brimcap-v1[.]7[.]0[.]windows-amd64[.]zip

Sharing

Copy URL

Twitter E-mail

Reason

XML syntax error on line 19: expected attribute name in element

General

Target

brimcap-v1.7.0.windows-amd64.zip
Size

76.9MB
MD5

5423e093887d154638f1e734aedb566e
SHA1

a209d0e35bd441728954956772b560af15359571
SHA256

fb1d6baf25688a6723bc731d6b21a08bedbcde5b0e54be1bd892364d1c6df853
SHA512

7bdbbed711d0bf9345da8c0337d6757fef26436c6ef1a285dd23880344379b25e66c5ccf5e409442c256da164dc5976174760ba519fec12f7806165658231c06
SSDEEP

1572864:TtAU3zZAnXoTJu5gNI4CMChrxTuE34aaKHAjQHF6W3zcupDzeCHYZSblj:TiU3zGX9anUTn4yF6upJyElj

Score

3^/10

pyinstaller

Malware Config

Signatures

Detects Pyinstaller 1 IoCs

pyinstaller

resource	yara_rule
static1/unpack001/brimcap/suricata/bin/suricata-update.exe	pyinstaller

Unsigned PE 19 IoCs

Checks for missing Authenticode signature.

resource
unpack001/brimcap/brimcap.exe
unpack001/brimcap/suricata/bin/suricata-update.exe
unpack001/brimcap/suricata/bin/suricata.exe
unpack001/brimcap/suricata/dlls/freebl3.dll
unpack001/brimcap/suricata/dlls/libnspr4.dll
unpack001/brimcap/suricata/dlls/libplc4.dll
unpack001/brimcap/suricata/dlls/libplds4.dll
unpack001/brimcap/suricata/dlls/libsqlite3-0.dll
unpack001/brimcap/suricata/dlls/libssp-0.dll
unpack001/brimcap/suricata/dlls/libwinpthread-1.dll
unpack001/brimcap/suricata/dlls/nss3.dll
unpack001/brimcap/suricata/dlls/nssutil3.dll
unpack001/brimcap/suricata/dlls/pcap.dll
unpack001/brimcap/suricata/dlls/softokn3.dll
unpack001/brimcap/suricata/dlls/zlib1.dll
unpack001/brimcap/suricata/suricatarunner.exe
unpack001/brimcap/suricata/suricataupdater.exe
unpack001/brimcap/zeek/bin/zeek.exe
unpack001/brimcap/zeek/zeekrunner.exe

Files

brimcap-v1.7.0.windows-amd64.zip
.zip
brimcap/brimcap.exe
.exe windows:6 windows x64 arch:x64

ea509d361799935a94335b88f534a970

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile
WriteConsoleW
WerSetFlags
WerGetFlags
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetThreadPriority
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
RaiseFailFastException
PostQueuedCompletionStatus
LoadLibraryW
LoadLibraryExW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetErrorMode
GetEnvironmentStringsW
GetCurrentThreadId
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateWaitableTimerA
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 19.8MB - Virtual size: 19.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20.0MB - Virtual size: 20.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.1MB - Virtual size: 6.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 494KB - Virtual size: 493KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 180B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 346KB - Virtual size: 345KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 512B - Virtual size: 4B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/bin/suricata-update.exe
.exe windows:5 windows x64 arch:x64

2cdcfb3a828433ba76b5b41f45519bd9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

GetCommandLineW
GetEnvironmentVariableW
SetEnvironmentVariableW
ExpandEnvironmentStringsW
CreateDirectoryW
GetTempPathW
WaitForSingleObject
Sleep
GetExitCodeProcess
CreateProcessW
FreeLibrary
LoadLibraryExW
CloseHandle
GetCurrentProcess
LoadLibraryA
LocalFree
FormatMessageW
MultiByteToWideChar
WideCharToMultiByte
SetEndOfFile
GetProcAddress
GetModuleFileNameW
SetDllDirectoryW
GetStartupInfoW
GetLastError
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetModuleHandleW
RtlUnwindEx
SetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
RaiseException
GetCommandLineA
ReadFile
CreateFileW
GetDriveTypeW
GetFileInformationByHandle
GetFileType
PeekNamedPipe
SystemTimeToTzSpecificLocalTime
FileTimeToSystemTime
GetFullPathNameW
RemoveDirectoryW
FindClose
FindFirstFileExW
FindNextFileW
SetStdHandle
SetConsoleCtrlHandler
DeleteFileW
GetStdHandle
WriteFile
ExitProcess
GetModuleHandleExW
HeapFree
GetConsoleMode
ReadConsoleW
SetFilePointerEx
GetConsoleOutputCP
GetFileSizeEx
HeapAlloc
CompareStringW
LCMapStringW
GetCurrentDirectoryW
FlushFileBuffers
GetFileAttributesExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetStringTypeW
GetProcessHeap
GetTimeZoneInformation
HeapSize
HeapReAlloc
WriteConsoleW

advapi32

ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
ConvertStringSecurityDescriptorToSecurityDescriptorW

Sections

.text
Size: 141KB - Virtual size: 141KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
suricata-update.pyc
brimcap/suricata/bin/suricata.exe
.exe windows:4 windows x64 arch:x64

07edde336fd52fbeee0f45e977449c35

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

advapi32

ChangeServiceConfigA
CloseServiceHandle
CreateServiceA
CryptAcquireContextA
CryptGenRandom
CryptReleaseContext
DeleteService
OpenProcessToken
OpenSCManagerA
OpenServiceA
QueryServiceStatus
RegisterServiceCtrlHandlerExA
SetServiceStatus
StartServiceCtrlDispatcherA

bcrypt

BCryptCloseAlgorithmProvider
BCryptGenRandom
BCryptOpenAlgorithmProvider

iphlpapi

GetAdaptersAddresses

kernel32

AcquireSRWLockExclusive
AcquireSRWLockShared
AddVectoredExceptionHandler
CancelIo
CloseHandle
CompareStringOrdinal
CopyFileExW
CreateDirectoryW
CreateEventW
CreateFileA
CreateFileMappingA
CreateFileW
CreateHardLinkW
CreateMutexA
CreateNamedPipeW
CreateProcessW
CreateSymbolicLinkW
CreateThread
CreateToolhelp32Snapshot
DeleteCriticalSection
DeleteFileW
DeviceIoControl
DuplicateHandle
EnterCriticalSection
ExitProcess
FileTimeToSystemTime
FindClose
FindFirstFileW
FindNextFileW
FlushFileBuffers
FormatMessageA
FormatMessageW
FreeEnvironmentStringsW
GetCommandLineW
GetConsoleMode
GetCurrentDirectoryW
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableW
GetExitCodeProcess
GetFileAttributesA
GetFileAttributesW
GetFileInformationByHandle
GetFileInformationByHandleEx
GetFileType
GetFinalPathNameByHandleW
GetFullPathNameW
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetProcessHeap
GetProcessId
GetStdHandle
GetSystemDirectoryW
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetTempPathA
GetTempPathW
GetTimeZoneInformation
GetWindowsDirectoryW
HeapAlloc
HeapFree
HeapReAlloc
InitOnceBeginInitialize
InitOnceComplete
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MapViewOfFile
Module32FirstW
Module32NextW
MoveFileExW
MultiByteToWideChar
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReadConsoleW
ReadFile
ReadFileEx
ReleaseMutex
ReleaseSRWLockExclusive
ReleaseSRWLockShared
RemoveDirectoryW
RtlCaptureContext
RtlLookupFunctionEntry
RtlUnwindEx
RtlVirtualUnwind
SetCurrentDirectoryA
SetCurrentDirectoryW
SetEnvironmentVariableW
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
SetHandleInformation
SetLastError
SetThreadAffinityMask
SetThreadPriority
SetThreadStackGuarantee
SetUnhandledExceptionFilter
Sleep
SleepConditionVariableSRW
SleepEx
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryAcquireSRWLockExclusive
TzSpecificLocalTimeToSystemTime
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WaitForSingleObjectEx
WakeAllConditionVariable
WakeConditionVariable
WideCharToMultiByte
WriteConsoleW
WriteFileEx

msvcrt

__C_specific_handler
___lc_codepage_func
___mb_cur_max_func
__argv
__getmainargs
__initenv
__iob_func
__lconv_init
__set_app_type
__setusermatherr
_access
_amsg_exit
_assert
_atoi64
_cexit
_chmod
_commode
_close
_difftime64
_errno
_fileno
_findclose
_findfirst64
_findnext64
_fmode
_fullpath
_get_osfhandle
_getcwd
_getpid
_gmtime64
_initterm
_isctype
_localtime64
_lock
_mkdir
_onexit
_open
_putenv
_snprintf
_sopen
_stat64
_strdup
_stricmp
_strnicmp
_strtoi64
_strtoi64
_strtoui64
_strtoui64
_time64
_tzname
_ui64tow
_tzset
_umask
_unlink
_unlock
_utime
_vsnprintf
_vsnwprintf
_write
abort
atoi
atol
calloc
clearerr
exit
fclose
feof
ferror
fflush
fgets
fgetwc
fopen
fprintf
fputc
fread
free
fseek
ftell
fwrite
getc
getenv
isalnum
isalpha
islower
isprint
isspace
isupper
isxdigit
localeconv
malloc
mbstowcs
memchr
memcmp
memcpy
memmove
memset
qsort
rand
realloc
remove
rename
setlocale
signal
strchr
strcmp
strcpy
strerror
strftime
strlen
strncmp
strncpy
strpbrk
strrchr
strstr
strtol
strtoul
tolower
toupper
ungetc
vfprintf
wcslen
wcstombs

libnspr4

PR_Cleanup
PR_Init

nss3

HASH_Begin
HASH_Create
HASH_Destroy
HASH_End
HASH_HashBuf
HASH_Update
NSS_IsInitialized
NSS_NoDB_Init
NSS_Shutdown

ole32

CoCreateInstance
CoInitializeEx
CoInitializeSecurity

oleaut32

SysAllocString
SysFreeString
VariantClear
VariantInit

pcap

pcap_activate
pcap_breakloop
pcap_close
pcap_compile
pcap_create
pcap_datalink
pcap_dispatch
pcap_dump
pcap_dump_close
pcap_dump_flush
pcap_dump_hopen
pcap_dump_open
pcap_findalldevs
pcap_freealldevs
pcap_freecode
pcap_geterr
pcap_next_ex
pcap_open_dead
pcap_open_offline
pcap_set_buffer_size
pcap_set_promisc
pcap_set_snaplen
pcap_set_timeout
pcap_setfilter
pcap_stats

libwinpthread-1

pthread_attr_init
pthread_attr_setdetachstate
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_wait
pthread_create
pthread_equal
pthread_exit
pthread_getspecific
pthread_join
pthread_key_create
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_once
pthread_self
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
sched_yield

userenv

GetUserProfileDirectoryW

ws2_32

WSACleanup
WSADuplicateSocketW
WSAGetLastError
WSARecv
WSASend
WSASocketW
WSAStartup
accept
bind
closesocket
connect
freeaddrinfo
getaddrinfo
getpeername
getprotobyname
getsockname
getsockopt
htonl
htons
inet_ntop
inet_pton
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown

zlib1

crc32
inflate
inflateEnd
inflateInit2_
inflateInit_

Sections

.text
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 728KB - Virtual size: 727KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 175KB - Virtual size: 174KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 111KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 120B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/35
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/47
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/61
Size: 799KB - Virtual size: 798KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/73
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/86
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 2.6MB - Virtual size: 2.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/108
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 1008KB - Virtual size: 1007KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/138
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/154
Size: 178KB - Virtual size: 178KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/170
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/bin/suricatactl
brimcap/suricata/bin/suricatasc
.sh linux
brimcap/suricata/brim-conf-run.yaml
brimcap/suricata/brim-conf.yaml
brimcap/suricata/dlls/freebl3.dll
.dll windows:4 windows x64 arch:x64

8932c5109e6d950cf558d974b9a5f511

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

nssutil3

NSS_SecureMemcmp
NSS_SecureMemcmpZero
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_SetError_Util
PORT_ZAllocAlignedOffset_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_FreeItem_Util
SECITEM_ItemsAreEqual_Util
SECITEM_ZfreeItem_Util
SECOID_FindOIDTag_Util

advapi32

SystemFunction036

kernel32

DeleteCriticalSection
EnterCriticalSection
GetComputerNameA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetLastError
GetLogicalDrives
GetTickCount
GetVolumeInformationA
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
QueryPerformanceCounter
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_strdup
_time64
_unlock
abort
calloc
free
fwrite
islower
isupper
malloc
memcmp
memcpy
memset
rand
realloc
strcmp
strlen
strncmp
tolower
toupper
vfprintf

libnspr4

PR_CallOnce
PR_Close
PR_DestroyCondVar
PR_DestroyLock
PR_Free
PR_GetEnvSecure
PR_GetLibraryFilePathname
PR_Lock
PR_NewCondVar
PR_NewLock
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Open
PR_Read
PR_Seek
PR_Unlock
PR_WaitCondVar

Exports

Exports

AESKeyWrap_AllocateContext
AESKeyWrap_CreateContext
AESKeyWrap_Decrypt
AESKeyWrap_DecryptKWP
AESKeyWrap_DestroyContext
AESKeyWrap_Encrypt
AESKeyWrap_EncryptKWP
AESKeyWrap_InitContext
AESKeyWrap_W
AESKeyWrap_Winv
AES_AEAD
AES_AllocateContext
AES_CreateContext
AES_Decrypt
AES_DestroyContext
AES_Encrypt
AES_InitContext
BLAKE2B_Begin
BLAKE2B_Clone
BLAKE2B_DestroyContext
BLAKE2B_End
BLAKE2B_Flatten
BLAKE2B_FlattenSize
BLAKE2B_Hash
BLAKE2B_HashBuf
BLAKE2B_MAC_Begin
BLAKE2B_MAC_HashBuf
BLAKE2B_NewContext
BLAKE2B_Resurrect
BLAKE2B_Update
BLAPI_SHVerify
BLAPI_SHVerifyFile
BLAPI_VerifySelf
BL_Cleanup
BL_FIPSEntryOK
BL_Init
BL_POSTRan
BL_SetForkState
CMAC_Begin
CMAC_Create
CMAC_Destroy
CMAC_Finish
CMAC_Init
CMAC_Update
CTR_CreateContext
CTR_DestroyContext
CTR_InitContext
CTR_Update
CTS_CreateContext
CTS_DecryptUpdate
CTS_DestroyContext
CTS_EncryptUpdate
Camellia_AllocateContext
Camellia_CreateContext
Camellia_Decrypt
Camellia_DestroyContext
Camellia_Encrypt
Camellia_InitContext
ChaCha20Poly1305_CreateContext
ChaCha20Poly1305_Decrypt
ChaCha20Poly1305_DestroyContext
ChaCha20Poly1305_Encrypt
ChaCha20Poly1305_InitContext
ChaCha20Poly1305_Open
ChaCha20Poly1305_Seal
ChaCha20Xor
ChaCha20_CreateContext
ChaCha20_DestroyContext
ChaCha20_InitContext
ChaCha20_Xor
CheckX86CPUSupport
DES_AllocateContext
DES_CreateContext
DES_Decrypt
DES_DestroyContext
DES_Do1Block
DES_Encrypt
DES_InitContext
DES_MakeSchedule
DH_Derive
DH_GenParam
DH_NewKey
DSA_NewKey
DSA_NewKeyFromSeed
DSA_NewRandom
DSA_SignDigest
DSA_SignDigestWithSeed
DSA_VerifyDigest
ECDH_Derive
ECDSA_SignDigest
ECDSA_SignDigestWithSeed
ECDSA_VerifyDigest
ECGroup_consGFp
ECGroup_consGFp_mont
ECGroup_free
ECGroup_fromName
ECGroup_new
ECPoint_mul
ECPoint_validate
ECPoints_mul
EC_CopyParams
EC_DecodeParams
EC_FillParams
EC_GetPointSize
EC_NewKey
EC_NewKeyFromSeed
EC_ValidatePublicKey
FIPS186Change_GenerateX
FIPS186Change_ReduceModQForDSA
FREEBL_Deprecated
FREEBL_GetVector
GCM_CreateContext
GCM_DecryptAEAD
GCM_DecryptUpdate
GCM_DestroyContext
GCM_EncryptAEAD
GCM_EncryptUpdate
GFMethod_consGFp
GFMethod_consGFp_mont
GFMethod_free
GFMethod_new
HASH_GetRawHashObject
HMAC_Begin
HMAC_Clone
HMAC_ConstantTime
HMAC_Create
HMAC_Destroy
HMAC_Finish
HMAC_Init
HMAC_ReInit
HMAC_Update
Hacl_Chacha20Poly1305_128_aead_decrypt
Hacl_Chacha20Poly1305_128_aead_encrypt
Hacl_Chacha20Poly1305_256_aead_decrypt
Hacl_Chacha20Poly1305_256_aead_encrypt
Hacl_Chacha20Poly1305_32_aead_decrypt
Hacl_Chacha20Poly1305_32_aead_encrypt
Hacl_Chacha20_Vec128_chacha20_decrypt_128
Hacl_Chacha20_Vec128_chacha20_encrypt_128
Hacl_Chacha20_Vec256_chacha20_decrypt_256
Hacl_Chacha20_Vec256_chacha20_encrypt_256
Hacl_Chacha20_chacha20_decrypt
Hacl_Chacha20_chacha20_encrypt
Hacl_Curve25519_51_ecdh
Hacl_Curve25519_51_scalarmult
Hacl_Curve25519_51_secret_to_public
Hacl_Impl_Chacha20_Vec_chacha20_constants
Hacl_Impl_Poly1305_Field32xN_128_fmul_r2_normalize
Hacl_Impl_Poly1305_Field32xN_128_load_acc2
Hacl_Impl_Poly1305_Field32xN_256_fmul_r4_normalize
Hacl_Impl_Poly1305_Field32xN_256_load_acc4
Hacl_Poly1305_128_blocklen
Hacl_Poly1305_128_poly1305_finish
Hacl_Poly1305_128_poly1305_init
Hacl_Poly1305_128_poly1305_mac
Hacl_Poly1305_128_poly1305_update
Hacl_Poly1305_128_poly1305_update1
Hacl_Poly1305_256_blocklen
Hacl_Poly1305_256_poly1305_finish
Hacl_Poly1305_256_poly1305_init
Hacl_Poly1305_256_poly1305_mac
Hacl_Poly1305_256_poly1305_update
Hacl_Poly1305_256_poly1305_update1
Hacl_Poly1305_32_blocklen
Hacl_Poly1305_32_poly1305_finish
Hacl_Poly1305_32_poly1305_init
Hacl_Poly1305_32_poly1305_mac
Hacl_Poly1305_32_poly1305_update
Hacl_Poly1305_32_poly1305_update1
JPAKE_Final
JPAKE_Round2
JPAKE_Sign
JPAKE_Verify
KEA_Derive
KEA_PrimeCheck
KEA_Verify
MD2_Begin
MD2_Clone
MD2_DestroyContext
MD2_End
MD2_Flatten
MD2_FlattenSize
MD2_Hash
MD2_NewContext
MD2_Resurrect
MD2_Update
MD5_Begin
MD5_Clone
MD5_DestroyContext
MD5_End
MD5_EndRaw
MD5_Flatten
MD5_FlattenSize
MD5_Hash
MD5_HashBuf
MD5_NewContext
MD5_Resurrect
MD5_TraceState
MD5_Update
PQG_Check
PQG_DestroyParams
PQG_DestroyVerify
PQG_GetHashType
PQG_GetLength
PQG_ParamGen
PQG_ParamGenSeedLen
PQG_ParamGenV2
PQG_VerifyParams
PRNGTEST_Generate
PRNGTEST_Instantiate
PRNGTEST_Instantiate_Kat
PRNGTEST_Reseed
PRNGTEST_RunHealthTests
PRNGTEST_Uninstantiate
RC2_AllocateContext
RC2_CreateContext
RC2_Decrypt
RC2_DestroyContext
RC2_Encrypt
RC2_InitContext
RC4_AllocateContext
RC4_CreateContext
RC4_Decrypt
RC4_DestroyContext
RC4_Encrypt
RC4_InitContext
RC5_CreateContext
RC5_Decrypt
RC5_DestroyContext
RC5_Encrypt
RNG_GenerateGlobalRandomBytes
RNG_GetNoise
RNG_RNGInit
RNG_RNGShutdown
RNG_RandomUpdate
RNG_SystemInfoForRNG
RNG_SystemRNG
RSA_CheckSign
RSA_CheckSignPSS
RSA_CheckSignRaw
RSA_CheckSignRecover
RSA_CheckSignRecoverRaw
RSA_Cleanup
RSA_DecryptBlock
RSA_DecryptOAEP
RSA_DecryptRaw
RSA_EncryptBlock
RSA_EncryptOAEP
RSA_EncryptRaw
RSA_Init
RSA_NewKey
RSA_PopulatePrivateKey
RSA_PrivateKeyCheck
RSA_PrivateKeyOp
RSA_PrivateKeyOpDoubleChecked
RSA_PublicKeyOp
RSA_Sign
RSA_SignPSS
RSA_SignRaw
SECRawHashObjects
SEED_AllocateContext
SEED_CreateContext
SEED_Decrypt
SEED_DestroyContext
SEED_Encrypt
SEED_InitContext
SEED_cbc_encrypt
SEED_decrypt
SEED_ecb_encrypt
SEED_encrypt
SEED_set_key
SHA1_Begin
SHA1_Clone
SHA1_Compress_Native
SHA1_DestroyContext
SHA1_End
SHA1_EndRaw
SHA1_Flatten
SHA1_FlattenSize
SHA1_Hash
SHA1_HashBuf
SHA1_NewContext
SHA1_Resurrect
SHA1_TraceState
SHA1_Update
SHA1_Update_Native
SHA224_Begin
SHA224_Clone
SHA224_DestroyContext
SHA224_End
SHA224_EndRaw
SHA224_Flatten
SHA224_FlattenSize
SHA224_Hash
SHA224_HashBuf
SHA224_NewContext
SHA224_Resurrect
SHA224_TraceState
SHA224_Update
SHA256_Begin
SHA256_Clone
SHA256_Compress_Native
SHA256_DestroyContext
SHA256_End
SHA256_EndRaw
SHA256_Flatten
SHA256_FlattenSize
SHA256_Hash
SHA256_HashBuf
SHA256_NewContext
SHA256_Resurrect
SHA256_TraceState
SHA256_Update
SHA256_Update_Native
SHA384_Begin
SHA384_Clone
SHA384_DestroyContext
SHA384_End
SHA384_EndRaw
SHA384_Flatten
SHA384_FlattenSize
SHA384_Hash
SHA384_HashBuf
SHA384_NewContext
SHA384_Resurrect
SHA384_TraceState
SHA384_Update
SHA512_Begin
SHA512_Clone
SHA512_DestroyContext
SHA512_End
SHA512_EndRaw
SHA512_Flatten
SHA512_FlattenSize
SHA512_Hash
SHA512_HashBuf
SHA512_NewContext
SHA512_Resurrect
SHA512_TraceState
SHA512_Update
SSLv3_MAC_ConstantTime
TLS_PRF
TLS_P_hash
__nss_freebl_version
aesni_support
arm_aes_support
arm_neon_support
arm_pmull_support
arm_sha1_support
arm_sha2_support
avx2_support
avx_support
bl_parentForkedAfterC_Initialize
blake2b_Compress
blake2b_HashBuf
blake2b_IncrementCounter
bmul32
camellia_decrypt128
camellia_decrypt256
camellia_decryptCBC
camellia_decryptECB
camellia_encrypt128
camellia_encrypt256
camellia_encryptCBC
camellia_encryptECB
camellia_key_expansion
camellia_setup128
camellia_setup192
camellia_setup256
clmul_support
construct_ecgroup
ec_Curve25519_mul
ec_Curve25519_pt_mul
ec_Curve25519_pt_validate
ec_GF2m_add
ec_GF2m_div
ec_GF2m_mod
ec_GF2m_mul
ec_GF2m_neg
ec_GF2m_sqr
ec_GFp_add
ec_GFp_add_3
ec_GFp_add_4
ec_GFp_add_5
ec_GFp_add_6
ec_GFp_dec_mont
ec_GFp_div
ec_GFp_div_mont
ec_GFp_enc_mont
ec_GFp_extra_free_mont
ec_GFp_mod
ec_GFp_mul
ec_GFp_mul_mont
ec_GFp_neg
ec_GFp_pt_add_aff
ec_GFp_pt_add_jac_aff
ec_GFp_pt_aff2jac
ec_GFp_pt_dbl_aff
ec_GFp_pt_dbl_jac
ec_GFp_pt_is_inf_aff
ec_GFp_pt_is_inf_jac
ec_GFp_pt_jac2aff
ec_GFp_pt_mul_jm_wNAF
ec_GFp_pt_set_inf_aff
ec_GFp_pt_set_inf_jac
ec_GFp_pt_sub_aff
ec_GFp_pts_mul_jac
ec_GFp_sqr
ec_GFp_sqr_mont
ec_GFp_sub
ec_GFp_sub_3
ec_GFp_sub_4
ec_GFp_sub_5
ec_GFp_sub_6
ec_GFp_validate_point
ec_GetNamedCurveParams
ec_NewKey
ec_compute_wNAF
ec_group_set_gfp256
ec_group_set_gfp256_32
ec_group_set_gfp384
ec_group_set_gfp521
ec_group_set_secp384r1
ec_group_set_secp521r1
ec_point_at_infinity
ec_points_mul
ec_pts_mul_basic
ec_pts_mul_simul_w2
ec_twoTo
ecgroup_fromName
freebl_cpuid
freebl_fips_TLS_PowerUpSelfTest
gcmHash_Final
gcmHash_InitContext
gcmHash_Reset
gcmHash_Update
gcm_GenerateIV
gcm_HashInit_hw
gcm_HashMult_hw
gcm_HashMult_sftw32
gcm_HashWrite_hw
gcm_HashZeroX_hw
gcm_InitCounter
gcm_InitIVContext
generate_prime
get64
mp_2expt
mp_abs
mp_add
mp_add_d
mp_addmod
mp_badd
mp_barr2poly
mp_bdivmod
mp_bmod
mp_bmul
mp_bmulmod
mp_bpoly2arr
mp_bsqrmod
mp_clear
mp_cmp
mp_cmp_d
mp_cmp_mag
mp_cmp_z
mp_copy
mp_cswap
mp_div
mp_div_2
mp_div_2d
mp_div_d
mp_exch
mp_expt
mp_expt_d
mp_exptmod
mp_exptmod_d
mp_exptmod_i
mp_exptmod_safe_i
mp_gcd
mp_get_prec
mp_gf2m_sqr_tb
mp_init
mp_init_copy
mp_init_size
mp_invmod
mp_invmod_xgcd
mp_iseven
mp_isodd
mp_lcm
mp_mod
mp_mod_d
mp_mul
mp_mul_2
mp_mul_d
mp_mulmod
mp_neg
mp_radix_size
mp_raw_size
mp_read_radix
mp_read_raw
mp_read_unsigned_octets

