dialog
initDialog
make_unicode
show
Overview
overview
7Static
static
3SecuriteIn...46.exe
windows7-x64
7SecuriteIn...46.exe
windows10-2004-x64
7$PLUGINSDI...ns.dll
windows7-x64
3$PLUGINSDI...ns.dll
windows10-2004-x64
3$PLUGINSDI...em.dll
windows7-x64
3$PLUGINSDI...em.dll
windows10-2004-x64
3NewsReactor.chm
windows7-x64
1NewsReactor.chm
windows10-2004-x64
1NewsReactor.exe
windows7-x64
3NewsReactor.exe
windows10-2004-x64
3dbghelp.dll
windows10-2004-x64
1Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
SecuriteInfo.com.Exploit.CVE-2020-0601.Gen.2.582.6646.exe
Resource
win7-20240221-en
windows7-x64
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
SecuriteInfo.com.Exploit.CVE-2020-0601.Gen.2.582.6646.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral3
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral4
Sample
$PLUGINSDIR/InstallOptions.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
2 signatures
150 seconds
Behavioral task
behavioral7
Sample
NewsReactor.chm
Resource
win7-20240221-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral8
Sample
NewsReactor.chm
Resource
win10v2004-20240508-en
windows10-2004-x64
1 signatures
150 seconds
Behavioral task
behavioral9
Sample
NewsReactor.exe
Resource
win7-20240508-en
windows7-x64
7 signatures
150 seconds
Behavioral task
behavioral10
Sample
NewsReactor.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
5 signatures
150 seconds
Behavioral task
behavioral11
Sample
dbghelp.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
0 signatures
150 seconds
General
-
Target
SecuriteInfo.com.Exploit.CVE-2020-0601.Gen.2.582.6646.exe
-
Size
3.3MB
-
MD5
90a7625061fcbd7f41e0445222f36e31
-
SHA1
c7bcc58b700be12da7afc2e1ff61b1c873944e33
-
SHA256
595112243c804374b8439c045ee06221a20e69c323cd130279987a819d5364a3
-
SHA512
715d23ee3989a6c1fbc09567f126b963949ec4c289769c4933687de1e4bec80e0e4cda97c8e75fa1a032663044d49e008f4ebecc38e9c3d2fe66e7036fa6bff9
-
SSDEEP
49152:W5CQDYV4UgT6MJ1EXbCJJne6nRHc/97UoUgFE4fO+5F3f2ak9cVzKpV5uISrrpO+:W5NRUS1EXbCDneiRHDoeyvfWbpXuIaH
Score
3/10
Malware Config
Signatures
-
Unsigned PE 3 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.Exploit.CVE-2020-0601.Gen.2.582.6646.exe unpack001/$PLUGINSDIR/InstallOptions.dll unpack001/$PLUGINSDIR/System.dll
Files
-
SecuriteInfo.com.Exploit.CVE-2020-0601.Gen.2.582.6646.exe.exe windows:4 windows x86 arch:x86
9dda1a1d1f8a1d13ae0297b47046b26e
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
advapi32
RegEnumValueW
RegEnumKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegOpenKeyExW
RegCreateKeyExW
shell32
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetFileInfoW
SHFileOperationW
ShellExecuteExW
ole32
CoCreateInstance
OleUninitialize
OleInitialize
IIDFromString
CoTaskMemFree
comctl32
ImageList_Destroy
ord17
ImageList_AddMasked
ImageList_Create
user32
MessageBoxIndirectW
GetDlgItemTextW
SetDlgItemTextW
CreatePopupMenu
AppendMenuW
TrackPopupMenu
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
IsWindowVisible
CallWindowProcW
GetMessagePos
CheckDlgButton
LoadCursorW
SetCursor
GetSysColor
SetWindowPos
GetWindowLongW
IsWindowEnabled
SetClassLongW
GetSystemMenu
EnableMenuItem
GetWindowRect
ScreenToClient
EndDialog
RegisterClassW
SystemParametersInfoW
CharPrevW
GetClassInfoW
DialogBoxParamW
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
SetWindowLongW
LoadImageW
GetDC
ReleaseDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
CharNextA
wsprintfA
DispatchMessageW
CreateWindowExW
PeekMessageW
GetSystemMetrics
gdi32
GetDeviceCaps
SetBkColor
SelectObject
DeleteObject
CreateBrushIndirect
CreateFontIndirectW
SetBkMode
SetTextColor
kernel32
RemoveDirectoryW
lstrcmpiA
GetTempFileNameW
CreateProcessW
CreateDirectoryW
GetLastError
CreateThread
GlobalLock
GlobalUnlock
GetDiskFreeSpaceW
WideCharToMultiByte
lstrcpynW
lstrlenW
SetErrorMode
GetVersionExW
GetCommandLineW
GetTempPathW
GetWindowsDirectoryW
SetEnvironmentVariableW
