SMDiagnostics.ni.pdb
SMDiagnostics.pdb
General
-
Target
New folder.zip
-
Size
7.8MB
-
MD5
711dfa3cd455ab99b39d44cc2fdc4353
-
SHA1
8d98bdb34ea5b9e6f8f318639f15ec7d1fb08117
-
SHA256
e2a945f0c26b3b58fe466d5450de42f01fac4f87aa91220a1aa92561c5777329
-
SHA512
2746d3f680b9ca0eef201126e1e35800eb619d40ccd9147f76b6085a26be07b43973b679e2be77938fd27b7acea337f472ff7717de74af459fe0ba00a998e081
-
SSDEEP
196608:Uz2oQsMTwWZl4iyB2/cn8MAk6EpmKSm98+G9:OxhMdZl52ycfJ67KJ98+G9
Score
7/10
Malware Config
Signatures
-
resource yara_rule static1/unpack001/New folder/HixerX Netflix Checker.exe themida -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource unpack001/New folder/HixerX Netflix Checker.exe unpack001/New folder/SMDiagnostics.dll
Files
-
New folder.zip.zip
-
New folder/HixerX Netflix Checker.exe.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 86KB - Virtual size: 162KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 29KB - Virtual size: 67KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 930B - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 692B - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 7KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.imports Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.themida Size: - Virtual size: 3.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
-
New folder/License.dll
-
New folder/SMDiagnostics.dll.dll windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
Sections
.data Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 92KB - Virtual size: 92KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
New folder/updater.ini
-
New folder/x64/SQLite.Interop.dll.dll windows:6 windows x64 arch:x64
a42f73521c784fa06f1d886fcbcefcba
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before01/10/2021, 00:00Not After12/12/2024, 23:59SubjectSERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before01/10/2021, 00:00Not After12/12/2024, 23:59SubjectSERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
cf:de:a6:58:6d:f1:ba:ab:46:cb:60:08:e4:1a:5f:83:16:67:26:51:0b:b5:b9:8a:c9:8b:ed:b5:c8:82:6d:c1:e7:36:aa:8a:82:fe:da:08:1c:7c:47:a3:78:cf:af:fe:92:cb:b8:fd:17:10:3d:e8:ca:87:5b:a3:f2:a6:35:30Signer
Actual PE Digestcf:de:a6:58:6d:f1:ba:ab:46:cb:60:08:e4:1a:5f:83:16:67:26:51:0b:b5:b9:8a:c9:8b:ed:b5:c8:82:6d:c1:e7:36:aa:8a:82:fe:da:08:1c:7c:47:a3:78:cf:af:fe:92:cb:b8:fd:17:10:3d:e8:ca:87:5b:a3:f2:a6:35:30Digest Algorithmsha512PE Digest Matchestrue3e:e8:ad:96:a2:e1:d0:66:85:77:ae:c2:41:dc:ef:f3:d5:76:58:fdSigner
Actual PE Digest3e:e8:ad:96:a2:e1:d0:66:85:77:ae:c2:41:dc:ef:f3:d5:76:58:fdDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
C:\dev\sqlite\dotnet-private\bin\2015\x64\ReleaseNativeOnlyStatic\SQLite.Interop.pdb
Imports
mscoree
StrongNameSignatureVerificationEx
StrongNameTokenFromAssembly
StrongNameFreeBuffer
CorBindToRuntimeEx
StrongNameErrorInfo