Sections

.text
Size: 458KB - Virtual size: 458KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 162KB - Virtual size: 161KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 16KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libnspr4.dll
.dll windows:4 windows x64 arch:x64

1b629d32101116b31364e1d98dd7087c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

AddAccessAllowedAce
AllocateAndInitializeSid
CopySid
FreeSid
GetLengthSid
GetTokenInformation
InitializeAcl
InitializeSecurityDescriptor
OpenProcessToken
SetSecurityDescriptorDacl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner

kernel32

CancelIo
CloseHandle
ConvertThreadToFiber
CreateDirectoryA
CreateEventA
CreateFiber
CreateFileA
CreateFileMappingA
CreateIoCompletionPort
CreatePipe
CreateProcessA
CreateSemaphoreA
DebugBreak
DeleteCriticalSection
DeleteFiber
DeleteFileA
DuplicateHandle
EnterCriticalSection
FindClose
FindFirstFileA
FindNextFileA
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetCurrentProcess
GetCurrentThread
GetDriveTypeA
GetEnvironmentStrings
GetExitCodeProcess
GetFileAttributesExA
GetFileInformationByHandle
GetHandleInformation
GetLastError
GetLogicalDriveStringsA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOverlappedResult
GetProcAddress
GetProcessAffinityMask
GetQueuedCompletionStatus
GetStdHandle
GetSystemInfo
GetSystemTime
GetTickCount
GetVersionExA
GetVolumeInformationA
GlobalMemoryStatusEx
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryExW
LockFileEx
MapViewOfFile
MoveFileA
MultiByteToWideChar
OpenFileMappingA
OpenSemaphoreA
OutputDebugStringA
PostQueuedCompletionStatus
QueryPerformanceCounter
ReadFile
ReleaseSemaphore
RemoveDirectoryA
ResetEvent
ResumeThread
SetErrorMode
SetFilePointer
SetHandleInformation
SetLastError
SetThreadAffinityMask
SetThreadPriority
Sleep
SuspendThread
SwitchToFiber
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
TryEnterCriticalSection
UnlockFileEx
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrlenA

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_access
_amsg_exit
_beginthreadex
_endthreadex
_environ
_errno
_exit
_initterm
_localtime64
_lock
_mbsdec
_mbsinc
_mktime64
_putenv
_stat64
_strcmpi
_stricmp
_strdup
_stricmp
_time64
_unlock
abort
atoi
calloc
exit
fclose
fflush
fopen
fputc
free
fwrite
getc
getenv
isalpha
islower
isspace
isupper
isxdigit
localeconv
malloc
memchr
memcpy
memmove
memset
qsort
realloc
setvbuf
strcat
strchr
strcmp
strcpy
strerror
strftime
strlen
strncmp
strpbrk
strrchr
strstr
strtol
strtoul
tolower
ungetc
vfprintf
wcslen

mswsock

AcceptEx
GetAcceptExSockaddrs
TransmitFile

winmm

timeGetTime

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
__WSAFDIsSet
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
gethostname
getpeername
getprotobyname
getprotobynumber
getsockname
getsockopt
htonl
htons
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
select
send
sendto
setsockopt
shutdown
socket

Exports

Exports

FlipSlashes
GetExecutionEnvironment
GetMyFiberID
IsFileLocal
IsFileLocalInit
LL_MaxInt
LL_MaxUint
LL_MinInt
LL_Zero
MS_VC_EXCEPTION
NT_HashRemoveInternal
PRP_DestroyNakedCondVar
PRP_NakedBroadcast
PRP_NakedNotify
PRP_NakedWait
PRP_NewNakedCondVar
PRP_TryLock
PR_Abort
PR_Accept
PR_AcceptRead
PR_Access
PR_AddToCounter
PR_AddWaitFileDesc
PR_AllocFileDesc
PR_Assert
PR_AssertCurrentThreadInMonitor
PR_AssertCurrentThreadOwnsLock
PR_AtomicAdd
PR_AtomicDecrement
PR_AtomicIncrement
PR_AtomicSet
PR_AttachSharedMemory
PR_AttachThread
PR_AttachThreadGCAble
PR_Available
PR_Available64
PR_Bind
PR_BlockClockInterrupts
PR_BlockInterrupt
PR_CEnterMonitor
PR_CExitMonitor
PR_CNotify
PR_CNotifyAll
PR_CSetOnMonitorRecycle
PR_CWait
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_CancelJob
PR_CancelWaitFileDesc
PR_CancelWaitGroup
PR_CeilingLog2
PR_ChangeFileDescNativeHandle
PR_Cleanup
PR_ClearInterrupt
PR_ClearThreadGCAble
PR_Close
PR_CloseDir
PR_CloseFileMap
PR_CloseSemaphore
PR_CloseSharedMemory
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_CreateAlarm
PR_CreateCounter
PR_CreateFileMap
PR_CreateIOLayer
PR_CreateIOLayerStub
PR_CreateMWaitEnumerator
PR_CreateOrderedLock
PR_CreatePipe
PR_CreateProcess
PR_CreateProcessDetached
PR_CreateSocketPollFd
PR_CreateStack
PR_CreateThread
PR_CreateThreadGCAble
PR_CreateThreadPool
PR_CreateTrace
PR_CreateWaitGroup
PR_DecrementCounter
PR_Delete
PR_DeleteSemaphore
PR_DeleteSharedMemory
PR_DestroyAlarm
PR_DestroyCondVar
PR_DestroyCounter
PR_DestroyLock
PR_DestroyMWaitEnumerator
PR_DestroyMonitor
PR_DestroyOrderedLock
PR_DestroyPollableEvent
PR_DestroyProcessAttr
PR_DestroyRWLock
PR_DestroySem
PR_DestroySocketPollFd
PR_DestroyStack
PR_DestroyTrace
PR_DestroyWaitGroup
PR_DetachProcess
PR_DetachSharedMemory
PR_DetachThread
PR_DisableClockInterrupts
PR_DuplicateEnvironment
PR_EmulateAcceptRead
PR_EmulateSendFile
PR_EnableClockInterrupts
PR_EnterMonitor
PR_EnumerateAddrInfo
PR_EnumerateHostEnt
PR_EnumerateThreads
PR_EnumerateWaitGroup
PR_ErrorInstallCallback
PR_ErrorInstallTable
PR_ErrorLanguages
PR_ErrorToName
PR_ErrorToString
PR_ExitMonitor
PR_ExplodeTime
PR_ExportFileMapAsString
PR_FD_CLR
PR_FD_ISSET
PR_FD_NCLR
PR_FD_NISSET
PR_FD_NSET
PR_FD_SET
PR_FD_ZERO
PR_FileDesc2NativeHandle
PR_FindFunctionSymbol
PR_FindFunctionSymbolAndLibrary
PR_FindNextCounterQname
PR_FindNextCounterRname
PR_FindNextTraceQname
PR_FindNextTraceRname
PR_FindSymbol
PR_FindSymbolAndLibrary
PR_FloorLog2
PR_FormatTime
PR_FormatTimeUSEnglish
PR_Free
PR_FreeAddrInfo
PR_FreeFileDesc
PR_FreeLibraryName
PR_GMTParameters
PR_GetAddrInfoByName
PR_GetCanonNameFromAddrInfo
PR_GetConnectStatus
PR_GetCounter
PR_GetCounterHandleFromName
PR_GetCounterNameFromHandle
PR_GetCurrentThread
PR_GetDefaultIOMethods
PR_GetDescType
PR_GetDirectorySeparator
PR_GetDirectorySepartor
PR_GetEnv
PR_GetEnvSecure
PR_GetError
PR_GetErrorText
PR_GetErrorTextLength
PR_GetFileInfo
PR_GetFileInfo64
PR_GetFileMethods
PR_GetGCRegisters
PR_GetHostByAddr
PR_GetHostByName
PR_GetIPNodeByName
PR_GetIdentitiesLayer
PR_GetInheritedFD
PR_GetInheritedFileMap
PR_GetLayersIdentity
PR_GetLibraryFilePathname
PR_GetLibraryName
PR_GetLibraryPath
PR_GetMemMapAlignment
PR_GetMonitorEntryCount
PR_GetNameForIdentity
PR_GetNumberOfProcessors
PR_GetOSError
PR_GetOpenFileInfo
PR_GetOpenFileInfo64
PR_GetPageShift
PR_GetPageSize
PR_GetPathSeparator
PR_GetPeerName
PR_GetPhysicalMemorySize
PR_GetPipeMethods
PR_GetPrefLoopbackAddrInfo
PR_GetProtoByName
PR_GetProtoByNumber
PR_GetRandomNoise
PR_GetSP
PR_GetSockName
PR_GetSocketOption
PR_GetSpecialFD
PR_GetStackSpaceLeft
PR_GetSysfdTableMax
PR_GetSystemInfo
PR_GetTCPMethods
PR_GetThreadAffinityMask
PR_GetThreadID
PR_GetThreadName
PR_GetThreadPriority
PR_GetThreadPrivate
PR_GetThreadScope
PR_GetThreadState
PR_GetThreadType
PR_GetTraceEntries
PR_GetTraceHandleFromName
PR_GetTraceNameFromHandle
PR_GetTraceOption
PR_GetUDPMethods
PR_GetUniqueIdentity
PR_GetVersion
PR_ImplodeTime
PR_ImportFile
PR_ImportFileMapFromString
PR_ImportPipe
PR_ImportTCPSocket
PR_ImportUDPSocket
PR_IncrementCounter
PR_Init
PR_Initialize
PR_InitializeNetAddr
PR_Initialized
PR_Interrupt
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_IsNetAddrType
PR_JoinJob
PR_JoinThread
PR_JoinThreadPool
PR_KillProcess
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_LoadStaticLibrary
PR_LocalTimeParameters
PR_Lock
PR_LockFile
PR_LockOrderedLock
PR_LogFlush
PR_LogPrint
PR_MakeDir
PR_Malloc
PR_MemMap
PR_MemUnmap
PR_MicrosecondsToInterval
PR_MillisecondsToInterval
PR_MkDir
PR_NTFast_Accept
PR_NTFast_AcceptRead
PR_NTFast_AcceptRead_WithTimeoutCallback
PR_NTFast_UpdateAcceptContext
PR_NT_CancelIo
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewNamedMonitor
PR_NewPollableEvent
PR_NewProcessAttr
PR_NewRWLock
PR_NewSem
PR_NewTCPSocket
PR_NewTCPSocketPair
PR_NewThreadPrivateIndex
PR_NewUDPSocket
PR_NormalizeTime
PR_Notify
PR_NotifyAll
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenAnonFileMap
PR_OpenDir
PR_OpenFile
PR_OpenSemaphore
PR_OpenSharedMemory
PR_OpenTCPSocket
PR_OpenUDPSocket
PR_ParseTimeString
PR_ParseTimeStringToExplodedTime
PR_Poll
PR_PopIOLayer
PR_PostSem
PR_PostSemaphore
PR_ProcessAttrSetCurrentDirectory
PR_ProcessAttrSetInheritableFD
PR_ProcessAttrSetInheritableFileMap
PR_ProcessAttrSetStdioRedirect
PR_ProcessExit
PR_PushIOLayer
PR_QueueJob
PR_QueueJob_Accept
PR_QueueJob_Connect
PR_QueueJob_Read
PR_QueueJob_Timer
PR_QueueJob_Write
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_RecordTraceEntries
PR_Recv
PR_RecvFrom
PR_Rename
PR_ResetAlarm
PR_ResetProcessAttr
PR_ResumeAll
PR_RmDir
PR_ScanStackPointers
PR_SecondsToInterval
PR_Seek
PR_Seek64
PR_Select
PR_Send
PR_SendFile
PR_SendTo
PR_SetAlarm
PR_SetCPUAffinityMask
PR_SetConcurrency
PR_SetCounter
PR_SetCurrentThreadName
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetFDCacheSize
PR_SetFDInheritable
PR_SetLibraryPath
PR_SetLogBuffering
PR_SetLogFile
PR_SetNetAddr
PR_SetPollableEvent
PR_SetSocketOption
PR_SetStdioRedirect
PR_SetSysfdTableSize
PR_SetThreadAffinityMask
PR_SetThreadDumpProc
PR_SetThreadGCAble
PR_SetThreadPriority
PR_SetThreadPrivate
PR_SetThreadRecycleMode
PR_SetTraceOption
PR_ShowStatus
PR_Shutdown
PR_ShutdownThreadPool
PR_Sleep
PR_Socket
PR_StackPop
PR_StackPush
PR_Stat
PR_StringToNetAddr
PR_SubtractFromCounter
PR_SuspendAll
PR_Sync
PR_SyncMemMap
PR_TLockFile
PR_TestAndEnterMonitor
PR_TestAndLock
PR_ThreadScanStackPointers
PR_TicksPerSecond
PR_Trace
PR_TransmitFile
PR_USPacificTimeParameters
PR_UnblockClockInterrupts
PR_UnblockInterrupt
PR_UnloadLibrary
PR_Unlock
PR_UnlockFile
PR_UnlockOrderedLock
PR_VersionCheck
PR_Wait
PR_WaitCondVar
PR_WaitForPollableEvent
PR_WaitProcess
PR_WaitRecvReady
PR_WaitSem
PR_WaitSemaphore
PR_Write
PR_Writev
PR_Yield
PR_cnvtf
PR_dtoa
PR_fprintf
PR_htonl
PR_htonll
PR_htons
PR_ntohl
PR_ntohll
PR_ntohs
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append
PR_sscanf
PR_strtod
PR_sxprintf
PR_vfprintf
PR_vsmprintf
PR_vsnprintf
PR_vsprintf_append
PR_vsxprintf
PT_FPrintStats
SetExecutionEnvironment
_MD_AttachSharedMemory
_MD_CURRENT_THREAD
_MD_CloseFileMap
_MD_CloseSharedMemory
_MD_CreateFileMap
_MD_DeleteSharedMemory
_MD_DetachSharedMemory
_MD_GetMemMapAlignment
_MD_HomeGCRegisters
_MD_MemMap
_MD_MemUnmap
_MD_OpenSharedMemory
_MD_SyncMemMap
_MD_WindowsGetHostName
_MD_WindowsGetReleaseName
_MD_WindowsGetSysInfo
_MD_unix_readdir_error
_MD_win32_map_accept_error
_MD_win32_map_acceptex_error
_MD_win32_map_access_error
_MD_win32_map_bind_error
_MD_win32_map_close_error
_MD_win32_map_closedir_error
_MD_win32_map_connect_error
_MD_win32_map_default_error
_MD_win32_map_delete_error
_MD_win32_map_fstat_error
_MD_win32_map_fsync_error
_MD_win32_map_gethostname_error
_MD_win32_map_getpeername_error
_MD_win32_map_getsockname_error
_MD_win32_map_getsockopt_error
_MD_win32_map_listen_error
_MD_win32_map_lockf_error
_MD_win32_map_lseek_error
_MD_win32_map_mkdir_error
_MD_win32_map_open_error
_MD_win32_map_opendir_error
_MD_win32_map_read_error
_MD_win32_map_recv_error
_MD_win32_map_recvfrom_error
_MD_win32_map_rename_error
_MD_win32_map_rmdir_error
_MD_win32_map_select_error
_MD_win32_map_send_error
_MD_win32_map_sendto_error
_MD_win32_map_setsockopt_error
_MD_win32_map_shutdown_error
_MD_win32_map_socket_error
_MD_win32_map_stat_error
_MD_win32_map_transmitfile_error
_MD_win32_map_write_error
_PRI_AttachThread
_PRI_DetachThread
_PR_AddSleepQ
_PR_AddThreadToRunQ
_PR_CleanupCMon
_PR_CleanupCPUs
_PR_CleanupCallOnce
_PR_CleanupDtoa
_PR_CleanupEnv
_PR_CleanupFdCache
_PR_CleanupIO
_PR_CleanupLayerCache
_PR_CleanupMW
_PR_CleanupNet
_PR_CleanupStacks
_PR_CleanupTPD
_PR_CleanupThread
_PR_CleanupThreads
_PR_CleanupTime
_PR_ClockInterrupt
_PR_CondVarToString
_PR_CreateThread
_PR_CreateWindowsProcess
_PR_DelSleepQ
_PR_DestroySegment
_PR_DestroyThreadPrivate
_PR_DetachWindowsProcess
_PR_DumpPrintf
_PR_DumpThread
_PR_DumpThreads
_PR_FileTimeToPRTime
_PR_FreeCondVar
_PR_FreeLock
_PR_FreeStack
_PR_GetPrimordialCPU
_PR_Getfd