WriteFile
ExitProcess
GetCurrentProcess
GetModuleFileNameW
GetFileSize
CreateFileW
GetTickCount
Sleep
SetFileAttributesW
GetFileAttributesW
SetCurrentDirectoryW
MoveFileW
GetFullPathNameW
GetShortPathNameW
SearchPathW
CompareFileTime
SetFileTime
CloseHandle
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalFree
GlobalAlloc
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
lstrlenA
MultiByteToWideChar
ReadFile
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
MulDiv
lstrcpyA
MoveFileExW
lstrcatW
GetSystemDirectoryW
GetProcAddress
GetModuleHandleA
GetExitCodeProcess
WaitForSingleObject
CopyFileW
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 1KB - Virtual size: 126KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ndata Size: - Virtual size: 72KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 17KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/InstallOptions.dll.dll windows:4 windows x86 arch:x86
85f08eb0cbec010ecbc287fa68321173
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
SetCurrentDirectoryW
GetCurrentDirectoryW
GlobalUnlock
GlobalLock
GetModuleHandleW
CloseHandle
SetEndOfFile
GetPrivateProfileIntW
SetFilePointer
MultiByteToWideChar
ReadFile
GetFileSize
CreateFileW
lstrcmpiW
GetPrivateProfileStringW
lstrcatW
lstrcpynW
WritePrivateProfileStringW
lstrlenW
lstrcpyW
GlobalFree
WriteFile
GlobalAlloc
user32
PtInRect
LoadCursorW
GetDlgCtrlID
CloseClipboard
GetClipboardData
OpenClipboard
GetClientRect
SetWindowRgn
LoadIconW
LoadImageW
SetWindowLongW
CreateWindowExW
MapDialogRect
SetWindowPos
GetWindowRect
CreateDialogParamW
ShowWindow
EnableMenuItem
GetSystemMenu
EnableWindow
GetDlgItem
DestroyIcon
DestroyWindow
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
SetCursor
DrawTextW
GetWindowLongW
DrawFocusRect
CallWindowProcW
PostMessageW
MessageBoxW
GetSysColor
CharNextW
wsprintfW
GetWindowTextW
SetWindowTextW
SendMessageW
MapWindowPoints
gdi32
SetTextColor
CreateCompatibleDC
GetObjectW
GetDIBits
CreateRectRgn
CombineRgn
DeleteObject
SelectObject
shell32
SHBrowseForFolderW
SHGetDesktopFolder
SHGetPathFromIDListW
ShellExecuteW
comdlg32
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ole32
CoTaskMemFree
Exports
Exports
Sections
.text Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 2KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 152B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/System.dll.dll windows:4 windows x86 arch:x86
509a34b3a68a773e0afb4259e68f9f82
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Imports
kernel32
GlobalAlloc
GlobalFree
GlobalSize
lstrcpynW
lstrcpyW
GetProcAddress
WideCharToMultiByte
VirtualFree
FreeLibrary
lstrlenW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
GetLastError
user32
wsprintfW
ole32
StringFromGUID2
CLSIDFromString
Exports
Exports
Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 867B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 120B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 1024B - Virtual size: 662B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
$PLUGINSDIR/ioSpecial.ini
-
$PLUGINSDIR/modern-wizard.bmp
-
NewsReactor.chm.chm
-
NewsReactor.exe.exe windows:6 windows x64 arch:x64
6fc0a7e01ee682049bb0fdc6076db0f2
Code Sign
fb:b7:3b:8a:5c:ee:98:86Certificate
IssuerCN=trust_431ba48c-43e0-44ef-97b6-5c68c09a636dNot Before28/03/2024, 01:28Not After28/03/2025, 13:28SubjectCN=trust_431ba48c-43e0-44ef-97b6-5c68c09a636d30:0f:6f:ac:dd:66:98:74:7c:a9:46:36:a7:78:2d:b9Certificate
IssuerCN=USERTrust RSA Certification Authority,O=The USERTRUST Network,L=Jersey City,ST=New Jersey,C=USNot Before02/05/2019, 00:00Not After18/01/2038, 23:59SubjectCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
39:4c:25:e1:7c:a0:6d:27:a8:65:e2:3b:d9:1d:22:d4Certificate
IssuerCN=Sectigo RSA Time Stamping CA,O=Sectigo Limited,L=Salford,ST=Greater Manchester,C=GBNot Before03/05/2023, 00:00Not After02/08/2034, 23:59SubjectCN=Sectigo RSA Time Stamping Signer #4,O=Sectigo Limited,ST=Manchester,C=GBExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageContentCommitment
21:88:f9:0e:37:5b:49:06:be:03:27:a7:4b:82:db:d8:7e:da:c9:ff:91:e4:c0:7d:db:3f:74:56:76:69:fe:7dSigner
Actual PE Digest21:88:f9:0e:37:5b:49:06:be:03:27:a7:4b:82:db:d8:7e:da:c9:ff:91:e4:c0:7d:db:3f:74:56:76:69:fe:7dDigest Algorithmsha256PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
C:\MyProjects\NewsReactor\x64\Release\NewsReactor.pdb
Imports
ws2_32
bind
inet_addr
gethostbyaddr
closesocket
socket
connect
recv
htons
setsockopt
inet_ntoa
WSACleanup
WSAStartup
gethostbyname
send
inet_pton
iphlpapi
GetAdaptersInfo
kernel32
GetPrivateProfileStringA
WritePrivateProfileStringA
GetVolumeInformationA
DuplicateHandle
LoadLibraryExA
lstrcmpiA
GetThreadLocale
GlobalFlags
VerSetConditionMask
VerifyVersionInfoA
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GlobalHandle
LocalAlloc
LocalReAlloc
GetLocaleInfoW
GetSystemDefaultUILanguage
GetUserDefaultUILanguage
GetOEMCP
GetCPInfo
GetACP
GetFileTime
GetTempFileNameA
GetUserDefaultLCID
FindResourceExW
GetCurrentDirectoryA
GetFileAttributesExA
GetFileSizeEx
SetErrorMode
SetThreadPriority
GetTickCount64
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
WakeAllConditionVariable
SleepConditionVariableSRW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
InitializeSListHead
SetEvent
CreateEventA
FileTimeToSystemTime
CopyFileA
CompareStringA
FlsAlloc
GlobalGetAtomNameA
GlobalFindAtomA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GetSystemDirectoryW
EncodePointer
MulDiv
QueryActCtxW
FindActCtxSectionStringW
DeactivateActCtx
ActivateActCtx
CreateActCtxW
FindResourceA
GlobalFree
GlobalSize
GlobalReAlloc
GetModuleHandleExW
GetModuleFileNameW
SetLastError
FlushFileBuffers
QueryPerformanceCounter
CreateFileMappingW
FormatMessageA
GetSystemTimeAsFileTime
GetFileSize
LockFileEx
LocalFree
UnlockFile
HeapCompact
LoadLibraryW
RaiseException
DeleteFileW
WaitForSingleObjectEx
GetCurrentThread
SystemTimeToTzSpecificLocalTime
GetModuleHandleA
FindNextFileA
LCMapStringEx
GetStringTypeW
RtlUnwindEx
RtlPcToFileHeader
GetDriveTypeW
GetFileInformationByHandle
PeekNamedPipe
FindFirstFileA
GetCommandLineA
GetCommandLineW
SetStdHandle
WriteConsoleW
CreateThread
ExitThread
FreeLibraryAndExitThread
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
HeapValidate
GetFileAttributesW
CreateFileW
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
HeapCreate
TryEnterCriticalSection
ReadFile
AreFileApisANSI
GetFullPathNameW
FindNextFileW
VirtualQuery
HeapQueryInformation
QueryPerformanceFrequency
ReadConsoleW
GetConsoleOutputCP
FindClose
SetConsoleMode
GetConsoleMode
FileTimeToLocalFileTime
GetFileType
GetStdHandle
GetSystemInfo
VirtualFree
VirtualAlloc
TerminateProcess
CreateMutexA
ReleaseMutex
InitializeCriticalSection
SystemTimeToFileTime
GetSystemTime
InitOnceExecuteOnce
GetDateFormatA
GetSystemDirectoryA
GetVersionExA
GetVersion
MapViewOfFile
OpenFileMappingA
CreateFileMappingA
UnmapViewOfFile
GetPrivateProfileIntA
GetLongPathNameA
SetUnhandledExceptionFilter
GetCurrentProcessId
CloseHandle
CreateFileA
GetCurrentThreadId
GetModuleFileNameA
LoadLibraryExW
GlobalUnlock
CreateDirectoryA
GetDiskFreeSpaceExA
GetModuleHandleW
GlobalLock
GlobalAlloc
GetFileAttributesA
ResumeThread
SuspendThread
lstrcmpA
WaitForSingleObject
GetCurrentProcess
MoveFileA
FreeLibrary
GetProcAddress
SearchPathA
LoadLibraryA
GetProfileIntA
MultiByteToWideChar
GlobalMemoryStatus
DeleteFileA
InitializeCriticalSectionAndSpinCount
lstrcpyA
GetTickCount
lstrcpynA
Sleep
WideCharToMultiByte
GetProcessHeap
DeleteCriticalSection
HeapDestroy
DecodePointer
HeapAlloc
FindResourceW
LoadResource
HeapReAlloc
LockResource
GetLastError
HeapSize
InitializeCriticalSectionEx
LeaveCriticalSection
EnterCriticalSection
HeapFree
SizeofResource
ExitProcess
VirtualProtect
FlsGetValue
FlsSetValue
FlsFree