wintrust
WinVerifyTrust
kernel32
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
lstrlenW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetModuleFileNameW
SetEnvironmentVariableW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
ReadFile
CreateFileA
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
MapViewOfFile
WriteConsoleW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
FreeEnvironmentStringsW
GetEnvironmentStringsW
AreFileApisANSI
SetEnvironmentVariableA
RaiseException
SetStdHandle
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushViewOfFile
lstrcmpiW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
RtlUnwindEx
InterlockedFlushSList
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetACP
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
user32
wsprintfW
advapi32
CryptAcquireContextW
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey
Exports
Exports
SI00b5de0dbe05adc8
SI00f2097672333949
SI013768ea228eaf06
SI03ee1370ff2172fd
SI050169b0f137dcac
SI061f9351f6b79d40
SI066df4a47deb7b95
SI075258fe7332f5c9
SI07646c0ac405baf1
SI0a8f1a0337a9feb7
SI0b65268e19d3b81d
SI0e7c9abcb195c68c
SI0f556a49067bf550
SI0fe7fecb92f1b44b
SI12409cae6ddf2f1e
SI12a7c0808f3f99f2
SI150953dc62f0a879
SI1527d54f96ad891e
SI15d5f41c81892f13
SI19b2677a019ab7ab
SI1ae480d1861ed022
SI1bc1bc471c8cd143
SI1c7a7970970b9619
SI21d24eac30bb9014
SI23e7cf9c8e559e93
SI2409c7e1eb500ce9
SI24bb313f312e2857
SI24f5c83eaddd65e8
SI252aeb4a9d3dc2ff
SI2b074e8cf29cb472
SI2b5f6f3d24eb7ba3
SI2bc16556d60ccfcd
SI2c7820fd77bf7594
SI31a566678d8c54ab
SI327cfc7a6b1fd1fb
SI32b0162a49ae8729
SI349980d776ee39ac
SI36ddf861177da59c
SI36e67160052f7f69
SI3723ba2973e3b57b
SI3974af1f94b94613
SI3d45b939740dff51
SI3d527d6e902c8427
SI3efc17e9bbe52434
SI3f596ca698b243fc
SI3f8b1cdb4dc92eff
SI45d842f2d2322061
SI462a496f3247faf2
SI46481015c7f49c68
SI4983499b64278231
SI4987aea8bdedf163
SI4abff63f9a080046
SI4bf5a93645714882
SI4ceb9ee614df7639
SI4fb6877896ef7303
SI50a9b553ac0b2e2a
SI52058dea2268cd04
SI546abd8b90c0f48d
SI568a7d0a1f4d0ff4
SI57335d3e329eea8d
SI5887bf867911838d
SI588da80b6a264802
SI5b2b3e8bff031a75
SI5b7374ef2d63d8eb
SI5c7fb49466251e7d
SI609efcf96ea8408a
SI61a330d2e855b61b
SI633e1c91fb9a8aa1
SI64119fb980b7e962
SI6479b9cf07b87f67
SI674c3bc07fc17979
SI6901b186cfd089f2
SI690ffdcfd9cda629
SI69d8a1d378771295
SI6cfa851319f410c1
SI6d14611bb8b2c8bc
SI6e539204336d5b4b
SI6e6c544c028b2de9
SI70e4ec628dd7e188
SI7164645d0504ae24
SI72621cc08869a205
SI72b05b1ad5f34d61
SI75fe921d50a95fe0
SI768767362ea03a94
SI77ffe3fede90bfbb
SI783104ea11038afc
SI79f6c64948ab63d2
SI7a4943591207dd14
SI7b97ee05aa1e64c7
SI7c373366af3ee2f7
SI7cd7250399b1ea60
SI7da3b9691a73b4a2
SI7f41c842e0d89557
SI8162bd921f89d839
SI824276b89178ecbe
SI83d1cf4976f57337
SI863e1ae0679961f5
SI87a11c29fe1dc17b
SI88974d2e6bd51eff
SI8a3a9f59ab5f24ee
SI8d447a033d183aaf
SI8d676d5954c732bc
SI8dd2c969f2a6a31e