Sections

.text
Size: 217KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libplc4.dll
.dll windows:4 windows x64 arch:x64

096743c5f40a7f854cbe5aba0b6a1a1a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libnspr4

PR_Assert
PR_Calloc
PR_ErrorToName
PR_Free
PR_GetError
PR_GetOSError
PR_GetSpecialFD
PR_Malloc
PR_SetError
PR_fprintf

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
malloc
memcpy
realloc
strcat
strchr
strcmp
strcpy
strlen
strncmp
strpbrk
strrchr
strstr
vfprintf

Exports

Exports

PL_Base64Decode
PL_Base64Encode
PL_CreateLongOptState
PL_CreateOptState
PL_DestroyOptState
PL_FPrintError
PL_GetNextOpt
PL_PrintError
PL_strcasecmp
PL_strcaserstr
PL_strcasestr
PL_strcat
PL_strcatn
PL_strchr
PL_strcmp
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncaserstr
PL_strncasestr
PL_strncat
PL_strnchr
PL_strncmp
PL_strncpy
PL_strncpyz
PL_strndup
PL_strnlen
PL_strnpbrk
PL_strnprbrk
PL_strnrchr
PL_strnrstr
PL_strnstr
PL_strpbrk
PL_strprbrk
PL_strrchr
PL_strrstr
PL_strstr
PL_strtok_r
libVersionPoint
prVersionDescription_libplc4

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 224B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 948B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 704B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 304B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 108B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libplds4.dll
.dll windows:4 windows x64 arch:x64

fd8146261b7e92ff27c9a94e93351f4b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

libnspr4

PR_CeilingLog2
PR_Free
PR_Malloc

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
LeaveCriticalSection
Sleep
TlsGetValue
VirtualProtect
VirtualQuery

msvcrt

__iob_func
_amsg_exit
_initterm
_lock
_unlock
abort
calloc
free
fwrite
memcpy
memset
realloc
strcmp
strlen
strncmp
vfprintf

Exports

Exports

PL_ArenaAllocate
PL_ArenaFinish
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_CompactArenaPool
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableDump
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRawAdd
PL_HashTableRawLookup
PL_HashTableRawLookupConst
PL_HashTableRawRemove
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable
PL_SizeOfArenaPoolExcludingPool
libVersionPoint
prVersionDescription_libplds4

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 668B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 272B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libsqlite3-0.dll
.dll windows:4 windows x64 arch:x64

9b5934c71c7f12d289562963993bbcbc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
CloseHandle
CreateFileA
CreateFileMappingA
CreateFileMappingW
CreateFileW
CreateMutexW
DeleteCriticalSection
DeleteFileA
DeleteFileW
EnterCriticalSection
FlushFileBuffers
FlushViewOfFile
FormatMessageA
FormatMessageW
FreeLibrary
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetDiskFreeSpaceW
GetFileAttributesA
GetFileAttributesExW
GetFileAttributesW
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetProcAddress
GetProcessHeap
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTempPathA
GetTempPathW
GetTickCount
GetVersionExA
GetVersionExW
HeapAlloc
HeapCompact
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
HeapValidate
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LockFile
LockFileEx
MapViewOfFile
MultiByteToWideChar
OutputDebugStringA
OutputDebugStringW
QueryPerformanceCounter
ReadFile
SetEndOfFile
SetFilePointer
Sleep
SystemTimeToFileTime
TlsGetValue
TryEnterCriticalSection
UnlockFile
UnlockFileEx
UnmapViewOfFile
VirtualProtect
VirtualQuery
WaitForSingleObject
WaitForSingleObjectEx
WideCharToMultiByte
WriteFile

msvcrt

__iob_func
__setusermatherr
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_localtime64
_lock
_msize
_unlock
abort
acos
asin
atan
calloc
cosh
free
fwrite
log10
malloc
memcmp
memcpy
memmove
memset
qsort
realloc
sinh
strcmp
strcspn
strlen
strncmp
strrchr
tan
tanh
vfprintf

Exports

Exports

sqlite3_aggregate_context
sqlite3_aggregate_count
sqlite3_auto_extension
sqlite3_autovacuum_pages
sqlite3_backup_finish
sqlite3_backup_init
sqlite3_backup_pagecount
sqlite3_backup_remaining
sqlite3_backup_step
sqlite3_bind_blob
sqlite3_bind_blob64
sqlite3_bind_double
sqlite3_bind_int
sqlite3_bind_int64
sqlite3_bind_null
sqlite3_bind_parameter_count
sqlite3_bind_parameter_index
sqlite3_bind_parameter_name
sqlite3_bind_pointer
sqlite3_bind_text
sqlite3_bind_text16
sqlite3_bind_text64
sqlite3_bind_value
sqlite3_bind_zeroblob
sqlite3_bind_zeroblob64
sqlite3_blob_bytes
sqlite3_blob_close
sqlite3_blob_open
sqlite3_blob_read
sqlite3_blob_reopen
sqlite3_blob_write
sqlite3_busy_handler
sqlite3_busy_timeout
sqlite3_cancel_auto_extension
sqlite3_changes
sqlite3_changes64
sqlite3_clear_bindings
sqlite3_close
sqlite3_close_v2
sqlite3_collation_needed
sqlite3_collation_needed16
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_bytes16
sqlite3_column_count
sqlite3_column_database_name
sqlite3_column_database_name16
sqlite3_column_decltype
sqlite3_column_decltype16
sqlite3_column_double
sqlite3_column_int
sqlite3_column_int64
sqlite3_column_name
sqlite3_column_name16
sqlite3_column_origin_name
sqlite3_column_origin_name16
sqlite3_column_table_name
sqlite3_column_table_name16
sqlite3_column_text
sqlite3_column_text16
sqlite3_column_type
sqlite3_column_value
sqlite3_commit_hook
sqlite3_compileoption_get
sqlite3_compileoption_used
sqlite3_complete
sqlite3_complete16
sqlite3_config
sqlite3_context_db_handle
sqlite3_create_collation
sqlite3_create_collation16
sqlite3_create_collation_v2
sqlite3_create_filename
sqlite3_create_function
sqlite3_create_function16
sqlite3_create_function_v2
sqlite3_create_module
sqlite3_create_module_v2
sqlite3_create_window_function
sqlite3_data_count
sqlite3_data_directory
sqlite3_database_file_object
sqlite3_db_cacheflush
sqlite3_db_config
sqlite3_db_filename
sqlite3_db_handle
sqlite3_db_mutex
sqlite3_db_name
sqlite3_db_readonly
sqlite3_db_release_memory
sqlite3_db_status
sqlite3_declare_vtab
sqlite3_deserialize
sqlite3_drop_modules
sqlite3_enable_load_extension
sqlite3_enable_shared_cache
sqlite3_errcode
sqlite3_errmsg
sqlite3_errmsg16
sqlite3_error_offset
sqlite3_errstr
sqlite3_exec
sqlite3_expanded_sql
sqlite3_expired
sqlite3_extended_errcode
sqlite3_extended_result_codes
sqlite3_file_control
sqlite3_filename_database
sqlite3_filename_journal
sqlite3_filename_wal
sqlite3_finalize
sqlite3_free
sqlite3_free_filename
sqlite3_free_table
sqlite3_get_autocommit
sqlite3_get_auxdata
sqlite3_get_table
sqlite3_global_recover
sqlite3_hard_heap_limit64
sqlite3_initialize
sqlite3_interrupt
sqlite3_is_interrupted
sqlite3_keyword_check
sqlite3_keyword_count
sqlite3_keyword_name
sqlite3_last_insert_rowid
sqlite3_libversion
sqlite3_libversion_number
sqlite3_limit
sqlite3_load_extension
sqlite3_log
sqlite3_malloc
sqlite3_malloc64
sqlite3_memory_alarm
sqlite3_memory_highwater
sqlite3_memory_used
sqlite3_mprintf
sqlite3_msize
sqlite3_mutex_alloc
sqlite3_mutex_enter
sqlite3_mutex_free
sqlite3_mutex_leave
sqlite3_mutex_try
sqlite3_next_stmt
sqlite3_open
sqlite3_open16
sqlite3_open_v2
sqlite3_os_end
sqlite3_os_init
sqlite3_overload_function
sqlite3_prepare
sqlite3_prepare16
sqlite3_prepare16_v2
sqlite3_prepare16_v3
sqlite3_prepare_v2
sqlite3_prepare_v3
sqlite3_preupdate_blobwrite
sqlite3_preupdate_count
sqlite3_preupdate_depth
sqlite3_preupdate_hook
sqlite3_preupdate_new
sqlite3_preupdate_old
sqlite3_profile
sqlite3_progress_handler
sqlite3_randomness
sqlite3_realloc
sqlite3_realloc64
sqlite3_release_memory
sqlite3_reset
sqlite3_reset_auto_extension
sqlite3_result_blob
sqlite3_result_blob64
sqlite3_result_double
sqlite3_result_error
sqlite3_result_error16
sqlite3_result_error_code
sqlite3_result_error_nomem
sqlite3_result_error_toobig
sqlite3_result_int
sqlite3_result_int64
sqlite3_result_null
sqlite3_result_pointer
sqlite3_result_subtype
sqlite3_result_text
sqlite3_result_text16
sqlite3_result_text16be
sqlite3_result_text16le
sqlite3_result_text64
sqlite3_result_value
sqlite3_result_zeroblob
sqlite3_result_zeroblob64
sqlite3_rollback_hook
sqlite3_rtree_geometry_callback
sqlite3_rtree_query_callback
sqlite3_serialize
sqlite3_set_authorizer
sqlite3_set_auxdata
sqlite3_set_last_insert_rowid
sqlite3_shutdown
sqlite3_sleep
sqlite3_snprintf
sqlite3_soft_heap_limit
sqlite3_soft_heap_limit64
sqlite3_sourceid
sqlite3_sql
sqlite3_status
sqlite3_status64
sqlite3_step
sqlite3_stmt_busy
sqlite3_stmt_isexplain
sqlite3_stmt_readonly
sqlite3_stmt_status
sqlite3_str_append
sqlite3_str_appendall
sqlite3_str_appendchar
sqlite3_str_appendf
sqlite3_str_errcode
sqlite3_str_finish
sqlite3_str_length
sqlite3_str_new
sqlite3_str_reset
sqlite3_str_value
sqlite3_str_vappendf
sqlite3_strglob
sqlite3_stricmp
sqlite3_strlike
sqlite3_strnicmp
sqlite3_system_errno
sqlite3_table_column_metadata
sqlite3_temp_directory
sqlite3_test_control
sqlite3_thread_cleanup
sqlite3_threadsafe
sqlite3_total_changes
sqlite3_total_changes64
sqlite3_trace
sqlite3_trace_v2
sqlite3_transfer_bindings
sqlite3_txn_state
sqlite3_update_hook
sqlite3_uri_boolean
sqlite3_uri_int64
sqlite3_uri_key
sqlite3_uri_parameter
sqlite3_user_data
sqlite3_value_blob
sqlite3_value_bytes
sqlite3_value_bytes16
sqlite3_value_double
sqlite3_value_dup
sqlite3_value_encoding
sqlite3_value_free
sqlite3_value_frombind
sqlite3_value_int
sqlite3_value_int64
sqlite3_value_nochange
sqlite3_value_numeric_type
sqlite3_value_pointer
sqlite3_value_subtype
sqlite3_value_text
sqlite3_value_text16
sqlite3_value_text16be
sqlite3_value_text16le
sqlite3_value_type
sqlite3_version
sqlite3_vfs_find
sqlite3_vfs_register
sqlite3_vfs_unregister
sqlite3_vmprintf
sqlite3_vsnprintf
sqlite3_vtab_collation
sqlite3_vtab_config
sqlite3_vtab_distinct
sqlite3_vtab_in
sqlite3_vtab_in_first
sqlite3_vtab_in_next
sqlite3_vtab_nochange
sqlite3_vtab_on_conflict
sqlite3_vtab_rhs_value
sqlite3_wal_autocheckpoint
sqlite3_wal_checkpoint
sqlite3_wal_checkpoint_v2
sqlite3_wal_hook
sqlite3_win32_is_nt
sqlite3_win32_mbcs_to_utf8
sqlite3_win32_mbcs_to_utf8_v2
sqlite3_win32_set_directory
sqlite3_win32_set_directory16
sqlite3_win32_set_directory8
sqlite3_win32_sleep
sqlite3_win32_unicode_to_utf8
sqlite3_win32_utf8_to_mbcs
sqlite3_win32_utf8_to_mbcs_v2
sqlite3_win32_utf8_to_unicode
sqlite3_win32_write_debug
sqlite3changegroup_add
sqlite3changegroup_add_strm
sqlite3changegroup_delete
sqlite3changegroup_new
sqlite3changegroup_output
sqlite3changegroup_output_strm
sqlite3changeset_apply
sqlite3changeset_apply_strm
sqlite3changeset_apply_v2
sqlite3changeset_apply_v2_strm
sqlite3changeset_concat
sqlite3changeset_concat_strm
sqlite3changeset_conflict
sqlite3changeset_finalize
sqlite3changeset_fk_conflicts
sqlite3changeset_invert
sqlite3changeset_invert_strm
sqlite3changeset_new
sqlite3changeset_next
sqlite3changeset_old
sqlite3changeset_op
sqlite3changeset_pk
sqlite3changeset_start
sqlite3changeset_start_strm
sqlite3changeset_start_v2
sqlite3changeset_start_v2_strm
sqlite3rebaser_configure
sqlite3rebaser_create
sqlite3rebaser_delete
sqlite3rebaser_rebase
sqlite3rebaser_rebase_strm
sqlite3session_attach
sqlite3session_changeset
sqlite3session_changeset_size
sqlite3session_changeset_strm
sqlite3session_config
sqlite3session_create
sqlite3session_delete
sqlite3session_diff
sqlite3session_enable
sqlite3session_indirect
sqlite3session_isempty
sqlite3session_memory_used
sqlite3session_object_config
sqlite3session_patchset
sqlite3session_patchset_strm
sqlite3session_table_filter

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libssp-0.dll
.dll windows:4 windows x64 arch:x64

46e38788cff3098080a6d3ba34a59900

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

CryptAcquireContextA
CryptGenRandom
CryptReleaseContext

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_exit
_initterm
_lock
_open
_unlock
_write
abort
calloc
fgets
fputc
free
fwrite
gets
localeconv
malloc
memcpy
memmove
memset
realloc
strerror
strlen
strncmp
strncpy
vfprintf
wcslen

Exports

Exports

__chk_fail
__gets_chk
__memcpy_chk
__memmove_chk
__mempcpy_chk
__memset_chk
__snprintf_chk
__sprintf_chk
__stack_chk_fail
__stack_chk_fail_local
__stack_chk_guard
__stpcpy_chk
__strcat_chk
__strcpy_chk
__strncat_chk
__strncpy_chk
__vsnprintf_chk
__vsprintf_chk

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 494B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/libwinpthread-1.dll
.dll windows:4 windows x64 arch:x64

fdac11066db813aade99ccb6d516fc10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

AddVectoredExceptionHandler
CloseHandle
CreateEventA
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
FileTimeToSystemTime
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetHandleInformation
GetLastError
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessAffinityMask
GetProcessTimes
GetSystemTimeAdjustment
GetSystemTimeAsFileTime
GetThreadContext
GetThreadPriority
GetThreadTimes
GetTickCount64
InitializeCriticalSection
IsDebuggerPresent
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
OpenProcess
OutputDebugStringA
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
RemoveVectoredExceptionHandler
ResetEvent
ResumeThread
SetEvent
SetLastError
SetProcessAffinityMask
SetSystemTime
SetThreadContext
SetThreadPriority
Sleep
SuspendThread
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TryEnterCriticalSection
VirtualProtect
VirtualQuery
WaitForMultipleObjects
WaitForSingleObject

msvcrt

__C_specific_handler
__iob_func
_amsg_exit
_beginthreadex
_endthreadex
_errno
_initterm
_lock
_setjmp
_strdup
_ultoa
_unlock
_write
abort
calloc
exit
fprintf
free
fwrite
longjmp
malloc
memmove
memset
printf
realloc
signal
strlen
strncmp
vfprintf

Exports

Exports

__pth_gpointer_locked
__pthread_clock_nanosleep
_pthread_cleanup_dest
_pthread_get_state
_pthread_invoke_cancel
_pthread_key_dest
_pthread_rel_time_in_ms
_pthread_set_state
_pthread_time_in_ms
_pthread_time_in_ms_from_timespec
_pthread_tryjoin
clock_getres
clock_gettime
clock_nanosleep
clock_settime
nanosleep
pthread_attr_destroy
pthread_attr_getdetachstate
pthread_attr_getinheritsched
pthread_attr_getschedparam
pthread_attr_getschedpolicy
pthread_attr_getscope
pthread_attr_getstack
pthread_attr_getstackaddr
pthread_attr_getstacksize
pthread_attr_init
pthread_attr_setdetachstate
pthread_attr_setinheritsched
pthread_attr_setschedparam
pthread_attr_setschedpolicy
pthread_attr_setscope
pthread_attr_setstack
pthread_attr_setstackaddr
pthread_attr_setstacksize
pthread_barrier_destroy
pthread_barrier_init
pthread_barrier_wait
pthread_barrierattr_destroy
pthread_barrierattr_getpshared
pthread_barrierattr_init
pthread_barrierattr_setpshared
pthread_cancel
pthread_cond_broadcast
pthread_cond_destroy
pthread_cond_init
pthread_cond_signal
pthread_cond_timedwait
pthread_cond_timedwait_relative_np
pthread_cond_wait
pthread_condattr_destroy
pthread_condattr_getclock
pthread_condattr_getpshared
pthread_condattr_init
pthread_condattr_setclock
pthread_condattr_setpshared
pthread_create
pthread_create_wrapper
pthread_delay_np
pthread_detach
pthread_equal
pthread_exit
pthread_get_concurrency
pthread_getclean
pthread_getconcurrency
pthread_getevent
pthread_gethandle
pthread_getname_np
pthread_getschedparam
pthread_getspecific
pthread_join
pthread_key_create
pthread_key_delete
pthread_kill
pthread_mutex_destroy
pthread_mutex_init
pthread_mutex_lock
pthread_mutex_timedlock
pthread_mutex_trylock
pthread_mutex_unlock
pthread_mutexattr_destroy
pthread_mutexattr_getprioceiling
pthread_mutexattr_getprotocol
pthread_mutexattr_getpshared
pthread_mutexattr_gettype
pthread_mutexattr_init
pthread_mutexattr_setprioceiling
pthread_mutexattr_setprotocol
pthread_mutexattr_setpshared
pthread_mutexattr_settype
pthread_num_processors_np
pthread_once
pthread_rwlock_destroy
pthread_rwlock_init
pthread_rwlock_rdlock
pthread_rwlock_timedrdlock
pthread_rwlock_timedwrlock
pthread_rwlock_tryrdlock
pthread_rwlock_trywrlock
pthread_rwlock_unlock
pthread_rwlock_wrlock
pthread_rwlockattr_destroy
pthread_rwlockattr_getpshared
pthread_rwlockattr_init
pthread_rwlockattr_setpshared
pthread_self
pthread_set_concurrency
pthread_set_num_processors_np
pthread_setcancelstate
pthread_setcanceltype
pthread_setconcurrency
pthread_setname_np
pthread_setschedparam
pthread_setspecific
pthread_spin_destroy
pthread_spin_init
pthread_spin_lock
pthread_spin_trylock
pthread_spin_unlock
pthread_testcancel
pthread_timechange_handler_np
pthread_tls_init
sched_get_priority_max
sched_get_priority_min
sched_getscheduler
sched_setscheduler
sched_yield
sem_close
sem_destroy
sem_getvalue
sem_init
sem_open
sem_post
sem_post_multiple
sem_timedwait
sem_trywait
sem_unlink
sem_wait

