onefile_7828_133599221364008719[.]zip

Sharing

Copy URL Twitter E-mail

General

Target

onefile_7828_133599221364008719.zip
Size

8.5MB
MD5

28fcee10675a4073d1cefb5ffdb07e61
SHA1

0f6222992181f449080aefa26eddeb7ba0a53414
SHA256

6f87c128e91e989d5489659b59b08090c01a5967b5244b09429f3ee2f7a97354
SHA512

2d3bcb2393159a8c57c672a29419d6f8db158650837790ea54474b7490b87a84a55c70eca4a4fd7404c22d34d201d64c36bee13ce67fb0eea203f5580ff680c0
SSDEEP

196608:DP5cLJNz32b5bGA1Fp1Lbvm98Qok+/NYbyZDQ57cB:DPmdF3eGKP1nLf/PQ5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 7 IoCs

Checks for missing Authenticode signature.

resource
unpack001/onefile_7828_133599221364008719/psutil/_psutil_windows.pyd
unpack001/onefile_7828_133599221364008719/pythoncom311.dll
unpack001/onefile_7828_133599221364008719/pywintypes311.dll
unpack001/onefile_7828_133599221364008719/test.exe
unpack001/onefile_7828_133599221364008719/win32api.pyd
unpack001/onefile_7828_133599221364008719/win32gui.pyd
unpack001/onefile_7828_133599221364008719/win32process.pyd

Files

onefile_7828_133599221364008719.zip
.zip
onefile_7828_133599221364008719/_bz2.pyd
.dll windows:6 windows x64 arch:x64

d0a62ab71a2b2ca69c6aba1f0a37fcdd

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

64:94:96:48:60:de:38:19:89:dd:a8:71:c6:29:64:13:da:a9:29:49:6f:b0:d0:61:71:a8:45:51:11:5d:40:57
Signer

Actual PE Digest

64:94:96:48:60:de:38:19:89:dd:a8:71:c6:29:64:13:da:a9:29:49:6f:b0:d0:61:71:a8:45:51:11:5d:40:57

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_bz2.pdb

Imports

python311

_PyLong_AsInt
PyModule_GetState
PyExc_SystemError
PyMem_Realloc
PyType_FromModuleAndSpec
PyBytes_FromStringAndSize
PyModuleDef_Init
PyExc_OSError
PyErr_NoMemory
PyMem_Free
PyThread_free_lock
PyList_Append
PyExc_EOFError
_PyNumber_Index
PyObject_GetBuffer
PyMem_RawFree
PyBuffer_Release
PyThread_release_lock
PyEval_RestoreThread
PyMem_Malloc
_Py_Dealloc
PyList_New
PyModule_AddType
PyErr_Format
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_SetString
_PyArg_BadArgument
PyThread_acquire_lock
_PyArg_NoPositional
PyMem_RawMalloc
PyThread_allocate_lock
PyExc_MemoryError
PyErr_SetNone
PyBuffer_IsContiguous
PyExc_RuntimeError
PyEval_SaveThread
PyErr_Occurred
_PyArg_CheckPositional
PyLong_AsSsize_t
_PyArg_NoKeywords
PyType_GenericNew

vcruntime140

memmove
memcpy
__std_type_info_destroy_list
__C_specific_handler
memset

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initialize_narrow_environment
_initialize_onexit_table
exit
_execute_onexit_table
_cexit
_initterm

api-ms-win-crt-heap-l1-1-0

free
malloc

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

Exports

Exports

PyInit__bz2

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 136B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/_ctypes.pyd
.dll windows:6 windows x64 arch:x64

de64e4a0e2dbc68a0b413ce8099db5c3

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

8d:d6:83:4b:34:72:56:e7:ac:14:ed:f5:e7:73:33:86:b9:06:a7:91:b7:0c:62:4f:80:c4:cb:73:d3:d3:76:33
Signer

Actual PE Digest

8d:d6:83:4b:34:72:56:e7:ac:14:ed:f5:e7:73:33:86:b9:06:a7:91:b7:0c:62:4f:80:c4:cb:73:d3:d3:76:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_ctypes.pdb

Imports

libffi-8

ffi_type_sint8
ffi_type_uint8
ffi_type_float
ffi_type_uint64
ffi_type_uint32
ffi_type_double
ffi_type_uint16
ffi_type_sint32
ffi_call
ffi_type_sint64
ffi_type_void
ffi_prep_cif
ffi_prep_closure
ffi_type_sint16
ffi_type_pointer

ole32

ProgIDFromCLSID

oleaut32

SysStringLen
SysFreeString
GetErrorInfo
SysAllocStringLen

kernel32

GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetSystemInfo
VirtualAlloc
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
LoadLibraryExW
FreeLibrary
LocalFree
QueryPerformanceCounter
FormatMessageW
DisableThreadLibraryCalls
GetProcAddress
SetLastError
GetLastError

python311

_PyObject_LookupAttrId
PyExc_ValueError
_Py_CheckRecursiveCall
PyDict_Next
PyErr_Format
PyDict_Type
PyModule_AddType
PyType_IsSubtype
PyExc_OverflowError
_Py_Dealloc
PyLong_AsUnsignedLongMask
PyTuple_GetItem
PySequence_GetSlice
PyDescr_NewGetSet
PyErr_ExceptionMatches
_PyUnicode_FromId
PyModule_AddObjectRef
PySequence_SetItem
_PyArg_ParseTuple_SizeT
PyObject_CallFunctionObjArgs
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyObject_GetBuffer
PySys_Audit
PyList_New
PyModule_Create2
PyType_Ready
PyObject_GetAttrString
PyErr_NewException
PyErr_Clear
_PyDict_GetItemIdWithError
PyObject_GenericSetAttr
PyDict_SetItem
PyDict_New
_PyLong_Sign
PyObject_VectorcallMethod
PyObject_IsInstance
PyMem_Free
PyLong_FromVoidPtr
PyUnicode_AsWideChar
PyErr_NoMemory
_PyRuntime
PyLong_AsVoidPtr
PyObject_CallObject
PyIndex_Check
PyBytes_FromStringAndSize
PyDict_DelItem
PyNumber_AsSsize_t
PyUnicode_New
PyObject_IsSubclass
_PyWeakref_ProxyType
PyExc_TypeError
PyTuple_Pack
PyCallable_Check
PyMem_Malloc
PyExc_IndexError
PyArg_UnpackTuple
PyUnicode_FromString
PyBuffer_Release
PyType_Type
PySequence_Tuple
PyEval_RestoreThread
PyUnicode_FromStringAndSize
PyErr_WarnEx
PyExc_RuntimeWarning
PyOS_vsnprintf
PyImport_ImportModule
PyObject_GC_UnTrack
PySys_GetObject
PyGILState_Release
PyErr_WriteUnraisable
Py_Initialize
PyObject_GC_Del
PyLong_AsLong
PyObject_Vectorcall
Py_IsInitialized
PyFile_WriteString
PyObject_GC_Track
PyGILState_Ensure
_PyObject_GC_NewVar
PyErr_Print
PyMem_Calloc
PyErr_SetObject
PyObject_CallOneArg
PyErr_SetString
PyCapsule_IsValid
PyBytes_AsString
PyErr_NormalizeException
PyUnicode_AppendAndDel
Py_BuildValue
PyErr_SetFromWindowsErr
PyUnicode_FromFormatV
PyFloat_FromDouble
PyObject_CallFunction
PyTuple_Type
PyObject_Free
PyCapsule_GetPointer
PyErr_Fetch
PyUnicode_AsWideCharString
_PyObject_GetAttrId
PyThreadState_GetDict
PyCapsule_New
PyUnicode_Type
_PyTraceback_Add
_PyUnicode_IsPrintable
PyExc_OSError
_PyObject_New
PyMem_Realloc
PyObject_Str
PyExc_FileNotFoundError
PyObject_Call
PyArg_ParseTuple
PyBool_FromLong
PyLong_FromUnsignedLongLong
PyFloat_AsDouble
PyLong_FromLongLong
PyLong_FromUnsignedLong
PyLong_AsUnsignedLongLongMask
PyFloat_Unpack4
PyFloat_Pack4
PyObject_IsTrue
PyFloat_Pack8
PyByteArray_Type
PyFloat_Unpack8
PyObject_GetAttr
PySequence_Fast
PyTuple_Size
_PyDict_SizeOf
_PyLong_AsInt
_Py_CheckFunctionResult
PyTuple_GetSlice
PyExc_AttributeError
PyMemoryView_FromObject
PyDict_SetItemString
PyTuple_New
_PyDict_ContainsId
_Py_NoneStruct
PyDict_Contains
PyDict_GetItemWithError
_PyDict_SetItemId
_PyErr_WriteUnraisableMsg
PyBuffer_IsContiguous
PyUnicode_Concat
PySlice_Unpack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
_PyWeakref_CallableProxyType
_PyUnicode_EqualToASCIIString
PyLong_FromSsize_t
PyWeakref_NewProxy
PyErr_Occurred
PyDict_Update
PySequence_GetItem
PySlice_Type
PyLong_AsSsize_t
_PyArg_NoKeywords
PyType_GenericNew
_PyObject_SetAttrId
_PyObject_CallFunction_SizeT
_Py_BuildValue_SizeT
PyExc_Exception
PySlice_AdjustIndices
PyDescr_NewClassMethod
PyUnicode_InternFromString
PyObject_SetAttr
PySequence_Size
Py_GenericAlias
PyLong_AsUnsignedLong
PyUnicode_FromWideChar
_PyObject_MakeTpCall

vcruntime140

memcmp
__std_type_info_destroy_list
__C_specific_handler
strchr
memcpy
memset
memmove

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_errno
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

api-ms-win-crt-string-l1-1-0

iswctype

Exports

Exports

DllCanUnloadNow
DllGetClassObject
PyInit__ctypes

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/_decimal.pyd
.dll windows:6 windows x64 arch:x64

73c2b50451f272a440f47564c3cbd631

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

01:3a:ce:ed:17:38:e7:5b:d1:14:02:3e:05:4e:1e:40:41:5f:0d:d0:be:34:e3:90:ab:5f:d6:c1:31:61:e8:2a
Signer

Actual PE Digest

01:3a:ce:ed:17:38:e7:5b:d1:14:02:3e:05:4e:1e:40:41:5f:0d:d0:be:34:e3:90:ab:5f:d6:c1:31:61:e8:2a

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_decimal.pdb

Imports

python311

_PyUnicode_IsWhitespace
PyObject_CallMethod
PyObject_IsInstance
PyMem_Free
PyErr_NoMemory
PyObject_CallObject
PyComplex_Type
_Py_NotImplementedStruct
PyUnicode_Compare
PyArg_ParseTupleAndKeywords
_PyObject_New
PyExc_TypeError
PyMem_Realloc
PyModule_AddStringConstant
PyUnicode_AsUTF8String
PyTuple_Pack
PyObject_HashNotImplemented
_PyUnicode_Ready
PyMem_Malloc
PyList_AsTuple
_Py_TrueStruct
PyUnicode_FromString
PyList_GetItem
PyUnicode_CompareWithASCIIString
PyType_Type
PyArg_ParseTuple
PyContextVar_New
PyFloat_FromString
PyExc_ArithmeticError
PyErr_Format
PyLong_FromUnsignedLong
PyExc_ValueError
PyContextVar_Set
PyObject_CallFunction
PyExc_ZeroDivisionError
PyErr_SetString
PyUnicode_FromWideChar
PyList_Size
PyDict_New
PyDict_SetItem
_Py_HashPointer
PyObject_GenericSetAttr
_PyLong_New
PyTuple_Size
PyList_Append
PyErr_Clear
PyUnicode_New
PyExc_AttributeError
PyErr_NewException
PyObject_GetAttrString
PyType_Ready
_PyUnicode_ToDecimalDigit
PyFloat_FromDouble
PyDict_Size
PyDict_SetItemString
PyModule_Create2
PyList_New
PyUnicode_FromFormat
PyLong_AsLong
PyObject_CallFunctionObjArgs
PyModule_AddObject
PyComplex_AsCComplex
PyObject_Free
_Py_Dealloc
PyExc_OverflowError
PyType_IsSubtype
PyLong_Type
PyTuple_New
PyFloat_Type
_Py_FalseStruct
_PyLong_GCD
PyTuple_Type
_Py_NoneStruct
PyFloat_AsDouble
PyComplex_FromDoubles
PyDict_GetItemWithError
Py_BuildValue
PyContextVar_Get
PyLong_FromLong
PyExc_RuntimeError
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyLong_FromSsize_t
PyErr_Occurred
PyImport_ImportModule
PyExc_KeyError
PyLong_AsSsize_t
_Py_ascii_whitespace
PyType_GenericNew
PyModule_AddIntConstant
PyBool_FromLong
PyErr_SetObject
PyUnicode_InternFromString
PyObject_IsTrue
PyBaseObject_Type

vcruntime140

strchr
memmove
memcpy
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-convert-l1-1-0

strtoll
mbstowcs

api-ms-win-crt-math-l1-1-0

log10
copysign
ceil
_dclass

api-ms-win-crt-stdio-l1-1-0

fputc
__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

abort
_initterm_e
_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_errno

api-ms-win-crt-string-l1-1-0

tolower
isupper
isdigit

api-ms-win-crt-locale-l1-1-0

localeconv

api-ms-win-crt-heap-l1-1-0

malloc
calloc
realloc
free

kernel32

RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
RtlCaptureContext

Exports

Exports

PyInit__decimal

Sections

.text
Size: 157KB - Virtual size: 157KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/_elementtree.pyd
.dll windows:6 windows x64 arch:x64

3581bde43d1dd1999267ea7f27542ab4

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

85:53:ef:48:b2:5f:e5:da:0a:ec:97:e1:0f:23:d0:ab:82:83:ab:db:46:e1:13:4d:20:ed:ac:23:17:d7:6a:35
Signer

Actual PE Digest

85:53:ef:48:b2:5f:e5:da:0a:ec:97:e1:0f:23:d0:ab:82:83:ab:db:46:e1:13:4d:20:ed:ac:23:17:d7:6a:35

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_elementtree.pdb

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
RtlCaptureContext

python311

_Py_Dealloc
_PyTrash_cond
PyObject_Free
PyErr_ExceptionMatches
_PyUnicode_FromId
PyModule_AddObject
_PyArg_ParseTuple_SizeT
PyObject_GC_Del
PyObject_CallFunctionObjArgs
_PyBytes_Resize
PyObject_ClearWeakRefs
PyUnicode_AsUTF8
PyUnicode_FromFormat
PyObject_GetBuffer
PySequence_Fast
PyList_New
PyModule_Create2
_PyObject_GetAttrId
PyType_Ready
PyExc_SyntaxError
PyObject_GetAttrString
PyErr_NewException
PyErr_Clear
PyList_Append
PyBytes_Type
PyObject_RichCompareBool
PyDict_SetItem
PyDict_New
PyUnicode_Type
PyObject_VectorcallMethod
PyMem_Free
PyModule_AddType
PyType_GenericAlloc
PyCapsule_Import
PyList_Type
PyErr_NoMemory
PyObject_Realloc
PyIndex_Check
PyObject_GC_Track
PyBytes_FromStringAndSize
Py_ReprLeave
PyDict_DelItem
PyNumber_AsSsize_t
Py_ReprEnter
PyExc_TypeError
PyExc_OverflowError
PyObject_IsTrue
PyDict_Copy
PyTuple_Pack
_PyUnicode_Ready
PyCallable_Check
PyMem_Malloc
PyExc_IndexError
PyExc_ImportError
PyState_FindModule
PyModule_GetState
_PyTrash_begin
_PyObject_GC_New
PyList_SetItem
PyDict_Keys
PyUnicode_FromString
PyBuffer_Release
PyObject_CallNoArgs
PyUnicode_FromStringAndSize
PyUnicode_AsEncodedString
PyDict_Type
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyDict_Next
PyExc_ValueError
_PyArg_UnpackKeywords
_PyTrash_end
PyNumber_Add
_PyObject_LookupAttrId
PyErr_SetString
_PyArg_BadArgument
PyUnicode_New
PyUnicode_Join
_PyObject_CallMethodIdObjArgs
PyExc_AttributeError
PyDict_Items
_Py_HashSecret
PyTuple_New
_Py_NoneStruct
PyDict_GetItemWithError
PyErr_SetNone
PyObject_GC_UnTrack
PySlice_Unpack
PyLong_FromLong
PyObject_SetAttrString
_PyObject_FastCall
PyExc_RuntimeError
PyList_SetSlice
PyMem_Realloc
PyUnicode_AsUTF8AndSize
PyObject_GenericGetAttr
PyUnicode_DecodeUTF8
PyLong_FromSsize_t
PyType_IsSubtype
PyErr_Occurred
PyDict_Update
PyObject_SelfIter
PyImport_ImportModule
PySlice_Type
_PyArg_CheckPositional
PyLong_AsSsize_t
PyExc_RuntimeWarning
PyErr_WarnEx
PyObject_Malloc
_PyObject_SetAttrId
_PyObject_CallFunction_SizeT
_PyNumber_Index
_Py_BuildValue_SizeT
PyObject_CallOneArg
PyErr_SetObject
PySlice_AdjustIndices
PyThreadState_Get
PyExc_StopIteration

vcruntime140

memmove
memcpy
__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-string-l1-1-0

strncat
strcmp

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_initterm_e
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_cexit
_execute_onexit_table
_initterm

Exports

Exports

PyInit__elementtree

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/_hashlib.pyd
.dll windows:6 windows x64 arch:x64

b3b294bbb4a8941fd67b11ccbe0be65b

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

7e:c1:14:c7:5a:aa:fa:35:dc:e2:c4:8b:a2:f9:47:6c:22:ee:e9:57:0e:7e:9c:c6:f5:cb:f9:28:30:3e:48:7f
Signer

Actual PE Digest

7e:c1:14:c7:5a:aa:fa:35:dc:e2:c4:8b:a2:f9:47:6c:22:ee:e9:57:0e:7e:9c:c6:f5:cb:f9:28:30:3e:48:7f

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_hashlib.pdb

Imports

libcrypto-1_1

EVP_DigestInit_ex
ERR_func_error_string
HMAC
EVP_MD_CTX_md
HMAC_Update
HMAC_Init_ex
EVP_MD_block_size
EVP_MD_CTX_copy
EVP_MD_CTX_set_flags
EVP_PBE_scrypt
OBJ_nid2ln
ERR_clear_error
EVP_DigestUpdate
EVP_MD_CTX_free
ERR_peek_last_error
HMAC_CTX_free
CRYPTO_memcmp
OBJ_nid2sn
HMAC_Final
ERR_reason_error_string
EVP_MD_size
ERR_lib_error_string
EVP_DigestFinalXOF
FIPS_mode
EVP_DigestFinal
EVP_MD_CTX_new
PKCS5_PBKDF2_HMAC
HMAC_CTX_new
HMAC_CTX_get_md
EVP_MD_flags
EVP_MD_type
HMAC_CTX_copy
EVP_MD_do_all
EVP_get_digestbyname

python311

PyType_FromSpecWithBases
PyErr_Clear
PyDict_SetItem
PyDict_New
PyThread_free_lock
PyMem_Free
PyFrozenSet_New
PyErr_NoMemory
PyDict_GetItem
PyModuleDef_Init
_Py_hashtable_set
PyBytes_FromStringAndSize
PyType_FromSpec
_PyObject_New
PyExc_TypeError
PyObject_IsTrue
_PyUnicode_Ready
PyMem_Malloc
PyModule_GetState
PyUnicode_FromString
_Py_strhex
PyBuffer_Release
_Py_hashtable_get
PyEval_RestoreThread
_Py_hashtable_new_full
PyErr_NewException
PyObject_GetAttrString
PyObject_GetBuffer
PyUnicode_FromFormat
PyLong_AsLong
PyObject_CheckBuffer
PyModule_AddObject
PyModule_AddObjectRef
PyThread_release_lock
PyObject_Free
_Py_Dealloc
PyExc_OverflowError
PyModule_AddType
PyErr_Format
_Py_hashtable_destroy
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_SetString
PyDictProxy_New
_PyArg_BadArgument
PySet_Add
PyThread_acquire_lock
_Py_NoneStruct
PyModule_GetDef
PyThread_allocate_lock
_Py_HashBytes
PyBuffer_IsContiguous
PyLong_FromLong
PyEval_SaveThread
PyUnicode_AsUTF8AndSize
PyErr_Occurred
_PyArg_CheckPositional
PyLong_AsSsize_t
PyLong_AsUnsignedLong
_PyNumber_Index
PyBool_FromLong
PyExc_BufferError
PyErr_FormatV
_PyArg_Parse_SizeT
PyUnicode_AsUTF8

vcruntime140

memcpy
__std_type_info_destroy_list
memset
__C_specific_handler

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-runtime-l1-1-0

_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime

Exports

Exports

PyInit__hashlib

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 604B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/_lzma.pyd
.dll windows:6 windows x64 arch:x64

c39c7a021b2adfc11bb34f105f70355e

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

df:08:2c:b3:89:df:f9:d4:12:4f:92:8f:5f:cc:8e:e4:4e:8e:3b:9f:02:f6:b8:46:1c:24:7d:af:59:89:2e:33
Signer

Actual PE Digest

df:08:2c:b3:89:df:f9:d4:12:4f:92:8f:5f:cc:8e:e4:4e:8e:3b:9f:02:f6:b8:46:1c:24:7d:af:59:89:2e:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_lzma.pdb

Imports

python311

PyDict_SetItem
PyDict_New
PyErr_NewExceptionWithDoc
PyThread_free_lock
PyMem_Free
PyErr_NoMemory
PyModuleDef_Init
PyBytes_FromStringAndSize
PyErr_SetString
PyType_FromModuleAndSpec
PyMem_Realloc
PyMapping_Check
_PyLong_AsInt
PyModule_GetState
PyExc_SystemError
PyMem_RawFree
PyBuffer_Release
PyEval_RestoreThread
_PyArg_BadArgument
PyThread_acquire_lock
PyLong_FromLongLong
PyTuple_New
_Py_NoneStruct
PyMem_RawMalloc
PyType_GetModuleState
PyMapping_GetItemString
PyList_Append
PyErr_Clear
PyExc_EOFError
PyList_New
PyObject_GetBuffer
PyModule_AddObject
PyThread_release_lock
PyErr_ExceptionMatches
_Py_Dealloc
PyExc_OverflowError
PyModule_AddType
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyExc_ValueError
PyMem_Malloc
_PyArg_UnpackKeywords
PyLong_AsUnsignedLongLong
PyThread_allocate_lock
PyLong_FromUnsignedLongLong
PyExc_MemoryError
PyErr_SetNone
PyBuffer_IsContiguous
PyEval_SaveThread
PyErr_Occurred
PySequence_GetItem
PyExc_KeyError
_PyArg_CheckPositional
PyLong_AsSsize_t
PyType_GenericNew
PyModule_AddIntConstant
_PyNumber_Index
PyBool_FromLong
PyUnicode_InternFromString
PyMem_Calloc
PyExc_TypeError
PySequence_Size

vcruntime140

memmove
memset
__std_type_info_destroy_list
__C_specific_handler
memcpy
memcmp

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_cexit
_initialize_narrow_environment

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind

Exports

Exports

PyInit__lzma

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 312B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/_socket.pyd
.dll .js windows:6 windows x64 arch:x64 polyglot

332065e5d19d708832b034da27e5571a

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

66:a4:69:70:95:09:69:c0:2a:34:88:a4:55:8b:7d:15:72:a4:16:da:81:fb:73:68:fd:68:3c:1d:ba:3f:e1:33
Signer

Actual PE Digest

66:a4:69:70:95:09:69:c0:2a:34:88:a4:55:8b:7d:15:72:a4:16:da:81:fb:73:68:fd:68:3c:1d:ba:3f:e1:33