SI8e33e5864c547f3f
SI9196a02c851acbfb
SI919f742193b92a4b
SI943321d364f02e5d
SI94d8f51c6c1db577
SI950480ab972e108d
SI9517b76a4f0b657e
SI9662fa92cee70cf1
SI979d7afd84d6f0ca
SI989b06a5a9b937fe
SI989b754accd7cddf
SI9bf461db9bf83c22
SI9c6d7cd7b7d38055
SI9cb7692f61998485
SI9ea49276dcf9849f
SIa069da76968b7553
SIa0f9dd1158cbfb0c
SIa1d7e21a548b910c
SIa26b8e5116b7d93b
SIa2a6050a8dbd3b7a
SIa3401e98cbad673e
SIa3f7b31190ce0815
SIa618e7f1e95b5c32
SIa62692883d0c456a
SIa8e1a742a358dc07
SIa9b758d3ae2e9aea
SIab3ed5feb3c43f0c
SIada7f27769d7f95b
SIae9562605f0b7c06
SIb391996b7b633820
SIb3f045f05d2d1b0e
SIb4089165600bb7f5
SIb4e97c410be9a2cf
SIb6d52d8cb2f1045a
SIb739af05c351a5b0
SIb84ee16d149e7562
SIb94a6bc97d77e69f
SIbc9b0b73a965892b
SIbff6307869d58daf
SIc001296960f3e921
SIc0bb4eab77f5a999
SIc21d402df09e0c69
SIc26100c97b176329
SIc28b5d2d1f102994
SIc2d8715ee8c9e908
SIc38599462746964c
SIc3b0ae4f7a27b7a8
SIc5d5610a73781fac
SIc8c63d94dd03040b
SIca6f27da046939cc
SIcbf931747ce28d75
SIcc134e65c80c0c61
SIcd2334250b08e199
SIcd6b4ac0aeff7202
SId00f524badf4f5cf
SId6deafdcc0c75049
SId99ac2a61d035e11
SIdba35b6dcb77d463
SIdbbe1b52f304f379
SIdc2e4e1ccfa9a043
SIdc6920f226dceb74
SIdca7c218fe9393fb
SIde347320a2d725fa
SIdeb28053ce71d5b4
SIdfd4d81e1791b463
SIe25e8f29ef2a78eb
SIe2cb515ade8c0235
SIe57aa77c8884d3f9
SIe6405dfd7b63ead9
SIe68a75d48671c8a5
SIe7632ce587b97772
SIea4313bfab0cfe57
SIea8388f7613ed158
SIec91f505db92f298
SIecd4a7ef4a5968a1
SIeea5cda6d9846aa5
SIef12447577961bdf
SIf060fffd3e5c94b5
SIf21356bf3fa1a8ef
SIf216ef3874529d42
SIf356c1132676af25
SIf4199c70bfb81a15
SIf499bb5c421377e7
SIf71b64d343ddea8b
SIf8090240c1414098
SIf8364af380546f2d
SIf86df75514f4442f
SIf8a71e249d9c661f
SIf8b1716e85b0e192
SIf8ee6276be88ce12
SIfc350ae509dc2b53
SIfca3960780d005fa
SIfcfad09d1b0a60ec
SIfd52d1389825aac4
SIfdb97bb7d9d0d622
sqlite3_cryptoapi_init
sqlite3_fts5_init
sqlite3_fts_init
sqlite3_json_init
sqlite3_percentile_init
sqlite3_regexp_init
sqlite3_sha_init
sqlite3_totype_init
sqlite3_vtshim_init
Sections
.text Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 263KB - Virtual size: 263KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 17KB - Virtual size: 22KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 70KB - Virtual size: 70KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.gfids Size: 512B - Virtual size: 156B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
New folder/x86/SQLite.Interop.dll.dll windows:6 windows x86 arch:x86
39ace63b362beb47a2a7a8202a5c4f2d
Code Sign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before01/10/2021, 00:00Not After12/12/2024, 23:59SubjectSERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
08:ad:40:b2:60:d2:9c:4c:9f:5e:cd:a9:bd:93:ae:d9Certificate
IssuerCN=DigiCert Trusted Root G4,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before29/04/2021, 00:00Not After28/04/2036, 23:59SubjectCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