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
IsValidLocale
EnumSystemLocalesW
SetFilePointerEx
GetTimeZoneInformation
GetCurrentDirectoryW
FindFirstFileExW
IsValidCodePage
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetWindowsDirectoryA
RtlUnwind
user32
InvertRect
HideCaret
GetNextDlgGroupItem
ModifyMenuA
GetMenuDefaultItem
CopyIcon
GetIconInfo
GetDoubleClickTime
EnableScrollBar
MonitorFromPoint
LockWindowUpdate
NotifyWinEvent
MessageBeep
DestroyAcceleratorTable
CreateAcceleratorTableA
LoadAcceleratorsW
ToAsciiEx
GetKeyboardState
GetKeyboardLayout
SetParent
DeleteMenu
GetSystemMenu
SetWindowContextHelpId
InvalidateRgn
CopyAcceleratorTableA
CharNextA
TrackMouseEvent
DrawIconEx
DrawFocusRect
DrawEdge
EnumDisplayMonitors
GetSysColorBrush
SetLayeredWindowAttributes
RealChildWindowFromPoint
CharUpperA
ShowOwnedPopups
WindowFromPoint
DestroyCursor
SetCursorPos
IsZoomed
UnionRect
ReuseDDElParam
UnpackDDElParam
InsertMenuItemA
CreatePopupMenu
LoadMenuA
TranslateAcceleratorA
LoadAcceleratorsA
BringWindowToTop
MapDialogRect
GetAsyncKeyState
TranslateMessage
GetMessageA
GetWindowThreadProcessId
GetMenuItemInfoA
DestroyMenu
MapVirtualKeyA
GetKeyNameTextA
GetWindowDC
TabbedTextOutA
GrayStringA
DrawTextExA
DrawTextA
SetMenuItemInfoA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
EnableMenuItem
CheckMenuItem
RemoveMenu
AppendMenuA
InsertMenuA
GetMenuState
GetMenuStringA
GetActiveWindow
GetNextDlgTabItem
EndDialog
CreateDialogIndirectParamA
IsDialogMessageA
SetWindowTextA
FrameRect
SendDlgItemMessageA
CheckDlgButton
SetDlgItemTextA
MoveWindow
GetMonitorInfoA
MonitorFromWindow
WinHelpA
GetScrollInfo
SetScrollInfo
UnhookWindowsHookEx
SetWindowsHookExA
GetTopWindow
GetClassLongPtrA
GetClassLongA
SetWindowLongPtrA
GetWindowLongPtrA
SetWindowLongA
EqualRect
MapWindowPoints
RemovePropA
GetPropA
SetPropA
ShowScrollBar
GetScrollRange
SetScrollRange
ScrollWindow
ValidateRect
EndPaint
BeginPaint
GetForegroundWindow
GetMenuItemCount
SetMenu
GetMenu
GetCapture
GetKeyState
GetDlgCtrlID
GetDlgItem
EndDeferWindowPos
DeferWindowPos
BeginDeferWindowPos
SetWindowPlacement
GetWindowPlacement
SetWindowPos
DestroyWindow
IsChild
IsMenu
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
CallWindowProcA
GetMessageTime
GetMessagePos
PeekMessageA
DispatchMessageA
GetWindowLongA
GetWindowTextLengthA
GetWindowTextA
GetScrollPos
SetScrollPos
LoadCursorW
ClientToScreen
SetCursor
AdjustWindowRectEx
SetWindowRgn
DrawIcon
CopyImage
LoadImageW
DestroyIcon
IsRectEmpty
RegisterClipboardFormatA
IsCharLowerA
MapVirtualKeyExA
CharUpperBuffA
UpdateLayeredWindow
DrawMenuBar
DefFrameProcA
DefMDIChildProcA
TranslateMDISysAccel
IsClipboardFormatAvailable
GetUpdateRect
SubtractRect
GetWindowRgn
IntersectRect
CopyRect
DrawStateA
RedrawWindow
GetDesktopWindow
UpdateWindow
GetComboBoxInfo
CreateMenu
PostThreadMessageA
DrawFrameControl
LoadImageA
GetMenuItemID
EnumChildWindows
TrackPopupMenu
SetMenuDefaultItem
LoadIconA
SetRect
GetLastActivePopup
SendMessageTimeoutA
ShowWindow
IsIconic
ScreenToClient
MessageBoxA
GetFocus
GetDC
IsWindowVisible
FillRect
CallNextHookEx
OpenClipboard
SetTimer
CloseClipboard
WaitMessage
EmptyClipboard
ExitWindowsEx
SetClassLongPtrA
LoadBitmapW
LoadIconW
SetClipboardData
SystemParametersInfoA
KillTimer
PostQuitMessage
SetForegroundWindow
ReleaseDC
CharNextExA
SetActiveWindow
SetFocus
SetCapture
ReleaseCapture
GetClassNameA
InflateRect
OffsetRect
GetSysColor
SetRectEmpty
PtInRect
InvalidateRect
LoadCursorA
GetSystemMetrics
DefWindowProcA
GetParent
PostMessageA
LoadMenuW
GetWindow
GetWindowRect
GetSubMenu
IsWindow
RegisterWindowMessageA
GetClientRect
GetCursorPos
SendMessageA
UnregisterClassA
EnableWindow
IsWindowEnabled
gdi32
MoveToEx
TextOutA
ExtTextOutA
SetViewportExtEx
SetViewportOrgEx
SetWindowExtEx
SetWindowOrgEx
OffsetViewportOrgEx
OffsetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
CreateRectRgnIndirect
CreateFontA
GetObjectType
GetCharWidthA
StretchDIBits