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\_socket.pdb

Imports

ws2_32

accept
WSACleanup
setsockopt
WSAIoctl
closesocket
gethostbyname
select
ntohl
WSADuplicateSocketW
shutdown
listen
WSASetLastError
WSASocketW
inet_pton
getaddrinfo
WSAStartup
getpeername
getnameinfo
inet_addr
getsockname
gethostbyaddr
getprotobyname
getservbyport
send
socket
ntohs
connect
inet_ntoa
getservbyname
recvfrom
recv
getsockopt
htonl
inet_ntop
htons
ioctlsocket
sendto
freeaddrinfo
bind
WSAGetLastError

iphlpapi

ConvertInterfaceLuidToNameW
GetIfTable2Ex
if_nametoindex
if_indextoname
FreeMibTable

kernel32

RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent
SetHandleInformation
VerifyVersionInfoA
VerifyVersionInfoW
GetCurrentProcessId
VerSetConditionMask
GetLastError
GetComputerNameExW

python311

_PyTime_FromSeconds
PyModule_GetDict
PyObject_Free
PyErr_ExceptionMatches
PyModule_AddObjectRef
PyCapsule_GetPointer
PyModule_AddObject
_PyArg_ParseTuple_SizeT
PyErr_Fetch
PyLong_AsLong
_PyBytes_Resize
PyUnicode_AsUTF8
PyUnicode_FromFormat
PySys_Audit
PyList_New
PyModule_Create2
PyErr_NewException
_PyDict_Pop
PyErr_Clear
PyList_Append
PyTuple_Size
PyUnicode_FSConverter
PyCapsule_New
PyBytes_Size
PyObject_CallFinalizerFromDealloc
PyMem_Free
PyType_GenericAlloc
PyErr_NoMemory
PyExc_OSError
PyErr_CheckSignals
PyBytes_FromStringAndSize
PyByteArray_Size
_PyDeadline_Get
PyExc_TypeError
PyTuple_Pack
_PyUnicode_Ready
PyMem_Malloc
_PyTime_AsTimeval_clamp
_PyLong_AsInt
PyExc_ImportError
_Py_TrueStruct
PyUnicode_FromString
PyErr_SetExcFromWindowsErr
_PyDeadline_Init
PyBuffer_Release
PyByteArray_Type
Py_AtExit
PyType_Type
_PyTime_AsTimeval
PyEval_RestoreThread
PyErr_ResourceWarning
_Py_Dealloc
PyErr_Restore
PyType_IsSubtype
PyErr_SetFromErrno
PyLong_Type
_PyTime_AsSecondsDouble
_Py_FalseStruct
PyModule_AddStringConstant
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyLong_FromUnsignedLong
PyExc_ValueError
_PyArg_UnpackKeywords
PyErr_WriteUnraisable
PyErr_SetString
PyUnicode_FromWideChar
PyByteArray_AsString
PyUnicode_New
PyFloat_FromDouble
PyExc_TimeoutError
PyLong_FromLongLong
PyLong_AsLongLong
_Py_NoneStruct
PyUnicode_DecodeMBCS
PyErr_SetFromWindowsErr
PyLong_FromLong
PyEval_SaveThread
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyExc_Warning
PyErr_Occurred
PyBytes_AsString
PyModule_AddIntConstant
PyLong_AsUnsignedLong
_Py_BuildValue_SizeT
PyUnicode_DecodeFSDefault
_PyTime_AsMilliseconds
PyErr_SetObject
_PyTime_FromSecondsObject
PyOS_snprintf
PyUnicode_AsEncodedString
PyExc_OverflowError

vcruntime140

memcpy
memset
__std_type_info_destroy_list
__C_specific_handler
strchr

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_seh_filter_dll
_initterm_e
_initterm
_configure_narrow_argv
_errno
_cexit

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsscanf
__stdio_common_vsprintf

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

PyInit__socket

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/libcrypto-1_1.dll
.dll windows:6 windows x64 arch:x64

11f2ed72076bbf7871eb95fd5b4e84b0

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29/03/2022, 00:00

Not After

14/03/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

77:a4:10:33:a2:0d:f4:e3:32:28:2b:b5:80:fc:36:e0:50:8b:15:7c:a2:e7:e2:5f:f2:8c:4b:d1:b5:48:38:76
Signer

Actual PE Digest

77:a4:10:33:a2:0d:f4:e3:32:28:2b:b5:80:fc:36:e0:50:8b:15:7c:a2:e7:e2:5f:f2:8c:4b:d1:b5:48:38:76

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\libcrypto-1_1.pdb

Imports

ws2_32

accept
WSAGetLastError
closesocket
WSAStartup
gethostbyname
getsockopt
getsockname
ioctlsocket
getnameinfo
freeaddrinfo
ntohs
getaddrinfo
connect
listen
setsockopt
socket
shutdown
recv
send
WSASetLastError
recvfrom
sendto
bind
WSACleanup

advapi32

RegisterEventSourceW
DeregisterEventSource
ReportEventW

user32

GetUserObjectInformationW
MessageBoxW
GetProcessWindowStation

bcrypt

BCryptGenRandom

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
GetModuleHandleA
TerminateProcess
GetCurrentProcess
ReadConsoleW
ReadConsoleA
SetConsoleMode
IsProcessorFeaturePresent
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetCurrentThreadId
IsDebuggerPresent
InitializeSListHead
GetConsoleMode
GetStartupInfoW
GetCurrentProcessId
QueryPerformanceCounter
WideCharToMultiByte
FindNextFileW
FindFirstFileW
FindClose
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiber
SwitchToFiber
DeleteFiber
CreateFiber
FormatMessageW
GetSystemTime
SystemTimeToFileTime
GetLastError
SetLastError
GetStdHandle
GetEnvironmentVariableW
GetFileType
WriteFile
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
CloseHandle
FreeLibrary
LoadLibraryA
LoadLibraryW
GetModuleHandleExW

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memchr
strstr
wcsstr
memmove
strchr
strrchr
memcmp
memset
memcpy
__current_exception_context
__current_exception

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vswprintf
_setmode
ftell
__stdio_common_vfprintf
fwrite
fseek
fread
fopen
_fileno
fgets
fflush
ferror
clearerr
setbuf
feof
fclose
fputs
__stdio_common_vsscanf
__acrt_iob_func
__stdio_common_vsprintf
_wfopen

api-ms-win-crt-convert-l1-1-0

strtoul
atoi
strtol

api-ms-win-crt-string-l1-1-0

_strnicmp
strcspn
strncmp
strncpy
strcmp
isspace
_strdup
_stricmp
strspn

api-ms-win-crt-time-l1-1-0

_gmtime64_s
_time64

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_initialize_narrow_environment
_initialize_onexit_table
signal
strerror_s
_execute_onexit_table
_seh_filter_dll
_crt_atexit
_errno
_crt_at_quick_exit
terminate
perror
_register_onexit_function
_exit
_initterm_e
_initterm
_configure_narrow_argv
_cexit
raise

api-ms-win-crt-filesystem-l1-1-0

_fstat64i32
_stat64i32
_chmod

api-ms-win-crt-heap-l1-1-0

free
realloc
malloc

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

ACCESS_DESCRIPTION_free
ACCESS_DESCRIPTION_it
ACCESS_DESCRIPTION_new
ADMISSIONS_free
ADMISSIONS_get0_admissionAuthority
ADMISSIONS_get0_namingAuthority
ADMISSIONS_get0_professionInfos
ADMISSIONS_it
ADMISSIONS_new
ADMISSIONS_set0_admissionAuthority
ADMISSIONS_set0_namingAuthority
ADMISSIONS_set0_professionInfos
ADMISSION_SYNTAX_free
ADMISSION_SYNTAX_get0_admissionAuthority
ADMISSION_SYNTAX_get0_contentsOfAdmissions
ADMISSION_SYNTAX_it
ADMISSION_SYNTAX_new
ADMISSION_SYNTAX_set0_admissionAuthority
ADMISSION_SYNTAX_set0_contentsOfAdmissions
AES_bi_ige_encrypt
AES_cbc_encrypt
AES_cfb128_encrypt
AES_cfb1_encrypt
AES_cfb8_encrypt
AES_decrypt
AES_ecb_encrypt
AES_encrypt
AES_ige_encrypt
AES_ofb128_encrypt
AES_options
AES_set_decrypt_key
AES_set_encrypt_key
AES_unwrap_key
AES_wrap_key
ASIdOrRange_free
ASIdOrRange_it
ASIdOrRange_new
ASIdentifierChoice_free
ASIdentifierChoice_it
ASIdentifierChoice_new
ASIdentifiers_free
ASIdentifiers_it
ASIdentifiers_new
ASN1_ANY_it
ASN1_BIT_STRING_check
ASN1_BIT_STRING_free
ASN1_BIT_STRING_get_bit
ASN1_BIT_STRING_it
ASN1_BIT_STRING_name_print
ASN1_BIT_STRING_new
ASN1_BIT_STRING_num_asc
ASN1_BIT_STRING_set
ASN1_BIT_STRING_set_asc
ASN1_BIT_STRING_set_bit
ASN1_BMPSTRING_free
ASN1_BMPSTRING_it
ASN1_BMPSTRING_new
ASN1_BOOLEAN_it
ASN1_ENUMERATED_free
ASN1_ENUMERATED_get
ASN1_ENUMERATED_get_int64
ASN1_ENUMERATED_it
ASN1_ENUMERATED_new
ASN1_ENUMERATED_set
ASN1_ENUMERATED_set_int64
ASN1_ENUMERATED_to_BN
ASN1_FBOOLEAN_it
ASN1_GENERALIZEDTIME_adj
ASN1_GENERALIZEDTIME_check
ASN1_GENERALIZEDTIME_free
ASN1_GENERALIZEDTIME_it
ASN1_GENERALIZEDTIME_new
ASN1_GENERALIZEDTIME_print
ASN1_GENERALIZEDTIME_set
ASN1_GENERALIZEDTIME_set_string
ASN1_GENERALSTRING_free
ASN1_GENERALSTRING_it
ASN1_GENERALSTRING_new
ASN1_IA5STRING_free
ASN1_IA5STRING_it
ASN1_IA5STRING_new
ASN1_INTEGER_cmp
ASN1_INTEGER_dup
ASN1_INTEGER_free
ASN1_INTEGER_get
ASN1_INTEGER_get_int64
ASN1_INTEGER_get_uint64
ASN1_INTEGER_it
ASN1_INTEGER_new
ASN1_INTEGER_set
ASN1_INTEGER_set_int64
ASN1_INTEGER_set_uint64
ASN1_INTEGER_to_BN
ASN1_ITEM_get
ASN1_ITEM_lookup
ASN1_NULL_free
ASN1_NULL_it
ASN1_NULL_new
ASN1_OBJECT_create
ASN1_OBJECT_free
ASN1_OBJECT_it
ASN1_OBJECT_new
ASN1_OCTET_STRING_NDEF_it
ASN1_OCTET_STRING_cmp
ASN1_OCTET_STRING_dup
ASN1_OCTET_STRING_free
ASN1_OCTET_STRING_it
ASN1_OCTET_STRING_new
ASN1_OCTET_STRING_set
ASN1_PCTX_free
ASN1_PCTX_get_cert_flags
ASN1_PCTX_get_flags
ASN1_PCTX_get_nm_flags
ASN1_PCTX_get_oid_flags
ASN1_PCTX_get_str_flags
ASN1_PCTX_new
ASN1_PCTX_set_cert_flags
ASN1_PCTX_set_flags
ASN1_PCTX_set_nm_flags
ASN1_PCTX_set_oid_flags
ASN1_PCTX_set_str_flags
ASN1_PRINTABLESTRING_free
ASN1_PRINTABLESTRING_it
ASN1_PRINTABLESTRING_new
ASN1_PRINTABLE_free
ASN1_PRINTABLE_it
ASN1_PRINTABLE_new
ASN1_PRINTABLE_type
ASN1_SCTX_free
ASN1_SCTX_get_app_data
ASN1_SCTX_get_flags
ASN1_SCTX_get_item
ASN1_SCTX_get_template
ASN1_SCTX_new
ASN1_SCTX_set_app_data
ASN1_SEQUENCE_ANY_it
ASN1_SEQUENCE_it
ASN1_SET_ANY_it
ASN1_STRING_TABLE_add
ASN1_STRING_TABLE_cleanup
ASN1_STRING_TABLE_get
ASN1_STRING_clear_free
ASN1_STRING_cmp
ASN1_STRING_copy
ASN1_STRING_data
ASN1_STRING_dup
ASN1_STRING_free
ASN1_STRING_get0_data
ASN1_STRING_get_default_mask
ASN1_STRING_length
ASN1_STRING_length_set
ASN1_STRING_new
ASN1_STRING_print
ASN1_STRING_print_ex
ASN1_STRING_print_ex_fp
ASN1_STRING_set
ASN1_STRING_set0
ASN1_STRING_set_by_NID
ASN1_STRING_set_default_mask
ASN1_STRING_set_default_mask_asc
ASN1_STRING_to_UTF8
ASN1_STRING_type
ASN1_STRING_type_new
ASN1_T61STRING_free
ASN1_T61STRING_it
ASN1_T61STRING_new
ASN1_TBOOLEAN_it
ASN1_TIME_adj
ASN1_TIME_check
ASN1_TIME_cmp_time_t
ASN1_TIME_compare
ASN1_TIME_diff
ASN1_TIME_free
ASN1_TIME_it
ASN1_TIME_new
ASN1_TIME_normalize
ASN1_TIME_print
ASN1_TIME_set
ASN1_TIME_set_string
ASN1_TIME_set_string_X509
ASN1_TIME_to_generalizedtime
ASN1_TIME_to_tm
ASN1_TYPE_cmp
ASN1_TYPE_free
ASN1_TYPE_get
ASN1_TYPE_get_int_octetstring
ASN1_TYPE_get_octetstring
ASN1_TYPE_new
ASN1_TYPE_pack_sequence
ASN1_TYPE_set
ASN1_TYPE_set1
ASN1_TYPE_set_int_octetstring
ASN1_TYPE_set_octetstring
ASN1_TYPE_unpack_sequence
ASN1_UNIVERSALSTRING_free
ASN1_UNIVERSALSTRING_it
ASN1_UNIVERSALSTRING_new
ASN1_UNIVERSALSTRING_to_string
ASN1_UTCTIME_adj
ASN1_UTCTIME_check
ASN1_UTCTIME_cmp_time_t
ASN1_UTCTIME_free
ASN1_UTCTIME_it
ASN1_UTCTIME_new
ASN1_UTCTIME_print
ASN1_UTCTIME_set
ASN1_UTCTIME_set_string
ASN1_UTF8STRING_free
ASN1_UTF8STRING_it
ASN1_UTF8STRING_new
ASN1_VISIBLESTRING_free
ASN1_VISIBLESTRING_it
ASN1_VISIBLESTRING_new
ASN1_add_oid_module
ASN1_add_stable_module
ASN1_bn_print
ASN1_buf_print
ASN1_check_infinite_end
ASN1_const_check_infinite_end
ASN1_d2i_bio
ASN1_d2i_fp
ASN1_digest
ASN1_dup
ASN1_generate_nconf
ASN1_generate_v3
ASN1_get_object
ASN1_i2d_bio
ASN1_i2d_fp
ASN1_item_d2i
ASN1_item_d2i_bio
ASN1_item_d2i_fp
ASN1_item_digest
ASN1_item_dup
ASN1_item_ex_d2i
ASN1_item_ex_free
ASN1_item_ex_i2d
ASN1_item_ex_new
ASN1_item_free
ASN1_item_i2d
ASN1_item_i2d_bio
ASN1_item_i2d_fp
ASN1_item_ndef_i2d
ASN1_item_new
ASN1_item_pack
ASN1_item_print
ASN1_item_sign
ASN1_item_sign_ctx
ASN1_item_unpack
ASN1_item_verify
ASN1_mbstring_copy
ASN1_mbstring_ncopy
ASN1_object_size
ASN1_parse
ASN1_parse_dump
ASN1_put_eoc
ASN1_put_object
ASN1_sign
ASN1_str2mask
ASN1_tag2bit
ASN1_tag2str
ASN1_verify
ASRange_free
ASRange_it
ASRange_new
ASYNC_WAIT_CTX_clear_fd
ASYNC_WAIT_CTX_free
ASYNC_WAIT_CTX_get_all_fds
ASYNC_WAIT_CTX_get_changed_fds
ASYNC_WAIT_CTX_get_fd
ASYNC_WAIT_CTX_new
ASYNC_WAIT_CTX_set_wait_fd
ASYNC_block_pause
ASYNC_cleanup_thread
ASYNC_get_current_job
ASYNC_get_wait_ctx
ASYNC_init_thread
ASYNC_is_capable
ASYNC_pause_job
ASYNC_start_job
ASYNC_unblock_pause
AUTHORITY_INFO_ACCESS_free
AUTHORITY_INFO_ACCESS_it
AUTHORITY_INFO_ACCESS_new
AUTHORITY_KEYID_free
AUTHORITY_KEYID_it
AUTHORITY_KEYID_new
BASIC_CONSTRAINTS_free
BASIC_CONSTRAINTS_it
BASIC_CONSTRAINTS_new
BF_cbc_encrypt
BF_cfb64_encrypt
BF_decrypt
BF_ecb_encrypt
BF_encrypt
BF_ofb64_encrypt
BF_options
BF_set_key
BIGNUM_it
BIO_ADDRINFO_address
BIO_ADDRINFO_family
BIO_ADDRINFO_free
BIO_ADDRINFO_next
BIO_ADDRINFO_protocol
BIO_ADDRINFO_socktype
BIO_ADDR_clear
BIO_ADDR_family
BIO_ADDR_free
BIO_ADDR_hostname_string
BIO_ADDR_new
BIO_ADDR_path_string
BIO_ADDR_rawaddress
BIO_ADDR_rawmake
BIO_ADDR_rawport
BIO_ADDR_service_string
BIO_accept
BIO_accept_ex
BIO_asn1_get_prefix
BIO_asn1_get_suffix
BIO_asn1_set_prefix
BIO_asn1_set_suffix
BIO_bind
BIO_callback_ctrl
BIO_clear_flags
BIO_closesocket
BIO_connect
BIO_copy_next_retry
BIO_ctrl
BIO_ctrl_get_read_request
BIO_ctrl_get_write_guarantee
BIO_ctrl_pending
BIO_ctrl_reset_read_request
BIO_ctrl_wpending
BIO_debug_callback
BIO_dgram_non_fatal_error
BIO_dump
BIO_dump_cb
BIO_dump_fp
BIO_dump_indent
BIO_dump_indent_cb
BIO_dump_indent_fp
BIO_dup_chain
BIO_f_asn1
BIO_f_base64
BIO_f_buffer
BIO_f_cipher
BIO_f_linebuffer
BIO_f_md
BIO_f_nbio_test
BIO_f_null
BIO_f_reliable
BIO_fd_non_fatal_error
BIO_fd_should_retry
BIO_find_type
BIO_free
BIO_free_all
BIO_get_accept_socket
BIO_get_callback
BIO_get_callback_arg
BIO_get_callback_ex
BIO_get_data
BIO_get_ex_data
BIO_get_host_ip
BIO_get_init
BIO_get_new_index
BIO_get_port
BIO_get_retry_BIO
BIO_get_retry_reason
BIO_get_shutdown
BIO_gethostbyname
BIO_gets
BIO_hex_string
BIO_indent
BIO_int_ctrl
BIO_listen
BIO_lookup
BIO_lookup_ex
BIO_meth_free
BIO_meth_get_callback_ctrl
BIO_meth_get_create
BIO_meth_get_ctrl
BIO_meth_get_destroy
BIO_meth_get_gets
BIO_meth_get_puts
BIO_meth_get_read
BIO_meth_get_read_ex
BIO_meth_get_write
BIO_meth_get_write_ex
BIO_meth_new
BIO_meth_set_callback_ctrl
BIO_meth_set_create
BIO_meth_set_ctrl
BIO_meth_set_destroy
BIO_meth_set_gets
BIO_meth_set_puts
BIO_meth_set_read
BIO_meth_set_read_ex
BIO_meth_set_write
BIO_meth_set_write_ex
BIO_method_name
BIO_method_type
BIO_new
BIO_new_CMS
BIO_new_NDEF
BIO_new_PKCS7
BIO_new_accept
BIO_new_bio_pair
BIO_new_connect
BIO_new_dgram
BIO_new_fd
BIO_new_file
BIO_new_fp
BIO_new_mem_buf
BIO_new_socket
BIO_next
BIO_nread
BIO_nread0
BIO_number_read
BIO_number_written
BIO_nwrite
BIO_nwrite0
BIO_parse_hostserv
BIO_pop
BIO_printf
BIO_ptr_ctrl
BIO_push
BIO_puts
BIO_read
BIO_read_ex
BIO_s_accept
BIO_s_bio
BIO_s_connect
BIO_s_datagram
BIO_s_fd
BIO_s_file
BIO_s_log
BIO_s_mem
BIO_s_null
BIO_s_secmem
BIO_s_socket
BIO_set_callback
BIO_set_callback_arg
BIO_set_callback_ex
BIO_set_cipher
BIO_set_data
BIO_set_ex_data
BIO_set_flags
BIO_set_init
BIO_set_next
BIO_set_retry_reason
BIO_set_shutdown
BIO_set_tcp_ndelay
BIO_snprintf
BIO_sock_error
BIO_sock_info
BIO_sock_init
BIO_sock_non_fatal_error
BIO_sock_should_retry
BIO_socket
BIO_socket_ioctl
BIO_socket_nbio
BIO_test_flags
BIO_up_ref
BIO_vfree
BIO_vprintf
BIO_vsnprintf
BIO_write
BIO_write_ex
BN_BLINDING_convert
BN_BLINDING_convert_ex
BN_BLINDING_create_param
BN_BLINDING_free
BN_BLINDING_get_flags
BN_BLINDING_invert
BN_BLINDING_invert_ex
BN_BLINDING_is_current_thread
BN_BLINDING_lock
BN_BLINDING_new
BN_BLINDING_set_current_thread
BN_BLINDING_set_flags
BN_BLINDING_unlock
BN_BLINDING_update
BN_CTX_end
BN_CTX_free
BN_CTX_get
BN_CTX_new
BN_CTX_secure_new
BN_CTX_start
BN_GENCB_call
BN_GENCB_free
BN_GENCB_get_arg
BN_GENCB_new
BN_GENCB_set
BN_GENCB_set_old
BN_GF2m_add
BN_GF2m_arr2poly
BN_GF2m_mod
BN_GF2m_mod_arr
BN_GF2m_mod_div
BN_GF2m_mod_div_arr
BN_GF2m_mod_exp

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 828KB - Virtual size: 828KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.00cfg
Size: 512B - Virtual size: 373B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/libffi-8.dll
.dll windows:6 windows x64 arch:x64

3dc8b86d60f90a1851eee5f9dc191312

Code Sign

04:09:18:1b:5f:d5:bb:66:75:53:43:b5:6f:95:50:08
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

22/10/2013, 12:00

Not After

22/10/2028, 12:00

Subject

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

03:3e:d5:ed:a0:65:d1:b8:c9:1d:fc:f9:2a:6c:9b:d8
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Code Signing CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

18/12/2018, 00:00

Not After

22/12/2021, 12:00

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Wolfeboro,ST=New Hampshire,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:dd
Certificate

Issuer

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/01/2021, 00:00

Not After

06/01/2031, 00:00

Subject

CN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

07/01/2016, 12:00

Not After

07/01/2031, 12:00

Subject

CN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

74:b2:53:a2:a1:9d:ff:14:1f:a4:a9:5a:d7:38:01:ab:91:aa:23:05:80:91:cc:85:89:e1:23:42:64:8b:eb:89
Signer

Actual PE Digest

74:b2:53:a2:a1:9d:ff:14:1f:a4:a9:5a:d7:38:01:ab:91:aa:23:05:80:91:cc:85:89:e1:23:42:64:8b:eb:89

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetSystemInfo
VirtualAlloc
VirtualFree
VirtualQuery
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
DisableThreadLibraryCalls
InitializeSListHead
IsDebuggerPresent

vcruntime140

__C_specific_handler
__std_type_info_destroy_list
memset
memcpy

api-ms-win-crt-runtime-l1-1-0

abort
_initterm
_initterm_e
_seh_filter_dll
_configure_narrow_argv
_initialize_narrow_environment
_initialize_onexit_table
_execute_onexit_table
_cexit