05:0c:c7:2c:cf:31:ae:9b:2e:36:41:0a:d0:ee:98:92Certificate
IssuerCN=DigiCert Trusted G4 Code Signing RSA4096 SHA384 2021 CA1,O=DigiCert\, Inc.,C=USNot Before01/10/2021, 00:00Not After12/12/2024, 23:59SubjectSERIALNUMBER=364617-96,CN=Mistachkin Systems (Joseph Mistachkin),O=Mistachkin Systems (Joseph Mistachkin),L=Beaverton,ST=Oregon,C=US,1.3.6.1.4.1.311.60.2.1.2=#13064f7265676f6e,1.3.6.1.4.1.311.60.2.1.3=#13025553,2.5.4.15=#130f427573696e65737320456e74697479Extended Key Usages
ExtKeyUsageCodeSigning
Key Usages
KeyUsageDigitalSignature
0d:42:4a:e0:be:3a:88:ff:60:40:21:ce:14:00:f0:ddCertificate
IssuerCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before01/01/2021, 00:00Not After06/01/2031, 00:00SubjectCN=DigiCert Timestamp 2021,O=DigiCert\, Inc.,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
0a:a1:25:d6:d6:32:1b:7e:41:e4:05:da:36:97:c2:15Certificate
IssuerCN=DigiCert Assured ID Root CA,OU=www.digicert.com,O=DigiCert Inc,C=USNot Before07/01/2016, 12:00Not After07/01/2031, 12:00SubjectCN=DigiCert SHA2 Assured ID Timestamping CA,OU=www.digicert.com,O=DigiCert Inc,C=USExtended Key Usages
ExtKeyUsageTimeStamping
Key Usages
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
3b:1f:3a:ac:fb:ed:36:06:88:31:ea:b4:6d:f3:a1:e3:8d:2e:7a:dc:11:66:12:9b:f9:bb:8d:7d:d5:0e:57:cc:4e:89:0a:bf:27:24:68:97:37:c9:ea:55:87:a3:86:1c:e3:da:c3:21:ee:3d:b2:c8:6c:40:c6:40:7b:27:ce:61Signer
Actual PE Digest3b:1f:3a:ac:fb:ed:36:06:88:31:ea:b4:6d:f3:a1:e3:8d:2e:7a:dc:11:66:12:9b:f9:bb:8d:7d:d5:0e:57:cc:4e:89:0a:bf:27:24:68:97:37:c9:ea:55:87:a3:86:1c:e3:da:c3:21:ee:3d:b2:c8:6c:40:c6:40:7b:27:ce:61Digest Algorithmsha512PE Digest Matchestrue18:28:ac:13:a6:25:5d:21:f8:30:42:d7:18:8e:57:cb:ff:65:3f:dfSigner
Actual PE Digest18:28:ac:13:a6:25:5d:21:f8:30:42:d7:18:8e:57:cb:ff:65:3f:dfDigest Algorithmsha1PE Digest MatchestrueHeaders
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
PDB Paths
C:\dev\sqlite\dotnet-private\bin\2015\Win32\ReleaseNativeOnlyStatic\SQLite.Interop.pdb
Imports
mscoree
StrongNameSignatureVerificationEx
StrongNameTokenFromAssembly
StrongNameFreeBuffer
CorBindToRuntimeEx
StrongNameErrorInfo
wintrust
WinVerifyTrust
kernel32
TryEnterCriticalSection
HeapCreate
HeapFree
EnterCriticalSection
GetFullPathNameW
lstrlenW
WriteFile
GetDiskFreeSpaceW
OutputDebugStringA
GetModuleFileNameW
SetEnvironmentVariableW
LockFile
LeaveCriticalSection
InitializeCriticalSection
SetFilePointer
GetFullPathNameA
GetEnvironmentVariableW
SetEndOfFile
UnlockFileEx
GetTempPathW
CreateMutexW
WaitForSingleObject
CreateFileW
GetFileAttributesW
GetCurrentThreadId
UnmapViewOfFile
HeapValidate
HeapSize
MultiByteToWideChar
Sleep
GetTempPathA
FormatMessageW
GetDiskFreeSpaceA
GetLastError
GetFileAttributesA
GetFileAttributesExW
OutputDebugStringW
ReadFile
CreateFileA
LoadLibraryA
lstrcatW
WaitForSingleObjectEx
DeleteFileA
