808ccd81cbb014df3475fa04ffc0fae33470a6d2279052dce33349f208558100

Sharing

Copy URL

Twitter E-mail

General

Target

808ccd81cbb014df3475fa04ffc0fae33470a6d2279052dce33349f208558100
Size

1.7MB
MD5

ba0ae54ebfaecb64c4878b2cc7a4c70f
SHA1

9724debb5a60e2be4ade7733098a957ec077a7a3
SHA256

808ccd81cbb014df3475fa04ffc0fae33470a6d2279052dce33349f208558100
SHA512

82804df36f985a59f828fd858db4c880fb9161e4c688bc16e35b59167c35ec9e0d2b8b5587cad68a4701997106853bcadd2b53de83b4974f345fa385d847c72b
SSDEEP

49152:D5x9u+272AlrckmwMldw+Op0+sAf3F8wAbmja7H6FoulO8L:D5xs+k23kmwO1N+sAfzAieb6quI8L

Score

3^/10

Malware Config

Signatures

Unsigned PE 13 IoCs

Checks for missing Authenticode signature.

resource
unpack001/AVProVideo.dll
unpack001/ClientAPI.dll
unpack001/FastDllC.dll
unpack001/InstallUtils.dll
unpack001/KeyLib.dll
unpack001/Prndriver.dll
unpack001/System.dll
unpack001/TWAIN.ds
unpack001/ZfUninstall.dll
unpack001/_CD91326D388BE567C448CC259CA3C124
unpack001/_DC6FF09E203CC5D0099C0F5FF2B3DA49
unpack001/setup.exe
unpack001/sharp-win32-ia32.node

Files

808ccd81cbb014df3475fa04ffc0fae33470a6d2279052dce33349f208558100
.zip
AVProVideo.dll
.dll windows:6 windows x86 arch:x86

250fe00182ff90e00ead9d5e8dceec1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

opengl32

wglGetProcAddress
wglGetCurrentDC
glGetString
glDepthFunc
glEnable
glDepthMask
glGenTextures
glBindTexture
glTexParameteri
glTexImage2D
glDisable
glTexSubImage2D
glDeleteTextures
glGetError

kernel32

LocalFree
FindNextFileA
DecodePointer
WriteConsoleW
SetFilePointerEx
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
WaitForSingleObject
SetEvent
ResetEvent
CreateThread
GetLastError
CloseHandle
CreateFileW
VerSetConditionMask
VerifyVersionInfoW
LoadLibraryW
SetStdHandle
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
FindFirstFileExA
FindClose
IsValidCodePage
GetOEMCP
WaitForMultipleObjects
CreateTimerQueue
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
RaiseException
GetSystemInfo
VirtualProtect
VirtualQuery
FreeLibrary
GetModuleHandleW
GetProcAddress
LoadLibraryExA
TryEnterCriticalSection
GetCurrentThreadId
DuplicateHandle
WaitForSingleObjectEx
GetCurrentProcess
GetCurrentThread
GetExitCodeThread
WideCharToMultiByte
QueryPerformanceCounter
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
SetThreadPriority
GetVersionExW
GetThreadPriority
CreateSemaphoreW
VirtualFree
ReleaseSemaphore
VirtualAlloc
lstrcmpW
MulDiv
GetProcessHeap
SignalObjectAndWait
SwitchToThread
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
EncodePointer
GetThreadTimes
FreeLibraryAndExitThread
GetModuleFileNameW
GetModuleHandleA
LoadLibraryExW
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
RtlUnwind
HeapAlloc
HeapFree
ExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
MultiByteToWideChar
GetACP
GetStdHandle
GetFileType
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStringTypeW
HeapReAlloc
HeapSize
GetCPInfo

ole32

CoFreeUnusedLibraries
CoInitialize
CoTaskMemAlloc
CoInitializeEx
CoUninitialize
PropVariantClear
CoTaskMemFree
CoCreateInstance
CreateBindCtx

oleaut32

SysFreeString
VariantClear
VariantInit
SysAllocString

audio360

TBE_CreateAudioFormatDecoderFromHeader
TBE_DestroyAudioEngine
TBE_CreateAudioEngine

winmm

timeBeginPeriod
timeGetTime
timeEndPeriod
timeKillEvent
timeSetEvent

user32

RegisterWindowMessageW
PostThreadMessageW
GetQueueStatus
PeekMessageW
MsgWaitForMultipleObjects
SetRect

Exports

Exports

UnityRenderEvent
UnitySetGraphicsDevice
_AddChunkToSourceBuffer@24
_CanPlay@4
_CloseSource@4
_Deinit@0
_EndOpenSourceFromBuffer@36
_GetAudioChannelCount@4
_GetAudioTrack@4
_GetAudioTrackCount@4
_GetBufferedRanges@12
_GetBufferingProgress@4
_GetCurrentTime@4
_GetDuration@4
_GetFrameRate@4
_GetHeight@4
_GetLastErrorCode@4
_GetLastExtendedErrorCode@4
_GetPlaybackRate@4
_GetPlayerDescription@4
_GetPluginVersion@0
_GetRenderEventFunc_FreeTextures@0
_GetRenderEventFunc_UpdateAllTextures@0
_GetRenderEventFunc_WaitForNewFrame@0
_GetSourceAudioChannels@4
_GetSourceAudioSampleRate@4
_GetTextureFrameCount@4
_GetTexturePointer@4
_GetTexturePointers@8
_GetTextureTimeStamp@4
_GetWidth@4
_GrabAudio@16
_HasAudio@4
_HasMetaData@4
_HasVideo@4
_Init@8
_IsBuffering@4
_IsFinished@4
_IsPlaybackStalled@4
_IsPlaying@4
_IsSeeking@4
_IsTextureTopDown@4
_IsTrialVersion@0
_OpenSource@64
_OpenSourceFromBuffer@52
_Pause@4
_Play@4
_SetAudioChannelMode@8
_SetAudioFocusEnabled@8
_SetAudioFocusProps@12
_SetAudioFocusRotation@20
_SetAudioTrack@8
_SetBalance@8
_SetCurrentTime@12
_SetHeadOrientation@20
_SetLooping@8
_SetMuted@8
_SetPlaybackRate@8
_SetUnityAudioEnabled@8
_SetVolume@8
_StartExtractFrame@4
_StartOpenSourceFromBuffer@16
_UnityPluginLoad@4
_UnityPluginUnload@0
_Update@4
_WaitForExtract@4

Sections

.text
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ClientAPI.dll
.dll windows:4 windows x86 arch:x86

362b08c76a97653e04f735f5d98886c1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CertCreateCertificateContext
CertNameToStrA

kernel32

GetFileAttributesA
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
RaiseException
HeapSize
HeapReAlloc
ExitProcess
TerminateProcess
GetACP
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEndOfFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
GetOEMCP
GetCPInfo
GlobalFlags
lstrcmpA
GetProcessVersion
GlobalGetAtomNameA
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
GetLastError
SetLastError
GetVersion
GetProcAddress
lstrcpynA
lstrcpyA
lstrcatA
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalAlloc
GlobalReAlloc
GlobalLock
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalUnlock
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalFree
LocalAlloc
GetCurrentThreadId
CloseHandle
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
FreeLibrary

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageA
LoadIconA
SetWindowTextA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
LoadStringA
UnregisterClassA
UnhookWindowsHookEx
DispatchMessageA
GetKeyState
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetParent
SetCursor
LoadCursorA
EnableWindow
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
GetWindowRect

comctl32

ord17

gdi32

SaveDC
RestoreDC
SelectObject
GetStockObject
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

Exports

Exports

_Java_com_itrus_pki_jni_ClientAPI_CFinalize@8
_Java_com_itrus_pki_jni_ClientAPI_GetUserID@12
_Java_com_itrus_pki_jni_ClientAPI_InitPkcs@8
_Java_com_itrus_pki_jni_ClientAPI_checkPasswd@12
_Java_com_itrus_pki_jni_ClientAPI_exportCertificate@12
_Java_com_itrus_pki_jni_ClientAPI_getNO@12
_Java_com_itrus_pki_jni_ClientAPI_isUsbKeyExistent@8
_Java_com_itrus_pki_jni_ClientAPI_sign@16
_Java_com_itrus_pki_jni_ClientAPI_verify@16
testsign

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
FastDllC.dll
.dll windows:6 windows x86 arch:x86

3b2671d348a81ab80f6040069340d900

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\VS2013\vs2015\c++\FastDllC\Release\FastDllC.pdb