GetTextMetricsA
GetBkColor
GetMapMode
SetRectRgn
CreateDIBitmap
EnumFontFamiliesA
GetTextCharsetInfo
GetTextColor
Polygon
Polyline
GetRgnBox
EnumFontFamiliesExA
CreateRoundRectRgn
OffsetRgn
CreatePalette
GetNearestPaletteIndex
GetPaletteEntries
GetSystemPaletteEntries
RoundRect
ExtFloodFill
SetPaletteEntries
FrameRgn
GetBoundsRect
GetWindowOrgEx
GetViewportOrgEx
SetPixelV
GetTextFaceA
GetClipBox
SetTextAlign
SetROP2
SetPolyFillMode
GetLayout
SetLayout
SetMapMode
SetBkMode
ExtSelectClipRgn
SelectClipRgn
SaveDC
RestoreDC
RectVisible
PtVisible
LineTo
IntersectClipRect
Rectangle
GetViewportExtEx
ExcludeClipRect
Escape
CreatePatternBrush
CreatePen
CreateHatchBrush
GetDeviceCaps
CreateDCA
CopyMetaFileA
LPtoDP
DPtoLP
Ellipse
CreateEllipticRgn
SetDIBColorTable
CreateDIBSection
StretchBlt
SetPixel
SelectPalette
RealizePalette
PatBlt
GetPixel
CreateRectRgn
CreateCompatibleBitmap
CreateBitmap
CombineRgn
BitBlt
CreateCompatibleDC
SelectObject
GetTextExtentPoint32A
GetStockObject
SetTextColor
SetBkColor
DeleteObject
CreatePolygonRgn
CreateFontIndirectA
PtInRegion
CreateSolidBrush
FillRgn
GetObjectA
DeleteDC
GetWindowExtEx
msimg32
TransparentBlt
AlphaBlend
winspool.drv
ClosePrinter
DocumentPropertiesA
OpenPrinterA
advapi32
RegEnumKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey
RegEnumKeyExA
RegEnumValueA
RegQueryValueA
OpenProcessToken
RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
shell32
SHGetMalloc
DragFinish
DragQueryFileA
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetFolderPathA
Shell_NotifyIconA
SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation
SHAppBarMessage
ShellExecuteA
comctl32
ImageList_AddMasked
ord17
ImageList_GetIconSize
shlwapi
PathFindExtensionA
PathIsUNCA
PathStripToRootA
StrFormatKBSizeA
PathRemoveFileSpecW
PathFindFileNameA
uxtheme
GetThemeSysColor
DrawThemeText
GetCurrentThemeName
GetThemeColor
DrawThemeParentBackground
IsAppThemed
IsThemeBackgroundPartiallyTransparent
GetThemePartSize
DrawThemeBackground
CloseThemeData
OpenThemeData
GetWindowTheme
ole32
CoRegisterMessageFilter
OleDuplicateData
ReleaseStgMedium
OleDraw
CoUninitialize
CoInitializeEx
CoCreateInstance
CoCreateGuid
CoInitialize
CoDisconnectObject
CLSIDFromString
CoGetClassObject
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CreateILockBytesOnHGlobal
CLSIDFromProgID
CoFreeUnusedLibraries
OleInitialize
OleUninitialize
OleFlushClipboard
OleIsCurrentClipboard
DoDragDrop
OleLockRunning
CoTaskMemFree
CoTaskMemAlloc
CoRevokeClassObject
CreateStreamOnHGlobal
OleCreateMenuDescriptor
OleDestroyMenuDescriptor
OleTranslateAccelerator
IsAccelerator
OleGetClipboard
CoLockObjectExternal
RegisterDragDrop
RevokeDragDrop
oleaut32
OleCreateFontIndirect
LoadTypeLi
VarBstrFromDate
VariantCopy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetElemsize
SafeArrayGetDim
SysStringLen
SysAllocString
VariantChangeType
VariantInit
SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
SafeArrayGetUBound
SafeArrayGetLBound
SysFreeString
SysAllocStringByteLen
SafeArrayCreate
SysAllocStringLen
VariantClear
oledlg
ord8
wsock32
WSAGetLastError
shutdown
htonl
ntohl
gdiplus
GdipBitmapUnlockBits
GdipBitmapLockBits
GdipCreateBitmapFromScan0
GdipCreateBitmapFromStream
GdipGetImagePaletteSize
GdipDrawImageI
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipGetImageGraphicsContext
GdipDisposeImage
GdipCloneImage
GdiplusStartup
GdipFree
GdipAlloc
GdiplusShutdown
GdipCreateBitmapFromHBITMAP
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipDeleteGraphics
GdipGetImagePalette
imm32
ImmGetContext
ImmGetOpenStatus
ImmReleaseContext
winmm
PlaySoundA
bcrypt
BCryptGenRandom
Sections
.text Size: 3.9MB - Virtual size: 3.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 109KB - Virtual size: 150KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 190KB - Virtual size: 189KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
_RDATA Size: 512B - Virtual size: 500B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 350KB - Virtual size: 349KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
ReadMe.txt
-
dbghelp.dll.dll windows:10 windows x64 arch:x64
7245f2fd7aabcd38ee461b383ddd3946
Code Sign
33:00:00:00:c2:a0:09:c5:37:76:e9:f6:cd:00:00:00:00:00:c2Certificate
IssuerCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before07/09/2016, 17:58Not After07/09/2018, 17:58SubjectCN=Microsoft Time-Stamp Service,OU=AOC+OU=Thales TSS ESN:C3B0-0F6A-4111,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
33:00:00:01:79:7c:2e:57:4e:52:e1:ca:d6:00:01:00:00:01:79Certificate
IssuerCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before11/08/2017, 20:11Not After11/08/2018, 20:11SubjectCN=Microsoft Corporation,OU=MOPR,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:33:26:1a:00:00:00:00:00:31Certificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before31/08/2010, 22:19Not After31/08/2020, 22:29SubjectCN=Microsoft Code Signing PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
61:16:68:34:00:00:00:00:00:1cCertificate
IssuerCN=Microsoft Root Certificate Authority,0.9.2342.19200300.100.1.25=#13096d6963726f736f6674,0.9.2342.19200300.100.1.25=#1303636f6dNot Before03/04/2007, 12:53Not After03/04/2021, 13:03SubjectCN=Microsoft Time-Stamp PCA,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
33:00:00:01:cc:b5:5b:42:17:07:60:13:11:00:00:00:00:01:ccCertificate
IssuerCN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before12/09/2017, 18:07Not After12/09/2018, 18:07SubjectCN=Microsoft Corporation,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USExtended Key Usages
ExtKeyUsageCodeSigning
61:0c:52:4c:00:00:00:00:00:03Certificate
IssuerCN=Microsoft Root Certificate Authority 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USNot Before06/07/2010, 20:40Not After06/07/2025, 20:50SubjectCN=Microsoft Code Signing PCA 2010,O=Microsoft Corporation,L=Redmond,ST=Washington,C=USKey Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
ae:a0:54:14:a2:ee:4a:a8:20:91:78:f9:d2:36:e4:7b:5e:8f:23:a6:e7:23:6a:d1:05:0d:42:e4:1d:14:4c:ecSigner
Actual PE Digestae:a0:54:14:a2:ee:4a:a8:20:91:78:f9:d2:36:e4:7b:5e:8f:23:a6:e7:23:6a:d1:05:0d:42:e4:1d:14:4c:ecDigest Algorithmsha256PE Digest Matchestrue2b:ca:f2:a8:ba:c6:ed:5c:ae:4e:95:d1:67:43:f1:91:e7:00:a7:d1Signer
Actual PE Digest2b:ca:f2:a8:ba:c6:ed:5c:ae:4e:95:d1:67:43:f1:91:e7:00:a7:d1Digest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_GUARD_CF
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
dbghelp.pdb
Imports
api-ms-win-crt-string-l1-1-0
wcsncmp
wcsnlen
strcspn
strncmp
strcmp
memset
wcscmp
api-ms-win-crt-time-l1-1-0
_time64
_ctime64
api-ms-win-crt-locale-l1-1-0
_lock_locales
_unlock_locales
api-ms-win-crt-runtime-l1-1-0
_initterm
_initterm_e
__doserrno
api-ms-win-crt-private-l1-1-0
_o__errno
_o__execute_onexit_table
_o__filelengthi64
_o__fullpath
_o__get_osfhandle
_o__initialize_narrow_environment
_o__initialize_onexit_table
_o__invalid_parameter_noinfo
_o__invalid_parameter_noinfo_noreturn
_o__ismbblead
_o__itoa_s
_o__lseeki64
_o__ltoa
_o__mbscmp
_o__memicmp
_o__open_osfhandle
_o__purecall
_o__read
_o__register_onexit_function
_o__seh_filter_dll
_o__splitpath_s
_o__stricmp
_o__strlwr
_o__strnicmp
_o__wcsdup
_o__wcsicmp
_o__wcslwr
_o__wcsnicmp
_o__wctime64
_o__wdupenv_s
_o__wfsopen
_o__wfullpath
_o__wgetenv
_o__wmakepath_s
_o__write
_o__wsopen_s
_o__wsplitpath_s
_o__wtoi
_o_abort
_o_atoi
_o_atol
_o_bsearch
_o_calloc
_o_fclose
_o_fflush
_o_fread
_o_free
_o_frexp
_o_fseek
_o_ftell
_o_isspace
_o_iswprint
_o_iswspace
_o_iswxdigit
_o_localeconv
_o_malloc
_o_qsort
_o_setlocale
_o_strcat_s
_o_strcpy_s
_o_strncat_s
_o_strncpy_s
_o_terminate
_o_tolower
_o_towlower
_o_wcscat_s
_o_wcscpy_s
_o_wcsncat_s
_o_wcsncpy_s
_o_wcstoul
_o_wmemcpy_s
__uncaught_exception
_CxxThrowException
_o___stdio_common_vfprintf
_o___std_type_info_destroy_list