DeleteFileW
HeapReAlloc
CloseHandle
GetSystemInfo
LoadLibraryW
HeapAlloc
HeapCompact
HeapDestroy
UnlockFile
GetProcAddress
CreateFileMappingA
LocalFree
LockFileEx
GetFileSize
DeleteCriticalSection
GetCurrentProcessId
GetProcessHeap
SystemTimeToFileTime
GetModuleHandleW
FreeLibrary
WideCharToMultiByte
GetSystemTimeAsFileTime
GetSystemTime
FormatMessageA
CreateFileMappingW
WriteConsoleW
lstrcmpiW
QueryPerformanceCounter
GetTickCount
FlushFileBuffers
SetEnvironmentVariableA
AreFileApisANSI
DecodePointer
SetStdHandle
RaiseException
GetConsoleCP
GetConsoleMode
SetFilePointerEx
FlushViewOfFile
MapViewOfFile
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
InterlockedFlushSList
RtlUnwind
SetLastError
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
CreateThread
ExitThread
FreeLibraryAndExitThread
GetModuleHandleExW
ExitProcess
GetModuleFileNameA
CompareStringW
LCMapStringW
GetACP
GetTimeZoneInformation
GetStringTypeW
GetStdHandle
GetFileType
FindClose
FindFirstFileExA
FindNextFileA
IsValidCodePage
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
user32
wsprintfW
advapi32
CryptAcquireContextW
CryptEncrypt
CryptDecrypt
CryptCreateHash
CryptDeriveKey
CryptHashData
CryptDestroyHash
CryptReleaseContext
CryptDestroyKey
Exports
Exports
SI00b5de0dbe05adc8
SI00f2097672333949
SI03ee1370ff2172fd
SI066df4a47deb7b95
SI07646c0ac405baf1
SI0a8f1a0337a9feb7
SI0e7c9abcb195c68c
SI12409cae6ddf2f1e
SI12a7c0808f3f99f2
SI150953dc62f0a879
SI1527d54f96ad891e
SI19b2677a019ab7ab
SI1ae480d1861ed022
SI1bc1bc471c8cd143
SI1c7a7970970b9619
SI21d24eac30bb9014
SI23e7cf9c8e559e93
SI2409c7e1eb500ce9
SI24bb313f312e2857
SI252aeb4a9d3dc2ff
SI2b5f6f3d24eb7ba3
SI2bc16556d60ccfcd
SI2c7820fd77bf7594
SI31a566678d8c54ab
SI327cfc7a6b1fd1fb
SI32b0162a49ae8729
SI36ddf861177da59c
SI36e67160052f7f69
SI3723ba2973e3b57b
SI3d45b939740dff51
SI3d527d6e902c8427
SI3efc17e9bbe52434
SI3f596ca698b243fc
SI3f8b1cdb4dc92eff
SI45d842f2d2322061
SI462a496f3247faf2
SI46481015c7f49c68
SI4983499b64278231
SI4987aea8bdedf163
SI4abff63f9a080046
SI4bf5a93645714882
SI4ceb9ee614df7639
SI4fb6877896ef7303
SI50a9b553ac0b2e2a
SI52058dea2268cd04
SI546abd8b90c0f48d
SI568a7d0a1f4d0ff4
SI588da80b6a264802
SI5b2b3e8bff031a75
SI5b7374ef2d63d8eb
SI5c7fb49466251e7d
SI609efcf96ea8408a
SI61a330d2e855b61b
SI633e1c91fb9a8aa1
SI674c3bc07fc17979
SI6901b186cfd089f2
SI69d8a1d378771295
SI6cfa851319f410c1
SI6d14611bb8b2c8bc
SI6e539204336d5b4b
SI70e4ec628dd7e188
SI7164645d0504ae24
SI72621cc08869a205
SI75fe921d50a95fe0
SI768767362ea03a94
SI783104ea11038afc
SI79f6c64948ab63d2
SI7f41c842e0d89557
SI8162bd921f89d839
SI824276b89178ecbe
SI83d1cf4976f57337
SI863e1ae0679961f5
SI87a11c29fe1dc17b
SI88974d2e6bd51eff
SI8a3a9f59ab5f24ee
SI8d447a033d183aaf
SI8d676d5954c732bc
SI8e33e5864c547f3f
SI9196a02c851acbfb
SI919f742193b92a4b
SI943321d364f02e5d
SI94d8f51c6c1db577
SI950480ab972e108d
SI9517b76a4f0b657e
SI9662fa92cee70cf1