Imports

kernel32

HeapReAlloc
HeapFree
HeapAlloc
GetProcessHeap
MultiByteToWideChar
HeapSize
HeapDestroy
FindResourceExW
FindResourceW
SizeofResource
LockResource
LoadResource
DecodePointer
WideCharToMultiByte
InitializeCriticalSectionEx
GetProcAddress
CreateEventW
WaitForSingleObjectEx
ResetEvent
SetEvent
CloseHandle
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetLastError
RaiseException
OutputDebugStringW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
Sleep

vcruntime140

__CxxQueryExceptionSize
__CxxExceptionFilter
__vcrt_InitializeCriticalSectionEx
__CxxDetectRethrow
__CxxUnregisterExceptionObject
__FrameUnwindFilter
memmove
_except_handler4_common
memset
__std_type_info_destroy_list
__telemetry_main_return_trigger
__telemetry_main_invoke_trigger
_CxxThrowException
__std_exception_destroy
__std_exception_copy
__CxxFrameHandler3
__CxxRegisterExceptionObject

api-ms-win-crt-runtime-l1-1-0

_invalid_parameter_noinfo
terminate
_cexit
_crt_atexit
_errno
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv
_seh_filter_dll
_initterm_e
_initterm
_invalid_parameter_noinfo_noreturn
_execute_onexit_table
abort

api-ms-win-crt-heap-l1-1-0

_callnewh
malloc
free

adobe air

FREDispatchStatusEventAsync
FRENewObjectFromUTF8
FREGetObjectAsUTF8

msvcp140

?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

api-ms-win-crt-string-l1-1-0

wmemcpy_s

mscoree

_CorDllMain

Exports

Exports

finalizer
initializer

Sections

.text
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gfids
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 9B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
GLES_CM.dll
.dll windows:5 windows x86 arch:x86

18118219cbdf0a0b96d76b3c288740d4

Code Sign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:65:08:23:68:f9:43:30:12:3c:9a:85:3a:2f:de:bf
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24-11-2021 00:00

Not After

26-11-2024 23:59

Subject

SERIALNUMBER=91310114MA1GT9FP6N,CN=Shanghai Chang Zhi Network Technology Co\,. Ltd.,O=Shanghai Chang Zhi Network Technology Co\,. Ltd.,ST=上海市,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c09e59889e5ae9ae58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:65:08:23:68:f9:43:30:12:3c:9a:85:3a:2f:de:bf
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24-11-2021 00:00

Not After

26-11-2024 23:59

Subject

SERIALNUMBER=91310114MA1GT9FP6N,CN=Shanghai Chang Zhi Network Technology Co\,. Ltd.,O=Shanghai Chang Zhi Network Technology Co\,. Ltd.,ST=上海市,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c09e59889e5ae9ae58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

29-03-2022 00:00

Not After

14-03-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

dd:75:dc:72:16:7a:e1:29:16:96:53:95:78:e4:8f:68:af:82:00:d5:f1:5d:76:0a:c5:cb:6e:c5:ed:81:32:48
Signer

Actual PE Digest

dd:75:dc:72:16:7a:e1:29:16:96:53:95:78:e4:8f:68:af:82:00:d5:f1:5d:76:0a:c5:cb:6e:c5:ed:81:32:48

Digest Algorithm

sha256

PE Digest Matches

true

b3:e1:1b:e7:f3:c7:53:95:7b:08:45:7c:92:7c:c1:c3:a4:8c:d9:55
Signer

Actual PE Digest

b3:e1:1b:e7:f3:c7:53:95:7b:08:45:7c:92:7c:c1:c3:a4:8c:d9:55

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

H:\gpu\out\x86\Release\bin\GLES_CM.pdb

Imports

ldutils

?ldGetBuffer@@YAPAEHPAH@Z
?ldIsEnableAstcGuestApp@@YA_NXZ
?ldGetDesktopGLVersion@@YAXPAH0@Z
?g_ldGlobal@@3ULdGlobal@@A
?ldGetGuestAppName@@YAPBDXZ
?ldReleaseBuffer@@YAXPAE@Z
?ldSetRawGraphicsCardInfo@@YAXPBD00@Z
?ldGetConfig@@YAPBULdConfig@@XZ
?LogWrite@@YAX_NPBD1ZZ

gles_v2_utils

?decompress_astc_v2@@YAHPAEIIIHHH0@Z

kernel32

SetEvent
InitializeCriticalSectionAndSpinCount
GetProcAddress
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TlsSetValue
TlsAlloc
TlsGetValue
GetSystemInfo
GetCurrentThreadId
Sleep
CloseHandle
SwitchToThread
IsDebuggerPresent
WaitForSingleObjectEx
ResetEvent
GetModuleHandleW
InitializeSListHead
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
CreateEventW
GetCurrentProcessId
QueryPerformanceCounter
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter

msvcp140

_Mtx_destroy
_Cnd_init
_Cnd_broadcast
_Cnd_destroy_in_situ
_Mtx_init
_Cnd_wait
_Cnd_destroy
_Cnd_do_broadcast_at_thread_exit
?_Syserror_map@std@@YAPBDH@Z
?_Execute_once@std@@YAHAAUonce_flag@1@P6GHPAX1PAPAX@Z1@Z
_Cnd_init_in_situ
_Mtx_unlock
_Mtx_init_in_situ
_Mtx_lock
_Mtx_destroy_in_situ
?_Throw_C_error@std@@YAXH@Z
?_Xbad_function_call@std@@YAXXZ
?_Xout_of_range@std@@YAXPBD@Z
?_Xlength_error@std@@YAXPBD@Z
_Thrd_start
_Cnd_signal

vcruntime140

memmove
__CxxFrameHandler3
__std_terminate
_purecall
memset
__std_type_info_destroy_list
_except_handler4_common
_CxxThrowException
strstr
__std_exception_copy
__std_exception_destroy
memcpy

api-ms-win-crt-stdio-l1-1-0

__stdio_common_vsnprintf_s
__stdio_common_vsprintf
__stdio_common_vfprintf
__acrt_iob_func
__stdio_common_vsscanf

api-ms-win-crt-runtime-l1-1-0

terminate
exit
_cexit
_invalid_parameter_noinfo_noreturn
_initterm
_initterm_e
_seh_filter_dll
abort
_crt_atexit
_execute_onexit_table
_register_onexit_function
_initialize_onexit_table
_initialize_narrow_environment
_configure_narrow_argv

api-ms-win-crt-math-l1-1-0

log2
_libm_sse2_cos_precise
_libm_sse2_sin_precise
_libm_sse2_sqrt_precise
floor
log2f
_except1

api-ms-win-crt-string-l1-1-0

strncmp

api-ms-win-crt-heap-l1-1-0

_callnewh
free
malloc

api-ms-win-crt-utility-l1-1-0

rand

Exports

Exports

__translator_getIfaces
glActiveTexture
glAlphaFunc
glAlphaFuncx
glBindBuffer
glBindFramebufferOES
glBindRenderbufferOES
glBindTexture
glBlendEquationOES
glBlendEquationSeparateOES
glBlendFunc
glBlendFuncSeparateOES
glBufferData
glBufferSubData
glCheckFramebufferStatusOES
glClear
glClearColor
glClearColorx
glClearDepthf
glClearDepthx
glClearStencil
glClientActiveTexture
glClipPlanef
glClipPlanex
glColor4f
glColor4ub
glColor4x
glColorMask
glColorPointer
glColorPointerWithDataSize
glCompressedTexImage2D
glCompressedTexSubImage2D
glCopyTexImage2D
glCopyTexSubImage2D
glCullFace
glCurrentPaletteMatrixOES
glDeleteBuffers
glDeleteFramebuffersOES
glDeleteRenderbuffersOES
glDeleteTextures
glDepthFunc
glDepthMask
glDepthRangef
glDepthRangex
glDisable
glDisableClientState
glDrawArrays
glDrawElements
glDrawTexfOES
glDrawTexfvOES
glDrawTexiOES
glDrawTexivOES
glDrawTexsOES
glDrawTexsvOES
glDrawTexxOES
glDrawTexxvOES
glEGLImageTargetRenderbufferStorageOES
glEGLImageTargetTexture2DOES
glEnable
glEnableClientState
glFinish
glFlush
glFogf
glFogfv
glFogx
glFogxv
glFramebufferRenderbufferOES
glFramebufferTexture2DOES
glFrontFace
glFrustumf
glFrustumx
glGenBuffers
glGenFramebuffersOES
glGenRenderbuffersOES
glGenTextures
glGenerateMipmapOES
glGetBooleanv
glGetBufferParameteriv
glGetClipPlanef
glGetClipPlanex
glGetError
glGetFixedv
glGetFloatv
glGetFramebufferAttachmentParameterivOES
glGetIntegerv
glGetLightfv
glGetLightxv
glGetMaterialfv
glGetMaterialxv
glGetPointerv
glGetRenderbufferParameterivOES
glGetString
glGetTexEnvfv
glGetTexEnviv
glGetTexEnvxv
glGetTexGenfvOES
glGetTexGenivOES
glGetTexGenxvOES
glGetTexParameterfv
glGetTexParameteriv
glGetTexParameterxv
glHint
glIsBuffer
glIsEnabled
glIsFramebufferOES
glIsRenderbufferOES
glIsTexture
glLightModelf
glLightModelfv
glLightModelx
glLightModelxv
glLightf
glLightfv
glLightx
glLightxv
glLineWidth
glLineWidthx
glLoadIdentity
glLoadMatrixf
glLoadMatrixx
glLoadPaletteFromModelViewMatrixOES
glLogicOp
glMaterialf
glMaterialfv
glMaterialx
glMaterialxv
glMatrixIndexPointerOES
glMatrixMode
glMultMatrixf
glMultMatrixx
glMultiTexCoord4f
glMultiTexCoord4x
glNormal3f
glNormal3x
glNormalPointer
glNormalPointerWithDataSize
glOrthof
glOrthox
glPixelStorei
glPointParameterf
glPointParameterfv
glPointParameterx
glPointParameterxv
glPointSize
glPointSizePointerOES
glPointSizex
glPolygonOffset
glPolygonOffsetx
glPopMatrix
glPushMatrix
glReadPixels
glRenderbufferStorageOES
glRotatef
glRotatex
glSampleCoverage
glSampleCoveragex
glScalef
glScalex
glScissor
glShadeModel
glStencilFunc
glStencilMask
glStencilOp
glTexCoordPointer
glTexCoordPointerWithDataSize
glTexEnvf
glTexEnvfv
glTexEnvi
glTexEnviv
glTexEnvx
glTexEnvxv
glTexGenfOES
glTexGenfvOES
glTexGeniOES
glTexGenivOES
glTexGenxOES
glTexGenxvOES
glTexImage2D
glTexParameterf
glTexParameterfv
glTexParameteri
glTexParameteriv
glTexParameterx
glTexParameterxv
glTexSubImage2D
glTranslatef
glTranslatex
glVertexPointer
glVertexPointerWithDataSize
glViewport
glWeightPointerOES

Sections

.text
Size: 467KB - Virtual size: 467KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 379KB - Virtual size: 379KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
InstallUtils.dll
.dll windows:5 windows x86 arch:x86

e9c9c2dd636c55d6988d7c91e884ce99

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\Works\WanZhuan\Out\Setup\NSIS\Unicode\Plugins\InstallUtils.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
HeapDestroy
RaiseException
GetLastError
HeapSize
DecodePointer
DeleteCriticalSection
CloseHandle
GetProcAddress
LoadLibraryW
Process32NextW
SizeofResource
LockResource
LoadResource
FindResourceW
FindResourceExW
GetProcessHeap
GetLogicalDriveStringsW
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
GetWindowsDirectoryW
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
ExitProcess
GetModuleFileNameW
GetModuleHandleW
CreateFileW
FlushFileBuffers
WriteConsoleW
SetStdHandle
HeapFree
HeapAlloc
QueryDosDeviceW
HeapReAlloc
SetFilePointerEx
GetConsoleMode
GetConsoleCP
GetStringTypeW
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
GlobalFree
lstrcpyW
lstrcpynW
GlobalAlloc
WideCharToMultiByte
MultiByteToWideChar
EncodePointer
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
RtlUnwind
GetModuleHandleExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetLastError
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetStdHandle
GetFileType
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
WriteFile
LoadLibraryExW
LCMapStringW

user32

SetWindowLongW
GetWindowLongW
wsprintfW

advapi32

OpenProcessToken
DuplicateTokenEx

shell32

ShellExecuteW

psapi

GetProcessImageFileNameW

Exports

Exports

Createtaskbar
Deletetaskbar
ExitInstallProcess
HideOrigeWindowAppIcon
IsWin10OrGreater
RunExe

Sections

.text
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
KeyLib.dll
.dll windows:4 windows x86 arch:x86

83cfb9ca2aaa79bc25b50bae30329ee5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

hid

HidD_GetFeature
HidD_FlushQueue
HidD_GetSerialNumberString
HidD_GetProductString
HidD_SetFeature
HidD_GetHidGuid
HidD_GetPreparsedData
HidD_FreePreparsedData
HidP_GetCaps
HidD_GetAttributes

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

mfc42

ord2614
ord1168
ord342
ord823
ord1182
ord825
ord800
ord5933
ord2818
ord540
ord3810
ord535
ord858
ord860
ord5858
ord6140
ord2915
ord4129
ord537
ord5683
ord1253

msvcrt

_onexit
__dllonexit
free
_adjust_fdiv
_initterm
?terminate@@YAXXZ
realloc
calloc
memmove
localtime
strchr
_except_handler3
__CxxFrameHandler
malloc
atoi
printf

kernel32

MultiByteToWideChar
LCMapStringA
GetStringTypeA
LCMapStringW
WideCharToMultiByte
lstrcpyA
lstrlenA
CreateSemaphoreA
ReleaseSemaphore
LoadLibraryA
CreateFileA
GetVersionExA
QueryDosDeviceA
GetModuleHandleA
GetProcAddress
LocalAlloc
GetLastError
LocalFree
CloseHandle
DeviceIoControl
CreateMutexA
WaitForSingleObject
ReleaseMutex
GetModuleFileNameA
GetStringTypeW

user32

GetSystemMetrics

advapi32

RegEnumKeyExA
RegOpenKeyExA
RegCloseKey

Exports

Exports

??0CR2Key@@QAE@ABV0@@Z
??0CR2Key@@QAE@XZ
??0CS4Key@@QAE@ABV0@@Z
??0CS4Key@@QAE@XZ
??0CYT88@@QAE@ABV0@@Z
??0CYT88@@QAE@XZ
??1CR2Key@@UAE@XZ
??1CS4Key@@UAE@XZ
??1CYT88@@UAE@XZ
??4CR2Key@@QAEAAV0@ABV0@@Z
??4CS4Key@@QAEAAV0@ABV0@@Z
??4CYT88@@QAEAAV0@ABV0@@Z
??_7CR2Key@@6B@
??_7CS4Key@@6B@
??_7CYT88@@6B@
?DESDecrypt@CS4Key@@QAEJPAE0H@Z
?DESEncrypt@CS4Key@@QAEJPAE0H@Z
?DatBuf2KeyInfo@CS4Key@@AAEJPAEAAUKeyInfoStruct@1@@Z
?Find@CR2Key@@QAEJXZ
?Find@CYT88@@QAEJXZ
?GetCurDir@CS4Key@@AAE?AVCString@@XZ
?GetKIS@CR2Key@@QAEJAAUKeyInfoStruct@1@@Z
?GetKIS@CYT88@@QAEJAAUKeyInfoStruct@1@@Z
?GetKeyInfo@CS4Key@@QAEJAAUKeyInfoStruct@1@@Z
?GetKeyList@CS4Key@@QAEJAAVCDWordArray@@_N@Z
?GetLastError@CS4Key@@QAE?AVCString@@XZ
?GetLockVer@CR2Key@@QAEJXZ
?GetLockVer@CYT88@@QAEJXZ
?Init@CR2Key@@QAEJXZ
?Init@CYT88@@QAEJXZ
?IsActive@CR2Key@@QAE_NXZ
?IsActive@CYT88@@QAE_NXZ
?KeyInfo2DatBuf@CS4Key@@AAEJAAUKeyInfoStruct@1@PAEH@Z
?OpenS4ByIndex@CS4Key@@AAEKKPAX@Z
?Read@CR2Key@@AAEJKHPAD@Z
?Read@CYT88@@AAEJHHQAD@Z
?SetActive@CR2Key@@QAEJ_N@Z
?SetActive@CYT88@@QAEJ_N@Z
?SetKIS@CR2Key@@QAEJAAUKeyInfoStruct@1@@Z
?SetKIS@CYT88@@QAEJAAUKeyInfoStruct@1@@Z
?SetKeyInfo@CS4Key@@QAEJAAUKeyInfoStruct@1@@Z
?Update@CR2Key@@QAEJXZ
?Update@CYT88@@QAEJXZ
?Write@CR2Key@@AAEJKHPBD@Z
?Write@CYT88@@AAEJHHQAD@Z

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
NISEC_Reg.exe
.exe windows:4 windows x86 arch:x86

899ca1ce4171707e2907bb834af2a20b

Code Sign

47:8a:8e:fb:59:e1:d8:3f:0c:e1:42:d2:a2:87:07:be
Certificate

Issuer

CN=UTN-USERFirst-Object,OU=http://www.usertrust.com,O=The USERTRUST Network,L=Salt Lake City,ST=UT,C=US

Not Before

10-05-2010 00:00

Not After

10-05-2015 23:59

Subject

CN=COMODO Time Stamping Signer,O=COMODO CA Limited,L=Salford,ST=Greater Manchester,C=GB

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

25:0c:e8:e0:30:61:2e:9f:2b:89:f7:05:4d:7c:f8:fd
Certificate

Issuer

OU=Class 3 Public Primary Certification Authority,O=VeriSign\, Inc.,C=US

Not Before

08-11-2006 00:00

Not After

07-11-2021 23:59

Subject

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageServerAuth
ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning
ExtKeyUsageNetscapeServerGatedCrypto

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2b:c8:20:1f:7a:fa:fa:f5:01:62:87:7e:50:24:8d:9f
Certificate

Issuer

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Not Before

20-05-2014 00:00

Not After

20-05-2015 23:59

Subject

CN=Beijing Watertek Bestwonder Technology Co.\,Ltd.,OU=R&D Department,O=Beijing Watertek Bestwonder Technology Co.\,Ltd.,L=Beijing,ST=Beijing,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

52:00:e5:aa:25:56:fc:1a:86:ed:96:c9:d4:4b:33:c7
Certificate

Issuer

CN=VeriSign Class 3 Public Primary Certification Authority - G5,OU=VeriSign Trust Network+OU=(c) 2006 VeriSign\, Inc. - For authorized use only,O=VeriSign\, Inc.,C=US

Not Before

08-02-2010 00:00

Not After

07-02-2020 23:59

Subject

CN=VeriSign Class 3 Code Signing 2010 CA,OU=VeriSign Trust Network+OU=Terms of use at https://www.verisign.com/rpa (c)10,O=VeriSign\, Inc.,C=US