Exports

Exports

ffi_call
ffi_call_go
ffi_closure_alloc
ffi_closure_free
ffi_get_struct_offsets
ffi_java_ptrarray_to_raw
ffi_java_raw_call
ffi_java_raw_size
ffi_java_raw_to_ptrarray
ffi_prep_cif
ffi_prep_cif_var
ffi_prep_closure
ffi_prep_closure_loc
ffi_prep_go_closure
ffi_prep_java_raw_closure
ffi_prep_java_raw_closure_loc
ffi_prep_raw_closure
ffi_prep_raw_closure_loc
ffi_ptrarray_to_raw
ffi_raw_call
ffi_raw_size
ffi_raw_to_ptrarray
ffi_type_double
ffi_type_float
ffi_type_pointer
ffi_type_sint16
ffi_type_sint32
ffi_type_sint64
ffi_type_sint8
ffi_type_uint16
ffi_type_uint32
ffi_type_uint64
ffi_type_uint8
ffi_type_void

Sections

.text
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/psutil/_psutil_windows.pyd
.dll windows:6 windows x64 arch:x64

7655a95700b7d9f6fc1f226e258e1235

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

psapi

GetProcessMemoryInfo
GetMappedFileNameW
GetPerformanceInfo
EnumProcesses

kernel32

FindNextVolumeMountPointA
FindFirstVolumeMountPointA
CreateFileA
GetDiskFreeSpaceExW
CloseHandle
GetLogicalDriveStringsA
lstrcmpA
Process32First
HeapFree
SetPriorityClass
SetProcessAffinityMask
TerminateProcess
GetProcessAffinityMask
Thread32Next
Thread32First
WaitForSingleObject
OpenProcess
CreateToolhelp32Snapshot
Process32Next
QueryDosDeviceA
HeapAlloc
GetPriorityClass
GetProcessHeap
GetThreadTimes
GetProcessHandleCount
GetProcessTimes
OpenThread
VirtualQueryEx
GetExitCodeProcess
EnterCriticalSection
GetCurrentProcess
LeaveCriticalSection
DuplicateHandle
GetExitCodeThread
TerminateThread
CreateThread
GetFileType
ReadProcessMemory
GetSystemPowerStatus
GetSystemTimeAsFileTime
RegisterWaitForSingleObject
CreateEventW
GetVolumeInformationA
SetErrorMode
GetDriveTypeA
DeviceIoControl
FindVolumeMountPointClose
SetLastError
LocalFree
LocalAlloc
GetSystemTimes
FreeLibrary
GetProcAddress
GetSystemInfo
LoadLibraryA
GetLastError
GetModuleHandleA
InitializeCriticalSection
GetProcessIoCounters
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
RtlCaptureContext
RtlLookupFunctionEntry
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind

advapi32

QueryServiceConfig2W
LookupAccountSidW
OpenProcessToken
ImpersonateSelf
CloseServiceHandle
OpenSCManagerA
ControlService
StartServiceA
EnumServicesStatusExW
QueryServiceConfigW
GetTokenInformation
QueryServiceStatusEx
OpenServiceA
AdjustTokenPrivileges
RevertToSelf
LookupPrivilegeValueA

shell32

CommandLineToArgvW

ws2_32

inet_ntop

powrprof

CallNtPowerInformation

pdh

PdhGetFormattedCounterValue
PdhCollectQueryDataEx
PdhAddEnglishCounterW
PdhOpenQueryW
PdhRemoveCounter
PdhCloseQuery
PdhCollectQueryData

python3

PyObject_IsTrue
PyArg_ParseTuple
PyErr_SetFromWindowsErrWithFilename
PyModule_Create2
PyEval_RestoreThread
PyErr_SetObject
PyEval_SaveThread
PyErr_SetString
PyObject_CallFunction
PyModule_AddIntConstant
PyExc_TypeError
PySequence_Check
PySequence_Contains
PyTuple_New
PyExc_RuntimeWarning
PyErr_WarnEx
PyList_SetItem
PyArg_ParseTupleAndKeywords
PyLong_FromLong
PyBool_FromLong
PyUnicode_FromString
_Py_TrueStruct
PyDict_SetItem
_Py_FalseStruct
PyUnicode_FromWideChar
PyErr_Format
PyMem_Free
PyErr_SetExcFromWindowsErrWithFilenameObject
PyDict_New
PyUnicode_AsWideCharString
PyDict_SetItemString
_Py_Dealloc
PyErr_NoMemory
PyList_Append
PyList_New
PyErr_SetFromWindowsErr
Py_BuildValue
PyExc_RuntimeError
PyErr_NewException
PyModule_GetState
PyExc_OSError
PyErr_Clear
PyModule_AddObject
_Py_NoneStruct

iphlpapi

GetAdaptersAddresses
GetIfTable
ConvertLengthToIpv4Mask
GetIfEntry2

vcruntime140

__C_specific_handler
strchr
memset
__std_type_info_destroy_list

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vsprintf_s
__stdio_common_vsprintf

api-ms-win-crt-environment-l1-1-0

getenv

api-ms-win-crt-heap-l1-1-0

calloc
free
malloc

api-ms-win-crt-string-l1-1-0

strcat_s
wcscpy_s
strcpy_s

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e
_initialize_narrow_environment
_cexit
_execute_onexit_table
_initialize_onexit_table

Exports

Exports

PyInit__psutil_windows

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/pyexpat.pyd
.dll windows:6 windows x64 arch:x64

c1efb4aba5d0a4e13411d9eacdb4e8d6

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

32:08:b0:bc:23:e7:6e:4a:3f:71:43:c0:cd:fb:7f:10:af:96:f6:48:68:99:ad:f8:c3:c0:c6:2f:b1:c1:1e:5b
Signer

Actual PE Digest

32:08:b0:bc:23:e7:6e:4a:3f:71:43:c0:cd:fb:7f:10:af:96:f6:48:68:99:ad:f8:c3:c0:c6:2f:b1:c1:1e:5b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\pyexpat.pdb

Imports

kernel32

GetCurrentProcessId
GetSystemTimeAsFileTime
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
RtlCaptureContext

python311

PyObject_Realloc
PyModuleDef_Init
PyObject_GC_Track
PyBytes_FromStringAndSize
PyExc_TypeError
PyType_FromModuleAndSpec
PyObject_IsTrue
PyErr_SetString
_PyUnicode_Ready
PyMem_Malloc
_PyLong_AsInt
PyErr_NoMemory
_PyObject_GC_New
PyUnicode_FromString
PyBuffer_Release
PyObject_Call
PyByteArray_Type
PyMem_Calloc
_PyArg_BadArgument
_Py_HashSecret
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
_PyObject_LookupAttr
PyMem_Free
_PyTraceback_Add
PyDict_New
PyDict_SetItem
PyCapsule_New
PyType_GetModuleState
PyUnicode_Decode
PyList_Append
PyModule_New
PyErr_NewException
PyList_New
PyObject_GetBuffer
PyUnicode_FromFormat
PyLong_AsLong
PyObject_GC_Del
PyModule_AddObject
PyCapsule_GetPointer
_PyImport_SetModule
PyModule_AddObjectRef
PyDescr_NewGetSet
PyObject_Free
_Py_Dealloc
PyType_IsSubtype
PyModule_AddStringConstant
PyErr_Format
PyExc_ValueError
_PyArg_UnpackKeywords
PyModule_GetState
PyObject_CallFunction
PyDict_GetItemWithError
Py_BuildValue
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_SetAttrString
PyExc_RuntimeError
PyUnicode_AsUTF8AndSize
PyUnicode_DecodeUTF8
PyErr_Occurred
PyModule_AddIntConstant
PyObject_Malloc
PyObject_CallOneArg
PyBool_FromLong
PyDict_SetDefault
PyErr_SetObject
PyUnicode_InternFromString
_PyByteArray_empty_string

vcruntime140

memcpy
memcmp
memset
__std_type_info_destroy_list
__C_specific_handler
strrchr
memmove

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vfprintf

api-ms-win-crt-heap-l1-1-0

malloc
realloc
free

api-ms-win-crt-convert-l1-1-0

strtoul

api-ms-win-crt-runtime-l1-1-0

_execute_onexit_table
_initialize_onexit_table
_configure_narrow_argv
_initterm_e
_initterm
_cexit
_initialize_narrow_environment
_errno
_seh_filter_dll

api-ms-win-crt-utility-l1-1-0

rand_s

api-ms-win-crt-environment-l1-1-0

getenv

Exports

Exports

PyInit_pyexpat

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/python3.dll
.dll windows:6 windows x64 arch:x64

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

b8:a1:86:b2:57:11:d8:b0:62:f7:bd:fc:09:ce:e3:2d:cd:81:a7:a9:b0:d3:bb:3f:a0:45:09:95:7a:2f:30:c9
Signer

Actual PE Digest

b8:a1:86:b2:57:11:d8:b0:62:f7:bd:fc:09:ce:e3:2d:cd:81:a7:a9:b0:d3:bb:3f:a0:45:09:95:7a:2f:30:c9

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\python3.pdb

Exports

Exports

PyAIter_Check
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_SizeFromFormat
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCMethod_New
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyClassMethodDescr_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_NameReplaceErrors
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_Unregister
PyCodec_XMLCharRefReplaceErrors
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictRevIterItem_Type
PyDictRevIterKey_Type
PyDictRevIterValue_Type
PyDictValues_Type
PyDict_Clear
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_FormatV
PyErr_GetExcInfo
PyErr_GetHandledException
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_ResourceWarning
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithFilenameObjects
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithFilenameObjects
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetHandledException
PyErr_SetImportError
PyErr_SetImportErrorSubclass
PyErr_SetInterrupt
PyErr_SetInterruptEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BaseExceptionGroup
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EncodingWarning
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionError
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyExceptionClass_Name
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Type
PyFrame_GetCode
PyFrame_GetLineNumber
PyFrozenSet_New
PyFrozenSet_Type
PyGC_Collect
PyGC_Disable
PyGC_Enable
PyGC_IsEnabled
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGetSetDescr_Type
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModule
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_ReloadModule
PyIndex_Check
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Get
PyInterpreterState_GetDict
PyInterpreterState_GetID
PyInterpreterState_New
PyIter_Check
PyIter_Next
PyIter_Send
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadObjectFromString
PyMarshal_WriteObjectToString
PyMem_Calloc
PyMem_Free
PyMem_Malloc
PyMem_Realloc
PyMemberDescr_Type
PyMember_GetOne
PyMember_SetOne
PyMemoryView_FromBuffer
PyMemoryView_FromMemory
PyMemoryView_FromObject
PyMemoryView_GetContiguous
PyMemoryView_Type
PyMethodDescr_Type
PyModuleDef_Init
PyModuleDef_Type
PyModule_AddFunctions
PyModule_AddIntConstant
PyModule_AddObject
PyModule_AddObjectRef
PyModule_AddStringConstant
PyModule_AddType
PyModule_Create2
PyModule_ExecDef
PyModule_FromDefAndSpec2
PyModule_GetDef
PyModule_GetDict
PyModule_GetFilename
PyModule_GetFilenameObject
PyModule_GetName
PyModule_GetNameObject
PyModule_GetState
PyModule_New
PyModule_NewObject
PyModule_SetDocString
PyModule_Type
PyNumber_Absolute
PyNumber_Add
PyNumber_And
PyNumber_AsSsize_t
PyNumber_Check
PyNumber_Divmod
PyNumber_Float
PyNumber_FloorDivide
PyNumber_InPlaceAdd
PyNumber_InPlaceAnd
PyNumber_InPlaceFloorDivide
PyNumber_InPlaceLshift
PyNumber_InPlaceMatrixMultiply
PyNumber_InPlaceMultiply
PyNumber_InPlaceOr
PyNumber_InPlacePower
PyNumber_InPlaceRemainder
PyNumber_InPlaceRshift
PyNumber_InPlaceSubtract
PyNumber_InPlaceTrueDivide
PyNumber_InPlaceXor
PyNumber_Index
PyNumber_Invert
PyNumber_Long
PyNumber_Lshift
PyNumber_MatrixMultiply
PyNumber_Multiply
PyNumber_Negative
PyNumber_Or
PyNumber_Positive
PyNumber_Power
PyNumber_Remainder
PyNumber_Rshift
PyNumber_Subtract
PyNumber_ToBase
PyNumber_TrueDivide
PyNumber_Xor
PyOS_CheckStack
PyOS_FSPath
PyOS_InputHook
PyOS_InterruptOccurred
PyOS_double_to_string
PyOS_getsig
PyOS_mystricmp
PyOS_mystrnicmp
PyOS_setsig
PyOS_snprintf
PyOS_string_to_double
PyOS_strtol
PyOS_strtoul
PyOS_vsnprintf
PyObject_ASCII
PyObject_AsCharBuffer
PyObject_AsFileDescriptor
PyObject_AsReadBuffer
PyObject_AsWriteBuffer
PyObject_Bytes
PyObject_Call
PyObject_CallFunction
PyObject_CallFunctionObjArgs
PyObject_CallMethod
PyObject_CallMethodObjArgs
PyObject_CallNoArgs
PyObject_CallObject
PyObject_Calloc
PyObject_CheckBuffer
PyObject_CheckReadBuffer
PyObject_ClearWeakRefs
PyObject_CopyData
PyObject_DelItem
PyObject_DelItemString
PyObject_Dir
PyObject_Format
PyObject_Free
PyObject_GC_Del
PyObject_GC_IsFinalized
PyObject_GC_IsTracked
PyObject_GC_Track
PyObject_GC_UnTrack
PyObject_GenericGetAttr
PyObject_GenericGetDict
PyObject_GenericSetAttr
PyObject_GenericSetDict
PyObject_GetAIter
PyObject_GetAttr
PyObject_GetAttrString
PyObject_GetBuffer
PyObject_GetItem
PyObject_GetIter
PyObject_HasAttr
PyObject_HasAttrString

Sections

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/python311.dll
.dll windows:6 windows x64 arch:x64

7bcba99f43dec2147effa329c42a4378

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

bc:95:c6:6b:ab:de:29:48:88:75:59:e1:db:8d:06:5d:9e:00:89:b0:98:96:89:a7:32:62:84:6c:9d:0d:6b:3d
Signer

Actual PE Digest

bc:95:c6:6b:ab:de:29:48:88:75:59:e1:db:8d:06:5d:9e:00:89:b0:98:96:89:a7:32:62:84:6c:9d:0d:6b:3d

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\python311.pdb

Imports

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

ws2_32

getsockopt
send
WSAGetLastError

api-ms-win-core-path-l1-1-0

PathCchSkipRoot
PathCchCombineEx
PathCchFindExtension

bcrypt

BCryptGenRandom

advapi32

RegEnumKeyExW
RegDeleteKeyExW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegSetValueExW
RegLoadKeyW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueW
RegEnumValueW
GetUserNameW
RegQueryValueExW
RegOpenKeyExW
OpenProcessToken
AdjustTokenPrivileges
LookupPrivilegeValueA
RegCloseKey
RegSetValueW

kernel32

HeapAlloc
GetProcessHeap
IsDebuggerPresent
InitializeSListHead
GetCurrentProcessId
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
TlsGetValue
TlsFree
GetCurrentThread
GetModuleFileNameW
CompareStringOrdinal
GetFileAttributesW
GetLocaleInfoA
GetACP
RemoveVectoredExceptionHandler
SetErrorMode
RaiseException
AddVectoredExceptionHandler
GetCurrentProcess
SetEndOfFile
UnmapViewOfFile
DuplicateHandle
GetLastError
FlushViewOfFile
CloseHandle
GetSystemInfo
SetFilePointerEx
CreateFileMappingA
GetFileSize
OpenFileMappingA
MapViewOfFile
CreateDirectoryW
GetFileInformationByHandleEx
FindFirstFileW
Process32First
SetHandleInformation
GetConsoleScreenBufferInfo
SetLastError
GetHandleInformation
GetFullPathNameW
FindNextFileW
GetStdHandle
DeviceIoControl
TerminateProcess
RemoveDirectoryW
GetFinalPathNameByHandleW
SetFileTime
SetEnvironmentVariableW
CreatePipe
CreateHardLinkW
FindClose
GetVolumePathNameW
CreateFileW
OpenProcess
SetFileAttributesW
CreateToolhelp32Snapshot
GetFileInformationByHandle
GetFileAttributesExW
GetDiskFreeSpaceExW
DeleteFileW
Process32Next
LoadLibraryW
GetActiveProcessorCount
GetCurrentDirectoryW
SetCurrentDirectoryW
GetProcAddress
MoveFileExW
GetModuleHandleW
CreateSymbolicLinkW
GetSystemTimeAsFileTime
GetFileType
GetProcessTimes
GenerateConsoleCtrlEvent
SetEvent
CreateEventA
WaitForMultipleObjects
WaitForSingleObject
Sleep
GetTimeZoneInformation
TlsAlloc
SetWaitableTimerEx
ResetEvent
GetThreadTimes
CreateWaitableTimerExW
MultiByteToWideChar
GetConsoleMode
ReadConsoleW
WaitForSingleObjectEx
WriteConsoleW
GetNumberOfConsoleInputEvents
WideCharToMultiByte
GetStringTypeW
ReadFile
CancelIo
SetNamedPipeHandleState
WaitNamedPipeA
CreateNamedPipeA
WriteFile
InitializeProcThreadAttributeList
PeekNamedPipe
OpenFileMappingW
GetModuleHandleA
GetVersion
LCMapStringEx
UpdateProcThreadAttribute
CreateFileA
DeleteProcThreadAttributeList
GetOverlappedResult
ExitProcess
CreateProcessW
CreateFileMappingW
VirtualQuery
ConnectNamedPipe
GetExitCodeProcess
VirtualFree
VirtualAlloc
ExpandEnvironmentStringsW
GetErrorMode
EnterCriticalSection
ReleaseSemaphore
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateSemaphoreA
FormatMessageW
FreeLibrary
LoadLibraryExW
LocalFree
GetConsoleOutputCP
GetConsoleCP
OutputDebugStringW
GetSystemTimeAdjustment
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
GetVersionExW
TlsSetValue
HeapFree
GetCurrentThreadId

vcruntime140

memchr
memcmp
memmove
memcpy
wcschr
strrchr
wcsrchr
strchr
__C_specific_handler
__std_type_info_destroy_list
memset

api-ms-win-crt-stdio-l1-1-0

_open_osfhandle
__stdio_common_vfprintf
_wfopen
setvbuf
__stdio_common_vswprintf
fclose
__stdio_common_vsprintf
_setmode
rewind
__acrt_iob_func
_commit
_locking
_wopen
_kbhit
getc
ungetc
_lseeki64
ftell
fflush
feof
fgets
_get_osfhandle
_chsize_s
fputs
_isatty
_fileno
_lseek
_dup2
ferror
_close
fputc
fwrite
_open
_read
_dup
_write
fread
clearerr
puts

api-ms-win-crt-environment-l1-1-0

getenv
_wputenv_s
_wgetcwd
_wgetenv
__p__wenviron
_wputenv

api-ms-win-crt-locale-l1-1-0

localeconv
setlocale

api-ms-win-crt-string-l1-1-0

wcscmp
wcsncmp
strcmp
wcsnlen
wcsncpy_s
strncmp
isalnum
wcscat_s
tolower
toupper
strcspn
wcscoll
isxdigit
wcstok_s
wcsxfrm
isdigit
_stricmp
strncpy
_wcsicmp
wcscpy_s

api-ms-win-crt-runtime-l1-1-0

_cexit
__fpe_flt_rounds
_getpid
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_set_abort_behavior
signal
_exit
_initterm
raise
abort
_initialize_onexit_table
_beginthreadex
__sys_errlist
__sys_nerr
_endthreadex
_wsystem
exit
_errno
strerror
_execute_onexit_table
_set_thread_local_invalid_parameter_handler

api-ms-win-crt-convert-l1-1-0

mbstowcs
wcstol
strtoul
strtol
wcstombs

api-ms-win-crt-math-l1-1-0

exp2
tanh
erfc
sqrt
cbrt
cosh
erf
pow
log10
frexp
fmod
floor
tan
atan
atan2
_fdclass
_dclass
nextafter
exp
fabs
acosh
log1p
log
acos
expm1
_fdopen
atanh
asin
copysign
ldexp
hypot
asinh
modf
sin
round
sinh
cos
ceil