SI979d7afd84d6f0ca
SI989b06a5a9b937fe
SI989b754accd7cddf
SI9c6d7cd7b7d38055
SI9cb7692f61998485
SIa069da76968b7553
SIa0f9dd1158cbfb0c
SIa26b8e5116b7d93b
SIa2a6050a8dbd3b7a
SIa3401e98cbad673e
SIa3f7b31190ce0815
SIa618e7f1e95b5c32
SIa62692883d0c456a
SIae9562605f0b7c06
SIb3f045f05d2d1b0e
SIb4089165600bb7f5
SIb4e97c410be9a2cf
SIb6d52d8cb2f1045a
SIb739af05c351a5b0
SIbc9b0b73a965892b
SIbff6307869d58daf
SIc001296960f3e921
SIc26100c97b176329
SIc28b5d2d1f102994
SIc38599462746964c
SIc3b0ae4f7a27b7a8
SIca6f27da046939cc
SIcbf931747ce28d75
SIcc134e65c80c0c61
SIcd6b4ac0aeff7202
SId6deafdcc0c75049
SId99ac2a61d035e11
SIdba35b6dcb77d463
SIdc2e4e1ccfa9a043
SIdc6920f226dceb74
SIde347320a2d725fa
SIdfd4d81e1791b463
SIe25e8f29ef2a78eb
SIe57aa77c8884d3f9
SIe6405dfd7b63ead9
SIe68a75d48671c8a5
SIe7632ce587b97772
SIea4313bfab0cfe57
SIea8388f7613ed158
SIec91f505db92f298
SIecd4a7ef4a5968a1
SIef12447577961bdf
SIf060fffd3e5c94b5
SIf21356bf3fa1a8ef
SIf216ef3874529d42
SIf356c1132676af25
SIf4199c70bfb81a15
SIf499bb5c421377e7
SIf71b64d343ddea8b
SIf8364af380546f2d
SIf86df75514f4442f
SIf8a71e249d9c661f
SIf8b1716e85b0e192
SIf8ee6276be88ce12
SIfc350ae509dc2b53
SIfca3960780d005fa
SIfd52d1389825aac4
SIfdb97bb7d9d0d622
_SI013768ea228eaf06@8
_SI050169b0f137dcac@12
_SI061f9351f6b79d40@8
_SI075258fe7332f5c9@0
_SI0b65268e19d3b81d@12
_SI0f556a49067bf550@8
_SI0fe7fecb92f1b44b@12
_SI15d5f41c81892f13@8
_SI24f5c83eaddd65e8@4
_SI2b074e8cf29cb472@16
_SI349980d776ee39ac@12
_SI3974af1f94b94613@12
_SI57335d3e329eea8d@12
_SI5887bf867911838d@12
_SI64119fb980b7e962@12
_SI6479b9cf07b87f67@8
_SI690ffdcfd9cda629@8
_SI6e6c544c028b2de9@4
_SI72b05b1ad5f34d61@12
_SI77ffe3fede90bfbb@32
_SI7a4943591207dd14@4
_SI7b97ee05aa1e64c7@12
_SI7c373366af3ee2f7@4
_SI7cd7250399b1ea60@4
_SI7da3b9691a73b4a2@12
_SI8dd2c969f2a6a31e@12
_SI9bf461db9bf83c22@8
_SI9ea49276dcf9849f@12
_SIa1d7e21a548b910c@4
_SIa8e1a742a358dc07@8
_SIa9b758d3ae2e9aea@12
_SIab3ed5feb3c43f0c@0
_SIada7f27769d7f95b@4
_SIb391996b7b633820@36
_SIb84ee16d149e7562@12
_SIb94a6bc97d77e69f@8
_SIc0bb4eab77f5a999@20
_SIc21d402df09e0c69@8
_SIc2d8715ee8c9e908@4
_SIc5d5610a73781fac@12
_SIc8c63d94dd03040b@44
_SIcd2334250b08e199@112
_SId00f524badf4f5cf@20
_SIdbbe1b52f304f379@4
_SIdca7c218fe9393fb@24
_SIdeb28053ce71d5b4@12
_SIe2cb515ade8c0235@12
_SIeea5cda6d9846aa5@12
_SIf8090240c1414098@4
_SIfcfad09d1b0a60ec@20
sqlite3_cryptoapi_init
sqlite3_fts5_init
sqlite3_fts_init
sqlite3_json_init
sqlite3_percentile_init
sqlite3_regexp_init
sqlite3_sha_init
sqlite3_totype_init
sqlite3_vtshim_init
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 162KB - Virtual size: 161KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 10KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.gfids Size: 512B - Virtual size: 168B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 34KB - Virtual size: 34KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