Extended Key Usages

ExtKeyUsageClientAuth
ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

e2:7c:45:5c:83:64:03:49:27:03:40:3f:bf:f2:be:fa:ab:5b:dc:ad
Signer

Actual PE Digest

e2:7c:45:5c:83:64:03:49:27:03:40:3f:bf:f2:be:fa:ab:5b:dc:ad

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFileExistsA

mfc42

ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord5289
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord2764
ord800
ord537
ord5307
ord4698
ord4079
ord2725
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord2512
ord2554
ord4486
ord6375
ord4274
ord4673
ord825
ord1576
ord3831
ord1168

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_setmbcp
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
__CxxFrameHandler
sprintf

kernel32

GetStartupInfoA
GetModuleHandleA
GetCommandLineA
GetSystemDirectoryA
GetProcAddress
GetPrivateProfileStringA
LoadLibraryExA
FreeLibrary
GetCurrentProcess

user32

RegisterWindowMessageA
PostMessageA

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryValueExA
RegCloseKey
RegDeleteKeyA

shell32

SHGetSpecialFolderPathA
SHGetFolderPathA
ShellExecuteA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Prndriver.dll
.dll windows:4 windows x86 arch:x86

1706b06b99195ae4870258ff253b3293

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalSize
GetProfileStringA
GetVersionExA
lstrcpyA
lstrlenA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcmpA
LCMapStringW
LCMapStringA
GetStringTypeW
GetCommandLineA
GetVersion
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
GetProcAddress
GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
HeapAlloc
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
GetCPInfo
GetACP
GetOEMCP
VirtualAlloc
HeapReAlloc
LoadLibraryA
RtlUnwind
MultiByteToWideChar
GetStringTypeA

user32

DrawTextExA
CopyRect
wsprintfA

gdi32

DeleteDC
SelectObject
GetTextExtentPoint32A
CreatePen
MoveToEx
LineTo
DeleteObject
Rectangle
SetStretchBltMode
StretchDIBits
AbortDoc
EndDoc
EndPage
StartPage
StartDocA
Escape
ResetDCA
GetDeviceCaps
CreateDCA

winspool.drv

ord201
DocumentPropertiesA
ClosePrinter
DeviceCapabilitiesA
OpenPrinterA
EnumPrintersA

comdlg32

PrintDlgA

Exports

Exports

Printer_Interface

Sections

.text
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
System.dll
.dll windows:4 windows x86 arch:x86

2017f2acbdaa42ab3e4adeb8b4c37e7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyA
lstrcpynA
FreeLibrary
lstrcatA
GetProcAddress
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
lstrlenA
WideCharToMultiByte
VirtualAlloc
VirtualProtect

user32

wsprintfA

ole32

StringFromGUID2
CLSIDFromString

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 520B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
TWAIN.ds
.dll windows:5 windows x86 arch:x86

5665f417b9670306965498cdd74ab551

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

GlobalUnlock
GlobalLock
GlobalFree
GlobalAlloc
lstrcpyA
lstrlenA
GetModuleFileNameA
FreeLibrary
lstrcmpA
GetProcAddress
LoadLibraryA
CloseHandle
UnmapViewOfFile
MapViewOfFile
GetLastError
CreateFileMappingA
GetTickCount
lstrcmpiA
DeleteFileA
GetTempFileNameA
GetTempPathA
GetProcessHeap
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
HeapSize
GetCurrentThreadId
GetModuleHandleW
HeapFree
HeapAlloc
GetCommandLineA
GetModuleHandleA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapCreate
HeapDestroy
VirtualFree
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
VirtualAlloc
HeapReAlloc
Sleep
ExitProcess
WriteFile
GetStdHandle
MultiByteToWideChar
ReadFile
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
RtlUnwind
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
InitializeCriticalSectionAndSpinCount
SetStdHandle
GetConsoleCP
GetConsoleMode
FlushFileBuffers
CreateFileA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

RegisterWindowMessageA
FindWindowA
wvsprintfA
SendMessageA
IsWindow
wsprintfA
LoadStringA
MessageBoxA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

DS_Entry

Sections

.text
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.DShare
Size: 512B - Virtual size: 322B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
ZfUninstall.dll
.dll windows:4 windows x86 arch:x86

032a48ab2fba30115d6fef61ff252ad0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Process32Next
Process32First
GetCurrentProcessId
TerminateProcess
OpenProcess
CreateToolhelp32Snapshot
GetSystemDirectoryA
SetEnvironmentVariableA
CompareStringW
CompareStringA
Module32First
Module32Next
Sleep
CloseHandle
GetVersionExA
GetUserDefaultLCID
GetLastError
DeleteFileA
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCommandLineA
GetVersion
EnterCriticalSection
LeaveCriticalSection
DebugBreak
GetStdHandle
WriteFile
InterlockedDecrement
OutputDebugStringA
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleFileNameA
SetHandleCount
GetFileType
GetStartupInfoA
DeleteCriticalSection
SetFilePointer
IsBadWritePtr
IsBadReadPtr
HeapValidate
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetCurrentThread
WideCharToMultiByte
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
ExitProcess
FatalAppExitA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
HeapFree
VirtualFree
SetConsoleCtrlHandler
SetStdHandle
FlushFileBuffers
HeapAlloc
HeapReAlloc
VirtualAlloc
UnhandledExceptionFilter
CreateFileA
GetStringTypeA
GetStringTypeW
RtlUnwind
SetEndOfFile
ReadFile
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetLocaleInfoW

user32

MessageBoxA
GetWindowThreadProcessId

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

shell32

ShellExecuteA

Exports

Exports

zf_key_hm_uninstall

Sections

.text
Size: 176KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_CD91326D388BE567C448CC259CA3C124
.dll regsvr32 windows:4 windows x86 arch:x86

d98ba2866b3d684e787e35a4f0d9e765

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

LCMapStringA
LCMapStringW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrcpyA
MultiByteToWideChar
MulDiv
GlobalUnlock
GlobalLock
FreeLibrary
LoadLibraryA
GetModuleFileNameA
LocalFree
FormatMessageA
lstrlenA
GlobalFree
GlobalReAlloc
GlobalAlloc
IsDBCSLeadByte
WideCharToMultiByte
InterlockedIncrement
InterlockedDecrement
lstrcpynA
SetLastError
GetProcAddress
GetModuleHandleA
lstrcmpA
lstrcmpiA
lstrlenW
GetLastError
GetProfileIntA
GetTickCount
HeapSize
GetACP
HeapReAlloc
TerminateProcess
ExitProcess
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetCommandLineA
RaiseException
HeapAlloc
HeapFree
RtlUnwind
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
CloseHandle
FindResourceExA
GetFileTime
GetFileSize
GetFileAttributesA
SizeofResource
GetOEMCP
GetCPInfo
WritePrivateProfileStringA
CopyFileA
GlobalSize
GetProcessVersion
GlobalFlags
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
LeaveCriticalSection
TlsFree
GlobalHandle
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
FindResourceA
LoadResource
LockResource
GetVersion
lstrcatA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GetUserDefaultLCID

user32

DestroyIcon
GetDialogBaseUnits
GetDCEx
RemoveMenu
GetMenuStringA
AppendMenuA
InsertMenuA
GetSysColorBrush
UnregisterClassA
LockWindowUpdate
EnumChildWindows
CharUpperA
EndDialog
CreateDialogIndirectParamA
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
MapWindowPoints
SetActiveWindow
IsWindow
SetFocus
AdjustWindowRectEx
EqualRect
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollPos
GetTopWindow
WinHelpA
GetClassInfoA
RegisterClassA
TrackPopupMenu
GetDlgItem
GetDlgCtrlID
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
MoveWindow
CreateMenu
DestroyMenu
GetSysColor
GetMessageA
TranslateMessage
GetActiveWindow
CallNextHookEx
IsWindowVisible
GetCursorPos
SetWindowsHookExA
PostQuitMessage
GetWindowTextLengthA
GetWindowTextA
IsClipboardFormatAvailable
GetDesktopWindow
GetMenuItemCount
GetMenu
GetMenuItemID
UpdateWindow
ValidateRect
ShowWindow
DrawEdge
SetParent
SetWindowPos
CallWindowProcA
DefWindowProcA
DestroyWindow
wsprintfA
LoadIconA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
LoadStringA
UnhookWindowsHookEx
IsChild
GetClassNameA
PostMessageA
PeekMessageA
GetKeyState
SetRectEmpty
InvalidateRgn
GetFocus
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
InflateRect
GetCapture
FrameRect
CopyRect
GetParent
RegisterClipboardFormatA
GetTabbedTextExtentA
SetCapture
KillTimer
SetTimer
GetClientRect
SetWindowRgn
CharNextA
SetWindowLongA
EnableWindow
ScreenToClient
GetWindowRect
SendMessageA
LoadMenuA
GetSubMenu
DeleteMenu
PtInRect
GetSystemMetrics
WindowFromPoint
ReleaseDC
GetDC
LoadCursorA
DrawFocusRect
OffsetRect
ReleaseCapture
SetCursor
ClipCursor
InvalidateRect
FillRect
IntersectRect
SetRect
IsRectEmpty
DispatchMessageA
SetScrollPos

gdi32

CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
SetPixelV
DeleteDC
DeleteObject
ExtCreateRegion
CreateDIBSection
CreateSolidBrush
ExtTextOutA
GetTextExtentPoint32A
GetMapMode
CreatePatternBrush
CreateBitmap
SetRectRgn
CreateRectRgnIndirect
SetBkColor
DPtoLP
CreatePolygonRgn
SaveDC
RestoreDC
GetStockObject
SetBkMode
SetROP2
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
SelectClipRgn
SelectObject
MoveToEx
LineTo
SetTextAlign
CreateRectRgn
ArcTo
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
Escape
GetViewportOrgEx
OffsetRgn
LPtoDP
DeleteMetaFile
CloseMetaFile
CreateMetaFileA
CreateDCA
CopyMetaFileA
GetTextAlign
EnumFontFamiliesExA
UnrealizeObject
Rectangle
GetBitmapDimensionEx
SetBitmapDimensionEx
GetObjectA
GetDeviceCaps
GetTextMetricsA
SetPixel
PatBlt
Polyline
GetCurrentPositionEx
FillRgn
RectInRegion
PtInRegion
CreateFontIndirectA
CreateBrushIndirect
CreatePenIndirect
CreatePen
CombineRgn

comdlg32

ChooseColorA
GetOpenFileNameA
GetSaveFileNameA
GetFileTitleA
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegCreateKeyA
RegSetValueA
RegSetValueExA
RegEnumKeyA
RegOpenKeyA
RegQueryValueExA

shell32

ExtractIconA

comctl32

ord17

ole32

OleDuplicateData
ReadFmtUserTypeStg
ReadClassStm
CreateOleAdviseHolder
CreateDataAdviseHolder
OleDestroyMenuDescriptor
CoDisconnectObject
OleSaveToStream
StringFromGUID2
CoRevokeClassObject
CoRegisterClassObject
OleGetClipboard
CoTaskMemFree
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoTaskMemAlloc
CreateDataCache
CoCreateInstance
CreateStreamOnHGlobal
ReleaseStgMedium
StringFromCLSID
StgCreateDocfileOnILockBytes
OleLoadFromStream
OleCreateMenuDescriptor
CreateILockBytesOnHGlobal

olepro32

ord250
ord252
ord253
ord251
ord254

oleaut32

LoadTypeLi
RegisterTypeLi
SafeArrayGetElemsize
SysStringLen
VariantChangeType
SysFreeString
SysAllocStringByteLen
SafeArrayAccessData
SafeArrayUnaccessData
SysAllocString
SysStringByteLen
LoadRegTypeLi
VariantCopy
VariantClear
VariantInit
SafeArrayCreate
SafeArrayPutElement
SysAllocStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 316KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
_DC6FF09E203CC5D0099C0F5FF2B3DA49
.exe windows:4 windows x86 arch:x86

887190b8fe3b214aad41f28e6595e0bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

__vbaVarSub
__vbaVarTstGt
__vbaStrI2
_CIcos
_adj_fptan
__vbaVarMove
__vbaStrI4
__vbaVarVargNofree
__vbaFreeVar
__vbaLineInputStr
__vbaLenBstr
__vbaLateIdCall
__vbaStrVarMove
__vbaEnd
__vbaFreeVarList
_adj_fdiv_m64
__vbaVarIndexStore
__vbaFreeObjList
ord516
__vbaStrErrVarCopy
_adj_fprem1
ord519
__vbaI2Abs
__vbaVarCmpNe
__vbaForEachCollAd
__vbaStrCat
__vbaBoolErrVar
ord660
__vbaSetSystemError
__vbaHresultCheckObj
ord557
__vbaLenVar
_adj_fdiv_m32
__vbaAryVar
__vbaVarTstLe
__vbaAryDestruct
__vbaVarIndexLoadRefLock
ord591
__vbaLateMemSt
ord592
__vbaVarForInit
__vbaForEachCollObj
__vbaExitProc
ord300
__vbaI4Abs
ord301
__vbaOnError
__vbaObjSet
ord595
_adj_fdiv_m16i
__vbaObjSetAddref
_adj_fdivr_m16i
__vbaVarIndexLoad
ord306
__vbaBoolVar
ord520
ord307
__vbaBoolVarNull
__vbaRefVarAry
__vbaFpR8
__vbaVarTstLt
_CIsin
ord631
__vbaErase
__vbaLateMemStAd
__vbaVarCmpGt
__vbaVarZero
ord632
__vbaNextEachCollObj
__vbaChkstk
__vbaFileClose
ord526
EVENT_SINK_AddRef
ord528
__vbaGenerateBoundsError
__vbaExitEachColl
__vbaStrCmp
__vbaVarTstEq
ord560
ord561
__vbaObjVar
__vbaI2I4
ord562
DllFunctionCall
__vbaVarLateMemSt
__vbaVarOr
__vbaCastObjVar
__vbaRedimPreserve
__vbaLbound
_adj_fpatan
__vbaR4Var
__vbaLateIdCallLd
__vbaRedim
EVENT_SINK_Release
__vbaNew
_CIsqrt
__vbaVarAnd
__vbaLateIdCallSt
__vbaObjIs
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
__vbaPrintFile
ord712
ord605
ord606
_adj_fprem
_adj_fdivr_m64
ord607
__vbaVarDiv
__vbaR8ErrVar
ord608
__vbaVarCmpLe
ord716
__vbaFPException
__vbaInStrVar
__vbaUbound
__vbaStrVarVal
ord534
__vbaVarCat
__vbaI2Var
ord537
ord645
_CIlog
__vbaErrorOverflow
__vbaFileOpen
ord648
__vbaVarLateMemCallLdRf
__vbaInStr
__vbaNew2
ord571
_adj_fdiv_m32i
_adj_fdivr_m32i
__vbaStrCopy
__vbaI4Str
ord681
__vbaVarNot
__vbaVarCmpLt
__vbaFreeStrList
_adj_fdivr_m32
__vbaPowerR8
__vbaR8Var
_adj_fdiv_r
ord685
ord100
__vbaVarTstNe
__vbaVarSetVar
__vbaI4Var
__vbaVarCmpEq
__vbaVarAdd
__vbaLateMemCall
__vbaAryLock
__vbaVarDup
__vbaAryVarVarg
ord616
__vbaVarCopy
__vbaFpI4
__vbaUnkVar
__vbaVarLateMemCallLd
ord617
__vbaLateMemCallLd
_CIatan
__vbaAryCopy
__vbaCastObj
__vbaStrMove
ord619
__vbaStrVarCopy
_allmul
__vbaLateIdSt
__vbaLateMemCallSt
__vbaAryRecCopy
_CItan
__vbaNextEachCollAd
__vbaAryUnlock
__vbaVarForNext
_CIexp
__vbaI4ErrVar
__vbaRecAssign
__vbaFreeObj
__vbaFreeStr
ord581

Sections

.text
Size: 708KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
ldcam.exe
.exe windows:5 windows x86 arch:x86

e2515a9333b5677e72f812ee735ceb9d

Code Sign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

0d:65:08:23:68:f9:43:30:12:3c:9a:85:3a:2f:de:bf
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24-11-2021 00:00

Not After

26-11-2024 23:59

Subject

SERIALNUMBER=91310114MA1GT9FP6N,CN=Shanghai Chang Zhi Network Technology Co\,. Ltd.,O=Shanghai Chang Zhi Network Technology Co\,. Ltd.,ST=上海市,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c09e59889e5ae9ae58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

29-04-2021 00:00

Not After

28-04-2036 23:59

Subject

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0d:65:08:23:68:f9:43:30:12:3c:9a:85:3a:2f:de:bf
Certificate

Issuer

CN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=US

Not Before

24-11-2021 00:00

Not After

26-11-2024 23:59

Subject

SERIALNUMBER=91310114MA1GT9FP6N,CN=Shanghai Chang Zhi Network Technology Co\,. Ltd.,O=Shanghai Chang Zhi Network Technology Co\,. Ltd.,ST=上海市,C=CN,1.3.6.1.4.1.311.60.2.1.1=#0c09e59889e5ae9ae58cba,1.3.6.1.4.1.311.60.2.1.2=#0c09e4b88ae6b5b7e5b882,1.3.6.1.4.1.311.60.2.1.3=#1302434e,2.5.4.15=#131450726976617465204f7267616e697a6174696f6e

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

0c:4d:69:72:4b:94:fa:3c:2a:4a:3d:29:07:80:3d:5a
Certificate

Issuer

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Not Before

21-09-2022 00:00

Not After

21-11-2033 23:59

Subject

CN=DigiCert Timestamp 2022 - 2,O=DigiCert,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

Issuer

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

23-03-2022 00:00

Not After

22-03-2037 23:59

Subject

CN=DigiCert Trusted G4 RSA4096 SHA256 TimeStamping CA,O=DigiCert\, Inc.,C=US

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

0e:9b:18:8e:f9:d0:2d:e7:ef:db:50:e2:08:40:18:5a
Certificate

Issuer

CN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=US

Not Before

01-08-2022 00:00

Not After

09-11-2031 23:59

Subject

CN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=US

Key Usages

KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign

4c:c5:8e:76:63:7b:e5:e7:39:80:d4:7b:64:6e:1e:cb:6e:b7:e1:3a:41:50:8c:cb:56:a6:b0:d3:af:11:b3:51
Signer

Actual PE Digest

4c:c5:8e:76:63:7b:e5:e7:39:80:d4:7b:64:6e:1e:cb:6e:b7:e1:3a:41:50:8c:cb:56:a6:b0:d3:af:11:b3:51

Digest Algorithm

sha256

PE Digest Matches

true

3a:29:69:48:ab:4c:cc:d0:21:6e:e3:38:0e:54:16:65:b6:50:b9:97
Signer

Actual PE Digest

3a:29:69:48:ab:4c:cc:d0:21:6e:e3:38:0e:54:16:65:b6:50:b9:97

Digest Algorithm

sha1

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\build\trunk_cn_5.0_64\simulator\bin\ldcam.pdb

Imports

kernel32

InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetProcAddress
CloseHandle
GetModuleHandleW
DecodePointer
OpenProcess
GetLastError
OpenFileMappingW
MapViewOfFile
CreateEventW
FreeLibrary
LoadLibraryW
GetCurrentThreadId
GetCurrentProcessId
CreateFileMappingW
lstrcpynW
EncodePointer
IsDebuggerPresent
OutputDebugStringW
GetSystemTimeAsFileTime
QueryPerformanceCounter
IsProcessorFeaturePresent

user32

IsWindow
DispatchMessageW
PeekMessageW
TranslateMessage
GetWindowThreadProcessId
DefWindowProcW
FindWindowW
MsgWaitForMultipleObjects
CreateWindowExW
RegisterClassExW
LoadCursorW

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

ole32

OleInitialize
CoCreateInstance
CreateBindCtx
CoTaskMemFree

oleaut32

VariantInit
VariantClear

msvcp120

?_Xout_of_range@std@@YAXPBD@Z
?_Winerror_map@std@@YAPBDH@Z
?_Syserror_map@std@@YAPBDH@Z
?_Xlength_error@std@@YAXPBD@Z
?_Xbad_alloc@std@@YAXXZ

msvcr120

__CxxFrameHandler3
__crtTerminateProcess
__crtUnhandledException
_crt_debugger_hook
_CxxThrowException
_fmode
__winitenv
_initterm
_initterm_e
__setusermatherr
_configthreadlocale
_except_handler4_common
__crtSetUnhandledExceptionFilter
_invoke_watson
_controlfp_s
memset
_commode
memmove
??_V@YAXPAX@Z
??3@YAXPAX@Z
??2@YAPAXI@Z
free
wcsstr
printf
setlocale
_purecall
wcsncpy_s
_aligned_free
malloc
getenv
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_lock
_unlock
_calloc_crt
__dllonexit
_onexit
_XcptFilter
_amsg_exit
__wgetmainargs
__set_app_type
exit
_exit
_cexit
memcpy

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
setup.exe
.exe windows:4 windows x86 arch:x86

9c0be69b696cda866d3aacda21b65727

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

oleaut32

SysFreeString
SysReAllocStringLen
SysAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayCreate
VariantChangeType
VariantCopy
VariantClear
VariantInit

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

user32

GetKeyboardType
DestroyWindow
LoadStringA
MessageBoxA
CharNextA
MessageBoxA
LoadStringA
GetSystemMetrics
CharPrevA
CharNextA
CharToOemA

kernel32

GetACP
Sleep
VirtualFree
VirtualAlloc
GetTickCount
QueryPerformanceCounter
GetCurrentThreadId
InterlockedDecrement
InterlockedIncrement
VirtualQuery
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrcpynA
LoadLibraryExA
GetThreadLocale
GetStartupInfoA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetCommandLineA
FreeLibrary
FindFirstFileA
FindClose
ExitProcess
WriteFile
UnhandledExceptionFilter
RtlUnwind
RaiseException
GetStdHandle
TlsSetValue
TlsGetValue
LocalAlloc
GetModuleHandleA
WriteFile
WaitForSingleObject
VirtualQuery
SizeofResource
SetFilePointer
SetFileAttributesA
SetEvent
SetEnvironmentVariableA
SetEndOfFile
ResetEvent
ReadFile
LockResource
LoadResource
LeaveCriticalSection
InitializeCriticalSection
GetWindowsDirectoryA
GetVersionExA
GetThreadLocale
GetStdHandle
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLocalTime
GetLastError
GetFullPathNameA
GetFileAttributesA
GetExitCodeProcess
GetEnvironmentVariableA
GetDiskFreeSpaceA
GetDateFormatA
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineA
GetCPInfo
FreeResource
FreeLibrary
FormatMessageA
FindResourceA
EnumCalendarInfoA
EnterCriticalSection
DeleteFileA
DeleteCriticalSection
CreateProcessA
CreateFileA
CreateEventA
CompareStringA
CloseHandle
Sleep

shfolder

SHGetFolderPathA

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.itext
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 22KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: - Virtual size: 12B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 518KB - Virtual size: 518KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
sharp-win32-ia32.node
.dll windows:6 windows x86 arch:x86

0d28072dad4ee7c754258c7be8480143

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

D:\a\sharp\sharp\build\Release\sharp-win32-ia32.pdb

Imports

kernel32

GetModuleHandleA
VirtualQuery
VirtualProtect
GetSystemInfo
WriteConsoleW
DecodePointer
HeapReAlloc
HeapSize
GetConsoleMode
GetConsoleOutputCP
FlushFileBuffers
GetTimeZoneInformation
WriteFile
GetStringTypeW
GetProcessHeap
SetEnvironmentVariableW
FreeEnvironmentStringsW
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
FindClose
SetFilePointerEx
SetStdHandle
LCMapStringW
CompareStringW
MultiByteToWideChar
GetFullPathNameW
GetCurrentDirectoryW
GetStdHandle
HeapAlloc
HeapFree
GetModuleFileNameW
GetModuleHandleExW
ExitProcess
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
CloseHandle
GetFileType
GetFileInformationByHandle
GetDriveTypeW
CreateFileW
LoadLibraryExW
FreeLibrary
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
InitializeCriticalSectionAndSpinCount
EncodePointer
SetLastError
GetLastError
InterlockedFlushSList
RaiseException
RtlUnwind
InitializeSListHead
GetCurrentProcessId
GetStartupInfoW
IsDebuggerPresent
IsProcessorFeaturePresent
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetProcAddress
GetModuleHandleW
GetSystemTimeAsFileTime
QueryPerformanceCounter
GetCurrentThreadId
DeleteCriticalSection
TryEnterCriticalSection
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
AcquireSRWLockExclusive
ReleaseSRWLockExclusive
InitializeSRWLock
LoadLibraryExA

libvips-42

vips_array_int_get_type
vips_interpretation_get_type
vips_foreign_dz_layout_get_type
vips_foreign_dz_container_get_type
vips_foreign_tiff_predictor_get_type
vips_foreign_tiff_compression_get_type
vips_blob_new
vips_kernel_get_type
vips_blend_mode_get_type
vips_operation_boolean_get_type
vips_foreign_tiff_resunit_get_type
vips_foreign_heif_compression_get_type
vips_area_unref
vips_foreign_dz_depth_get_type
vips_cache_get_max_mem
vips_version
vips_ref_string_get_type
vips_vector_set_enabled
vips_cache_get_max
vips_cache_set_max
vips_cache_get_max_files
vips_cache_set_max_mem
vips_concurrency_get
vips_cache_set_max_files
vips_foreign_get_type
vips_type_find
vips_concurrency_set
vips_class_find
vips_vector_isenabled
vips_tracked_get_mem_highwater
vips_tracked_get_mem
vips_tracked_get_files
vips_init
vips_thread_shutdown
vips_enum_nick
vips_error_clear
vips_array_double_get_type
vips_blob_get_type
vips_image_set_kill
vips_foreign_find_load
vips_image_set_progress
vips_align_get_type
vips_band_format_get_type
vips_enum_from_nick
vips_error
vips_fail_on_get_type
vips_image_get_page_height
vips_object_get_type
vips_cache_get_size
vips_foreign_find_load_buffer
vips_malloc

libglib-2.0-0

g_atomic_int_inc
g_atomic_int_dec_and_test
g_malloc
g_assertion_message_expr
g_snprintf
g_once_impl
g_log_set_handler
g_free

libgobject-2.0-0

g_object_ref
g_object_unref
g_type_check_instance_is_a
g_type_check_class_cast
g_signal_connect_data
g_type_check_instance_cast