api-ms-win-crt-time-l1-1-0

__timezone
_tzset
strftime
clock
_time64
_mktime64
__daylight
_gmtime64_s
_localtime64_s

api-ms-win-crt-process-l1-1-0

_wexecv
_wspawnv
_wexecve
_cwait
_wspawnve

api-ms-win-crt-heap-l1-1-0

free
malloc
_heapmin
realloc
calloc

api-ms-win-crt-conio-l1-1-0

_putwch
_ungetwch
_getwche
_getche
_getch
_ungetch
_putch
_getwch

api-ms-win-crt-filesystem-l1-1-0

_umask
_wstat64i32

Exports

Exports

PyAIter_Check
PyArg_Parse
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
PyArg_VaParse
PyArg_VaParseTupleAndKeywords
PyArg_ValidateKeywordArguments
PyAsyncGen_New
PyAsyncGen_Type
PyBaseObject_Type
PyBool_FromLong
PyBool_Type
PyBuffer_FillContiguousStrides
PyBuffer_FillInfo
PyBuffer_FromContiguous
PyBuffer_GetPointer
PyBuffer_IsContiguous
PyBuffer_Release
PyBuffer_SizeFromFormat
PyBuffer_ToContiguous
PyByteArrayIter_Type
PyByteArray_AsString
PyByteArray_Concat
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyByteArray_Resize
PyByteArray_Size
PyByteArray_Type
PyBytesIter_Type
PyBytes_AsString
PyBytes_AsStringAndSize
PyBytes_Concat
PyBytes_ConcatAndDel
PyBytes_DecodeEscape
PyBytes_FromFormat
PyBytes_FromFormatV
PyBytes_FromObject
PyBytes_FromString
PyBytes_FromStringAndSize
PyBytes_Repr
PyBytes_Size
PyBytes_Type
PyCFunction_Call
PyCFunction_GetFlags
PyCFunction_GetFunction
PyCFunction_GetSelf
PyCFunction_New
PyCFunction_NewEx
PyCFunction_Type
PyCMethod_New
PyCMethod_Type
PyCallIter_New
PyCallIter_Type
PyCallable_Check
PyCapsule_GetContext
PyCapsule_GetDestructor
PyCapsule_GetName
PyCapsule_GetPointer
PyCapsule_Import
PyCapsule_IsValid
PyCapsule_New
PyCapsule_SetContext
PyCapsule_SetDestructor
PyCapsule_SetName
PyCapsule_SetPointer
PyCapsule_Type
PyCell_Get
PyCell_New
PyCell_Set
PyCell_Type
PyClassMethodDescr_Type
PyClassMethod_New
PyClassMethod_Type
PyCode_Addr2Line
PyCode_Addr2Location
PyCode_GetCellvars
PyCode_GetCode
PyCode_GetFreevars
PyCode_GetVarnames
PyCode_New
PyCode_NewEmpty
PyCode_NewWithPosOnlyArgs
PyCode_Optimize
PyCode_Type
PyCodec_BackslashReplaceErrors
PyCodec_Decode
PyCodec_Decoder
PyCodec_Encode
PyCodec_Encoder
PyCodec_IgnoreErrors
PyCodec_IncrementalDecoder
PyCodec_IncrementalEncoder
PyCodec_KnownEncoding
PyCodec_LookupError
PyCodec_NameReplaceErrors
PyCodec_Register
PyCodec_RegisterError
PyCodec_ReplaceErrors
PyCodec_StreamReader
PyCodec_StreamWriter
PyCodec_StrictErrors
PyCodec_Unregister
PyCodec_XMLCharRefReplaceErrors
PyCompile_OpcodeStackEffect
PyCompile_OpcodeStackEffectWithJump
PyComplex_AsCComplex
PyComplex_FromCComplex
PyComplex_FromDoubles
PyComplex_ImagAsDouble
PyComplex_RealAsDouble
PyComplex_Type
PyConfig_Clear
PyConfig_InitIsolatedConfig
PyConfig_InitPythonConfig
PyConfig_Read
PyConfig_SetArgv
PyConfig_SetBytesArgv
PyConfig_SetBytesString
PyConfig_SetString
PyConfig_SetWideStringList
PyContextToken_Type
PyContextVar_Get
PyContextVar_New
PyContextVar_Reset
PyContextVar_Set
PyContextVar_Type
PyContext_Copy
PyContext_CopyCurrent
PyContext_Enter
PyContext_Exit
PyContext_New
PyContext_Type
PyCoro_New
PyCoro_Type
PyDescr_IsData
PyDescr_NewClassMethod
PyDescr_NewGetSet
PyDescr_NewMember
PyDescr_NewMethod
PyDescr_NewWrapper
PyDictItems_Type
PyDictIterItem_Type
PyDictIterKey_Type
PyDictIterValue_Type
PyDictKeys_Type
PyDictProxy_New
PyDictProxy_Type
PyDictRevIterItem_Type
PyDictRevIterKey_Type
PyDictRevIterValue_Type
PyDictValues_Type
PyDict_Clear
PyDict_Contains
PyDict_Copy
PyDict_DelItem
PyDict_DelItemString
PyDict_GetItem
PyDict_GetItemString
PyDict_GetItemWithError
PyDict_Items
PyDict_Keys
PyDict_Merge
PyDict_MergeFromSeq2
PyDict_New
PyDict_Next
PyDict_SetDefault
PyDict_SetItem
PyDict_SetItemString
PyDict_Size
PyDict_Type
PyDict_Update
PyDict_Values
PyEllipsis_Type
PyEnum_Type
PyErr_BadArgument
PyErr_BadInternalCall
PyErr_CheckSignals
PyErr_Clear
PyErr_Display
PyErr_ExceptionMatches
PyErr_Fetch
PyErr_Format
PyErr_FormatV
PyErr_GetExcInfo
PyErr_GetHandledException
PyErr_GivenExceptionMatches
PyErr_NewException
PyErr_NewExceptionWithDoc
PyErr_NoMemory
PyErr_NormalizeException
PyErr_Occurred
PyErr_Print
PyErr_PrintEx
PyErr_ProgramText
PyErr_ProgramTextObject
PyErr_RangedSyntaxLocationObject
PyErr_ResourceWarning
PyErr_Restore
PyErr_SetExcFromWindowsErr
PyErr_SetExcFromWindowsErrWithFilename
PyErr_SetExcFromWindowsErrWithFilenameObject
PyErr_SetExcFromWindowsErrWithFilenameObjects
PyErr_SetExcInfo
PyErr_SetFromErrno
PyErr_SetFromErrnoWithFilename
PyErr_SetFromErrnoWithFilenameObject
PyErr_SetFromErrnoWithFilenameObjects
PyErr_SetFromWindowsErr
PyErr_SetFromWindowsErrWithFilename
PyErr_SetHandledException
PyErr_SetImportError
PyErr_SetImportErrorSubclass
PyErr_SetInterrupt
PyErr_SetInterruptEx
PyErr_SetNone
PyErr_SetObject
PyErr_SetString
PyErr_SyntaxLocation
PyErr_SyntaxLocationEx
PyErr_SyntaxLocationObject
PyErr_WarnEx
PyErr_WarnExplicit
PyErr_WarnExplicitFormat
PyErr_WarnExplicitObject
PyErr_WarnFormat
PyErr_WriteUnraisable
PyEval_AcquireLock
PyEval_AcquireThread
PyEval_CallFunction
PyEval_CallMethod
PyEval_CallObjectWithKeywords
PyEval_EvalCode
PyEval_EvalCodeEx
PyEval_EvalFrame
PyEval_EvalFrameEx
PyEval_GetBuiltins
PyEval_GetFrame
PyEval_GetFuncDesc
PyEval_GetFuncName
PyEval_GetGlobals
PyEval_GetLocals
PyEval_InitThreads
PyEval_MergeCompilerFlags
PyEval_ReleaseLock
PyEval_ReleaseThread
PyEval_RestoreThread
PyEval_SaveThread
PyEval_SetProfile
PyEval_SetTrace
PyEval_ThreadsInitialized
PyExc_ArithmeticError
PyExc_AssertionError
PyExc_AttributeError
PyExc_BaseException
PyExc_BaseExceptionGroup
PyExc_BlockingIOError
PyExc_BrokenPipeError
PyExc_BufferError
PyExc_BytesWarning
PyExc_ChildProcessError
PyExc_ConnectionAbortedError
PyExc_ConnectionError
PyExc_ConnectionRefusedError
PyExc_ConnectionResetError
PyExc_DeprecationWarning
PyExc_EOFError
PyExc_EncodingWarning
PyExc_EnvironmentError
PyExc_Exception
PyExc_FileExistsError
PyExc_FileNotFoundError
PyExc_FloatingPointError
PyExc_FutureWarning
PyExc_GeneratorExit
PyExc_IOError
PyExc_ImportError
PyExc_ImportWarning
PyExc_IndentationError
PyExc_IndexError
PyExc_InterruptedError
PyExc_IsADirectoryError
PyExc_KeyError
PyExc_KeyboardInterrupt
PyExc_LookupError
PyExc_MemoryError
PyExc_ModuleNotFoundError
PyExc_NameError
PyExc_NotADirectoryError
PyExc_NotImplementedError
PyExc_OSError
PyExc_OverflowError
PyExc_PendingDeprecationWarning
PyExc_PermissionError
PyExc_ProcessLookupError
PyExc_RecursionError
PyExc_ReferenceError
PyExc_ResourceWarning
PyExc_RuntimeError
PyExc_RuntimeWarning
PyExc_StopAsyncIteration
PyExc_StopIteration
PyExc_SyntaxError
PyExc_SyntaxWarning
PyExc_SystemError
PyExc_SystemExit
PyExc_TabError
PyExc_TimeoutError
PyExc_TypeError
PyExc_UnboundLocalError
PyExc_UnicodeDecodeError
PyExc_UnicodeEncodeError
PyExc_UnicodeError
PyExc_UnicodeTranslateError
PyExc_UnicodeWarning
PyExc_UserWarning
PyExc_ValueError
PyExc_Warning
PyExc_WindowsError
PyExc_ZeroDivisionError
PyExceptionClass_Name
PyException_GetCause
PyException_GetContext
PyException_GetTraceback
PyException_SetCause
PyException_SetContext
PyException_SetTraceback
PyFile_FromFd
PyFile_GetLine
PyFile_NewStdPrinter
PyFile_OpenCode
PyFile_OpenCodeObject
PyFile_SetOpenCodeHook
PyFile_WriteObject
PyFile_WriteString
PyFilter_Type
PyFloat_AsDouble
PyFloat_FromDouble
PyFloat_FromString
PyFloat_GetInfo
PyFloat_GetMax
PyFloat_GetMin
PyFloat_Pack2
PyFloat_Pack4
PyFloat_Pack8
PyFloat_Type
PyFloat_Unpack2
PyFloat_Unpack4
PyFloat_Unpack8
PyFrame_FastToLocals
PyFrame_FastToLocalsWithError
PyFrame_GetBack
PyFrame_GetBuiltins
PyFrame_GetCode
PyFrame_GetGenerator
PyFrame_GetGlobals
PyFrame_GetLasti
PyFrame_GetLineNumber
PyFrame_GetLocals
PyFrame_LocalsToFast
PyFrame_New
PyFrame_Type
PyFrozenSet_New
PyFrozenSet_Type
PyFunction_GetAnnotations
PyFunction_GetClosure
PyFunction_GetCode
PyFunction_GetDefaults
PyFunction_GetGlobals
PyFunction_GetKwDefaults
PyFunction_GetModule
PyFunction_New
PyFunction_NewWithQualName
PyFunction_SetAnnotations
PyFunction_SetClosure
PyFunction_SetDefaults
PyFunction_SetKwDefaults
PyFunction_Type
PyGC_Collect
PyGC_Disable
PyGC_Enable
PyGC_IsEnabled
PyGILState_Check
PyGILState_Ensure
PyGILState_GetThisThreadState
PyGILState_Release
PyGen_New
PyGen_NewWithQualName
PyGen_Type
PyGetSetDescr_Type
PyHash_GetFuncDef
PyImport_AddModule
PyImport_AddModuleObject
PyImport_AppendInittab
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_ExecCodeModuleObject
PyImport_ExecCodeModuleWithPathnames
PyImport_ExtendInittab
PyImport_FrozenModules
PyImport_GetImporter
PyImport_GetMagicNumber
PyImport_GetMagicTag
PyImport_GetModule
PyImport_GetModuleDict
PyImport_Import
PyImport_ImportFrozenModule
PyImport_ImportFrozenModuleObject
PyImport_ImportModule
PyImport_ImportModuleLevel
PyImport_ImportModuleLevelObject
PyImport_ImportModuleNoBlock
PyImport_Inittab
PyImport_ReloadModule
PyIndex_Check
PyInstanceMethod_Function
PyInstanceMethod_New
PyInstanceMethod_Type
PyInterpreterState_Clear
PyInterpreterState_Delete
PyInterpreterState_Get
PyInterpreterState_GetDict
PyInterpreterState_GetID
PyInterpreterState_Head
PyInterpreterState_Main
PyInterpreterState_New
PyInterpreterState_Next
PyInterpreterState_ThreadHead
PyIter_Check
PyIter_Next
PyIter_Send
PyListIter_Type
PyListRevIter_Type
PyList_Append
PyList_AsTuple
PyList_GetItem
PyList_GetSlice
PyList_Insert
PyList_New
PyList_Reverse
PyList_SetItem
PyList_SetSlice
PyList_Size
PyList_Sort
PyList_Type
PyLongRangeIter_Type
PyLong_AsDouble
PyLong_AsLong
PyLong_AsLongAndOverflow
PyLong_AsLongLong
PyLong_AsLongLongAndOverflow
PyLong_AsSize_t
PyLong_AsSsize_t
PyLong_AsUnsignedLong
PyLong_AsUnsignedLongLong
PyLong_AsUnsignedLongLongMask
PyLong_AsUnsignedLongMask
PyLong_AsVoidPtr
PyLong_FromDouble
PyLong_FromLong
PyLong_FromLongLong
PyLong_FromSize_t
PyLong_FromSsize_t
PyLong_FromString
PyLong_FromUnicodeObject
PyLong_FromUnsignedLong
PyLong_FromUnsignedLongLong
PyLong_FromVoidPtr
PyLong_GetInfo
PyLong_Type
PyMap_Type
PyMapping_Check
PyMapping_GetItemString
PyMapping_HasKey
PyMapping_HasKeyString
PyMapping_Items
PyMapping_Keys
PyMapping_Length
PyMapping_SetItemString
PyMapping_Size
PyMapping_Values
PyMarshal_ReadLastObjectFromFile
PyMarshal_ReadLongFromFile
PyMarshal_ReadObjectFromFile
PyMarshal_ReadObjectFromString
PyMarshal_ReadShortFromFile
PyMarshal_WriteLongToFile
PyMarshal_WriteObjectToFile
PyMarshal_WriteObjectToString
PyMem_Calloc
PyMem_Free
PyMem_GetAllocator
PyMem_Malloc
PyMem_RawCalloc
PyMem_RawFree
PyMem_RawMalloc
PyMem_RawRealloc
PyMem_Realloc
PyMem_SetAllocator
PyMem_SetupDebugHooks

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.0MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

PyRuntim
Size: 163KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/pythoncom311.dll
.dll windows:6 windows x64 arch:x64

1b264cd576a6b6117b47db03980bc455

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\pythoncom.pdb

Imports

oleaut32

VariantCopyInd
SafeArrayGetElement
SafeArrayPutElement
SysStringLen
SafeArrayCreate
VariantChangeType
LHashValOfNameSys
UnRegisterTypeLi
LoadRegTypeLi
LoadTypeLi
RegisterTypeLi
QueryPathOfRegTypeLi
RegisterActiveObject
CreateTypeLi
CreateTypeLib2
GetActiveObject
RevokeActiveObject
SafeArrayGetDim
GetRecordInfoFromTypeInfo
SafeArrayGetUBound
SafeArrayGetLBound
GetRecordInfoFromGuids
SafeArrayGetRecordInfo
SafeArrayUnaccessData
SafeArrayAccessData
VariantInit
SysAllocString
VariantClear
SetErrorInfo
CreateErrorInfo
SysFreeString
GetErrorInfo
SafeArrayDestroy

ole32

CoInitialize
RevokeDragDrop
GetRunningObjectTable
CoGetObject
CoEnableCallCancellation
ProgIDFromCLSID
MkParseDisplayName
CoRevokeClassObject
OleFlushClipboard
CreateItemMoniker
CreateFileMoniker
CoFreeUnusedLibraries
CreatePointerMoniker
CoGetInterfaceAndReleaseStream
OleGetClipboard
OleLoadFromStream
CoMarshalInterThreadInterfaceInStream
CoUnmarshalInterface
RegisterDragDrop
CoResumeClassObjects
OleInitialize
CoDisableCallCancellation
CoReleaseMarshalData
CoUninitialize
OleIsCurrentClipboard
CoRegisterClassObject
OleSetClipboard
StringFromGUID2
DoDragDrop
CoMarshalInterface
CoTaskMemFree
OleLoad
CoTreatAsClass
CoCreateFreeThreadedMarshaler
CoCreateInstance
CreateBindCtx
CoCreateGuid
CoTaskMemAlloc
GetClassFile
OleSaveToStream
StgOpenStorageOnILockBytes
StgCreateDocfile
StgOpenStorage
ReadClassStg
CreateStreamOnHGlobal
WriteClassStm
CreateILockBytesOnHGlobal
WriteClassStg
CoGetCallContext
StgCreateDocfileOnILockBytes
PropVariantClear
StgIsStorageFile
ReadClassStm
ReleaseStgMedium

user32

TranslateMessage
PeekMessageW
DispatchMessageW
PostThreadMessageW
GetMessageW
wsprintfW

python311

PyExc_NotImplementedError
PyErr_WarnEx
_Py_FalseStruct
PyExc_PendingDeprecationWarning
PyLong_AsUnsignedLongMask
PyModule_Create2
PyErr_Format
PyErr_NewException
_Py_TrueStruct
Py_FrozenFlag
PyBytes_FromString
PyMapping_HasKey
PyDict_SetItem
PyLong_FromVoidPtr
PyRun_SimpleFileExFlags
PySys_SetObject
Py_Initialize
Py_IsInitialized
PyList_Append
PySys_SetArgv
PyUnicode_FromFormat
PyObject_GenericSetAttr
PyExc_IndexError
_PyArg_Parse_SizeT
PySequence_Tuple
PyLong_FromUnsignedLong
_PyBytes_Resize
PyFloat_AsDouble
PyLong_AsUnsignedLongLong
PyFloat_FromDouble
PyFloat_Type
PyType_IsSubtype
PyObject_IsTrue
PyLong_AsUnsignedLong
PyMem_Malloc
PyLong_FromSsize_t
PyObject_SetAttrString
PyLong_FromUnsignedLongLong
PyLong_FromLongLong
PyExc_OverflowError
PyMemoryView_Type
PyLong_AsDouble
_PyLong_Sign
PyObject_HasAttrString
PyObject_Str
PyByteArray_Type
PyNumber_Float
_PyLong_NumBits
PyEval_CallObjectWithKeywords
PyCapsule_IsValid
PyCapsule_GetPointer
PyCapsule_New
PyLong_Type
PyBytes_FromStringAndSize
PyDict_GetItemString
PyErr_NoMemory
PyObject_RichCompareBool
PyList_New
PyModule_GetDict
PyUnicode_Concat
PyUnicode_FromString
_Py_NotImplementedStruct
PyType_Ready
PyUnicode_AsUTF8
PyErr_ExceptionMatches
PyBool_FromLong
PyObject_Size
PyNumber_Check
PyTuple_SetItem
PySequence_Check
PyTuple_Size
PyTuple_GetItem
PyLong_FromDouble
_Py_VaBuildValue_SizeT
PyExc_AttributeError
PyLong_AsVoidPtr
PyDict_GetItem
PyMem_Free
PyObject_IsInstance
PyUnicode_AsWideCharString
_PyArg_ParseTupleAndKeywords_SizeT
PyExc_ValueError
PyLong_AsLongLong
_PyObject_CallFunction_SizeT
PyType_Type
PySeqIter_New
PyObject_IsSubclass
_Py_NewReference
PyExc_StopIteration
PyTuple_New
PyErr_SetNone
PyObject_GenericGetAttr
PySequence_GetItem
PySequence_Size
PyEval_RestoreThread
PyObject_Call
PyErr_Print
PyExc_TypeError
PyNumber_Long
PyGILState_Ensure
PyFile_WriteObject
PyDict_New
PyErr_Clear
_PyObject_CallMethod_SizeT
PyObject_GetAttrString
PyLong_AsLong
PyErr_Fetch
_PyArg_ParseTuple_SizeT
PyErr_SetString
PyDict_SetItemString
_Py_NoneStruct
PyGILState_Release
PySys_GetObject
PyExc_MemoryError
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyErr_Occurred
PyErr_NormalizeException
PyImport_ImportModule
_Py_BuildValue_SizeT
PyErr_GivenExceptionMatches
PyErr_SetObject
PyObject_Repr
_Py_Dealloc
PyLong_AsSsize_t
PyErr_Restore

pywintypes311

?PyWinObject_AsDATE@@YAHPEAU_object@@PEAN@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
??0PyWinBufferView@@QEAA@XZ
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinObject_AsLARGE_INTEGER@@YAHPEAU_object@@PEAT_LARGE_INTEGER@@@Z
?PyWinObject_FromDATE@@YAPEAU_object@@N@Z
?PyWinObject_FreeWCHARArray@@YAXPEAPEA_WK@Z
?PyWinObject_AsWCHARArray@@YAHPEAU_object@@PEAPEAPEA_WPEAKH@Z
?PyWinObject_FromLARGE_INTEGER@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FreeTaskAllocatedWCHAR@@YAXPEA_W@Z
?PyWinObject_AsTaskAllocatedWCHAR@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWin_ReleaseGlobalLock@@YAXXZ
?PyWin_AcquireGlobalLock@@YAXXZ
?PyWinCoreString_FromString@@YAPEAU_object@@PEBD_J@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?FreeAbsoluteSD@@YAXPEAX@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?_MakeAbsoluteSD@@YAHPEAXPEAPEAX@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWinMethod_NewIID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTime@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
??1PyWinBufferView@@QEAA@XZ
?ok@PyWinBufferView@@QEAA_NXZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?len@PyWinBufferView@@QEAAKXZ
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
??BPyWin_AutoFreeBstr@@QEAAPEA_WXZ
?PyWinObject_FreeBstr@@YAXPEA_W@Z
??0PyWin_AutoFreeBstr@@QEAA@PEA_W@Z
??1PyWin_AutoFreeBstr@@QEAA@XZ
?SetBstr@PyWin_AutoFreeBstr@@QEAAXPEA_W@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinTime_Check@@YAHPEAU_object@@@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsFILETIME@@YAHPEAU_object@@PEAU_FILETIME@@@Z
?PyWinObject_AsIID@@YAHPEAU_object@@PEAU_GUID@@@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_FromBstr@@YAPEAU_object@@QEA_WH@Z
?PyWinExc_COMError@@3PEAU_object@@EA
?GetPythonTraceback@@YAPEA_WPEAU_object@@00@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyWinObject_AsBstr@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z

kernel32

FormatMessageW
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
VirtualAlloc
VirtualFree
VirtualProtect
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
DisableThreadLibraryCalls
GetCurrentThreadId
LoadLibraryW
GetModuleHandleW
GetProcAddress
OutputDebugStringW

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__current_exception
__C_specific_handler
__current_exception_context
__std_terminate
__std_exception_copy
__std_exception_destroy
memcpy
_CxxThrowException
memset
__std_type_info_destroy_list
_purecall

api-ms-win-crt-stdio-l1-1-0

fopen
__stdio_common_vswprintf
__acrt_iob_func
__stdio_common_vsprintf
fclose
__stdio_common_vfprintf
__stdio_common_vfwprintf

api-ms-win-crt-string-l1-1-0

wcsncpy
strcmp

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-utility-l1-1-0

qsort

api-ms-win-crt-runtime-l1-1-0

_initterm
_crt_at_quick_exit
_initterm_e
terminate
__p___wargv
_configure_narrow_argv
_seh_filter_dll
_cexit
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit

Exports

Exports

??0CPyFactory@@QEAA@AEBU_GUID@@@Z
??0CPyFactory@@QEAA@AEBV0@@Z
??0PyComEnumProviderTypeObject@@QEAA@PEBDPEAVPyComTypeObject@@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z0@Z
??0PyComEnumTypeObject@@QEAA@PEBDPEAVPyComTypeObject@@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z@Z
??0PyComTypeObject@@QEAA@PEBDPEAV0@_JPEAUPyMethodDef@@P6APEAVPyIUnknown@@PEAUIUnknown@@@Z@Z
??0PyGOleWindow@@IEAA@PEAU_object@@@Z
??0PyGOleWindow@@QEAA@$$QEAV0@@Z
??0PyGOleWindow@@QEAA@AEBV0@@Z
??0PyGPersist@@IEAA@PEAU_object@@@Z
??0PyGPersist@@QEAA@$$QEAV0@@Z
??0PyGPersist@@QEAA@AEBV0@@Z
??0PyGatewayBase@@IEAA@PEAU_object@@@Z
??0PyGatewayBase@@QEAA@AEBV0@@Z
??0PyIBase@@IEAA@XZ
??0PyIBase@@QEAA@AEBV0@@Z
??0PyIBindCtx@@IEAA@PEAUIUnknown@@@Z
??0PyIBindCtx@@QEAA@AEBV0@@Z
??0PyIClassFactory@@IEAA@PEAUIUnknown@@@Z
??0PyIClassFactory@@QEAA@AEBV0@@Z
??0PyIConnectionPoint@@IEAA@PEAUIUnknown@@@Z
??0PyIConnectionPoint@@QEAA@AEBV0@@Z
??0PyIConnectionPointContainer@@IEAA@PEAUIUnknown@@@Z
??0PyIConnectionPointContainer@@QEAA@AEBV0@@Z
??0PyIDispatch@@IEAA@PEAUIUnknown@@@Z
??0PyIDispatch@@QEAA@AEBV0@@Z
??0PyIDispatchEx@@IEAA@PEAUIUnknown@@@Z
??0PyIDispatchEx@@QEAA@AEBV0@@Z
??0PyIEnumMoniker@@IEAA@PEAUIUnknown@@@Z
??0PyIEnumMoniker@@QEAA@AEBV0@@Z
??0PyIEnumVARIANT@@IEAA@PEAUIUnknown@@@Z
??0PyIEnumVARIANT@@QEAA@AEBV0@@Z
??0PyIMoniker@@IEAA@PEAUIUnknown@@@Z
??0PyIMoniker@@QEAA@AEBV0@@Z
??0PyIOleWindow@@IEAA@PEAUIUnknown@@@Z
??0PyIOleWindow@@QEAA@AEBV0@@Z
??0PyIPersist@@IEAA@PEAUIUnknown@@@Z
??0PyIPersist@@QEAA@AEBV0@@Z
??0PyIPersistStream@@IEAA@PEAUIUnknown@@@Z
??0PyIPersistStream@@QEAA@AEBV0@@Z
??0PyIPersistStreamInit@@IEAA@PEAUIUnknown@@@Z
??0PyIPersistStreamInit@@QEAA@AEBV0@@Z
??0PyIProvideClassInfo2@@IEAA@PEAUIUnknown@@@Z
??0PyIProvideClassInfo2@@QEAA@AEBV0@@Z
??0PyIProvideClassInfo@@IEAA@PEAUIUnknown@@@Z
??0PyIProvideClassInfo@@QEAA@AEBV0@@Z
??0PyIServiceProvider@@IEAA@PEAUIUnknown@@@Z
??0PyIServiceProvider@@QEAA@AEBV0@@Z
??0PyIStream@@IEAA@PEAUIUnknown@@@Z
??0PyIStream@@QEAA@AEBV0@@Z
??0PyITypeComp@@IEAA@PEAUIUnknown@@@Z
??0PyITypeComp@@QEAA@AEBV0@@Z
??0PyITypeInfo@@IEAA@PEAUIUnknown@@@Z
??0PyITypeInfo@@QEAA@AEBV0@@Z
??0PyITypeLib@@IEAA@PEAUIUnknown@@@Z
??0PyITypeLib@@QEAA@AEBV0@@Z
??0PyIUnknown@@IEAA@PEAUIUnknown@@@Z
??0PyIUnknown@@QEAA@AEBV0@@Z
??0PyOleArgNotFound@@QEAA@XZ
??0PyOleEmpty@@QEAA@XZ
??0PyOleMissing@@QEAA@XZ
??0PyOleNothing@@QEAA@XZ
??0PySTGMEDIUM@@QEAA@PEAUtagSTGMEDIUM@@@Z
??0PythonOleArgHelper@@QEAA@XZ
??1CPyFactory@@QEAA@XZ
??1PyComEnumProviderTypeObject@@QEAA@XZ
??1PyComEnumTypeObject@@QEAA@XZ
??1PyComTypeObject@@QEAA@XZ
??1PyGOleWindow@@UEAA@XZ
??1PyGPersist@@UEAA@XZ
??1PyGatewayBase@@MEAA@XZ
??1PyIBase@@MEAA@XZ
??1PyIBindCtx@@MEAA@XZ
??1PyIClassFactory@@MEAA@XZ
??1PyIConnectionPoint@@MEAA@XZ
??1PyIConnectionPointContainer@@MEAA@XZ
??1PyIDispatch@@MEAA@XZ
??1PyIDispatchEx@@MEAA@XZ
??1PyIEnumMoniker@@MEAA@XZ
??1PyIEnumVARIANT@@MEAA@XZ
??1PyIMoniker@@MEAA@XZ
??1PyIOleWindow@@MEAA@XZ
??1PyIPersist@@MEAA@XZ
??1PyIPersistStream@@MEAA@XZ
??1PyIPersistStreamInit@@MEAA@XZ
??1PyIProvideClassInfo2@@MEAA@XZ
??1PyIProvideClassInfo@@MEAA@XZ
??1PyIServiceProvider@@MEAA@XZ
??1PyIStream@@MEAA@XZ
??1PyITypeComp@@MEAA@XZ
??1PyITypeInfo@@MEAA@XZ
??1PyITypeLib@@MEAA@XZ
??1PyIUnknown@@MEAA@XZ
??1PySTGMEDIUM@@QEAA@XZ
??1PythonOleArgHelper@@QEAA@XZ
??4CPyFactory@@QEAAAEAV0@AEBV0@@Z
??4PyComEnumProviderTypeObject@@QEAAAEAV0@$$QEAV0@@Z
??4PyComEnumProviderTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyComEnumTypeObject@@QEAAAEAV0@$$QEAV0@@Z
??4PyComEnumTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyComTypeObject@@QEAAAEAV0@AEBV0@@Z
??4PyGOleWindow@@QEAAAEAV0@$$QEAV0@@Z
??4PyGOleWindow@@QEAAAEAV0@AEBV0@@Z
??4PyGPersist@@QEAAAEAV0@$$QEAV0@@Z
??4PyGPersist@@QEAAAEAV0@AEBV0@@Z
??4PyGatewayBase@@QEAAAEAV0@AEBV0@@Z
??4PyIBase@@QEAAAEAV0@AEBV0@@Z
??4PyIBindCtx@@QEAAAEAV0@AEBV0@@Z
??4PyIClassFactory@@QEAAAEAV0@AEBV0@@Z
??4PyIConnectionPoint@@QEAAAEAV0@AEBV0@@Z
??4PyIConnectionPointContainer@@QEAAAEAV0@AEBV0@@Z
??4PyIDispatch@@QEAAAEAV0@AEBV0@@Z
??4PyIDispatchEx@@QEAAAEAV0@AEBV0@@Z
??4PyIEnumMoniker@@QEAAAEAV0@AEBV0@@Z
??4PyIEnumVARIANT@@QEAAAEAV0@AEBV0@@Z
??4PyIMoniker@@QEAAAEAV0@AEBV0@@Z
??4PyIOleWindow@@QEAAAEAV0@AEBV0@@Z
??4PyIPersist@@QEAAAEAV0@AEBV0@@Z
??4PyIPersistStream@@QEAAAEAV0@AEBV0@@Z
??4PyIPersistStreamInit@@QEAAAEAV0@AEBV0@@Z
??4PyIProvideClassInfo2@@QEAAAEAV0@AEBV0@@Z
??4PyIProvideClassInfo@@QEAAAEAV0@AEBV0@@Z
??4PyIServiceProvider@@QEAAAEAV0@AEBV0@@Z
??4PyIStream@@QEAAAEAV0@AEBV0@@Z
??4PyITypeComp@@QEAAAEAV0@AEBV0@@Z
??4PyITypeInfo@@QEAAAEAV0@AEBV0@@Z
??4PyITypeLib@@QEAAAEAV0@AEBV0@@Z
??4PyIUnknown@@QEAAAEAV0@AEBV0@@Z
??4PyOleArgNotFound@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleArgNotFound@@QEAAAEAV0@AEBV0@@Z
??4PyOleEmpty@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleEmpty@@QEAAAEAV0@AEBV0@@Z
??4PyOleMissing@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleMissing@@QEAAAEAV0@AEBV0@@Z
??4PyOleNothing@@QEAAAEAV0@$$QEAV0@@Z
??4PyOleNothing@@QEAAAEAV0@AEBV0@@Z
??4PySTGMEDIUM@@QEAAAEAV0@AEBV0@@Z
??4PythonOleArgHelper@@QEAAAEAV0@AEBV0@@Z
??_7CPyFactory@@6B@
??_7PyGOleWindow@@6B@
??_7PyGOleWindow@@6BIDispatchEx@@@
??_7PyGOleWindow@@6BIInternalUnwrapPythonObject@@@
??_7PyGOleWindow@@6BISupportErrorInfo@@@
??_7PyGPersist@@6B@
??_7PyGPersist@@6BIDispatchEx@@@
??_7PyGPersist@@6BIInternalUnwrapPythonObject@@@
??_7PyGPersist@@6BISupportErrorInfo@@@
??_7PyGatewayBase@@6BIDispatchEx@@@
??_7PyGatewayBase@@6BIInternalUnwrapPythonObject@@@
??_7PyGatewayBase@@6BISupportErrorInfo@@@
??_7PyIBase@@6B@
??_7PyIBindCtx@@6B@
??_7PyIClassFactory@@6B@
??_7PyIConnectionPoint@@6B@
??_7PyIConnectionPointContainer@@6B@
??_7PyIDispatch@@6B@
??_7PyIDispatchEx@@6B@
??_7PyIEnumMoniker@@6B@
??_7PyIEnumVARIANT@@6B@
??_7PyIMoniker@@6B@
??_7PyIOleWindow@@6B@
??_7PyIPersist@@6B@
??_7PyIPersistStream@@6B@
??_7PyIPersistStreamInit@@6B@
??_7PyIProvideClassInfo2@@6B@
??_7PyIProvideClassInfo@@6B@
??_7PyIServiceProvider@@6B@
??_7PyIStream@@6B@
??_7PyITypeComp@@6B@
??_7PyITypeInfo@@6B@
??_7PyITypeLib@@6B@
??_7PyIUnknown@@6B@
??_FPySTGMEDIUM@@QEAAXXZ
?AddRef@CPyFactory@@UEAAKXZ
?AddRef@PyGOleWindow@@MEAAKXZ
?AddRef@PyGPersist@@MEAAKXZ
?AddRef@PyGatewayBase@@UEAAKXZ
?Advise@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?Bind@PyITypeComp@@QEAAPEAU_object@@PEA_WG@Z
?BindToObject@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?BindToStorage@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?BindType@PyITypeComp@@QEAAPEAU_object@@PEA_W@Z
?Clone@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Clone@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Clone@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Close@PySTGMEDIUM@@QEAAXXZ
?Commit@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?ComposeWith@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?ContextSensitiveHelp@PyGOleWindow@@MEAAJH@Z
?ContextSensitiveHelp@PyIOleWindow@@SAPEAU_object@@PEAU2@0@Z
?CopyTo@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?CopyTo@PySTGMEDIUM@@QEAAHPEAUtagSTGMEDIUM@@@Z
?CreateInstance@CPyFactory@@UEAAJPEAUIUnknown@@AEBU_GUID@@PEAPEAX@Z
?CreateInstance@PyIClassFactory@@SAPEAU_object@@PEAU2@0@Z
?CreateNewPythonInstance@CPyFactory@@IEAAJAEBU_GUID@@0PEAPEAU_object@@@Z
?DeleteMemberByDispID@PyGatewayBase@@UEAAJJ@Z
?DeleteMemberByDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?DeleteMemberByName@PyGatewayBase@@UEAAJPEA_WK@Z
?DeleteMemberByName@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?DropOwnership@PySTGMEDIUM@@QEAAXXZ
?Enum@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?EnumConnectionPoints@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@0@Z
?EnumConnections@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?EnumObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?FindConnectionPoint@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@0@Z
?GetBindOptions@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetClassID@PyGPersist@@MEAAJPEAU_GUID@@@Z
?GetClassID@PyIPersist@@SAPEAU_object@@PEAU2@0@Z
?GetClassInfoW@PyIProvideClassInfo@@SAPEAU_object@@PEAU2@0@Z
?GetConnectionInterface@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?GetConnectionPointContainer@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?GetContainingTypeLib@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetDispID@PyGatewayBase@@UEAAJPEA_WKPEAJ@Z
?GetDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetDisplayName@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?GetDocumentation@PyITypeInfo@@QEAAPEAU_object@@J@Z
?GetDocumentation@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetFuncDesc@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetGUID@PyIProvideClassInfo2@@SAPEAU_object@@PEAU2@0@Z
?GetI@PyIBindCtx@@SAPEAUIBindCtx@@PEAU_object@@@Z
?GetI@PyIClassFactory@@SAPEAUIClassFactory@@PEAU_object@@@Z
?GetI@PyIConnectionPoint@@SAPEAUIConnectionPoint@@PEAU_object@@@Z
?GetI@PyIConnectionPointContainer@@SAPEAUIConnectionPointContainer@@PEAU_object@@@Z
?GetI@PyIDispatch@@SAPEAUIDispatch@@PEAU_object@@@Z
?GetI@PyIDispatchEx@@SAPEAUIDispatchEx@@PEAU_object@@@Z
?GetI@PyIEnumMoniker@@SAPEAUIEnumMoniker@@PEAU_object@@@Z
?GetI@PyIEnumVARIANT@@SAPEAUIEnumVARIANT@@PEAU_object@@@Z
?GetI@PyIMoniker@@SAPEAUIMoniker@@PEAU_object@@@Z
?GetI@PyIOleWindow@@SAPEAUIOleWindow@@PEAU_object@@@Z
?GetI@PyIPersist@@SAPEAUIPersist@@PEAU_object@@@Z
?GetI@PyIPersistStream@@SAPEAUIPersistStream@@PEAU_object@@@Z
?GetI@PyIPersistStreamInit@@SAPEAUIPersistStreamInit@@PEAU_object@@@Z
?GetI@PyIProvideClassInfo2@@SAPEAUIProvideClassInfo2@@PEAU_object@@@Z
?GetI@PyIProvideClassInfo@@SAPEAUIProvideClassInfo@@PEAU_object@@@Z
?GetI@PyIServiceProvider@@SAPEAUIServiceProvider@@PEAU_object@@@Z
?GetI@PyIStream@@SAPEAUIStream@@PEAU_object@@@Z
?GetI@PyITypeComp@@SAPEAUITypeComp@@PEAU_object@@@Z
?GetI@PyITypeInfo@@SAPEAUITypeInfo@@PEAU_object@@@Z
?GetI@PyITypeLib@@SAPEAUITypeLib@@PEAU_object@@@Z
?GetI@PyIUnknown@@SAPEAUIUnknown@@PEAU_object@@@Z
?GetIDsOfNames@PyGatewayBase@@UEAAJAEBU_GUID@@PEAPEA_WIKPEAJ@Z
?GetIDsOfNames@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetIID@PyGOleWindow@@MEAA?AU_GUID@@XZ
?GetIID@PyGPersist@@MEAA?AU_GUID@@XZ
?GetIID@PyGatewayBase@@UEAA?AU_GUID@@XZ
?GetImplTypeFlags@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetLibAttr@PyITypeLib@@QEAAPEAU_object@@XZ
?GetMemberName@PyGatewayBase@@UEAAJJPEAPEA_W@Z
?GetMemberName@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetMemberProperties@PyGatewayBase@@UEAAJJKPEAK@Z
?GetMemberProperties@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetNameSpaceParent@PyGatewayBase@@UEAAJPEAPEAUIUnknown@@@Z
?GetNames@PyITypeInfo@@QEAAPEAU_object@@J@Z
?GetNextDispID@PyGatewayBase@@UEAAJKJPEAJ@Z
?GetNextDispID@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?GetObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetRefTypeInfo@PyITypeInfo@@QEAAPEAU_object@@K@Z
?GetRefTypeOfImplType@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetRunningObjectTable@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?GetSizeMax@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?GetTypeAttr@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetTypeComp@PyITypeInfo@@QEAAPEAU_object@@XZ
?GetTypeComp@PyITypeLib@@QEAAPEAU_object@@XZ
?GetTypeInfo@PyGatewayBase@@UEAAJIKPEAPEAUITypeInfo@@@Z
?GetTypeInfo@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetTypeInfo@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetTypeInfoCount@PyGatewayBase@@UEAAJPEAI@Z
?GetTypeInfoCount@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?GetTypeInfoCount@PyITypeLib@@QEAAPEAU_object@@XZ
?GetTypeInfoOfGuid@PyITypeLib@@QEAAPEAU_object@@AEBU_GUID@@@Z
?GetTypeInfoType@PyITypeLib@@QEAAPEAU_object@@H@Z
?GetVarDesc@PyITypeInfo@@QEAAPEAU_object@@H@Z
?GetWindow@PyGOleWindow@@MEAAJPEAPEAUHWND__@@@Z
?GetWindow@PyIOleWindow@@SAPEAU_object@@PEAU2@0@Z
?Hash@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?InitNew@PyIPersistStreamInit@@SAPEAU_object@@PEAU2@0@Z
?InterfaceSupportsErrorInfo@PyGatewayBase@@UEAAJAEBU_GUID@@@Z
?Invoke@PyGatewayBase@@UEAAJJAEBU_GUID@@KGPEAUtagDISPPARAMS@@PEAUtagVARIANT@@PEAUtagEXCEPINFO@@PEAI@Z
?Invoke@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?InvokeEx@PyGatewayBase@@UEAAJJKGPEAUtagDISPPARAMS@@PEAUtagVARIANT@@PEAUtagEXCEPINFO@@PEAUIServiceProvider@@@Z
?InvokeEx@PyIDispatchEx@@SAPEAU_object@@PEAU2@0@Z
?InvokeTypes@PyIDispatch@@SAPEAU_object@@PEAU2@0@Z
?InvokeViaPolicy@PyGatewayBase@@MEAAJPEBDPEAPEAU_object@@0ZZ
?IsDirty@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?IsEqual@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?IsSystemMoniker@PyIMoniker@@SAPEAU_object@@PEAU2@0@Z
?Load@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?LockRegion@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?LockServer@CPyFactory@@UEAAJH@Z
?LockServer@PyIClassFactory@@SAPEAU_object@@PEAU2@0@Z
?MakeBstrToObj@@YAPEAU_object@@QEA_W@Z
?MakeOLECHARToObj@@YAPEAU_object@@PEB_W@Z
?MakeOLECHARToObj@@YAPEAU_object@@PEB_WH@Z
?MakeObjToVariant@PythonOleArgHelper@@QEAAHPEAU_object@@PEAUtagVARIANT@@0@Z
?MakePythonArgumentTuples@@YAHPEAPEAU_object@@PEAPEAVPythonOleArgHelper@@01PEAUtagDISPPARAMS@@@Z
?MakeVariantToObj@PythonOleArgHelper@@QEAAPEAU_object@@PEAUtagVARIANT@@@Z
?Next@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Next@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?ParseTypeInformation@PythonOleArgHelper@@QEAAHPEAU_object@@@Z
?PyCom_BstrFromPyObject@@YAHPEAU_object@@PEAPEA_WH@Z
?PyCom_BuildInternalPyException@@YAPEAU_object@@PEAD@Z
?PyCom_BuildPyException@@YAPEAU_object@@JPEAUIUnknown@@AEBU_GUID@@@Z
?PyCom_BuildPyExceptionFromEXCEPINFO@@YAPEAU_object@@JPEAUtagEXCEPINFO@@I@Z
?PyCom_CheckIEnumNextResult@@YAJJAEBU_GUID@@@Z
?PyCom_DLLAddRef@@YAXXZ
?PyCom_DLLReleaseRef@@YAXXZ
?PyCom_EnableQuitMessage@@YAXK@Z
?PyCom_ExcepInfoFromPyException@@YAXPEAUtagEXCEPINFO@@@Z
?PyCom_ExcepInfoFromPyObject@@YAHPEAU_object@@PEAUtagEXCEPINFO@@PEAJ@Z
?PyCom_HandleIEnumNoSequence@@YAJAEBU_GUID@@@Z
?PyCom_InterfaceFromPyInstanceOrObject@@YAHPEAU_object@@AEBU_GUID@@PEAPEAXH@Z
?PyCom_IsGatewayRegistered@@YAHAEBU_GUID@@@Z
?PyCom_LogF@@YAXPEB_WZZ
?PyCom_LoggerException@@YAXPEAU_object@@PEB_WZZ
?PyCom_LoggerNonServerException@@YAXPEAU_object@@PEB_WZZ
?PyCom_LoggerWarning@@YAXPEAU_object@@PEB_WZZ
?PyCom_PyObjectAsSTATPROPSETSTG@@YAHPEAU_object@@PEAUtagSTATPROPSETSTG@@@Z
?PyCom_PyObjectAsSTATSTG@@YAHPEAU_object@@PEAUtagSTATSTG@@K@Z
?PyCom_PyObjectAsSTGOPTIONS@@YAHPEAU_object@@PEAPEAUtagSTGOPTIONS@@PEAVTmpWCHAR@@@Z
?PyCom_PyObjectFromExcepInfo@@YAPEAU_object@@PEBUtagEXCEPINFO@@@Z
?PyCom_PyObjectFromSAFEARRAY@@YAPEAU_object@@PEAUtagSAFEARRAY@@W4VARENUM@@@Z
?PyCom_PyObjectFromSTATPROPSETSTG@@YAPEAU_object@@PEAUtagSTATPROPSETSTG@@@Z
?PyCom_PyObjectFromSTATSTG@@YAPEAU_object@@PEAUtagSTATSTG@@@Z
?PyCom_RegisterClientType@@YAHPEAU_typeobject@@PEBU_GUID@@@Z
?PyCom_RegisterExtensionSupport@@YAHPEAU_object@@PEBUPyCom_InterfaceSupportInfo@@H@Z
?PyCom_RegisterGatewayObject@@YAJAEBU_GUID@@P6AJPEAU_object@@PEAVPyGatewayBase@@PEAPEAX0@ZPEBD@Z
?PyCom_SAFEARRAYFromPyObject@@YAHPEAU_object@@PEAPEAUtagSAFEARRAY@@W4VARENUM@@@Z
?PyCom_SetAndLogCOMErrorFromPyException@@YAJPEBDAEBU_GUID@@@Z
?PyCom_SetAndLogCOMErrorFromPyExceptionEx@@YAJPEAU_object@@PEBDAEBU_GUID@@@Z
?PyCom_SetCOMErrorFromPyException@@YAJAEBU_GUID@@@Z
?PyCom_SetCOMErrorFromSimple@@YAJJAEBU_GUID@@PEB_W@Z
?PyGatewayConstruct@PyGOleWindow@@SAJPEAU_object@@PEAVPyGatewayBase@@PEAPEAXAEBU_GUID@@@Z
?PyGatewayConstruct@PyGPersist@@SAJPEAU_object@@PEAVPyGatewayBase@@PEAPEAXAEBU_GUID@@@Z
?PyGatewayConstruct@PyGatewayBase@@SAJPEAU_object@@PEAV1@PEAPEAXAEBU_GUID@@@Z
?PyObConstruct@PyIBindCtx@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIClassFactory@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIConnectionPoint@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIConnectionPointContainer@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIDispatch@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIDispatchEx@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIEnumMoniker@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIEnumVARIANT@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIMoniker@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIOleWindow@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersist@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersistStream@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIPersistStreamInit@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIProvideClassInfo2@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIProvideClassInfo@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIServiceProvider@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIStream@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeComp@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeInfo@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyITypeLib@@SAPEAVPyIUnknown@@PEAUIUnknown@@@Z
?PyObConstruct@PyIUnknown@@SAPEAV1@PEAUIUnknown@@@Z
?PyObject_AsCurrency@@YAHPEAU_object@@PEATtagCY@@@Z
?PyObject_AsOLEMENUGROUPWIDTHS@@YAHPEAU_object@@PEAUtagOleMenuGroupWidths@@@Z
?PyObject_AsPROPVARIANT@@YAHPEAU_object@@PEAUtagPROPVARIANT@@@Z
?PyObject_FromCurrency@@YAPEAU_object@@AEATtagCY@@@Z
?PyObject_FromOLEMENUGROUPWIDTHS@@YAPEAU_object@@PEBUtagOleMenuGroupWidths@@@Z
?PyObject_FromPROPVARIANT@@YAPEAU_object@@PEAUtagPROPVARIANT@@@Z
?PyObject_FromPROPVARIANTs@@YAPEAU_object@@PEAUtagPROPVARIANT@@K@Z
?PyObject_FromSTGMEDIUM@@YAPEAVPySTGMEDIUM@@PEAUtagSTGMEDIUM@@@Z
?PyOleArgNotFoundType@@3U_typeobject@@A
?PyOleEmptyType@@3U_typeobject@@A
?PyOleMissingType@@3U_typeobject@@A
?PyOleNothingType@@3U_typeobject@@A
?QueryInterface@CPyFactory@@UEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGOleWindow@@MEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGPersist@@MEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyGatewayBase@@UEAAJAEBU_GUID@@PEAPEAX@Z
?QueryInterface@PyIUnknown@@SAPEAU_object@@PEAU2@0@Z
?QueryService@PyIServiceProvider@@SAPEAU_object@@PEAU2@0@Z
?Read@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?RegisterObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?Release@CPyFactory@@UEAAKXZ
?Release@PyGOleWindow@@MEAAKXZ
?Release@PyGPersist@@MEAAKXZ
?Release@PyGatewayBase@@UEAAKXZ
?Reset@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Reset@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Revert@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?RevokeObjectParam@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?SafeRelease@PyIUnknown@@SAXPEAV1@@Z
?Save@PyIPersistStream@@SAPEAU_object@@PEAU2@0@Z
?Seek@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?SetBindOptions@PyIBindCtx@@SAPEAU_object@@PEAU2@0@Z
?SetPythonCOMError@PyIConnectionPoint@@SAPEAU_object@@PEAU2@J@Z
?SetPythonCOMError@PyIConnectionPointContainer@@SAPEAU_object@@PEAU2@J@Z
?SetPythonCOMError@PyIDispatchEx@@SAPEAU_object@@PEAU2@J@Z
?SetSize@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Skip@PyIEnumMoniker@@SAPEAU_object@@PEAU2@0@Z
?Skip@PyIEnumVARIANT@@SAPEAU_object@@PEAU2@0@Z
?Stat@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?ThisAsIID@PyGOleWindow@@MEAAPEAXU_GUID@@@Z
?ThisAsIID@PyGPersist@@MEAAPEAXU_GUID@@@Z
?ThisAsIID@PyGatewayBase@@UEAAPEAXU_GUID@@@Z
?Type@PySTGMEDIUM@@2U_typeobject@@A
?Unadvise@PyIConnectionPoint@@SAPEAU_object@@PEAU2@0@Z
?UnlockRegion@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?Unwrap@PyGatewayBase@@UEAAJPEAPEAU_object@@@Z
?Write@PyIStream@@SAPEAU_object@@PEAU2@0@Z
?cmp@PyIBase@@SAHPEAU_object@@0@Z
?compare@PyIBase@@UEAAHPEAU_object@@@Z
?compare@PyIUnknown@@UEAAHPEAU_object@@@Z
?dealloc@PyIBase@@SAXPEAU_object@@@Z
?deallocFunc@PySTGMEDIUM@@SAXPEAU_object@@@Z
?getattr@PyIBase@@UEAAPEAU_object@@PEAD@Z
?getattro@PyIBase@@SAPEAU_object@@PEAU2@0@Z
?getattro@PySTGMEDIUM@@SAPEAU_object@@PEAU2@0@Z
?is_interface_type@PyComTypeObject@@SAHPEAU_object@@@Z
?is_object@PyIBase@@QEAAHPEAVPyComTypeObject@@@Z
?is_object@PyIBase@@SAHPEAU_object@@PEAVPyComTypeObject@@@Z
?iter@PyComEnumProviderTypeObject@@SAPEAU_object@@PEAU2@@Z
?iter@PyComEnumTypeObject@@SAPEAU_object@@PEAU2@@Z
?iter@PyIBase@@UEAAPEAU_object@@XZ
?iternext@PyComEnumTypeObject@@SAPEAU_object@@PEAU2@@Z
?iternext@PyIBase@@UEAAPEAU_object@@XZ
?methods@PySTGMEDIUM@@2PAUPyMethodDef@@A
?repr@PyIBase@@SAPEAU_object@@PEAU2@@Z
?repr@PyIBase@@UEAAPEAU_object@@XZ
?repr@PyIUnknown@@UEAAPEAU_object@@XZ
?richcmp@PyIBase@@SAPEAU_object@@PEAU2@0H@Z
?setattr@PyIBase@@UEAAHPEADPEAU_object@@@Z
?setattro@PyIBase@@SAHPEAU_object@@00@Z
?szErrMsgObjectReleased@PyIUnknown@@2PEADEA
?type@PyIBindCtx@@2VPyComTypeObject@@A
?type@PyIClassFactory@@2VPyComTypeObject@@A
?type@PyIConnectionPoint@@2VPyComTypeObject@@A
?type@PyIConnectionPointContainer@@2VPyComTypeObject@@A
?type@PyIDispatch@@2VPyComTypeObject@@A
?type@PyIDispatchEx@@2VPyComTypeObject@@A
?type@PyIEnumMoniker@@2VPyComEnumTypeObject@@A
?type@PyIEnumVARIANT@@2VPyComEnumTypeObject@@A
?type@PyIMoniker@@2VPyComEnumProviderTypeObject@@A
?type@PyIOleWindow@@2VPyComTypeObject@@A
?type@PyIPersist@@2VPyComTypeObject@@A
?type@PyIPersistStream@@2VPyComTypeObject@@A
?type@PyIPersistStreamInit@@2VPyComTypeObject@@A
?type@PyIProvideClassInfo2@@2VPyComTypeObject@@A
?type@PyIProvideClassInfo@@2VPyComTypeObject@@A
?type@PyIServiceProvider@@2VPyComTypeObject@@A
?type@PyIStream@@2VPyComTypeObject@@A
?type@PyITypeComp@@2VPyComTypeObject@@A
?type@PyITypeInfo@@2VPyComTypeObject@@A
?type@PyITypeLib@@2VPyComTypeObject@@A
?type@PyIUnknown@@2VPyComTypeObject@@A
DllCanUnloadNow
DllGetClassObject
DllMain
DllRegisterServerEx
DllUnregisterServerEx
PyCom_CoInitialize
PyCom_CoInitializeEx
PyCom_CoUninitialize
PyCom_InterfaceFromPyObject
PyCom_MakeOlePythonCall
PyCom_PyObjectFromIUnknown
PyCom_PyObjectFromVariant
PyCom_VariantFromPyObject
PyInit_pythoncom