_o___std_exception_destroy
_o___std_exception_copy
_o___pctype_func
_o__crt_atexit
_o__configure_narrow_argv
_o__close
_o__chsize_s
_o___acrt_iob_func
_o____mb_cur_max_func
_o__cexit
_o___stdio_common_vswprintf_s
_o___stdio_common_vsscanf
_o____lc_locale_name_func
_o____lc_codepage_func
memmove
_o__calloc_base
_o__callnewh
wcsrchr
strstr
_o___stdio_common_vsprintf_s
wcsstr
wcschr
__C_specific_handler
__CxxFrameHandler3
_o___stdio_common_vsnwprintf_s
_o___stdio_common_vsnprintf_s
strchr
memcpy
__unDName
memcmp
strrchr
api-ms-win-core-file-l1-1-0
CreateFileA
GetFileSize
GetFileSizeEx
CreateFileW
CreateDirectoryW
ReadFile
FindNextFileW
DeleteFileW
RemoveDirectoryW
GetFileAttributesA
FindClose
SetFileTime
SetFilePointerEx
SetFilePointer
WriteFile
FindFirstFileW
CreateDirectoryA
GetFileAttributesW
GetFullPathNameW
SetFileAttributesW
GetFileType
SetEndOfFile
api-ms-win-core-errorhandling-l1-1-0
UnhandledExceptionFilter
GetLastError
SetErrorMode
SetUnhandledExceptionFilter
RaiseException
SetLastError
api-ms-win-core-synch-l1-1-0
LeaveCriticalSection
InitializeCriticalSectionEx
OpenProcess
EnterCriticalSection
DeleteCriticalSection
ReleaseSRWLockExclusive
InitializeCriticalSection
AcquireSRWLockExclusive
InitializeCriticalSectionAndSpinCount
api-ms-win-core-misc-l1-1-0
LocalFree
LocalAlloc
FormatMessageW
Sleep
api-ms-win-core-handle-l1-1-0
CloseHandle
DuplicateHandle
api-ms-win-core-processthreads-l1-1-0
TlsFree
TlsAlloc
GetCurrentThreadId
TlsGetValue
TerminateProcess
TlsSetValue
GetCurrentThread
OpenThreadToken
GetCurrentProcessId
GetCurrentProcess
api-ms-win-core-heap-l1-1-0
HeapReAlloc
GetProcessHeap
HeapFree
HeapAlloc
api-ms-win-core-sysinfo-l1-1-0
GetTickCount
GetSystemTimeAsFileTime
GetVersionExW
GetSystemInfo
GetSystemDirectoryW
GetVersionExA
GetSystemTime
SystemTimeToFileTime
api-ms-win-core-libraryloader-l1-1-0
GetProcAddress
FreeLibrary
LoadLibraryExW
GetModuleHandleW
GetModuleFileNameW
GetModuleHandleExW
GetModuleHandleA
LoadLibraryExA
api-ms-win-core-processenvironment-l1-1-0
GetEnvironmentVariableW
ExpandEnvironmentStringsW
SetEnvironmentVariableA
api-ms-win-security-base-l1-1-0
RevertToSelf
AccessCheck
ImpersonateSelf
GetFileSecurityW
api-ms-win-core-string-l1-1-0
GetStringTypeW
MultiByteToWideChar
WideCharToMultiByte
api-ms-win-core-memory-l1-1-0
VirtualProtect
VirtualFree
MapViewOfFile
CreateFileMappingW
VirtualQuery
ReadProcessMemory
VirtualAlloc
UnmapViewOfFile
MapViewOfFileEx
api-ms-win-core-debug-l1-1-0
OutputDebugStringA
IsDebuggerPresent
OutputDebugStringW
api-ms-win-core-localregistry-l1-1-0
RegCloseKey
RegQueryInfoKeyW
RegEnumKeyExW
RegOpenKeyExW
RegQueryValueExW
api-ms-win-core-rtlsupport-l1-1-0
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
api-ms-win-core-profile-l1-1-0
QueryPerformanceCounter
api-ms-win-core-util-l1-1-0
EncodePointer
DecodePointer
api-ms-win-core-localization-l1-1-0
LCMapStringW
LCMapStringEx
api-ms-win-core-interlocked-l1-1-0
InitializeSListHead
ntdll
RtlRunOnceExecuteOnce
api-ms-win-core-synch-l1-2-0
InitOnceExecuteOnce
api-ms-win-core-io-l1-1-0
DeviceIoControl
Exports
Exports
DbgHelpCreateUserDump
DbgHelpCreateUserDumpW
EnumDirTree
EnumDirTreeW
EnumerateLoadedModules
EnumerateLoadedModules64
EnumerateLoadedModulesEx
EnumerateLoadedModulesExW
EnumerateLoadedModulesW64
ExtensionApiVersion
FindDebugInfoFile
FindDebugInfoFileEx
FindDebugInfoFileExW
FindExecutableImage
FindExecutableImageEx
FindExecutableImageExW
FindFileInPath
FindFileInSearchPath
GetSymLoadError
GetTimestampForLoadedLibrary
ImageDirectoryEntryToData
ImageDirectoryEntryToDataEx
ImageNtHeader
ImageRvaToSection
ImageRvaToVa
ImagehlpApiVersion
ImagehlpApiVersionEx
MakeSureDirectoryPathExists
MiniDumpReadDumpStream
MiniDumpWriteDump
RangeMapAddPeImageSections
RangeMapCreate
RangeMapFree
RangeMapRead
RangeMapRemove
RangeMapWrite
RemoveInvalidModuleList
ReportSymbolLoadSummary
SearchTreeForFile
SearchTreeForFileW
SetCheckUserInterruptShared
