFirstFileW
LoadLibraryW
WideCharToMultiByte
FreeLibrary
lstrlenA
LocalFree
GetWindowsDirectoryW
LocalAlloc
GlobalFree
GetProcAddress
GetLastError
VerifyVersionInfoW
GetModuleHandleW
VerSetConditionMask

advapi32

DeleteService
OpenSCManagerW
QueryServiceConfigW
ChangeServiceConfigW
RegFlushKey
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
CloseServiceHandle
QueryServiceStatusEx
RegQueryValueExW
OpenServiceW

crypt32

CertGetCertificateContextProperty

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

shell32

CommandLineToArgvW

user32

LoadStringW
IsCharAlphaNumericW
IsCharAlphaW

ole32

CoTaskMemFree

Exports

Exports

WdfCoInstaller
WdfPostDeviceInstall
WdfPostDeviceRemove
WdfPreDeviceInstall
WdfPreDeviceInstallEx
WdfPreDeviceRemove

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/legacy/ViGEm/ViGEmBus.inf
driver/legacy/ViGEm/vigembus.cat
driver/legacy/ViGEm/x64/ViGEmBus.sys
.sys windows:10 windows x64 arch:x64

8d1a4e8712010d023cba4c6cbe2df2be

Code Sign

33:00:00:00:58:4c:08:4c:80:a1:c8:d5:61:00:00:00:00:00:58
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-11-2017 19:18

Not After

01-11-2018 19:18

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18-04-2012 23:48

Not After

18-04-2027 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

39:d9:75:e9:2d:4b:cb:0f:bb:c9:5b:aa:2a:22:4a:b1:20:6e:16:da:bf:5c:b6:87:3f:12:a6:18:6d:7d:ac:0d
Signer

Actual PE Digest

39:d9:75:e9:2d:4b:cb:0f:bb:c9:5b:aa:2a:22:4a:b1:20:6e:16:da:bf:5c:b6:87:3f:12:a6:18:6d:7d:ac:0d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\projects\vigembus\bin\x64\ViGEmBus.pdb

Imports

ntoskrnl.exe

RtlRandomEx
IoWMIRegistrationControl
PsGetCurrentProcessId
KeBugCheckEx
MmGetSystemRoutineAddress
RtlInitUnicodeString
RtlCopyUnicodeString
ExFreePoolWithTag
ExAllocatePoolWithTag
RtlCompareMemory
RtlAnsiCharToUnicodeChar

hal

KeQueryPerformanceCounter

wdfldr.sys

WdfVersionUnbind
WdfVersionBind
WdfVersionBindClass
WdfVersionUnbindClass

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/legacy/ViGEm/x64/WdfCoinstaller01009.dll
.dll windows:6 windows x64 arch:x64

70497fec79daa5f71de3b34faee686a5

Code Sign

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-09-2006 01:53

Not After

16-09-2011 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11-10-2005 21:55

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:02:a4:e9:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11-04-2009 05:58

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Component Publisher,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:58:4c:08:4c:80:a1:c8:d5:61:00:00:00:00:00:58
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

01-11-2017 19:18

Not After

01-11-2018 19:18

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0b:aa:c1:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

18-04-2012 23:48

Not After

18-04-2027 23:58

Subject

CN=Microsoft Windows Third Party Component CA 2012,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:20:71:26:48:08:48:76:34:3b:cf:73:92:14:96:ef:4e:d0:0a:b9:cd:75:42:5e:e9:be:11:8f:40:5f:0b:25
Signer

Actual PE Digest

0b:20:71:26:48:08:48:76:34:3b:cf:73:92:14:96:ef:4e:d0:0a:b9:cd:75:42:5e:e9:be:11:8f:40:5f:0b:25

Digest Algorithm

sha256

PE Digest Matches

true

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e
Signer

Actual PE Digest

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WdfCoInstaller01009.pdb

Imports

msvcrt

memset
memcpy
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
_ultow
malloc
_wcsnicmp
free
_wtoi
_wcsicmp
_stricmp
_vsnwprintf

setupapi

SetupDiSetDeviceInstallParamsW
SetupCloseLog
SetupOpenInfFileW
SetupCloseInfFile
CM_Set_DevNode_Problem_Ex
SetupDiGetDeviceInstallParamsW
SetupLogErrorW
SetupOpenLog
SetupDiGetActualSectionToInstallW
SetupFindNextMatchLineW
SetupDiGetSelectedDriverW
SetupGetStringFieldW
SetupPromptReboot
SetupFindFirstLineW
SetupGetLineCountW
SetupDiGetDriverInfoDetailW

kernel32

GetModuleFileNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
Sleep
LoadLibraryExW
ExpandEnvironmentStringsW
GetFileInformationByHandle
DeleteFileW
CloseHandle
FindNextFileW
RemoveDirectoryW
LockResource
GetLocalTime
FindClose
SetLastError
CreateFileW
FileTimeToSystemTime
TerminateProcess
GetExitCodeProcess
FormatMessageW
SizeofResource
WriteFile
OutputDebugStringW
WaitForSingleObject
CreateDirectoryW
CreateProcessW
LoadResource
FindResourceW
FindFirstFileW
LoadLibraryW
WideCharToMultiByte
FreeLibrary
lstrlenA
LocalFree
GetWindowsDirectoryW
LocalAlloc
GlobalFree
GetProcAddress
GetLastError
VerifyVersionInfoW
GetModuleHandleW
VerSetConditionMask

advapi32

DeleteService
OpenSCManagerW
QueryServiceConfigW
ChangeServiceConfigW
RegFlushKey
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
CloseServiceHandle
QueryServiceStatusEx
RegQueryValueExW
OpenServiceW

crypt32

CertGetCertificateContextProperty

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

shell32

CommandLineToArgvW

user32

LoadStringW
IsCharAlphaNumericW
IsCharAlphaW

ole32

CoTaskMemFree

Exports

Exports

WdfCoInstaller
WdfPostDeviceInstall
WdfPostDeviceRemove
WdfPreDeviceInstall
WdfPreDeviceInstallEx
WdfPreDeviceRemove

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/legacy/vJoy/WdfCoinstaller01009.dll
.dll windows:6 windows x64 arch:x64

70497fec79daa5f71de3b34faee686a5

Code Sign

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-09-2006 01:53

Not After

16-09-2011 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11-10-2005 21:55

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:02:a4:e9:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11-04-2009 05:58

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Component Publisher,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e
Signer

Actual PE Digest

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WdfCoInstaller01009.pdb

Imports

msvcrt

memset
memcpy
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
_ultow
malloc
_wcsnicmp
free
_wtoi
_wcsicmp
_stricmp
_vsnwprintf

setupapi

SetupDiSetDeviceInstallParamsW
SetupCloseLog
SetupOpenInfFileW
SetupCloseInfFile
CM_Set_DevNode_Problem_Ex
SetupDiGetDeviceInstallParamsW
SetupLogErrorW
SetupOpenLog
SetupDiGetActualSectionToInstallW
SetupFindNextMatchLineW
SetupDiGetSelectedDriverW
SetupGetStringFieldW
SetupPromptReboot
SetupFindFirstLineW
SetupGetLineCountW
SetupDiGetDriverInfoDetailW

kernel32

GetModuleFileNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
Sleep
LoadLibraryExW
ExpandEnvironmentStringsW
GetFileInformationByHandle
DeleteFileW
CloseHandle
FindNextFileW
RemoveDirectoryW
LockResource
GetLocalTime
FindClose
SetLastError
CreateFileW
FileTimeToSystemTime
TerminateProcess
GetExitCodeProcess
FormatMessageW
SizeofResource
WriteFile
OutputDebugStringW
WaitForSingleObject
CreateDirectoryW
CreateProcessW
LoadResource
FindResourceW
FindFirstFileW
LoadLibraryW
WideCharToMultiByte
FreeLibrary
lstrlenA
LocalFree
GetWindowsDirectoryW
LocalAlloc
GlobalFree
GetProcAddress
GetLastError
VerifyVersionInfoW
GetModuleHandleW
VerSetConditionMask

advapi32

DeleteService
OpenSCManagerW
QueryServiceConfigW
ChangeServiceConfigW
RegFlushKey
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
CloseServiceHandle
QueryServiceStatusEx
RegQueryValueExW
OpenServiceW

crypt32

CertGetCertificateContextProperty

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

shell32

CommandLineToArgvW

user32

LoadStringW
IsCharAlphaNumericW
IsCharAlphaW

ole32

CoTaskMemFree

Exports

Exports

WdfCoInstaller
WdfPostDeviceInstall
WdfPostDeviceRemove
WdfPreDeviceInstall
WdfPreDeviceInstallEx
WdfPreDeviceRemove

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/legacy/vJoy/hidkmdf.sys
.sys windows:10 windows x64 arch:x64

b7b6f5f7218e6ff6a313485113ccffaf

Code Sign

2e:d4:aa:f1:c2:3d:e3:8f:45:2f:50:2c:0f:01:92:b6
Certificate

Issuer

CN=WDKTestCert Shaul\,131238418298116537

Not Before

17-11-2016 07:37

Not After

17-11-2026 00:00

Subject

CN=WDKTestCert Shaul\,131238418298116537

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageKeyEncipherment
KeyUsageDataEncipherment

dc:ee:72:04:97:43:fc:0b:af:15:48:b7:4c:18:b4:45:0f:43:07:62
Signer

Actual PE Digest

dc:ee:72:04:97:43:fc:0b:af:15:48:b7:4c:18:b4:45:0f:43:07:62

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Shaul\Documents\GitHub\vJoy\x64\Release\hidkmdf.pdb

Imports

ntoskrnl.exe

KeBugCheckEx
PoStartNextPowerIrp
PoCallDriver
IofCallDriver
RtlCopyUnicodeString

hidclass.sys

HidRegisterMinidriver

wdfldr.sys

WdfVersionBind
WdfVersionUnbind
WdfVersionBindClass
WdfVersionUnbindClass

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 11B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/legacy/vJoy/vJoy.sys
.sys windows:10 windows x64 arch:x64

c067f33df7bc725d02da26ea021d07e9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

02:ce:5e:93:97:27:8f:47:e8:6d:94:31:53:63:cc:30
Certificate

Issuer

CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

09-04-2015 00:00

Not After

13-04-2017 12:00

Subject

CN=Shaul Eizikovich,O=Shaul Eizikovich,L=Hod HaSharon,ST=Tel Aviv,C=IL

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:45

Not After

15-04-2021 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

02:c4:d1:e5:8a:4a:68:0c:56:8d:a3:04:7e:7e:4d:5f
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

11-02-2011 12:00

Not After

10-02-2026 12:00

Subject

CN=DigiCert High Assurance Code Signing CA-1,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4b:20:43:96:fa:41:df:3e:e4:d8:78:19:b7:30:9f:2d:2a:6f:18:c4
Signer