libvips-cpp

?maxpos@VImage@vips@@QBE?AV?$complex@N@std@@PAVVOption@2@@Z
??AVImage@vips@@QBE?AV01@H@Z
?conv@VImage@vips@@QBE?AV12@V12@PAVVOption@2@@Z
?deviate@VImage@vips@@QBENPAVVOption@2@@Z
?getpoint@VImage@vips@@QBE?AV?$vector@NV?$allocator@N@std@@@std@@HHPAVVOption@2@@Z
?hist_entropy@VImage@vips@@QBENPAVVOption@2@@Z
?hist_find@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?hist_find_ndim@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?max@VImage@vips@@QBENPAVVOption@2@@Z
?stats@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?get_array_int@VImage@vips@@QBE?AV?$vector@HV?$allocator@H@std@@@std@@PBD@Z
?get_array_double@VImage@vips@@QBE?AV?$vector@NV?$allocator@N@std@@@std@@PBD@Z
?get_string@VImage@vips@@QBEPBDPBD@Z
?get_blob@VImage@vips@@QBEPBXPBDPAI@Z
??0VError@vips@@QAE@ABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@@Z
??0VError@vips@@QAE@XZ
??1VError@vips@@UAE@XZ
??0VImage@vips@@QAE@XZ
?get_image@VImage@vips@@QBEPAU_VipsImage@@XZ
?width@VImage@vips@@QBEHXZ
?height@VImage@vips@@QBEHXZ
?bands@VImage@vips@@QBEHXZ
?format@VImage@vips@@QBE?AW4VipsBandFormat@@XZ
?interpretation@VImage@vips@@QBE?AW4VipsInterpretation@@XZ
?xres@VImage@vips@@QBENXZ
?has_alpha@VImage@vips@@QBE_NXZ
?set@VImage@vips@@QAEXPBDH@Z
?set@VImage@vips@@QAEXPBDV?$vector@HV?$allocator@H@std@@@std@@@Z
?get_typeof@VImage@vips@@QBEKPBD@Z
?xoffset@VImage@vips@@QBEHXZ
?remove@VImage@vips@@QBE_NPBD@Z
?option@VImage@vips@@SAPAVVOption@2@XZ
?new_from_memory@VImage@vips@@SA?AV12@PAXIHHHW4VipsBandFormat@@@Z
?new_from_image@VImage@vips@@QBE?AV12@V?$vector@NV?$allocator@N@std@@@std@@@Z
?new_from_image@VImage@vips@@QBE?AV12@N@Z
??0VError@vips@@QAE@ABV01@@Z
??1VImage@vips@@QAE@XZ
??0VImage@vips@@QAE@ABV01@@Z
??4VImage@vips@@QAEAAV01@$$QAV01@@Z
??0VImage@vips@@QAE@$$QAV01@@Z
?new_from_file@VImage@vips@@SA?AV12@PBDPAVVOption@2@@Z
?new_from_buffer@VImage@vips@@SA?AV12@PBXIPBDPAVVOption@2@@Z
?new_matrix@VImage@vips@@SA?AV12@HH@Z
?bandjoin@VImage@vips@@SA?AV12@V?$vector@VVImage@vips@@V?$allocator@VVImage@vips@@@std@@@std@@PAVVOption@2@@Z
?bandjoin@VImage@vips@@QBE?AV12@V12@PAVVOption@2@@Z
??RVImage@vips@@QBE?AV?$vector@NV?$allocator@N@std@@@std@@HH@Z
?bandjoin_const@VImage@vips@@QBE?AV12@V?$vector@NV?$allocator@N@std@@@std@@PAVVOption@2@@Z
?cast@VImage@vips@@QBE?AV12@W4VipsBandFormat@@PAVVOption@2@@Z
?colourspace@VImage@vips@@QBE?AV12@W4VipsInterpretation@@PAVVOption@2@@Z
?copy@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?extract_band@VImage@vips@@QBE?AV12@HPAVVOption@2@@Z
?gaussnoise@VImage@vips@@SA?AV12@HHPAVVOption@2@@Z
?premultiply@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?text@VImage@vips@@SA?AV12@PBDPAVVOption@2@@Z
?unpremultiply@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?set@VOption@vips@@QAEPAV12@PBDPAH@Z
?set@VOption@vips@@QAEPAV12@PBD0@Z
?set@VOption@vips@@QAEPAV12@PBDN@Z
?set@VOption@vips@@QAEPAV12@PBDH@Z
?set@VOption@vips@@QAEPAV12@PBD_N@Z
?yoffset@VImage@vips@@QBEHXZ
?set@VImage@vips@@QAEXPBD0@Z
?write_to_memory@VImage@vips@@QBEPAXPAI@Z
?median@VImage@vips@@QBE?AV12@HPAVVOption@2@@Z
??1VInterpolate@vips@@QAE@XZ
?composite@VImage@vips@@SA?AV12@V?$vector@VVImage@vips@@V?$allocator@VVImage@vips@@@std@@@std@@V?$vector@HV?$allocator@H@std@@@4@PAVVOption@2@@Z
?affine@VImage@vips@@QBE?AV12@V?$vector@NV?$allocator@N@std@@@std@@PAVVOption@2@@Z
?dzsave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?dzsave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?flip@VImage@vips@@QBE?AV12@W4VipsDirection@@PAVVOption@2@@Z
?gifsave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?gifsave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?heifsave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?heifsave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?icc_transform@VImage@vips@@QBE?AV12@PBDPAVVOption@2@@Z
?jp2ksave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?dE00@VImage@vips@@QBE?AV12@V12@PAVVOption@2@@Z
?jp2ksave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?jpegload@VImage@vips@@SA?AV12@PBDPAVVOption@2@@Z
?jpegload_buffer@VImage@vips@@SA?AV12@PAU_VipsBlob@@PAVVOption@2@@Z
?jpegsave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?jpegsave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?jxlsave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?jxlsave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?pdfload@VImage@vips@@SA?AV12@PBDPAVVOption@2@@Z
?pdfload_buffer@VImage@vips@@SA?AV12@PAU_VipsBlob@@PAVVOption@2@@Z
?pngsave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?pngsave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?replicate@VImage@vips@@QBE?AV12@HHPAVVOption@2@@Z
?resize@VImage@vips@@QBE?AV12@NPAVVOption@2@@Z
?rot@VImage@vips@@QBE?AV12@W4VipsAngle@@PAVVOption@2@@Z
?rotate@VImage@vips@@QBE?AV12@NPAVVOption@2@@Z
?new_matrixv@VImage@vips@@SA?AV12@HHZZ
?svgload@VImage@vips@@SA?AV12@PBDPAVVOption@2@@Z
?svgload_buffer@VImage@vips@@SA?AV12@PAU_VipsBlob@@PAVVOption@2@@Z
?tiffsave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?tiffsave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?tilecache@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?vipssave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?webpload@VImage@vips@@SA?AV12@PBDPAVVOption@2@@Z
?webpload_buffer@VImage@vips@@SA?AV12@PAU_VipsBlob@@PAVVOption@2@@Z
?webpsave@VImage@vips@@QBEXPBDPAVVOption@2@@Z
?webpsave_buffer@VImage@vips@@QBEPAU_VipsBlob@@PAVVOption@2@@Z
?set@VOption@vips@@QAEPAV12@PBDV?$vector@HV?$allocator@H@std@@@std@@@Z
?set@VOption@vips@@QAEPAV12@PBDVVObject@2@@Z
?new_from_name@VInterpolate@vips@@SA?AV12@PBDPAVVOption@2@@Z
?linear@VImage@vips@@QBE?AV12@NNPAVVOption@2@@Z
?bandjoin@VImage@vips@@QBE?AV12@V?$vector@NV?$allocator@N@std@@@std@@PAVVOption@2@@Z
?linear@VImage@vips@@QBE?AV12@V?$vector@NV?$allocator@N@std@@@std@@0PAVVOption@2@@Z
?arrayjoin@VImage@vips@@SA?AV12@V?$vector@VVImage@vips@@V?$allocator@VVImage@vips@@@std@@@std@@PAVVOption@2@@Z
?bandbool@VImage@vips@@QBE?AV12@W4VipsOperationBoolean@@PAVVOption@2@@Z
?boolean@VImage@vips@@QBE?AV12@V12@W4VipsOperationBoolean@@PAVVOption@2@@Z
?embed@VImage@vips@@QBE?AV12@HHHHPAVVOption@2@@Z
?extract_area@VImage@vips@@QBE?AV12@HHHHPAVVOption@2@@Z
?find_trim@VImage@vips@@QBEHPAH00PAVVOption@2@@Z
?flatten@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?gamma@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?gaussblur@VImage@vips@@QBE?AV12@NPAVVOption@2@@Z
?grid@VImage@vips@@QBE?AV12@HHHPAVVOption@2@@Z
?hist_local@VImage@vips@@QBE?AV12@HHPAVVOption@2@@Z
?invert@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
?percent@VImage@vips@@QBEHNPAVVOption@2@@Z
?recomb@VImage@vips@@QBE?AV12@V12@PAVVOption@2@@Z
?sharpen@VImage@vips@@QBE?AV12@PAVVOption@2@@Z
??Pvips@@YA?AVVImage@0@V10@N@Z
?set@VOption@vips@@QAEPAV12@PBDV?$vector@NV?$allocator@N@std@@@std@@@Z
?get_int@VImage@vips@@QBEHPBD@Z
?set@VImage@vips@@QAEXPBDN@Z
?smartcrop@VImage@vips@@QBE?AV12@HHPAVVOption@2@@Z

Exports

Exports

_register_sharp_

Sections

.text
Size: 236KB - Virtual size: 235KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
yundamaAPI.dll
.dll windows:5 windows x86 arch:x86

2d1793f43d4da26ead9823b3546f3457

Code Sign

04:44:c0
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

22-10-2008 12:07

Not After

31-12-2029 12:07

Subject

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:79:16:4f:42:57:0d:7a:07:0b:5e:c7:60:39:7c:47
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

