144916d4b12568e82c897ccf1640e2d8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

144916d4b12568e82c897ccf1640e2d8_JaffaCakes118
Size

1.7MB
MD5

144916d4b12568e82c897ccf1640e2d8
SHA1

8c55fbdbe9cc23ba80004a834ead46ffc628296e
SHA256

10d3bb7d3003fc6a23c12c0dd010b7e6c1df9282a02cad923f6411a320f187bc
SHA512

5822f9fac3396c739066343042a5b7d942ffa984aa36e528ebf294664c5d8d4a5efac337c98a188e162c76f4c41bbd037bb2bee5ce69e9f15736d55ca832b231
SSDEEP

24576:lBL/TJvaWFyryf98caXGcNFXkWwgmKjCEBoNAddplfXVvXoE/7aJ1U4f1b1TZHeN:rL1DFKcaLN5lOEqNAdJXVgE/mz51dHPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 10 IoCs

Checks for missing Authenticode signature.

resource
unpack001/$PLUGINSDIR/System.dll
unpack001/$TEMP/GSafe/SSL/import_root_cert.exe
unpack001/$TEMP/GSafe/SSL/nss/certutil.exe
unpack001/$TEMP/GSafe/SSL/nss/nss3.dll
unpack001/$TEMP/GSafe/SSL/nss/smime3.dll
unpack001/$TEMP/GSafe/SSL/nss/softokn3.dll
unpack001/ProtocolFilters.dll
unpack001/libeay32.dll
unpack001/nfapi.dll
unpack001/ssleay32.dll

NSIS installer 2 IoCs

installer

resource	yara_rule
sample	nsis_installer_1
sample	nsis_installer_2

Files

144916d4b12568e82c897ccf1640e2d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

099c0646ea7282d232219f8807883be0

Code Sign

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16/11/2006, 01:54

Not After

16/11/2026, 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

04:6d:11:ec:a3:8a:a4
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

16/12/2014, 12:57

Not After

20/10/2015, 21:14

Subject

CN=GENCO LABS LLC,O=GENCO LABS LLC,L=Lewes,ST=Delaware,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

Signer

Actual PE Digest

Digest Algorithm

PE Digest Matches

false

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
SearchPathA
GetShortPathNameA
GetFullPathNameA
MoveFileA
SetCurrentDirectoryA
GetFileAttributesA
GetLastError
CreateDirectoryA
SetFileAttributesA
Sleep
GetTickCount
CreateFileA
GetFileSize
GetModuleFileNameA
GetCurrentProcess
CopyFileA
ExitProcess
SetFileTime
GetTempPathA
GetCommandLineA
SetErrorMode
LoadLibraryA
lstrcpynA
GetDiskFreeSpaceA
GlobalUnlock
GlobalLock
CreateThread
CreateProcessA
RemoveDirectoryA
GetTempFileNameA
lstrlenA
lstrcatA
GetSystemDirectoryA
GetVersion
CloseHandle
lstrcmpiA
lstrcmpA
ExpandEnvironmentStringsA
GlobalFree
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GetModuleHandleA
LoadLibraryExA
GetProcAddress
FreeLibrary
MultiByteToWideChar
WritePrivateProfileStringA
GetPrivateProfileStringA
WriteFile
ReadFile
MulDiv
SetFilePointer
FindClose
FindNextFileA
FindFirstFileA
DeleteFileA
GetWindowsDirectoryA

user32

EndDialog
ScreenToClient
GetWindowRect
EnableMenuItem
GetSystemMenu
SetClassLongA
IsWindowEnabled
SetWindowPos
GetSysColor
GetWindowLongA
SetCursor
LoadCursorA
CheckDlgButton
GetMessagePos
LoadBitmapA
CallWindowProcA
IsWindowVisible
CloseClipboard
SetClipboardData
EmptyClipboard
RegisterClassA
TrackPopupMenu
AppendMenuA
CreatePopupMenu
GetSystemMetrics
SetDlgItemTextA
GetDlgItemTextA
MessageBoxIndirectA
CharPrevA
DispatchMessageA
PeekMessageA
DestroyWindow
CreateDialogParamA
SetTimer
SetWindowTextA
PostQuitMessage
SetForegroundWindow
wsprintfA
SendMessageTimeoutA
FindWindowExA
SystemParametersInfoA
CreateWindowExA
GetClassInfoA
DialogBoxParamA
CharNextA
OpenClipboard
ExitWindowsEx
IsWindow
GetDlgItem
SetWindowLongA
LoadImageA
GetDC
EnableWindow
InvalidateRect
SendMessageA
DefWindowProcA
BeginPaint
GetClientRect
FillRect
DrawTextA
EndPaint
ShowWindow

gdi32

SetBkColor
GetDeviceCaps
DeleteObject
CreateBrushIndirect
CreateFontIndirectA
SetBkMode
SetTextColor
SelectObject

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetFileInfoA
ShellExecuteA
SHFileOperationA
SHGetSpecialFolderLocation

advapi32

RegQueryValueExA
RegSetValueExA
RegEnumKeyA
RegEnumValueA
RegOpenKeyExA
RegDeleteKeyA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

ole32

CoTaskMemFree
OleInitialize
OleUninitialize
CoCreateInstance

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 36KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/GSafe/SSL/GSafeSSL.cer
$TEMP/GSafe/SSL/import.bat
$TEMP/GSafe/SSL/import_root_cert.exe
.exe windows:4 windows x86 arch:x86

fe88de5311928dafcb49148bfb766f02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\projects\NetFilter2\ProtocolFilters\tools\import_root_cert\Release\import_root_cert.pdb

Imports

kernel32

SetCurrentDirectoryW
CreateProcessW
WaitForSingleObject
CloseHandle
ExpandEnvironmentStringsW
FindFirstFileW
FindNextFileW
FindClose
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetStartupInfoW
RaiseException
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
MultiByteToWideChar
GetLastError
ReadFile
SetFilePointer
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
WriteFile
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
ExitProcess
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineA
GetCommandLineW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
Sleep
CreateFileW
InitializeCriticalSection
SetStdHandle
VirtualAlloc
HeapReAlloc
FlushFileBuffers
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
HeapSize
LoadLibraryA
SetEndOfFile
CreateFileA

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$TEMP/GSafe/SSL/nss/certutil.exe
.exe windows:4 windows x86 arch:x86

4bfff94eb6c93e4a6872b3beda65ae7f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

smime3

CERT_DecodeCertFromPackage

nss3

CERT_AddExtension
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
PORT_ArenaZAlloc
SECOID_FindOIDByTag
PORT_ArenaAlloc
CERT_EncodeBasicConstraintValue
CERT_EncodeAuthKeyID
PORT_ArenaRelease
CERT_DestroyName
CERT_CopyName
PORT_ArenaMark
CERT_EncodeCRLDistributionPoints
PORT_ArenaGrow
CERT_CopyRDN
CERT_DestroyCertificateRequest
CERT_MergeExtensions
CERT_GetCertificateRequestExtensions
SECOID_FindOIDTag
CERT_StartCertExtensions
CERT_VerifySignedDataWithPublicKeyInfo
SEC_ASN1DecodeItem
NSS_Get_CERT_SignedDataTemplate
CERT_DestroyValidity
CERT_CreateCertificate
CERT_CreateValidity
NSS_Get_CERT_CertificateTemplate
SECOID_SetAlgorithmID
PK11_FindKeyByAnyCert
PK11_GenerateKeyPair
PK11_RandomUpdate
SEC_ASN1Decode
ATOB_AsciiToData
PK11_ProtectedAuthenticationPath
PK11_ChangePW
PK11_CheckUserPassword
PK11_InitPin
PK11_NeedUserInit
SECITEM_FreeItem
CERT_StartCertificateRequestAttributes
ATOB_ConvertAsciiToItem
DER_GetInteger
DER_UTCTimeToTime
PK11_GetSlotName
CERT_GetOidString
SECOID_FindOID
CERT_GenTime2FormattedAscii
NSS_Get_SEC_GeneralizedTimeTemplate
CERT_DestroyOidSequence
CERT_DecodeOidSequence
CERT_DecodeBasicConstraintValue
CERT_DecodeAuthKeyID
CERT_GetNextGeneralName
CERT_DecodeAltNameExtension
CERT_DecodeCRLDistributionPoints
CERT_DecodeNameConstraintsExtension
CERT_GetNextNameConstraint
CERT_DecodeAuthInfoAccessExtension
CERT_NameToAscii
SEC_QuickDERDecodeItem
SECKEY_ExtractPublicKey
CERT_Hexify
PK11_HashBuf
SECOID_AddEntry
CERT_DestroyCertificatePoliciesExtension
SECITEM_CopyItem
CERT_DestroyUserNotice
CERT_DecodeUserNotice
CERT_DecodePrivKeyUsagePeriodExtension
PORT_FreeArena
CERT_FinishExtensions
CERT_FinishCertificateRequestAttributes
NSS_Get_CERT_CertificateRequestTemplate
SEC_ASN1EncodeItem
SEC_GetSignatureAlgorithmOidTag
PK11_GetTokenName
PK11_FreeSlotList
PK11_DeleteTokenCertAndKey
PK11_GetPrivateKeyNickname
PK11_ListPrivateKeysInSlot
SECKEY_DestroyPrivateKeyList
PK11_GetAllTokens
DER_AsciiToTime
CERT_VerifyCertificate
PORT_GetError
PORT_SetError
SEC_DeletePermCertificate
CERT_CreateSubjectCertList
BTOA_DataToAscii
PK11_ListCertsInSlot
PK11_ListCerts
CERT_DestroyCertList
PK11_FindCertFromNickname
CERT_CertChainFromCert
CERT_FindCertByDERCert
CERT_DestroyCertificateList
CERT_FindCertByNicknameOrEmailAddr
SECKEY_CreateSubjectPublicKeyInfo
CERT_CreateCertificateRequest
DER_GeneralizedTimeToTime
PORT_NewArena
SEC_DerSignData
BTOA_ConvertItemToAscii
CERT_GetCommonName
CERT_GetCertEmailAddress
CERT_GetOrgName
CERT_GetStateName
CERT_GetCountryName
PORT_ZAlloc
CERT_DecodeTrustString
PK11_IsFriendly
PK11_ImportCert
CERT_ChangeCertTrust
CERT_SaveSMimeProfile
CERT_DestroyCertificate
CERT_AsciiToName
PK11_SetPasswordFunc
NSS_Initialize
CERT_GetDefaultCertDB
CERT_GetDBContentVersion
PK11_GetInternalKeySlot
PK11_FindSlotByName
PK11_ResetToken
PK11_NeedLogin
PK11_Authenticate
PK11_FreeSlot
SECKEY_DestroyPrivateKey
SECKEY_DestroyPublicKey
PORT_Strdup
PORT_Alloc
PORT_Realloc
PORT_Free
NSS_Shutdown
NSS_Get_SEC_ObjectIDTemplate
SECITEM_AllocItem

plc4

PL_CreateOptState
PL_GetNextOpt
PL_strlen
PL_strcmp
PL_strdup

nspr4

PR_GetErrorText
PR_IsNetAddrType
PR_NetAddrToString
PR_snprintf
PR_smprintf
PR_smprintf_free
PR_FormatTime
PR_GetEnv
PR_GetOpenFileInfo
PR_GMTParameters
PR_ExplodeTime
PR_ImplodeTime
PR_Sync
PR_Read
PR_Write
PR_GetSpecialFD
PR_fprintf
PR_Now
PR_Open
PR_GetOSError
PR_GetError
PR_Init
PR_Close
PR_Delete
PR_GetErrorTextLength

msvcrt

_fileno
_getch
_strdup
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
__p___initenv
_XcptFilter
_exit
malloc
strstr
_errno
strerror
vfprintf
sprintf
free
getc
scanf
fflush
gets
puts
_iob
fprintf
strrchr
atoi
printf
fopen
fgets
strpbrk
__mb_cur_max
_isctype
_pctype
strchr
fclose
exit
__p__fmode
__set_app_type
_except_handler3
_controlfp
__p__commode

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
$TEMP/GSafe/SSL/nss/mozcrt19.dll
.dll windows:4 windows x86 arch:x86

7cea1bcca1ff18e164507fda5b70c620

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:cc:37:35:e9:ec:1f:c9:71:67:0e:73:e3:69:c7:91
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

30/10/2009, 00:00

Not After

30/10/2010, 23:59

Subject

CN=Mozilla Corporation,OU=Release Engineering,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

d9:6d:c7:8e:a6:fa:0a:7b:10:3b:1a:05:51:cf:8f:d6:d7:18:c7:39
Signer

Actual PE Digest

d9:6d:c7:8e:a6:fa:0a:7b:10:3b:1a:05:51:cf:8f:d6:d7:18:c7:39

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\builds\moz2_slave\win32_build\build\obj-firefox\memory\jemalloc\crtsrc\build\intel\MOZCRT19.pdb

Imports

msvcrt

_getdrives

kernel32

GetCurrentProcessId
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetCurrentThreadId
TlsGetValue
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
Sleep
GetEnvironmentVariableA
VirtualFree
VirtualAlloc
GetSystemInfo
SetHandleCount
GetFileType
GetStartupInfoA
WideCharToMultiByte
GetConsoleCP
GetConsoleMode
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetFilePointer
SetStdHandle
CreateFileA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
MultiByteToWideChar
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
QueryPerformanceCounter
GetTickCount
SetLocalTime
GetSystemTimeAsFileTime
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetLocaleInfoW
SetEnvironmentVariableA
SetEnvironmentVariableW
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
RtlUnwind
GetTimeFormatA
GetDateFormatA
GetTimeZoneInformation
FlushFileBuffers
CompareStringA
CompareStringW
Beep
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDiskFreeSpaceA
GetLogicalDrives
SetErrorMode
GetFileAttributesA
GetCurrentDirectoryA
SetCurrentDirectoryA
SetFileAttributesA
GetFullPathNameA
GetDriveTypeA
CreateDirectoryA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
DeleteFileW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
MoveFileA
RaiseException
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
CreateProcessW
VirtualProtect
VirtualQuery
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetConsoleMode
SetEndOfFile
DuplicateHandle
GetFileInformationByHandle
PeekNamedPipe
ReadConsoleInputA
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
LockFile
UnlockFile
CreatePipe
ReadFile
CreateFileW
LoadLibraryW
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime

Exports

Exports

$I10_OUTPUT
??0__non_rtti_object@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@ABV01@@Z
??0bad_cast@std@@QAE@PBD@Z
??0bad_typeid@std@@QAE@ABV01@@Z
??0bad_typeid@std@@QAE@PBD@Z
??0exception@std@@QAE@ABQBD@Z
??0exception@std@@QAE@ABQBDH@Z
??0exception@std@@QAE@ABV01@@Z
??0exception@std@@QAE@XZ
??1__non_rtti_object@std@@UAE@XZ
??1bad_cast@std@@UAE@XZ
??1bad_typeid@std@@UAE@XZ
??1exception@std@@UAE@XZ
??1type_info@@UAE@XZ
??2@YAPAXI@Z
??2@YAPAXIHPBDH@Z
??3@YAXPAX@Z
??4__non_rtti_object@std@@QAEAAV01@ABV01@@Z
??4bad_cast@std@@QAEAAV01@ABV01@@Z
??4bad_typeid@std@@QAEAAV01@ABV01@@Z
??4exception@std@@QAEAAV01@ABV01@@Z
??8type_info@@QBE_NABV0@@Z
??9type_info@@QBE_NABV0@@Z
??_7__non_rtti_object@std@@6B@
??_7bad_cast@std@@6B@
??_7bad_typeid@std@@6B@
??_7exception@@6B@
??_7exception@std@@6B@
??_Fbad_cast@std@@QAEXXZ
??_Fbad_typeid@std@@QAEXXZ
??_U@YAPAXI@Z
??_U@YAPAXIHPBDH@Z
??_V@YAXPAX@Z
?_Name_base@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Name_base_internal@type_info@@CAPBDPBV1@PAU__type_info_node@@@Z
?_Type_info_dtor@type_info@@CAXPAV1@@Z
?_Type_info_dtor_internal@type_info@@CAXPAV1@@Z
?_ValidateExecute@@YAHP6GHXZ@Z
?_ValidateRead@@YAHPBXI@Z
?_ValidateWrite@@YAHPAXI@Z
?_inconsistency@@YAXXZ
?_invalid_parameter@@YAXPBG00II@Z
?_is_exception_typeof@@YAHABVtype_info@@PAU_EXCEPTION_POINTERS@@@Z
?_name_internal_method@type_info@@QBEPBDPAU__type_info_node@@@Z
?_open@@YAHPBDHH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZH@Z
?_set_se_translator@@YAP6AXIPAU_EXCEPTION_POINTERS@@@ZP6AXI0@Z@Z
?_sopen@@YAHPBDHHH@Z
?_type_info_dtor_internal_method@type_info@@QAEXXZ
?_wopen@@YAHPB_WHH@Z
?_wsopen@@YAHPB_WHHH@Z
?before@type_info@@QBEHABV1@@Z
?name@type_info@@QBEPBDPAU__type_info_node@@@Z
?raw_name@type_info@@QBEPBDXZ
?set_terminate@@YAP6AXXZH@Z
?set_terminate@@YAP6AXXZP6AXXZ@Z
?set_unexpected@@YAP6AXXZH@Z
?set_unexpected@@YAP6AXXZP6AXXZ@Z
?swprintf@@YAHPAGIPBGZZ
?swprintf@@YAHPA_WIPB_WZZ
?terminate@@YAXXZ
?unexpected@@YAXXZ
?vswprintf@@YAHPA_WIPB_WPAD@Z
?what@exception@std@@UBEPBDXZ
@_calloc_crt@8
@_malloc_crt@4
@_realloc_crt@8
_CIacos
_CIasin
_CIatan
_CIatan2
_CIcos
_CIcosh
_CIexp
_CIfmod
_CIlog
_CIlog10
_CIpow
_CIsin
_CIsinh
_CIsqrt
_CItan
_CItanh
_CRT_RTC_INIT
_CRT_RTC_INITW
_CreateFrameInfo
_CxxThrowException
_EH_prolog
_FindAndUnlinkFrame
_Getdays
_Getmonths
_Gettnames
_HUGE
_IsExceptionObjectToBeDestroyed
_NLG_Dispatch2
_NLG_Return
_NLG_Return2
_Strftime
_XcptFilter
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__CppXcptFilter
__CxxCallUnwindDelDtor
__CxxCallUnwindDtor
__CxxCallUnwindStdDelDtor
__CxxCallUnwindVecDtor
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxLongjmpUnwind
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__STRINGTOLD
__STRINGTOLD_L
__TypeMatch
___fls_getvalue@4
___fls_setvalue@8
___lc_codepage_func
___lc_collate_cp_func
___lc_handle_func
___mb_cur_max_func
___mb_cur_max_l_func
___setlc_active_func
___unguarded_readlc_active_add_func
__argc
__argv
__badioinfo
__clean_type_info_names_internal
__control87_2
__create_locale
__crtCompareStringA
__crtCompareStringW
__crtGetLocaleInfoW
__crtGetStringTypeW
__crtLCMapStringA
__crtLCMapStringW
__daylight
__dllonexit
__doserrno
__dstbias
__fpecode
__free_locale
__get_app_type
__get_current_locale
__get_flsindex
__get_tlsindex
__getmainargs
__initenv
__iob_func
__isascii
__iscsym
__iscsymf
__iswcsym
__iswcsymf
__lc_clike
__lc_codepage
__lc_collate_cp
__lc_handle
__lconv
__lconv_init
__libm_sse2_acos
__libm_sse2_acosf
__libm_sse2_asin
__libm_sse2_asinf
__libm_sse2_atan
__libm_sse2_atan2
__libm_sse2_atanf
__libm_sse2_cos
__libm_sse2_cosf
__libm_sse2_exp
__libm_sse2_expf
__libm_sse2_log
__libm_sse2_log10
__libm_sse2_log10f
__libm_sse2_logf
__libm_sse2_pow
__libm_sse2_powf
__libm_sse2_sin
__libm_sse2_sinf
__libm_sse2_tan
__libm_sse2_tanf
__mb_cur_max
__p___argc
__p___argv
__p___initenv
__p___mb_cur_max
__p___wargv
__p___winitenv
__p__acmdln
__p__commode
__p__daylight
__p__dstbias
__p__environ
__p__fmode
__p__iob
__p__mbcasemap
__p__mbctype
__p__osplatform
__p__osver
__p__pctype
__p__pgmptr
__p__pwctype
__p__timezone
__p__tzname
__p__wcmdln
__p__wenviron
__p__winmajor
__p__winminor
__p__winver
__p__wpgmptr
__pctype_func
__pioinfo
__pwctype_func
__pxcptinfoptrs
__report_gsfailure
__set_app_type
__set_flsgetvalue
__setlc_active
__setusermatherr
__strncnt
__swprintf_l
__sys_errlist
__sys_nerr
__threadhandle
__threadid
__timezone
__toascii
__tzname
__unDName
__unDNameEx
__unDNameHelper
__uncaught_exception
__unguarded_readlc_active
__vswprintf_l
__wargv
__wcserror
__wcserror_s
__wcsncnt
__wgetmainargs
__winitenv
_abnormal_termination
_abs64
_access
_access_s
_acmdln
_adj_fdiv_m16i
_adj_fdiv_m32
_adj_fdiv_m32i
_adj_fdiv_m64
_adj_fdiv_r
_adj_fdivr_m16i
_adj_fdivr_m32
_adj_fdivr_m32i
_adj_fdivr_m64
_adj_fpatan
_adj_fprem
_adj_fprem1
_adj_fptan
_adjust_fdiv
_aexit_rtn
_aligned_free
_aligned_malloc
_aligned_msize
_aligned_offset_malloc
_aligned_offset_realloc
_aligned_offset_recalloc
_aligned_realloc
_aligned_recalloc
_amsg_exit
_assert
_atodbl
_atodbl_l
_atof_l
_atoflt
_atoflt_l
_atoi64
_atoi64_l
_atoi_l
_atol_l
_atoldbl
_atoldbl_l
_beep
_beginthread
_beginthreadex
_byteswap_uint64
_byteswap_ulong
_byteswap_ushort
_c_exit
_cabs
_calloc_crt
_cexit
_cgets
_cgets_s
_cgetws
_cgetws_s
_chdir
_chdrive
_chgsign
_chkesp
_chmod
_chsize
_chsize_s
_clearfp
_close
_commit
_commode
_configthreadlocale
_control87
_controlfp
_controlfp_s
_copysign
_cprintf
_cprintf_l
_cprintf_p
_cprintf_p_l
_cprintf_s
_cprintf_s_l
_cputs
_cputws
_creat
_create_locale
_crt_debugger_hook
_cscanf
_cscanf_l
_cscanf_s
_cscanf_s_l
_ctime32
_ctime32_s
_ctime64
_ctime64_s
_cwait
_cwprintf
_cwprintf_l
_cwprintf_p
_cwprintf_p_l
_cwprintf_s
_cwprintf_s_l
_cwscanf
_cwscanf_l
_cwscanf_s
_cwscanf_s_l
_daylight
_decode_pointer
_difftime32
_difftime64
_dosmaperr
_dstbias
_dup
_dup2
_dupenv_s
_ecvt
_ecvt_s
_encode_pointer
_encoded_null
_endthread
_endthreadex
_environ
_eof
_errno
_except_handler2
_except_handler3
_except_handler4_common
_execl
_execle
_execlp
_execlpe
_execv
_execve
_execvp
_execvpe
_exit
_expand
_fclose_nolock
_fcloseall
_fcvt
_fcvt_s
_fdopen
_fflush_nolock
_fgetchar
_fgetwc_nolock
_fgetwchar
_filbuf
_filelength
_filelengthi64
_fileno
_findclose
_findfirst32
_findfirst32i64
_findfirst64
_findfirst64i32
_findnext32
_findnext32i64
_findnext64
_findnext64i32
_finite
_flsbuf
_flushall
_fmode
_fpclass
_fpieee_flt
_fpreset
_fprintf_l
_fprintf_p
_fprintf_p_l
_fprintf_s_l
_fputchar
_fputwc_nolock
_fputwchar
_fread_nolock
_fread_nolock_s
_free_locale
_freea
_freea_s
_freefls
_fscanf_l
_fscanf_s_l
_fseek_nolock
_fseeki64
_fseeki64_nolock
_fsopen
_fstat32
_fstat32i64
_fstat64
_fstat64i32
_ftell_nolock
_ftelli64
_ftelli64_nolock
_ftime32
_ftime32_s
_ftime64
_ftime64_s
_ftol
_fullpath
_futime32
_futime64
_fwprintf_l
_fwprintf_p
_fwprintf_p_l
_fwprintf_s_l
_fwrite_nolock
_fwscanf_l
_fwscanf_s_l
_gcvt
_gcvt_s
_get_current_locale
_get_daylight
_get_doserrno
_get_dstbias
_get_errno
_get_fmode
_get_invalid_parameter_handler
_get_osfhandle
_get_osplatform
_get_osver
_get_output_format
_get_pgmptr
_get_printf_count_output
_get_purecall_handler
_get_terminate
_get_timezone
_get_tzname
_get_unexpected
_get_winmajor
_get_winminor
_get_winver
_get_wpgmptr
_getch
_getch_nolock
_getche
_getche_nolock
_getcwd
_getdcwd
_getdcwd_nolock
_getdiskfree
_getdllprocaddr
_getdrive
_getdrives
_getmaxstdio
_getmbcp
_getpid
_getptd
_getsystime
_getw
_getwch
_getwch_nolock
_getwche
_getwche_nolock
_getws
_getws_s
_global_unwind2

Sections

.text
Size: 480KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 176KB - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/GSafe/SSL/nss/nspr4.dll
.dll windows:4 windows x86 arch:x86

2f18ebeca6261a49374a46ce4247a667

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:cc:37:35:e9:ec:1f:c9:71:67:0e:73:e3:69:c7:91
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

30/10/2009, 00:00

Not After

30/10/2010, 23:59

Subject

CN=Mozilla Corporation,OU=Release Engineering,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

83:66:8e:34:d2:cb:0f:40:cd:0b:e1:e4:c6:0c:08:61:4c:d7:08:9b
Signer

Actual PE Digest

83:66:8e:34:d2:cb:0f:40:cd:0b:e1:e4:c6:0c:08:61:4c:d7:08:9b

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\builds\moz2_slave\win32_build\build\obj-firefox\nsprpub\pr\src\nspr4.pdb

Imports

advapi32

AllocateAndInitializeSid
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
InitializeSecurityDescriptor

wsock32

recvfrom
sendto
send
recv
connect
accept
select
__WSAFDIsSet
setsockopt
getpeername
getsockname
shutdown
listen
bind
inet_ntoa
closesocket
WSAStartup
WSACleanup
gethostname
getsockopt
WSAGetLastError
ioctlsocket
ntohl
ntohs
htons
getprotobynumber
getprotobyname
gethostbyaddr
gethostbyname
htonl
socket

winmm

timeGetTime

mozcrt19

_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
_crt_debugger_hook
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_decode_pointer
_encoded_null
_malloc_crt
_encode_pointer
_time64
_stat64i32
_access
_mbspbrk
_mbsdec
_mbsinc
_beginthreadex
_exit
_environ
qsort
_stricmp
strpbrk
strftime
_mktime64
_localtime64
strncmp
_errno
strerror
realloc
calloc
malloc
strrchr
strstr
getenv
memset
strchr
isdigit
strtoul
strtol
isspace
tolower
memchr
sprintf
abort
free
fwrite
fflush
fopen
setvbuf
__iob_func
fclose
sscanf
memcpy
atoi
_strdup
isalpha
_putenv

kernel32

ResumeThread
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedCompareExchange
OpenFileMappingA
GetTickCount
QueryPerformanceCounter
OpenSemaphoreA
LoadLibraryW
LeaveCriticalSection
UnlockFile
LockFile
RemoveDirectoryA
CreateDirectoryA
MoveFileA
GetHandleInformation
SetHandleInformation
GetFileInformationByHandle
SetLastError
FindFirstFileA
GetFullPathNameA
GetDriveTypeA
DeleteFileA
FindNextFileA
FindClose
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
SuspendThread
SetThreadPriority
GetCurrentThread
DuplicateHandle
TlsFree
TlsAlloc
GetThreadContext
ReleaseSemaphore
CreateSemaphoreA
GetCurrentProcess
UnmapViewOfFile
MapViewOfFile
FormatMessageA
CreateFileMappingA
GetVersionExA
TerminateProcess
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
GetEnvironmentStrings
FreeEnvironmentStringsA
GetSystemTime
SystemTimeToFileTime
TlsSetValue
DeleteCriticalSection
InitializeCriticalSection
TlsGetValue
Sleep
GetStdHandle
CreatePipe
CreateFileA
CloseHandle
GlobalMemoryStatus
InterlockedExchange
GetSystemInfo
GetModuleHandleW
GetModuleFileNameW
GetProcAddress
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
GetLastError
LoadLibraryExW
GetModuleHandleA
DebugBreak
EnterCriticalSection
OutputDebugStringA

Exports

Exports

GetExecutionEnvironment
LL_MaxInt
LL_MaxUint
LL_MinInt
LL_Zero
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddToCounter
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AssertCurrentThreadInMonitor
PR_AssertCurrentThreadOwnsLock
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_BlockInterrupt
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CSetOnMonitorRecycle
PR_CWait
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_CancelJob
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateAlarm
PR_CreateCounter
PR_CreateFileMap
PR_CreateIOLayer
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateOrderedLock
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateThreadPool
PR_CreateTrace
PR_CreateWaitGroup
PR_DecrementCounter
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyCounter
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyOrderedLock
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyTrace
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindFunctionSymbolAndLibrary
PR_FindNextCounterQname
PR_FindNextCounterRname
PR_FindNextTraceQname
PR_FindNextTraceRname
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetConnectStatus
PR_GetCounter
PR_GetCounterHandleFromName
PR_GetCounterNameFromHandle
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMemMapAlignment
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPathSeparator
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetPipeMethods
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetRandomNoise
PR_GetSP
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSysfdTableMax
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetTraceEntries
PR_GetTraceHandleFromName
PR_GetTraceNameFromHandle
PR_GetTraceOption
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportPipe
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_IncrementCounter
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinJob
PR_JoinThread
PR_JoinThreadPool
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LockOrderedLock
PR_LogFlush
PR_LogPrint
PR_MakeDir
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenFile
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_ParseTimeStringToExplodedTime
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_QueueJob
PR_QueueJob_Accept
PR_QueueJob_Connect
PR_QueueJob_Read
PR_QueueJob_Timer
PR_QueueJob_Write
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_RecordTraceEntries
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetCounter
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetSysfdTableSize
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_SetTraceOption
PR_ShowStatus
PR_Shutdown
PR_ShutdownThreadPool
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SubtractFromCounter
PR_SuspendAll
PR_Sync
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_Trace
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnblockInterrupt
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_UnlockOrderedLock
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
PT_FPrintStats
SetExecutionEnvironment
_PR_AddSleepQ
_PR_CreateThread
_PR_DelSleepQ
_PR_GetPrimordialCPU
_PR_MD_FREE_CV
_PR_MD_NEW_CV
_PR_MD_NOTIFYALL_CV
_PR_MD_NOTIFY_CV
_PR_MD_UNLOCK
_PR_MD_WAIT_CV
_PR_NativeCreateThread
_pr_push_ipv6toipv4_layer
_pr_test_ipv6_socket
libVersionPoint

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/GSafe/SSL/nss/nss3.dll
.dll windows:4 windows x86 arch:x86

704ea4cc802242fb4a5a244486fbb13f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

softokn3

FC_GetFunctionList
NSC_GetFunctionList
NSC_ModuleDBFunc

plc4

PL_strncasecmp
PL_strlen
libVersionPoint
PL_strcasecmp

plds4

PL_FreeArenaPool
PL_FinishArenaPool
PL_ArenaAllocate
PL_InitArenaPool
PL_HashTableLookupConst
PL_ArenaGrow
PL_CompareValues
PL_HashTableLookup
PL_HashTableRemove
PL_HashTableAdd
PL_NewHashTable
PL_HashTableDestroy
PL_ArenaRelease
PL_HashString
PL_CompareStrings
PL_HashTableEnumerateEntries

nspr4

PR_VersionCheck
PR_Close
PR_Write
PR_InitializeNetAddr
PR_Connect
PR_EnumerateHostEnt
PR_GetHostByName
PR_StringToNetAddr
PR_SecondsToInterval
PR_NewTCPSocket
PR_Recv
PR_Now
PR_NewLock
PR_IntervalNow
PR_CallOnceWithArg
PR_smprintf
PR_Unlock
PR_DestroyLock
PR_UnloadLibrary
PR_FindSymbol
PR_LoadLibrary
PR_AtomicDecrement
PR_AtomicIncrement
LL_Zero
PR_Sleep
PR_SetErrorText
PR_AtomicSet
PR_htonl
PR_ConvertIPv4AddrToIPv6
LL_MinInt
PR_ExplodeTime
PR_GMTParameters
PR_ImplodeTime
PR_SetError
PR_Calloc
PR_Malloc
PR_Realloc
PR_Free
PR_NewCondVar
PR_DestroyCondVar
PR_WaitCondVar
PR_GetCurrentThread
PR_NotifyCondVar
PR_NotifyAllCondVar
PR_FormatTime
PR_LocalTimeParameters
PR_GetError
PR_GetEnv
PR_CallOnce
PR_FindSymbolAndLibrary
PR_NewThreadPrivateIndex
PR_dtoa
PR_GetThreadPrivate
PR_SetThreadPrivate
PR_smprintf_free
PR_Lock

msvcrt

_putenv
_adjust_fdiv
malloc
_initterm
free
printf
toupper
sprintf
qsort
tolower
strncmp
strncpy
strstr
strchr
memmove
atoi
_isctype
__mb_cur_max
_pctype
_mktemp
strrchr

kernel32

DisableThreadLibraryCalls
SetEnvironmentVariableA

Exports

Exports

ATOB_AsciiToData
ATOB_ConvertAsciiToItem
BTOA_ConvertItemToAscii
BTOA_DataToAscii
CERT_AddCertToListTail
CERT_AddExtension
CERT_AddOCSPAcceptableResponses
CERT_AddOKDomainName
CERT_AddRDN
CERT_AsciiToName
CERT_CRLCacheRefreshIssuer
CERT_CacheCRL
CERT_CertChainFromCert
CERT_CertListFromCert
CERT_CertTimesValid
CERT_ChangeCertTrust
CERT_CheckCertUsage
CERT_CheckCertValidTimes
CERT_CompareName
CERT_CompleteCRLDecodeEntries
CERT_CopyName
CERT_CopyRDN
CERT_CreateAVA
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateName
CERT_CreateOCSPCertID
CERT_CreateOCSPRequest
CERT_CreateRDN
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_DecodeAVAValue
CERT_DecodeAltNameExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeAuthKeyID
CERT_DecodeBasicConstraintValue
CERT_DecodeCRLDistributionPoints
CERT_DecodeCertificatePoliciesExtension
CERT_DecodeDERCrl
CERT_DecodeDERCrlWithFlags
CERT_DecodeGeneralName
CERT_DecodeNameConstraintsExtension
CERT_DecodeOCSPResponse
CERT_DecodeOidSequence
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DecodeTrustString
CERT_DecodeUserNotice
CERT_DerNameToAscii
CERT_DestroyCertArray
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificatePoliciesExtension
CERT_DestroyCertificateRequest
CERT_DestroyName
CERT_DestroyOCSPCertID
CERT_DestroyOCSPRequest
CERT_DestroyOCSPResponse
CERT_DestroyOidSequence
CERT_DestroyUserNotice
CERT_DestroyValidity
CERT_DisableOCSPChecking
CERT_DisableOCSPDefaultResponder
CERT_DupCertList
CERT_DupCertificate
CERT_EnableOCSPChecking
CERT_EnableOCSPDefaultResponder
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeCRLDistributionPoints
CERT_EncodeGeneralName
CERT_EncodeOCSPRequest
CERT_ExtractPublicKey
CERT_FilterCertListByCANames
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindCertByDERCert
CERT_FindCertByIssuerAndSN
CERT_FindCertByName
CERT_FindCertByNickname
CERT_FindCertByNicknameOrEmailAddr
CERT_FindCertBySubjectKeyID
CERT_FindCertExtension
CERT_FindCertIssuer
CERT_FindKeyUsageExtension
CERT_FindSMimeProfile
CERT_FindSubjectKeyIDExtension
CERT_FindUserCertByUsage
CERT_FindUserCertsByUsage
CERT_FinishCertificateRequestAttributes
CERT_FinishExtensions
CERT_FormatName
CERT_FreeDistNames
CERT_FreeNicknames
CERT_GenTime2FormattedAscii
CERT_GetAVATag
CERT_GetCertChainFromCert
CERT_GetCertEmailAddress
CERT_GetCertIssuerAndSN
CERT_GetCertNicknames
CERT_GetCertTimes
CERT_GetCertTrust
CERT_GetCertUid
CERT_GetCertificateNames
CERT_GetCertificateRequestExtensions
CERT_GetCommonName
CERT_GetCountryName
CERT_GetDBContentVersion
CERT_GetDefaultCertDB
CERT_GetDomainComponentName
CERT_GetFirstEmailAddress
CERT_GetLocalityName
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
CERT_GetOCSPAuthorityInfoAccessLocation
CERT_GetOCSPResponseStatus
CERT_GetOCSPStatusForCertID
CERT_GetOidString
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_GetPrevGeneralName
CERT_GetPrevNameConstraint
CERT_GetSSLCACerts
CERT_GetSlopTime
CERT_GetStateName
CERT_Hexify
CERT_ImportCAChain
CERT_ImportCAChainTrusted
CERT_ImportCRL
CERT_ImportCerts
CERT_IsCACert
CERT_IsCADERCert
CERT_IsRootDERCert
CERT_IsUserCert
CERT_KeyFromDERCrl
CERT_MakeCANickname
CERT_MergeExtensions
CERT_NameToAscii
CERT_NewCertList
CERT_NicknameStringsFromCertList
CERT_OpenCertDBFilename
CERT_RFC1485_EscapeAndQuote
CERT_RemoveCertListNode
CERT_SaveSMimeProfile
CERT_SetOCSPDefaultResponder
CERT_SetSlopTime
CERT_StartCRLEntryExtensions
CERT_StartCRLExtensions
CERT_StartCertExtensions
CERT_StartCertificateRequestAttributes
CERT_UncacheCRL
CERT_VerifyCACertForUsage
CERT_VerifyCert
CERT_VerifyCertName
CERT_VerifyCertNow
CERT_VerifyCertificate
CERT_VerifyCertificateNow
CERT_VerifyOCSPResponseSignature
CERT_VerifySignedData
CERT_VerifySignedDataWithPublicKey
CERT_VerifySignedDataWithPublicKeyInfo
DER_AsciiToTime
DER_DecodeTimeChoice
DER_Encode
DER_EncodeTimeChoice
DER_GeneralizedTimeToTime
DER_GetInteger
DER_Lengths
DER_TimeToUTCTime
DER_UTCDayToAscii
DER_UTCTimeToAscii
DER_UTCTimeToTime
DSAU_DecodeDerSig
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSig
DSAU_EncodeDerSigWithLen
HASH_Begin
HASH_Clone
HASH_Create
HASH_Destroy
HASH_End
HASH_GetHashObject
HASH_GetHashObjectByOidTag
HASH_GetHashTypeByOidTag
HASH_HashBuf
HASH_ResultLen
HASH_ResultLenByOidTag
HASH_ResultLenContext
HASH_Update
NSSAlgorithmAndParameters_CreateMD5Digest
NSSAlgorithmAndParameters_CreateSHA1Digest
NSSArena_Create
NSSArena_Destroy
NSSBase64Decoder_Create
NSSBase64Decoder_Destroy
NSSBase64Decoder_Update
NSSBase64Encoder_Create
NSSBase64Encoder_Destroy
NSSBase64Encoder_Update
NSSBase64_DecodeBuffer
NSSBase64_EncodeItem
NSSCertificateArray_Destroy
NSSCertificate_BuildChain
NSSCertificate_CreateCryptoContext
NSSCertificate_DeleteStoredObject
NSSCertificate_Destroy
NSSCertificate_Encode
NSSCertificate_Encrypt
NSSCertificate_FindPrivateKey
NSSCertificate_GetModule
NSSCertificate_GetPublicKey
NSSCertificate_GetSlot
NSSCertificate_GetToken
NSSCertificate_GetTrustDomain
NSSCertificate_IsPrivateKeyAvailable
NSSCertificate_Validate
NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
NSSCertificate_ValidateCompletely
NSSCertificate_Verify
NSSCertificate_VerifyRecover
NSSCertificate_WrapSymmetricKey
NSSCryptoContext_BeginDecrypt
NSSCryptoContext_BeginDigest
NSSCryptoContext_BeginEncrypt
NSSCryptoContext_BeginSign
NSSCryptoContext_BeginSignRecover
NSSCryptoContext_BeginVerify
NSSCryptoContext_BeginVerifyRecover
NSSCryptoContext_Clone
NSSCryptoContext_ContinueDecrypt
NSSCryptoContext_ContinueDigest
NSSCryptoContext_ContinueEncrypt
NSSCryptoContext_ContinueSign
NSSCryptoContext_ContinueSignRecover
NSSCryptoContext_ContinueVerify
NSSCryptoContext_ContinueVerifyRecover
NSSCryptoContext_Decrypt
NSSCryptoContext_DeriveSymmetricKey
NSSCryptoContext_Destroy
NSSCryptoContext_Digest
NSSCryptoContext_Encrypt
NSSCryptoContext_FindBestCertificateByEmail
NSSCryptoContext_FindBestCertificateByNameComponents
NSSCryptoContext_FindBestCertificateByNickname
NSSCryptoContext_FindBestCertificateBySubject
NSSCryptoContext_FindBestUserCertificate
NSSCryptoContext_FindBestUserCertificateForEmailSigning
NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
NSSCryptoContext_FindCertificateByEncodedCertificate
NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
NSSCryptoContext_FindCertificateByOCSPHash
NSSCryptoContext_FindCertificatesByEmail
NSSCryptoContext_FindCertificatesByNameComponents
NSSCryptoContext_FindCertificatesByNickname
NSSCryptoContext_FindCertificatesBySubject
NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
NSSCryptoContext_FindUserCertificates
NSSCryptoContext_FindUserCertificatesForEmailSigning
NSSCryptoContext_FindUserCertificatesForSSLClientAuth
NSSCryptoContext_FinishDecrypt
NSSCryptoContext_FinishDigest
NSSCryptoContext_FinishEncrypt
NSSCryptoContext_FinishSign
NSSCryptoContext_FinishSignRecover
NSSCryptoContext_FinishVerify
NSSCryptoContext_FinishVerifyRecover
NSSCryptoContext_GenerateKeyPair
NSSCryptoContext_GenerateSymmetricKey
NSSCryptoContext_GenerateSymmetricKeyFromPassword
NSSCryptoContext_GetDefaultCallback
NSSCryptoContext_GetTrustDomain
NSSCryptoContext_ImportCertificate
NSSCryptoContext_ImportEncodedCertificate
NSSCryptoContext_ImportEncodedPKIXCertificateChain
NSSCryptoContext_ImportPKIXCertificate
NSSCryptoContext_SetDefaultCallback
NSSCryptoContext_Sign
NSSCryptoContext_SignRecover
NSSCryptoContext_UnwrapSymmetricKey
NSSCryptoContext_Verify
NSSCryptoContext_VerifyRecover
NSSCryptoContext_WrapSymmetricKey
NSSPrivateKey_CreateCryptoContext
NSSPrivateKey_Decrypt
NSSPrivateKey_DeleteStoredObject
NSSPrivateKey_DeriveSymmetricKey
NSSPrivateKey_Destroy
NSSPrivateKey_Encode
NSSPrivateKey_FindBestCertificate
NSSPrivateKey_FindCertificates
NSSPrivateKey_FindPublicKey
NSSPrivateKey_GetModule
NSSPrivateKey_GetPrivateModulusLength
NSSPrivateKey_GetSignatureLength
NSSPrivateKey_GetSlot
NSSPrivateKey_GetToken
NSSPrivateKey_GetTrustDomain
NSSPrivateKey_IsStillPresent
NSSPrivateKey_Sign
NSSPrivateKey_SignRecover
NSSPrivateKey_UnwrapSymmetricKey
NSSPublicKey_CreateCryptoContext
NSSPublicKey_DeleteStoredObject
NSSPublicKey_Destroy
NSSPublicKey_Encode
NSSPublicKey_Encrypt
NSSPublicKey_FindBestCertificate
NSSPublicKey_FindCertificates
NSSPublicKey_FindPrivateKey
NSSPublicKey_GetModule
NSSPublicKey_GetSlot
NSSPublicKey_GetToken
NSSPublicKey_GetTrustDomain
NSSPublicKey_Verify
NSSPublicKey_VerifyRecover
NSSPublicKey_WrapSymmetricKey
NSSRWLock_Destroy
NSSRWLock_HaveWriteLock
NSSRWLock_LockRead
NSSRWLock_LockWrite
NSSRWLock_New
NSSRWLock_UnlockRead
NSSRWLock_UnlockWrite
NSSSlotArray_Destroy
NSSSlot_Destroy
NSSSymmetricKey_CreateCryptoContext
NSSSymmetricKey_Decrypt
NSSSymmetricKey_DeleteStoredObject
NSSSymmetricKey_DeriveSymmetricKey
NSSSymmetricKey_Destroy
NSSSymmetricKey_Encrypt
NSSSymmetricKey_GetKeyLength
NSSSymmetricKey_GetKeyStrength
NSSSymmetricKey_GetModule
NSSSymmetricKey_GetSlot
NSSSymmetricKey_GetToken
NSSSymmetricKey_GetTrustDomain
NSSSymmetricKey_IsStillPresent
NSSSymmetricKey_Sign
NSSSymmetricKey_SignRecover
NSSSymmetricKey_UnwrapPrivateKey
NSSSymmetricKey_UnwrapSymmetricKey
NSSSymmetricKey_Verify
NSSSymmetricKey_VerifyRecover
NSSSymmetricKey_WrapPrivateKey
NSSSymmetricKey_WrapSymmetricKey
NSSTime_GetPRTime
NSSTime_Now
NSSTime_SetPRTime
NSSTokenArray_Destroy
NSSToken_Destroy
NSSToken_GetName
NSSTrustDomain_Create
NSSTrustDomain_CreateCryptoContext
NSSTrustDomain_CreateCryptoContextForAlgorithm
NSSTrustDomain_CreateCryptoContextForAlgorithmAndParameters
NSSTrustDomain_Destroy
NSSTrustDomain_DisableToken
NSSTrustDomain_EnableToken
NSSTrustDomain_FindBestCertificateByEmail
NSSTrustDomain_FindBestCertificateByNameComponents
NSSTrustDomain_FindBestCertificateByNickname
NSSTrustDomain_FindBestCertificateBySubject
NSSTrustDomain_FindBestTokenForAlgorithms
NSSTrustDomain_FindBestUserCertificate
NSSTrustDomain_FindBestUserCertificateForEmailSigning
NSSTrustDomain_FindBestUserCertificateForSSLClientAuth
NSSTrustDomain_FindCertificateByEncodedCertificate
NSSTrustDomain_FindCertificateByIssuerAndSerialNumber
NSSTrustDomain_FindCertificateByOCSPHash
NSSTrustDomain_FindCertificatesByEmail
NSSTrustDomain_FindCertificatesByNameComponents
NSSTrustDomain_FindCertificatesByNickname
NSSTrustDomain_FindCertificatesBySubject
NSSTrustDomain_FindSlotByName
NSSTrustDomain_FindSymmetricKeyByAlgorithmAndKeyID
NSSTrustDomain_FindTokenByName
NSSTrustDomain_FindTokenBySlotName
NSSTrustDomain_FindTokenForAlgorithm
NSSTrustDomain_FindUserCertificates
NSSTrustDomain_FindUserCertificatesForEmailSigning
NSSTrustDomain_FindUserCertificatesForSSLClientAuth
NSSTrustDomain_GenerateKeyPair
NSSTrustDomain_GenerateSymmetricKey
NSSTrustDomain_GenerateSymmetricKeyFromPassword
NSSTrustDomain_GetDefaultCallback
NSSTrustDomain_ImportCertificate
NSSTrustDomain_ImportEncodedCertificate
NSSTrustDomain_ImportEncodedCertificateChain
NSSTrustDomain_ImportEncodedPrivateKey
NSSTrustDomain_ImportEncodedPublicKey
NSSTrustDomain_ImportPKIXCertificate
NSSTrustDomain_IsTokenEnabled
NSSTrustDomain_LoadModule
NSSTrustDomain_Login
NSSTrustDomain_Logout
NSSTrustDomain_SetDefaultCallback
NSSTrustDomain_TraverseCertificates
NSSUserCertificate_Decrypt
NSSUserCertificate_DeriveSymmetricKey
NSSUserCertificate_IsStillPresent
NSSUserCertificate_Sign
NSSUserCertificate_SignRecover
NSSUserCertificate_UnwrapSymmetricKey
NSS_GetError
NSS_GetErrorStack
NSS_Get_CERT_CertificateRequestTemplate
NSS_Get_CERT_CertificateTemplate
NSS_Get_CERT_CrlTemplate
NSS_Get_CERT_IssuerAndSNTemplate
NSS_Get_CERT_NameTemplate
NSS_Get_CERT_SequenceOfCertExtensionTemplate
NSS_Get_CERT_SetOfSignedCrlTemplate
NSS_Get_CERT_SignedCrlTemplate
NSS_Get_CERT_SignedDataTemplate
NSS_Get_CERT_SubjectPublicKeyInfoTemplate
NSS_Get_CERT_TimeChoiceTemplate
NSS_Get_SECKEY_DSAPublicKeyTemplate
NSS_Get_SECKEY_EncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate
NSS_Get_SECKEY_PrivateKeyInfoTemplate
NSS_Get_SECKEY_RSAPublicKeyTemplate
NSS_Get_SECOID_AlgorithmIDTemplate
NSS_Get_SEC_AnyTemplate
NSS_Get_SEC_BMPStringTemplate
NSS_Get_SEC_BitStringTemplate
NSS_Get_SEC_BooleanTemplate
NSS_Get_SEC_GeneralizedTimeTemplate
NSS_Get_SEC_IA5StringTemplate
NSS_Get_SEC_IntegerTemplate
NSS_Get_SEC_NullTemplate
NSS_Get_SEC_ObjectIDTemplate
NSS_Get_SEC_OctetStringTemplate
NSS_Get_SEC_PointerToAnyTemplate
NSS_Get_SEC_PointerToOctetStringTemplate
NSS_Get_SEC_SetOfAnyTemplate
NSS_Get_SEC_SignedCertificateTemplate
NSS_Get_SEC_UTCTimeTemplate
NSS_Get_SEC_UTF8StringTemplate
NSS_Get_sgn_DigestInfoTemplate
NSS_Init
NSS_InitReadWrite
NSS_Initialize
NSS_IsInitialized
NSS_NoDB_Init
NSS_PutEnv
NSS_Shutdown
NSS_VersionCheck
PBE_CreateContext
PBE_DestroyContext
PBE_GenerateBits
PK11SDR_Decrypt
PK11SDR_Encrypt
PK11_AlgtagToMechanism
PK11_Authenticate
PK11_BlockData
PK11_ChangePW
PK11_CheckSSOPassword
PK11_CheckUserPassword
PK11_CipherOp
PK11_CloneContext
PK11_ConfigurePKCS11
PK11_ConvertSessionPrivKeyToTokenPrivKey
PK11_ConvertSessionSymKeyToTokenSymKey
PK11_CopySymKeyForSigning
PK11_CreateContextBySymKey
PK11_CreateDigestContext
PK11_CreatePBEAlgorithmID
PK11_CreatePBEParams
PK11_DEREncodePublicKey
PK11_DeleteTokenCertAndKey
PK11_DeleteTokenPrivateKey
PK11_DeleteTokenPublicKey
PK11_DeleteTokenSymKey
PK11_Derive
PK11_DeriveWithFlags
PK11_DeriveWithFlagsPerm
PK11_DestroyContext
PK11_DestroyGenericObject
PK11_DestroyGenericObjects
PK11_DestroyObject
PK11_DestroyPBEParams
PK11_DestroyTokenObject
PK11_DigestBegin
PK11_DigestFinal
PK11_DigestKey
PK11_DigestOp
PK11_DoesMechanism
PK11_ExportEncryptedPrivKeyInfo
PK11_ExportEncryptedPrivateKeyInfo
PK11_ExportPrivateKeyInfo
PK11_ExtractKeyValue
PK11_Finalize
PK11_FindBestKEAMatch
PK11_FindCertAndKeyByRecipientList
PK11_FindCertAndKeyByRecipientListNew

Sections

.text
Size: 256KB - Virtual size: 254KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/GSafe/SSL/nss/plc4.dll
.dll windows:4 windows x86 arch:x86

117580383d9705e2154f4772a3d7b5cb

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:cc:37:35:e9:ec:1f:c9:71:67:0e:73:e3:69:c7:91
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

30/10/2009, 00:00

Not After

30/10/2010, 23:59

Subject

CN=Mozilla Corporation,OU=Release Engineering,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

cc:70:80:81:64:7c:aa:20:f6:e7:7c:79:78:8d:b5:cc:58:67:d6:7a
Signer

Actual PE Digest

cc:70:80:81:64:7c:aa:20:f6:e7:7c:79:78:8d:b5:cc:58:67:d6:7a

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\builds\moz2_slave\win32_build\build\obj-firefox\nsprpub\lib\libc\src\plc4.pdb

Imports

nspr4

PR_SetError
PR_Calloc
PR_GetSpecialFD
PR_GetError
PR_GetOSError
PR_ErrorToName
PR_fprintf
PR_Free
PR_Malloc

mozcrt19

strrchr
strpbrk
strstr
_encode_pointer
_malloc_crt
strchr
_decode_pointer
_initterm
_initterm_e
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
strncmp
free
memcpy
malloc
_encoded_null

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
QueryPerformanceCounter

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 940B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 548B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/GSafe/SSL/nss/plds4.dll
.dll windows:4 windows x86 arch:x86

b39362cc8da8c2533578c138bce5d210

Code Sign

01
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

01/08/1996, 00:00

Not After

31/12/2020, 23:59

Subject

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

0a
Certificate

Issuer

CN=Thawte Premium Server CA,OU=Certification Services Division,O=Thawte Consulting cc,L=Cape Town,ST=Western Cape,C=ZA,1.2.840.113549.1.9.1=#0c197072656d69756d2d736572766572407468617774652e636f6d

Not Before

06/08/2003, 00:00

Not After

05/08/2013, 23:59

Subject

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

Issuer

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Not Before

15/06/2007, 00:00

Not After

14/06/2012, 23:59

Subject

CN=VeriSign Time Stamping Services Signer - G2,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

04/12/2003, 00:00

Not After

03/12/2013, 23:59

Subject

CN=VeriSign Time Stamping Services CA,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

25:cc:37:35:e9:ec:1f:c9:71:67:0e:73:e3:69:c7:91
Certificate

Issuer

CN=Thawte Code Signing CA,O=Thawte Consulting (Pty) Ltd.,C=ZA

Not Before

30/10/2009, 00:00

Not After

30/10/2010, 23:59

Subject

CN=Mozilla Corporation,OU=Release Engineering,O=Mozilla Corporation,L=Mountain View,ST=California,C=US

Extended Key Usages

ExtKeyUsageCodeSigning
ExtKeyUsageMicrosoftCommercialCodeSigning

ff:5e:b7:34:6c:7a:5f:eb:d7:1b:94:2c:62:fd:b8:88:c0:01:4d:5d
Signer

Actual PE Digest

ff:5e:b7:34:6c:7a:5f:eb:d7:1b:94:2c:62:fd:b8:88:c0:01:4d:5d

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

e:\builds\moz2_slave\win32_build\build\obj-firefox\nsprpub\lib\ds\plds4.pdb

Imports

nspr4

PR_DestroyLock
PR_Free
PR_Malloc
PR_CeilingLog2
PR_Unlock
PR_CallOnce
PR_Lock
PR_NewLock

mozcrt19

_decode_pointer
_initterm
_encoded_null
_amsg_exit
_adjust_fdiv
__CppXcptFilter
__clean_type_info_names_internal
_unlock
__dllonexit
_lock
_onexit
_except_handler4_common
_crt_debugger_hook
free
_malloc_crt
_encode_pointer
memset
memcpy
_initterm_e

kernel32

IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
DisableThreadLibraryCalls
InterlockedCompareExchange
Sleep
InterlockedExchange
GetTickCount

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
libVersionPoint

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 524B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/GSafe/SSL/nss/smime3.dll
.dll windows:4 windows x86 arch:x86

63f1666a383df6c6d3edc57a30e32345

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

nss3

SECITEM_ArenaDupItem
SECITEM_CopyItem
SECOID_FindOIDByTag
PORT_ArenaMark
PORT_SetError
SECOID_FindOID
NSS_Get_CERT_TimeChoiceTemplate
NSS_Get_SEC_ObjectIDTemplate
NSS_Get_SEC_IA5StringTemplate
NSS_Get_SEC_AnyTemplate
SEC_ASN1EncodeItem
PK11_FreeSymKey
SECITEM_AllocItem
SECOID_GetAlgorithmTag
SECOID_SetAlgorithmID
SECOID_CopyAlgorithmID
PK11_GetKeyStrength
PK11_ReferenceSymKey
PK11_DestroyContext
PK11_CipherOp
PORT_Free
PK11_CreateContextBySymKey
PK11_FreeSlot
PK11_IsHW
PK11_GetSlotFromKey
PK11_GetBlockSize
SECITEM_FreeItem
PORT_ZAlloc
SECITEM_ZfreeItem
PK11_MapPBEMechanismToCryptoMechanism
PK11_ParamFromAlgid
PK11_AlgtagToMechanism
SEC_PKCS5IsAlgorithmPBEAlg
PK11_ParamToAlgid
PK11_GenerateNewParam
SEC_ASN1DecoderSetNotifyProc
SEC_ASN1DecoderStart
PORT_GetError
SEC_ASN1DecoderClearFilterProc
SEC_ASN1DecoderSetFilterProc
SEC_ASN1DecoderFinish
PORT_Alloc
SEC_ASN1DecoderUpdate
SEC_ASN1EncodeInteger
PORT_FreeArena
PORT_NewArena
SECOID_DestroyAlgorithmID
PK11_CreatePBEAlgorithmID
SEC_ASN1EncoderUpdate
SEC_ASN1EncoderSetNotifyProc
SEC_ASN1EncoderSetStreaming
SEC_ASN1EncoderStart
SEC_ASN1EncoderSetTakeFromBuf
SEC_ASN1EncoderClearNotifyProc
SEC_ASN1EncoderFinish
SEC_ASN1EncoderClearStreaming
SEC_ASN1EncoderClearTakeFromBuf
PK11_KeyGen
PK11_GetBestSlot
PK11_FindCertAndKeyByRecipientListNew
PK11_SetPasswordFunc
SECKEY_DestroyPublicKey
CERT_ExtractPublicKey
PK11_PubWrapSymKey
SECKEY_PublicKeyStrength
SECKEY_GetPublicKeyType
PK11_PubUnwrapSymKey
PK11_GetKeyLength
PK11_WrapSymKey
SECKEY_DestroyPrivateKey
PK11_PubDerive
PK11_FindKeyByAnyCert
CERT_DestroyCertificate
PK11_FindBestKEAMatch
NSS_Get_SEC_IntegerTemplate
PK11_UnwrapSymKey
PK11_MakeKEAPubKey
SEC_ASN1DecodeItem
SECKEY_DestroySubjectPublicKeyInfo
SECKEY_CopyPublicKey
CERT_GetCertIssuerAndSN
CERT_DupCertificate
SECKEY_CreateSubjectPublicKeyInfo
SEC_QuickDERDecodeItem
CERT_FindSubjectKeyIDExtension
SEC_ASN1DecodeInteger
PK11_FindPrivateKeyFromCert
SECKEY_CopyPrivateKey
CERT_DestroyCertificateList
CERT_DestroyCertList
CERT_DestroyCertArray
NSS_Get_SEC_PointerToAnyTemplate
PORT_ArenaRelease
CERT_FilterCertListByUsage
CERT_AddCertToListTail
CERT_NewCertList
CERT_ImportCerts
CERT_FindCertByDERCert
SGN_Digest
SEC_SignData
PK11_FortezzaMapSig
VFY_VerifyDigest
VFY_VerifyData
DER_DecodeTimeChoice
CERT_FindCertByIssuerAndSN
CERT_FindCertBySubjectKeyID
CERT_GetCommonName
PORT_Strdup
DER_EncodeTimeChoice
PK11_FortezzaHasKEA
CERT_SaveSMimeProfile
CERT_GetDefaultCertDB
CERT_CertListFromCert
SECOID_CompareAlgorithmID
SECITEM_ItemsAreEqual
HASH_GetHashObjectByOidTag
SECOID_FindOIDTag
CERT_FindSMimeProfile
NSS_VersionCheck
NSS_Get_sgn_DigestInfoTemplate
NSS_Get_SECKEY_PrivateKeyInfoTemplate
NSS_Get_SECKEY_PointerToEncryptedPrivateKeyInfoTemplate
PK11_GenerateRandom
PK11_HashBuf
PK11_DigestFinal
PK11_DigestOp
PK11_DigestBegin
SGN_CreateDigestInfo
PORT_UCS2_ASCIIConversion
SGN_DestroyDigestInfo
SECITEM_CompareItem
PORT_Realloc
PORT_UCS2_UTF8Conversion
SGN_CopyDigestInfo
DER_GetInteger
SEC_PKCS5GetKeyLength
SEC_PKCS5GetCryptoAlgorithm
NSS_Get_SECKEY_PointerToPrivateKeyInfoTemplate
NSS_Get_SEC_BMPStringTemplate
PK11_GetInternalSlot
PK11_ReferenceSlot
PK11_PBEKeyGen
PK11_GetInternalKeySlot
PORT_ArenaStrdup
PK11_IsInternal
SECKEY_DestroyEncryptedPrivateKeyInfo
SECKEY_CopyEncryptedPrivateKeyInfo
PK11_ExportEncryptedPrivateKeyInfo
SECKEY_DestroyPrivateKeyInfo
SECKEY_CopyPrivateKeyInfo
PK11_ExportPrivateKeyInfo
__CERT_NewTempCertificate
PK11_DestroyPBEParams
PK11_CreatePBEParams
SECITEM_DupItem
SEC_ASN1DecoderClearNotifyProc
PORT_ZFree
__CERT_DecodeDERCertificate
PK11_GetTokenName
PK11_TraverseCertsForSubjectInSlot
PK11_TraverseCertsForNicknameInSlot
PK11_FindKeyByDERCert
PK11_ImportDERCert
PK11_ImportCertForKeyToSlot
CERT_IsRootDERCert
CERT_IsCADERCert
PK11_ImportPrivateKeyInfo
PK11_ImportEncryptedPrivateKeyInfo
ATOB_ConvertAsciiToItem
ATOB_AsciiToData
PK11_RawPBEKeyGen
PK11_FindCertAndKeyByRecipientList
SEC_ASN1DecoderAbort
HASH_ResultLen
HASH_GetHashTypeByOidTag
SEC_ASN1EncoderAbort
SEC_ASN1Encode
NSS_Get_CERT_IssuerAndSNTemplate
NSS_Get_CERT_SetOfSignedCrlTemplate
CERT_VerifyCert
PORT_ArenaUnmark
NSS_Get_SECOID_AlgorithmIDTemplate
NSS_Get_SEC_BitStringTemplate
NSS_Get_SEC_OctetStringTemplate
NSS_Get_SEC_PointerToOctetStringTemplate
NSS_Get_SEC_SetOfAnyTemplate
PORT_ArenaAlloc
PORT_ArenaGrow
CERT_CertChainFromCert
PORT_ArenaZAlloc

plc4

PL_strncasecmp

nspr4

PR_Now

msvcrt

malloc
_initterm
memmove
strchr
free
_adjust_fdiv

kernel32

DisableThreadLibraryCalls

Exports

Exports

CERT_ConvertAndDecodeCertificate
CERT_DecodeCertFromPackage
CERT_DecodeCertPackage
NSSSMIME_VersionCheck
NSS_CMSContentInfo_GetBulkKey
NSS_CMSContentInfo_GetBulkKeySize
NSS_CMSContentInfo_GetContent
NSS_CMSContentInfo_GetContentEncAlgTag
NSS_CMSContentInfo_GetContentTypeTag
NSS_CMSContentInfo_SetBulkKey
NSS_CMSContentInfo_SetContent
NSS_CMSContentInfo_SetContentEncAlg
NSS_CMSContentInfo_SetContent_Data
NSS_CMSContentInfo_SetContent_DigestedData
NSS_CMSContentInfo_SetContent_EncryptedData
NSS_CMSContentInfo_SetContent_EnvelopedData
NSS_CMSContentInfo_SetContent_SignedData
NSS_CMSDEREncode
NSS_CMSDecoder_Cancel
NSS_CMSDecoder_Finish
NSS_CMSDecoder_Start
NSS_CMSDecoder_Update
NSS_CMSDigestContext_Cancel
NSS_CMSDigestContext_FinishMultiple
NSS_CMSDigestContext_FinishSingle
NSS_CMSDigestContext_StartMultiple
NSS_CMSDigestContext_StartSingle
NSS_CMSDigestContext_Update
NSS_CMSDigestedData_Create
NSS_CMSDigestedData_Destroy
NSS_CMSDigestedData_GetContentInfo
NSS_CMSEncoder_Cancel
NSS_CMSEncoder_Finish
NSS_CMSEncoder_Start
NSS_CMSEncoder_Update
NSS_CMSEncryptedData_Create
NSS_CMSEncryptedData_Destroy
NSS_CMSEncryptedData_GetContentInfo
NSS_CMSEnvelopedData_AddRecipient
NSS_CMSEnvelopedData_Create
NSS_CMSEnvelopedData_Destroy
NSS_CMSEnvelopedData_GetContentInfo
NSS_CMSMessage_ContentLevel
NSS_CMSMessage_ContentLevelCount
NSS_CMSMessage_Copy
NSS_CMSMessage_Create
NSS_CMSMessage_CreateFromDER
NSS_CMSMessage_Destroy
NSS_CMSMessage_GetContent
NSS_CMSMessage_GetContentInfo
NSS_CMSMessage_IsEncrypted
NSS_CMSMessage_IsSigned
NSS_CMSRecipientInfo_Create
NSS_CMSRecipientInfo_CreateFromDER
NSS_CMSRecipientInfo_CreateNew
NSS_CMSRecipientInfo_CreateWithSubjKeyID
NSS_CMSRecipientInfo_CreateWithSubjKeyIDFromCert
NSS_CMSRecipientInfo_Destroy
NSS_CMSRecipientInfo_Encode
NSS_CMSRecipientInfo_GetCertAndKey
NSS_CMSRecipientInfo_UnwrapBulkKey
NSS_CMSRecipientInfo_WrapBulkKey
NSS_CMSSignedData_AddCertChain
NSS_CMSSignedData_AddCertList
NSS_CMSSignedData_AddCertificate
NSS_CMSSignedData_AddDigest
NSS_CMSSignedData_AddSignerInfo
NSS_CMSSignedData_Create
NSS_CMSSignedData_CreateCertsOnly
NSS_CMSSignedData_Destroy
NSS_CMSSignedData_GetContentInfo
NSS_CMSSignedData_GetDigestAlgs
NSS_CMSSignedData_GetSignerInfo
NSS_CMSSignedData_HasDigests
NSS_CMSSignedData_ImportCerts
NSS_CMSSignedData_SetDigestValue
NSS_CMSSignedData_SetDigests
NSS_CMSSignedData_SignerInfoCount
NSS_CMSSignedData_VerifyCertsOnly
NSS_CMSSignedData_VerifySignerInfo
NSS_CMSSignerInfo_AddMSSMIMEEncKeyPrefs
NSS_CMSSignerInfo_AddSMIMECaps
NSS_CMSSignerInfo_AddSMIMEEncKeyPrefs
NSS_CMSSignerInfo_AddSigningTime
NSS_CMSSignerInfo_Create
NSS_CMSSignerInfo_CreateWithSubjKeyID
NSS_CMSSignerInfo_Destroy
NSS_CMSSignerInfo_GetCertList
NSS_CMSSignerInfo_GetSignerCommonName
NSS_CMSSignerInfo_GetSignerEmailAddress
NSS_CMSSignerInfo_GetSigningCertificate
NSS_CMSSignerInfo_GetSigningTime
NSS_CMSSignerInfo_GetVerificationStatus
NSS_CMSSignerInfo_GetVersion
NSS_CMSSignerInfo_IncludeCerts
NSS_CMSUtil_VerificationStatusToString
NSS_SMIMESignerInfo_SaveSMIMEProfile
NSS_SMIMEUtil_FindBulkAlgForRecipients
SECMIME_DecryptionAllowed
SEC_PKCS12AddCertAndKey
SEC_PKCS12AddPasswordIntegrity
SEC_PKCS12CreateExportContext
SEC_PKCS12CreatePasswordPrivSafe
SEC_PKCS12CreateUnencryptedSafe
SEC_PKCS12DecoderFinish
SEC_PKCS12DecoderGetCerts
SEC_PKCS12DecoderImportBags
SEC_PKCS12DecoderIterateInit
SEC_PKCS12DecoderIterateNext
SEC_PKCS12DecoderSetTargetTokenCAs
SEC_PKCS12DecoderStart
SEC_PKCS12DecoderUpdate
SEC_PKCS12DecoderValidateBags
SEC_PKCS12DecoderVerify
SEC_PKCS12DestroyExportContext
SEC_PKCS12EnableCipher
SEC_PKCS12Encode
SEC_PKCS12IsEncryptionAllowed
SEC_PKCS12SetPreferredCipher
SEC_PKCS7AddCertificate
SEC_PKCS7AddRecipient
SEC_PKCS7AddSigningTime
SEC_PKCS7ContainsCertsOrCrls
SEC_PKCS7ContentIsEncrypted
SEC_PKCS7ContentIsSigned
SEC_PKCS7ContentType
SEC_PKCS7CopyContentInfo
SEC_PKCS7CreateCertsOnly
SEC_PKCS7CreateData
SEC_PKCS7CreateEncryptedData
SEC_PKCS7CreateEnvelopedData
SEC_PKCS7CreateSignedData
SEC_PKCS7DecodeItem
SEC_PKCS7DecoderAbort
SEC_PKCS7DecoderFinish
SEC_PKCS7DecoderStart
SEC_PKCS7DecoderUpdate
SEC_PKCS7DecryptContents
SEC_PKCS7DestroyContentInfo
SEC_PKCS7Encode
SEC_PKCS7EncodeItem
SEC_PKCS7EncoderAbort
SEC_PKCS7EncoderFinish
SEC_PKCS7EncoderStart
SEC_PKCS7EncoderUpdate
SEC_PKCS7GetCertificateList
SEC_PKCS7GetContent
SEC_PKCS7GetEncryptionAlgorithm
SEC_PKCS7GetSignerCommonName
SEC_PKCS7GetSignerEmailAddress
SEC_PKCS7GetSigningTime
SEC_PKCS7IncludeCertChain
SEC_PKCS7IsContentEmpty
SEC_PKCS7SetContent
SEC_PKCS7VerifyDetachedSignature
SEC_PKCS7VerifySignature

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$TEMP/GSafe/SSL/nss/softokn3.dll
.dll windows:4 windows x86 arch:x86

c8d7acb564d2040c70f541793dbd89e0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

plc4

PL_strncasecmp
libVersionPoint
PL_strcasecmp

plds4

PL_ArenaAllocate
PL_InitArenaPool
PL_HashTableLookup
PL_HashTableRemove
PL_FinishArenaPool
PL_HashTableDestroy
PL_HashTableAdd
PL_CompareValues
PL_NewHashTable
PL_HashTableLookupConst
PL_FreeArenaPool
PL_ArenaGrow
PL_ArenaRelease
PL_HashTableEnumerateEntries

nspr4

PR_GetLibraryFilePathname
PR_Malloc
PR_Realloc
PR_Calloc
PR_GetEnv
PR_Sleep
PR_NewCondVar
PR_DestroyCondVar
PR_WaitCondVar
PR_GetCurrentThread
PR_NotifyCondVar
PR_NotifyAllCondVar
PR_ImplodeTime
PR_Seek
PR_CallOnce
PR_ntohl
PR_AtomicDecrement
PR_AtomicIncrement
PR_NewLock
PR_htonl
PR_NewMonitor
PR_DestroyMonitor
PR_ExitMonitor
PR_EnterMonitor
PR_Now
PR_Lock
PR_Unlock
PR_DestroyLock
PR_Access
PR_MkDir
PR_Write
PR_Delete
PR_Read
PR_OpenFile
PR_CreateFileMap
PR_GetError
PR_MemMap
PR_Close
PR_SetError
PR_MemUnmap
PR_CloseFileMap
PR_LoadLibrary
PR_FindSymbol
PR_UnloadLibrary
PR_smprintf
PR_Free
PR_smprintf_free
PR_Open

msvcrt

_read
_open
_strdup
_unlink
_close
_lseek
_write
_stat
_adjust_fdiv
_initterm
getenv
memmove
_get_osfhandle
malloc
_errno
abort
rand
free
calloc
fopen
fread
fclose
_findfirst
_findnext
_findclose
time
sprintf
strncpy
__mb_cur_max
_isctype
_pctype
atoi
tolower
strncmp
_getpid

kernel32

GetVolumeInformationA
QueryPerformanceCounter
GetDiskFreeSpaceA
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
GetLogicalDrives
GlobalMemoryStatus
GetSystemDirectoryA
DisableThreadLibraryCalls
FlushFileBuffers
GetTickCount

Exports

Exports

C_GetFunctionList
FC_GetFunctionList
NSC_GetFunctionList
NSC_ModuleDBFunc
NSSRWLock_Destroy
NSSRWLock_HaveWriteLock
NSSRWLock_LockRead
NSSRWLock_LockWrite
NSSRWLock_New
NSSRWLock_UnlockRead
NSSRWLock_UnlockWrite
dbopen
mktemp
nssRWLock_AtomicCreate
sec_port_ucs2_utf8_conversion_function
sec_port_ucs4_utf8_conversion_function

Sections

.text
Size: 268KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GSafe.exe
.exe windows:4 windows x86 arch:x86

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

1b:e7:15
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

01/01/2014, 07:00

Not After

30/05/2031, 07:00

Subject

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07
Certificate

Issuer

CN=Go Daddy Root Certificate Authority - G2,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

03/05/2011, 07:00

Not After

03/05/2031, 07:00

Subject

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

dc:c6:83:2c:b9:6e:85:f8
Certificate

Issuer

CN=Go Daddy Secure Certificate Authority - G2,OU=http://certs.godaddy.com/repository/,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

02/04/2015, 13:13

Not After

20/10/2015, 21:14

Subject

CN=GENCO LABS LLC,O=GENCO LABS LLC,L=Lewes,ST=Delaware,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

12:82:44:f4:76:72:53:02:05:6b:68:43:f3:91:74:55:af:3e:6c:ff
Signer

Actual PE Digest

12:82:44:f4:76:72:53:02:05:6b:68:43:f3:91:74:55:af:3e:6c:ff

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

CODE
Size: 364KB - Virtual size: 363KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: - Virtual size: 3KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 16B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ProtocolFilters.dll
.dll windows:4 windows x86 arch:x86

58ee2c05a2deaf8019e3ea4b06bc2434

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
GetFileSize
SetEndOfFile
GetTempPathW
GetTempFileNameW
OpenProcess
CreateDirectoryW
ReadFile
GetProcAddress
FreeLibrary
ProcessIdToSessionId
GetTickCount
SetFilePointer
CreateFileW
InitializeCriticalSection
GetFileAttributesW
SetEvent
CreateEventA
ResetEvent
LeaveCriticalSection
lstrlenA
EnterCriticalSection
DeleteCriticalSection
FindClose
FindNextFileW
FindFirstFileW
ExpandEnvironmentStringsW
CloseHandle
WaitForSingleObject
CreateProcessW
LoadLibraryA
GetLastError
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
CreateFileA
GetCurrentProcessId
GetStartupInfoA
GetFileType
SetHandleCount
RtlUnwind
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsValidCodePage
GetOEMCP
GetACP
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetModuleFileNameA
GetStdHandle
ExitProcess
GetModuleHandleA
VirtualAlloc
WideCharToMultiByte
VirtualFree
HeapCreate
HeapDestroy
GetProcessHeap
GetVersionExA
GetCommandLineA
HeapReAlloc
CreateThread
GetCurrentThreadId
ExitThread
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
MultiByteToWideChar
HeapAlloc
HeapFree
GetConsoleCP
GetConsoleMode
RaiseException
Sleep
HeapSize
LCMapStringA
LCMapStringW

advapi32

OpenProcessToken
LookupAccountSidA
LookupAccountSidW
DuplicateTokenEx
ImpersonateLoggedOnUser
RevertToSelf
GetTokenInformation

oleaut32

SysAllocString
VariantClear
SysFreeString

crypt32

CertFreeCertificateContext
CertOpenStore
CertCloseStore
CertGetCertificateChain
CertVerifyCertificateChainPolicy
CertFreeCertificateChain
CertFindCertificateInStore
CertAddCertificateContextToStore
CertAddEncodedCertificateToStore
PFXExportCertStoreEx

ssleay32

ord48
ord86
ord110
ord172
ord82
ord83
ord75
ord112
ord12
ord22
ord8
ord43
ord78
ord58
ord35
ord166
ord265
ord155
ord94
ord60
ord61
ord96
ord84
ord284
ord108
ord74
ord183
ord28

libeay32

ord566
ord2442
ord181
ord1958
ord1654
ord1653
ord664
ord2746
ord909
ord1299
ord444
ord1318
ord2734
ord1317
ord2672
ord83
ord1308
ord1291
ord109
ord170
ord581
ord653
ord2291
ord3205
ord2639
ord364
ord2684
ord58
ord578
ord579
ord657
ord648
ord129
ord164
ord2239
ord150
ord649
ord541
ord298
ord633
ord254
ord1177
ord224
ord1508
ord2604
ord246
ord639
ord851
ord857
ord281
ord333
ord667
ord658
ord668
ord669
ord672
ord1912
ord573
ord656
ord670
ord673
ord279
ord485
ord283
ord2186
ord641
ord66
ord89
ord52
ord421
ord95
ord78
ord754
ord674

ws2_32

WSAStartup
WSACleanup
ntohl
htons
ntohs
WSAAddressToStringA

Exports

Exports

PFHeaderField_getName
PFHeaderField_getUnfoldedValue
PFHeaderField_getValue
PFHeader_addField
PFHeader_clear
PFHeader_create
PFHeader_findFirstField
PFHeader_free
PFHeader_getField
PFHeader_parse
PFHeader_removeFields
PFHeader_size
PFObject_clear
PFObject_clone
PFObject_create
PFObject_detach
PFObject_free
PFObject_getStream
PFObject_getStreamCount
PFObject_getType
PFObject_isReadOnly
PFObject_setReadOnly
PFObject_setType
PFStream_copyTo
PFStream_read
PFStream_reset
PFStream_seek
PFStream_setEndOfStream
PFStream_size
PFStream_write
pfc_addFilter
pfc_canDisableFiltering
pfc_deleteFilter
pfc_free
pfc_getFilterCount
pfc_getNFEventHandler
pfc_getProcessOwnerA
pfc_getProcessOwnerW
pfc_init
pfc_isFilterActive
pfc_postObject
pfc_readHeader
pfc_setRootSSLCertImportFlags
pfc_setRootSSLCertSubject
pfc_unzipStream
pfc_writeHeader

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
gfilterdrv.sys
.sys windows:6 windows x64 arch:x64

5d6531f43a7f4769f3df115e0335e1ba

Code Sign

7e:93:eb:fb:7c:c6:4e:59:ea:4b:9a:77:d4:06:fc:3b
Certificate

Issuer

CN=Thawte Timestamping CA,OU=Thawte Certification,O=Thawte,L=Durbanville,ST=Western Cape,C=ZA

Not Before

21/12/2012, 00:00

Not After

30/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

0e:cf:f4:38:c8:fe:bf:35:6e:04:d8:6a:98:1b:1a:50
Certificate

Issuer

CN=Symantec Time Stamping Services CA - G2,O=Symantec Corporation,C=US

Not Before

18/10/2012, 00:00

Not After

29/12/2020, 23:59

Subject

CN=Symantec Time Stamping Services Signer - G4,O=Symantec Corporation,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

03:01
Certificate

Issuer

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Not Before

16/11/2006, 01:54

Not After

16/11/2026, 01:54

Subject

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

27:72:74:bf:0f:d1:b3
Certificate

Issuer

SERIALNUMBER=07969287,CN=Go Daddy Secure Certification Authority,OU=http://certificates.godaddy.com/repository,O=GoDaddy.com\, Inc.,L=Scottsdale,ST=Arizona,C=US

Not Before

22/10/2014, 02:47

Not After

20/10/2015, 21:14

Subject

CN=GENCO LABS LLC,O=GENCO LABS LLC,L=Lewes,ST=Delaware,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

33:00:00:00:37:b9:08:f8:71:ee:b5:e9:94:00:00:00:00:00:37
Certificate

Issuer

CN=Microsoft Code Verification Root,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

27/08/2013, 17:38

Not After

27/08/2023, 17:48

Subject

OU=Go Daddy Class 2 Certification Authority,O=The Go Daddy Group\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

60:25:dc:6d:cb:65:dd:d0:06:6b:40:b8:b0:7b:69:fd:04:30:0d:f1
Signer

Actual PE Digest

60:25:dc:6d:cb:65:dd:d0:06:6b:40:b8:b0:7b:69:fd:04:30:0d:f1

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

h:\projects\netfilter3\driver_tdi\std\objfre_wnet_amd64\amd64\netfilter2.pdb

Imports

ntoskrnl.exe

KeAcquireSpinLockRaiseToDpc
KeReleaseSpinLock
IofCompleteRequest
IoCreateSymbolicLink
IoCreateDevice
IoDeleteSymbolicLink
IoDeleteDevice
IoDetachDevice
ObfDereferenceObject
IofCallDriver
IoBuildDeviceIoControlRequest
MmBuildMdlForNonPagedPool
IoFreeMdl
KeInsertQueueDpc
PsGetCurrentProcessId
IoAllocateMdl
ObReferenceObjectByHandle
ExAllocatePoolWithTag
IoAllocateIrp
IoReleaseCancelSpinLock
MmMapLockedPagesSpecifyCache
KeInitializeDpc
KeInitializeTimer
RtlAppendUnicodeToString
RtlInitUnicodeString
IoGetDeviceObjectPointer
IoAttachDeviceToDeviceStack
MmUnmapLockedPages
KeInitializeEvent
MmAllocatePagesForMdl
KeWaitForSingleObject
KeSetTimer
ObfReferenceObject
MmFreePagesFromMdl
KeBugCheckEx
IoFreeIrp
ExFreePoolWithTag
__C_specific_handler

tdi.sys

TdiMapUserRequest

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
libeay32.dll
.dll windows:4 windows x86 arch:x86

52def8dcbbeb7ebfdeeee698ac9a7951

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\projects\NetFilter2\ProtocolFilters\openssl\out32dll\libeay32.pdb

Imports

ws2_32

sendto
recvfrom
bind
listen
accept
ntohl
ioctlsocket
WSACleanup
WSAStartup
gethostbyname
getsockopt
getservbyname
ntohs
htons
htonl
socket
setsockopt
connect
send
WSASetLastError
recv
WSAGetLastError
shutdown
closesocket

gdi32

CreateCompatibleDC
GetDeviceCaps
CreateCompatibleBitmap
SelectObject
GetObjectA
BitBlt
GetBitmapBits
DeleteObject
DeleteDC
CreateDCA

advapi32

ReportEventA
DeregisterEventSource
RegisterEventSourceA

user32

MessageBoxA
GetDesktopWindow
GetProcessWindowStation
GetUserObjectInformationW

kernel32

FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
LCMapStringW
GetEnvironmentStringsW
SetEndOfFile
GetCurrentDirectoryA
GetFullPathNameA
RtlUnwind
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
CompareStringA
CreateFileW
CompareStringW
SetEnvironmentVariableA
LCMapStringA
WideCharToMultiByte
FlushFileBuffers
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
ExitProcess
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
GetLastError
GetVersion
GetFileType
GetStdHandle
FindNextFileA
FindFirstFileA
FindClose
FreeLibrary
LoadLibraryA
CloseHandle
SetLastError
MultiByteToWideChar
GetTickCount
QueryPerformanceCounter
GetCurrentProcessId
GlobalMemoryStatus
GetVersionExA
FlushConsoleInputBuffer
EnterCriticalSection
LeaveCriticalSection
SetConsoleCtrlHandler
HeapFree
HeapReAlloc
HeapAlloc
GetSystemTimeAsFileTime
ReadFile
WriteFile
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
SetFileAttributesA
GetFileAttributesA
CreateFileA
ReadConsoleInputA
SetConsoleMode
GetCommandLineA
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetStartupInfoA
DeleteCriticalSection
Sleep
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
InterlockedDecrement
GetModuleFileNameA
InitializeCriticalSection
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapSize
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_ctr128_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_to_BN
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_to_generalizedtime
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_bn_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_pack_string
ASN1_parse
ASN1_parse_dump
ASN1_primitive_free
ASN1_primitive_new
ASN1_put_eoc
ASN1_put_object
ASN1_seq_pack
ASN1_seq_unpack
ASN1_sign
ASN1_tag2bit
ASN1_tag2str
ASN1_template_d2i
ASN1_template_free
ASN1_template_i2d
ASN1_template_new
ASN1_unpack_string
ASN1_verify
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_accept
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_callback_ctrl
BIO_clear_flags
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_ex_data
BIO_get_ex_new_index
BIO_get_host_ip
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_gethostbyname
BIO_gets
BIO_indent
BIO_int_ctrl
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_mem
BIO_s_null
BIO_s_socket
BIO_set
BIO_set_callback
BIO_set_callback_arg
BIO_set_cipher
BIO_set_ex_data
BIO_set_flags
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_cleanup
BIO_sock_error
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_get_thread_id
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_new
BN_BLINDING_set_flags
BN_BLINDING_set_thread_id
BN_BLINDING_thread_id
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_init
BN_CTX_new
BN_CTX_start
BN_GENCB_call
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp
BN_GF2m_mod_exp_arr
BN_GF2m_mod_inv
BN_GF2m_mod_inv_arr
BN_GF2m_mod_mul
BN_GF2m_mod_mul_arr
BN_GF2m_mod_solve_quad
BN_GF2m_mod_solve_quad_arr
BN_GF2m_mod_sqr
BN_GF2m_mod_sqr_arr
BN_GF2m_mod_sqrt
BN_GF2m_mod_sqrt_arr
BN_GF2m_poly2arr
BN_MONT_CTX_copy
BN_MONT_CTX_free
BN_MONT_CTX_init
BN_MONT_CTX_new
BN_MONT_CTX_set
BN_MONT_CTX_set_locked
BN_RECP_CTX_free
BN_RECP_CTX_init
BN_RECP_CTX_new
BN_RECP_CTX_set
BN_X931_derive_prime_ex
BN_X931_generate_Xpq
BN_X931_generate_prime_ex
BN_add
BN_add_word
BN_asc2bn
BN_bin2bn
BN_bn2bin
BN_bn2dec
BN_bn2hex
BN_bn2mpi
BN_bntest_rand
BN_clear
BN_clear_bit
BN_clear_free
BN_cmp
BN_copy
BN_dec2bn
BN_div
BN_div_recp
BN_div_word
BN_dup
BN_exp
BN_free
BN_from_montgomery
BN_gcd
BN_generate_prime
BN_generate_prime_ex
BN_get0_nist_prime_192
BN_get0_nist_prime_224
BN_get0_nist_prime_256
BN_get0_nist_prime_384
BN_get0_nist_prime_521
BN_get_params
BN_get_word
BN_hex2bn
BN_init
BN_is_bit_set
BN_is_prime
BN_is_prime_ex
BN_is_prime_fasttest
BN_is_prime_fasttest_ex
BN_kronecker
BN_lshift
BN_lshift1
BN_mask_bits
BN_mod_add
BN_mod_add_quick
BN_mod_exp
BN_mod_exp2_mont
BN_mod_exp_mont
BN_mod_exp_mont_consttime
BN_mod_exp_mont_word
BN_mod_exp_recp
BN_mod_exp_simple
BN_mod_inverse
BN_mod_lshift
BN_mod_lshift1
BN_mod_lshift1_quick
BN_mod_lshift_quick
BN_mod_mul
BN_mod_mul_montgomery
BN_mod_mul_reciprocal
BN_mod_sqr
BN_mod_sqrt
BN_mod_sub
BN_mod_sub_quick
BN_mod_word
BN_mpi2bn
BN_mul
BN_mul_word
BN_new
BN_nist_mod_192
BN_nist_mod_224
BN_nist_mod_256
BN_nist_mod_384
BN_nist_mod_521
BN_nnmod
BN_num_bits
BN_num_bits_word
BN_options
BN_print
BN_print_fp
BN_pseudo_rand
BN_pseudo_rand_range
BN_rand
BN_rand_range
BN_reciprocal
BN_rshift
BN_rshift1
BN_set_bit
BN_set_negative
BN_set_params
BN_set_word
BN_sqr
BN_sub
BN_sub_word
BN_swap
BN_to_ASN1_ENUMERATED
BN_to_ASN1_INTEGER
BN_uadd
BN_ucmp
BN_usub
BN_value_one
BUF_MEM_free
BUF_MEM_grow
BUF_MEM_grow_clean
BUF_MEM_new

Sections

.text
Size: 808KB - Virtual size: 804KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 344KB - Virtual size: 342KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nfapi.dll
.dll windows:4 windows x86 arch:x86

62038ee00cae37e60ca97b5edc34a103

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

h:\projects\netfilter3\bin\Release_c_api\Win32\nfapi.pdb

Imports

kernel32

OpenProcess
WriteFile
CloseHandle
GetLastError
GetTickCount
CreateEventA
WaitForMultipleObjects
CancelIo
CreateFileA
GetModuleHandleA
GetProcAddress
ResetEvent
DeviceIoControl
ReadFile
SetEvent
Sleep
GetOverlappedResult
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
GetCurrentProcessId
DeleteCriticalSection
HeapFree
HeapAlloc
ExitThread
GetCurrentThreadId
CreateThread
GetCommandLineA
GetVersionExA
GetProcessHeap
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetStdHandle
GetModuleFileNameA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapSize
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
RtlUnwind
LoadLibraryA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
SetFilePointer
GetConsoleCP
GetConsoleMode
MultiByteToWideChar
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
FlushFileBuffers
RaiseException

advapi32

OpenServiceA
CloseServiceHandle
StartServiceA
CreateServiceA
OpenSCManagerA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
DeleteService

psapi

GetModuleFileNameExA
GetModuleFileNameExW

Exports

Exports

nf_addRule
nf_adjustProcessPriviledges
nf_deleteRules
nf_disableFiltering
nf_free
nf_getConnCount
nf_getProcessNameA
nf_getProcessNameW
nf_init
nf_registerDriver
nf_setTCPTimeout
nf_tcpClose
nf_tcpDisableFiltering
nf_tcpPostReceive
nf_tcpPostSend
nf_tcpSetConnectionState
nf_tcpSetSockOpt
nf_udpDisableFiltering
nf_udpPostReceive
nf_udpPostSend
nf_udpSetConnectionState
nf_unRegisterDriver

Sections

.text
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ssleay32.dll
.dll windows:4 windows x86 arch:x86

44520e78701f726f2d50a14e0878e83b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\projects\NetFilter2\ProtocolFilters\openssl\out32dll\ssleay32.pdb

Imports

libeay32

ord2924
ord3459
ord3512
ord3663
ord123
ord201
ord118
ord66
ord4369
ord4474
ord3666
ord219
ord498
ord635
ord912
ord909
ord2784
ord965
ord964
ord256
ord274
ord276
ord3899
ord2572
ord3315
ord2927
ord2747
ord3837
ord282
ord333
ord3682
ord2877
ord3711
ord205
ord486
ord484
ord572
ord3165
ord3489
ord1071
ord2925
ord268
ord316
ord363
ord2712
ord4164
ord4262
ord3719
ord216
ord4125
ord206
ord497
ord4046
ord763
ord577
ord907
ord87
ord3418
ord481
ord3528
ord2915
ord1096
ord1097
ord3816
ord3888
ord2589
ord78
ord95
ord1145
ord1144
ord3891
ord1081
ord2292
ord3823
ord3846
ord622
ord679
ord623
ord187
ord3922
ord2898
ord264
ord266
ord3313
ord3312
ord3314
ord3724
ord313
ord3124
ord3925
ord541
ord2702
ord4372
ord4144
ord4174
ord2400
ord3857
ord3866
ord3704
ord3758
ord3767
ord3647
ord3766
ord3365
ord4114
ord3460
ord3454
ord3754
ord3394
ord897
ord3414
ord3495
ord3610
ord67
ord65
ord53
ord98
ord3826
ord3559
ord3399
ord636
ord3010
ord914
ord2478
ord626
ord890
ord1004
ord3527
ord4513
ord364
ord1010
ord2051
ord58
ord630
ord628
ord1041
ord1007
ord1005
ord4331
ord1027
ord3378
ord3437
ord629
ord892
ord74
ord248
ord1655
ord575
ord1025
ord246
ord1100
ord2524
ord3505
ord3595
ord1023
ord657
ord401
ord93
ord3396
ord3657
ord4045
ord2475
ord368
ord367
ord370
ord369
ord887
ord889
ord891
ord4320
ord4383
ord315
ord1671
ord1147
ord189
ord314
ord956
ord280
ord2181
ord399
ord748
ord279
ord283
ord400
ord751
ord750
ord774
ord3205
ord1959
ord37
ord35
ord824
ord822
ord8
ord1091
ord3700
ord3513
ord3623
ord32
ord718
ord7
ord716
ord703
ord680
ord2426
ord86
ord88
ord1101
ord293
ord3914
ord3807
ord3795
ord4656
ord4637
ord4615
ord4601
ord2996
ord3155
ord959
ord325
ord329
ord318
ord304
ord292
ord299
ord955
ord2252
ord91
ord247
ord225
ord129
ord4578
ord4572
ord4576
ord125
ord4570
ord4573
ord4582
ord4575
ord4577
ord4584
ord4581
ord4580
ord2578
ord3644
ord2929
ord170
ord4119
ord4245
ord4488
ord1070
ord4233
ord4430
ord866
ord2760
ord4540
ord128
ord203
ord3729
ord3480
ord3608
ord3550
ord3575
ord3570
ord3695
ord3178
ord111
ord110
ord151
ord285
ord3239
ord120
ord3883
ord495
ord202
ord3422
ord3896
ord3879
ord109
ord89
ord1202
ord3841
ord3874
ord961
ord2894
ord3067
ord323
ord3844
ord3244
ord2936
ord3245
ord3836
ord464
ord911
ord493
ord289
ord2201
ord167
ord52
ord85
ord169
ord168
ord3873
ord222
ord490
ord754
ord2411
ord910
ord2630
ord3109
ord269
ord188
ord181
ord654
ord290
ord281
ord2821
ord641
ord176
ord857
ord2206
ord252
ord903
ord1654
ord1653
ord904
ord901
ord2257
ord905

kernel32

CompareStringW
CompareStringA
CreateFileA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
CloseHandle
HeapSize
SetFilePointer
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
LoadLibraryA
VirtualAlloc
HeapReAlloc
RtlUnwind
InitializeCriticalSection
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
WriteFile
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
WideCharToMultiByte
ExitProcess
Sleep
DeleteCriticalSection
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
IsDebuggerPresent
GetCurrentProcess
TerminateProcess
GetModuleHandleA
GetProcAddress
GetProcessHeap
HeapAlloc
GetVersionExA
HeapFree
GetCommandLineA
GetCurrentThreadId
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetTimeZoneInformation
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetLastError
SetLastError
SetEnvironmentVariableA

Exports

Exports

BIO_f_ssl
BIO_new_buffer_ssl_connect
BIO_new_ssl
BIO_new_ssl_connect
BIO_ssl_copy_session_id
BIO_ssl_shutdown
DTLSv1_client_method
DTLSv1_method
DTLSv1_server_method
ERR_load_SSL_strings
PEM_read_SSL_SESSION
PEM_read_bio_SSL_SESSION
PEM_write_SSL_SESSION
PEM_write_bio_SSL_SESSION
SRP_Calc_A_param
SRP_generate_client_master_secret
SRP_generate_server_master_secret
SSL_CIPHER_description
SSL_CIPHER_get_bits
SSL_CIPHER_get_id
SSL_CIPHER_get_name
SSL_CIPHER_get_version
SSL_COMP_add_compression_method
SSL_COMP_get_compression_methods
SSL_COMP_get_name
SSL_CTX_SRP_CTX_free
SSL_CTX_SRP_CTX_init
SSL_CTX_add_client_CA
SSL_CTX_add_session
SSL_CTX_callback_ctrl
SSL_CTX_check_private_key
SSL_CTX_ctrl
SSL_CTX_flush_sessions
SSL_CTX_free
SSL_CTX_get_cert_store
SSL_CTX_get_client_CA_list
SSL_CTX_get_client_cert_cb
SSL_CTX_get_ex_data
SSL_CTX_get_ex_new_index
SSL_CTX_get_info_callback
SSL_CTX_get_quiet_shutdown
SSL_CTX_get_timeout
SSL_CTX_get_verify_callback
SSL_CTX_get_verify_depth
SSL_CTX_get_verify_mode
SSL_CTX_load_verify_locations
SSL_CTX_new
SSL_CTX_remove_session
SSL_CTX_sess_get_get_cb
SSL_CTX_sess_get_new_cb
SSL_CTX_sess_get_remove_cb
SSL_CTX_sess_set_get_cb
SSL_CTX_sess_set_new_cb
SSL_CTX_sess_set_remove_cb
SSL_CTX_sessions
SSL_CTX_set1_param
SSL_CTX_set_cert_store
SSL_CTX_set_cert_verify_callback
SSL_CTX_set_cipher_list
SSL_CTX_set_client_CA_list
SSL_CTX_set_client_cert_cb
SSL_CTX_set_client_cert_engine
SSL_CTX_set_cookie_generate_cb
SSL_CTX_set_cookie_verify_cb
SSL_CTX_set_default_passwd_cb
SSL_CTX_set_default_passwd_cb_userdata
SSL_CTX_set_default_verify_paths
SSL_CTX_set_ex_data
SSL_CTX_set_generate_session_id
SSL_CTX_set_info_callback
SSL_CTX_set_msg_callback
SSL_CTX_set_next_proto_select_cb
SSL_CTX_set_next_protos_advertised_cb
SSL_CTX_set_psk_client_callback
SSL_CTX_set_psk_server_callback
SSL_CTX_set_purpose
SSL_CTX_set_quiet_shutdown
SSL_CTX_set_session_id_context
SSL_CTX_set_srp_cb_arg
SSL_CTX_set_srp_client_pwd_callback
SSL_CTX_set_srp_password
SSL_CTX_set_srp_strength
SSL_CTX_set_srp_username
SSL_CTX_set_srp_username_callback
SSL_CTX_set_srp_verify_param_callback
SSL_CTX_set_ssl_version
SSL_CTX_set_timeout
SSL_CTX_set_tlsext_use_srtp
SSL_CTX_set_tmp_dh_callback
SSL_CTX_set_tmp_ecdh_callback
SSL_CTX_set_tmp_rsa_callback
SSL_CTX_set_trust
SSL_CTX_set_verify
SSL_CTX_set_verify_depth
SSL_CTX_use_PrivateKey
SSL_CTX_use_PrivateKey_ASN1
SSL_CTX_use_PrivateKey_file
SSL_CTX_use_RSAPrivateKey
SSL_CTX_use_RSAPrivateKey_ASN1
SSL_CTX_use_RSAPrivateKey_file
SSL_CTX_use_certificate
SSL_CTX_use_certificate_ASN1
SSL_CTX_use_certificate_chain_file
SSL_CTX_use_certificate_file
SSL_CTX_use_psk_identity_hint
SSL_SESSION_free
SSL_SESSION_get0_peer
SSL_SESSION_get_compress_id
SSL_SESSION_get_ex_data
SSL_SESSION_get_ex_new_index
SSL_SESSION_get_id
SSL_SESSION_get_time
SSL_SESSION_get_timeout
SSL_SESSION_new
SSL_SESSION_print
SSL_SESSION_print_fp
SSL_SESSION_set1_id_context
SSL_SESSION_set_ex_data
SSL_SESSION_set_time
SSL_SESSION_set_timeout
SSL_SRP_CTX_free
SSL_SRP_CTX_init
SSL_accept
SSL_add_client_CA
SSL_add_dir_cert_subjects_to_stack
SSL_add_file_cert_subjects_to_stack
SSL_alert_desc_string
SSL_alert_desc_string_long
SSL_alert_type_string
SSL_alert_type_string_long
SSL_cache_hit
SSL_callback_ctrl
SSL_check_private_key
SSL_clear
SSL_connect
SSL_copy_session_id
SSL_ctrl
SSL_do_handshake
SSL_dup
SSL_dup_CA_list
SSL_export_keying_material
SSL_free
SSL_get0_next_proto_negotiated
SSL_get1_session
SSL_get_SSL_CTX
SSL_get_certificate
SSL_get_cipher_list
SSL_get_ciphers
SSL_get_client_CA_list
SSL_get_current_cipher
SSL_get_current_compression
SSL_get_current_expansion
SSL_get_default_timeout
SSL_get_error
SSL_get_ex_data
SSL_get_ex_data_X509_STORE_CTX_idx
SSL_get_ex_new_index
SSL_get_fd
SSL_get_finished
SSL_get_info_callback
SSL_get_peer_cert_chain
SSL_get_peer_certificate
SSL_get_peer_finished
SSL_get_privatekey
SSL_get_psk_identity
SSL_get_psk_identity_hint
SSL_get_quiet_shutdown
SSL_get_rbio
SSL_get_read_ahead
SSL_get_rfd
SSL_get_selected_srtp_profile
SSL_get_servername
SSL_get_servername_type
SSL_get_session
SSL_get_shared_ciphers
SSL_get_shutdown
SSL_get_srp_N
SSL_get_srp_g
SSL_get_srp_userinfo
SSL_get_srp_username
SSL_get_srtp_profiles
SSL_get_ssl_method
SSL_get_verify_callback
SSL_get_verify_depth
SSL_get_verify_mode
SSL_get_verify_result
SSL_get_version
SSL_get_wbio
SSL_get_wfd
SSL_has_matching_session_id
SSL_library_init
SSL_load_client_CA_file
SSL_load_error_strings
SSL_new
SSL_peek
SSL_pending
SSL_read
SSL_renegotiate
SSL_renegotiate_abbreviated
SSL_renegotiate_pending
SSL_rstate_string
SSL_rstate_string_long
SSL_select_next_proto
SSL_set1_param
SSL_set_SSL_CTX
SSL_set_accept_state
SSL_set_bio
SSL_set_cipher_list
SSL_set_client_CA_list
SSL_set_connect_state
SSL_set_debug
SSL_set_ex_data
SSL_set_fd
SSL_set_generate_session_id
SSL_set_info_callback
SSL_set_msg_callback
SSL_set_psk_client_callback
SSL_set_psk_server_callback
SSL_set_purpose
SSL_set_quiet_shutdown
SSL_set_read_ahead
SSL_set_rfd
SSL_set_session
SSL_set_session_id_context
SSL_set_session_secret_cb
SSL_set_session_ticket_ext
SSL_set_session_ticket_ext_cb
SSL_set_shutdown
SSL_set_srp_server_param
SSL_set_srp_server_param_pw
SSL_set_ssl_method
SSL_set_state
SSL_set_tlsext_use_srtp
SSL_set_tmp_dh_callback
SSL_set_tmp_ecdh_callback
SSL_set_tmp_rsa_callback
SSL_set_trust
SSL_set_verify
SSL_set_verify_depth
SSL_set_verify_result
SSL_set_wfd
SSL_shutdown
SSL_srp_server_param_with_username
SSL_state
SSL_state_string
SSL_state_string_long
SSL_use_PrivateKey
SSL_use_PrivateKey_ASN1
SSL_use_PrivateKey_file
SSL_use_RSAPrivateKey
SSL_use_RSAPrivateKey_ASN1
SSL_use_RSAPrivateKey_file
SSL_use_certificate
SSL_use_certificate_ASN1
SSL_use_certificate_file
SSL_use_psk_identity_hint
SSL_version
SSL_want
SSL_write
SSLv23_client_method
SSLv23_method
SSLv23_server_method
SSLv2_client_method
SSLv2_method
SSLv2_server_method
SSLv3_client_method
SSLv3_method
SSLv3_server_method
TLSv1_1_client_method
TLSv1_1_method
TLSv1_1_server_method
TLSv1_2_client_method
TLSv1_2_method
TLSv1_2_server_method
TLSv1_client_method
TLSv1_method
TLSv1_server_method
d2i_SSL_SESSION
i2d_SSL_SESSION
ssl2_ciphers
ssl3_ciphers

Sections

.text
Size: 244KB - Virtual size: 241KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

099c0646ea7282d232219f8807883be0

Code Sign

03:01Certificate

Key Usages

04:6d:11:ec:a3:8a:a4Certificate

Extended Key Usages

Key Usages

Signer

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1024B - Virtual size: 107KB

.ndata Size: - Virtual size: 36KB

.rsrc Size: 3KB - Virtual size: 3KB

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 784B

.data Size: 512B - Virtual size: 100B

.reloc Size: 1024B - Virtual size: 520B

fe88de5311928dafcb49148bfb766f02

Headers

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 8KB - Virtual size: 11KB

.rsrc Size: 4KB - Virtual size: 176B

4bfff94eb6c93e4a6872b3beda65ae7f

Headers

File Characteristics

Imports

smime3

nss3

plc4

nspr4

msvcrt

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 32KB - Virtual size: 34KB

7cea1bcca1ff18e164507fda5b70c620

Code Sign

01Certificate

0aCertificate

Extended Key Usages

Key Usages

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5Certificate

Extended Key Usages

Key Usages

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4Certificate

Extended Key Usages

03:01
Certificate

04:6d:11:ec:a3:8a:a4
Certificate

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1024B - Virtual size: 107KB

.ndata
Size: - Virtual size: 36KB

.rsrc
Size: 3KB - Virtual size: 3KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 784B

.data
Size: 512B - Virtual size: 100B

.reloc
Size: 1024B - Virtual size: 520B

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 8KB - Virtual size: 11KB

.rsrc
Size: 4KB - Virtual size: 176B

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 32KB - Virtual size: 34KB

01
Certificate

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

25:cc:37:35:e9:ec:1f:c9:71:67:0e:73:e3:69:c7:91
Certificate

d9:6d:c7:8e:a6:fa:0a:7b:10:3b:1a:05:51:cf:8f:d6:d7:18:c7:39
Signer

.text
Size: 480KB - Virtual size: 478KB

.rdata
Size: 176KB - Virtual size: 172KB

.data
Size: 12KB - Virtual size: 18KB

.rsrc
Size: 4KB - Virtual size: 968B

.reloc
Size: 20KB - Virtual size: 17KB

01
Certificate

0a
Certificate

38:25:d7:fa:f8:61:af:9e:f4:90:e7:26:b5:d6:5a:d5
Certificate

47:bf:19:95:df:8d:52:46:43:f7:db:6d:48:0d:31:a4
Certificate

25:cc:37:35:e9:ec:1f:c9:71:67:0e:73:e3:69:c7:91
Certificate

83:66:8e:34:d2:cb:0f:40:cd:0b:e1:e4:c6:0c:08:61:4c:d7:08:9b
Signer

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 4KB - Virtual size: 5KB

.rsrc
Size: 4KB - Virtual size: 736B

.reloc
Size: 8KB - Virtual size: 6KB

.text
Size: 256KB - Virtual size: 254KB

.rdata
Size: 64KB - Virtual size: 61KB

.data
Size: 16KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 928B

.reloc
Size: 12KB - Virtual size: 8KB