SetSymLoadError
StackWalk
StackWalk64
StackWalkEx
SymAddSourceStream
SymAddSourceStreamA
SymAddSourceStreamW
SymAddSymbol
SymAddSymbolW
SymAddrIncludeInlineTrace
SymCleanup
SymCompareInlineTrace
SymDeleteSymbol
SymDeleteSymbolW
SymEnumLines
SymEnumLinesW
SymEnumProcesses
SymEnumSourceFileTokens
SymEnumSourceFiles
SymEnumSourceFilesW
SymEnumSourceLines
SymEnumSourceLinesW
SymEnumSym
SymEnumSymbols
SymEnumSymbolsEx
SymEnumSymbolsExW
SymEnumSymbolsForAddr
SymEnumSymbolsForAddrW
SymEnumSymbolsW
SymEnumTypes
SymEnumTypesByName
SymEnumTypesByNameW
SymEnumTypesW
SymEnumerateModules
SymEnumerateModules64
SymEnumerateModulesW64
SymEnumerateSymbols
SymEnumerateSymbols64
SymEnumerateSymbolsW
SymEnumerateSymbolsW64
SymFindDebugInfoFile
SymFindDebugInfoFileW
SymFindExecutableImage
SymFindExecutableImageW
SymFindFileInPath
SymFindFileInPathW
SymFreeDiaString
SymFromAddr
SymFromAddrW
SymFromIndex
SymFromIndexW
SymFromInlineContext
SymFromInlineContextW
SymFromName
SymFromNameW
SymFromToken
SymFromTokenW
SymFunctionTableAccess
SymFunctionTableAccess64
SymFunctionTableAccess64AccessRoutines
SymGetDiaSession
SymGetExtendedOption
SymGetFileLineOffsets64
SymGetHomeDirectory
SymGetHomeDirectoryW
SymGetLineFromAddr
SymGetLineFromAddr64
SymGetLineFromAddrEx
SymGetLineFromAddrW64
SymGetLineFromInlineContext
SymGetLineFromInlineContextW
SymGetLineFromName
SymGetLineFromName64
SymGetLineFromNameEx
SymGetLineFromNameW64
SymGetLineNext
SymGetLineNext64
SymGetLineNextEx
SymGetLineNextW64
SymGetLinePrev
SymGetLinePrev64
SymGetLinePrevEx
SymGetLinePrevW64
SymGetModuleBase
SymGetModuleBase64
SymGetModuleInfo
SymGetModuleInfo64
SymGetModuleInfoW
SymGetModuleInfoW64
SymGetOmapBlockBase
SymGetOmaps
SymGetOptions
SymGetScope
SymGetScopeW
SymGetSearchPath
SymGetSearchPathW
SymGetSourceFile
SymGetSourceFileChecksum
SymGetSourceFileChecksumW
SymGetSourceFileFromToken
SymGetSourceFileFromTokenW
SymGetSourceFileToken
SymGetSourceFileTokenW
SymGetSourceFileW
SymGetSourceVarFromToken
SymGetSourceVarFromTokenW
SymGetSymFromAddr
SymGetSymFromAddr64
SymGetSymFromName
SymGetSymFromName64
SymGetSymNext
SymGetSymNext64
SymGetSymPrev
SymGetSymPrev64
SymGetSymbolFile
SymGetSymbolFileW
SymGetTypeFromName
SymGetTypeFromNameW
SymGetTypeInfo
SymGetTypeInfoEx
SymGetUnwindInfo
SymInitialize
SymInitializeW
SymLoadModule
SymLoadModule64
SymLoadModuleEx
SymLoadModuleExW
SymMatchFileName
SymMatchFileNameW
SymMatchString
SymMatchStringA
SymMatchStringW
SymNext
SymNextW
SymPrev
SymPrevW
SymQueryInlineTrace
SymRefreshModuleList
SymRegisterCallback
SymRegisterCallback64
SymRegisterCallbackW64
SymRegisterFunctionEntryCallback
SymRegisterFunctionEntryCallback64
SymSearch
SymSearchW
SymSetContext
SymSetExtendedOption
SymSetHomeDirectory
SymSetHomeDirectoryW
SymSetOptions
SymSetParentWindow
SymSetScopeFromAddr
SymSetScopeFromIndex
SymSetScopeFromInlineContext
SymSetSearchPath
SymSetSearchPathW
SymSrvDeltaName
SymSrvDeltaNameW
SymSrvGetFileIndexInfo
SymSrvGetFileIndexInfoW
SymSrvGetFileIndexString
SymSrvGetFileIndexStringW
SymSrvGetFileIndexes
SymSrvGetFileIndexesW
SymSrvGetSupplement
SymSrvGetSupplementW
SymSrvIsStore
SymSrvIsStoreW
SymSrvStoreFile
SymSrvStoreFileW
SymSrvStoreSupplement
SymSrvStoreSupplementW
SymUnDName
SymUnDName64
SymUnloadModule
SymUnloadModule64
UnDecorateSymbolName
UnDecorateSymbolNameW
WinDbgExtensionDllInit
_EFN_DumpImage
block
chksym
dbghelp
dh
fptr
homedir
inlinedbg
itoldyouso
lmi
lminfo
omap
optdbgdump
optdbgdumpaddr
srcfiles
stack_force_ebp
stackdbg
sym
symsrv
vc7fpo
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 357KB - Virtual size: 357KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 27KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 83KB - Virtual size: 83KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.didat Size: 512B - Virtual size: 56B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.mrdata Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
tips.txt