15-08-2017 07:55

Not After

15-08-2028 07:55

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

6e:a1:d4:94:5f:0e:69:e9:d6:f1:48:2c:58:6a:71:af
Certificate

Issuer

CN=Certum Trusted Network CA,OU=Certum Certification Authority,O=Unizeto Technologies S.A.,C=PL

Not Before

17-04-2018 08:20

Not After

18-05-2027 08:20

Subject

CN=WoTrus Code Signing CA,O=WoTrus CA Limited,C=CN

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

2f:4c:a9:11:3e:5b:72:b9:ba:3e:68:ad:3a:a7:9a:6f
Certificate

Issuer

CN=WoTrus Code Signing CA,O=WoTrus CA Limited,C=CN

Not Before

13-08-2018 10:01

Not After

13-11-2019 10:01

Subject

CN=Shenzhen Shangzhou Net Technology Co.\, Ltd.,O=Shenzhen Shangzhou Net Technology Co.\, Ltd.,L=Shenzhen,ST=Guangdong,C=CN,1.2.840.113549.1.9.1=#0c11323539373531383436304071712e636f6d

Extended Key Usages

ExtKeyUsageCodeSigning

Key Usages

KeyUsageDigitalSignature

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

51:ec:ef:d7:72:99:ba:1a:dd:28:02:43:1e:86:e2:0e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-04-2015 00:58

Not After

08-04-2025 00:58

Subject

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

6d:79:16:4f:42:57:0d:7a:07:0b:5e:c7:60:39:7c:47
Certificate

Issuer

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Not Before

15-08-2017 07:55

Not After

15-08-2028 07:55

Subject

CN=WoSign Time Stamping Signer,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageDigitalSignature
KeyUsageContentCommitment

51:ec:ef:d7:72:99:ba:1a:dd:28:02:43:1e:86:e2:0e
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-04-2015 00:58

Not After

08-04-2025 00:58

Subject

CN=WoSign Time Stamping Services CA G2,O=WoSign CA Limited,C=CN

Extended Key Usages

ExtKeyUsageTimeStamping

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

5e:68:d6:11:71:94:63:50:56:00:68:f3:3e:c9:c5:91
Certificate

Issuer

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Not Before

08-08-2009 01:00

Not After

08-08-2039 01:00

Subject

CN=Certification Authority of WoSign,O=WoSign CA Limited,C=CN

Key Usages

KeyUsageCertSign
KeyUsageCRLSign

d4:f8:03:9b:88:2a:4d:74:67:0d:1a:9a:6f:bc:1d:d6:47:e1:a5:82:9a:43:c8:e8:b9:f1:45:f0:67:a9:24:3b
Signer

Actual PE Digest

d4:f8:03:9b:88:2a:4d:74:67:0d:1a:9a:6f:bc:1d:d6:47:e1:a5:82:9a:43:c8:e8:b9:f1:45:f0:67:a9:24:3b

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

gethostname
ioctlsocket
listen
accept
recvfrom
sendto
getaddrinfo
freeaddrinfo
connect
socket
closesocket
getpeername
getsockopt
htons
bind
ntohs
getsockname
setsockopt
WSAIoctl
send
recv
select
WSAGetLastError
__WSAFDIsSet
WSASetLastError
WSAStartup
WSACleanup

wldap32

ord22
ord211
ord143
ord60
ord50
ord26
ord30
ord32
ord35
ord79
ord200
ord33
ord301
ord27
ord41
ord46

kernel32

GetStringTypeW
GetTimeZoneInformation
GetProcessHeap
SetEndOfFile
GetDriveTypeW
LoadLibraryW
InterlockedExchange
FlushFileBuffers
SetStdHandle
GetConsoleMode
GetConsoleCP
LCMapStringW
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
GetCurrentDirectoryW
GetFullPathNameA
GetModuleFileNameW
GetCurrentProcessId
QueryPerformanceCounter
HeapDestroy
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetModuleFileNameA
GetStartupInfoW
SetHandleCount
InterlockedDecrement
InterlockedIncrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
Sleep
MultiByteToWideChar
WideCharToMultiByte
GetTempPathA
GetTempFileNameA
CreateFileA
WriteFile
CloseHandle
SetLastError
GetLastError
GetTickCount
SleepEx
GetVersionExA
WaitForSingleObject
FormatMessageA
ReadFile
PeekNamedPipe
WaitForMultipleObjects
GetFileType
GetStdHandle
FreeLibrary
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
CreateFileW
InitializeCriticalSectionAndSpinCount
EncodePointer
DecodePointer
GetSystemTimeAsFileTime
DeleteFileA
GetCurrentThreadId
GetCommandLineA
HeapReAlloc
HeapFree
HeapAlloc
FindClose
FileTimeToSystemTime
FileTimeToLocalFileTime
GetDriveTypeA
FindFirstFileExA
ExitThread
CreateThread
GetFileInformationByHandle
SetFilePointer
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
HeapSize
GetModuleHandleW
ExitProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree

advapi32

CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
CryptHashData
CryptAcquireContextA
CryptCreateHash

Exports

Exports

YDM_DecodeByBytes
YDM_DecodeByPath
YDM_EasyDecodeByBytes
YDM_EasyDecodeByPath
YDM_EasyGetBalance
YDM_EasyPay
YDM_EasyReg
YDM_EasyReport
YDM_GetBalance
YDM_GetResult
YDM_Login
YDM_Pay
YDM_Reg
YDM_Report
YDM_SetAppInfo
YDM_SetBaseAPI
YDM_SetTimeOut
YDM_UploadByBytes
YDM_UploadByPath

Sections

.text
Size: 307KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

250fe00182ff90e00ead9d5e8dceec1a

Headers

DLL Characteristics

File Characteristics

Imports

opengl32

kernel32

ole32

oleaut32

audio360

winmm

user32

Exports

Exports

Sections

.text Size: 458KB - Virtual size: 458KB

.rdata Size: 195KB - Virtual size: 195KB

.data Size: 11KB - Virtual size: 25KB

.gfids Size: 3KB - Virtual size: 2KB

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 39KB - Virtual size: 38KB

362b08c76a97653e04f735f5d98886c1

Headers

File Characteristics

Imports

crypt32

kernel32

user32

comctl32

gdi32

winspool.drv

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 16KB - Virtual size: 13KB

.data Size: 8KB - Virtual size: 19KB

.reloc Size: 12KB - Virtual size: 9KB

3b2671d348a81ab80f6040069340d900

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

vcruntime140

api-ms-win-crt-runtime-l1-1-0

api-ms-win-crt-heap-l1-1-0

adobe air

msvcp140

api-ms-win-crt-string-l1-1-0

mscoree

Exports

Exports

Sections

.text Size: 21KB - Virtual size: 20KB

.rdata Size: 51KB - Virtual size: 51KB

.data Size: 512B - Virtual size: 2KB

.gfids Size: 512B - Virtual size: 68B

.tls Size: 512B - Virtual size: 9B

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 924B

18118219cbdf0a0b96d76b3c288740d4

Code Sign

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5bCertificate

Extended Key Usages

Key Usages

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate

Extended Key Usages

Key Usages

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9dCertificate

Extended Key Usages

Key Usages

0d:65:08:23:68:f9:43:30:12:3c:9a:85:3a:2f:de:bfCertificate

.text
Size: 458KB - Virtual size: 458KB

.rdata
Size: 195KB - Virtual size: 195KB

.data
Size: 11KB - Virtual size: 25KB

.gfids
Size: 3KB - Virtual size: 2KB

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 39KB - Virtual size: 38KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 16KB - Virtual size: 13KB

.data
Size: 8KB - Virtual size: 19KB

.reloc
Size: 12KB - Virtual size: 9KB

.text
Size: 21KB - Virtual size: 20KB

.rdata
Size: 51KB - Virtual size: 51KB

.data
Size: 512B - Virtual size: 2KB

.gfids
Size: 512B - Virtual size: 68B

.tls
Size: 512B - Virtual size: 9B

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 924B

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

0d:65:08:23:68:f9:43:30:12:3c:9a:85:3a:2f:de:bf
Certificate

08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9
Certificate

0d:65:08:23:68:f9:43:30:12:3c:9a:85:3a:2f:de:bf
Certificate

0a:7a:4a:88:9e:c9:99:42:90:06:63:38:4d:86:97:9d
Certificate

07:36:37:b7:24:54:7c:d8:47:ac:fd:28:66:2a:5e:5b
Certificate

dd:75:dc:72:16:7a:e1:29:16:96:53:95:78:e4:8f:68:af:82:00:d5:f1:5d:76:0a:c5:cb:6e:c5:ed:81:32:48
Signer

b3:e1:1b:e7:f3:c7:53:95:7b:08:45:7c:92:7c:c1:c3:a4:8c:d9:55
Signer

.text
Size: 467KB - Virtual size: 467KB

.rdata
Size: 379KB - Virtual size: 379KB

.data
Size: 3KB - Virtual size: 57KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 46KB - Virtual size: 46KB

.text
Size: 68KB - Virtual size: 67KB

.rdata
Size: 30KB - Virtual size: 29KB

.data
Size: 5KB - Virtual size: 12KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 5KB - Virtual size: 4KB