Actual PE Digest

4b:20:43:96:fa:41:df:3e:e4:d8:78:19:b7:30:9f:2d:2a:6f:18:c4

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Shaul\Documents\GitHub\vJoy\x64\Release\vJoy.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
ExFreePoolWithTag
IoAllocateErrorLogEntry
IoWriteErrorLogEntry
RtlGetVersion
ZwEnumerateKey
PsGetCurrentProcessId
RtlAnsiCharToUnicodeChar
KeBugCheckEx
RtlCopyUnicodeString
RtlInitUnicodeString
RtlUnicodeStringToInteger
wcscpy_s

wdfldr.sys

WdfVersionBindClass
WdfVersionBind
WdfVersionUnbind
WdfVersionUnbindClass

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/legacy/vJoy/vjoy.cat
driver/legacy/vJoy/vjoy.inf
driver/usbmmidd_v2/License.txt
driver/usbmmidd_v2/deviceinstaller64.exe
.exe windows:5 windows x64 arch:x64

a1299172b42388a072e9cae23c8ffa69

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

FindFirstFileW
FindNextFileW
LocalFree
GetCurrentProcess
FormatMessageW
FileTimeToSystemTime
GetFileAttributesW
SetFilePointerEx
SetStdHandle
HeapSize
HeapReAlloc
GetConsoleMode
CreateFileW
GetFullPathNameW
GetWindowsDirectoryW
LoadLibraryW
lstrlenW
CloseHandle
FindClose
DeviceIoControl
GetLastError
GetProcAddress
GetDateFormatW
FreeLibrary
GetConsoleCP
FlushFileBuffers
OutputDebugStringW
LoadLibraryExW
LCMapStringW
WideCharToMultiByte
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStringTypeW
GetStartupInfoW
GetFileType
RtlUnwindEx
Sleep
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetModuleFileNameW
WriteFile
GetStdHandle
GetModuleHandleExW
WriteConsoleW
ExitProcess
GetProcessHeap
MultiByteToWideChar
GetCurrentThreadId
SetLastError
GetCPInfo
GetOEMCP
GetACP
HeapFree
HeapAlloc
EnterCriticalSection
LeaveCriticalSection
GetCommandLineW
EncodePointer
DecodePointer
RtlPcToFileHeader
RaiseException
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage

user32

wsprintfW
LoadStringW
CharPrevW
CharNextW

advapi32

RegQueryValueExW
LookupPrivilegeValueW
AdjustTokenPrivileges
OpenProcessToken
OpenServiceW
OpenSCManagerW
CloseServiceHandle
RegSetValueExW
RegDeleteValueW
RegCloseKey
InitiateSystemShutdownExW

ole32

CLSIDFromString
IIDFromString

setupapi

CM_Get_Next_Res_Des_Ex
CM_Get_Res_Des_Data_Size_Ex
CM_Get_Res_Des_Data_Ex
CM_Get_First_Log_Conf_Ex
CM_Free_Res_Des_Handle
CM_Free_Log_Conf_Handle
SetupDiGetDriverInstallParamsW
SetupDiSetDeviceInstallParamsW
SetupDiDestroyDriverInfoList
SetupDiGetDriverInfoDetailW
SetupDiSetSelectedDriverW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
SetupScanFileQueueW
SetupCloseFileQueue
SetupOpenFileQueue
SetupGetStringFieldW
SetupFindFirstLineW
SetupCloseInfFile
SetupOpenInfFileW
SetupDiGetDeviceRegistryPropertyW
SetupDiOpenDeviceInfoW
SetupDiCreateDeviceInfoListExW
CM_Reenumerate_DevNode_Ex
CM_Locate_DevNode_ExW
CM_Get_Device_Interface_List_SizeW
CM_Get_Device_Interface_ListW
CM_Get_DevNode_Status_Ex
CM_Get_Device_ID_ExW
CM_Disconnect_Machine
CM_Connect_MachineW
SetupDiClassGuidsFromNameExW
SetupDiClassNameFromGuidExW
SetupDiSetClassInstallParamsW
SetupDiGetDeviceInstallParamsW
SetupDiSetDeviceRegistryPropertyW
SetupDiOpenClassRegKeyExW
SetupDiCallClassInstaller
SetupDiGetClassDescriptionExW
SetupDiBuildClassInfoListExW
SetupDiGetINFClassW
SetupDiGetClassDevsExW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiCreateDeviceInfoW
SetupDiGetDeviceInfoListDetailW
SetupDiCreateDeviceInfoList
SetupCopyOEMInfW
SetupDiOpenDevRegKey

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/usbmmidd_v2/usbmmIdd.inf
driver/usbmmidd_v2/usbmmidd.cat
driver/usbmmidd_v2/x64/usbmmIdd.dll
.dll windows:10 windows x64 arch:x64

8cce31b273712b965675a6ee6b242015

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

X:\Projects\usbmm\usbmmIdd\x64\Release\usbmmIdd.pdb

Imports

ntdll

RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
RtlPcToFileHeader
RtlUnwindEx
DbgPrintEx

api-ms-win-core-handle-l1-1-0

CloseHandle

api-ms-win-core-errorhandling-l1-1-0

SetLastError
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RaiseException
GetLastError

api-ms-win-core-synch-l1-1-0

SetEvent
DeleteCriticalSection
WaitForSingleObject
CreateEventW
InitializeCriticalSectionAndSpinCount

api-ms-win-core-synch-l1-2-1

WaitForMultipleObjects

api-ms-win-core-processthreads-l1-1-0

TerminateProcess
CreateThread
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc

api-ms-win-core-com-l1-1-0

IIDFromString

dxgi

CreateDXGIFactory2

d3d11

D3D11CreateDevice

avrt

AvSetMmThreadCharacteristicsW
AvRevertMmThreadCharacteristics

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_crt_atexit
_initterm_e
abort
_errno
_invalid_parameter_noinfo_noreturn
_invalid_parameter_noinfo
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
terminate
_execute_onexit_table
_seh_filter_dll

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswscanf
__stdio_common_vswprintf_s

api-ms-win-crt-string-l1-1-0

wcsncmp
memset
strcpy_s

api-ms-win-core-debug-l1-1-0

IsDebuggerPresent

api-ms-win-core-processthreads-l1-1-1

IsProcessorFeaturePresent

api-ms-win-core-libraryloader-l1-2-0

FreeLibrary
GetProcAddress
LoadLibraryExW

api-ms-win-core-profile-l1-1-0

QueryPerformanceCounter

api-ms-win-core-sysinfo-l1-1-0

GetSystemTimeAsFileTime

api-ms-win-core-interlocked-l1-1-0

InitializeSListHead
InterlockedFlushSList

api-ms-win-core-util-l1-1-0

EncodePointer

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
calloc
free

Exports

Exports

FxDriverEntryUm

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/vJoy/WdfCoinstaller01009.dll
.dll windows:6 windows x64 arch:x64

70497fec79daa5f71de3b34faee686a5

Code Sign

61:47:52:ba:00:00:00:00:00:04
Certificate

Issuer

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

16-09-2006 01:53

Not After

16-09-2011 02:03

Subject

CN=Microsoft Timestamping Service,OU=nCipher DSE ESN:D8A9-CFCC-579C,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6a:0b:99:4f:c0:00:25:ab:11:db:45:1f:58:7a:67:a2
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

16-09-2006 01:04

Not After

15-09-2019 07:00

Subject

CN=Microsoft Timestamping PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6a:0b:99:4f:c0:00:1b:ab:11:da:3a:a1:b6:df:ec:88
Certificate

Issuer

CN=Microsoft Root Authority,OU=Copyright (c) 1997 Microsoft Corp.+OU=Microsoft Corporation

Not Before

11-10-2005 21:55

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment
KeyUsageCertSign
KeyUsageCRLSign

61:02:a4:e9:00:00:00:00:00:09
Certificate

Issuer

CN=Microsoft Windows Verification Intermediate PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

11-04-2009 05:58

Not After

26-04-2010 07:00

Subject

CN=Microsoft Windows Component Publisher,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:25:3a:27:38:69:0a:34:51:c1:00:00:00:00:00:25
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-09-2018 21:30

Not After

06-09-2019 21:30

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-10-2014 20:31

Not After

15-10-2029 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0b:20:71:26:48:08:48:76:34:3b:cf:73:92:14:96:ef:4e:d0:0a:b9:cd:75:42:5e:e9:be:11:8f:40:5f:0b:25
Signer

Actual PE Digest

0b:20:71:26:48:08:48:76:34:3b:cf:73:92:14:96:ef:4e:d0:0a:b9:cd:75:42:5e:e9:be:11:8f:40:5f:0b:25

Digest Algorithm

sha256

PE Digest Matches

true

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e
Signer

Actual PE Digest

05:63:99:fa:ac:b9:fc:49:f3:cf:78:bf:c3:d9:f2:f4:63:e5:01:2e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

WdfCoInstaller01009.pdb

Imports

msvcrt

memset
memcpy
__C_specific_handler
_amsg_exit
_initterm
_XcptFilter
_ultow
malloc
_wcsnicmp
free
_wtoi
_wcsicmp
_stricmp
_vsnwprintf

setupapi

SetupDiSetDeviceInstallParamsW
SetupCloseLog
SetupOpenInfFileW
SetupCloseInfFile
CM_Set_DevNode_Problem_Ex
SetupDiGetDeviceInstallParamsW
SetupLogErrorW
SetupOpenLog
SetupDiGetActualSectionToInstallW
SetupFindNextMatchLineW
SetupDiGetSelectedDriverW
SetupGetStringFieldW
SetupPromptReboot
SetupFindFirstLineW
SetupGetLineCountW
SetupDiGetDriverInfoDetailW

kernel32

GetModuleFileNameW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
Sleep
LoadLibraryExW
ExpandEnvironmentStringsW
GetFileInformationByHandle
DeleteFileW
CloseHandle
FindNextFileW
RemoveDirectoryW
LockResource
GetLocalTime
FindClose
SetLastError
CreateFileW
FileTimeToSystemTime
TerminateProcess
GetExitCodeProcess
FormatMessageW
SizeofResource
WriteFile
OutputDebugStringW
WaitForSingleObject
CreateDirectoryW
CreateProcessW
LoadResource
FindResourceW
FindFirstFileW
LoadLibraryW
WideCharToMultiByte
FreeLibrary
lstrlenA
LocalFree
GetWindowsDirectoryW
LocalAlloc
GlobalFree
GetProcAddress
GetLastError
VerifyVersionInfoW
GetModuleHandleW
VerSetConditionMask

advapi32

DeleteService
OpenSCManagerW
QueryServiceConfigW
ChangeServiceConfigW
RegFlushKey
RegSetValueExW
RegCreateKeyExW
RegCloseKey
RegOpenKeyExW
CloseServiceHandle
QueryServiceStatusEx
RegQueryValueExW
OpenServiceW

crypt32

CertGetCertificateContextProperty

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

shell32

CommandLineToArgvW

user32

LoadStringW
IsCharAlphaNumericW
IsCharAlphaW

ole32

CoTaskMemFree

Exports

Exports

WdfCoInstaller
WdfPostDeviceInstall
WdfPostDeviceRemove
WdfPreDeviceInstall
WdfPreDeviceInstallEx
WdfPreDeviceRemove

Sections

.text
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 280B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/vJoy/hidkmdf.sys
.sys windows:10 windows x64 arch:x64

b7b6f5f7218e6ff6a313485113ccffaf

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:45

Not After

15-04-2021 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:df:1f:fb:8b:0e:ef:71:ed:95:73:aa:e3:ec:fc:dc
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-07-2019 00:00