Sections

.text
Size: 34KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 208B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 432B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 96B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/nss3.dll
.dll windows:4 windows x64 arch:x64

d04ca413b7aee303f5024cb52da08480

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

nssutil3

ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
CERT_GenTime2FormattedAscii_Util
DER_AsciiToTime_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedDayToAscii_Util
DER_GeneralizedTimeToTime_Util
DER_GetInteger_Util
DER_GetUInteger
DER_LengthLength
DER_Lengths_Util
DER_SetUInteger
DER_StoreHeader
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToUTCTime_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
NSSBase64Decoder_Create_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_Destroy_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_New_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSSUTIL_AddNSSFlagToModuleSpec
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgParseCipherFlags
NSSUTIL_ArgParseModuleSpecEx
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgReadLong
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoubleEscape
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_MkModuleSpec
NSSUTIL_MkNSSString
NSSUTIL_MkSlotString
NSS_GetAlgorithmPolicy
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_SkipTemplate
NSS_Get_SEC_T61StringTemplate
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_InitializePRErrorTable
NSS_IsPolicyLocked
NSS_LockPolicy
NSS_PutEnv_Util
NSS_SetAlgorithmPolicy
PK11URI_CreateURI
PK11URI_DestroyURI
PK11URI_FormatURI
PK11URI_GetPathAttribute
PK11URI_GetPathAttributeItem
PK11URI_ParseURI
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaZAlloc_Util
PORT_DestroyCheapArena
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_ISO88591_UTF8Conversion
PORT_InitCheapArena
PORT_LoadLibraryFromOrigin
PORT_NewArena_Util
PORT_Realloc_Util
PORT_RegExpCaseSearch
PORT_RegExpValid
PORT_SetError_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_Strdup_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_UCS4_UTF8Conversion
PORT_ZAllocAlignedOffset_Util
PORT_ZAllocAligned_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECITEM_FreeItem_Util
SECITEM_Hash
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_MakeItem
SECITEM_ZfreeItem_Util
SECOID_AddEntry_Util
SECOID_CompareAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDByTag_Util
SECOID_FindOIDTagDescription_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_KnownCertExtenOID
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeInteger_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1LengthLength_Util
SEC_QuickDERDecodeItem_Util
SEC_StringToOID
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CreateDigestInfo_Util
SGN_DecodeDigestInfo
SGN_DestroyDigestInfo_Util
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_unlock
abort
atoi
calloc
fclose
fflush
fopen
fputc
free
fwrite
isspace
isupper
isxdigit
localeconv
malloc
memcmp
memcpy
memmove
memset
qsort
realloc
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strrchr
strstr
strtol
tolower
vfprintf
wcslen

libnspr4

PR_Accept
PR_Bind
PR_CallOnce
PR_CallOnceWithArg
PR_Calloc
PR_Close
PR_CloseDir
PR_Connect
PR_ConnectContinue
PR_ConvertIPv4AddrToIPv6
PR_DestroyCondVar
PR_DestroyLock
PR_DestroyMonitor
PR_DestroyRWLock
PR_EnterMonitor
PR_EnumerateHostEnt
PR_ErrorToString
PR_ExitMonitor
PR_FindFunctionSymbol
PR_FindSymbol
PR_Free
PR_GetCurrentThread
PR_GetEnvSecure
PR_GetError
PR_GetHostByName
PR_GetOpenFileInfo
PR_GetThreadPrivate
PR_InitializeNetAddr
PR_IntervalNow
PR_IntervalToMicroseconds
PR_IntervalToMilliseconds
PR_IntervalToSeconds
PR_Listen
PR_LoadLibrary
PR_LoadLibraryWithFlags
PR_Lock
PR_LogPrint
PR_Malloc
PR_NetAddrToString
PR_NewCondVar
PR_NewLock
PR_NewLogModule
PR_NewMonitor
PR_NewRWLock
PR_NewTCPSocket
PR_NewThreadPrivateIndex
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Now
PR_Open
PR_OpenDir
PR_Poll
PR_RWLock_Rlock
PR_RWLock_Unlock
PR_RWLock_Wlock
PR_Read
PR_ReadDir
PR_Realloc
PR_Recv
PR_SecondsToInterval
PR_Send
PR_SetEnv
PR_SetError
PR_SetErrorText
PR_SetThreadPrivate
PR_Shutdown
PR_Sleep
PR_StringToNetAddr
PR_TicksPerSecond
PR_UnloadLibrary
PR_Unlock
PR_WaitCondVar
PR_Write
PR_htonl
PR_htonll
PR_htons
PR_smprintf
PR_smprintf_free
PR_snprintf
PR_sprintf_append

libplc4

PL_Base64Encode
PL_strcasecmp
PL_strcat
PL_strcatn
PL_strcpy
PL_strdup
PL_strfree
PL_strlen
PL_strncasecmp
PL_strncpyz
PL_strnstr
PL_strrstr
PL_strstr

libplds4

PL_ArenaAllocate
PL_ArenaRelease
PL_CompareStrings
PL_CompareValues
PL_FinishArenaPool
PL_HashString
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableRemove
PL_InitArenaPool
PL_NewHashTable

Exports

Exports

ATOB_AsciiToData
ATOB_ConvertAsciiToItem
AcquireDPCache
BTOA_ConvertItemToAscii
BTOA_DataToAscii
CERTAltNameTemplate
CERTAuthInfoAccessItemTemplate
CERTAuthInfoAccessTemplate
CERTAuthKeyIDTemplate
CERTCRLDistributionPointsTemplate
CERTSignedDataTemplate
CERT_AddAVA
CERT_AddCertToListHead
CERT_AddCertToListHeadWithData
CERT_AddCertToListSorted
CERT_AddCertToListTail
CERT_AddCertToListTailWithData
CERT_AddExtension
CERT_AddExtensionByOID
CERT_AddNameConstraint
CERT_AddNameConstraintByGeneralName
CERT_AddOCSPAcceptableResponses
CERT_AddOKDomainName
CERT_AddRDN
CERT_AddTempCertToPerm
CERT_AllocCERTRevocationFlags
CERT_AsciiToName
CERT_AttributeTemplate
CERT_CRLCacheRefreshIssuer
CERT_CacheCRL
CERT_CacheOCSPResponseFromSideChannel
CERT_CertChainFromCert
CERT_CertExtensionTemplate
CERT_CertKeyTemplate
CERT_CertListFromCert
CERT_CertTimesValid
CERT_CertificatePoliciesTemplate
CERT_CertificateRequestTemplate
CERT_CertificateTemplate
CERT_ChangeCertTrust
CERT_CheckCRL
CERT_CheckCertUsage
CERT_CheckCertValidTimes
CERT_CheckKeyUsage
CERT_CheckNameSpace
CERT_CheckOCSPStatus
CERT_ClearOCSPCache
CERT_CompareAVA
CERT_CompareCerts
CERT_CompareCertsForRedirection
CERT_CompareDERPrintableStrings
CERT_CompareName
CERT_CompareNameSpace
CERT_CompareRDN
CERT_CompareValidityTimes
CERT_CompleteCRLDecodeEntries
CERT_CopyAVA
CERT_CopyGeneralName
CERT_CopyName
CERT_CopyNameConstraint
CERT_CopyRDN
CERT_CopyValidity
CERT_CreateAVA
CERT_CreateAVAFromRaw
CERT_CreateAVAFromSECItem
CERT_CreateCertificate
CERT_CreateCertificateRequest
CERT_CreateEncodedOCSPErrorResponse
CERT_CreateEncodedOCSPSuccessResponse
CERT_CreateGeneralNameList
CERT_CreateName
CERT_CreateOCSPCertID
CERT_CreateOCSPRequest
CERT_CreateOCSPSingleResponseGood
CERT_CreateOCSPSingleResponseRevoked
CERT_CreateOCSPSingleResponseUnknown
CERT_CreateRDN
CERT_CreateSubjectCertList
CERT_CreateValidity
CERT_CrlTemplate
CERT_CrlTemplateEntriesOnly
CERT_CrlTemplateNoEntries
CERT_DecodeAVAValue
CERT_DecodeAltNameExtension
CERT_DecodeAuthInfoAccessExtension
CERT_DecodeAuthKeyID
CERT_DecodeBasicConstraintValue
CERT_DecodeCRLDistributionPoints
CERT_DecodeCertificatePoliciesExtension
CERT_DecodeDERCertificate
CERT_DecodeDERCrl
CERT_DecodeDERCrlWithFlags
CERT_DecodeGeneralName
CERT_DecodeInhibitAnyExtension
CERT_DecodeNameConstraintsExtension
CERT_DecodeOCSPRequest
CERT_DecodeOCSPResponse
CERT_DecodeOidSequence
CERT_DecodePolicyConstraintsExtension
CERT_DecodePolicyMappingsExtension
CERT_DecodePrivKeyUsagePeriodExtension
CERT_DecodeTrustString
CERT_DecodeUserNotice
CERT_DerNameToAscii
CERT_DestroyCERTRevocationFlags
CERT_DestroyCertArray
CERT_DestroyCertList
CERT_DestroyCertificate
CERT_DestroyCertificateList
CERT_DestroyCertificatePoliciesExtension
CERT_DestroyCertificateRequest
CERT_DestroyCrl
CERT_DestroyGeneralName
CERT_DestroyGeneralNameList
CERT_DestroyName
CERT_DestroyOCSPCertID
CERT_DestroyOCSPRequest
CERT_DestroyOCSPResponse
CERT_DestroyOidSequence
CERT_DestroyPolicyMappingsExtension
CERT_DestroyUserNotice
CERT_DestroyValidity
CERT_DisableOCSPChecking
CERT_DisableOCSPDefaultResponder
CERT_DisplayTextTypeTemplate
CERT_DistNamesFromCertList
CERT_DistNamesFromNicknames
CERT_DupCertList
CERT_DupCertificate
CERT_DupDistNames
CERT_DupGeneralNameList
CERT_EnableOCSPChecking
CERT_EnableOCSPDefaultResponder
CERT_EncodeAltNameExtension
CERT_EncodeAndAddBitStrExtension
CERT_EncodeAndAddExtension
CERT_EncodeAuthKeyID
CERT_EncodeBasicConstraintValue
CERT_EncodeCRLDistributionPoints
CERT_EncodeCertPoliciesExtension
CERT_EncodeGeneralName
CERT_EncodeIA5TypeExtension
CERT_EncodeInfoAccessExtension
CERT_EncodeInhibitAnyExtension
CERT_EncodeNameConstraintsExtension
CERT_EncodeNoticeReference
CERT_EncodeOCSPRequest
CERT_EncodePolicyConstraintsExtension
CERT_EncodePolicyMappingExtension
CERT_EncodePrivateKeyUsagePeriod
CERT_EncodeSubjectKeyID
CERT_EncodeTrustString
CERT_EncodeUserNotice
CERT_ExtractNicknameString
CERT_ExtractPublicKey
CERT_FilterCertListByCANames
CERT_FilterCertListByCertList
CERT_FilterCertListByNickname
CERT_FilterCertListByUsage
CERT_FilterCertListForUserCerts
CERT_FindAuthKeyIDExten
CERT_FindBasicConstraintExten
CERT_FindBitStringExtension
CERT_FindCRLDistributionPoints
CERT_FindCRLEntryReasonExten
CERT_FindCRLExtension
CERT_FindCRLExtensionByOID
CERT_FindCRLNumberExten
CERT_FindCertByDERCert
CERT_FindCertByIssuerAndSN
CERT_FindCertByIssuerAndSNCX
CERT_FindCertByKeyID
CERT_FindCertByName
CERT_FindCertByNameString
CERT_FindCertByNickname
CERT_FindCertByNicknameOrEmailAddr
CERT_FindCertByNicknameOrEmailAddrCX
CERT_FindCertByNicknameOrEmailAddrForUsage
CERT_FindCertByNicknameOrEmailAddrForUsageCX
CERT_FindCertBySubjectKeyID
CERT_FindCertExtension
CERT_FindCertExtensionByOID
CERT_FindCertIssuer
CERT_FindInvalidDateExten
CERT_FindKeyUsageExtension
CERT_FindMatchingCert
CERT_FindNSCertTypeExtension
CERT_FindNSStringExtension
CERT_FindNameConstraintsExten
CERT_FindSMimeProfile
CERT_FindSubjectKeyIDExtension
CERT_FindUserCertByUsage
CERT_FindUserCertsByUsage
CERT_FinishCertificateRequestAttributes
CERT_FinishExtensions
CERT_FixupEmailAddr
CERT_ForcePostMethodForOCSP
CERT_FormatName
CERT_FreeDistNames
CERT_FreeNicknames
CERT_GenTime2FormattedAscii
CERT_GeneralNamesTemplate
CERT_GetAVATag
CERT_GetCertChainFromCert
CERT_GetCertCommentString
CERT_GetCertEmailAddress
CERT_GetCertIsPerm
CERT_GetCertIsTemp
CERT_GetCertIssuerAndSN
CERT_GetCertKeyType
CERT_GetCertNicknameWithValidity
CERT_GetCertNicknames
CERT_GetCertTimes
CERT_GetCertTrust
CERT_GetCertUid
CERT_GetCertificateDer
CERT_GetCertificateEmailAddress
CERT_GetCertificateNames
CERT_GetCertificateRequestExtensions
CERT_GetClassicOCSPDisabledPolicy
CERT_GetClassicOCSPEnabledHardFailurePolicy
CERT_GetClassicOCSPEnabledSoftFailurePolicy
CERT_GetCommonName
CERT_GetConstrainedCertificateNames
CERT_GetCountryName
CERT_GetDBContentVersion
CERT_GetDefaultCertDB
CERT_GetDnQualifier
CERT_GetDomainComponentName
CERT_GetEncodedOCSPResponse
CERT_GetEncodedOCSPResponseByMethod
CERT_GetExtenCriticality
CERT_GetFirstEmailAddress
CERT_GetGeneralNameByType
CERT_GetGeneralNameTypeFromString
CERT_GetImposedNameConstraints
CERT_GetLocalityName
CERT_GetNameConstraintByType
CERT_GetNamesLength
CERT_GetNextEmailAddress
CERT_GetNextGeneralName
CERT_GetNextNameConstraint
CERT_GetOCSPAuthorityInfoAccessLocation
CERT_GetOCSPResponseStatus
CERT_GetOCSPStatusForCertID
CERT_GetOidString
CERT_GetOrgName
CERT_GetOrgUnitName
CERT_GetPKIXVerifyNistRevocationPolicy
CERT_GetPrevGeneralName
CERT_GetPrevNameConstraint
CERT_GetSSLCACerts
CERT_GetSlopTime
CERT_GetStateName
CERT_GetStatusConfig
CERT_GetSubjectNameDigest
CERT_GetSubjectPublicKeyDigest
CERT_GetUsePKIXForValidation
CERT_GetValidDNSPatternsFromCert
CERT_GovtApprovedBitSet
CERT_Hexify
CERT_ImportCAChain
CERT_ImportCAChainTrusted
CERT_ImportCRL
CERT_ImportCerts
CERT_InhibitAnyTemplate
CERT_IsCACert
CERT_IsCADERCert
CERT_IsInList
CERT_IsNewer
CERT_IsRootDERCert
CERT_IsUserCert
CERT_IssuerAndSNTemplate
CERT_IssuerNameFromDERCert
CERT_KeyFromDERCert
CERT_KeyFromDERCrl
CERT_KeyFromIssuerAndSN
CERT_KeyUsageAndTypeForCertUsage
CERT_LockCertRefCount
CERT_LockCertTempPerm
CERT_LockCertTrust
CERT_MakeCANickname
CERT_MapStanError
CERT_MatchNickname
CERT_MatchUserCert
CERT_MaybeLockCertTempPerm
CERT_MaybeUnlockCertTempPerm
CERT_MergeExtensions
CERT_NameConstraintSubtreeSubTemplate
CERT_NameFromDERCert
CERT_NameTemplate
CERT_NameToAscii
CERT_NameToAsciiInvertible
CERT_NewCertList
CERT_NewGeneralName
CERT_NewTempCertificate
CERT_NicknameStringsFromCertList
CERT_NoticeReferenceTemplate
CERT_OCSPCacheSettings
CERT_OidSeqTemplate
CERT_OpenCertDBFilename
CERT_PKIXVerifyCert
CERT_ParseURL
CERT_PolicyConstraintsTemplate
CERT_PolicyInfoTemplate
CERT_PolicyMapTemplate
CERT_PolicyMappingsTemplate
CERT_PolicyQualifierTemplate
CERT_PostOCSPRequest
CERT_PublicKeyAndChallengeTemplate
CERT_RDNTemplate
CERT_RFC1485_EscapeAndQuote
CERT_RegisterAlternateOCSPAIAInfoCallBack
CERT_RemoveCertListNode
CERT_SaveSMimeProfile
CERT_SequenceOfCertExtensionTemplate
CERT_SerialNumberFromDERCert
CERT_SetCAPolicyStringCallback
CERT_SetDefaultCertDB
CERT_SetOCSPDefaultResponder
CERT_SetOCSPFailureMode
CERT_SetOCSPTimeout
CERT_SetOfAttributeTemplate
CERT_SetOfSignedCrlTemplate
CERT_SetSlopTime
CERT_SetStatusConfig
CERT_SetUsePKIXForValidation
CERT_SignedCrlTemplate
CERT_SignedDataTemplate
CERT_SortCBValidity
CERT_StartCRLEntryExtensions
CERT_StartCRLExtensions
CERT_StartCertExtensions
CERT_StartCertificateRequestAttributes
CERT_SubjectPublicKeyInfoTemplate
CERT_TimeChoiceTemplate
CERT_TrustFlagsForCACertUsage
CERT_UncacheCRL
CERT_UnlockCertRefCount
CERT_UnlockCertTempPerm
CERT_UnlockCertTrust
CERT_UserNoticeTemplate
CERT_ValidityTemplate
CERT_VerifyCACertForUsage
CERT_VerifyCert
CERT_VerifyCertChain
CERT_VerifyCertName
CERT_VerifyCertNow
CERT_VerifyCertificate
CERT_VerifyCertificateNow
CERT_VerifyOCSPResponseSignature
CERT_VerifySignedData
CERT_VerifySignedDataWithPublicKey
CERT_VerifySignedDataWithPublicKeyInfo
CRLCache_Empty_TokenFetch_Interval
CRLCache_ExistenceCheck_Interval
CRLCache_TokenRefetch_Interval
DER_AsciiToTime
DER_DecodeTimeChoice
DER_Encode
DER_EncodeTimeChoice
DER_GeneralizedDayToAscii
DER_GeneralizedTimeToTime
DER_GetInteger
DER_Lengths
DER_TimeChoiceDayToAscii
DER_TimeToGeneralizedTime
DER_TimeToGeneralizedTimeArena
DER_TimeToUTCTime
DER_UTCDayToAscii
DER_UTCTimeToAscii
DER_UTCTimeToTime
DPCache_Lookup
DSAU_ConvertSignedToFixedUnsigned
DSAU_ConvertUnsignedToSigned
DSAU_DecodeDerSig
DSAU_DecodeDerSigToLen
DSAU_EncodeDerSig
DSAU_EncodeDerSigWithLen
DSA_SignatureTemplate
FindCertsEmailCallback
HASH_Begin
HASH_Clone
HASH_Create
HASH_Destroy
HASH_End
HASH_GetHMACOidTagByHashOidTag
HASH_GetHashObject
HASH_GetHashObjectByOidTag
HASH_GetHashOidTagByHMACOidTag
HASH_GetHashOidTagByHashType
HASH_GetHashTypeByOidTag
HASH_GetType
HASH_HashBuf
HASH_ResultLen
HASH_ResultLenByOidTag
HASH_ResultLenContext
HASH_Update
InitCRLCache
IssuerCache_Destroy
KEAPQGCompare
LDAPFilterTemplate
NSSAlgorithmAndParameters_CreateMD5Digest
NSSAlgorithmAndParameters_CreateSHA1Digest
NSSArena_Create
NSSArena_Destroy
NSSBase64Decoder_Create
NSSBase64Decoder_Destroy
NSSBase64Decoder_Update
NSSBase64Encoder_Create
NSSBase64Encoder_Destroy
NSSBase64Encoder_Update
NSSBase64_DecodeBuffer
NSSBase64_EncodeItem
NSSCertificateArray_Destroy
NSSCertificate_BuildChain
NSSCertificate_CreateCryptoContext
NSSCertificate_DeleteStoredObject
NSSCertificate_Destroy
NSSCertificate_Encode
NSSCertificate_Encrypt
NSSCertificate_FindPrivateKey
NSSCertificate_GetModule
NSSCertificate_GetPublicKey
NSSCertificate_GetSlot
NSSCertificate_GetToken
NSSCertificate_GetTrustDomain
NSSCertificate_IsPrivateKeyAvailable
NSSCertificate_Validate
NSSCertificate_ValidateAndDiscoverUsagesAndPolicies
NSSCertificate_ValidateCompletely
NSSCertificate_Verify
NSSCertificate_VerifyRecover
NSSCertificate_WrapSymmetricKey
NSSCryptoContext_BeginDecrypt
NSSCryptoContext_BeginDigest
NSSCryptoContext_BeginEncrypt
NSSCryptoContext_BeginSign
NSSCryptoContext_BeginSignRecover
NSSCryptoContext_BeginVerify
NSSCryptoContext_BeginVerifyRecover
NSSCryptoContext_Clone
NSSCryptoContext_ContinueDecrypt
NSSCryptoContext_ContinueDigest
NSSCryptoContext_ContinueEncrypt
NSSCryptoContext_ContinueSign
NSSCryptoContext_ContinueSignRecover
NSSCryptoContext_ContinueVerify
NSSCryptoContext_ContinueVerifyRecover
NSSCryptoContext_Decrypt
NSSCryptoContext_DeriveSymmetricKey
NSSCryptoContext_Destroy
NSSCryptoContext_Digest
NSSCryptoContext_Encrypt
NSSCryptoContext_FindBestCertificateByEmail
NSSCryptoContext_FindBestCertificateByNameComponents
NSSCryptoContext_FindBestCertificateByNickname
NSSCryptoContext_FindBestCertificateBySubject
NSSCryptoContext_FindBestUserCertificate
NSSCryptoContext_FindBestUserCertificateForEmailSigning
NSSCryptoContext_FindBestUserCertificateForSSLClientAuth
NSSCryptoContext_FindCertificateByEncodedCertificate
NSSCryptoContext_FindCertificateByIssuerAndSerialNumber
NSSCryptoContext_FindCertificateByOCSPHash
NSSCryptoContext_FindCertificatesByEmail
NSSCryptoContext_FindCertificatesByNameComponents
NSSCryptoContext_FindCertificatesByNickname
NSSCryptoContext_FindCertificatesBySubject
NSSCryptoContext_FindOrImportCertificate
NSSCryptoContext_FindSymmetricKeyByAlgorithmAndKeyID
NSSCryptoContext_FindUserCertificates
NSSCryptoContext_FindUserCertificatesForEmailSigning
NSSCryptoContext_FindUserCertificatesForSSLClientAuth
NSSCryptoContext_FinishDecrypt
NSSCryptoContext_FinishDigest
NSSCryptoContext_FinishEncrypt
NSSCryptoContext_FinishSign
NSSCryptoContext_FinishSignRecover
NSSCryptoContext_FinishVerify
NSSCryptoContext_FinishVerifyRecover
NSSCryptoContext_GenerateKeyPair
NSSCryptoContext_GenerateSymmetricKey
NSSCryptoContext_GenerateSymmetricKeyFromPassword
NSSCryptoContext_GetDefaultCallback
NSSCryptoContext_GetTrustDomain
NSSCryptoContext_ImportEncodedCertificate
NSSCryptoContext_ImportEncodedPKIXCertificateChain
NSSCryptoContext_ImportPKIXCertificate
NSSCryptoContext_SetDefaultCallback
NSSCryptoContext_Sign
NSSCryptoContext_SignRecover
NSSCryptoContext_UnwrapSymmetricKey
NSSCryptoContext_Verify
NSSCryptoContext_VerifyRecover
NSSCryptoContext_WrapSymmetricKey
NSSDBGC_CancelFunction
NSSDBGC_CloseAllSessions
NSSDBGC_CloseSession
NSSDBGC_CopyObject
NSSDBGC_CreateObject