Sections

.text
Size: 362KB - Virtual size: 362KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/pywintypes311.dll
.dll windows:6 windows x64 arch:x64

5b71a076f0c32bb52117188a36e3fec6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\pywintypes.pdb

Imports

advapi32

IsValidAcl
GetAuditedPermissionsFromAclW
GetLengthSid
InitializeAcl
AddAuditAccessAce
AddAce
DeleteAce
SetEntriesInAclW
GetAce
GetExplicitEntriesFromAclW
GetEffectiveRightsFromAclW
RegCloseKey
SetSecurityDescriptorGroup
MakeAbsoluteSD
MakeSelfRelativeSD
GetSecurityDescriptorLength
InitializeSecurityDescriptor
IsValidSecurityDescriptor
IsValidSid
SetSecurityDescriptorSacl
GetSecurityDescriptorOwner
GetSecurityDescriptorControl
GetSecurityDescriptorGroup
SetSecurityDescriptorOwner
GetAclInformation
GetSecurityDescriptorDacl
SetSecurityDescriptorDacl
GetSecurityDescriptorSacl
GetSidIdentifierAuthority
InitializeSid
CopySid
GetSidSubAuthority
AllocateAndInitializeSid
GetSidSubAuthorityCount
EqualSid
IsTextUnicode

user32

wsprintfW

ole32

CoTaskMemAlloc
CoTaskMemFree
CLSIDFromString
CoCreateGuid
CLSIDFromProgID
StringFromGUID2

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
SysAllocStringLen
SysStringLen
SysFreeString

python311

PyExc_Exception
PyErr_SetObject
PyModule_AddIntConstant
PyRun_StringFlags
PyMemoryView_FromObject
PyLong_FromUnsignedLong
PyThreadState_New
PyLong_AsUnsignedLongMask
PyModule_GetDict
PyObject_GetBuffer
PyModule_Create2
PyUnicode_Type
PyByteArray_FromStringAndSize
PyDict_GetItemString
PyLong_AsVoidPtr
PyObject_CallObject
PyThreadState_Clear
PyCallable_Check
PyThreadState_Swap
_Py_FatalErrorFunc
PyEval_AcquireThread
PyMemoryView_FromBuffer
PyThreadState_Delete
PyEval_ReleaseThread
PyUnicode_AsUTF8
PyExc_PendingDeprecationWarning
PyLong_FromLongLong
PyLong_AsLongLong
PyLong_AsUnsignedLongLong
PyLong_FromUnsignedLongLong
PyErr_Occurred
PyErr_WarnEx
PyBuffer_FillInfo
PyEval_RestoreThread
PyObject_Print
_Py_TrueStruct
PyUnicode_AsMBCSString
_Py_HashPointer
PyObject_GenericSetAttr
PyErr_Fetch
PyErr_Restore
_Py_FalseStruct
PyEval_SaveThread
PyBytes_FromStringAndSize
PyExc_AttributeError
PyExc_WindowsError
PyBytes_AsStringAndSize
PyArg_ParseTuple
PyBuffer_Release
PyExc_TypeError
_Py_NewReference
PyArg_ParseTupleAndKeywords
PyExc_NotImplementedError
PyTuple_SetItem
PySequence_Check
PyDict_New
PyDict_SetItem
PyMapping_Check
PyErr_Clear
PyObject_GetAttrString
PyTuple_GetItem
_Py_Dealloc
PyExc_OverflowError
PyErr_Format
PyExc_ValueError
PyErr_SetString
PyTuple_New
_Py_NoneStruct
PyExc_MemoryError
Py_BuildValue
PyLong_FromLong
PyObject_GenericGetAttr
PySequence_GetItem
PyMapping_Items
PySequence_Size
Py_MakePendingCalls
PyMem_Malloc
PyMem_Free
PyBytes_Size
PyList_Append
PyList_New
PyUnicode_AsWideCharString
PyUnicode_FromWideChar
PyUnicode_DecodeMBCS
PyBytes_AsString
PyEval_CallObjectWithKeywords
PyBool_FromLong
PyNumber_Long
PyNumber_Check
PyObject_HasAttrString
PyCapsule_Import
PyObject_CallMethod
PyTuple_Size
PyType_Ready
PyErr_BadArgument
PyLong_AsLong
PyType_IsSubtype
PyDict_SetItemString
PyImport_ImportModule
PySequence_Tuple
PyErr_NoMemory
_PyArg_ParseTuple_SizeT
PyBytes_FromString
_Py_NotImplementedStruct
_Py_BuildValue_SizeT
PyObject_Call

kernel32

LocalFree
CloseHandle
SetLastError
lstrlenW
FileTimeToSystemTime
SystemTimeToFileTime
MultiByteToWideChar
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
LocalAlloc
FormatMessageW
TlsAlloc
GetLastError
LoadLibraryW
GetProcAddress
DeleteCriticalSection
GetModuleHandleW
TlsGetValue
TlsFree
DosDateTimeToFileTime
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memset
__std_type_info_destroy_list
_CxxThrowException
__std_exception_destroy
memcpy
__C_specific_handler
__current_exception_context
__current_exception
__std_terminate
memcmp
__std_exception_copy

api-ms-win-crt-heap-l1-1-0

realloc
_callnewh
malloc
free

api-ms-win-crt-stdio-l1-1-0

__acrt_iob_func
__stdio_common_vswprintf
__stdio_common_vfprintf

api-ms-win-crt-time-l1-1-0

_mktime64

api-ms-win-crt-string-l1-1-0

wcsncpy
strncpy
strcmp
_wcsdup

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
terminate
_initterm
_initterm_e
_seh_filter_dll
_initialize_narrow_environment
_initialize_onexit_table
_register_onexit_function
_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table

api-ms-win-crt-math-l1-1-0

floor

Exports

Exports

??0PyACL@@QEAA@HH@Z
??0PyACL@@QEAA@PEAU_ACL@@@Z
??0PyDEVMODEW@@QEAA@G@Z
??0PyDEVMODEW@@QEAA@PEAU_devicemodeW@@@Z
??0PyDEVMODEW@@QEAA@XZ
??0PyHANDLE@@QEAA@AEBV0@@Z
??0PyHANDLE@@QEAA@PEAX@Z
??0PyHKEY@@QEAA@$$QEAV0@@Z
??0PyHKEY@@QEAA@AEBV0@@Z
??0PyHKEY@@QEAA@PEAX@Z
??0PyIID@@QEAA@AEBU_GUID@@@Z
??0PyOVERLAPPED@@QEAA@PEBVsMyOverlapped@0@@Z
??0PyOVERLAPPED@@QEAA@XZ
??0PySECURITY_ATTRIBUTES@@QEAA@AEBU_SECURITY_ATTRIBUTES@@@Z
??0PySECURITY_ATTRIBUTES@@QEAA@XZ
??0PySECURITY_DESCRIPTOR@@QEAA@PEAX@Z
??0PySECURITY_DESCRIPTOR@@QEAA@_J@Z
??0PySID@@QEAA@PEAX@Z
??0PySID@@QEAA@_JPEAX@Z
??0PyWAVEFORMATEX@@QEAA@AEBUtWAVEFORMATEX@@@Z
??0PyWAVEFORMATEX@@QEAA@XZ
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
??0PyWinBufferView@@QEAA@XZ
??0PyWin_AutoFreeBstr@@QEAA@PEA_W@Z
??0sMyOverlapped@PyOVERLAPPED@@QEAA@AEBU_OVERLAPPED@@@Z
??0sMyOverlapped@PyOVERLAPPED@@QEAA@XZ
??1PyACL@@QEAA@XZ
??1PyDEVMODEW@@IEAA@XZ
??1PyHANDLE@@UEAA@XZ
??1PyHKEY@@UEAA@XZ
??1PyOVERLAPPED@@QEAA@XZ
??1PySECURITY_ATTRIBUTES@@QEAA@XZ
??1PySECURITY_DESCRIPTOR@@QEAA@XZ
??1PySID@@QEAA@XZ
??1PyWAVEFORMATEX@@QEAA@XZ
??1PyWinBufferView@@QEAA@XZ
??1PyWin_AutoFreeBstr@@QEAA@XZ
??4PyACL@@QEAAAEAV0@AEBV0@@Z
??4PyDEVMODEW@@QEAAAEAV0@AEBV0@@Z
??4PyHANDLE@@QEAAAEAV0@AEBV0@@Z
??4PyHKEY@@QEAAAEAV0@$$QEAV0@@Z
??4PyHKEY@@QEAAAEAV0@AEBV0@@Z
??4PyIID@@QEAAAEAV0@$$QEAV0@@Z
??4PyIID@@QEAAAEAV0@AEBV0@@Z
??4PyOVERLAPPED@@QEAAAEAV0@AEBV0@@Z
??4PySECURITY_ATTRIBUTES@@QEAAAEAV0@AEBV0@@Z
??4PySECURITY_DESCRIPTOR@@QEAAAEAV0@AEBV0@@Z
??4PySID@@QEAAAEAV0@AEBV0@@Z
??4PyWAVEFORMATEX@@QEAAAEAV0@AEBV0@@Z
??4PyWin_AutoFreeBstr@@QEAAAEAV0@AEBV0@@Z
??4sMyOverlapped@PyOVERLAPPED@@QEAAAEAV01@$$QEAV01@@Z
??4sMyOverlapped@PyOVERLAPPED@@QEAAAEAV01@AEBV01@@Z
??BPyHANDLE@@QEAAPEAXXZ
??BPyWin_AutoFreeBstr@@QEAAPEA_WXZ
??_7PyHANDLE@@6B@
??_7PyHKEY@@6B@
??_FPyIID@@QEAAXXZ
??_FPySECURITY_DESCRIPTOR@@QEAAXXZ
??_FPyWin_AutoFreeBstr@@QEAAXXZ
?AddAccessAllowedAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessAllowedAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessAllowedObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAccessDeniedObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessAceEx@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddAuditAccessObjectAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?AddMandatoryAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Clear@PyDEVMODEW@@SAPEAU_object@@PEAU2@0@Z
?Close@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?Close@PyHANDLE@@UEAAHXZ
?Close@PyHKEY@@UEAAHXZ
?DeleteAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Detach@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?FreeAbsoluteSD@@YAXPEAX@Z
?GetACL@PyACL@@QEAAPEAU_ACL@@XZ
?GetAce@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAceCount@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAclRevision@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetAclSize@PyACL@@SAPEAU_object@@PEAU2@0@Z
?GetDEVMODE@PyDEVMODEW@@QEAAPEAU_devicemodeW@@XZ
?GetLength@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetLength@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetOverlapped@PyOVERLAPPED@@QEAAPEAU_OVERLAPPED@@XZ
?GetPythonTraceback@@YAPEA_WPEAU_object@@00@Z
?GetSA@PySECURITY_ATTRIBUTES@@QEAAPEAU_SECURITY_ATTRIBUTES@@XZ
?GetSD@PySECURITY_DESCRIPTOR@@QEAAPEAXXZ
?GetSID@PySID@@QEAAPEAXXZ
?GetSecurityDescriptorControl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorDacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorGroup@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorOwner@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSecurityDescriptorSacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?GetSidIdentifierAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetSubAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetSubAuthorityCount@PySID@@SAPEAU_object@@PEAU2@0@Z
?GetTypeName@PyHANDLE@@UEAAPEBDXZ
?GetTypeName@PyHKEY@@UEAAPEBDXZ
?Initialize@PyACL@@SAPEAU_object@@PEAU2@0@Z
?Initialize@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?Initialize@PySID@@SAPEAU_object@@PEAU2@0@Z
?IsEqual@PyIID@@QEAAHAEAV1@@Z
?IsEqual@PyIID@@QEAAHAEBU_GUID@@@Z
?IsEqual@PyIID@@QEAAHPEAU_object@@@Z
?IsSelfRelative@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PyACL@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?IsValid@PySID@@SAPEAU_object@@PEAU2@0@Z
?PyACLType@@3U_typeobject@@A
?PyBuffer_FromMemory@@YAPEAU_object@@PEAX_J@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
?PyDEVMODEWType@@3U_typeobject@@A
?PyGetAuditedPermissionsFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyGetEffectiveRightsFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyGetExplicitEntriesFromAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PyHANDLEType@@3U_typeobject@@A
?PyIIDType@@3U_typeobject@@A
?PyOVERLAPPEDType@@3U_typeobject@@A
?PyObject_FromWIN32_FIND_DATAW@@YAPEAU_object@@PEAU_WIN32_FIND_DATAW@@@Z
?PySECURITY_ATTRIBUTESType@@3U_typeobject@@A
?PySECURITY_DESCRIPTORType@@3U_typeobject@@A
?PySIDType@@3U_typeobject@@A
?PySetEntriesInAcl@PyACL@@SAPEAU_object@@PEAU2@0@Z
?PySocket_AsSOCKET@@YAHPEAU_object@@PEA_K@Z
?PyWAVEFORMATEXType@@3U_typeobject@@A
?PyWinCoreString_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEBD_J@Z
?PyWinCoreString_FromString@@YAPEAU_object@@PEB_W_J@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinExc_COMError@@3PEAU_object@@EA
?PyWinGlobals_Ensure@@YAHXZ
?PyWinGlobals_Free@@YAXXZ
?PyWinInterpreterLock_Acquire@@YAXXZ
?PyWinInterpreterLock_Release@@YAXXZ
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinMethod_NewACL@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewHANDLE@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewIID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewOVERLAPPED@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSECURITY_ATTRIBUTES@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewSID@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTime@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewTimeStamp@@YAPEAU_object@@PEAU1@0@Z
?PyWinMethod_NewWAVEFORMATEX@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_AsACL@@YAHPEAU_object@@PEAPEAU_ACL@@H@Z
?PyWinObject_AsBstr@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsChars@@YAHPEAU_object@@PEAPEADHPEAK@Z
?PyWinObject_AsDATE@@YAHPEAU_object@@PEAN@Z
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z
?PyWinObject_AsFILETIME@@YAHPEAU_object@@PEAU_FILETIME@@@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsHKEY@@YAHPEAU_object@@PEAPEAUHKEY__@@@Z
?PyWinObject_AsIID@@YAHPEAU_object@@PEAU_GUID@@@Z
?PyWinObject_AsLARGE_INTEGER@@YAHPEAU_object@@PEAT_LARGE_INTEGER@@@Z
?PyWinObject_AsMSG@@YAHPEAU_object@@PEAUtagMSG@@@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsOVERLAPPED@@YAHPEAU_object@@PEAPEAU_OVERLAPPED@@H@Z
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWinObject_AsPyOVERLAPPED@@YAHPEAU_object@@PEAPEAVPyOVERLAPPED@@H@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_AsResourceIdA@@YAHPEAU_object@@PEAPEADH@Z
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsSID@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_AsSYSTEMTIME@@YAHPEAU_object@@PEAU_SYSTEMTIME@@@Z
?PyWinObject_AsSimplePARAM@@YAHPEAU_object@@PEA_K@Z
?PyWinObject_AsTaskAllocatedWCHAR@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsWAVEFORMATEX@@YAHPEAU_object@@PEAPEAUtWAVEFORMATEX@@H@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsWCHARArray@@YAHPEAU_object@@PEAPEAPEA_WPEAKH@Z
?PyWinObject_CloseHANDLE@@YAHPEAU_object@@@Z
?PyWinObject_CloseHKEY@@YAHPEAU_object@@@Z
?PyWinObject_FreeBstr@@YAXPEA_W@Z
?PyWinObject_FreeChars@@YAXPEAD@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinObject_FreeResourceIdA@@YAXPEAD@Z
?PyWinObject_FreeTaskAllocatedWCHAR@@YAXPEA_W@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FreeWCHARArray@@YAXPEAPEA_WK@Z
?PyWinObject_FromBstr@@YAPEAU_object@@QEA_WH@Z
?PyWinObject_FromDATE@@YAPEAU_object@@N@Z
?PyWinObject_FromDEVMODE@@YAPEAU_object@@PEAU_devicemodeW@@@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?PyWinObject_FromIID@@YAPEAU_object@@AEBU_GUID@@@Z
?PyWinObject_FromIO_COUNTERS@@YAPEAU_object@@PEAU_IO_COUNTERS@@@Z
?PyWinObject_FromLARGE_INTEGER@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_FromMSG@@YAPEAU_object@@PEBUtagMSG@@@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEAD@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEA_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromOVERLAPPED@@YAPEAU_object@@PEBU_OVERLAPPED@@@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_FromSECURITY_ATTRIBUTES@@YAPEAU_object@@AEBU_SECURITY_ATTRIBUTES@@@Z
?PyWinObject_FromSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromSID@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromSYSTEMTIME@@YAPEAU_object@@AEBU_SYSTEMTIME@@@Z
?PyWinObject_FromTimeStamp@@YAPEAU_object@@AEBT_LARGE_INTEGER@@@Z
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?PyWinThreadState_Clear@@YAXXZ
?PyWinThreadState_Ensure@@YAHXZ
?PyWinThreadState_Free@@YAXXZ
?PyWinTimeObject_Fromtime_t@@YAPEAU_object@@_J@Z
?PyWinTime_Check@@YAHPEAU_object@@@Z
?PyWin_AcquireGlobalLock@@YAXXZ
?PyWin_CopyString@@YAPEADPEBD@Z
?PyWin_CopyString@@YAPEA_WPEB_W@Z
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyWin_InterpreterState@@3PEAU_is@@EA
?PyWin_MakePendingCalls@@YAXXZ
?PyWin_NewUnicode@@YAPEAU_object@@PEAU1@0@Z
?PyWin_RegisterErrorMessageModule@@YAHKKPEAUHINSTANCE__@@@Z
?PyWin_ReleaseGlobalLock@@YAXXZ
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWin_SetBasicCOMError@@YAPEAU_object@@J@Z
?SetACL@PyACL@@QEAAHPEAU_ACL@@@Z
?SetBstr@PyWin_AutoFreeBstr@@QEAAXPEA_W@Z
?SetSD@PySECURITY_DESCRIPTOR@@QEAAHPEAX@Z
?SetSecurityDescriptorControl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorDacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorGroup@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorOwner@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSecurityDescriptorSacl@PySECURITY_DESCRIPTOR@@SAPEAU_object@@PEAU2@0@Z
?SetSubAuthority@PySID@@SAPEAU_object@@PEAU2@0@Z
?_MakeAbsoluteSD@@YAHPEAXPEAPEAX@Z
?asStr@PyHANDLE@@QEAAPEAU_object@@XZ
?binaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@0@Z
?deallocFunc@PyACL@@SAXPEAU_object@@@Z
?deallocFunc@PyDEVMODEW@@SAXPEAU_object@@@Z
?deallocFunc@PyHANDLE@@SAXPEAU_object@@@Z
?deallocFunc@PyIID@@SAXPEAU_object@@@Z
?deallocFunc@PyOVERLAPPED@@SAXPEAU_object@@@Z
?deallocFunc@PySECURITY_ATTRIBUTES@@SAXPEAU_object@@@Z
?deallocFunc@PySECURITY_DESCRIPTOR@@SAXPEAU_object@@@Z
?deallocFunc@PySID@@SAXPEAU_object@@@Z
?deallocFunc@PyWAVEFORMATEX@@SAXPEAU_object@@@Z
?get_DeviceName@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_DriverData@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_FormName@PyDEVMODEW@@SAPEAU_object@@PEAU2@PEAX@Z
?get_handle@PyHANDLE@@SAPEAU_object@@PEAU2@PEAX@Z
?getattro@PyOVERLAPPED@@SAPEAU_object@@PEAU2@0@Z
?getattro@PySECURITY_ATTRIBUTES@@SAPEAU_object@@PEAU2@0@Z
?getbufferinfo@PySECURITY_DESCRIPTOR@@SAHPEAU_object@@PEAUPy_buffer@@H@Z
?getbufferinfo@PySID@@SAHPEAU_object@@PEAUPy_buffer@@H@Z
?getset@PyDEVMODEW@@2PAUPyGetSetDef@@A
?getset@PyHANDLE@@2PAUPyGetSetDef@@A
?hash@PyHANDLE@@QEAA_JXZ
?hash@PyIID@@QEAA_JXZ
?hashFunc@PyHANDLE@@SA_JPEAU_object@@@Z
?hashFunc@PyIID@@SA_JPEAU_object@@@Z
?hashFunc@PyOVERLAPPED@@SA_JPEAU_object@@@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?intFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?len@PyWinBufferView@@QEAAKXZ
?longFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?members@PyDEVMODEW@@2PAUPyMemberDef@@A
?members@PyOVERLAPPED@@2PAUPyMemberDef@@A
?members@PySECURITY_ATTRIBUTES@@2PAUPyMemberDef@@A
?members@PyWAVEFORMATEX@@2PAUPyMemberDef@@A
?methods@PyACL@@2PAUPyMethodDef@@A
?methods@PyDEVMODEW@@2PAUPyMethodDef@@A
?methods@PyHANDLE@@2PAUPyMethodDef@@A
?methods@PySECURITY_ATTRIBUTES@@2PAUPyMethodDef@@A
?methods@PySECURITY_DESCRIPTOR@@2PAUPyMethodDef@@A
?methods@PySID@@2PAUPyMethodDef@@A
?modify_in_place@PyDEVMODEW@@QEAAXXZ
?nonzeroFunc@PyHANDLE@@SAHPEAU_object@@@Z
?ok@PyWinBufferView@@QEAA_NXZ
?print@PyHANDLE@@QEAAHPEAU_iobuf@@H@Z
?printFunc@PyHANDLE@@SAHPEAU_object@@PEAU_iobuf@@H@Z
?ptr@PyWinBufferView@@QEAAPEAXXZ
?release@PyWinBufferView@@QEAAXXZ
?repr@PyIID@@QEAAPEAU_object@@XZ
?reprFunc@PyIID@@SAPEAU_object@@PEAU2@@Z
?richcompare@PyHANDLE@@QEAAPEAU_object@@PEAU2@H@Z
?richcompare@PyIID@@QEAAPEAU_object@@PEAU2@H@Z
?richcompare@PySID@@QEAAPEAU_object@@PEAU2@H@Z
?richcompareFunc@PyHANDLE@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PyIID@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PyOVERLAPPED@@SAPEAU_object@@PEAU2@0H@Z
?richcompareFunc@PySID@@SAPEAU_object@@PEAU2@0H@Z
?set_DeviceName@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?set_DriverData@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?set_FormName@PyDEVMODEW@@SAHPEAU_object@@0PEAX@Z
?setattro@PyOVERLAPPED@@SAHPEAU_object@@00@Z
?setattro@PySECURITY_ATTRIBUTES@@SAHPEAU_object@@00@Z
?str@PyIID@@QEAAPEAU_object@@XZ
?strFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
?strFunc@PyIID@@SAPEAU_object@@PEAU2@@Z
?strFunc@PySID@@SAPEAU_object@@PEAU2@@Z
?ternaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@00@Z
?tp_new@PyDEVMODEW@@SAPEAU_object@@PEAU_typeobject@@PEAU2@1@Z
?unaryFailureFunc@PyHANDLE@@SAPEAU_object@@PEAU2@@Z
DllMain
PyInit_pywintypes