Not After

13-07-2020 12:00

Subject

SERIALNUMBER=A214013764,CN=On-site Dental Systems (Justin Shafer),O=On-site Dental Systems (Justin Shafer),L=North Richland Hills,ST=Texas,C=US,2.5.4.15=#130f427573696e65737320456e74697479,1.3.6.1.4.1.311.60.2.1.1=#130e54617272616e7420436f756e7479,1.3.6.1.4.1.311.60.2.1.2=#13055465786173,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:25:3a:27:38:69:0a:34:51:c1:00:00:00:00:00:25
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-09-2018 21:30

Not After

06-09-2019 21:30

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-10-2014 20:31

Not After

15-10-2029 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

56:2a:7c:3a:d9:36:44:e8:dd:7a:96:71:d0:a5:2e:0d:c4:5a:25:5d:d1:60:dd:54:51:cb:ad:43:7e:1f:1c:fc
Signer

Actual PE Digest

56:2a:7c:3a:d9:36:44:e8:dd:7a:96:71:d0:a5:2e:0d:c4:5a:25:5d:d1:60:dd:54:51:cb:ad:43:7e:1f:1c:fc

Digest Algorithm

sha256

PE Digest Matches

true

be:5d:82:7a:e5:12:0a:58:b4:91:b6:2c:cc:87:ec:d6:c9:cb:de:3e
Signer

Actual PE Digest

be:5d:82:7a:e5:12:0a:58:b4:91:b6:2c:cc:87:ec:d6:c9:cb:de:3e

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Justin\Desktop\vJoy-master\x64\Release\hidkmdf.pdb

Imports

ntoskrnl.exe

KeBugCheckEx
PoStartNextPowerIrp
PoCallDriver
IofCallDriver
RtlCopyUnicodeString

hidclass.sys

HidRegisterMinidriver

wdfldr.sys

WdfVersionBind
WdfVersionUnbind
WdfVersionBindClass
WdfVersionUnbindClass

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 512B - Virtual size: 11B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1024B - Virtual size: 706B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 36B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/vJoy/vJoy.sys
.sys windows:10 windows x64 arch:x64

c067f33df7bc725d02da26ea021d07e9

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21-12-2012 00:00

Not After

30-12-2020 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18-10-2012 00:00

Not After

29-12-2020 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

61:20:4d:b4:00:00:00:00:00:27
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-04-2011 19:45

Not After

15-04-2021 19:55

Subject

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:df:1f:fb:8b:0e:ef:71:ed:95:73:aa:e3:ec:fc:dc
Certificate

Issuer

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

10-07-2019 00:00

Not After

13-07-2020 12:00

Subject

SERIALNUMBER=A214013764,CN=On-site Dental Systems (Justin Shafer),O=On-site Dental Systems (Justin Shafer),L=North Richland Hills,ST=Texas,C=US,2.5.4.15=#130f427573696e65737320456e74697479,1.3.6.1.4.1.311.60.2.1.1=#130e54617272616e7420436f756e7479,1.3.6.1.4.1.311.60.2.1.2=#13055465786173,1.3.6.1.4.1.311.60.2.1.3=#13025553

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

03:f1:b4:e1:5f:3a:82:f1:14:96:78:b3:d7:d8:47:5c
Certificate

Issuer

CN=DigiCert High Assurance EV Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18-04-2012 12:00

Not After

18-04-2027 12:00

Subject

CN=DigiCert EV Code Signing CA (SHA2),OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

33:00:00:00:25:3a:27:38:69:0a:34:51:c1:00:00:00:00:00:25
Certificate

Issuer

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

06-09-2018 21:30

Not After

06-09-2019 21:30

Subject

CN=Microsoft Windows Hardware Compatibility Publisher,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

33:00:00:00:0d:69:0d:5d:78:93:d0:76:df:00:00:00:00:00:0d
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

15-10-2014 20:31

Not After

15-10-2029 20:41

Subject

CN=Microsoft Windows Third Party Component CA 2014,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

9e:c6:30:4e:39:23:15:e9:56:6e:86:b1:36:b8:eb:6c:4c:54:5d:04:ca:69:ac:7a:86:66:f8:c8:8e:3c:2d:d9
Signer

Actual PE Digest

9e:c6:30:4e:39:23:15:e9:56:6e:86:b1:36:b8:eb:6c:4c:54:5d:04:ca:69:ac:7a:86:66:f8:c8:8e:3c:2d:d9

Digest Algorithm

sha256

PE Digest Matches

true

1f:92:81:8a:e1:ad:79:e1:0d:f6:2f:d4:31:56:00:0c:13:d9:38:7b
Signer

Actual PE Digest

1f:92:81:8a:e1:ad:79:e1:0d:f6:2f:d4:31:56:00:0c:13:d9:38:7b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\Justin\Desktop\vJoy-master\x64\Release\vJoy.pdb

Imports

ntoskrnl.exe

ExAllocatePoolWithTag
ExFreePoolWithTag
IoAllocateErrorLogEntry
IoWriteErrorLogEntry
RtlGetVersion
ZwEnumerateKey
PsGetCurrentProcessId
RtlAnsiCharToUnicodeChar
KeBugCheckEx
RtlCopyUnicodeString
RtlInitUnicodeString
RtlUnicodeStringToInteger
wcscpy_s

wdfldr.sys

WdfVersionBindClass
WdfVersionBind
WdfVersionUnbind
WdfVersionUnbindClass

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PAGE
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
driver/vJoy/vjoy.cat
driver/vJoy/vjoy.inf
driververifyx64.exe
.exe windows:6 windows x64 arch:x64

3653d686ede37ba23c7c315ce2cdfb76

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

87:b4:50:d4:a2:75:dc:16:02:0e:03:dd:3d:12:24:4a:43:b4:46:6a:85:66:13:27:b6:7e:48:a9:2a:5f:2b:f3
Signer

Actual PE Digest

87:b4:50:d4:a2:75:dc:16:02:0e:03:dd:3d:12:24:4a:43:b4:46:6a:85:66:13:27:b6:7e:48:a9:2a:5f:2b:f3

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\driververifyx64.pdb

Imports

setupapi

SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoW
SetupDiSetDeviceRegistryPropertyW
SetupDiCallClassInstaller
SetupDiGetDeviceInstallParamsW
SetupDiEnumDriverInfoW
SetupDiBuildDriverInfoList
CM_Get_Sibling
SetupDiSetClassInstallParamsW
SetupDiEnumDeviceInfo
SetupDiGetClassDevsW
CM_Get_Device_IDW
CM_Get_Child
SetupDiDestroyDeviceInfoList
SetupDiGetINFClassW

shlwapi

StrCmpW
StrRChrW

kernel32

TlsSetValue
WriteConsoleW
CreateFileW
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetProcessHeap
GetStringTypeW
SetStdHandle
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
VerSetConditionMask
VerifyVersionInfoW
GetModuleFileNameW
lstrlenW
LoadLibraryW
GetProcAddress
FreeLibrary
CreateProcessW
WaitForSingleObject
CloseHandle
WideCharToMultiByte
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwindEx
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsFree
LoadLibraryExW
EncodePointer
RaiseException
RtlPcToFileHeader
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
GetCommandLineA
GetCommandLineW
HeapAlloc
HeapFree
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
CompareStringW
LCMapStringW
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
MultiByteToWideChar

Sections

.text
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
emulators/virtuanes/English.vlp
.dll windows:4 windows x86 arch:x86

b2e50cc60a521158b3ea2d099cbea42b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
RtlUnwind

Exports

Exports

GetVlpLanguage
GetVlpLocaleID
GetVlpVersion

Sections

.text
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
emulators/virtuanes/VirtuaNES.exe
.exe windows:4 windows x86 arch:x86

7647bdbefd6e10c04c4630fe9ea74a1c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
SetEndOfFile
FlushFileBuffers
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStringTypeW
GetStringTypeA
UnhandledExceptionFilter
WriteFile
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetUnhandledExceptionFilter
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
GetFileType
GetStdHandle
SetHandleCount
ReadFile
IsBadWritePtr
FreeLibrary
GetLocalTime
HeapCreate
CompareStringW
HeapSize
HeapReAlloc
GetCurrentProcess
TerminateProcess
TlsGetValue
SetLastError
TlsAlloc
ExitProcess
GetVersion
GetCommandLineA
GetStartupInfoA
GetModuleHandleA
ExitThread
TlsSetValue
InterlockedIncrement
InterlockedDecrement
GetSystemTime
GetTimeZoneInformation
RaiseException
HeapFree
HeapAlloc
RtlUnwind
LeaveCriticalSection
DeleteCriticalSection
InterlockedExchange
InitializeCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetModuleFileNameA
CreateMutexA
GetLastError
ReleaseMutex
GetVersionExA
WritePrivateProfileStructA
WritePrivateProfileStringA
GetPrivateProfileStructA
GetPrivateProfileStringA
HeapDestroy
GetPrivateProfileIntA
FindClose
GetUserDefaultLCID
QueryPerformanceFrequency
CreateFileA
GetFileInformationByHandle
LoadLibraryA
GetProcAddress
GetTempPathA
DeleteFileA
lstrlenA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindFirstFileA
FindNextFileA
CreateEventA
ResetEvent
SetEvent
SetThreadPriority
lstrcmpiA
Sleep
CreateThread
ResumeThread
TerminateThread
CreateDirectoryA
WaitForSingleObject
VirtualFree
CloseHandle
SetEnvironmentVariableA
VirtualAlloc
lstrcpyA

user32

SendDlgItemMessageA
LoadIconA
SendMessageA
DrawTextA
FindWindowA
UpdateWindow
TranslateMessage
DispatchMessageA
DeleteMenu
InsertMenuA
DrawEdge
CheckRadioButton
LoadCursorA
GetWindowLongA
DialogBoxParamA
IsDialogMessageA
SetWindowsHookExA
UnhookWindowsHookEx
OffsetRect
CallNextHookEx
InvertRect
FillRect
GetScrollInfo
SetScrollInfo
EnableMenuItem
GetMenuStringA
ModifyMenuA
GetDlgItem
GetMessageA
SetWindowPlacement
RedrawWindow
SetWindowLongA
GetDC
GetClientRect
IsWindow
SetCursor
PtInRect
CallWindowProcA
EndPaint
BeginPaint
EndDialog
LoadStringA
DefWindowProcA
GetWindowTextA
EnableWindow
SetWindowTextA
KillTimer
GetDlgItemTextA
MessageBoxA
wsprintfA
SetTimer
PostMessageA
CreateDialogParamA
SetDlgItemTextA
DestroyWindow
GetWindowRect
GetWindowTextLengthA
MessageBeep
IsWindowVisible
SetForegroundWindow
GetWindowPlacement
DrawMenuBar
PostQuitMessage
SetMenu
RegisterClassExA
CreateWindowExA
GetDlgItemInt
SetDlgItemInt
CheckMenuItem
GetMenuItemCount
GetMenuItemID
GetAsyncKeyState
GetCursorPos
ClientToScreen
SetRect
ReleaseDC
GetParent
TrackPopupMenu
CheckDlgButton
GetSystemMetrics
LoadMenuA
GetSubMenu
IsDlgButtonChecked
InvalidateRect
DestroyMenu
SetFocus
MoveWindow
ScreenToClient
SetWindowPos
ShowWindow
GetFocus

gdi32

CreateFontIndirectA
GetObjectA
SelectObject
DeleteObject
SetTextColor
SetBkMode
GetStockObject
SetBkColor
ExtTextOutA
CreatePalette
GetSystemPaletteEntries
RealizePalette
SelectPalette
AnimatePalette
StretchDIBits
TextOutA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
RegEnumValueA
RegEnumKeyExA

shell32

DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteA
DragAcceptFiles
DragQueryFileA

ole32

CoUninitialize
CoInitialize
CoCreateInstance

winmm

timeBeginPeriod
timeEndPeriod
timeGetTime

comctl32

ord17
ord6
ImageList_Create
ImageList_ReplaceIcon
ImageList_Destroy
ImageList_LoadImageA

imm32

ImmAssociateContext

shlwapi

StrStrIA
StrCmpNIA
PathIsRelativeA
PathAppendA
PathCanonicalizeA
PathFindExtensionA
PathUnquoteSpacesA

avifil32

AVIStreamWrite
AVIStreamRelease
AVIFileRelease
AVIFileOpenA
AVIFileCreateStreamA
AVIMakeCompressedStream
AVIStreamSetFormat
AVIFileExit
AVIFileInit

msvfw32

ICCompressorFree
ICCompressorChoose

wsock32

recv
WSACancelAsyncRequest
shutdown
socket
setsockopt
closesocket
htonl
htons
sendto
inet_ntoa
WSAAsyncSelect
listen
connect
WSAGetLastError
ioctlsocket
WSAAsyncGetHostByName
WSAStartup
WSACleanup
recvfrom
inet_addr
bind
send
accept

version

GetFileVersionInfoSizeA

Sections

.text
Size: 636KB - Virtual size: 635KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 991KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
emulators/virtuanes/VirtuaNES.ini
emulators/virtuanes/roms/Archon(U).zip
.zip
emulators/virtuanes/roms/BOMBMAN.zip
.zip
emulators/virtuanes/roms/Battle.City(J).zip
.zip
emulators/virtuanes/roms/Castlevania3-Draculas.Curse.zip
.zip
emulators/virtuanes/roms/Circus.Charlie(J).zip
.zip
emulators/virtuanes/roms/Contra(J).zip
.zip
emulators/virtuanes/roms/Dig.Dug(J).zip
.zip
emulators/virtuanes/roms/Donkey.Kong.Classics(U).zip
.zip
emulators/virtuanes/roms/Double.Dragon.2-The.Revenge(J).zip
.zip
emulators/virtuanes/roms/Dr.Mario(C).zip
.zip
emulators/virtuanes/roms/Excitebike(JU).zip
.zip
emulators/virtuanes/roms/FormationZ(J).zip
.zip
emulators/virtuanes/roms/Hokuto.No.Ken(J).zip
.zip
emulators/virtuanes/roms/Hudson.s.Adventure.Island(U).zip
.zip
emulators/virtuanes/roms/Ice.Climber(JE).zip
.zip
emulators/virtuanes/roms/Jackal(U)NEW.zip
.zip
emulators/virtuanes/roms/Kage(J).zip
.zip
emulators/virtuanes/roms/Kage.No.Densetsu(J).zip
.zip
emulators/virtuanes/roms/LIFEFORC.zip
.zip
emulators/virtuanes/roms/Pac-Man(J).zip
.zip
emulators/virtuanes/roms/RXSuper4in1.zip
.zip
emulators/virtuanes/roms/Rush.n.Attack.zip
.zip
emulators/virtuanes/roms/SILKWORM.zip
.zip
emulators/virtuanes/roms/SMB1AA-Super Mario Bros.nes
emulators/virtuanes/roms/SpartanX(J).zip
.zip
emulators/virtuanes/roms/Super.Contra(J).zip
.zip
emulators/virtuanes/roms/Super.Mario.USA(J).zip
.zip
emulators/virtuanes/roms/TMNT2.zip
.zip
emulators/virtuanes/roms/TMNT3.zip
.zip
emulators/virtuanes/roms/Yie.Ar.Kung-Fu(J).zip
.zip
emulators/virtuanes/roms/kuaidaxuanfeng_chs.zip
.zip
fonts/MaterialIcons-Regular.ttf
install.dll
.dll windows:6 windows x64 arch:x64

9a97daa9060ba1a30a2b5415e6dc623f

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

4c:96:c2:cd:1f:40:ef:d3:56:24:69:24:fc:e1:a5:69:7e:44:24:94:f2:8c:fb:de:51:11:ea:c9:37:2f:e5:ae
Signer

Actual PE Digest

4c:96:c2:cd:1f:40:ef:d3:56:24:69:24:fc:e1:a5:69:7e:44:24:94:f2:8c:fb:de:51:11:ea:c9:37:2f:e5:ae

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\install.pdb

Imports

shlwapi

StrCmpW
StrRChrW

kernel32

LocalFree
LocalAlloc
GetLastError
CloseHandle
WaitForSingleObject
CreateProcessW
GetModuleFileNameW
RtlVirtualUnwind
RtlLookupFunctionEntry
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
RtlCaptureContext
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
IsProcessorFeaturePresent

advapi32

QueryServiceConfigW
StartServiceW
ChangeServiceConfigW
CreateServiceW
CloseServiceHandle
OpenServiceW
OpenSCManagerW

vcruntime140

__std_type_info_destroy_list
memset
__C_specific_handler
memcpy

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initterm_e
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_initialize_onexit_table

Exports

Exports

UninstallDriver
VerifyDriver
VerifyService

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
lang/en_us.lg
lang/zh_cn.lg
libjpeg-9.dll
.dll windows:4 windows x64 arch:x64

0c2dc34190018f12ac94500a6ddd639a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

__dllonexit
__iob_func
__mb_cur_max
_amsg_exit
_errno
_initterm
_lock
_onexit
_unlock
abort
atoi
calloc
exit
ferror
fflush
fprintf
fputc
fread
free
fwrite
getenv
localeconv
malloc
memcpy
memset
setlocale
signal
sprintf
sscanf
strchr
strerror
strlen
strncmp
wcslen

Exports

Exports

jcopy_block_row
jcopy_sample_rows
jdiv_round_up
jinit_1pass_quantizer
jinit_2pass_quantizer
jinit_arith_decoder
jinit_arith_encoder
jinit_c_coef_controller
jinit_c_main_controller
jinit_c_master_control
jinit_c_prep_controller
jinit_color_converter
jinit_color_deconverter
jinit_compress_master
jinit_d_coef_controller
jinit_d_main_controller
jinit_d_post_controller
jinit_downsampler
jinit_forward_dct
jinit_huff_decoder
jinit_huff_encoder
jinit_input_controller
jinit_inverse_dct
jinit_marker_reader
jinit_marker_writer
jinit_master_decompress
jinit_memory_mgr
jinit_merged_upsampler
jinit_upsampler
jpeg_CreateCompress
jpeg_CreateDecompress
jpeg_abort
jpeg_abort_compress
jpeg_abort_decompress
jpeg_add_quant_table
jpeg_alloc_huff_table
jpeg_alloc_quant_table
jpeg_aritab
jpeg_calc_jpeg_dimensions
jpeg_calc_output_dimensions
jpeg_consume_input
jpeg_copy_critical_parameters
jpeg_core_output_dimensions
jpeg_default_colorspace
jpeg_default_qtables
jpeg_destroy
jpeg_destroy_compress
jpeg_destroy_decompress
jpeg_fdct_10x10
jpeg_fdct_10x5
jpeg_fdct_11x11
jpeg_fdct_12x12
jpeg_fdct_12x6
jpeg_fdct_13x13
jpeg_fdct_14x14
jpeg_fdct_14x7
jpeg_fdct_15x15
jpeg_fdct_16x16
jpeg_fdct_16x8
jpeg_fdct_1x1
jpeg_fdct_1x2
jpeg_fdct_2x1
jpeg_fdct_2x2
jpeg_fdct_2x4
jpeg_fdct_3x3
jpeg_fdct_3x6
jpeg_fdct_4x2
jpeg_fdct_4x4
jpeg_fdct_4x8
jpeg_fdct_5x10
jpeg_fdct_5x5
jpeg_fdct_6x12
jpeg_fdct_6x3
jpeg_fdct_6x6
jpeg_fdct_7x14
jpeg_fdct_7x7
jpeg_fdct_8x16
jpeg_fdct_8x4
jpeg_fdct_9x9
jpeg_fdct_float
jpeg_fdct_ifast
jpeg_fdct_islow
jpeg_finish_compress
jpeg_finish_decompress
jpeg_finish_output
jpeg_free_large
jpeg_free_small
jpeg_get_large
jpeg_get_small
jpeg_has_multiple_scans
jpeg_idct_10x10
jpeg_idct_10x5
jpeg_idct_11x11
jpeg_idct_12x12
jpeg_idct_12x6
jpeg_idct_13x13
jpeg_idct_14x14
jpeg_idct_14x7
jpeg_idct_15x15
jpeg_idct_16x16
jpeg_idct_16x8
jpeg_idct_1x1
jpeg_idct_1x2
jpeg_idct_2x1
jpeg_idct_2x2
jpeg_idct_2x4
jpeg_idct_3x3
jpeg_idct_3x6
jpeg_idct_4x2
jpeg_idct_4x4
jpeg_idct_4x8
jpeg_idct_5x10
jpeg_idct_5x5
jpeg_idct_6x12
jpeg_idct_6x3
jpeg_idct_6x6
jpeg_idct_7x14
jpeg_idct_7x7
jpeg_idct_8x16
jpeg_idct_8x4
jpeg_idct_9x9
jpeg_idct_float
jpeg_idct_ifast
jpeg_idct_islow
jpeg_input_complete
jpeg_mem_available
jpeg_mem_dest
jpeg_mem_init
jpeg_mem_src
jpeg_mem_term
jpeg_natural_order
jpeg_natural_order2
jpeg_natural_order3
jpeg_natural_order4
jpeg_natural_order5
jpeg_natural_order6
jpeg_natural_order7
jpeg_new_colormap
jpeg_open_backing_store
jpeg_quality_scaling
jpeg_read_coefficients
jpeg_read_header
jpeg_read_raw_data
jpeg_read_scanlines
jpeg_resync_to_restart
jpeg_save_markers
jpeg_set_colorspace
jpeg_set_defaults
jpeg_set_linear_quality
jpeg_set_marker_processor
jpeg_set_quality
jpeg_simple_progression
jpeg_start_compress
jpeg_start_decompress
jpeg_start_output
jpeg_std_error
jpeg_std_message_table
jpeg_stdio_dest
jpeg_stdio_src
jpeg_suppress_tables
jpeg_write_coefficients
jpeg_write_m_byte
jpeg_write_m_header
jpeg_write_marker
jpeg_write_raw_data
jpeg_write_scanlines
jpeg_write_tables
jround_up

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libpng16-16.dll
.dll windows:4 windows x64 arch:x64

1d243a681c53b17663865498e77cb5a2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
ExitProcess
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
__dllonexit
__iob_func
__mb_cur_max
__setusermatherr
_amsg_exit
_errno
_gmtime64
_initterm
_lock
_onexit
_setjmp
_unlock
abort
atof
calloc
fclose
ferror
fflush
fopen
fprintf
fputc
fputs
fread
free
frexp
fwrite
localeconv
longjmp
malloc
memcmp
memcpy
memset
remove
signal
strerror
strlen
strncmp
vfprintf
wcslen

zlib1

adler32
crc32
deflate
deflateEnd
deflateInit2_
deflateReset
inflate
inflateEnd
inflateInit2_
inflateReset
inflateReset2
inflateValidate

Exports

Exports

png_access_version_number
png_benign_error
png_build_grayscale_palette
png_calloc
png_chunk_benign_error
png_chunk_error
png_chunk_warning
png_convert_from_struct_tm
png_convert_from_time_t
png_convert_to_rfc1123
png_convert_to_rfc1123_buffer
png_create_info_struct
png_create_read_struct
png_create_read_struct_2
png_create_write_struct
png_create_write_struct_2
png_data_freer
png_destroy_info_struct
png_destroy_read_struct
png_destroy_write_struct
png_error
png_free
png_free_data
png_free_default
png_get_IHDR
png_get_PLTE
png_get_bKGD
png_get_bit_depth
png_get_cHRM
png_get_cHRM_XYZ
png_get_cHRM_XYZ_fixed
png_get_cHRM_fixed
png_get_channels
png_get_chunk_cache_max
png_get_chunk_malloc_max
png_get_color_type
png_get_compression_buffer_size
png_get_compression_type
png_get_copyright
png_get_current_pass_number
png_get_current_row_number
png_get_eXIf
png_get_eXIf_1
png_get_error_ptr
png_get_filter_type
png_get_gAMA
png_get_gAMA_fixed
png_get_hIST
png_get_header_ver
png_get_header_version
png_get_iCCP
png_get_image_height
png_get_image_width
png_get_int_32
png_get_interlace_type
png_get_io_chunk_type
png_get_io_ptr
png_get_io_state
png_get_libpng_ver
png_get_mem_ptr
png_get_oFFs
png_get_pCAL
png_get_pHYs
png_get_pHYs_dpi
png_get_palette_max
png_get_pixel_aspect_ratio
png_get_pixel_aspect_ratio_fixed
png_get_pixels_per_inch
png_get_pixels_per_meter
png_get_progressive_ptr
png_get_rgb_to_gray_status
png_get_rowbytes
png_get_rows
png_get_sBIT
png_get_sCAL
png_get_sCAL_fixed
png_get_sCAL_s
png_get_sPLT
png_get_sRGB
png_get_signature
png_get_tIME
png_get_tRNS
png_get_text
png_get_uint_16
png_get_uint_31
png_get_uint_32
png_get_unknown_chunks
png_get_user_chunk_ptr
png_get_user_height_max
png_get_user_transform_ptr
png_get_user_width_max
png_get_valid
png_get_x_offset_inches
png_get_x_offset_inches_fixed
png_get_x_offset_microns
png_get_x_offset_pixels
png_get_x_pixels_per_inch
png_get_x_pixels_per_meter
png_get_y_offset_inches
png_get_y_offset_inches_fixed
png_get_y_offset_microns
png_get_y_offset_pixels
png_get_y_pixels_per_inch
png_get_y_pixels_per_meter
png_handle_as_unknown
png_image_begin_read_from_file
png_image_begin_read_from_memory
png_image_begin_read_from_stdio
png_image_finish_read
png_image_free
png_image_write_to_file
png_image_write_to_memory
png_image_write_to_stdio
png_info_init_3
png_init_io
png_longjmp
png_malloc
png_malloc_default
png_malloc_warn
png_permit_mng_features
png_process_data
png_process_data_pause
png_process_data_skip
png_progressive_combine_row
png_read_end
png_read_image
png_read_info
png_read_png
png_read_row
png_read_rows
png_read_update_info
png_reset_zstream
png_save_int_32
png_save_uint_16
png_save_uint_32
png_set_IHDR
png_set_PLTE
png_set_add_alpha
png_set_alpha_mode
png_set_alpha_mode_fixed
png_set_bKGD
png_set_background
png_set_background_fixed
png_set_benign_errors
png_set_bgr
png_set_cHRM
png_set_cHRM_XYZ
png_set_cHRM_XYZ_fixed
png_set_cHRM_fixed
png_set_check_for_invalid_index
png_set_chunk_cache_max
png_set_chunk_malloc_max
png_set_compression_buffer_size
png_set_compression_level
png_set_compression_mem_level
png_set_compression_method
png_set_compression_strategy
png_set_compression_window_bits
png_set_crc_action
png_set_eXIf
png_set_eXIf_1
png_set_error_fn
png_set_expand
png_set_expand_16
png_set_expand_gray_1_2_4_to_8
png_set_filler
png_set_filter
png_set_filter_heuristics
png_set_filter_heuristics_fixed
png_set_flush
png_set_gAMA
png_set_gAMA_fixed
png_set_gamma
png_set_gamma_fixed
png_set_gray_to_rgb
png_set_hIST
png_set_iCCP
png_set_interlace_handling
png_set_invalid
png_set_invert_alpha
png_set_invert_mono
png_set_keep_unknown_chunks
png_set_longjmp_fn
png_set_mem_fn
png_set_oFFs
png_set_option
png_set_pCAL
png_set_pHYs
png_set_packing
png_set_packswap
png_set_palette_to_rgb
png_set_progressive_read_fn
png_set_quantize
png_set_read_fn
png_set_read_status_fn
png_set_read_user_chunk_fn
png_set_read_user_transform_fn
png_set_rgb_to_gray
png_set_rgb_to_gray_fixed
png_set_rows
png_set_sBIT
png_set_sCAL
png_set_sCAL_fixed
png_set_sCAL_s
png_set_sPLT
png_set_sRGB
png_set_sRGB_gAMA_and_cHRM
png_set_scale_16
png_set_shift
png_set_sig_bytes
png_set_strip_16
png_set_strip_alpha
png_set_swap
png_set_swap_alpha
png_set_tIME
png_set_tRNS
png_set_tRNS_to_alpha
png_set_text
png_set_text_compression_level
png_set_text_compression_mem_level
png_set_text_compression_method
png_set_text_compression_strategy
png_set_text_compression_window_bits
png_set_unknown_chunk_location
png_set_unknown_chunks
png_set_user_limits
png_set_user_transform_info
png_set_write_fn
png_set_write_status_fn
png_set_write_user_transform_fn
png_sig_cmp
png_start_read_image
png_warning
png_write_chunk
png_write_chunk_data
png_write_chunk_end
png_write_chunk_start
png_write_end
png_write_flush
png_write_image
png_write_info
png_write_info_before_PLTE
png_write_png
png_write_row
png_write_rows
png_write_sig

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 144B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libtiff-5.dll
.dll windows:4 windows x64 arch:x64

07faa6c186f4189cca71ff04643bcd7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileA
CreateFileMappingA
CreateFileW
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetLastError
GetModuleHandleA
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryW
LocalAlloc
LocalFree
MapViewOfFile
QueryPerformanceCounter
ReadFile
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetFilePointer
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteFile

msvcrt

__dllonexit
__iob_func
_amsg_exit
_assert
_errno
_initterm
_lock
_onexit
_setjmp
_unlock
_vsnprintf
abort
atan2
atoi
bsearch
calloc
exp
floor
fprintf
fputc
fputs
free
frexp
fwrite
getenv
isprint
ldexp
log
longjmp
malloc
memcmp
memcpy
memmove
memset
qsort
rand
realloc
signal
sprintf
sqrt
strchr
strcmp
strcpy
strlen
strncmp
vfprintf

user32

GetFocus
MessageBoxA

libjpeg-9

jpeg_destroy
jpeg_write_raw_data
jpeg_finish_compress
jpeg_set_colorspace
jpeg_std_error
jpeg_CreateDecompress
jpeg_abort
jpeg_CreateCompress
jpeg_set_defaults
jpeg_write_tables
jpeg_finish_decompress
jpeg_read_header
jpeg_has_multiple_scans
jpeg_start_decompress
jpeg_read_raw_data
jpeg_resync_to_restart
jpeg_set_quality
jpeg_suppress_tables
jpeg_start_compress
jpeg_write_scanlines
jpeg_read_scanlines

zlib1

deflateParams
inflateEnd
deflateEnd
deflate
deflateReset
inflate
inflateSync
inflateReset
deflateInit_
inflateInit_

Exports

Exports

TIFFAccessTagMethods
TIFFCIELabToRGBInit
TIFFCIELabToXYZ
TIFFCheckTile
TIFFCheckpointDirectory
TIFFCleanup
TIFFClientOpen
TIFFClientdata
TIFFClose
TIFFComputeStrip
TIFFComputeTile
TIFFCreateCustomDirectory
TIFFCreateDirectory
TIFFCreateEXIFDirectory
TIFFCurrentDirOffset
TIFFCurrentDirectory
TIFFCurrentRow
TIFFCurrentStrip
TIFFCurrentTile
TIFFDataWidth
TIFFDefaultStripSize
TIFFDefaultTileSize
TIFFError
TIFFErrorExt
TIFFFdOpen
TIFFFieldDataType
TIFFFieldName
TIFFFieldPassCount
TIFFFieldReadCount
TIFFFieldTag
TIFFFieldWithName
TIFFFieldWithTag
TIFFFieldWriteCount
TIFFFileName
TIFFFileno
TIFFFindCODEC
TIFFFindField
TIFFFlush
TIFFFlushData
TIFFFreeDirectory
TIFFGetBitRevTable
TIFFGetClientInfo
TIFFGetCloseProc
TIFFGetConfiguredCODECs
TIFFGetField
TIFFGetFieldDefaulted
TIFFGetMapFileProc
TIFFGetMode
TIFFGetReadProc
TIFFGetSeekProc
TIFFGetSizeProc
TIFFGetTagListCount
TIFFGetTagListEntry
TIFFGetUnmapFileProc
TIFFGetVersion
TIFFGetWriteProc
TIFFIsBigEndian
TIFFIsByteSwapped
TIFFIsCODECConfigured
TIFFIsMSB2LSB
TIFFIsTiled
TIFFIsUpSampled
TIFFLastDirectory
TIFFMergeFieldInfo
TIFFNumberOfDirectories
TIFFNumberOfStrips
TIFFNumberOfTiles
TIFFOpen
TIFFOpenW
TIFFPrintDirectory
TIFFRGBAImageBegin
TIFFRGBAImageEnd
TIFFRGBAImageGet
TIFFRGBAImageOK
TIFFRasterScanlineSize
TIFFRasterScanlineSize64
TIFFRawStripSize
TIFFRawStripSize64
TIFFReadBufferSetup
TIFFReadCustomDirectory
TIFFReadDirectory
TIFFReadEXIFDirectory
TIFFReadEncodedStrip
TIFFReadEncodedTile
TIFFReadRGBAImage
TIFFReadRGBAImageOriented
TIFFReadRGBAStrip
TIFFReadRGBAStripExt
TIFFReadRGBATile
TIFFReadRGBATileExt
TIFFReadRawStrip
TIFFReadRawTile
TIFFReadScanline
TIFFReadTile
TIFFRegisterCODEC
TIFFReverseBits
TIFFRewriteDirectory
TIFFScanlineSize
TIFFScanlineSize64
TIFFSetClientInfo
TIFFSetClientdata
TIFFSetCompressionScheme
TIFFSetDirectory
TIFFSetErrorHandler
TIFFSetErrorHandlerExt
TIFFSetField
TIFFSetFileName
TIFFSetFileno
TIFFSetMode
TIFFSetSubDirectory
TIFFSetTagExtender
TIFFSetWarningHandler
TIFFSetWarningHandlerExt
TIFFSetWriteOffset
TIFFSetupStrips
TIFFStripSize
TIFFStripSize64
TIFFSwabArrayOfDouble
TIFFSwabArrayOfFloat
TIFFSwabArrayOfLong
TIFFSwabArrayOfLong8
TIFFSwabArrayOfShort
TIFFSwabArrayOfTriples
TIFFSwabDouble
TIFFSwabFloat
TIFFSwabLong
TIFFSwabLong8
TIFFSwabShort
TIFFTileRowSize
TIFFTileRowSize64
TIFFTileSize
TIFFTileSize64
TIFFUnRegisterCODEC
TIFFUnlinkDirectory
TIFFUnsetField
TIFFVGetField
TIFFVGetFieldDefaulted
TIFFVSetField
TIFFVStripSize
TIFFVStripSize64
TIFFVTileSize
TIFFVTileSize64
TIFFWarning
TIFFWarningExt
TIFFWriteBufferSetup
TIFFWriteCheck
TIFFWriteCustomDirectory
TIFFWriteDirectory
TIFFWriteEncodedStrip
TIFFWriteEncodedTile
TIFFWriteRawStrip
TIFFWriteRawTile
TIFFWriteScanline
TIFFWriteTile
TIFFXYZToRGB
TIFFYCbCrToRGBInit
TIFFYCbCrtoRGB
_TIFFCheckMalloc
_TIFFCheckRealloc
_TIFFMultiply32
_TIFFMultiply64
_TIFFRewriteField
_TIFFfree
_TIFFmalloc
_TIFFmemcmp
_TIFFmemcpy
_TIFFmemset
_TIFFrealloc

Sections

.text
Size: 255KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libwebp-7.dll
.dll windows:4 windows x64 arch:x64

f91d797666de5b6280ece58a34ceba9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
ReleaseSemaphore
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetEvent
SetThreadPriority
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WaitForSingleObjectEx

msvcrt

__dllonexit
__iob_func
__setusermatherr
_amsg_exit
_beginthreadex
_errno
_initterm
_lock
_onexit
_unlock
abort
bsearch
calloc
fprintf
fputs
free
log10
malloc
memcmp
memcpy
memmove
memset
qsort
signal
strncmp
vfprintf

Exports

Exports

QuantizeLevels
VP8AccumulateSSE
VP8AdjustFilterStrength
VP8ApplyNearLossless
VP8BitReaderSetBuffer
VP8BitWriterAppend
VP8BitWriterFinish
VP8BitWriterInit
VP8BitWriterWipeOut
VP8CalculateLevelCosts
VP8Cat3
VP8Cat4
VP8Cat5
VP8Cat6
VP8CheckSignature
VP8Clear
VP8CodeIntraModes
VP8CoeffsProba0
VP8CoeffsUpdateProba
VP8CollectHistogram
VP8Copy16x8
VP8Copy4x4
VP8Decimate
VP8Decode
VP8DecodeMB
VP8DecompressAlphaRows
VP8DefaultProbas
VP8Delete
VP8DitherCombine8x8
VP8DspInit
VP8DspInitMIPS32
VP8DspInitMIPSdspR2
VP8DspInitMSA
VP8DspInitNEON
VP8DspInitSSE2
VP8DspInitSSE41
VP8DspScan
VP8EmitTokens
VP8EncAnalyze
VP8EncBands
VP8EncDeleteAlpha
VP8EncDspCostInit
VP8EncDspCostInitMIPS32
VP8EncDspCostInitMIPSdspR2
VP8EncDspCostInitNEON
VP8EncDspCostInitSSE2
VP8EncDspInit
VP8EncDspInitMIPS32
VP8EncDspInitMIPSdspR2
VP8EncDspInitMSA
VP8EncDspInitNEON
VP8EncDspInitSSE2
VP8EncDspInitSSE41
VP8EncFinishAlpha
VP8EncFreeBitWriters
VP8EncInitAlpha
VP8EncLoop
VP8EncPredChroma8
VP8EncPredLuma16
VP8EncPredLuma4
VP8EncQuantize2Blocks
VP8EncQuantizeBlock
VP8EncQuantizeBlockWHT
VP8EncStartAlpha
VP8EncTokenLoop
VP8EncWrite
VP8EnterCritical
VP8EntropyCost
VP8EstimateTokenSize
VP8ExitCritical
VP8FTransform
VP8FTransform2
VP8FTransformWHT
VP8FilterStrengthFromDelta
VP8FiltersInit
VP8FiltersInitMIPSdspR2
VP8FiltersInitMSA
VP8FiltersInitNEON
VP8FiltersInitSSE2
VP8FixedCostsI16
VP8FixedCostsI4
VP8FixedCostsUV
VP8GetCPUInfo
VP8GetCostLuma16
VP8GetCostLuma4
VP8GetCostUV
VP8GetHeaders
VP8GetInfo
VP8GetResidualCost
VP8GetSignedValue
VP8GetThreadMethod
VP8GetValue
VP8HFilter16
VP8HFilter16i
VP8HFilter8
VP8HFilter8i
VP8I16ModeOffsets
VP8I4ModeOffsets
VP8ITransform
VP8InitBitReader
VP8InitClipTables
VP8InitDithering
VP8InitFilter
VP8InitFrame
VP8InitIoInternal
VP8InitRandom
VP8InitResidual
VP8InitScanline
VP8IteratorBytesToNz
VP8IteratorExport
VP8IteratorImport
VP8IteratorInit
VP8IteratorIsDone
VP8IteratorNext
VP8IteratorNzToBytes
VP8IteratorProgress
VP8IteratorReset
VP8IteratorRotateI4
VP8IteratorSaveBoundary
VP8IteratorSetCountDown
VP8IteratorSetRow
VP8IteratorStartI4
VP8LAddGreenToBlueAndRed
VP8LAddGreenToBlueAndRed_C
VP8LAddVector
VP8LAddVectorEq
VP8LAllocateHistogram
VP8LAllocateHistogramSet
VP8LBackwardReferencesTraceBackwards
VP8LBackwardRefsClear
VP8LBackwardRefsCursorAdd
VP8LBackwardRefsInit
VP8LBitEntropyInit
VP8LBitReaderSetBuffer
VP8LBitWriterClone
VP8LBitWriterFinish
VP8LBitWriterInit
VP8LBitWriterReset
VP8LBitWriterSwap
VP8LBitWriterWipeOut
VP8LBitsEntropy
VP8LBitsEntropyUnrefined
VP8LBuildHuffmanTable
VP8LBundleColorMap
VP8LBundleColorMap_C
VP8LCheckSignature
VP8LClear
VP8LClearBackwardRefs
VP8LCollectColorBlueTransforms
VP8LCollectColorBlueTransforms_C
VP8LCollectColorRedTransforms
VP8LCollectColorRedTransforms_C
VP8LColorCacheClear
VP8LColorCacheCopy
VP8LColorCacheInit
VP8LColorIndexInverseTransformAlpha
VP8LColorSpaceTransform
VP8LCombinedShannonEntropy
VP8LConvertBGRAToBGR
VP8LConvertBGRAToBGR_C
VP8LConvertBGRAToRGB
VP8LConvertBGRAToRGB565
VP8LConvertBGRAToRGB565_C
VP8LConvertBGRAToRGBA
VP8LConvertBGRAToRGBA4444
VP8LConvertBGRAToRGBA4444_C
VP8LConvertBGRAToRGBA_C
VP8LConvertBGRAToRGB_C
VP8LConvertFromBGRA
VP8LCreateCompressedHuffmanTree
VP8LCreateHuffmanTree
VP8LDecodeAlphaHeader
VP8LDecodeAlphaImageStream
VP8LDecodeHeader
VP8LDecodeImage
VP8LDelete
VP8LDistanceToPlaneCode
VP8LDoFillBitWindow
VP8LDspInit
VP8LDspInitMIPSdspR2
VP8LDspInitMSA
VP8LDspInitNEON
VP8LDspInitSSE2
VP8LEncDspInit
VP8LEncDspInitMIPS32
VP8LEncDspInitMIPSdspR2
VP8LEncDspInitMSA
VP8LEncDspInitNEON
VP8LEncDspInitSSE2
VP8LEncDspInitSSE41
VP8LEncodeImage
VP8LEncodeStream
VP8LExtraCost
VP8LExtraCostCombined
VP8LFastLog2Slow
VP8LFastSLog2Slow
VP8LFreeHistogram
VP8LFreeHistogramSet
VP8LGetBackwardReferences
VP8LGetCombinedEntropyUnrefined
VP8LGetEntropyUnrefined
VP8LGetHistoImageSymbols
VP8LGetHistogramSize
VP8LGetInfo
VP8LHashChainClear
VP8LHashChainFill
VP8LHashChainInit
VP8LHistogramAdd
VP8LHistogramAddSinglePixOrCopy
VP8LHistogramCreate
VP8LHistogramEstimateBits
VP8LHistogramInit
VP8LHistogramSetClear
VP8LHistogramStoreRefs
VP8LHtreeGroupsFree
VP8LHtreeGroupsNew
VP8LInitBitReader
VP8LInverseTransform
VP8LMapColor32b
VP8LMapColor8b
VP8LNew
VP8LPredictors
VP8LPredictorsAdd
VP8LPredictorsAdd_C
VP8LPredictorsSub
VP8LPredictorsSub_C
VP8LPredictors_C
VP8LPutBitsFlushBits
VP8LPutBitsInternal
VP8LReadBits
VP8LRefsCursorInit
VP8LRefsCursorNextBlock
VP8LResidualImage
VP8LSubtractGreenFromBlueAndRed
VP8LSubtractGreenFromBlueAndRed_C
VP8LTransformColor
VP8LTransformColorInverse
VP8LTransformColorInverse_C
VP8LTransformColor_C
VP8LVectorMismatch
VP8LevelCodes
VP8LevelFixedCosts
VP8LoadFinalBytes
VP8MakeChroma8Preds
VP8MakeIntra4Preds
VP8MakeLuma16Preds
VP8Mean16x4
VP8New
VP8ParseIntraModeRow
VP8ParseProba
VP8ParseQuant
VP8PredChroma8
VP8PredLuma16
VP8PredLuma4
VP8ProcessRow
VP8PutBit
VP8PutBitUniform
VP8PutBits
VP8PutSignedBits
VP8RecordCoeffTokens
VP8RecordCoeffs
VP8RemapBitReader
VP8ResetProba
VP8SSE16x16
VP8SSE16x8
VP8SSE4x4
VP8SSE8x8
VP8SSIMDspInit
VP8SSIMDspInitSSE2
VP8SSIMFromStats
VP8SSIMFromStatsClipped
VP8SSIMGet
VP8SSIMGetClipped
VP8Scan
VP8SetError
VP8SetHistogramData
VP8SetIntra16Mode
VP8SetIntra4Mode
VP8SetIntraUVMode
VP8SetResidualCoeffs
VP8SetSegment
VP8SetSegmentParams
VP8SetSkip
VP8SimpleHFilter16
VP8SimpleHFilter16i
VP8SimpleVFilter16
VP8SimpleVFilter16i
VP8Status
VP8StatusMessage
VP8StoreFilterStats
VP8TBufferClear
VP8TBufferInit
VP8TDisto16x16
VP8TDisto4x4
VP8Transform
VP8TransformAC3
VP8TransformDC
VP8TransformDCUV
VP8TransformUV
VP8TransformWHT
VP8UVModeOffsets
VP8VFilter16
VP8VFilter16i
VP8VFilter8
VP8VFilter8i
VP8WriteProbas
VP8YuvToArgb32_SSE2
VP8YuvToBgr32_SSE2
VP8YuvToBgr32_SSE41
VP8YuvToBgra32_SSE2
VP8YuvToRgb32_SSE2
VP8YuvToRgb32_SSE41
VP8YuvToRgb56532_SSE2
VP8YuvToRgba32_SSE2
VP8YuvToRgba444432_SSE2
VP8kabs0
VP8kclip1
VP8ksclip1
VP8ksclip2
WebPAllocateDecBuffer
WebPApplyAlphaMultiply
WebPApplyAlphaMultiply4444
WebPAvoidSlowMemory
WebPBlendAlpha
WebPCleanupTransparentArea
WebPCleanupTransparentAreaLossless
WebPConfigInitInternal
WebPConfigLosslessPreset
WebPConvertARGBToUV
WebPConvertARGBToUV_C
WebPConvertARGBToY
WebPConvertBGR24ToY
WebPConvertRGB24ToY
WebPConvertRGBA32ToUV
WebPConvertRGBA32ToUV_C
WebPCopyDecBuffer
WebPCopyDecBufferPixels
WebPCopyPixels
WebPCopyPlane
WebPDeallocateAlphaMemory
WebPDecode
WebPDecodeARGB
WebPDecodeARGBInto
WebPDecodeBGR
WebPDecodeBGRA
WebPDecodeBGRAInto
WebPDecodeBGRInto
WebPDecodeRGB
WebPDecodeRGBA
WebPDecodeRGBAInto
WebPDecodeRGBInto
WebPDecodeYUV
WebPDecodeYUVInto
WebPDequantizeLevels
WebPDispatchAlpha
WebPDispatchAlphaToGreen
WebPEncode
WebPEncodeBGR
WebPEncodeBGRA
WebPEncodeLosslessBGR
WebPEncodeLosslessBGRA
WebPEncodeLosslessRGB
WebPEncodeLosslessRGBA
WebPEncodeRGB
WebPEncodeRGBA
WebPEncodingSetError
WebPEstimateBestFilter
WebPExtractAlpha
WebPExtractGreen
WebPFilters
WebPFlipBuffer
WebPFree
WebPFreeDecBuffer
WebPGetColorPalette
WebPGetDecoderVersion
WebPGetEncoderVersion
WebPGetFeaturesInternal
WebPGetInfo
WebPGetLinePairConverter
WebPGetWorkerInterface
WebPGrabDecBuffer
WebPHasAlpha32b
WebPHasAlpha8b
WebPIAppend
WebPIDecGetRGB
WebPIDecGetYUVA
WebPIDecode
WebPIDecodedArea
WebPIDelete
WebPINewDecoder
WebPINewRGB
WebPINewYUV
WebPINewYUVA
WebPISetIOHooks
WebPIUpdate
WebPInitAlphaProcessing
WebPInitAlphaProcessingMIPSdspR2
WebPInitAlphaProcessingNEON
WebPInitAlphaProcessingSSE2
WebPInitAlphaProcessingSSE41
WebPInitConvertARGBToYUV
WebPInitConvertARGBToYUVNEON
WebPInitConvertARGBToYUVSSE2
WebPInitConvertARGBToYUVSSE41
WebPInitCustomIo
WebPInitDecBufferInternal
WebPInitDecoderConfigInternal
WebPInitSamplers
WebPInitSamplersMIPS32
WebPInitSamplersMIPSdspR2
WebPInitSamplersSSE2
WebPInitSamplersSSE41
WebPInitSharpYUVNEON
WebPInitSharpYUVSSE2
WebPInitUpsamplers
WebPInitUpsamplersMIPSdspR2
WebPInitUpsamplersMSA
WebPInitUpsamplersNEON
WebPInitUpsamplersSSE2
WebPInitUpsamplersSSE41
WebPInitYUV444Converters
WebPInitYUV444ConvertersMIPSdspR2
WebPInitYUV444ConvertersSSE2
WebPInitYUV444ConvertersSSE41
WebPIoInitFromOptions
WebPMemoryWrite
WebPMemoryWriterClear
WebPMemoryWriterInit
WebPMultARGBRow
WebPMultARGBRow_C
WebPMultARGBRows
WebPMultRow
WebPMultRow_C
WebPMultRows
WebPPackRGB
WebPParseHeaders
WebPPictureARGBToYUVA
WebPPictureARGBToYUVADithered
WebPPictureAlloc
WebPPictureAllocARGB
WebPPictureAllocYUVA
WebPPictureCopy
WebPPictureCrop
WebPPictureDistortion
WebPPictureFree
WebPPictureHasTransparency
WebPPictureImportBGR
WebPPictureImportBGRA
WebPPictureImportBGRX
WebPPictureImportRGB
WebPPictureImportRGBA
WebPPictureImportRGBX
WebPPictureInitInternal
WebPPictureIsView
WebPPictureRescale
WebPPictureResetBuffers
WebPPictureSharpARGBToYUVA
WebPPictureSmartARGBToYUVA
WebPPictureView
WebPPictureYUVAToARGB
WebPPlaneDistortion
WebPReportProgress
WebPRescaleNeededLines
WebPRescalerDspInit
WebPRescalerDspInitMIPS32
WebPRescalerDspInitMIPSdspR2
WebPRescalerDspInitMSA
WebPRescalerDspInitNEON
WebPRescalerDspInitSSE2
WebPRescalerExport
WebPRescalerExportRow
WebPRescalerExportRowExpand
WebPRescalerExportRowExpand_C
WebPRescalerExportRowShrink
WebPRescalerExportRowShrink_C
WebPRescalerGetScaledDimensions
WebPRescalerImport
WebPRescalerImportRow
WebPRescalerImportRowExpand
WebPRescalerImportRowExpand_C
WebPRescalerImportRowShrink
WebPRescalerImportRowShrink_C
WebPRescalerInit
WebPResetDecParams
WebPSafeCalloc
WebPSafeFree
WebPSafeMalloc
WebPSamplerProcessPlane
WebPSamplers
WebPSetWorkerInterface
WebPSharpYUVFilterRow
WebPSharpYUVUpdateRGB
WebPSharpYUVUpdateY
WebPUnfilters
WebPUpsamplers
WebPValidateConfig
WebPYUV444Converters
WebPYuv444ToArgb_C
WebPYuv444ToBgr_C
WebPYuv444ToBgra_C

Sections

.text
Size: 354KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
mfwrap.dll
.dll windows:6 windows x64 arch:x64

c64fbb7bebcc6c4af6d9722b74103fbd

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0f:d1:8e:28:fc:9b:cb:3d:dc:0a:f6:70:48:be:e1:ce:12:9d:a7:b2:b0:f5:95:4d:d1:48:d1:79:e7:4d:e6:1e
Signer

Actual PE Digest

0f:d1:8e:28:fc:9b:cb:3d:dc:0a:f6:70:48:be:e1:ce:12:9d:a7:b2:b0:f5:95:4d:d1:48:d1:79:e7:4d:e6:1e

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\mfwrap.pdb

Imports

mf

MFEnumDeviceSources

mfplat

MFTEnumEx
MFCreateMediaType
MFGetStrideForBitmapInfoHeader
MFCreateAttributes
MFStartup
MFCreateSample
MFCreateDXGISurfaceBuffer
MFCreateDXGIDeviceManager
MFShutdown

mfreadwrite

MFCreateSourceReaderFromMediaSource

shlwapi

ord219
StrRChrW

kernel32

InitializeCriticalSectionEx
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
OutputDebugStringW
QueryPerformanceFrequency
QueryPerformanceCounter
WaitForSingleObject
GetLastError
GetModuleFileNameW
LoadLibraryW
GetProcAddress
FreeLibrary
MulDiv
HeapAlloc
GetProcessHeap
InitializeCriticalSection
HeapFree
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
RtlCaptureContext
CreateThread

user32

SetRect

ole32

CoInitializeEx
CoTaskMemFree
CoUninitialize

vcruntime140_1

__CxxFrameHandler4

vcruntime140

_CxxThrowException
__C_specific_handler
__std_terminate
memcpy
__std_type_info_destroy_list
__std_exception_destroy
memset
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_initterm
_cexit
_initterm_e
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table

Exports

Exports

CameraStreamStart
CameraStreamStop
MFVideoEncoderInit
MFVideoEncoderRelease

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
officehook.dll
.dll windows:6 windows x64 arch:x64

9ef61095aa73bae5a01683a878f1d64c

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:a6:10:a3:de:37:4f:26:d4:6a:c5:40:d6:3d:31:72:07:ca:df:6e:82:a3:99:75:1b:7a:80:15:09:ce:2a:12
Signer

Actual PE Digest

6d:a6:10:a3:de:37:4f:26:d4:6a:c5:40:d6:3d:31:72:07:ca:df:6e:82:a3:99:75:1b:7a:80:15:09:ce:2a:12

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\officehook.pdb

Imports

oleacc

AccessibleObjectFromWindow

ws2_32

htonl

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
InitializeSListHead
FindFirstFileW
FindNextFileW
RemoveDirectoryW
FindClose
SetFileAttributesW
GetLastError
DeleteFileW
GetCurrentThreadId
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetCurrentProcessId

user32

SetWindowPos
GetAncestor
SetForegroundWindow
GetClassNameW
GetForegroundWindow
ShowWindow
GetSystemMetrics
FindWindowExW
SendMessageW
EnumChildWindows

shell32

ord165

ole32

CoUninitialize
CoInitializeEx

oleaut32

VariantInit
SysAllocString
VariantClear

msvcp140

?_Xout_of_range@std@@YAXPEBD@Z
?_Xlength_error@std@@YAXPEBD@Z

vcruntime140

memset
_CxxThrowException
__C_specific_handler
__std_exception_copy
__std_exception_destroy
memcpy
__std_type_info_destroy_list
memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf_s

api-ms-win-crt-string-l1-1-0

wcscat_s

api-ms-win-crt-runtime-l1-1-0

_initterm
_crt_atexit
_initterm_e
_configure_narrow_argv
_seh_filter_dll
_initialize_onexit_table
_cexit
_invalid_parameter_noinfo_noreturn
_errno
_invalid_parameter_noinfo
_execute_onexit_table
_register_onexit_function
_initialize_narrow_environment

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

Exports

Exports

Dispos
ExitRunPPT
GetOpenedPPTTitles
GetPresentationDetail
GetSlideCount
GetSlideImage
InitPPT
RunPPT
SelectSlide

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 84B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
rtcompress.dll
.dll windows:6 windows x64 arch:x64

7e386e66e33c837a04248be8d67a70c4

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

01-09-1998 12:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

Issuer

CN=GlobalSign Root CA,OU=Root CA,O=GlobalSign nv-sa,C=BE

Not Before

19-09-2018 00:00

Not After

28-01-2028 12:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R3,O=GlobalSign

Not Before

28-07-2020 00:00

Not After

18-03-2029 00:00

Subject

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

Issuer

CN=GlobalSign Code Signing Root R45,O=GlobalSign nv-sa,C=BE

Not Before

28-07-2020 00:00

Not After

28-07-2030 00:00

Subject

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

Issuer

CN=GlobalSign GCC R45 EV CodeSigning CA 2020,O=GlobalSign nv-sa,C=BE

Not Before

07-08-2023 04:16

Not After

06-09-2024 04:16

Subject

SERIALNUMBER=91320594MA251F5K75,CN=Monect (Suzhou) Co.\, Ltd.,O=Monect (Suzhou) Co.\, Ltd.,L=Suzhou,ST=Jiangsu,C=CN,1.3.6.1.4.1.311.60.2.1.1=#130653555a484f55,1.3.6.1.4.1.311.60.2.1.2=#13074a49414e475355,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

Issuer

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Not Before

02-11-2023 10:30

Not After

04-12-2034 10:30

Subject

CN=Globalsign TSA for Advanced - G4 - 202311,O=GlobalSign nv-sa,C=BE

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

20-06-2018 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign Timestamping CA - SHA384 - G4,O=GlobalSign nv-sa,C=BE

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

Issuer

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Not Before

10-12-2014 00:00

Not After

10-12-2034 00:00

Subject

CN=GlobalSign,OU=GlobalSign Root CA - R6,O=GlobalSign

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

eb:71:e2:da:e3:18:d9:0b:cf:16:c2:74:d6:80:92:d8:d8:ce:b7:6f:a3:ea:80:dd:c0:94:b4:90:ea:c3:e6:f4
Signer

Actual PE Digest

eb:71:e2:da:e3:18:d9:0b:cf:16:c2:74:d6:80:92:d8:d8:ce:b7:6f:a3:ea:80:dd:c0:94:b4:90:ea:c3:e6:f4

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\Users\monec\Documents\workspace\Monect_host\x64\Release\rtcompress.pdb

Imports

swscale-6

sws_freeContext
sws_getCachedContext
sws_scale

kernel32

IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WaitForSingleObject
CloseHandle
CreateThread
GetStdHandle
MultiByteToWideChar
GetConsoleMode
WriteConsoleW
GetCurrentThread
SetThreadPriority
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ReleaseSemaphore
CreateEventW
CreateSemaphoreW
GetCurrentProcess
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
FreeLibrary
LoadLibraryW
GetThreadPriority
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
TerminateProcess

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
__C_specific_handler
memset
memcpy
strstr
strchr
memcmp
memmove
__std_terminate

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc
_callnewh

api-ms-win-crt-stdio-l1-1-0

_fseeki64
fread
fclose
_ftelli64
_wfopen
fwrite
fputc
fputs
__acrt_iob_func
_fileno
__stdio_common_vfprintf
__stdio_common_vsprintf
__stdio_common_vsscanf

api-ms-win-crt-string-l1-1-0

isdigit
_strdup
strcspn
_stricmp
strncmp
_strnicmp
strspn
strcmp
strpbrk
strtok_s

api-ms-win-crt-convert-l1-1-0

strtod
strtol

api-ms-win-crt-filesystem-l1-1-0

_fstat64
_wrename
_wunlink

api-ms-win-crt-math-l1-1-0

floor
log
lrintf
log2f
log10
pow
exp
sqrt
_dclass
cos
powf
round
log2

api-ms-win-crt-runtime-l1-1-0

_wassert
_cexit
_beginthreadex
_crt_atexit
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
abort
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e
_execute_onexit_table

Exports

Exports

HWEncderRelease
HWEncoderInit
OpusDecode
OpusDecoderInit
OpusDecoderRelease
OpusEncode
OpusEncoderInit
OpusEncoderRelease
SwsScale
SwsScaleInit
SwsScaleRelease
X264Encode
X264EncodeVFlip
X264Init
X264Release
adpcm_create_context
adpcm_decode_block
adpcm_encode_block
adpcm_free_context

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 348KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 999KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
swresample-4.dll
.dll windows:4 windows x64 arch:x64

ea65996d801c1b342ffbb0a72cac1321

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
__setusermatherr
_amsg_exit
_errno
_initterm
_lock
_time64
_unlock
abort
asin
atoi
calloc
div
fputc
free
fwrite
getenv
log10
malloc
memcpy
memmove
memset
realloc
strlen
strncmp
vfprintf

avutil-57

av_calloc
av_channel_layout_extract_channel
av_frame_get_buffer
av_free
av_freep
av_get_bytes_per_sample
av_get_channel_layout_nb_channels
av_get_channel_layout_string
av_get_channel_name
av_get_cpu_flags
av_get_default_channel_layout
av_get_packed_sample_fmt
av_get_planar_sample_fmt
av_get_sample_fmt_name
av_log
av_malloc_array
av_mallocz
av_opt_set_defaults
av_opt_set_int
av_reduce
av_rescale
av_rescale_rnd
av_sample_fmt_is_planar

Exports

Exports

swr_alloc
swr_alloc_set_opts
swr_build_matrix
swr_close
swr_config_frame
swr_convert
swr_convert_frame
swr_drop_output
swr_ffversion
swr_free
swr_get_class
swr_get_delay
swr_get_out_samples
swr_init
swr_inject_silence
swr_is_initialized
swr_next_pts
swr_set_channel_mapping
swr_set_compensation
swr_set_matrix
swresample_configuration
swresample_license
swresample_version

Sections

.text
Size: 361KB - Virtual size: 361KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 212KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
swscale-6.dll
.dll windows:4 windows x64 arch:x64

c5b3ebeb069f26c5a5bbc3e68fbad949

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetProcessAffinityMask
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetTickCount64
InitializeCriticalSection
IsDebuggerPresent
LeaveCriticalSection
OpenProcess
OutputDebugStringA
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
__C_specific_handler

msvcrt

__iob_func
__setusermatherr
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_lock
_setjmp
_strdup
_ultoa
_unlock
abort
calloc
exit
fprintf
free
fwrite
longjmp
malloc
memcpy
memmove
memset
printf
realloc
signal
strlen
strncmp
vfprintf

avutil-57

av_calloc
av_fast_malloc
av_fast_realloc
av_frame_alloc
av_frame_free
av_frame_get_buffer
av_frame_ref
av_frame_unref
av_free
av_freep
av_get_bits_per_pixel
av_get_cpu_flags
av_get_pix_fmt_name
av_image_alloc
av_log
av_malloc
av_malloc_array
av_mallocz
av_opt_copy
av_opt_get_int
av_opt_set_defaults
av_opt_set_int
av_pix_fmt_desc_get
av_pix_fmt_get_chroma_sub_sample
av_pix_fmt_swap_endianness
avpriv_slicethread_create
avpriv_slicethread_execute
avpriv_slicethread_free

Exports

Exports

sws_allocVec
sws_alloc_context
sws_alloc_set_opts
sws_convertPalette8ToPacked24
sws_convertPalette8ToPacked32
sws_frame_end
sws_frame_start
sws_freeContext
sws_freeFilter
sws_freeVec
sws_getCachedContext
sws_getCoefficients
sws_getColorspaceDetails
sws_getContext
sws_getDefaultFilter
sws_getGaussianVec
sws_get_class
sws_init_context
sws_isSupportedEndiannessConversion
sws_isSupportedInput
sws_isSupportedOutput
sws_normalizeVec
sws_receive_slice
sws_receive_slice_alignment
sws_scale
sws_scaleVec
sws_scale_frame
sws_send_slice
sws_setColorspaceDetails
swscale_configuration
swscale_license
swscale_version

Sections

.text
Size: 526KB - Virtual size: 526KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 936B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
uninst.exe.nsis
zlib1.dll
.dll windows:4 windows x64 arch:x64

9833fe070c600df4abfd312b6aa69324

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetSystemTimeAsFileTime
GetTickCount
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
RtlAddFunctionTable
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery

msvcrt

__dllonexit
__iob_func
_amsg_exit
_close
_errno
_initterm
_lock
_lseek
_open
_onexit
_read
_unlock
_vsnprintf
_wopen
_write
abort
calloc
fputs
free
malloc
memchr
memcpy
memset
signal
strerror
strlen
strncmp
vfprintf
wcstombs

Exports

Exports

adler32
adler32_combine
adler32_combine64
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
get_crc_table
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
uncompress
uncompress2
zError
zlibCompileFlags
zlibVersion

Sections

.text
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 104B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 912B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 184B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

Password: infected

6e7f9a29f2c85394521a08b9f31f6275

Code Sign

04:00:00:00:00:01:15:4b:5a:c3:94Certificate

Key Usages

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6aCertificate

Key Usages

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54Certificate

Extended Key Usages

Key Usages

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:edCertificate

Extended Key Usages

Key Usages

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28Certificate

Extended Key Usages

Key Usages

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15Certificate

Extended Key Usages

Key Usages

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74Certificate

Key Usages

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51Certificate

Key Usages

b8:7e:40:fa:1e:e4:71:0a:b1:b4:85:66:2b:a6:11:27:0d:92:2f:c5:bc:44:ef:42:1f:a8:4f:4f:25:97:27:1fSigner

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

shell32

ole32

comctl32

user32

gdi32

kernel32

Sections

.text Size: 26KB - Virtual size: 25KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 172KB

.ndata Size: - Virtual size: 72KB

.rsrc Size: 119KB - Virtual size: 119KB

Password: infected

4b45b7e00344a87332fbd12653854d1a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 2KB - Virtual size: 19KB

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1KB - Virtual size: 1KB

Password: infected

3e8d18bb71c7ebbda2ddc2a4bb03547b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 1024B - Virtual size: 681B

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

b8:7e:40:fa:1e:e4:71:0a:b1:b4:85:66:2b:a6:11:27:0d:92:2f:c5:bc:44:ef:42:1f:a8:4f:4f:25:97:27:1f
Signer

.text
Size: 26KB - Virtual size: 25KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 172KB

.ndata
Size: - Virtual size: 72KB

.rsrc
Size: 119KB - Virtual size: 119KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 2KB - Virtual size: 19KB

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 1024B - Virtual size: 681B

.data
Size: 512B - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 352B

.reloc
Size: 512B - Virtual size: 352B

.text
Size: 8KB - Virtual size: 8KB

.rdata
Size: 1024B - Virtual size: 867B

.data
Size: 512B - Virtual size: 120B

.reloc
Size: 1024B - Virtual size: 648B

04:00:00:00:00:01:15:4b:5a:c3:94
Certificate

01:ee:5f:16:9d:ff:97:35:2b:64:65:d6:6a
Certificate

78:03:18:42:45:70:8a:41:cf:6f:01:b8:ee:b4:a9:54
Certificate

77:bd:0e:05:b7:59:0b:b6:1d:47:61:53:1e:3f:75:ed
Certificate

5e:c9:ed:d5:94:78:85:7b:d5:61:c6:28
Certificate

01:19:75:74:71:c9:92:d7:44:df:a5:96:eb:b9:70:15
Certificate

01:ec:1c:92:40:de:fd:2e:40:5d:7c:47:74
Certificate

45:e6:bb:03:83:33:c3:85:65:48:e6:ff:45:51
Certificate

4a:2b:7a:4e:aa:fd:ca:56:bf:e8:fa:12:82:0c:78:6b:42:81:2f:40:e2:00:56:7a:9d:30:1b:03:99:3a:16:ce
Signer