Sections

.text
Size: 984KB - Virtual size: 983KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 127KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/nssutil3.dll
.dll windows:4 windows x64 arch:x64

6a52ba72f2bcf6bce1284a389d23b158

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
DeleteFileW
EnterCriticalSection
GetLastError
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MoveFileW
MultiByteToWideChar
SetEnvironmentVariableA
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_fdopen
_initterm
_lock
_unlock
_waccess
_wfopen
_wopen
_wstat64
abort
atoi
calloc
fclose
feof
fgets
fputc
fputs
free
fwrite
isalnum
isalpha
isspace
localeconv
malloc
memcmp
memcpy
memmove
memset
realloc
strcat
strchr
strcmp
strcpy
strerror
strlen
strncat
strncmp
strncpy
strrchr
strstr
tolower
toupper
vfprintf
wcslen

libnspr4

PR_CallOnce
PR_Calloc
PR_DestroyCondVar
PR_DestroyLock
PR_ErrorInstallTable
PR_ExplodeTime
PR_FormatTime
PR_Free
PR_GMTParameters
PR_GetCurrentThread
PR_GetDirectorySeparator
PR_GetEnvSecure
PR_GetError
PR_GetLibraryFilePathname
PR_ImplodeTime
PR_LoadLibraryWithFlags
PR_LocalTimeParameters
PR_Lock
PR_Malloc
PR_NewCondVar
PR_NewLock
PR_NotifyAllCondVar
PR_NotifyCondVar
PR_Realloc
PR_SetError
PR_Unlock
PR_WaitCondVar
PR_smprintf
PR_smprintf_free
PR_snprintf

libplc4

PL_strcasecmp
PL_strlen
PL_strncasecmp
PL_strpbrk

libplds4

PL_ArenaAllocate
PL_ArenaGrow
PL_ArenaRelease
PL_ClearArenaPool
PL_CompareValues
PL_FinishArenaPool
PL_FreeArenaPool
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableLookup
PL_HashTableLookupConst
PL_InitArenaPool
PL_NewHashTable

Exports

Exports

ATOB_AsciiToData_Util
ATOB_ConvertAsciiToItem_Util
BTOA_ConvertItemToAscii_Util
BTOA_DataToAscii_Util
CERT_GenTime2FormattedAscii_Util
CERT_UTCTime2FormattedAscii
DER_AsciiToTime_Util
DER_DecodeTimeChoice_Util
DER_EncodeTimeChoice_Util
DER_Encode_Util
DER_GeneralizedDayToAscii_Util
DER_GeneralizedTimeToTime_Util
DER_GetInteger_Util
DER_GetUInteger
DER_LengthLength
DER_Lengths_Util
DER_SetInteger
DER_SetUInteger
DER_StoreHeader
DER_TimeChoiceDayToAscii_Util
DER_TimeToGeneralizedTimeArena_Util
DER_TimeToGeneralizedTime_Util
DER_TimeToUTCTimeArena
DER_TimeToUTCTime_Util
DER_UTCDayToAscii_Util
DER_UTCTimeToAscii_Util
DER_UTCTimeToTime_Util
NSSBase64Decoder_Create_Util
NSSBase64Decoder_Destroy_Util
NSSBase64Decoder_Update_Util
NSSBase64Encoder_Create_Util
NSSBase64Encoder_Destroy_Util
NSSBase64Encoder_Update_Util
NSSBase64_DecodeBuffer_Util
NSSBase64_EncodeItem_Util
NSSRWLock_Destroy_Util
NSSRWLock_HaveWriteLock_Util
NSSRWLock_LockRead_Util
NSSRWLock_LockWrite_Util
NSSRWLock_New_Util
NSSRWLock_UnlockRead_Util
NSSRWLock_UnlockWrite_Util
NSSUTIL_AddNSSFlagToModuleSpec
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgFindEnd
NSSUTIL_ArgGetLabel
NSSUTIL_ArgGetPair
NSSUTIL_ArgGetParamValue
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgIsEscape
NSSUTIL_ArgIsQuote
NSSUTIL_ArgNextFlag
NSSUTIL_ArgParseCipherFlags
NSSUTIL_ArgParseModuleSpec
NSSUTIL_ArgParseModuleSpecEx
NSSUTIL_ArgParseSlotFlags
NSSUTIL_ArgParseSlotInfo
NSSUTIL_ArgReadLong
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSSUTIL_DoubleEscape
NSSUTIL_DoubleEscapeSize
NSSUTIL_Escape
NSSUTIL_EscapeSize
NSSUTIL_GetVersion
NSSUTIL_MkModuleSpec
NSSUTIL_MkModuleSpecEx
NSSUTIL_MkNSSString
NSSUTIL_MkSlotString
NSSUTIL_Quote
NSSUTIL_QuoteSize
NSS_GetAlgorithmPolicy
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BMPStringTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_BooleanTemplate_Util
NSS_Get_SEC_EnumeratedTemplate
NSS_Get_SEC_GeneralizedTimeTemplate_Util
NSS_Get_SEC_IA5StringTemplate_Util
NSS_Get_SEC_IntegerTemplate_Util
NSS_Get_SEC_NullTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_Get_SEC_PointerToAnyTemplate_Util
NSS_Get_SEC_PointerToEnumeratedTemplate
NSS_Get_SEC_PointerToGeneralizedTimeTemplate
NSS_Get_SEC_PointerToOctetStringTemplate_Util
NSS_Get_SEC_PrintableStringTemplate
NSS_Get_SEC_SequenceOfAnyTemplate
NSS_Get_SEC_SequenceOfObjectIDTemplate
NSS_Get_SEC_SetOfAnyTemplate_Util
NSS_Get_SEC_SkipTemplate
NSS_Get_SEC_T61StringTemplate
NSS_Get_SEC_UTCTimeTemplate_Util
NSS_Get_SEC_UTF8StringTemplate_Util
NSS_Get_SEC_UniversalStringTemplate
NSS_Get_sgn_DigestInfoTemplate_Util
NSS_InitializePRErrorTable
NSS_IsPolicyLocked
NSS_LockPolicy
NSS_PutEnv_Util
NSS_SecureMemcmp
NSS_SecureMemcmpZero
NSS_SetAlgorithmPolicy
PK11URI_CreateURI
PK11URI_DestroyURI
PK11URI_FormatURI
PK11URI_GetPathAttribute
PK11URI_GetPathAttributeItem
PK11URI_GetQueryAttribute
PK11URI_GetQueryAttributeItem
PK11URI_ParseURI
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaMark_Util
PORT_ArenaRelease_Util
PORT_ArenaStrdup_Util
PORT_ArenaUnmark_Util
PORT_ArenaZAlloc_Util
PORT_ArenaZRelease
PORT_DestroyCheapArena
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_ISO88591_UTF8Conversion
PORT_InitCheapArena
PORT_LoadLibraryFromOrigin
PORT_NewArena_Util
PORT_Realloc_Util
PORT_RegExpCaseSearch
PORT_RegExpSearch
PORT_RegExpValid
PORT_SetError_Util
PORT_SetUCS2_ASCIIConversionFunction_Util
PORT_SetUCS2_UTF8ConversionFunction_Util
PORT_SetUCS4_UTF8ConversionFunction_Util
PORT_Strdup_Util
PORT_UCS2_ASCIIConversion_Util
PORT_UCS2_UTF8Conversion_Util
PORT_UCS4_UTF8Conversion
PORT_ZAllocAlignedOffset_Util
PORT_ZAllocAligned_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocArray
SECITEM_AllocItem_Util
SECITEM_ArenaDupItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupArray
SECITEM_DupItem_Util
SECITEM_FreeArray
SECITEM_FreeItem_Util
SECITEM_Hash
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_MakeItem
SECITEM_ReallocItem
SECITEM_ReallocItemV2
SECITEM_ZfreeArray
SECITEM_ZfreeItem_Util
SECOID_AddEntry_Util
SECOID_AlgorithmIDTemplate_Util
SECOID_CompareAlgorithmID_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_FindOIDByTag_Util
SECOID_FindOIDTagDescription_Util
SECOID_FindOIDTag_Util
SECOID_FindOID_Util
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_KnownCertExtenOID
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeInteger_Util
SEC_ASN1DecodeItem_Util
SEC_ASN1Decode_Util
SEC_ASN1DecoderAbort_Util
SEC_ASN1DecoderClearFilterProc_Util
SEC_ASN1DecoderClearNotifyProc_Util
SEC_ASN1DecoderFinish_Util
SEC_ASN1DecoderSetFilterProc_Util
SEC_ASN1DecoderSetMaximumElementSize
SEC_ASN1DecoderSetNotifyProc_Util
SEC_ASN1DecoderStart_Util
SEC_ASN1DecoderUpdate_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_ASN1EncodeLength
SEC_ASN1EncodeUnsignedInteger_Util
SEC_ASN1Encode_Util
SEC_ASN1EncoderAbort_Util
SEC_ASN1EncoderClearNotifyProc_Util
SEC_ASN1EncoderClearStreaming_Util
SEC_ASN1EncoderClearTakeFromBuf_Util
SEC_ASN1EncoderFinish_Util
SEC_ASN1EncoderSetNotifyProc_Util
SEC_ASN1EncoderSetStreaming_Util
SEC_ASN1EncoderSetTakeFromBuf_Util
SEC_ASN1EncoderStart_Util
SEC_ASN1EncoderUpdate_Util
SEC_ASN1GetSubtemplate
SEC_ASN1IsTemplateSimple
SEC_ASN1LengthLength_Util
SEC_AnyTemplate_Util
SEC_BMPStringTemplate_Util
SEC_BitStringTemplate_Util
SEC_BooleanTemplate_Util
SEC_EnumeratedTemplate
SEC_GeneralizedTimeTemplate_Util
SEC_IA5StringTemplate_Util
SEC_IntegerTemplate_Util
SEC_NullTemplate_Util
SEC_ObjectIDTemplate_Util
SEC_OctetStringTemplate_Util
SEC_PointerToAnyTemplate_Util
SEC_PointerToEnumeratedTemplate
SEC_PointerToGeneralizedTimeTemplate
SEC_PointerToOctetStringTemplate_Util
SEC_PrintableStringTemplate
SEC_QuickDERDecodeItem_Util
SEC_SequenceOfAnyTemplate
SEC_SequenceOfObjectIDTemplate
SEC_SetOfAnyTemplate_Util
SEC_SetOfEnumeratedTemplate
SEC_SkipTemplate
SEC_StringToOID
SEC_T61StringTemplate
SEC_UTCTimeTemplate_Util
SEC_UTF8StringTemplate_Util
SEC_UniversalStringTemplate
SEC_VisibleStringTemplate
SGN_CompareDigestInfo_Util
SGN_CopyDigestInfo_Util
SGN_CreateDigestInfo_Util
SGN_DecodeDigestInfo
SGN_DestroyDigestInfo_Util
SGN_EncodeDigestInfo
UTIL_SetForkState
_NSSUTIL_Access
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_GetSecmodName
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo
__nss_util_version
lfopen
sec_asn1d_uinteger
sec_port_iso88591_utf8_conversion_function
sec_port_ucs2_utf8_conversion_function
sec_port_ucs4_utf8_conversion_function
sgn_DigestInfoTemplate_Util
ucs2AsciiConvertFunc
ucs2Utf8ConvertFunc
ucs4Utf8ConvertFunc

Sections

.text
Size: 92KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/pcap.dll
.dll windows:4 windows x64 arch:x64

666032bacd8bd8b1cecac16502732e2a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
FormatMessageA
FreeLibrary
GetLastError
GetModuleHandleW
GetProcAddress
GetSystemDirectoryA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
LoadLibraryA
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_fileno
_fdopen
_initterm
_lock
_open_osfhandle
_setjmp
_setmode
_strdup
_strtoi64
_strtoui64
_unlock
_vscprintf
_vsnprintf
_vsnprintf_s
abort
atoi
calloc
clearerr
exit
fclose
feof
ferror
fflush
fopen
fputc
fread
free
fseek
ftell
fwrite
getc
islower
isspace
isxdigit
localeconv
longjmp
malloc
memcpy
memset
puts
realloc
rewind
setvbuf
sprintf
strchr
strcmp
strcpy
strerror
strlen
strncmp
strncpy
strncpy_s
strtol
strtoul
tolower
ungetc
vfprintf
wcslen

ws2_32

WSACleanup
WSAGetLastError
WSASetLastError
WSAStartup
freeaddrinfo
gethostbyaddr
gethostbyname
getprotobyname
getservbyname
getservbyport
htonl
htons
inet_addr
inet_ntoa
ntohl
ntohs

Exports

Exports

bpf_dump
bpf_filter
bpf_image
bpf_validate
eproto_db
pcap_activate
pcap_breakloop
pcap_bufsize
pcap_can_set_rfmon
pcap_close
pcap_compile
pcap_compile_nopcap
pcap_create
pcap_datalink
pcap_datalink_ext
pcap_datalink_name_to_val
pcap_datalink_val_to_description
pcap_datalink_val_to_description_or_dlt
pcap_datalink_val_to_name
pcap_dispatch
pcap_dump
pcap_dump_close
pcap_dump_file
pcap_dump_flush
pcap_dump_ftell
pcap_dump_ftell64
pcap_dump_hopen
pcap_dump_open
pcap_dump_open_append
pcap_ether_aton
pcap_ether_hostton
pcap_file
pcap_fileno
pcap_findalldevs
pcap_free_datalinks
pcap_free_tstamp_types
pcap_freealldevs
pcap_freecode
pcap_get_airpcap_handle
pcap_get_tstamp_precision
pcap_geterr
pcap_getevent
pcap_getnonblock
pcap_hopen_offline
pcap_hopen_offline_with_tstamp_precision
pcap_inject
pcap_is_swapped
pcap_lib_version
pcap_list_datalinks
pcap_list_tstamp_types
pcap_live_dump
pcap_live_dump_ended
pcap_lookupdev
pcap_lookupnet
pcap_loop
pcap_major_version
pcap_minor_version
pcap_nametoaddr
pcap_nametoaddrinfo
pcap_nametoeproto
pcap_nametollc
pcap_nametonetaddr
pcap_nametoport
pcap_nametoportrange
pcap_nametoproto
pcap_next
pcap_next_etherent
pcap_next_ex
pcap_offline_filter
pcap_oid_get_request
pcap_oid_set_request
pcap_open_dead
pcap_open_dead_with_tstamp_precision
pcap_open_live
pcap_open_offline
pcap_open_offline_with_tstamp_precision
pcap_perror
pcap_sendpacket
pcap_sendqueue_alloc
pcap_sendqueue_destroy
pcap_sendqueue_queue
pcap_sendqueue_transmit
pcap_set_buffer_size
pcap_set_datalink
pcap_set_immediate_mode
pcap_set_promisc
pcap_set_rfmon
pcap_set_snaplen
pcap_set_timeout
pcap_set_tstamp_precision
pcap_set_tstamp_type
pcap_setbuff
pcap_setdirection
pcap_setfilter
pcap_setmintocopy
pcap_setmode
pcap_setnonblock
pcap_setuserbuffer
pcap_snapshot
pcap_stats
pcap_stats_ex
pcap_statustostr
pcap_strerror
pcap_tstamp_type_name_to_val
pcap_tstamp_type_val_to_description
pcap_tstamp_type_val_to_name
pcap_version
pcap_wsockinit

Sections

.text
Size: 209KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 11KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 916B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/31
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/45
Size: 54KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/57
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/70
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/81
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/97
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/113
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/softokn3.dll
.dll windows:4 windows x64 arch:x64

fb6659173402713109cbbc71bd7e29b9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

nssutil3

DER_Encode_Util
DER_GetInteger_Util
DER_SetUInteger
NSSUTIL_ArgDecodeNumber
NSSUTIL_ArgFetchValue
NSSUTIL_ArgGetLabel
NSSUTIL_ArgHasFlag
NSSUTIL_ArgIsBlank
NSSUTIL_ArgSkipParameter
NSSUTIL_ArgStrip
NSSUTIL_DoModuleDBFunction
NSS_Get_SECOID_AlgorithmIDTemplate_Util
NSS_Get_SEC_AnyTemplate_Util
NSS_Get_SEC_BitStringTemplate_Util
NSS_Get_SEC_ObjectIDTemplate_Util
NSS_Get_SEC_OctetStringTemplate_Util
NSS_SecureMemcmp
PORT_Alloc_Util
PORT_ArenaAlloc_Util
PORT_ArenaGrow_Util
PORT_ArenaZAlloc_Util
PORT_FreeArena_Util
PORT_Free_Util
PORT_GetError_Util
PORT_NewArena_Util
PORT_Realloc_Util
PORT_SetError_Util
PORT_Strdup_Util
PORT_ZAlloc_Util
PORT_ZFree_Util
SECITEM_AllocItem_Util
SECITEM_CompareItem_Util
SECITEM_CopyItem_Util
SECITEM_DupItem_Util
SECITEM_FreeItem_Util
SECITEM_HashCompare
SECITEM_ItemsAreEqual_Util
SECITEM_ZfreeItem_Util
SECOID_CopyAlgorithmID_Util
SECOID_DestroyAlgorithmID_Util
SECOID_FindOIDByMechanism
SECOID_GetAlgorithmTag_Util
SECOID_Init
SECOID_SetAlgorithmID_Util
SECOID_Shutdown
SEC_ASN1DecodeItem_Util
SEC_ASN1EncodeInteger_Util
SEC_ASN1EncodeItem_Util
SEC_QuickDERDecodeItem_Util
SGN_CreateDigestInfo_Util
SGN_DestroyDigestInfo_Util
UTIL_SetForkState
_NSSUTIL_Access
_NSSUTIL_EvaluateConfigDir
_NSSUTIL_UTF8ToWide
_SGN_VerifyPKCS1DigestInfo

kernel32

DeleteCriticalSection
EnterCriticalSection
GetLastError
GetTempPathA
InitializeCriticalSection
IsDBCSLeadByteEx
LeaveCriticalSection
MultiByteToWideChar
Sleep
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_errno
_initterm
_lock
_unlock
_wchmod
abort
atoi
calloc
fputc
free
fwrite
getenv
islower
isupper
localeconv
malloc
memcmp
memcpy
memset
qsort
realloc
strcmp
strcpy
strerror
strlen
strncmp
strrchr
strtoul
vfprintf
wcslen

libnspr4

PR_Access
PR_CallOnce
PR_DestroyLock
PR_DestroyMonitor
PR_EnterMonitor
PR_ExitMonitor
PR_FindFunctionSymbol
PR_Free
PR_GetCurrentThread
PR_GetDirectorySeparator
PR_GetEnv
PR_GetEnvSecure
PR_GetLibraryFilePathname
PR_IntervalNow
PR_LoadLibraryWithFlags
PR_Lock
PR_MillisecondsToInterval
PR_NewLock
PR_NewMonitor
PR_Now
PR_SecondsToInterval
PR_Sleep
PR_UnloadLibrary
PR_Unlock
PR_smprintf
PR_smprintf_free
PR_snprintf

libplc4

PL_strcasecmp
PL_strncasecmp

libplds4

PL_CompareValues
PL_HashTableAdd
PL_HashTableDestroy
PL_HashTableEnumerateEntries
PL_HashTableLookup
PL_HashTableLookupConst
PL_HashTableRemove
PL_NewHashTable

libsqlite3-0

sqlite3_bind_blob
sqlite3_bind_int
sqlite3_bind_text
sqlite3_busy_timeout
sqlite3_close
sqlite3_column_blob
sqlite3_column_bytes
sqlite3_column_int
sqlite3_column_text
sqlite3_exec
sqlite3_file_control
sqlite3_finalize
sqlite3_free
sqlite3_mprintf
sqlite3_open_v2
sqlite3_prepare_v2
sqlite3_reset
sqlite3_step