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/select.pyd
.dll windows:6 windows x64 arch:x64

fc4f7d736924aa67a1bd7b7b80894df9

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

69:5d:91:bd:1b:e6:22:4b:12:60:5e:45:71:31:42:db:93:3e:07:5a:fd:03:fa:d8:47:73:78:bf:85:4a:05:f5
Signer

Actual PE Digest

69:5d:91:bd:1b:e6:22:4b:12:60:5e:45:71:31:42:db:93:3e:07:5a:fd:03:fa:d8:47:73:78:bf:85:4a:05:f5

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\select.pdb

Imports

ws2_32

select
__WSAFDIsSet
WSAGetLastError

python311

PyModuleDef_Init
_PyDeadline_Get
PyExc_TypeError
PyTuple_Pack
PyModule_GetState
PyEval_RestoreThread
_PyTime_AsTimeval
_PyDeadline_Init
PyErr_CheckSignals
PyExc_OSError
PyObject_AsFileDescriptor
PyList_New
PySequence_Fast
PyModule_AddObjectRef
PyErr_ExceptionMatches
_Py_Dealloc
PyExc_ValueError
PyErr_SetString
_Py_NoneStruct
PyEval_SaveThread
PyErr_Occurred
_PyArg_CheckPositional
_PyTime_FromSecondsObject
PyUnicode_InternFromString
PyErr_SetExcFromWindowsErr
PyList_SetItem
_PyTime_AsTimeval_clamp

vcruntime140

memset
memcpy
__std_type_info_destroy_list
__C_specific_handler

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_errno
_initterm
_initterm_e
_seh_filter_dll

kernel32

GetCurrentProcessId
RtlLookupFunctionEntry
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
RtlCaptureContext
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind

Exports

Exports

PyInit_select

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 708B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 76B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/test.exe
.exe windows:6 windows x64 arch:x64

7da23611da9a1a2e375a0e7913fad335

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

python311

Py_DebugFlag
Py_VerboseFlag
Py_InteractiveFlag
Py_InspectFlag
Py_OptimizeFlag
Py_NoSiteFlag
Py_BytesWarningFlag
Py_FrozenFlag
Py_IgnoreEnvironmentFlag
Py_DontWriteBytecodeFlag
Py_NoUserSiteDirectory
Py_UTF8Mode
PyImport_FrozenModules
PyMem_Malloc
PyMem_Calloc
PyMem_Realloc
PyType_Ready
PyObject_Str
PyObject_RichCompare
PyObject_RichCompareBool
PyObject_SetAttrString
PyObject_GetAttr
PyObject_SelfIter
PyObject_GenericSetAttr
PyObject_IsTrue
PyCallable_Check
PyObject_ClearWeakRefs
_Py_Dealloc
_PyObject_LookupAttr
PyObject_Realloc
PyObject_Free
PyObject_InitVar
_PyObject_New
_PyObject_GC_Resize
_PyObject_GC_NewVar
PyObject_GC_Del
PyByteArray_FromObject
PyByteArray_FromStringAndSize
PyBytes_FromStringAndSize
PyBytes_FromString
PyUnicode_FromStringAndSize
PyUnicode_FromFormat
PyUnicode_InternInPlace
PyUnicode_FromWideChar
PyUnicode_DecodeUTF8
PyUnicode_Concat
PyUnicode_FindChar
PyUnicode_Format
PyUnicode_New
_PyUnicode_Ready
PyUnicode_AsUnicode
PyLong_AsLongAndOverflow
PyLong_FromLongLong
PyLong_FromUnsignedLongLong
PyLong_FromString
PyLong_FromUnicodeObject
_PyLong_New
_PyLong_Copy
PyFloat_FromString
PyFloat_FromDouble
PyComplex_FromDoubles
PyTuple_New
PyTuple_Pack
_PyTuple_MaybeUntrack
PyList_New
PyList_SetItem
PyList_Append
PyList_Sort
PyDict_New
PyDict_GetItem
PyDict_MergeFromSeq2
PyDict_GetItemString
PyDict_SetItemString
_PyDict_MaybeUntrack
PySet_Add
_PySet_NextEntry
PyCMethod_New
PyModule_NewObject
PyModule_GetName
PyModule_GetFilenameObject
PyModule_GetDef
PyCode_NewWithPosOnlyArgs
_PyRuntime_Initialize
PyFrame_GetBack
_PyGen_SetStopIterationValue
_PyGen_FetchStopIterationValue
PyDescr_IsData
PyErr_WarnEx
_PyWeakref_ClearRef
PyErr_ExceptionMatches
PyException_SetCause
PyErr_BadArgument
PyErr_NoMemory
PyOS_snprintf
_PyErr_FormatFromCause
_PyErr_WriteUnraisableMsg
PyArg_ParseTuple
PyArg_ParseTupleAndKeywords
PyArg_UnpackTuple
Py_BuildValue
PyModule_ExecDef
PyModule_FromDefAndSpec2
_PyArg_NoKeywords
PyErr_Print
Py_CompileStringExFlags
PyEval_GetFuncName
PyEval_RestoreThread
_PyEval_EvalFrameDefault
PySys_WriteStderr
PyImport_ExecCodeModule
PyImport_ExecCodeModuleEx
PyImport_GetModuleDict
PyImport_ImportModule
PyImport_ImportFrozenModule
_PyImport_FixupExtensionObject
PyObject_Call
PyObject_CallObject
PyObject_CallFunction
PyObject_CallFunctionObjArgs
PyObject_CallMethodObjArgs
PyObject_GetIter
PyIter_Next
PyIter_Send
PyNumber_Add
PyNumber_Subtract
PyNumber_FloorDivide
PyNumber_Float
PyNumber_InPlaceAdd
PyNumber_InPlaceMultiply
PyNumber_InPlaceLshift
PyNumber_InPlaceOr
PyNumber_ToBase
PySequence_List
PyMapping_Size
_PyObject_HasLen
PyObject_LengthHint
PyMarshal_ReadObjectFromString
_PyErr_ChainStackItem
_PyErr_NormalizeException
PyByteArray_Type
_PyByteArray_empty_string
PyBool_Type
PyFloat_Type
PyComplex_Type
PyRange_Type
PyDictKeys_Type
PyDictItems_Type
PySet_Type
PyFrozenSet_Type
PyModuleDef_Type
PyMethod_Type
PyCode_Type
PyFrame_Type
PyTraceBack_Type
_Py_EllipsisObject
PySlice_Type
PyEllipsis_Type
PyGen_Type
PyCoro_Type
PyAsyncGen_Type
_PyAsyncGenWrappedValue_Type
Py_GenericAliasType
_PyWeakref_RefType
_PyWeakref_ProxyType
_PyWeakref_CallableProxyType
PyExc_StopAsyncIteration
PyExc_NameError
PyExc_UnboundLocalError
PyExc_ImportWarning
_Py_PackageContext
_PyConfig_InitCompatConfig
_PyWarnings_Init
PySys_SetArgv
Py_ExitStatusException
Py_InitializeFromConfig
Py_SetProgramName
PyErr_SetInterrupt
PyConfig_SetArgv
PyConfig_SetString
PyWideStringList_Append
PyStatus_Exception
PyDict_DelItemString
PyLong_AsLong
PyUnicode_AsUTF8
PyNumber_Invert
PyUnicode_Join
PyExc_OverflowError
PyProperty_Type
PyExc_WindowsError
_Py_NotImplementedStruct
PyLong_FromVoidPtr
PyExc_EnvironmentError
PyExc_UnicodeEncodeError
PyNumber_Negative
PyMap_Type
PyExc_IOError
PyObject_Dir
PyExc_NotImplementedError
PyZip_Type
PyExc_RuntimeError
PyNumber_Long
PyObject_Repr
PyExc_GeneratorExit
PyLong_Type
PySuper_Type
PyObject_GetItem
PyExc_ZeroDivisionError
PyExc_KeyError
PyExc_ImportError
PyExc_OSError
PyExc_AssertionError
PyExc_Exception
PyExc_BaseException
PyReversed_Type
PyEnum_Type
PyObject_DelItem
PyFrozenSet_New
PySet_New
_PyDict_NewPresized
PyDict_Merge
PyDict_DelItem
PyObject_SetAttr
PyExc_IndexError
PyList_Type
PyObject_SetItem
PyModule_GetDict
PyLong_FromSsize_t
PyUnicode_Find
PyUnicode_GetLength
PyUnicode_Substring
PyObject_GetAttrString
_PyRuntime
PyExc_ValueError
PyExc_SystemExit
PyExc_StopIteration
PySeqIter_Type
PyModule_Type
PyDict_Type
PyTuple_Type
PyUnicode_Type
PyBytes_Type
PyObject_IsSubclass
PySequence_Contains
PySequence_Tuple
PySequence_Check
PyNumber_AsSsize_t
PyEval_AcquireThread
PyEval_SaveThread
Py_MakePendingCalls
Py_Exit
PyErr_PrintEx
PyErr_WriteUnraisable
PyException_SetContext
PyException_GetContext
Py_GenericAlias
PyDict_SetItem
PyObject_Malloc
_PyObject_FunctionStr
PyType_IsSubtype
PyExc_TypeError
PyExc_SystemError
PyExc_AttributeError
PyFunction_Type
PyCFunction_Type
_Py_NoneStruct
PyBaseObject_Type
PyType_Type
PyObject_IsInstance
PyErr_Format
_PyFunction_Vectorcall
_PyType_Lookup
_Py_TrueStruct
_Py_FalseStruct
PySys_SetObject
PySys_GetObject
PyStructSequence_New
PyStructSequence_InitType
PyCapsule_New
PyLong_FromLong
PyUnicode_FromString

kernel32

WriteConsoleW
HeapReAlloc
HeapSize
SetFilePointerEx
GetFileSizeEx
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetProcessHeap
GetStringTypeW
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
MultiByteToWideChar
GetFileType
LCMapStringW
CompareStringW
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
HeapFree
HeapAlloc
GetStdHandle
GetCommandLineW
GetCommandLineA
GetModuleHandleExW
RtlPcToFileHeader
RaiseException
EncodePointer
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
SetLastError
RtlUnwindEx
GetEnvironmentVariableA
GetModuleHandleW
GetStartupInfoW
IsDebuggerPresent
InitializeSListHead
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
WideCharToMultiByte
FindResourceA
FormatMessageA
LockResource
LoadResource
LoadLibraryExW
GetProcAddress
GetModuleHandleA
GetModuleFileNameW
GetSystemTimeAsFileTime
GetCurrentProcessId
SetErrorMode
WriteFile
GetShortPathNameW
CreateFileW
SetEnvironmentVariableW
GetEnvironmentVariableW
SetDllDirectoryW
OpenProcess
CreateThread
ExitProcess
Sleep
WaitForSingleObject
GetLastError
CloseHandle
SetStdHandle

Sections

.text
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6.9MB - Virtual size: 6.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/unicodedata.pyd
.dll windows:6 windows x64 arch:x64

bb6f6d951dbdd290ecf382ca57459172

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29/04/2021, 00:00

Not After

28/04/2036, 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

17/01/2022, 00:00

Not After

15/01/2025, 23:59

Subject

CN=Python Software Foundation,O=Python Software Foundation,L=Beaverton,ST=Oregon,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21/09/2022, 00:00

Not After

21/11/2033, 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23/03/2022, 00:00

Not After

22/03/2037, 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01/08/2022, 00:00

Not After

09/11/2031, 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

75:a2:17:6b:cf:b4:02:26:96:16:c7:ae:f2:63:74:c1:a1:d4:d5:43:08:08:23:d2:81:59:68:a2:a2:79:c0:d1
Signer

Actual PE Digest

75:a2:17:6b:cf:b4:02:26:96:16:c7:ae:f2:63:74:c1:a1:d4:d5:43:08:08:23:d2:81:59:68:a2:a2:79:c0:d1

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\_w\1\b\bin\amd64\unicodedata.pdb

Imports

python311

PyCapsule_GetPointer
PyUnicode_FromStringAndSize
PyModule_AddObjectRef
_Py_Dealloc
PyUnicode_FromString
_Py_FalseStruct
PyModule_AddStringConstant
PyModule_AddType
PyModule_Type
_PyUnicode_Ready
_Py_TrueStruct
_PyUnicode_ToDigit
PyModule_AddObject
PyMem_Realloc
PyUnicode_Compare
PyType_FromSpec
PyObject_GC_Track
PyModuleDef_Init
PyUnicode_FromKindAndData
PyErr_NoMemory
PyMem_Free
PyCapsule_New
PyObject_GC_Del
_PyObject_GC_New
PyMem_Malloc
PyType_IsSubtype
PyErr_Format
PyExc_ValueError
PyErr_SetString
_PyArg_BadArgument
_PyUnicode_ToDecimalDigit
_PyUnicode_ToNumeric
PyFloat_FromDouble
_Py_ctype_toupper
PyUnicode_FromOrdinal
PyObject_GC_UnTrack
PyLong_FromLong
PyObject_GenericGetAttr
PyErr_Occurred
PyExc_KeyError
_PyArg_CheckPositional
PyOS_snprintf
PyUnicode_CompareWithASCIIString
_PyArg_Parse_SizeT

vcruntime140

__std_type_info_destroy_list
__C_specific_handler
memset
memcpy

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf

api-ms-win-crt-runtime-l1-1-0

_cexit
_execute_onexit_table
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm
_initterm_e

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext

Exports

Exports

PyInit_unicodedata

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/vcruntime140.dll
.dll windows:6 windows x64 arch:x64

7f07fd94e5bb907093556781cc464017

Code Sign

33:00:00:02:55:18:1d:a4:2e:e0:86:fc:15:00:00:00:00:02:55
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:33

Not After

01/09/2022, 18:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

17:0d:0c:3b:36:91:d0:ba:7c:79:3e:e3:60:d3:4c:60:84:ed:f5:f6:d9:00:73:ea:e4:82:dc:83:6b:ec:54:cd
Signer

Actual PE Digest

17:0d:0c:3b:36:91:d0:ba:7c:79:3e:e3:60:d3:4c:60:84:ed:f5:f6:d9:00:73:ea:e4:82:dc:83:6b:ec:54:cd

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

calloc
malloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
strncmp
wcsncmp

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsprintf
__stdio_common_vsprintf_s

api-ms-win-crt-convert-l1-1-0

atol

kernel32

GetLastError
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlLookupFunctionEntry
RtlUnwindEx
GetModuleHandleW
GetModuleFileNameW
RtlUnwind
EncodePointer
RaiseException
RtlPcToFileHeader
InterlockedPushEntrySList
InterlockedFlushSList
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
GetProcAddress
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
LoadLibraryExW

Exports

Exports

_CreateFrameInfo
_CxxThrowException
_FindAndUnlinkFrame
_IsExceptionObjectToBeDestroyed
_SetWinRTOutOfMemoryExceptionCallback
__AdjustPointer
__BuildCatchObject
__BuildCatchObjectHelper
__C_specific_handler
__C_specific_handler_noexcept
__CxxDetectRethrow
__CxxExceptionFilter
__CxxFrameHandler
__CxxFrameHandler2
__CxxFrameHandler3
__CxxQueryExceptionSize
__CxxRegisterExceptionObject
__CxxUnregisterExceptionObject
__DestructExceptionObject
__FrameUnwindFilter
__GetPlatformExceptionInfo
__NLG_Dispatch2
__NLG_Return2
__RTCastToVoid
__RTDynamicCast
__RTtypeid
__TypeMatch
__current_exception
__current_exception_context
__intrinsic_setjmp
__intrinsic_setjmpex
__processing_throw
__report_gsfailure
__std_exception_copy
__std_exception_destroy
__std_terminate
__std_type_info_compare
__std_type_info_destroy_list
__std_type_info_hash
__std_type_info_name
__telemetry_main_invoke_trigger
__telemetry_main_return_trigger
__unDName
__unDNameEx
__uncaught_exception
__uncaught_exceptions
__vcrt_GetModuleFileNameW
__vcrt_GetModuleHandleW
__vcrt_InitializeCriticalSectionEx
__vcrt_LoadLibraryExW
_get_purecall_handler
_get_unexpected
_is_exception_typeof
_local_unwind
_purecall
_set_purecall_handler
_set_se_translator
longjmp
memchr
memcmp
memcpy
memmove
memset
set_unexpected
strchr
strrchr
strstr
unexpected
wcschr
wcsrchr
wcsstr

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 348B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 976B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/vcruntime140_1.dll
.dll windows:6 windows x64 arch:x64

bf380ca954cbf10d1a4cef9ec18e46fd

Code Sign

33:00:00:02:54:ca:2b:f3:cb:9d:da:a6:75:00:00:00:00:02:54
Certificate

Issuer

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

02/09/2021, 18:33

Not After

01/09/2022, 18:33

Subject

CN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

61:0e:90:d2:00:00:00:00:00:03
Certificate

Issuer

CN=Microsoft Root Certificate Authority 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Not Before

08/07/2011, 20:59

Not After

08/07/2026, 21:09

Subject

CN=Microsoft Code Signing PCA 2011,O=Microsoft Corporation,L=Redmond,ST=Washington,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

6b:64:bf:50:2b:89:f2:c5:be:a7:9b:85:01:0a:13:26:74:a1:c4:23:31:89:41:11:45:75:15:9f:1f:ef:f1:63
Signer

Actual PE Digest

6b:64:bf:50:2b:89:f2:c5:be:a7:9b:85:01:0a:13:26:74:a1:c4:23:31:89:41:11:45:75:15:9f:1f:ef:f1:63

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

D:\a\_work\1\s\\binaries\amd64ret\bin\amd64\\vcruntime140_1.amd64.pdb

Imports

api-ms-win-crt-runtime-l1-1-0

terminate
abort

api-ms-win-crt-heap-l1-1-0

malloc
calloc
free

api-ms-win-crt-string-l1-1-0

strcpy_s
wcsncmp

vcruntime140

memcpy
__processing_throw
__C_specific_handler
memmove
__current_exception

kernel32

IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlCaptureContext
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
RtlUnwindEx
RtlLookupFunctionEntry
LoadLibraryExW
GetProcAddress
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
EncodePointer
RaiseException
RtlPcToFileHeader
SetLastError
DeleteCriticalSection
GetLastError
InitializeCriticalSectionAndSpinCount

Exports

Exports

__CxxFrameHandler4
__NLG_Dispatch2
__NLG_Return2

Sections

.text
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1024B - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 324B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/win32api.pyd
.dll windows:6 windows x64 arch:x64

2000df8846b8f315bdc5cce6da06b275

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32api.pdb

Imports

user32

ChangeDisplaySettingsW
GetCursorPos
SetCursorPos
ShowCursor
RegisterWindowMessageW
PostQuitMessage
PostThreadMessageW
SetCursor
mouse_event
ClipCursor
LoadCursorW
WinHelpW
GetSysColor
LoadKeyboardLayoutW
GetKeyboardLayout
GetKeyboardLayoutList
SetClassWord
ExitWindowsEx
GetKeyboardLayoutNameW
VkKeyScanW
SetSysColors
MapVirtualKeyExW
VkKeyScanExA
GetAsyncKeyState
GetKeyboardState
LoadStringW
VkKeyScanA
GetWindowLongPtrW
SetClassLongPtrW
MessageBeep
GetSystemMetrics
SendMessageW
SetWindowWord
ToAsciiEx
SetWindowLongPtrW
MessageBoxExW
keybd_event
GetFocus
MapVirtualKeyW
GetKeyState
EnumDisplaySettingsW
VkKeyScanExW
PostMessageW

advapi32

InitiateSystemShutdownW
RegNotifyChangeKeyValue
RegGetKeySecurity
RegEnumKeyW
RegQueryInfoKeyW
RegDeleteKeyW
RegQueryValueW
RegFlushKey
RegCreateKeyExW
RegSaveKeyW
RegEnumKeyExW
RegSetKeySecurity
RegSetValueExW
AbortSystemShutdownW
OpenProcessToken
RegUnLoadKeyW
RegLoadKeyW
RegOpenKeyExW
RegCreateKeyW
RegConnectRegistryW
RegDeleteValueW
GetUserNameW
OpenThreadToken
LookupAccountSidW
RegEnumValueW
RegQueryValueExW
RegSetValueW
GetTokenInformation

shell32

DragQueryFileW
ShellExecuteW
DragFinish
CommandLineToArgvW
FindExecutableW

version

GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW

python311

PyExc_SystemError
PyLong_FromLong
Py_BuildValue
_Py_NoneStruct
PyExc_WindowsError
PyErr_SetString
PyExc_ValueError
PyErr_Format
_Py_Dealloc
PyUnicode_AsUTF8
PyList_New
PyList_Append
PyObject_GenericSetAttr
PyExc_NotImplementedError
PyArg_ParseTupleAndKeywords
_Py_NewReference
PyExc_TypeError
PyArg_ParseTuple
PyExc_Exception
PyErr_SetObject
PyBool_FromLong
_Py_BuildValue_SizeT
PyLong_AsUnsignedLong
PyModule_AddIntConstant
PyBytes_AsString
PySequence_GetItem
PyErr_Occurred
PyEval_SaveThread
PyList_SetSlice
PyExc_MemoryError
PyLong_FromUnsignedLongLong
PyGILState_Release
PyTuple_New
PyDict_SetItemString
PyList_Size
PyUnicode_FromWideChar
PyLong_FromUnsignedLong
_PyArg_ParseTupleAndKeywords_SizeT
PyTuple_GetItem
PyModule_GetDict
_PyArg_ParseTuple_SizeT
PyLong_AsLong
PyUnicode_AsWideCharString
PyModule_Create2
PyType_Ready
PyErr_Clear
PyTuple_Size
PySequence_Check
PyMem_Free
PyTuple_SetItem
PyErr_NoMemory
PyObject_CallObject
PyBytes_FromStringAndSize
PyEval_RestoreThread
PySys_WriteStderr
PyObject_Call
PyUnicode_GetLength
PyThreadState_Swap
PyErr_Print
PyObject_GenericGetAttr
PyMem_Malloc
PyCallable_Check
PyObject_IsTrue
PyObject_IsSubclass
PyGILState_Ensure

pywintypes311

?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromDEVMODE@@YAPEAU_object@@PEAU_devicemodeW@@@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsSYSTEMTIME@@YAHPEAU_object@@PEAU_SYSTEMTIME@@@Z
?PyWinObject_FromSYSTEMTIME@@YAPEAU_object@@AEBU_SYSTEMTIME@@@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_AsSECURITY_DESCRIPTOR@@YAHPEAU_object@@PEAPEAXH@Z
?PyWinObject_FromSECURITY_DESCRIPTOR@@YAPEAU_object@@PEAX@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinObject_FreeResourceIdA@@YAXPEAD@Z
?PyWin_NewUnicode@@YAPEAU_object@@PEAU1@0@Z
?PyWinObject_FreeMultipleString@@YAXPEA_W@Z
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWin_GetErrorMessageModule@@YAPEAUHINSTANCE__@@K@Z
?PyObject_FromWIN32_FIND_DATAW@@YAPEAU_object@@PEAU_WIN32_FIND_DATAW@@@Z
?PyWinObject_FromMultipleString@@YAPEAU_object@@PEA_W@Z
?PyWinObject_CloseHKEY@@YAHPEAU_object@@@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_FromHKEY@@YAPEAU_object@@PEAUHKEY__@@@Z
?PyWinObject_AsULARGE_INTEGER@@YAHPEAU_object@@PEAT_ULARGE_INTEGER@@@Z
?PyWinObject_AsHKEY@@YAHPEAU_object@@PEAPEAUHKEY__@@@Z
?PyWinObject_AsMultipleString@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinInterpreterLock_Release@@YAXXZ
?PyWinObject_CloseHANDLE@@YAHPEAU_object@@@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinObject_FromULARGE_INTEGER@@YAPEAU_object@@AEBT_ULARGE_INTEGER@@@Z
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?PyWinThreadState_Ensure@@YAHXZ
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinThreadState_Free@@YAXXZ
?PyWinObject_AsResourceIdA@@YAHPEAU_object@@PEAPEADH@Z
?len@PyWinBufferView@@QEAAKXZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?ok@PyWinBufferView@@QEAA_NXZ
??1PyWinBufferView@@QEAA@XZ
??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
??0PyWinBufferView@@QEAA@XZ
?PyWinInterpreterLock_Acquire@@YAXXZ

kernel32

GetLogicalDrives
GetVolumeInformationW
SetConsoleCtrlHandler
SizeofResource
GetConsoleTitleW
GetEnvironmentVariableW
GetSystemPowerStatus
WriteProfileStringW
GetTempPathW
GetPrivateProfileSectionW
FindClose
GetFileAttributesW
GetCurrentThreadId
GetVersionExW
GetSystemDirectoryW
SetThreadLocale
FindFirstFileW
SearchPathW
WritePrivateProfileStringW
CompareStringW
GetSystemDefaultLCID
SetLastError
GetProfileSectionW
SetLocalTime
GetCommandLineW
GetFullPathNameW
FindNextFileW
GetCurrentProcess
GetStdHandle
EnumResourceTypesW
SetTimeZoneInformation
ExpandEnvironmentStringsW
GetShortPathNameW
GetDiskFreeSpaceW
GetPrivateProfileIntW
TerminateProcess
GetProfileIntW
GetUserDefaultLangID
GetModuleFileNameW
GetThreadLocale
SetEnvironmentVariableW
SetSystemTime
EnumResourceNamesW
GetStartupInfoW
DuplicateHandle
GetSystemDefaultLangID
FindFirstChangeNotificationW
OpenProcess
GetVersion
SetFileAttributesW
GetLogicalDriveStringsW
EndUpdateResourceW
GetPrivateProfileStringW
FormatMessageW
GetTimeZoneInformation
GetTickCount64
GetLastError
OutputDebugStringW
GetUserDefaultLCID
GetDiskFreeSpaceExW
GetCurrentThread
FindCloseChangeNotification
LockResource
DeleteFileW
CloseHandle
EnumResourceLanguagesW
GetSystemInfo
WriteProfileSectionW
LoadLibraryW
FindResourceExW
LoadResource
GetLocalTime
SetStdHandle
UpdateResourceW
FindNextChangeNotification
GetWindowsDirectoryW
Beep
GetProcAddress
LocalFree
GetTimeFormatW
MoveFileExW
GetComputerNameW
GetCurrentProcessId
GetModuleHandleW
FreeLibrary
CopyFileW
GetProfileStringW
SleepEx
SetErrorMode
IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
LoadLibraryExA
VirtualQuery
VirtualProtect
RaiseException
GenerateConsoleCtrlEvent
LoadLibraryExW
OpenThread
MoveFileW
SetConsoleTitleW
GetDateFormatW
DebugBreak
GlobalMemoryStatus
GetSystemTime
GetTempFileNameW
BeginUpdateResourceW
WritePrivateProfileSectionW
WinExec

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_type_info_destroy_list
__std_terminate
__C_specific_handler
__std_exception_copy
__std_exception_destroy
__current_exception
__current_exception_context
memset
_CxxThrowException
memcpy

api-ms-win-crt-convert-l1-1-0

_itow

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-runtime-l1-1-0

_configure_narrow_argv
terminate
_initterm_e
_initterm
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_at_quick_exit
_crt_atexit
_cexit
_initialize_narrow_environment
_seh_filter_dll

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

?PyDISPLAY_DEVICEType@@3U_typeobject@@A
PyInit_win32api

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/win32gui.pyd
.dll windows:6 windows x64 arch:x64

43844ac41b302cdc6cb7d5f7d6fcc995

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32gui.pdb

Imports

gdi32

InvertRgn
GetMiterLimit
DeleteObject
PtInRegion
RestoreDC
SetStretchBltMode
Ellipse
SetBkColor
MoveToEx
RectInRegion
GetTextColor
SetArcDirection
Polygon
GetViewportExtEx
GetObjectW
SetViewportOrgEx
Rectangle
ExtCreatePen
CreatePen
LineTo
SetBkMode
GetGraphicsMode
EndPath
SetTextColor
GetTextExtentPoint32W
DeleteDC
SetPixelV
OffsetRgn
GetTextAlign
GetPixel
SetPolyFillMode
EqualRgn
CreatePatternBrush
GetTextMetricsW
StrokeAndFillPath
StrokePath
SetViewportExtEx
EnumFontFamiliesW
SetMiterLimit
GetWindowOrgEx
Polyline
CreatePolygonRgn
ArcTo
ExtFloodFill
PathToRegion
SetWindowExtEx
PolyBezier
GetPath
CreateRoundRectRgn
GetCurrentPositionEx
PolyBezierTo
CreateRectRgnIndirect
GetStockObject
CreateEllipticRgnIndirect
SetWindowOrgEx
CreateDCW
ResetDCW
PaintRgn
Chord
CreateHatchBrush
BeginPath
GetStretchBltMode
CreateBrushIndirect
GetTextFaceW
GetTextCharacterExtra
FrameRgn
AbortPath
StretchBlt
SetGraphicsMode
PatBlt
SetPixel
CreateCompatibleDC
FillPath
GetBkMode
Arc
GetWindowExtEx
SelectObject
Pie
SaveDC
PolylineTo
CreateCompatibleBitmap
BitBlt
GetPolyFillMode
SetRectRgn
GetBkColor
CloseFigure
SetMapMode
CreateSolidBrush
CreateBitmap
SetROP2
CreateFontIndirectW
GetCurrentObject
SetTextAlign
CombineRgn
FlattenPath
GetMapMode
GetObjectType
RoundRect
FillRgn
ExtTextOutW
SetTextCharacterExtra
GetRgnBox
WidenPath
GetROP2
GetArcDirection
GetViewportOrgEx

user32

FindWindowW
ScrollWindowEx
LoadIconW
TranslateMessage
TranslateAcceleratorW
BringWindowToTop
SetCapture
DestroyMenu
FlashWindow
CreateAcceleratorTableW
EnumWindows
SetMenu
MoveWindow
IsWindowEnabled
DialogBoxIndirectParamW
GetForegroundWindow
GetSysColor
GetTopWindow
RegisterHotKey
GetDlgItemTextW
DrawFocusRect
SetMenuDefaultItem
CreateIconFromResource
SetDoubleClickTime
FrameRect
GetDoubleClickTime
ValidateRect
SetWindowPlacement
RegisterClassW
SetDlgItemTextW
WindowFromDC
CreateCaret
IsChild
PaintDesktop
EnumPropsExW
PeekMessageW
DestroyAcceleratorTable
SetMenuItemInfoW
DefDlgProcW
ClientToScreen
GetDlgCtrlID
CreateIconIndirect
DestroyIcon
GetMenuDefaultItem
IsDialogMessageW
RedrawWindow
GetCursorInfo
DispatchMessageW
GetCapture
RegisterDeviceNotificationW
InvalidateRgn
IsWindow
ReplyMessage
ShowWindow
GetActiveWindow
GetSubMenu
SetCaretPos
TrackPopupMenu
GetClassLongPtrW
DrawIcon
GetWindowPlacement
WindowFromPoint
GetWindowLongPtrW
WaitMessage
GetScrollInfo
ChildWindowFromPointEx
SetMenuItemBitmaps
SetClassLongPtrW
CreatePopupMenu
DragDetect
SetWindowTextW
UnregisterClassW
EndDialog
GetCursor
SendMessageW
ScreenToClient
DeleteMenu
GetIconInfo
CreateWindowExW
FillRect
HideCaret
CopyIcon
SetWindowRgn
SetWindowLongPtrW
EnumChildWindows
ValidateRgn
GetMenuItemCount
SetActiveWindow
InvertRect
MessageBoxW
SetWindowPos
IsWindowVisible
GetCaretPos
GetDC
DestroyWindow
InsertMenuItemW
GetFocus
SendMessageTimeoutW
GetMenu
GetMenuItemID
GetWindowRect
FindWindowExW
GetWindow
CheckMenuRadioItem
PostMessageW
CallWindowProcW
GetUpdateRgn
LoadMenuW
ModifyMenuW
GetMenuState
CloseWindow
GetSystemMenu
DefWindowProcW
GetMenuItemInfoW
GetMessageW
SetScrollInfo
DrawAnimatedRects
GetWindowTextLengthW
GetWindowLongW
LoadCursorW
GetWindowDC
EnumThreadWindows
InsertMenuW
SetCursor
GetDlgItemInt
RemoveMenu
CheckMenuItem
GetClientRect
GetDlgItem
AppendMenuW
GetClassLongW
GetMenuItemRect
DrawTextW
PostThreadMessageW
DrawIconEx
ShowCaret
PostQuitMessage
GetDesktopWindow
GetSysColorBrush
GetNextDlgGroupItem
CreateDialogIndirectParamW
DestroyCaret
GetClassNameW
SetParent
MessageBeep
DrawMenuBar
EnableMenuItem
DrawEdge
SystemParametersInfoW
SetDlgItemInt
CreateMenu
GetParent
RegisterWindowMessageW
DialogBoxParamW
CascadeWindows
PtInRect
UnregisterDeviceNotification
UpdateWindow
ReleaseCapture
SetForegroundWindow
LoadImageW
InvalidateRect
GetAncestor
IsIconic
ChildWindowFromPoint
ReleaseDC
GetCursorPos
BeginPaint
GetNextDlgTabItem
EndPaint
GetWindowRgn
EnableWindow
GetWindowTextW
SetFocus

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

comctl32

ImageList_SetOverlayImage
ImageList_DrawEx
ImageList_Remove
ImageList_GetIcon
_TrackMouseEvent
ImageList_LoadImageW
ord17
ImageList_Destroy
ImageList_Replace
ImageList_Create
ImageList_GetImageCount
ImageList_Draw
ImageList_Add
ImageList_SetBkColor
ImageList_ReplaceIcon
InitCommonControlsEx

shell32

DragAcceptFiles
Shell_NotifyIconW
ExtractIconW
ExtractIconExW

python311

PySys_WriteStderr
_Py_TrueStruct
PyEval_CallObjectWithKeywords
PyCallable_Check
PyObject_IsTrue
PyObject_Call
PyErr_Print
PyExc_TypeError
_Py_NewReference
PyDict_DelItem
PyGILState_Ensure
PyObject_CallObject
PyDict_GetItem
PyErr_NoMemory
PyLong_FromVoidPtr
PyMem_Free
PyDict_New
PyDict_SetItem
PyObject_GenericSetAttr
PyTuple_Size
PyErr_Clear
PyObject_GetAttrString
PyType_Ready
PyModule_Create2
PyUnicode_AsWideCharString
PyUnicode_AsUTF8
PyLong_AsLong
PyErr_Fetch
_PyArg_ParseTuple_SizeT
PyModule_GetDict
PyTuple_GetItem
PyLong_AsUnsignedLongMask
PyExc_PendingDeprecationWarning
_Py_FalseStruct
PyFloat_FromDouble
PyErr_Format
_PyArg_ParseTupleAndKeywords_SizeT
PyExc_AttributeError
PyEval_RestoreThread
PyLong_AsUnsignedLong
PyErr_Occurred
PyDict_SetItemString
PyTuple_New
PyLong_AsLongLong
PyBytes_AsStringAndSize
PyGILState_Release
PyBytes_FromString
PyExc_MemoryError
PyEval_SaveThread
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_WarnEx
_Py_BuildValue_SizeT
PyBool_FromLong
PySequence_Tuple
PyArg_ParseTuple
PyExc_NotImplementedError
PyBytes_FromStringAndSize
PyList_Append
PyList_New
_Py_Dealloc
PyLong_FromUnsignedLong
PyExc_ValueError
PyErr_SetString
_Py_NoneStruct
Py_BuildValue
PyLong_FromLong

pywintypes311

??0PyWinBufferView@@QEAA@PEAU_object@@_N1@Z
?ok@PyWinBufferView@@QEAA_NXZ
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_AsPARAM@@YAHPEAU_object@@PEAVPyWin_PARAMHolder@@@Z
?PyWinObject_AsRECT@@YAHPEAU_object@@PEAUtagRECT@@@Z
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWinObject_AsPOINT@@YAHPEAU_object@@PEAUtagPOINT@@@Z
?PyWinSequence_Tuple@@YAPEAU_object@@PEAU1@PEAK@Z
?PyWinObject_FromRECT@@YAPEAU_object@@PEAUtagRECT@@@Z
?PyWinObject_AsMSG@@YAHPEAU_object@@PEAUtagMSG@@@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyHANDLEType@@3U_typeobject@@A
?PyWinObject_FromMSG@@YAPEAU_object@@PEBUtagMSG@@@Z
?PyWinGlobals_Ensure@@YAHXZ
?PyWinObject_AsSimplePARAM@@YAHPEAU_object@@PEA_K@Z
?PyBuffer_FromMemory@@YAPEAU_object@@PEAX_J@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWinObject_AsDEVMODE@@YAHPEAU_object@@PEAPEAU_devicemodeW@@H@Z
?PyBuffer_New@@YAPEAU_object@@_J@Z
??0PyHANDLE@@QEAA@PEAX@Z
??1PyHANDLE@@UEAA@XZ
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
??0PyWinBufferView@@QEAA@XZ
??1PyWinBufferView@@QEAA@XZ
?ptr@PyWinBufferView@@QEAAPEAXXZ
?len@PyWinBufferView@@QEAAKXZ
?PyWinObject_FreeResourceId@@YAXPEA_W@Z
?init@PyWinBufferView@@QEAA_NPEAU_object@@_N1@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_AsResourceId@@YAHPEAU_object@@PEAPEA_WH@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinObject_AsDWORDArray@@YAHPEAU_object@@PEAPEAKPEAKH@Z

kernel32

GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
QueryPerformanceCounter
IsBadStringPtrW
IsBadReadPtr
GetModuleHandleW
GetProcAddress
LoadLibraryW
GetLastError
SetLastError
IsBadWritePtr
GlobalReAlloc
GlobalUnlock
GlobalLock
GlobalFree
RtlCaptureContext
IsProcessorFeaturePresent
GlobalAlloc

vcruntime140_1

__CxxFrameHandler4

vcruntime140

memcpy
__std_terminate
__C_specific_handler
__std_exception_copy
__std_exception_destroy
_CxxThrowException
__std_type_info_destroy_list
__current_exception
__current_exception_context
memset

api-ms-win-crt-heap-l1-1-0

free
malloc
calloc
_callnewh

api-ms-win-crt-string-l1-1-0

wcsncpy
strcmp

api-ms-win-crt-runtime-l1-1-0

_seh_filter_dll
_configure_narrow_argv
_initterm_e
_initterm
_initialize_onexit_table
_register_onexit_function
_execute_onexit_table
_crt_atexit
_crt_at_quick_exit
_cexit
terminate
_initialize_narrow_environment

Exports

Exports

DllMain
PyInit_win32gui

Sections

.text
Size: 118KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 860B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
onefile_7828_133599221364008719/win32process.pyd
.dll windows:6 windows x64 arch:x64

f53ca7fceaa6b605e5f94ce576a4f328

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

PDB Paths

C:\src\pywin32\build\temp.win-amd64-cpython-311\Release\win32process.pdb

Imports

advapi32

CreateProcessAsUserW

user32

GetWindowThreadProcessId
AttachThreadInput

python311

PyList_New
PyUnicode_AsWideCharString
PyUnicode_AsUTF8
PyLong_AsLong
PyModule_Create2
PyModule_GetDict
PyLong_AsUnsignedLongMask
_Py_Dealloc
PyErr_SetFromErrno
PyMapping_Size
PyErr_Format
PyLong_FromUnsignedLong
PyErr_SetString
PyExc_AttributeError
PyDict_SetItemString
PyTuple_New
_Py_NoneStruct
PyGILState_Release
PyLong_FromUnsignedLongLong
PyExc_MemoryError
PyLong_FromLong
PyExc_RuntimeError
PyEval_SaveThread
PyObject_GenericGetAttr
PyLong_FromSsize_t
PyErr_Occurred
PyBytes_AsString
_Py_BuildValue_SizeT
PyBool_FromLong
PyType_Ready
PyList_Append
PyMapping_Keys
PyMapping_Check
PyEval_CallObjectWithKeywords
PyEval_RestoreThread
PyErr_Print
PyCallable_Check
PyMapping_Values
PyExc_TypeError
_Py_NewReference
PyGILState_Ensure
PyExc_NotImplementedError
PyBytes_FromStringAndSize
PyTuple_SetItem
PyMem_Free
PyList_GetItem
PyBytes_Size
_PyArg_ParseTuple_SizeT
PyObject_GenericSetAttr

pywintypes311

?PyWinExc_ApiError@@3PEAU_object@@EA
?PyWin_SetAPIError@@YAPEAU_object@@PEADJ@Z
?PyWin_CopyString@@YAPEA_WPEB_W@Z
?PyWinObject_FreeWCHAR@@YAXPEA_W@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W_J@Z
?PyWinObject_FromOLECHAR@@YAPEAU_object@@PEB_W@Z
?PyWinObject_AsWCHAR@@YAHPEAU_object@@PEAPEA_WHPEAK@Z
?PyWinLong_AsVoidPtr@@YAHPEAU_object@@PEAPEAX@Z
?PyWinObject_FromIO_COUNTERS@@YAPEAU_object@@PEAU_IO_COUNTERS@@@Z
?PyHANDLEType@@3U_typeobject@@A
?PyWinGlobals_Ensure@@YAHXZ
?PyWinObject_AsSECURITY_ATTRIBUTES@@YAHPEAU_object@@PEAPEAU_SECURITY_ATTRIBUTES@@H@Z
?PyWinLong_FromVoidPtr@@YAPEAU_object@@PEBX@Z
?PyWinObject_FromFILETIME@@YAPEAU_object@@AEBU_FILETIME@@@Z
?PyWinObject_AsHANDLE@@YAHPEAU_object@@PEAPEAX@Z
?PyWinLong_FromHANDLE@@YAPEAU_object@@PEAX@Z
?PyWinObject_FromHANDLE@@YAPEAU_object@@PEAX@Z

kernel32

IsDebuggerPresent
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentThreadId
QueryPerformanceCounter
IsProcessorFeaturePresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
GetExitCodeProcess
VirtualFreeEx
GetModuleHandleW
CreateProcessW
GetCurrentProcessId
ReadProcessMemory
ExitProcess
VirtualAllocEx
GetProcAddress
GetPriorityClass
LoadLibraryW
GetThreadPriority
GetLastError
GetExitCodeThread
ResumeThread
SuspendThread
GetProcessVersion
SetThreadPriority
GetProcessAffinityMask
TerminateProcess
GetCurrentProcess
SetPriorityClass
WriteProcessMemory
GetStartupInfoW
SetThreadAffinityMask

vcruntime140_1

__CxxFrameHandler4

vcruntime140

__std_exception_copy
memset
__current_exception_context
__current_exception
__std_type_info_destroy_list
__std_terminate
__std_exception_destroy
_CxxThrowException
__C_specific_handler

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vfprintf
__acrt_iob_func

api-ms-win-crt-runtime-l1-1-0

_cexit
_crt_at_quick_exit
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_beginthreadex
terminate

api-ms-win-crt-heap-l1-1-0

malloc
_callnewh
free

api-ms-win-crt-string-l1-1-0

strcmp

Exports

Exports

PyInit_win32process

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 332B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d0a62ab71a2b2ca69c6aba1f0a37fcdd

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:ddCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

64:94:96:48:60:de:38:19:89:dd:a8:71:c6:29:64:13:da:a9:29:49:6f:b0:d0:61:71:a8:45:51:11:5d:40:57Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

python311

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 1024B - Virtual size: 2KB

.pdata Size: 2KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 512B - Virtual size: 136B

de64e4a0e2dbc68a0b413ce8099db5c3

Code Sign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:ddCertificate

Extended Key Usages

Key Usages

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5aCertificate

Extended Key Usages

Key Usages

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5aCertificate

Key Usages

8d:d6:83:4b:34:72:56:e7:ac:14:ed:f5:e7:73:33:86:b9:06:a7:91:b7:0c:62:4f:80:c4:cb:73:d3:d3:76:33Signer

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

libffi-8

ole32

oleaut32

kernel32

python311

vcruntime140

api-ms-win-crt-stdio-l1-1-0

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-string-l1-1-0

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 27KB - Virtual size: 27KB

.data Size: 14KB - Virtual size: 15KB

.pdata Size: 4KB - Virtual size: 4KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

64:94:96:48:60:de:38:19:89:dd:a8:71:c6:29:64:13:da:a9:29:49:6f:b0:d0:61:71:a8:45:51:11:5d:40:57
Signer

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 1024B - Virtual size: 2KB

.pdata
Size: 2KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 512B - Virtual size: 136B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

8d:d6:83:4b:34:72:56:e7:ac:14:ed:f5:e7:73:33:86:b9:06:a7:91:b7:0c:62:4f:80:c4:cb:73:d3:d3:76:33
Signer

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 27KB - Virtual size: 27KB

.data
Size: 14KB - Virtual size: 15KB

.pdata
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1024B - Virtual size: 916B

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

01:3a:ce:ed:17:38:e7:5b:d1:14:02:3e:05:4e:1e:40:41:5f:0d:d0:be:34:e3:90:ab:5f:d6:c1:31:61:e8:2a
Signer

.text
Size: 157KB - Virtual size: 157KB

.rdata
Size: 54KB - Virtual size: 53KB

.data
Size: 9KB - Virtual size: 10KB

.pdata
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 1KB - Virtual size: 1KB

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

07:1f:14:1b:8b:30:0d:25:f3:14:eb:23:0c:d0:d1:dd
Certificate

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

85:53:ef:48:b2:5f:e5:da:0a:ec:97:e1:0f:23:d0:ab:82:83:ab:db:46:e1:13:4d:20:ed:ac:23:17:d7:6a:35
Signer