Exports

Exports

AESKeyWrap_AllocateContext
AESKeyWrap_CreateContext
AESKeyWrap_Decrypt
AESKeyWrap_DecryptKWP
AESKeyWrap_DestroyContext
AESKeyWrap_Encrypt
AESKeyWrap_EncryptKWP
AESKeyWrap_InitContext
AES_AEAD
AES_AllocateContext
AES_CreateContext
AES_Decrypt
AES_DestroyContext
AES_Encrypt
AES_InitContext
AddToList
BLAKE2B_Begin
BLAKE2B_DestroyContext
BLAKE2B_End
BLAKE2B_Flatten
BLAKE2B_FlattenSize
BLAKE2B_Hash
BLAKE2B_HashBuf
BLAKE2B_MAC_Begin
BLAKE2B_MAC_HashBuf
BLAKE2B_NewContext
BLAKE2B_Resurrect
BLAKE2B_Update
BLAPI_SHVerify
BLAPI_SHVerifyFile
BLAPI_VerifySelf
BL_Cleanup
BL_Init
BL_SetForkState
BL_Unload
CBC_PadBuffer
CMAC_Begin
CMAC_Create
CMAC_Destroy
CMAC_Finish
CMAC_Init
CMAC_Update
C_GetFunctionList
C_GetInterface
C_GetInterfaceList
Camellia_AllocateContext
Camellia_CreateContext
Camellia_Decrypt
Camellia_DestroyContext
Camellia_Encrypt
Camellia_InitContext
ChaCha20Poly1305_CreateContext
ChaCha20Poly1305_Decrypt
ChaCha20Poly1305_DestroyContext
ChaCha20Poly1305_Encrypt
ChaCha20Poly1305_InitContext
ChaCha20Poly1305_Open
ChaCha20Poly1305_Seal
ChaCha20_CreateContext
ChaCha20_DestroyContext
ChaCha20_InitContext
ChaCha20_Xor
DES_AllocateContext
DES_CreateContext
DES_Decrypt
DES_DestroyContext
DES_Encrypt
DES_InitContext
DH_Derive
DH_GenParam
DH_NewKey
DSA_NewKey
DSA_NewKeyFromSeed
DSA_NewRandom
DSA_SignDigest
DSA_SignDigestWithSeed
DSA_VerifyDigest
ECDH_Derive
ECDSA_SignDigest
ECDSA_SignDigestWithSeed
ECDSA_VerifyDigest
EC_CopyParams
EC_DecodeParams
EC_FillParams
EC_GetPointSize
EC_NewKey
EC_NewKeyFromSeed
EC_ValidatePublicKey
FC_CancelFunction
FC_CloseAllSessions
FC_CloseSession
FC_CopyObject
FC_CreateObject
FC_Decrypt
FC_DecryptDigestUpdate
FC_DecryptFinal
FC_DecryptInit
FC_DecryptMessage
FC_DecryptMessageBegin
FC_DecryptMessageNext
FC_DecryptUpdate
FC_DecryptVerifyUpdate
FC_DeriveKey
FC_DestroyObject
FC_Digest
FC_DigestEncryptUpdate
FC_DigestFinal
FC_DigestInit
FC_DigestKey
FC_DigestUpdate
FC_Encrypt
FC_EncryptFinal
FC_EncryptInit
FC_EncryptMessage
FC_EncryptMessageBegin
FC_EncryptMessageNext
FC_EncryptUpdate
FC_Finalize
FC_FindObjects
FC_FindObjectsFinal
FC_FindObjectsInit
FC_GenerateKey
FC_GenerateKeyPair
FC_GenerateRandom
FC_GetAttributeValue
FC_GetFunctionList
FC_GetFunctionStatus
FC_GetInfo
FC_GetInfoV2
FC_GetInterface
FC_GetInterfaceList
FC_GetMechanismInfo
FC_GetMechanismInfoV2
FC_GetMechanismList
FC_GetObjectSize
FC_GetOperationState
FC_GetSessionInfo
FC_GetSlotInfo
FC_GetSlotList
FC_GetTokenInfo
FC_InitPIN
FC_InitToken
FC_Initialize
FC_Login
FC_LoginUser
FC_Logout
FC_MessageDecryptFinal
FC_MessageDecryptInit
FC_MessageEncryptFinal
FC_MessageEncryptInit
FC_MessageSignFinal
FC_MessageSignInit
FC_MessageVerifyFinal
FC_MessageVerifyInit
FC_OpenSession
FC_SeedRandom
FC_SessionCancel
FC_SetAttributeValue
FC_SetOperationState
FC_SetPIN
FC_Sign
FC_SignEncryptUpdate
FC_SignFinal
FC_SignInit
FC_SignMessage
FC_SignMessageBegin
FC_SignMessageNext
FC_SignRecover
FC_SignRecoverInit
FC_SignUpdate
FC_UnwrapKey
FC_Verify
FC_VerifyFinal
FC_VerifyInit
FC_VerifyMessage
FC_VerifyMessageBegin
FC_VerifyMessageNext
FC_VerifyRecover
FC_VerifyRecoverInit
FC_VerifyUpdate
FC_WaitForSlotEvent
FC_WrapKey
FIPS186Change_GenerateX
FIPS186Change_ReduceModQForDSA
HASH_FromHMACOid
HASH_GetRawHashObject
HASH_HMACOidFromHash
HMAC_Begin
HMAC_Clone
HMAC_ConstantTime
HMAC_Create
HMAC_Destroy
HMAC_Finish
HMAC_Init
HMAC_Update
JPAKE_Final
JPAKE_Round2
JPAKE_Sign
JPAKE_Verify
KEA_Derive
KEA_PrimeCheck
KEA_Verify
MD2_Begin
MD2_Clone
MD2_DestroyContext
MD2_End
MD2_Flatten
MD2_FlattenSize
MD2_Hash
MD2_NewContext
MD2_Resurrect
MD2_Update
MD5_Begin
MD5_Clone
MD5_DestroyContext
MD5_End
MD5_Flatten
MD5_FlattenSize
MD5_Hash
MD5_HashBuf
MD5_NewContext
MD5_Resurrect
MD5_TraceState
MD5_Update
NSC_CancelFunction
NSC_CloseAllSessions
NSC_CloseSession
NSC_CopyObject
NSC_CreateObject
NSC_Decrypt
NSC_DecryptDigestUpdate
NSC_DecryptFinal
NSC_DecryptInit
NSC_DecryptMessage
NSC_DecryptMessageBegin
NSC_DecryptMessageNext
NSC_DecryptUpdate
NSC_DecryptVerifyUpdate
NSC_DeriveKey
NSC_DestroyObject
NSC_Digest
NSC_DigestEncryptUpdate
NSC_DigestFinal
NSC_DigestInit
NSC_DigestKey
NSC_DigestUpdate
NSC_Encrypt
NSC_EncryptFinal
NSC_EncryptInit
NSC_EncryptMessage
NSC_EncryptMessageBegin
NSC_EncryptMessageNext
NSC_EncryptUpdate
NSC_Finalize
NSC_FindObjects
NSC_FindObjectsFinal
NSC_FindObjectsInit
NSC_GenerateKey
NSC_GenerateKeyPair
NSC_GenerateRandom
NSC_GetAttributeValue
NSC_GetFunctionList
NSC_GetFunctionStatus
NSC_GetInfo
NSC_GetInfoV2
NSC_GetInterface
NSC_GetInterfaceList
NSC_GetMechanismInfo
NSC_GetMechanismInfoV2
NSC_GetMechanismList
NSC_GetObjectSize
NSC_GetOperationState
NSC_GetSessionInfo
NSC_GetSlotInfo
NSC_GetSlotList
NSC_GetTokenInfo
NSC_InitPIN
NSC_InitToken
NSC_Initialize
NSC_Login
NSC_LoginUser
NSC_Logout
NSC_MessageDecryptFinal
NSC_MessageDecryptInit
NSC_MessageEncryptFinal
NSC_MessageEncryptInit
NSC_MessageSignFinal
NSC_MessageSignInit
NSC_MessageVerifyFinal
NSC_MessageVerifyInit
NSC_ModuleDBFunc
NSC_OpenSession
NSC_SeedRandom
NSC_SessionCancel
NSC_SetAttributeValue
NSC_SetOperationState
NSC_SetPIN
NSC_Sign
NSC_SignEncryptUpdate
NSC_SignFinal
NSC_SignInit
NSC_SignMessage
NSC_SignMessageBegin
NSC_SignMessageNext
NSC_SignRecover
NSC_SignRecoverInit
NSC_SignUpdate
NSC_UnwrapKey
NSC_Verify
NSC_VerifyFinal
NSC_VerifyInit
NSC_VerifyMessage
NSC_VerifyMessageBegin
NSC_VerifyMessageNext
NSC_VerifyRecover
NSC_VerifyRecoverInit
NSC_VerifyUpdate
NSC_WaitForSlotEvent
NSC_WrapKey
PQG_DestroyParams
PQG_DestroyVerify
PQG_ParamGen
PQG_ParamGenSeedLen
PQG_ParamGenV2
PQG_VerifyParams
PRNGTEST_Generate
PRNGTEST_Instantiate
PRNGTEST_Reseed
PRNGTEST_RunHealthTests
PRNGTEST_Uninstantiate
RC2_AllocateContext
RC2_CreateContext
RC2_Decrypt
RC2_DestroyContext
RC2_Encrypt
RC2_InitContext
RC4_AllocateContext
RC4_CreateContext
RC4_Decrypt
RC4_DestroyContext
RC4_Encrypt
RC4_InitContext
RC5_CreateContext
RC5_Decrypt
RC5_DestroyContext
RC5_Encrypt
RNG_GenerateGlobalRandomBytes
RNG_RNGInit
RNG_RNGShutdown
RNG_RandomUpdate
RNG_SystemInfoForRNG
RSA_CheckSign
RSA_CheckSignPSS
RSA_CheckSignRaw
RSA_CheckSignRecover
RSA_CheckSignRecoverRaw
RSA_DecryptBlock
RSA_DecryptOAEP
RSA_DecryptRaw
RSA_EncryptBlock
RSA_EncryptOAEP
RSA_EncryptRaw
RSA_HashCheckSign
RSA_HashSign
RSA_NewKey
RSA_PopulatePrivateKey
RSA_PrivateKeyCheck
RSA_PrivateKeyOp
RSA_PrivateKeyOpDoubleChecked
RSA_PublicKeyOp
RSA_Sign
RSA_SignPSS
RSA_SignRaw
SEED_CreateContext
SEED_Decrypt
SEED_DestroyContext
SEED_Encrypt
SEED_InitContext
SFTK_ClearTokenKeyHashTable
SFTK_DestroySlotData
SFTK_ShutdownSlot
SFTK_SlotInit
SFTK_SlotReInit
SHA1_Begin
SHA1_Clone
SHA1_DestroyContext
SHA1_End
SHA1_Flatten
SHA1_FlattenSize
SHA1_Hash
SHA1_HashBuf
SHA1_NewContext
SHA1_Resurrect
SHA1_TraceState
SHA1_Update
SHA224_Begin
SHA224_Clone
SHA224_DestroyContext
SHA224_End
SHA224_Flatten
SHA224_FlattenSize
SHA224_Hash
SHA224_HashBuf
SHA224_NewContext
SHA224_Resurrect
SHA224_TraceState
SHA224_Update
SHA256_Begin
SHA256_Clone
SHA256_DestroyContext
SHA256_End
SHA256_Flatten
SHA256_FlattenSize
SHA256_Hash
SHA256_HashBuf
SHA256_NewContext
SHA256_Resurrect
SHA256_TraceState
SHA256_Update
SHA384_Begin
SHA384_Clone
SHA384_DestroyContext
SHA384_End
SHA384_Flatten
SHA384_FlattenSize
SHA384_Hash
SHA384_HashBuf
SHA384_NewContext
SHA384_Resurrect
SHA384_TraceState
SHA384_Update
SHA512_Begin
SHA512_Clone
SHA512_DestroyContext
SHA512_End
SHA512_Flatten
SHA512_FlattenSize
SHA512_Hash
SHA512_HashBuf
SHA512_NewContext
SHA512_Resurrect
SHA512_TraceState
SHA512_Update
SQLITE_EXPLICIT_NULL
SSLv3_MAC_ConstantTime
TLS_PRF
TLS_P_hash
__nss_softokn_version
fc_getAttribute
fc_log_init_error
jpake_Final
jpake_Round1
jpake_Round2
kbkdf_CreateKey
kbkdf_Dispatch
kbkdf_FinalizeKey
kbkdf_GetDerivedKeySize
kbkdf_IncrementBuffer
kbkdf_SaveKey
kbkdf_SaveKeys
nsc_CommonFinalize
nsc_CommonGetSlotList
nsc_CommonInitialize
nsc_SetupHMACKeyGen
nsc_init
nsf_init
nsslowkey_AttributeTemplate
nsslowkey_ConvertToPublicKey
nsslowkey_CopyPrivateKey
nsslowkey_DHPrivateKeyTemplate
nsslowkey_DSAPrivateKeyExportTemplate
nsslowkey_DSAPrivateKeyTemplate
nsslowkey_DestroyPrivateKey
nsslowkey_DestroyPublicKey
nsslowkey_ECPrivateKeyTemplate
nsslowkey_PQGParamsTemplate
nsslowkey_PrivateKeyInfoTemplate
nsslowkey_PrivateModulusLen
nsslowkey_PublicModulusLen
nsslowkey_RSAPrivateKeyTemplate
nsslowkey_RSAPublicKeyTemplate
nsslowkey_SetOfAttributeTemplate
nsslowkey_SubjectPublicKeyInfoTemplate
nsspkcs5_AlgidToParam
nsspkcs5_CipherData
nsspkcs5_ComputeKeyAndIV
nsspkcs5_CreateAlgorithmID
nsspkcs5_DestroyPBEParameter
nsspkcs5_HashBuf
nsspkcs5_NewParam
parentForkedAfterC_Initialize
prepare_low_dh_priv_key_for_asn1
prepare_low_dsa_priv_key_export_for_asn1
prepare_low_dsa_priv_key_for_asn1
prepare_low_ec_priv_key_for_asn1
prepare_low_ecparams_for_asn1
prepare_low_pqg_params_for_asn1
prepare_low_rsa_priv_key_for_asn1
prepare_low_rsa_pub_key_for_asn1
s_open

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 800B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/dlls/zlib1.dll
.dll windows:4 windows x64 arch:x64

0362b276bf74944aaf0d04f3240210cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetCurrentProcess
GetLastError
GetModuleHandleW
GetProcAddress
InitializeCriticalSection
IsDBCSLeadByteEx
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryW
MultiByteToWideChar
Sleep
TerminateProcess
TlsGetValue
VirtualProtect
VirtualQuery
WideCharToMultiByte

msvcrt

___lc_codepage_func
___mb_cur_max_func
__iob_func
_amsg_exit
_close
_errno
_initterm
_lock
_lseeki64
_open
_read
_unlock
_wopen
_write
abort
calloc
fputc
free
fwrite
localeconv
malloc
memchr
memcpy
memmove
memset
realloc
strerror
strlen
strncmp
vfprintf
wcslen
wcstombs

Exports

Exports

_dist_code
_length_code
_tr_align
_tr_flush_bits
_tr_flush_block
_tr_init
_tr_stored_block
_tr_tally
adler32
adler32_combine
adler32_combine64
adler32_z
compress
compress2
compressBound
crc32
crc32_combine
crc32_combine64
crc32_combine_gen
crc32_combine_gen64
crc32_combine_op
crc32_z
deflate
deflateBound
deflateCopy
deflateEnd
deflateGetDictionary
deflateInit2_
deflateInit_
deflateParams
deflatePending
deflatePrime
deflateReset
deflateResetKeep
deflateSetDictionary
deflateSetHeader
deflateTune
deflate_copyright
get_crc_table
gz_error
gzbuffer
gzclearerr
gzclose
gzclose_r
gzclose_w
gzdirect
gzdopen
gzeof
gzerror
gzflush
gzfread
gzfwrite
gzgetc
gzgetc_
gzgets
gzoffset
gzoffset64
gzopen
gzopen64
gzopen_w
gzprintf
gzputc
gzputs
gzread
gzrewind
gzseek
gzseek64
gzsetparams
gztell
gztell64
gzungetc
gzvprintf
gzwrite
inflate
inflateBack
inflateBackEnd
inflateBackInit_
inflateCodesUsed
inflateCopy
inflateEnd
inflateGetDictionary
inflateGetHeader
inflateInit2_
inflateInit_
inflateMark
inflatePrime
inflateReset
inflateReset2
inflateResetKeep
inflateSetDictionary
inflateSync
inflateSyncPoint
inflateUndermine
inflateValidate
inflate_copyright
inflate_fast
inflate_table
uncompress
uncompress2
zError
z_errmsg
zcalloc
zcfree
zlibCompileFlags
zlibVersion

Sections

.text
Size: 79KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 176B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/etc/suricata/classification.config
brimcap/suricata/etc/suricata/reference.config
brimcap/suricata/etc/suricata/suricata.yaml
brimcap/suricata/etc/suricata/threshold.config
brimcap/suricata/share/suricata/classification.config
brimcap/suricata/share/suricata/reference.config
brimcap/suricata/share/suricata/rules/app-layer-events.rules
brimcap/suricata/share/suricata/rules/decoder-events.rules
brimcap/suricata/share/suricata/rules/dhcp-events.rules
brimcap/suricata/share/suricata/rules/dnp3-events.rules
brimcap/suricata/share/suricata/rules/dns-events.rules
brimcap/suricata/share/suricata/rules/files.rules
brimcap/suricata/share/suricata/rules/http-events.rules
brimcap/suricata/share/suricata/rules/ipsec-events.rules
brimcap/suricata/share/suricata/rules/kerberos-events.rules
brimcap/suricata/share/suricata/rules/modbus-events.rules
brimcap/suricata/share/suricata/rules/nfs-events.rules
brimcap/suricata/share/suricata/rules/ntp-events.rules
brimcap/suricata/share/suricata/rules/smb-events.rules
brimcap/suricata/share/suricata/rules/smtp-events.rules
brimcap/suricata/share/suricata/rules/stream-events.rules
brimcap/suricata/share/suricata/rules/tls-events.rules
brimcap/suricata/suricatarunner.exe
.exe windows:6 windows x64 arch:x64

960ef4de68dcace43ad03634f7e490cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
QueryFullProcessImageNameA
ProcessIdToSessionId
PostQueuedCompletionStatus
OpenProcess
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatus
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 781KB - Virtual size: 781KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 932KB - Virtual size: 931KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 281B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 70B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 224KB - Virtual size: 223KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/suricataupdater.exe
.exe windows:6 windows x64 arch:x64

960ef4de68dcace43ad03634f7e490cb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteFile
WriteConsoleW
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
QueryFullProcessImageNameA
ProcessIdToSessionId
PostQueuedCompletionStatus
OpenProcess
LoadLibraryA
LoadLibraryW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatus
GetProcessAffinityMask
GetProcAddress
GetEnvironmentStringsW
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateThread
CreateIoCompletionPort
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 775KB - Virtual size: 775KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 925KB - Virtual size: 925KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 279KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

/4
Size: 512B - Virtual size: 281B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 131KB - Virtual size: 131KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/63
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/80
Size: 512B - Virtual size: 70B

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/99
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/112
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/124
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.symtab
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/suricata/var/lib/suricata/rules/suricata.rules
brimcap/suricata/var/lib/suricata/update/cache/70d9eddbf429eafe2b741e615a00a74a-emerging.rules.tar.gz
.gz
emerging.rules.tar
.tar
rules/3coresec.rules
rules/BSD-License.txt
rules/LICENSE
rules/botcc.portgrouped.rules
rules/botcc.rules
rules/ciarmy.rules
rules/classification.config
rules/compromised-ips.txt
rules/compromised.rules
rules/drop.rules
rules/dshield.rules
rules/emerging-activex.rules
rules/emerging-adware_pup.rules
rules/emerging-attack_response.rules
rules/emerging-chat.rules
rules/emerging-coinminer.rules
rules/emerging-current_events.rules
.jnlp .pdf polyglot
rules/emerging-deleted.rules
rules/emerging-dns.rules
rules/emerging-dos.rules
rules/emerging-exploit.rules
rules/emerging-exploit_kit.rules
.jnlp .js .pdf polyglot
rules/emerging-ftp.rules
rules/emerging-games.rules
rules/emerging-hunting.rules
rules/emerging-icmp.rules
rules/emerging-icmp_info.rules
rules/emerging-imap.rules
rules/emerging-inappropriate.rules
rules/emerging-info.rules
rules/emerging-ja3.rules
rules/emerging-malware.rules
rules/emerging-misc.rules
rules/emerging-mobile_malware.rules
rules/emerging-netbios.rules
rules/emerging-p2p.rules
rules/emerging-phishing.rules
rules/emerging-policy.rules
rules/emerging-pop3.rules
rules/emerging-rpc.rules
rules/emerging-scada.rules
rules/emerging-scan.rules
rules/emerging-shellcode.rules
rules/emerging-smtp.rules
rules/emerging-snmp.rules
rules/emerging-sql.rules
rules/emerging-telnet.rules
rules/emerging-tftp.rules
rules/emerging-trojan.rules
rules/emerging-user_agents.rules
rules/emerging-voip.rules
rules/emerging-web_client.rules
.js
rules/emerging-web_server.rules
rules/emerging-web_specific_apps.rules
rules/emerging-worm.rules
rules/gpl-2.0.txt
rules/sid-msg.map
rules/threatview_CS_c2.rules
rules/tor.rules
brimcap/zeek/bin/zeek.exe
.exe windows:6 windows x64 arch:x64

16e393b8883dd681ff8e633df4721b46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

D:\a\build-zeek\build-zeek\zeek-src\build\src\zeek.pdb

Imports

advapi32

SystemFunction036
RegCloseKey
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
GetUserNameA
DeregisterEventSource
RegisterEventSourceW
ReportEventW
CryptAcquireContextW
CryptReleaseContext
CryptDestroyKey
CryptSetHashParam
CryptGetProvParam
CryptGetUserKey
CryptExportKey
CryptDecrypt
CryptCreateHash
CryptDestroyHash
CryptSignHashW
CryptEnumProvidersW
CryptGenRandom

ws2_32

WSAEventSelect
WSAEnumNetworkEvents
WSACloseEvent
getprotobyname
gethostbyname
gethostbyaddr
inet_ntoa
inet_addr
sendto
getnameinfo
freeaddrinfo
getaddrinfo
WSASend
accept
getpeername
WSASetLastError
shutdown
getsockopt
listen
WSAPoll
ntohs
WSASocketW
WSAIoctl
WSADuplicateSocketW
socket
setsockopt
recvfrom
ioctlsocket
closesocket
getservbyport
__WSAFDIsSet
getservbyname
WSASocketA
WSAGetLastError
WSAStartup
send
recv
getsockname
connect
bind
select
gethostname
inet_ntop
inet_pton
htons
ntohl
htonl
WSACleanup

shlwapi

PathMatchSpecA

crypt32

CertCloseStore
CertEnumCertificatesInStore
CertFindCertificateInStore
CertDuplicateCertificateContext
CertFreeCertificateContext
CertGetCertificateContextProperty
CertOpenStore

iphlpapi

GetBestRoute2
if_indextoname
GetUnicastIpAddressTable
FreeMibTable
ConvertInterfaceLuidToNameA
ConvertInterfaceIndexToLuid
if_nametoindex
GetAdaptersAddresses

kernel32

GetExitCodeProcess
GetCommandLineW
GetCommandLineA
CreateProcessW
CreatePipe
GetTimeZoneInformation
DuplicateHandle
FreeLibraryAndExitThread
ResumeThread
ExitThread
ExitProcess
SetStdHandle
GetConsoleOutputCP
FileTimeToSystemTime
SystemTimeToTzSpecificLocalTime
PeekNamedPipe
GetDriveTypeW
RtlUnwind
LoadLibraryExW
GetModuleFileNameW
InterlockedFlushSList
InterlockedPushEntrySList
RtlUnwindEx
VirtualQuery
GetStartupInfoW
InitializeSListHead
IsProcessorFeaturePresent
TerminateProcess
UnhandledExceptionFilter
RtlLookupFunctionEntry
RtlCaptureContext
CreateEventW
ResetEvent
SetEvent
GetFileSizeEx
GetDateFormatW
GetTimeFormatW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
RemoveDirectoryW
IsValidCodePage
GetACP
GetOEMCP
GetEnvironmentStringsW
FreeEnvironmentStringsW
HeapQueryInformation
SetEnvironmentVariableW
QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcess
GetCurrentThread
SetThreadPriority
SetPriorityClass
GetProcessAffinityMask
SetThreadAffinityMask
FlushFileBuffers
GetTickCount
MapViewOfFile
CreateFileMappingW
FormatMessageA
GetSystemTime
GetSystemTimeAsFileTime
WideCharToMultiByte
FreeLibrary
SystemTimeToFileTime
GetProcessHeap
GetCurrentProcessId
GetFileSize
LockFileEx
LocalFree
GetProcAddress
UnlockFile
HeapDestroy
HeapCompact
HeapAlloc
LoadLibraryW
GetSystemInfo
CloseHandle
HeapReAlloc
DeleteFileW
DeleteFileA
WaitForSingleObjectEx
LoadLibraryA
CreateFileA
FlushViewOfFile
OutputDebugStringW
GetFileAttributesExW
GetFileAttributesA
GetLastError
GetDiskFreeSpaceA
FormatMessageW
GetTempPathA
Sleep
MultiByteToWideChar
HeapSize
HeapValidate
UnmapViewOfFile
GetFileAttributesW
CreateFileW
WaitForSingleObject
CreateMutexW
GetTempPathW
UnlockFileEx
SetEndOfFile
GetFullPathNameA
SetFilePointer
LockFile
OutputDebugStringA
GetDiskFreeSpaceW
WriteFile
GetFullPathNameW
HeapFree
HeapCreate
ReadFile
AreFileApisANSI
RaiseException
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
GetProcessTimes
GetThreadTimes
K32GetProcessMemoryInfo
GetStdHandle
IsDebuggerPresent
SetUnhandledExceptionFilter
SetErrorMode
SetThreadStackGuarantee
GetConsoleScreenBufferInfo
SetConsoleTextAttribute
CreateThread
ExpandEnvironmentStringsA
SetLastError
GetVersionExA
SetHandleInformation
CreateIoCompletionPort
GetQueuedCompletionStatusEx
PostQueuedCompletionStatus
GetModuleHandleA
GetTempFileNameA
FindClose
FindFirstFileA
FindNextFileA
SetConsoleCtrlHandler
GetVolumeNameForVolumeMountPointA
GetSystemDirectoryA
GetModuleHandleExW
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
SwitchToFiber
DeleteFiber
CreateFiber
FindFirstFileW
FindNextFileW
GetEnvironmentVariableW
GetFileType
GetModuleHandleW
RtlVirtualUnwind
ConvertFiberToThread
ConvertThreadToFiber
GetConsoleMode
SetConsoleMode
ReadConsoleA
ReadConsoleW
CreateFileMappingA
GetQueuedCompletionStatus
CreateEventA
UnregisterWaitEx
RegisterWaitForSingleObject
SetWaitableTimer
CancelWaitableTimer
CreateWaitableTimerA
GetStringTypeW
GetCPInfo
CompareStringEx
LCMapStringEx
DecodePointer
SwitchToThread
GetExitCodeThread
GetNativeSystemInfo
InitializeSRWLock
ReleaseSRWLockExclusive
AcquireSRWLockExclusive
InitializeCriticalSectionEx
SetCurrentDirectoryW
GetCurrentDirectoryW
CreateDirectoryW
FindFirstFileExW
GetDiskFreeSpaceExW
GetFileInformationByHandle
GetFinalPathNameByHandleW
SetFileAttributesW
SetFileInformationByHandle
SetFilePointerEx
SetFileTime
DeviceIoControl
CreateDirectoryExW
CopyFileW
MoveFileExW
CreateHardLinkW
GetFileInformationByHandleEx
CreateSymbolicLinkW
InitializeConditionVariable
WakeConditionVariable
WakeAllConditionVariable
SleepConditionVariableCS
SleepConditionVariableSRW
GetLocaleInfoEx
InitOnceBeginInitialize
InitOnceComplete
RtlPcToFileHeader
ReleaseSRWLockShared
AcquireSRWLockShared
TryAcquireSRWLockExclusive
TryAcquireSRWLockShared
FlsAlloc
FlsGetValue
FlsSetValue
FlsFree
InitOnceExecuteOnce
CreateEventExW
CreateSemaphoreExW
FlushProcessWriteBuffers
GetCurrentProcessorNumber
GetTickCount64
FreeLibraryWhenCallbackReturns
CreateThreadpoolWork
SubmitThreadpoolWork
CloseThreadpoolWork
CreateThreadpoolTimer
SetThreadpoolTimer
WaitForThreadpoolTimerCallbacks
CloseThreadpoolTimer
CreateThreadpoolWait
SetThreadpoolWait
CloseThreadpoolWait
EncodePointer
WriteConsoleW

user32

GetProcessWindowStation
GetUserObjectInformationW
MessageBoxW

Exports

Exports

kevent
kqueue

Sections

.text
Size: 22.1MB - Virtual size: 22.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4.4MB - Virtual size: 4.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 226KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
brimcap/zeek/share/zeek/base/bif/CPP-load.bif.zeek
brimcap/zeek/share/zeek/base/bif/__load__.zeek
brimcap/zeek/share/zeek/base/bif/analyzer.bif.zeek
brimcap/zeek/share/zeek/base/bif/bloom-filter.bif.zeek
brimcap/zeek/share/zeek/base/bif/cardinality-counter.bif.zeek
brimcap/zeek/share/zeek/base/bif/comm.bif.zeek
brimcap/zeek/share/zeek/base/bif/communityid.bif.zeek
brimcap/zeek/share/zeek/base/bif/const.bif.zeek
brimcap/zeek/share/zeek/base/bif/data.bif.zeek
brimcap/zeek/share/zeek/base/bif/event.bif.zeek
brimcap/zeek/share/zeek/base/bif/file_analysis.bif.zeek
brimcap/zeek/share/zeek/base/bif/input.bif.zeek
brimcap/zeek/share/zeek/base/bif/logging.bif.zeek
brimcap/zeek/share/zeek/base/bif/messaging.bif.zeek
brimcap/zeek/share/zeek/base/bif/mmdb.bif.zeek
brimcap/zeek/share/zeek/base/bif/option.bif.zeek
brimcap/zeek/share/zeek/base/bif/packet_analysis.bif.zeek
brimcap/zeek/share/zeek/base/bif/pcap.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ARP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_AsciiReader.ascii.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_AsciiWriter.ascii.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_BenchmarkReader.benchmark.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_BinaryReader.binary.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_BitTorrent.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ConfigReader.config.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ConnSize.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ConnSize.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DCE_RPC.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DCE_RPC.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DCE_RPC.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DHCP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DHCP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DNP3.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_DNS.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FTP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FTP.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_File.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FileEntropy.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FileExtract.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FileExtract.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_FileHash.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Finger.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_GSSAPI.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_GTPv1.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_GTPv1.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Geneve.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Gnutella.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_HTTP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_HTTP.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_ICMP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_IMAP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_IRC.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Ident.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_KRB.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_KRB.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Login.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Login.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MIME.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MIME.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MQTT.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MQTT.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Modbus.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_MySQL.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NCP.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NCP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NTLM.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NTLM.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NTP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NTP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NetBIOS.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NetBIOS.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_NoneWriter.none.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_PE.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_POP3.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RADIUS.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RDP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RDP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RFB.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RPC.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_RawReader.raw.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SIP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_check_directory.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_close.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_create_directory.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_echo.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_logoff_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_negotiate.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_nt_cancel.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_nt_create_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_query_information.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_read_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_session_setup_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_transaction.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_transaction2.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_transaction2_secondary.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_transaction_secondary.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_tree_connect_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_tree_disconnect.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_com_write_andx.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb1_events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_close.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_create.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_negotiate.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_read.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_session_setup.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_set_info.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_transform_header.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_tree_connect.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_tree_disconnect.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_com_write.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.smb2_events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMB.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMTP.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMTP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SMTP.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SNMP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SNMP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SOCKS.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SQLiteReader.sqlite.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SQLiteWriter.sqlite.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSH.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSH.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSL.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSL.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSL.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_SSL.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Syslog.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_TCP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_TCP.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_TCP.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Teredo.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_Teredo.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_UDP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_VXLAN.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_WebSocket.consts.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_WebSocket.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_WebSocket.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_WebSocket.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_X509.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_X509.functions.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_X509.ocsp_events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_X509.types.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/Zeek_XMPP.events.bif.zeek
brimcap/zeek/share/zeek/base/bif/plugins/__load__.zeek
brimcap/zeek/share/zeek/base/bif/reporter.bif.zeek
brimcap/zeek/share/zeek/base/bif/stats.bif.zeek
brimcap/zeek/share/zeek/base/bif/store.bif.zeek
brimcap/zeek/share/zeek/base/bif/strings.bif.zeek
brimcap/zeek/share/zeek/base/bif/supervisor.bif.zeek
brimcap/zeek/share/zeek/base/bif/telemetry.bif.zeek
brimcap/zeek/share/zeek/base/bif/top-k.bif.zeek
brimcap/zeek/share/zeek/base/bif/types.bif.zeek
brimcap/zeek/share/zeek/base/bif/zeek.bif.zeek
brimcap/zeek/share/zeek/base/bif/zeekygen.bif.zeek
brimcap/zeek/share/zeek/base/files/extract/__load__.zeek
brimcap/zeek/share/zeek/base/files/extract/main.zeek
brimcap/zeek/share/zeek/base/files/hash/__load__.zeek
brimcap/zeek/share/zeek/base/files/hash/main.zeek
brimcap/zeek/share/zeek/base/files/pe/__load__.zeek
brimcap/zeek/share/zeek/base/files/pe/consts.zeek
.js
brimcap/zeek/share/zeek/base/files/pe/main.zeek
brimcap/zeek/share/zeek/base/files/x509/__load__.zeek
brimcap/zeek/share/zeek/base/files/x509/certificate-event-cache.zeek
brimcap/zeek/share/zeek/base/files/x509/log-ocsp.zeek
brimcap/zeek/share/zeek/base/files/x509/main.zeek
brimcap/zeek/share/zeek/base/frameworks/analyzer/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/analyzer/dpd.zeek
brimcap/zeek/share/zeek/base/frameworks/analyzer/logging.zeek
.js
brimcap/zeek/share/zeek/base/frameworks/analyzer/main.zeek
brimcap/zeek/share/zeek/base/frameworks/broker/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/broker/log.zeek
brimcap/zeek/share/zeek/base/frameworks/broker/main.zeek
brimcap/zeek/share/zeek/base/frameworks/broker/store.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/broker-stores.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/cluster/main.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/cluster/nodes/logger.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/nodes/manager.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/nodes/proxy.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/nodes/worker.zeek
brimcap/zeek/share/zeek/base/frameworks/cluster/pools.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/cluster/setup-connections.zeek
brimcap/zeek/share/zeek/base/frameworks/config/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/config/input.zeek
brimcap/zeek/share/zeek/base/frameworks/config/main.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/config/weird.zeek
brimcap/zeek/share/zeek/base/frameworks/control/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/control/main.zeek
brimcap/zeek/share/zeek/base/frameworks/files/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/files/magic/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/files/magic/archive.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/audio.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/executable.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/font.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/general.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/image.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/java.sig
.jnlp
brimcap/zeek/share/zeek/base/frameworks/files/magic/libmagic.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/office.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/programming.sig
brimcap/zeek/share/zeek/base/frameworks/files/magic/video.sig
brimcap/zeek/share/zeek/base/frameworks/files/main.zeek
.js
brimcap/zeek/share/zeek/base/frameworks/input/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/input/main.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/ascii.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/benchmark.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/binary.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/config.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/raw.zeek
brimcap/zeek/share/zeek/base/frameworks/input/readers/sqlite.zeek
brimcap/zeek/share/zeek/base/frameworks/intel/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/intel/cluster.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/intel/files.zeek
brimcap/zeek/share/zeek/base/frameworks/intel/input.zeek
brimcap/zeek/share/zeek/base/frameworks/intel/main.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/main.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/logging/postprocessors/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/postprocessors/scp.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/postprocessors/sftp.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/writers/ascii.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/writers/none.zeek
brimcap/zeek/share/zeek/base/frameworks/logging/writers/sqlite.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/drop.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/main.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/netcontrol/non-cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugin.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/acld.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/broker.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/debug.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/openflow.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/netcontrol/plugins/packetfilter.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/shunt.zeek
brimcap/zeek/share/zeek/base/frameworks/netcontrol/types.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/actions/add-geodata.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/actions/email_admin.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/actions/page.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/actions/pp-alarms.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/main.zeek
brimcap/zeek/share/zeek/base/frameworks/notice/weird.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/consts.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/main.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/non-cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/plugins/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/plugins/broker.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/plugins/log.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/plugins/ryu.zeek
brimcap/zeek/share/zeek/base/frameworks/openflow/types.zeek
brimcap/zeek/share/zeek/base/frameworks/packet-filter/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/packet-filter/cluster.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/packet-filter/main.zeek
brimcap/zeek/share/zeek/base/frameworks/packet-filter/netstats.zeek
brimcap/zeek/share/zeek/base/frameworks/packet-filter/utils.zeek
brimcap/zeek/share/zeek/base/frameworks/reporter/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/reporter/main.zeek
brimcap/zeek/share/zeek/base/frameworks/signatures/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/signatures/main.zeek
brimcap/zeek/share/zeek/base/frameworks/software/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/software/main.zeek
.js
brimcap/zeek/share/zeek/base/frameworks/spicy/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/spicy/init-bare.zeek
brimcap/zeek/share/zeek/base/frameworks/spicy/init-framework.zeek
brimcap/zeek/share/zeek/base/frameworks/spicy/main.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/cluster.zeek
.js
brimcap/zeek/share/zeek/base/frameworks/sumstats/main.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/non-cluster.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/average.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/hll_unique.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/last.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/max.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/min.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/sample.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/std-dev.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/sum.zeek
.ps1
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/topk.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/unique.zeek
brimcap/zeek/share/zeek/base/frameworks/sumstats/plugins/variance.zeek
brimcap/zeek/share/zeek/base/frameworks/supervisor/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/supervisor/api.zeek
brimcap/zeek/share/zeek/base/frameworks/supervisor/control.zeek
brimcap/zeek/share/zeek/base/frameworks/supervisor/main.zeek
brimcap/zeek/share/zeek/base/frameworks/telemetry/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/telemetry/main.zeek
brimcap/zeek/share/zeek/base/frameworks/tunnels/__load__.zeek
brimcap/zeek/share/zeek/base/frameworks/tunnels/main.zeek
brimcap/zeek/share/zeek/base/init-bare.zeek
brimcap/zeek/share/zeek/base/init-default.zeek
brimcap/zeek/share/zeek/base/init-frameworks-and-bifs.zeek
brimcap/zeek/share/zeek/base/init-supervisor.zeek
brimcap/zeek/share/zeek/base/misc/find-checksum-offloading.zeek
brimcap/zeek/share/zeek/base/misc/find-filtered-trace.zeek
brimcap/zeek/share/zeek/base/misc/installation.zeek
brimcap/zeek/share/zeek/base/misc/version.zeek
brimcap/zeek/share/zeek/base/packet-protocols/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ayiya/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ayiya/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ethernet/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ethernet/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/fddi/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/fddi/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/geneve/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/geneve/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/gre/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/gre/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/gtpv1/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/gtpv1/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/icmp/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/icmp/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ieee802_11/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ieee802_11/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ieee802_11_radio/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ieee802_11_radio/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ip/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ip/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/iptunnel/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/iptunnel/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/linux_sll/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/linux_sll/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/linux_sll2/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/linux_sll2/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/llc/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/llc/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/mpls/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/mpls/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/nflog/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/nflog/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/novell_802_3/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/novell_802_3/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/null/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/null/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/pbb/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/pbb/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ppp/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ppp/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ppp_serial/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/ppp_serial/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/pppoe/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/pppoe/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/root/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/root/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/skip/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/skip/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/snap/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/snap/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/tcp/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/tcp/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/teredo/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/teredo/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/udp/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/udp/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/vlan/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/vlan/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/vntag/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/vntag/main.zeek
brimcap/zeek/share/zeek/base/packet-protocols/vxlan/__load__.zeek
brimcap/zeek/share/zeek/base/packet-protocols/vxlan/main.zeek
brimcap/zeek/share/zeek/base/protocols/conn/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/conn/contents.zeek
brimcap/zeek/share/zeek/base/protocols/conn/inactivity.zeek
brimcap/zeek/share/zeek/base/protocols/conn/main.zeek
brimcap/zeek/share/zeek/base/protocols/conn/polling.zeek
brimcap/zeek/share/zeek/base/protocols/conn/removal-hooks.zeek
brimcap/zeek/share/zeek/base/protocols/conn/thresholds.zeek
brimcap/zeek/share/zeek/base/protocols/dce-rpc/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/dce-rpc/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/dce-rpc/dpd.sig
brimcap/zeek/share/zeek/base/protocols/dce-rpc/main.zeek
brimcap/zeek/share/zeek/base/protocols/dhcp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/dhcp/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/dhcp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/dhcp/main.zeek
brimcap/zeek/share/zeek/base/protocols/dnp3/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/dnp3/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/dnp3/dpd.sig
brimcap/zeek/share/zeek/base/protocols/dnp3/main.zeek
brimcap/zeek/share/zeek/base/protocols/dns/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/dns/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/dns/main.zeek
brimcap/zeek/share/zeek/base/protocols/finger/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/finger/main.zeek
brimcap/zeek/share/zeek/base/protocols/finger/spicy-events.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/ftp/files.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/gridftp.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/info.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/main.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/utils-commands.zeek
brimcap/zeek/share/zeek/base/protocols/ftp/utils.zeek
brimcap/zeek/share/zeek/base/protocols/http/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/http/dpd.sig
brimcap/zeek/share/zeek/base/protocols/http/entities.zeek
brimcap/zeek/share/zeek/base/protocols/http/files.zeek
brimcap/zeek/share/zeek/base/protocols/http/main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/http/utils.zeek
brimcap/zeek/share/zeek/base/protocols/imap/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/imap/main.zeek
brimcap/zeek/share/zeek/base/protocols/irc/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/irc/dcc-send.zeek
brimcap/zeek/share/zeek/base/protocols/irc/dpd.sig
brimcap/zeek/share/zeek/base/protocols/irc/files.zeek
brimcap/zeek/share/zeek/base/protocols/irc/main.zeek
brimcap/zeek/share/zeek/base/protocols/krb/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/krb/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/krb/dpd.sig
brimcap/zeek/share/zeek/base/protocols/krb/files.zeek
brimcap/zeek/share/zeek/base/protocols/krb/main.zeek
brimcap/zeek/share/zeek/base/protocols/ldap/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ldap/consts.zeek
brimcap/zeek/share/zeek/base/protocols/ldap/dpd.sig
brimcap/zeek/share/zeek/base/protocols/ldap/main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/ldap/spicy-events.zeek
brimcap/zeek/share/zeek/base/protocols/modbus/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/modbus/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/modbus/main.zeek
brimcap/zeek/share/zeek/base/protocols/mqtt/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/mqtt/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/mqtt/dpd.sig
brimcap/zeek/share/zeek/base/protocols/mqtt/main.zeek
brimcap/zeek/share/zeek/base/protocols/mysql/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/mysql/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/mysql/main.zeek
brimcap/zeek/share/zeek/base/protocols/ntlm/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ntlm/main.zeek
brimcap/zeek/share/zeek/base/protocols/ntp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ntp/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/ntp/main.zeek
brimcap/zeek/share/zeek/base/protocols/pop3/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/pop3/dpd.sig
brimcap/zeek/share/zeek/base/protocols/quic/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/quic/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/quic/main.zeek
brimcap/zeek/share/zeek/base/protocols/quic/spicy-events.zeek
brimcap/zeek/share/zeek/base/protocols/radius/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/radius/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/radius/main.zeek
brimcap/zeek/share/zeek/base/protocols/rdp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/rdp/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/rdp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/rdp/main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/rfb/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/rfb/dpd.sig
brimcap/zeek/share/zeek/base/protocols/rfb/main.zeek
brimcap/zeek/share/zeek/base/protocols/sip/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/sip/dpd.sig
brimcap/zeek/share/zeek/base/protocols/sip/main.zeek
brimcap/zeek/share/zeek/base/protocols/smb/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/smb/const-dos-error.zeek
brimcap/zeek/share/zeek/base/protocols/smb/const-nt-status.zeek
brimcap/zeek/share/zeek/base/protocols/smb/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/smb/dpd.sig
brimcap/zeek/share/zeek/base/protocols/smb/files.zeek
brimcap/zeek/share/zeek/base/protocols/smb/main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/smb/smb1-main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/smb/smb2-main.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/smtp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/smtp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/smtp/entities.zeek
brimcap/zeek/share/zeek/base/protocols/smtp/files.zeek
brimcap/zeek/share/zeek/base/protocols/smtp/main.zeek
brimcap/zeek/share/zeek/base/protocols/snmp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/snmp/main.zeek
brimcap/zeek/share/zeek/base/protocols/socks/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/socks/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/socks/dpd.sig
brimcap/zeek/share/zeek/base/protocols/socks/main.zeek
brimcap/zeek/share/zeek/base/protocols/ssh/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ssh/dpd.sig
brimcap/zeek/share/zeek/base/protocols/ssh/main.zeek
brimcap/zeek/share/zeek/base/protocols/ssl/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/ssl/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/ssl/ct-list.zeek
brimcap/zeek/share/zeek/base/protocols/ssl/dpd.sig
brimcap/zeek/share/zeek/base/protocols/ssl/files.zeek
.ps1
brimcap/zeek/share/zeek/base/protocols/ssl/main.zeek
brimcap/zeek/share/zeek/base/protocols/ssl/mozilla-ca-list.zeek
brimcap/zeek/share/zeek/base/protocols/syslog/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/syslog/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/syslog/main.zeek
brimcap/zeek/share/zeek/base/protocols/syslog/spicy-events.zeek
brimcap/zeek/share/zeek/base/protocols/tunnels/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/tunnels/dpd.sig
brimcap/zeek/share/zeek/base/protocols/websocket/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/websocket/consts.zeek
.js
brimcap/zeek/share/zeek/base/protocols/websocket/main.zeek
brimcap/zeek/share/zeek/base/protocols/xmpp/__load__.zeek
brimcap/zeek/share/zeek/base/protocols/xmpp/dpd.sig
brimcap/zeek/share/zeek/base/protocols/xmpp/main.zeek
brimcap/zeek/share/zeek/base/utils/active-http.zeek
brimcap/zeek/share/zeek/base/utils/addrs.zeek
brimcap/zeek/share/zeek/base/utils/backtrace.zeek
brimcap/zeek/share/zeek/base/utils/conn-ids.zeek
brimcap/zeek/share/zeek/base/utils/dir.zeek
brimcap/zeek/share/zeek/base/utils/directions-and-hosts.zeek
brimcap/zeek/share/zeek/base/utils/email.zeek
brimcap/zeek/share/zeek/base/utils/exec.zeek
.ps1
brimcap/zeek/share/zeek/base/utils/files.zeek
brimcap/zeek/share/zeek/base/utils/geoip-distance.zeek
brimcap/zeek/share/zeek/base/utils/hash_hrw.zeek
brimcap/zeek/share/zeek/base/utils/numbers.zeek
brimcap/zeek/share/zeek/base/utils/paths.zeek
brimcap/zeek/share/zeek/base/utils/patterns.zeek
brimcap/zeek/share/zeek/base/utils/queue.zeek
brimcap/zeek/share/zeek/base/utils/site.zeek
brimcap/zeek/share/zeek/base/utils/strings.zeek
brimcap/zeek/share/zeek/base/utils/thresholds.zeek
brimcap/zeek/share/zeek/base/utils/time.zeek
brimcap/zeek/share/zeek/base/utils/urls.zeek
brimcap/zeek/share/zeek/builtin-plugins/__load__.zeek
brimcap/zeek/share/zeek/builtin-plugins/__preload__.zeek
brimcap/zeek/share/zeek/policy/files/x509/disable-certificate-events-known-certs.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/cluster/experimental.zeek
brimcap/zeek/share/zeek/policy/frameworks/cluster/nodes-experimental/manager.zeek
brimcap/zeek/share/zeek/policy/frameworks/control/controllee.zeek
brimcap/zeek/share/zeek/policy/frameworks/control/controller.zeek
brimcap/zeek/share/zeek/policy/frameworks/dpd/detect-protocols.zeek
brimcap/zeek/share/zeek/policy/frameworks/dpd/packet-segment-logging.zeek
brimcap/zeek/share/zeek/policy/frameworks/files/detect-MHR.zeek
brimcap/zeek/share/zeek/policy/frameworks/files/entropy-test-all-files.zeek
brimcap/zeek/share/zeek/policy/frameworks/files/extract-all-files.zeek
brimcap/zeek/share/zeek/policy/frameworks/files/hash-all-files.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/do_expire.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/do_notice.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/removal.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/conn-established.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/dns.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/file-hashes.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/file-names.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/http-headers.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/http-url.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/pubkey-hashes.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/smb-filenames.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/smtp-url-extraction.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/smtp.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/ssl.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/where-locations.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/seen/x509.zeek
brimcap/zeek/share/zeek/policy/frameworks/intel/whitelist.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/agent/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/agent/api.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/agent/boot.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/agent/config.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/agent/main.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/management/config.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/controller/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/controller/api.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/controller/boot.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/controller/config.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/controller/main.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/management/log.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/node/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/node/api.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/node/config.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/node/main.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/persistence.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/request.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/management/supervisor/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/supervisor/api.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/supervisor/config.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/supervisor/main.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/management/types.zeek
brimcap/zeek/share/zeek/policy/frameworks/management/util.zeek
brimcap/zeek/share/zeek/policy/frameworks/netcontrol/catch-and-release.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/notice/__load__.zeek
brimcap/zeek/share/zeek/policy/frameworks/notice/actions/drop.zeek
brimcap/zeek/share/zeek/policy/frameworks/notice/community-id.zeek
brimcap/zeek/share/zeek/policy/frameworks/notice/extend-email/hostnames.zeek
.ps1
brimcap/zeek/share/zeek/policy/frameworks/packet-filter/shunt.zeek
brimcap/zeek/share/zeek/policy/frameworks/signatures/detect-windows-shells.sig
brimcap/zeek/share/zeek/policy/frameworks/software/version-changes.zeek
brimcap/zeek/share/zeek/policy/frameworks/software/vulnerable.zeek
brimcap/zeek/share/zeek/policy/frameworks/software/windows-version-detection.zeek
brimcap/zeek/share/zeek/policy/frameworks/spicy/record-spicy-batch.zeek
brimcap/zeek/share/zeek/policy/frameworks/spicy/resource-usage.zeek
brimcap/zeek/share/zeek/policy/frameworks/telemetry/log.zeek
brimcap/zeek/share/zeek/policy/frameworks/telemetry/prometheus.zeek
brimcap/zeek/share/zeek/policy/integration/collective-intel/__load__.zeek
brimcap/zeek/share/zeek/policy/integration/collective-intel/main.zeek
brimcap/zeek/share/zeek/policy/misc/capture-loss.zeek
brimcap/zeek/share/zeek/policy/misc/detect-traceroute/__load__.zeek
brimcap/zeek/share/zeek/policy/misc/detect-traceroute/detect-low-ttls.sig
brimcap/zeek/share/zeek/policy/misc/detect-traceroute/main.zeek
brimcap/zeek/share/zeek/policy/misc/dump-events.zeek
brimcap/zeek/share/zeek/policy/misc/load-balancing.zeek
brimcap/zeek/share/zeek/policy/misc/loaded-scripts.zeek
brimcap/zeek/share/zeek/policy/misc/profiling.zeek
brimcap/zeek/share/zeek/policy/misc/stats.zeek
brimcap/zeek/share/zeek/policy/misc/trim-trace-file.zeek
brimcap/zeek/share/zeek/policy/misc/unknown-protocols.zeek
brimcap/zeek/share/zeek/policy/misc/weird-stats.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/community-id-logging.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/known-hosts.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/known-services.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/mac-logging.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/speculative-service.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/vlan-logging.zeek
brimcap/zeek/share/zeek/policy/protocols/conn/weirds.zeek
brimcap/zeek/share/zeek/policy/protocols/dhcp/msg-orig.zeek
brimcap/zeek/share/zeek/policy/protocols/dhcp/software.zeek
brimcap/zeek/share/zeek/policy/protocols/dhcp/sub-opts.zeek
brimcap/zeek/share/zeek/policy/protocols/dns/auth-addl.zeek
brimcap/zeek/share/zeek/policy/protocols/dns/detect-external-names.zeek
brimcap/zeek/share/zeek/policy/protocols/dns/log-original-query-case.zeek
brimcap/zeek/share/zeek/policy/protocols/ftp/detect-bruteforcing.zeek
brimcap/zeek/share/zeek/policy/protocols/ftp/detect.zeek
brimcap/zeek/share/zeek/policy/protocols/ftp/software.zeek
brimcap/zeek/share/zeek/policy/protocols/http/detect-sqli.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/http/detect-webapps.sig
brimcap/zeek/share/zeek/policy/protocols/http/detect-webapps.zeek
brimcap/zeek/share/zeek/policy/protocols/http/header-names.zeek
brimcap/zeek/share/zeek/policy/protocols/http/software-browser-plugins.zeek
brimcap/zeek/share/zeek/policy/protocols/http/software.zeek
brimcap/zeek/share/zeek/policy/protocols/http/var-extraction-cookies.zeek
brimcap/zeek/share/zeek/policy/protocols/http/var-extraction-uri.zeek
brimcap/zeek/share/zeek/policy/protocols/krb/ticket-logging.zeek
brimcap/zeek/share/zeek/policy/protocols/modbus/known-masters-slaves.zeek
brimcap/zeek/share/zeek/policy/protocols/modbus/track-memmap.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/mysql/software.zeek
brimcap/zeek/share/zeek/policy/protocols/rdp/indicate_ssl.zeek
brimcap/zeek/share/zeek/policy/protocols/smb/log-cmds.zeek
brimcap/zeek/share/zeek/policy/protocols/smtp/blocklists.zeek
brimcap/zeek/share/zeek/policy/protocols/smtp/detect-suspicious-orig.zeek
brimcap/zeek/share/zeek/policy/protocols/smtp/entities-excerpt.zeek
brimcap/zeek/share/zeek/policy/protocols/smtp/software.zeek
brimcap/zeek/share/zeek/policy/protocols/ssh/detect-bruteforcing.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssh/geo-data.zeek
brimcap/zeek/share/zeek/policy/protocols/ssh/interesting-hostnames.zeek
brimcap/zeek/share/zeek/policy/protocols/ssh/software.zeek
brimcap/zeek/share/zeek/policy/protocols/ssl/certificate-request-info.zeek
brimcap/zeek/share/zeek/policy/protocols/ssl/decryption.zeek
brimcap/zeek/share/zeek/policy/protocols/ssl/dpd-v2.sig
brimcap/zeek/share/zeek/policy/protocols/ssl/expiring-certs.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/heartbleed.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/known-certs.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/log-certs-base64.zeek
brimcap/zeek/share/zeek/policy/protocols/ssl/log-hostcerts-only.zeek
brimcap/zeek/share/zeek/policy/protocols/ssl/ssl-log-ext.zeek
brimcap/zeek/share/zeek/policy/protocols/ssl/validate-certs.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/validate-ocsp.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/validate-sct.zeek
.ps1
brimcap/zeek/share/zeek/policy/protocols/ssl/weak-keys.zeek
.ps1
brimcap/zeek/share/zeek/policy/tuning/__load__.zeek
brimcap/zeek/share/zeek/policy/tuning/defaults/__load__.zeek
brimcap/zeek/share/zeek/policy/tuning/defaults/extracted_file_limits.zeek
brimcap/zeek/share/zeek/policy/tuning/defaults/packet-fragments.zeek
brimcap/zeek/share/zeek/policy/tuning/defaults/warnings.zeek
brimcap/zeek/share/zeek/policy/tuning/json-logs.zeek
brimcap/zeek/share/zeek/policy/tuning/track-all-assets.zeek
brimcap/zeek/share/zeek/site/geoip-conn/GeoLite2-City.mmdb
brimcap/zeek/share/zeek/site/geoip-conn/__load__.zeek
brimcap/zeek/share/zeek/site/geoip-conn/geoip-conn.zeek
brimcap/zeek/share/zeek/site/hassh/README.md
brimcap/zeek/share/zeek/site/hassh/__load__.zeek
brimcap/zeek/share/zeek/site/hassh/hassh.zeek
brimcap/zeek/share/zeek/site/ja3/README.md
brimcap/zeek/share/zeek/site/ja3/__load__.zeek
brimcap/zeek/share/zeek/site/ja3/intel_ja3.zeek
brimcap/zeek/share/zeek/site/ja3/ja3.zeek
brimcap/zeek/share/zeek/site/ja3/ja3s.zeek
brimcap/zeek/share/zeek/site/local.zeek
brimcap/zeek/zeekrunner.exe
.exe windows:6 windows x64 arch:x64

4f2f006e2ecf7172ad368f8289dc96c1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

kernel32

WriteFile
WriteConsoleW
WerSetFlags
WerGetFlags
WaitForMultipleObjects
WaitForSingleObject
VirtualQuery
VirtualFree
VirtualAlloc
TlsAlloc
SwitchToThread
SuspendThread
SetWaitableTimer
SetUnhandledExceptionFilter
SetProcessPriorityBoost
SetEvent
SetErrorMode
SetConsoleCtrlHandler
ResumeThread
RaiseFailFastException
PostQueuedCompletionStatus
LoadLibraryW
LoadLibraryExW
SetThreadContext
GetThreadContext
GetSystemInfo
GetSystemDirectoryA
GetStdHandle
GetQueuedCompletionStatusEx
GetProcessAffinityMask
GetProcAddress
GetErrorMode
GetEnvironmentStringsW
GetCurrentThreadId
GetConsoleMode
FreeEnvironmentStringsW
ExitProcess
DuplicateHandle
CreateWaitableTimerExW
CreateThread
CreateIoCompletionPort
CreateFileA
CreateEventA
CloseHandle
AddVectoredExceptionHandler

Sections

.text
Size: 700KB - Virtual size: 699KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 821KB - Virtual size: 820KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 407KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 512B - Virtual size: 156B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

/4
Size: 512B - Virtual size: 297B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/19
Size: 154KB - Virtual size: 153KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/32
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/46
Size: 512B - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/65
Size: 281KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/78
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

/90
Size: 55KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.symtab
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

Errors

General

Malware Config

Signatures

Files

ea509d361799935a94335b88f534a970

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

Sections

.text Size: 19.8MB - Virtual size: 19.8MB

.rdata Size: 20.0MB - Virtual size: 20.0MB

.data Size: 1.1MB - Virtual size: 6.7MB

.pdata Size: 494KB - Virtual size: 493KB

.xdata Size: 512B - Virtual size: 180B

.idata Size: 1KB - Virtual size: 1KB

.reloc Size: 346KB - Virtual size: 345KB

.symtab Size: 512B - Virtual size: 4B

2cdcfb3a828433ba76b5b41f45519bd9

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 141KB - Virtual size: 141KB

.rdata Size: 69KB - Virtual size: 69KB

.data Size: 3KB - Virtual size: 64KB

.pdata Size: 8KB - Virtual size: 7KB

_RDATA Size: 512B - Virtual size: 244B

.rsrc Size: 60KB - Virtual size: 60KB

.reloc Size: 2KB - Virtual size: 1KB

07edde336fd52fbeee0f45e977449c35

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

bcrypt

iphlpapi

kernel32

msvcrt

libnspr4

nss3

ole32

oleaut32

pcap

libwinpthread-1

userenv

ws2_32

zlib1

Sections

.text Size: 4.9MB - Virtual size: 4.9MB

.data Size: 23KB - Virtual size: 23KB

.rdata Size: 728KB - Virtual size: 727KB

.pdata Size: 132KB - Virtual size: 131KB

.xdata Size: 175KB - Virtual size: 174KB

.bss Size: - Virtual size: 111KB

.idata Size: 14KB - Virtual size: 14KB

.CRT Size: 512B - Virtual size: 120B

.tls Size: 512B - Virtual size: 16B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 14KB - Virtual size: 14KB

/4 Size: 13KB - Virtual size: 12KB

/19 Size: 1.1MB - Virtual size: 1.1MB

/35 Size: 4.5MB - Virtual size: 4.5MB

/47 Size: 152KB - Virtual size: 152KB

/61 Size: 799KB - Virtual size: 798KB

/73 Size: 53KB - Virtual size: 52KB

/86 Size: 3.6MB - Virtual size: 3.6MB

/97 Size: 2.6MB - Virtual size: 2.6MB

/108 Size: 1.1MB - Virtual size: 1.1MB

/124 Size: 1008KB - Virtual size: 1007KB

/138 Size: 33KB - Virtual size: 33KB

/154 Size: 178KB - Virtual size: 178KB

/170 Size: 9KB - Virtual size: 9KB

.text
Size: 19.8MB - Virtual size: 19.8MB

.rdata
Size: 20.0MB - Virtual size: 20.0MB

.data
Size: 1.1MB - Virtual size: 6.7MB

.pdata
Size: 494KB - Virtual size: 493KB

.xdata
Size: 512B - Virtual size: 180B

.idata
Size: 1KB - Virtual size: 1KB

.reloc
Size: 346KB - Virtual size: 345KB

.symtab
Size: 512B - Virtual size: 4B

.text
Size: 141KB - Virtual size: 141KB

.rdata
Size: 69KB - Virtual size: 69KB

.data
Size: 3KB - Virtual size: 64KB

.pdata
Size: 8KB - Virtual size: 7KB

_RDATA
Size: 512B - Virtual size: 244B

.rsrc
Size: 60KB - Virtual size: 60KB

.reloc
Size: 2KB - Virtual size: 1KB

.text
Size: 4.9MB - Virtual size: 4.9MB

.data
Size: 23KB - Virtual size: 23KB

.rdata
Size: 728KB - Virtual size: 727KB

.pdata
Size: 132KB - Virtual size: 131KB

.xdata
Size: 175KB - Virtual size: 174KB

.bss
Size: - Virtual size: 111KB

.idata
Size: 14KB - Virtual size: 14KB

.CRT
Size: 512B - Virtual size: 120B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 14KB - Virtual size: 14KB

/4
Size: 13KB - Virtual size: 12KB

/19
Size: 1.1MB - Virtual size: 1.1MB

/35
Size: 4.5MB - Virtual size: 4.5MB

/47
Size: 152KB - Virtual size: 152KB

/61
Size: 799KB - Virtual size: 798KB

/73
Size: 53KB - Virtual size: 52KB

/86
Size: 3.6MB - Virtual size: 3.6MB

/97
Size: 2.6MB - Virtual size: 2.6MB

/108
Size: 1.1MB - Virtual size: 1.1MB

/124
Size: 1008KB - Virtual size: 1007KB

/138
Size: 33KB - Virtual size: 33KB

/154
Size: 178KB - Virtual size: 178KB

/170
Size: 9KB - Virtual size: 9KB

.text
Size: 458KB - Virtual size: 458KB

.data
Size: 1024B - Virtual size: 592B

.rdata
Size: 162KB - Virtual size: 161KB

.pdata
Size: 10KB - Virtual size: 9KB

.xdata
Size: 12KB - Virtual size: 11KB

.bss
Size: - Virtual size: 16KB

.edata
Size: 16KB - Virtual size: 16KB

.idata
Size: 3KB - Virtual size: 3KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 792B

.reloc
Size: 1024B - Virtual size: 972B

.text
Size: 217KB - Virtual size: 216KB

.data
Size: 3KB - Virtual size: 2KB

.rdata
Size: 27KB - Virtual size: 27KB

.pdata
Size: 11KB - Virtual size: 11KB

.xdata
Size: 10KB - Virtual size: 10KB

.bss
Size: - Virtual size: 11KB

.edata
Size: 21KB - Virtual size: 20KB

.idata
Size: 7KB - Virtual size: 7KB

.CRT
Size: 512B - Virtual size: 88B

.tls
Size: 512B - Virtual size: 16B

.rsrc
Size: 1024B - Virtual size: 744B

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 10KB - Virtual size: 10KB

.data
Size: 512B - Virtual size: 224B

.rdata
Size: 3KB - Virtual size: 2KB

.pdata
Size: 1024B - Virtual size: 948B

.xdata
Size: 1024B - Virtual size: 704B

.bss
Size: - Virtual size: 304B

.edata
Size: 1KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB